Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing script to fetch existing plans from pause #3

Open
0x3phemeralsoul opened this issue Jun 3, 2024 · 3 comments · May be fixed by #5
Open

Missing script to fetch existing plans from pause #3

0x3phemeralsoul opened this issue Jun 3, 2024 · 3 comments · May be fixed by #5
Assignees
@amusingaxl

Comments

@0x3phemeralsoul
Copy link

As decided here: #2 (comment)
@amusingaxl amusingaxl changed the title Script PR Missing script to fetch existing plans from pause Jun 26, 2024
@amusingaxl
Copy link
Contributor

I believe we need to refine this a little bit better.
We can always fetch the emitted logs, however it is a bit more cumbersome, since DsPause uses LibNote instead of plain events.
However, what should this script return exactly?

@amusingaxl amusingaxl self-assigned this Jun 26, 2024
@amusingaxl
Copy link
Contributor

cc @SidestreamColdMelon

@SidestreamColdMelon
Copy link

The proposal was to add a set of js functions + tests + a basic CLI wrapper to this repo to:

  • List all plotted spells based on the events emitted
    1. Fetch all events emitted by DSPause
    2. Parse event data and names
    3. Display plotted but not-executed and not-dropped spells in a list
  • Execute a transaction to deploy drop spell (using parameters from the list above)

Why is this needed: deploying a drop spell is not a trivial operation, therefore the js script itself should also be audited.

  • It can potentially be exploited by non-compliant spell and a deployed who is not aware of this possibility
  • It currently requires engineering oversight to find, list and parse event data

If the end goal is the UI, in the future, the UI can simply import audited functions and call them – effectively reusing core functionality and ensuring security-crucial logic.

@oddaf oddaf linked a pull request Jul 24, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amusingaxl amusingaxl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feature: scripts for fetching plan execution statuses makerdao/protego
3 participants
@amusingaxl @0x3phemeralsoul @SidestreamColdMelon