Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only allow moloch members to submit proposals #28

Open
proofoftom opened this issue Apr 23, 2020 · 4 comments
Open

Only allow moloch members to submit proposals #28

proofoftom opened this issue Apr 23, 2020 · 4 comments
Labels
enhancement New feature or request help wanted Extra attention is needed question Further information is requested

Comments

@proofoftom
Copy link
Member

proofoftom commented Apr 23, 2020
edited
Loading

Currently anyone can submit a proposal which could lead to an adversary submitting many junk proposals making it impossible to filter fact from fiction. To rectify, only members of the respective moloch's minion should be able to submit proposals with that minion.
@proofoftom proofoftom changed the title Only allow guild members to submit proposals Only allow moloch members to submit proposals Apr 23, 2020
@wolflo
Copy link
Member

wolflo commented Apr 23, 2020

I think this is a good discussion to have. The complexity of figuring out what a minion proposal does means it potentially deserves more barriers than a standard proposal. On the other hand, the molochV2 ideal seems to be that proposal submission is free and open and sponsorship is what separates spam from valid proposals.

@wolflo wolflo added enhancement New feature or request help wanted Extra attention is needed question Further information is requested labels Apr 24, 2020
@dekanbro
Copy link
Contributor

yeah was thinking we should allow a minion submitter to add tribute. Adding a small tribute would be like a fee paid to the dao for the extra audit resposibilities. even staking a small fee would probably weed out most spam.

@wolflo
Copy link
Member

wolflo commented Apr 25, 2020

Yeah that's a good point. Are you thinking a tribute to the dao or directly to the minion? If it's a deposit, I suppose it would have to just be managed by the minion. But if its a permanent tribute, we could give it to the minion or have the minion pass it on to the moloch.

I think if it's a payment rather than a deposit, it might discourage a lot of use cases that require extra executions (e.g. ERC20 approves), unless we also expanded the current one-execution-at-a-time method.

@wolflo
Copy link
Member

wolflo commented Apr 25, 2020

If we were going to implement some sort of "proposal control", would be interesting to look into something along the lines of this to allow daos to set their own standards for who can submit a proposal. Maybe opening it to anyone, limiting it to members, or setting a whitelist.

Would also require setting a standard for some sort of dao-to-minion communication, though. We are somewhat limited by how much important information it's reasonable to encode in the details string or embed in the minion itself. The more complexity we add, the more difficult it gets to decipher what a proposal will do. Oh, and in the details string we're also limited to utf-8 data if we want external libraries to work at the moment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@proofoftom @dekanbro @wolflo