Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Democracy governance whitelisting #284

Closed
jtremback opened this issue Aug 23, 2022 · 3 comments
Closed

Democracy governance whitelisting #284

jtremback opened this issue Aug 23, 2022 · 3 comments

Comments

@jtremback
Copy link
Contributor

jtremback commented Aug 23, 2022
edited
Loading

The democracy module described here works. We now need to make sure that the consumer chain governance cannot pass proposals that would be dangerous for the provider chain.

Here is a matrix containing all the parameters that the consumer chain governance should be able to change: https://docs.google.com/spreadsheets/d/1s7IGkxIjvebFu0guC5iFC4gWaEOJLBWx2QQHik9WmYo/edit?pli=1#gid=0 (thanks @okwme and @Sam-Interchain)

Implement a mechanism to prevent the democracy module from passing certain proposals, and input the whitelist into this mechanism.

Note, you will likely need to allow/disallow passing of any proposal of a given type (eg chain upgrade proposals), as well as looking into proposals of a certain type and allow/disallowing them more granularly (eg parameter changes).

Conditions of satisfaction:

  • It is possible to encode this whitelisting functionality either as code in the consumer chain binary (might be easier), or in a serialized form (nice, if it is possible)
  • Demonstrate that some gov proposals are not possible to execute (easier) or even create (nice, if it is possible)
  • Demonstrate that some gov proposals are still possible to execute
@mpoke
Copy link
Contributor

mpoke commented Aug 23, 2022

@jtremback I think #82 is related.

@mpoke mpoke moved this to Todo in Replicated Security Aug 23, 2022
@jtremback jtremback mentioned this issue Sep 7, 2022
Closed
stana-miric added a commit that referenced this issue Sep 23, 2022
@stana-miric
Democracy governance whitelisting #284
fbed89d
@stana-miric stana-miric mentioned this issue Sep 23, 2022
Merged
jtremback added a commit that referenced this issue Oct 5, 2022
@stana-miric @danwt @jtremback
Democracy governance whitelisting #284 (#364)
fbd6c40 
* Democracy governance whitelisting #284

* Democracy gov whitelist - added logs and event

* Gov whitelisting -  delete only active forbidden prop.

* Democracy gov whitelisting - test moved

Co-authored-by: Daniel T <[email protected]>
Co-authored-by: Jehan <[email protected]>
@mpoke
Copy link
Contributor

mpoke commented Oct 12, 2022
edited
Loading

@jtremback @stana-ethernal I think this issue was fixed by #364, right?

@stana-miric
Copy link
Collaborator

@jtremback @stana-ethernal I think this issue was fixed by #364, right?
yes, it is fixed

@mpoke mpoke closed this as completed Oct 12, 2022
Repository owner moved this from Todo to Done in Replicated Security Oct 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
No open projects
Replicated Security
Status: Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jtremback @mpoke @stana-miric