Currently it is assumed that in order to achieve more security at least 3 bridge instances need to be deployed on different independent systems.
The deployment process of several bridges now is the following:
Configure and run the first instance of the bridge.
Distribute the database toml-file created by the first bridge to other nodes. This file contains addresses of bridge contracts deployed by the first instance, so other instances needs to work with these contracts as well.
As soon as the database file is the same on every nodes, they could be run.
Proposal for changes:
Simplfy deployment process with creation of the bridge contracts with the same address in Home and Foreign networks. It could be achived by using the same address and the same NOnce for the contracts deployment in both networks. Since in most cases it requires to create new account with new keystore/private key, so, there is a neccessity to manage this keystore/private key. That's why another approach could be to use deployment transactions with hardcoded signature as it is implemented here: https://github.com/jbaylina/eip820/blob/master/js/deployment.js#L7-L25 (ability to do this in different networks confirmed in https://gist.github.com/akolotov/7b27902d196da15fde63fd4a484cb407).
It will allow:
generate the database toml-file easily as part of automatic deployment by passing one address to the deployment scripts.
if the bridge contracts are extended with ability to return the block number which deployment transaction is included in, deployment script will extract this information from the contracts and use it for the database toml-file generation.
Automatic generation of the database file and changes in the contracts will be covered in separate issues.
Changes required:
Modify cli/src/main.rs to support command deploy to send contracts deployment transactions to the networks and exit. The database toml-file must be generated after the command execution.
Modify bridge/src/bridge/deploy.rs to deploy contracts with the same address.
Currently it is assumed that in order to achieve more security at least 3 bridge instances need to be deployed on different independent systems.
The deployment process of several bridges now is the following:
toml
-file created by the first bridge to other nodes. This file contains addresses of bridge contracts deployed by the first instance, so other instances needs to work with these contracts as well.Proposal for changes:
Simplfy deployment process with creation of the bridge contracts with the same address in Home and Foreign networks. It could be achived by using the same address and the same NOnce for the contracts deployment in both networks. Since in most cases it requires to create new account with new keystore/private key, so, there is a neccessity to manage this keystore/private key. That's why another approach could be to use deployment transactions with hardcoded signature as it is implemented here: https://github.com/jbaylina/eip820/blob/master/js/deployment.js#L7-L25 (ability to do this in different networks confirmed in https://gist.github.com/akolotov/7b27902d196da15fde63fd4a484cb407).
It will allow:
toml
-file easily as part of automatic deployment by passing one address to the deployment scripts.toml
-file generation.Automatic generation of the database file and changes in the contracts will be covered in separate issues.
Changes required:
cli/src/main.rs
to support commanddeploy
to send contracts deployment transactions to the networks and exit. The databasetoml
-file must be generated after the command execution.bridge/src/bridge/deploy.rs
to deploy contracts with the same address.