-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature: new multisig version #19
base: develop
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We also could generally add FuncDocs to the Solidity contracts.. but this maybe should be done within another PR to keep a narrow scope of changes here :-)
|
||
// Create the proposal | ||
Proposal storage proposal_ = proposals[proposalId]; | ||
|
||
// Multisig doesn't allow `minApprovals` settings to be less than 0. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// Multisig doesn't allow `minApprovals` settings to be less than 0. | |
// Multisig doesn't allow `minApprovals` settings to be 0. |
|
||
// Create the proposal | ||
Proposal storage proposal_ = proposals[proposalId]; | ||
|
||
// Multisig doesn't allow `minApprovals` settings to be less than 0. | ||
// If it is, that means proposal hasn't been created yet. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// If it is, that means proposal hasn't been created yet. | |
// If it is, that means proposal has been created yet. |
The comment or the error type is wrong :-)
packages/contracts/src/Multisig.sol
Outdated
TargetConfig memory currentTarget = getTargetConfig(); | ||
|
||
if (currentTarget.target == address(0)) { | ||
proposal_.target = address(dao()); | ||
proposal_.operation = Operation.Call; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We probably could have this check within getTargetConfig
instead of duplicating it in all plugins.. wdyt? :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea, one question though. How would consumer(in this case, Multisig) would figure out if target is 0 or not in case it needs to know this for some reason ? if we return dao
when target is 0 inside getTargetConfig
, the scenario I explained will not be possible. wdyt ?
packages/contracts/src/Multisig.sol
Outdated
@@ -382,19 +433,29 @@ contract Multisig is | |||
return isListed(_account); | |||
} | |||
|
|||
function hashProposal( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A more declarative name would be getProposalHash()
.. just an idea 🤷
... and I think we don't need named return values here.. we also can just directly return it wdyt? :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done in 4ef810f
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where do you think is a better idea to have getProposalHash
function - in IMultisig
interface or IProposal
interface ?
_proposalId, | ||
_execute( | ||
proposal_.target, | ||
bytes32(_proposalId), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What was the reason again to have proposalID
stored as uint256
instead of bytes32
?
I think we could save us two type conversions here.. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
backwards compatibility. The current multisig/tokenvoting return uint256 and if we go with bytes32, it's not backwards compatible anymore.
packages/contracts/src/Multisig.sol
Outdated
address target; // added in v1.3.0 | ||
Operation operation; // added in v1.3.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
address target; // added in v1.3.0 | |
Operation operation; // added in v1.3.0 | |
address target; // added in v1.3 | |
Operation operation; // added in v1.3 |
this.getProposal.selector; | ||
|
||
/// @notice The ID of the permission required to call the `addAddresses` and `removeAddresses` functions. | ||
bytes32 public constant UPDATE_MULTISIG_SETTINGS_PERMISSION_ID = | ||
keccak256("UPDATE_MULTISIG_SETTINGS_PERMISSION"); | ||
|
||
/// @notice The ID of the permission required to call the `addAddresses` and `removeAddresses` functions. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/// @notice The ID of the permission required to call the `addAddresses` and `removeAddresses` functions. | |
/// @notice The ID of the permission required to call the `createProposal` function. |
if (_fromBuild < 3) { | ||
TargetConfig memory targetConfig = abi.decode(_initData, (TargetConfig)); | ||
_setTargetConfig(targetConfig); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we consider reverting when initializing from an invalid build, similar to how it's done in OSX?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For this specific case, I don't see reasoning why we should revert. If target config is not set for some reason on the upgrade, it is still not end of the world.
/// @param _fromBuild The build version number of the previous implementation contract this upgrade is transitioning from. | ||
/// @param _initData The initialization data to be passed to via `upgradeToAndCall` (see [ERC-1967](https://docs.openzeppelin.com/contracts/4.x/api/proxy#ERC1967Upgrade)). | ||
function initializeFrom(uint16 _fromBuild, bytes calldata _initData) external reinitializer(2) { | ||
if (_fromBuild < 3) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I noticed that in OSX, they are checking the entire version. However, it seems like this may not be necessary for plugins, since upgrading between different releases (e.g., from 1.5 to 2.3) isn’t allowed as far as I understand.
I'd like to hear your thoughts on this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, We don't use semantic versioning for plugins and can not be upgraded between different releases
. So all good.
@@ -158,6 +158,7 @@ const config: HardhatUserConfig = { | |||
solidity: { | |||
version: '0.8.17', | |||
settings: { | |||
viaIR: true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the solidity-coverage
that the project is using has problems with viaIR: true
, had to update to latest version to be able to run hh coverage
permissions[1] = PermissionLib.MultiTargetPermission( | ||
PermissionLib.Operation.Revoke, | ||
_payload.plugin, | ||
_dao, | ||
PermissionLib.NO_CONDITION, | ||
UPGRADE_PLUGIN_PERMISSION_ID | ||
); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
from v1.3
the UPGRADE_PLUGIN_PERMISSION_ID
is not being granted to the DAO, so it doesn’t need to be revoked when uninstalling.
It is already being revoked when upgrading from a previous version
@@ -170,7 +181,8 @@ contract Multisig is | |||
_setTargetConfig(_targetConfig); | |||
} | |||
|
|||
/// @notice Reinitializes the TokenVoting after an upgrade from a previous protocol version. | |||
/// @notice Reinitializes the TokenVoting after an upgrade from a previous protocol version. For each reinitialization step, use the `_fromBuild` version to decide which internal functions to call for reinitialization. | |||
/// @dev WARNING: The contract should only be upgradeable through PSP to ensure that _fromBuild is not incorrectly passed, and that the appropriate permissions for the upgrade are properly configured. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would add a description of what could happen if called with an incorrect _fromBuild
.
Ex,
Calling it with incorrect _fromBuild
could initialize already initialized values, be cautious.
Description
A couple of things remaining: ???
Task ID: OS-1482, OS-1450
Checklist:
CHANGELOG.md
file in the root folder.