Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor lockup to use master account #31

Closed
ilblackdragon opened this issue May 22, 2020 · 0 comments · Fixed by #70
Closed

Refactor lockup to use master account #31

ilblackdragon opened this issue May 22, 2020 · 0 comments · Fixed by #70
Assignees
@evgenykuzyakov

Comments

@ilblackdragon
Copy link
Member

The suggestion is to change lockup to have 0 access keys.

Instead have a master account that is specified on deployment.

  • Lockup contract is only aware of it’s master account
  • master account can have a multisig instead of full access key to improve security and allow key management
  • master account can authorize staking UI for using lockup contract on it’s behalf of it with stake,deposit,withdraw,unstake authorized functions.

Meaning that all public methods inside lockup for user just have a guard of assert_eq!(env::predessesor(), self.owner_id); and methods for foundation have assert_eq!(env::predessesor(), self.foundation_id);

On the wallets / custody side, this would mean that they can just control master account. A separate page for lockup operations can be created, where users can "Login with NEAR" and then withdraw vested tokens. Staking of locked tokens can be done from this page as well (or separate staking app can be used, but needs to be aware of this dynamics).

We can create master accounts via linkdrops with multisig contract as default and only enough $NEAR to cover the contract storage + 3 keys.

CC @kcole16
@evgenykuzyakov evgenykuzyakov mentioned this issue Jun 3, 2020
Closed
@evgenykuzyakov evgenykuzyakov mentioned this issue Jun 18, 2020
Merged
evgenykuzyakov pushed a commit that referenced this issue Jun 24, 2020
Merge pull request #70 from near/lockup-external-keys
b3073de 
### `0.2.0`

- Replaced owner's access keys with the owner's account. The access is now controlled through the predecessor account ID similar to NEAR foundation access.
  This allows to be more flexible with the account access including multi-sig implementation.
- The lockup contract account should not have any access keys until the account is fully vested and unlocked.
  Only then the owner can add the full access key.
- Removed methods for adding and removing staking/main access keys.
- Added a view method to get the account ID of the owner.

Fixes: #31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@evgenykuzyakov evgenykuzyakov

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[0.2.0] Lockup: Replace access keys with external account near/core-contracts
2 participants
@ilblackdragon @evgenykuzyakov