makerdao / optimism-dai-bridge

Optimism Dai and upgradable token bridge
GNU Affero General Public License v3.0
72 stars 27 forks source link

L2 Dai is not censorship-resistant #83

Open brianmcmichael opened 2 years ago

brianmcmichael commented 2 years ago

In the L2 Dai implementation, governance has the ability to burn Dai in any address.

This enables Dai censorship of a user's wallet by governance, which means that we can't make the claim that L2 Dai is censorship-resistant as it is on L1.

This needs a broad team, and potentially MKR holder, discussion.

https://github.com/makerdao/optimism-dai-bridge/blob/bc3d63f5da2fd34ebb90369c90f2ea57e51cbca0/contracts/l2/dai.sol#L168

krzkaczor commented 2 years ago

As long as the bridge is governance controlled, what's the difference between: 1) Governance removing liquidity from L1Escrow 2) Governance diluting L2DAI by minting an arbitrary amount of DAI 3) Governance burning users' funds (what you brought up here)

In my opinion, there is not too much difference between these after all. The solution is always the same -- removing governance control over the construct. This will be possible to do (and always was planned) once we are done with moving MCD to L2.

hexonaut commented 2 years ago

To be fair the point about burning is unique as single addresses can be targeted which is not the case with minting or stealing from everyone. Agree overall this is not a problem though as we will remove governance's ability to access the erc20 dai contract once MCD is deployed. At that point it should only be mint/burn able through the daiJoin contract same as L1.