Treasury & Signer

candydao

SWEET, CANDY etc, ...

Alleviation for centralization risks of calling "setOpSigner" and "setTreasury" in contract

For sake of some security issues consideration, we have to remain some functions to alter "signer" or "treasury" state of contract in some circumstances.

To alleviate the centralization risks of those functions of contract "BasicCoin.sol", we add "DAO"-like concept to prevent arbitarily call "setOPSigner" and "setTreasury()" even though the caller must be the owner of the contract.

The main strategies contains the following consideration:

  • Functions setTreasury() and setOPSigner() now require the tags set by accounts which set on deploy in array m_DAOList and not the owner as well.

  • The accounts in m_DAOList are required to be distinct addresses, and must be different than the address set as the owner on deployment. Even if the owner is later updated to one of these addresses, there are still three distinct addresses in use m_DAOList as there is no way to update these addresses.

  • To modify the m_Treasury or m_OPSigner address, here's the steps are taken:

    1. The owner raise a proposal with 24 hours timelock for confirming by "DAO" member's setting. Only the accounts in m_DAOList can setting a proper value for the proposal in that period(in 24 hours from the proposal raising).

    2. The owner sets the new address to be updated for the m_Treasury and the m_OPSigner, and at least 2 of the 3 addresses in the m_DAOList must have approved of the change within 24 hours of the proposal in order to execute the proposed update in functions setOPSigner() and setTreasury().

    3. No operation is allowed including setOPSigner, setTreasury and setPrivilegeTag when the current timestamp exceed 48 hours from the time of proposal until a new proposal is raised.

    4. Addresses in the m_DAOList can only verify one proposal at a time.

    Also we provided a view funcion "viewDAOinfo" in contract for public reference of proposal. Heres's the explaination for the return values of that funcions:

    function viewDAOInfo() external view
      returns (
          uint256,                // proposal locked period, 24 hours
          uint256,                // proposal expired period, 24 hours
          address[3] memory,      // accounts in m_DAOList
          uint256[3] memory,      // accounts' corresponding “TAG” setting
          proposal memory,        // “setOpSigner” proposal
          proposal memory         // “setTreasury“ proposal
      )

    ”TAG“ is a uint value for a proposal: 0 - Disaggre 0x20 - Approval for “setOpSigner” 0x40 - Approval for “setTreasury“

    proposal is the sturct stored a proposal:

        struct proposal {
    uint256 timeLock;   // timestamp of the proposal raised
    address newAddress; // proposed new address for Signer or Treasury
}

process of the setting functions calling

The Contract owner can raise a proposal (for calling setOpSigner or setTreasury) to change "Signer" or "Treasury", in the next 24 hours the EOAs in DAO list will vote for the proposal (approve or reject, or do nothing), the owner can't do setting function during the "lock" time period. If 2 of 3 approvals are set, the owner can call setting functions (setOpSigner or setTreasury), but it must be done in 24 hours, after that time a new proposal is required.

important information for DAO & Contract

You can get some information (view functions) of SWEET through the following link: https://views.candydao.io/candy/

on Testnet Goerli

chainID: 0x5 Contract Owner: 0xcf32D2599F408e5d1ba3973ECDc447C137164FE0

SWEET Token: 0x596fd9F5F879585D04c4eE18eD4670F5bAa8B5E9 STAKE Contract: 0xD50E4248067f8EB30cF23A05E3FDd786d73E2d06

DAO List Address:

  1. 0x6f249d7a6f15B09633B2bD7C8D7B7f8881a822dE

  2. 0x166057A8ddf54B808Db7Dc585a10060a90943DC0

  3. 0x9911c1838a1BB61bB7A5edfec7A0f51E814D4E3C

on Testnet Sepolia

chainID: 0xaa36a7 Contract Owner: 0xcf32D2599F408e5d1ba3973ECDc447C137164FE0

SWEET Token: 0x2e903ff097B8030e5363141014e5487bCAA2c397 STAKE Contract: 0x194F3cD01B2BB0D90e2E75A9c5AEA1906e2922D8

DAO List Address:

  1. 0x6f249d7a6f15B09633B2bD7C8D7B7f8881a822dE

  2. 0x166057A8ddf54B808Db7Dc585a10060a90943DC0

  3. 0x9911c1838a1BB61bB7A5edfec7A0f51E814D4E3C

on Mainnet Ethereum

chainID: 0x1 Contract Owner: 0x89923e01ac0BF92B09fef9bA9f54cC10D8399453

SWEET Token: 0xdEAd27D804cf3949c0cc2EC6bcE34a52A747f1bb STAKE Contract: 0x0CF14D4a5b00846BA9c9C6c2E36Abc2B066b6C63

DAO List Address:

  1. 0x529ecC8caDA7398E9D6a92D69AD93d9E48431183

  2. 0x3792c24E262D5c92d83C93DA27babc892CC4bC8b

  3. 0x2859CC5dfff486Df62996afDF243e5B747C9c747

Previous$CANDY 質押

Last updated