This Greenlist strategy supports the existing addresses we have greenlisted, as well as a wildcard mint, wherein anyone with a valid password can mint.
@cristovaoth breakdown of the components:
For the merkle proofdb:
We generate three word incantations (passwords). We print those on cards and hand them out.
There's a deterministic pure function that transforms each password into an Ethereum Signer - {PrivateKey, PublicKey, Address}
We call each of those signers Issuers, because they play a meta role in producing the Signatures that effectively authorize Minting
The Issuer addresses are what actually gets included in the MerkleTree as leaves
In the minting app:
User enters the password (incantation password)
Deterministic function maps a password to an Ethereum Signer
With the Signer and the ConnectedMetamaskAccount we can build a MintPermit:
proof -> use Issuer.Address to fetch the MerkleProof from a backend
signature -> use Issuer.PrivateKey to sign a message { to: <wallet address> } (wallet address is the ConnectedMetamaskAccount, AKA the minter AKA sender of mint Tx)
In the contract, we perform three security checks:
getIssuer - use ECDSA.recover (uses ecrecover inside) to verify that Signature is from Issuer and it's targeting the current Minter (msg.sender)
enforceIsAuthorized - check that Issuer is included the MerkleTree, i.e., is a MerkleLeaf
enforceIsFresh - Once a permit is used, it can't be reused
For our workflow:
We can keep expanding the tree, and adding more permits on the fly without invalidating earlier ones: we keep track of the leafs, we can just add new permits, recalculate a new root and update the contract.
All the tooling is in place for this. The only thing missing is perhaps making the greenlist task automatically post a tx to the GG safe that updates ZodiacWands merkleRoot hash
yarn hardhat passwords:generateyarn hardhat spreadsheet:extractyarn hardhat greenlist
This Greenlist strategy supports the existing addresses we have greenlisted, as well as a wildcard mint, wherein anyone with a valid password can mint.
@cristovaoth breakdown of the components: