Show authorizations of DSS contracts.
This script checks:
- owner
- authority
- wards: deployer, logNote relies and event-emitting relies
- buds: logNote kisses and event-emitting kisses
It can be used to check the authorities over a single contract by specifying its chainlog name or address, or it can also be used to check all the authorities in the system by starting from the Vat and hierarchically finding all the addresses that have authority over it.
Its outputs are a tree
-style authorization hierarchy, and an interactive d3.js
graph.
git clone git@github.com:makerdao/dss-ward.git
cd dss-ward
./install.sh
First, source your ethereum environment in order to have the ETH_RPC_URL
and
ETHERSCAN_API_KEY
environment variables.
This is the simplest and fastest way this script can be used. It obtains all the addresses that have a certain authority over a contract you specify. Note, however, that this will not obtain the authorities that this specific contract has over other contracts in the system. In order to obtain these, check get permissions of a contract
In order to get the authorities over a specific contract, run
node src/ward.js MCD_SPOT
This will work with any contract that's in the chainlog. Otherwise, you can run
node src/ward.js 0xDa0FaB05039809e63C5D068c897c3e602fA97457
in order to get the authorities over an arbitrary address.
In order to check the authorities in the VAT, run
node src/ward.js MCD_VAT
This will take a while. At the end, it will output all the addresses that have direct or indirect authority over the Vat, ordered hierarchically.
In order to get the authorities over the oracles, run
node src/ward.js --mode oracles
This will get all the PIP
s in the chainlog, as well as their medianizers
(either orb
s or src
) and get the authorities over each one of them.
node src/ward.js --mode full
This command will run checks for the vat, the oracles, and any remaining addresses in the chainlog. Its result can be visualized as a graph. See graph visualization.
The permissions of a contract are all the contracts where it is an authority. In other words, getting the permissions of a contract is the reverse operation from getting its authorities.
node src/ward.js --mode permissions MCD_SPOT
In order to visualize the whole system as a graph, first run a full check). Then run
node src/server.js
And finally open src/graph.html
in a browser.