Skip to content

Implement user interface for multi-signature governance #60

New issue
New issue
Open
Open
Implement user interface for multi-signature governance#60
Labels
UI/UXCLI interface and user experiencegovernanceThe governance mechanism
@jstolarek

Description

@jstolarek
jstolarek
opened on Jul 9, 2024

The first stage of implementation of updatable governance was to implement it under the hood in a way that is invisible to the user. This was done in input-output-hk/trustless-sidechain#832.

In order to have this feature fully functional we need to implement a proper user interface for it. In the current implementation, when a command is invoked via a CLI we have transactions constructed, balanced, signed and submitted in one go. With multi-sig governance this will have to change for transactions that require governance approval. Since multiple signatures are now required on certain transactions, we can no longer sign and submit the immediately. Instead, we should print such transactions in serialized form as a response from our endpoints. The user is then responsible for distributing this serialized transaction to governance members. Governance members are then expected to sign the transactions and send the signatures back to the creator of the transaction. Once sufficient number of signatures has been received, they need to be accumulated into one transaction, which must then be submitted.

We need to explore how to perform distributed signing of transactions and then accumulate signatures. This should be possible with cardano-cli transaction witness and cardano-cli transaction sign commands.See input-output-hk/trustless-sidechain#840 for a prototype.

Important points:

  1. It should be possible to store multi-signature governance options in the configuration file. However, this needs to be entirely optional so that users who don't use governance-related actions are not required to specify governance details.
  2. Order of governance members in MultiSigGovParams matters. This is very fragile, in particular when governance are being passed on the command line. It probably makes sense to sort the governance keys in alphabetic order when constructing the Env environment. This should stabilize the user interface.
  3. When a transaction that requires governance signature is to be constructed, we need to know up front which governance members are going to sign it. This is required so that we can generated mustBeSignedBy constraints only for selected governance members, not for all of them. Note that the current implementation requires signatures from all governance members, so is technically m-of-m, not n-of-m.

IOG Jira: https://input-output.atlassian.net/browse/ETCM-7875

Metadata

Metadata

Assignees

No one assigned

    Labels

    UI/UXCLI interface and user experiencegovernanceThe governance mechanism

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions