Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add multisig contract #100

Closed
ethanfrey opened this issue Sep 6, 2018 · 3 comments
Closed

Add multisig contract #100

ethanfrey opened this issue Sep 6, 2018 · 3 comments
Assignees

Comments

@ethanfrey
Copy link
Contributor

A contract must have a list of N addresses, a threshold to assume permission (1 <= threshold <= N) and a threshold to modify members (threshold <= adminThreshold).

This needs a handler to create and update the content of a mutlisig contract.

Each contract has a unique Condition/Address and can control a wallet. Add a middleware package and a field to the tx so the user can explicitly ask to assume authorization of the multisig for the rest of the request. THis will check all current authorizations against the requirements of the contract and either fail or add another Condition to the authorization.

Up to this point, we can use either 0 or 1 multisig in a transaction

@ethanfrey
Copy link
Contributor Author

Look at https://github.com/cosmos/cosmos-sdk/tree/v0.8.0/modules/roles for an implementation I wrote a year ago. You can use for inspiration.

I will add more info soon.

@lehajam lehajam self-assigned this Sep 10, 2018
@ethanfrey
Copy link
Contributor Author

The general idea for me is that you can create a "contract", which possesses a fixed address and can be used as a source or recipient in various other contracts, just like a normal signature (which is why I designed Condition as it is).

Maybe this example from ethereum will help: https://blog.zeppelin.solutions/gnosis-multisig-wallet-audit-d702ff0e2b1e

Lifecycle is this:

  • Creation: Set M addresses to control it. Set threshold N <= M that are needed to sign to activate. Set A >= N that are needed to modify settings... this may be higher than M to make contract immutible. This calls a multisig handler.
  • Usage: Attach N signatures to a transaction (we allow a slice). Add a field on the tx, eg. multisig. Add some middleware that checks if this field is set, and if so, tries to activate the given multisig contract. If sufficient sigs are available to meet it's condition, then append that condition to the context and pass along the tx. If not, then return an error and abort. Note that the multisig authenticator must be explicitly added to MultiAuth when constructing handlers as well as adding the middleware to the stack.
  • Modification: Attach A signatures to a transaction. Signs a custom message that goes to a multisig handler. If it is enough to meet the "admin" threshold you can add/remove addresses to the contract or adjust the settings M and A. So, you could take a 2 of 3 multisig and convert to a 3 of 5 multisig, adding two new addresses.

Note that all controllers of a multisig are addresses, so it is conceivable in another issue eg. #101, that the controllers of a multisig are also multisig contracts... But we leave that complication out for now.

The multisig contract can do anything a normal signature can do if the app supports it. eg. send/receive tokens. participate in an escrow. own an nft. etc.

@ethanfrey
Copy link
Contributor Author

I hope this clears things up, please add any more questions to the issue

@lehajam lehajam mentioned this issue Sep 14, 2018
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants