-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate to SimpleMultiSig #147
Conversation
If using this in production, then we can never (or rather should never) require unanimous agreement for the multisig - if someone lost their key with a unanimous agreement required to change to a new multisig, we would be snookered. I also worry about key 'rot' in this scenario - if we don't need the multisig for a long time, then maybe two people would have lost their keys, but not realised it. Even if we could have recovered from one losing the key, we didn't know until two had, and we're snookered again. This applies to any multisig, it's just that there are fewer 'ways out' with the simpler one if something goes wrong. So long as we adopt it knowing that, I don't have an issue with it. |
What are the ways out available to us if we use the Gnosis one? |
With the Gnosis one you still need to get the required number of signatures to change anything, whether it's to add/replace an owner or the required number of signatures. It has additional functionality but not any more ways out than in the SimpleMultiSig. |
Yeah, Elena is right - I was mistaken in thinking that the threshold for adding/removing signatories was different from that required to do other things. So this applies with either implementation. |
Other differences between the two implementations:
|
Some concrete gas costs
|
0863f0e
to
f2fc40d
Compare
f2fc40d
to
dbe7fe2
Compare
After a discussion between @area @jakzilla and myself we decided to shelve this and stay on the Gnosis MultiSig for now at least. Considerations include:
|
multisig-wallet
ethpm package as that repo no longer contains the source we use. Contract we use has been moved to https://github.com/gnosis/MultiSigWallet/blob/master/contracts/MultiSigWallet.solConsidering Gnosis MultiSigWallet has unnecessary (for us) implementation complexity we chose to switch to a simpler, MIT licensed MultiSig from
simple-multisig
repo https://github.com/christianlundkvist/simple-multisigRelevant EIPs to MultiSig standards:
ethereum/EIPs#763
ethereum/EIPs#191
SimpleMultiSig release article
https://medium.com/@ChrisLundkvist/exploring-simpler-ethereum-multisig-contracts-b71020c19037