Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update eip-3561.md #5561

Merged
merged 1 commit into from
Aug 30, 2022
Merged

Update eip-3561.md #5561

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions EIPS/eip-3561.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ On/after this block next logic contract address can be set to EIP-1967 `IMPLEMEN

### Propose Block
Storage slot `0x4b50776e56454fad8a52805daac1d9fd77ef59e4f1a053c342aaae5568af1388` (obtained as `bytes32(uint256(keccak256('eip3561.proxy.propose.block')) - 1)`).
Defines after/on which block *proposing* next logic is possible. Required for convenience, for example can be manually set to a year from given time. Can be set to maximum number to completely seal the code, must not overflow.
Defines after/on which block *proposing* next logic is possible. Required for convenience, for example can be manually set to a year from given time. Can be set to maximum number to completely seal the code.
Admin interactions with this slot correspond with this method and event:
```solidity
function prolongLock(uint b) external onlyAdmin;
Expand All @@ -58,7 +58,7 @@ event ProposingUpgradesRestrictedUntil(uint block, uint nextProposedLogicEarlies

### Zero Trust Period
Storage slot `0x7913203adedf5aca5386654362047f05edbd30729ae4b0351441c46289146720` (obtained as `bytes32(uint256(keccak256('eip3561.proxy.zero.trust.period')) - 1)`).
Zero Trust Period in amount of blocks, can only be set once. While it is at default value(0), the proxy operates exactly as standard EIP-1967 transparent proxy. After zero trust period set, all above specification is enforced.
Zero Trust Period in amount of blocks, can only be set once. While it is at default value(0), the proxy operates exactly as standard EIP-1967 transparent proxy. After zero trust period is set, all above specification is enforced.
Admin interactions with this slot should correspond with this method and event:
```solidity
function setZeroTrustPeriod(uint blocks) external onlyAdmin;
Expand Down Expand Up @@ -174,9 +174,13 @@ contract TrustMinimizedProxy{
}

function setZeroTrustPeriod(uint blocks) external ifAdmin { // before this called acts like a normal eip 1967 transparent proxy
uint ztp;
assembly { ztp := sload(ZERO_TRUST_PERIOD_SLOT) }
require(ztp==0,"already set");
assembly{ sstore(ZERO_TRUST_PERIOD_SLOT, blocks) }
emit ZeroTrustPeriodSet(blocks);
}

function _updateBlockSlot() internal {
uint nlb = block.number + _zeroTrustPeriod();
assembly {sstore(NEXT_LOGIC_BLOCK_SLOT,nlb)}
Expand Down Expand Up @@ -222,7 +226,7 @@ A proxy without a time delay before an actual upgrade is obviously abusable. A t
Propose block adds to convenience if used, so should be kept.

## Security Considerations
Users must ensure that a trust-minimized proxy they interact with does not allow overflows, ideally represent the exact copy of the code in implementation example above, and also they must ensure that Zero Trust Period length is reasonable.
Users must ensure that a trust-minimized proxy they interact with does not allow overflows, ideally represents the exact copy of the code in implementation example above, and also they must ensure that Zero Trust Period length is reasonable(at least a month).

## Copyright
Copyright and related rights waived via [CC0](../LICENSE.md).