A proposal for attesting MakerDAO spells (governance payload) on-chain which aims to improve transparency and structure of the process and reduce dependence on centralised services for security-critical operations.
The end user of the proposed protocol have access to 3 EAS attestation schemas connected together and restricted by 3 specifically developed EAS resolvers:
- Identity schema: attests known spell actors (crafters and reviewers) using address, pseudonym and their team name
- Ensures uniqueness of pseudonym and address (unless revoked)
- Ensures only lowercase latin letters or underscore symbols are used for pseudonym and team name
- Spell schema: attests specific spell setup (using name of the spell, pseudonyms of 1 crafter and 2 reviewers)
- Ensures uniqueness of the spell name
- Ensures all spell members have non-revoked Identities
- Ensures all spell members have different Identities
- Ensures reviewers have different team names
- Deployment: attests deployed spell contract (using name of the spell, address and hash of the spell)
- Ensures spell name have relevant non-revoked Spell attestation
- Ensures provided address is not empty
- Ensures user attesting Deployment is the Spell member
- Ensures a single attestation per user per spell
- Ensures crafter attests spell before reviewers
- Ensures reviewers attest the same payload address as crafter
- Ensures reviewers attest the same payload hash as crafter
Ensures provided hash matches codehash of the address(temporary disabled to allow cross-chain attestations)
The process of using provided attestations is therefore as follows:
- Once: admin attests Identity of all known participants
- If some participants leave in the future, their identities could be revoked
- At the start of each spell: admin attests a Spell
- If plans change later on, the particular spell could be revoked
- At the end of the spell review: each spell participant attests deployed spell address
- The hash of the spell is also verified on-chain
- Spell attestation could be revoked later
- An external observer can follow the progress of the spell and check its overall status on-chain
The attestations can be created directly using generic EAS interface or via the provided command-line tool (see spell-attester npm package for more details).
- Request admin rights from another admin or a protocol deployer
- Create known Identity attestations:
A
: Use EAS UI by navigating to the Identity schema (see "Deployed addresses" section below)B
: Executenpx spell-attester create-identity --user-address 0x... --user-pseudonym alice --team-name team_a
for each known identity
- Create Spell attestation:
A
: Use EAS UI by navigating to the Spell schema (see "Deployed addresses" section below)B
: Executenpx spell-attester create-spell --payload-id 2024-06-27 --crafter alice --reviewer-a bob --reviewer-b charlie
to create spell team
- Request Identity attestation from a Governance Facilitator
- Ensure that you know
payload-id
of the current Spell (usually target date) - Create Deployment attestation:
A
: Use EAS UI by navigating to the specific schema (see "Deployed addresses" section below)B
: Executenpx spell-attester create-deployment --payload-id 2024-06-27 --payload-address 0x... --payload-hash 0x...
to attest deployed spell
- Get current status of a particular spell
A
: CallSpellAttester.getSpellAddressByPayloadId(string)
using knownpayload-id
(see "Deployed addresses" section below find actualSpellAttester
address)B
: Executenpx spell-attester status 2024-06-27
to get current status of the Spell
Latest addresses are always available inside automatically generated jsons in the broadcast/Deploy.s.sol folder.
Not yet deployed
- Identity schema 0xe795824a20ff0d4f65af182918f61b949888b5f9c09956f96f109acab86659dd
- Spell schema 0x1b78cf62df68a14a797fce7a6b6bd8b973776561dfe6ced23f711f95b0b61613
- Deployment schema 0x356f90f8ad87abb2c6eabfe9bbdd921b8c08787ee38309f0c4537d35ed6f062a
- SpellAttester contract 0x7cbb13d6597fafb0c36b7b9296662fad78cc3f82
- Create
.env
file in the root of the project with all required environment variables listed below - Test contracts via
forge test -vvv --fork-url sepolia
orforge test -vvv --fork-url mainnet
- Test natspec via
npx --yes @defi-wonderland/natspec-smells@1.1.3 --enforceInheritdoc=false --include='src/**/*.sol'
- Deploy project via
forge script script/Deploy.s.sol:Deploy --fork-url sepolia
(note: this will only simulate deployment, unless you add--verify --broadcast
to actually broadcast the transactions and then verify contracts)
SEPOLIA_RPC_URL
(required for testing on sepolia)MAINNET_RPC_URL
(required for testing on mainnet)ETHERSCAN_API_KEY
(required for contract deployment)PRIVATE_KEY
(required for contract deployment)
- Make identity and spell attestations revokable by all admins
- Make
StellAttester
contract upgradable to preserve the same address between upgrades- Potentially combine all resolvers into a single address
- Separate governance facilitator rights from rights to
file
a schema - Add composability of Spell attestations (support for SubDAOs)
- CLI: Provide possibility to override
SpellAttester
address