Closed nfurfaro closed 5 years ago
Just did a little more reading on what can and cannot be done with this.
The core question we need to answer:
If the proxy admin is a multisig address, how does the multisig use zos-cli
to upgrade Unlock, or to change admin? is it possible, or would the multisig have to call th eproxy admin functions directly?
If it's the latter, we need to test that this actually works. It would be better to use zos-cli
directly for consistency.
"The purpose of multisig wallets is to increase security by requiring multiple parties to agree on transactions before execution. Transactions can be executed only when confirmed by a predefined number of owners. A web user interface can be found here."
This implementation does not allow the creation of smart contracts via multisignature transactions. Transactions to address 0 cannot be done. Any other transaction can be done.
This describes the exact scenario we want to explore: https://blog.zeppelinos.org/exploring-upgradeability-governance-in-zeppelinos-with-a-gnosis-multisig/
TLDR; We can use the gnosis multisig wallet for governance of both the Proxy and the Unlock contract. We can upgrade or change admin accounts by including the contract ABI and implementation address as per the article above. cc @julien51
Yes!
This is done! All of our contracts are now owned and upgraded via multisig wallets!
In order to preserve the decentralized aspect of Unlock, as well as for security reasons, multiple signatures should be required to upgrade the logic contract
Unlock.sol
on the mainnet. During development, this is not required.Look into multisig-wallet implementations. "Gnosis Multisig Wallet" was recommended in the "Unlock Protocol architecture review" doc. https://github.com/gnosis/MultiSigWallet/releases