bump libocr and add multi signing keys comparison support

[Unheilbar]

Requires

Supports

[github-actions]

CORA - Pending Reviewers

Codeowners Entry	Overall	Num Files	Owners
/core/capabilities/ccip/	⏳	1	@smartcontractkit/ccip-offchain

Legend: ✅ Approved | ❌ Changes Requested | 💬 Commented | 🚫 Dismissed | ⏳ Pending | ❓ Unknown

For more details, see the full review summary.

[github-actions]

I see you updated files related to core. Please run make gocs in the root directory to add a changeset as well as in the text include at least one of the following tags:

• #added For any new functionality added.
• #breaking_change For any functionality that requires manual action for the node to boot.
• #bugfix For bug fixes.
• #changed For any change to the existing functionality.
• #db_update For any feature that introduces updates to database schema.
• #deprecation_notice For any upcoming deprecation functionality.
• #internal For changesets that need to be excluded from the final changelog.
• #nops For any feature that is NOP facing and needs to be in the official Release Notes for the release.
• #removed For any functionality/config that is removed.
• #updated For any functionality that is updated.
• #wip For any change that is not ready yet and external communication about it should be held off till it is feature complete.

[github-actions]

✅ No conflicts with other open PRs targeting develop

[trunk-io]

     

View Full Report ↗︎ ⋅ Docs

[cl-sonarqube-production]

Quality Gate passed

Issues
0 New issues
1 Fixed issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
2.8% Duplication on New Code

See analysis details on SonarQube

[Copilot]

Pull request overview

Risk Rating: HIGH — updates a core dependency (libocr) and touches OCR3 oracle instantiation paths used by multiple services (OCR2 delegate, LLO, CCIP oracle creator).

This PR bumps github.com/smartcontractkit/libocr and adapts Chainlink’s OCR3 wiring to the updated libocr OCR3 API, adding support for multi signing-keys comparison via an OnchainKeyring2-compatible adapter.

Changes:

• Bump github.com/smartcontractkit/libocr across multiple Go modules in this repo to v0.0.0-20260403184524-b6409238958d.
• Extend OCR3OnchainKeyringMultiChainAdapter with Has + DebugIdentifier and add unit coverage.
• Migrate OCR3 oracle construction call sites to OCR3OracleArgs2 / OCR3_1OracleArgs2 and adapt keyrings via ocr3shims.OnchainKeyringAsOnchainKeyring2.

Reviewed changes

Copilot reviewed 13 out of 20 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
go.mod / go.sum	Bump libocr dependency in root module.
deployment/go.mod / deployment/go.sum	Bump libocr dependency in deployment module.
integration-tests/go.mod / integration-tests/go.sum	Bump libocr dependency in integration-tests module.
integration-tests/load/go.mod / integration-tests/load/go.sum	Bump libocr dependency in load tests module.
system-tests/lib/go.mod / system-tests/lib/go.sum	Bump libocr dependency in system-tests lib module.
system-tests/tests/go.mod / system-tests/tests/go.sum	Bump libocr dependency in system-tests tests module.
core/services/ocrcommon/adapters.go	Add OnchainKeyring2 support (Has, DebugIdentifier) to multichain onchain keyring adapter.
core/services/ocrcommon/adapters_test.go	Add tests for multichain adapter Has/DebugIdentifier.
core/services/ocr2/plugins/generic/oraclefactory.go	Switch to OCR3OracleArgs2 and wrap onchain keyring with ocr3shims.
core/services/ocr2/delegate.go	Switch OCR3/OCR3.1 args to *Args2 and wrap onchain keyring with ocr3shims in multiple service constructors.
core/services/llo/delegate.go	Switch to OCR3OracleArgs2 and wrap onchain keyring with ocr3shims.
core/capabilities/ccip/oraclecreator/plugin.go	Switch to OCR3OracleArgs2 and wrap onchain keyring with ocr3shims.

Scrupulous human review recommended for:

• All NewOracle(...) call sites changed to OCR3OracleArgs2 / OCR3_1OracleArgs2 (ensuring libocr behavioral changes are understood and monitored in prod).
• OCR3OnchainKeyringMultiChainAdapter.Has(...) semantics vs. the new libocr OnchainKeyring2 expectations (subset handling, fallback behavior on unmarshal error).