Closed irenegia closed 1 year ago
The admin address should not be any different than an appeal address, it should be included in there.
There are other ways to achieve your other goals, but we should keep the product very simple.
yes of course, but it's an address shared by all deals and the user can't remove it, right?
@nicola may i proceed by adding a key which cannot be removed by the client? Or is much more something the client must add manually because it's like "do you want to help us improve the protocol? Add our appeal key to create random checks.".
So basically we have two roads:
1) we add the key as an admin key inside the protocol, the createAppeal
function will check the msg.sender
is one of the appeal_addresses
or the protocol_appeal_address
2) we leave as it is so the user must add manually our protocol_appeal_address
in the list when it creates the deal
I see pro and cons of both choises: 1) we can really do random checks, providers or clients cannot prevent the protocol do the checks. Address must be securely handled because if exploited it can be used to create appeals to all deals (dangerous).
2) it's more "community based" and it doesn't allow us create random checks. Probably a provider which makes self deals will not include our address as one of the allowed so maybe we can do some other kind of analysis.
@irenegia @0xjona toughts?
If we are really concerned about the exploits and misuses of the admin appeal address, let's just not create it.
@irenegia can so close the issue? It will be a suggested key in the frontend then? Or we want to remove it entirely?
having it at the frontend does not make a lot of sense, right?
Not sure, we can add something like "I agree improve the protocol by adding the protocol appeal address...", in any case it doesn't have a lot of sense in terms of protocol itself, agree
but even in this "voluntary subscription" case, it can be exploited or misused! And moreover we can not use it for self-deal prevention. So yes, agreed that we don't add this (at least not for now)
Closing the issue!
but even in this "voluntary subscription" case, it can be exploited or misused! And moreover we can not use it for self-deal prevention. So I think it is not useful!
On Fri, Jul 15, 2022 at 4:08 PM turinglabs @.***> wrote:
Not sure, we can add something like "I agree improve the protocol by adding the protocol appeal address...", in any case it doesn't have a lot of sense in terms of protocol itself, agree
— Reply to this email directly, view it on GitHub https://github.com/protocol/retriev/issues/66#issuecomment-1185583304, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFREM3NTMCFWEQ6W7HFFFN3VUFWFXANCNFSM53K7PWTA . You are receiving this because you were mentioned.Message ID: @.***>
We want a key owned by the protocol that can create appeal for any deals; This enables to run checks that cab test the protocol and also useful to prevent self-deals (random check see #2)