Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Outline blocking dependencies on centralised tools (e.g. etherscan) #29

Open
3 tasks done
SidestreamColdMelon opened this issue May 21, 2024 · 4 comments
Open
3 tasks done

Outline blocking dependencies on centralised tools (e.g. etherscan) #29

SidestreamColdMelon opened this issue May 21, 2024 · 4 comments
Assignees
@SidestreamColdMelon

Comments

@SidestreamColdMelon
Copy link
Contributor

SidestreamColdMelon commented May 21, 2024
edited
Loading

Goal

Checklists do not enforce processes that are blocked in case a single service is down

Context

Recently, spell team experienced downtime of etherscan, which caused a multi-hour delay in the spell handover and later confusion among delegates on why contract is not verified on etherscan. The delay was resolved by unanimous agreement within the spell team to proceed with an alternative verifier service and later still use etherscan to verify contract and resolve the confusion. Another reason to not depend on a single service is of course security: it's much easier to compromise a single crucial service documented in the process, than try to attack multiple independent services at the same time.

In order to prepare to such events, we should 1) evaluate existing dependencies 2) evaluate potential circumventions 3) proceed with removing dependencies one-by-one.

Todo

  • List existing dependencies found in the checklists / known processes
  • List potential circumventions (general or applicable to each specific dependency)
  • Create first specific issue to remove dependency on etherscan
@SidestreamColdMelon SidestreamColdMelon self-assigned this May 21, 2024
@SidestreamColdMelon
Copy link
Contributor Author

Existing dependencies found in the checklists / known processes

@SidestreamColdMelon
Copy link
Contributor Author

Potential circumventions

Most used services are not lock-in (e.g.: git, ipfs, xlsx, messaging) to circumvent their offline/compromised state we can just pre-define their alternatives. Less portable are spreadsheet comments, github PR reviews and discord channels as they have additional permissions attached to them. The most centralized services that does not have easily interchangeable alternatives are etherscan.io and tenderly.co.

  1. Pre-define alternative services / communication channels. Applicable to:

    • Exec Sheet hosted on https://docs.google.com/spreadsheets/
      • Define a process in which instructions (e.g. raw xlsx file) can be sent over a group message or hosted on a different server if google docs are down
    • All repositories hosted on http://github.com
      • Mirror existing repositories into another git providers, use CI to keep them in sync
    • Source code verified on https://etherscan.io
      • Use multiple different services to verify the source code
    • Rates hosted on https://ipfs.io
      • Define different trusted ipfs gateways

  2. Where possible, use local tools instead of services. Explicitly mark service-based checks as additional/non-blocking. Applicable to:

    • CI tests on http://github.com
      • Define this step as additional (as we're already running tests locally) or use 2 other CI providers
    • References to other repos at http://github.com
      • Write a script to pre-fetch all referenced repositories locally
    • Timestamp converter on https://www.epochconverter.com
      • Replace with local converter command / script which is part of the repo

  3. Replace non-portable linked resources (PR comments / issues / releases / wikis and other information stored outside git) with git or ipfs. Applicable to:

    • Mentioned wiki page

      pe-checklists/spell/spell-reviewer-mainnet-checklist.md

      Line 57 in 1aa58ee

      * [ ] Precision units match with [Numerical Ranges](https://github.com/makerdao/dss/wiki/Numerical-Ranges#notation)
      • Find another source for the same information inside a different repo (as wikis are actually more easily editable)
    • Mentioned github issue

      pe-checklists/spell/spell-crafter-mainnet-workflow.md

      Line 92 in 1aa58ee

      * [ ] Avoid `dss-interfaces` multi-import layout (see [issue #69](https://github.com/makerdao/dss-interfaces/issues/69))
      • Describe the problem inside the checklist, otherwise make it clear that the link is optional
    • Mentioned release

      pe-checklists/spell/spell-reviewer-mainnet-checklist.md

      Line 38 in 1aa58ee

      * [ ] git submodule hash of `dss-exec-lib` (run `git submodule status`) matches the [latest release version](https://github.com/makerdao/dss-exec-lib/releases) or newer
      • Ensure alternative check is described (local tag) or alternative remote is listed

  4. Use on-chain registry of the team + attestations for the most security-crucial operations. Applicable to:

@SidestreamColdMelon SidestreamColdMelon mentioned this issue Jun 3, 2024
Open
8 tasks
@SidestreamColdMelon SidestreamColdMelon changed the title Remove blocking dependencies on centralised tools (e.g. etherscan) Outline blocking dependencies on centralised tools (e.g. etherscan) Jun 3, 2024
@SidestreamColdMelon
Copy link
Contributor Author

First specific issue for etherscan is created: #31

@0xp3th1um
Copy link

I am making a few comments below in order to move forward with this. I think each topic should be taken into consideration separately in a different issue/thread.

  • https://docs.google.com/spreadsheets/ => we can use excel compatible formats that can be stored on cloud or ipfs and then opened locally. It is of low severity since different people can create a sheet and it is hard to have censorship.

  • http://github.com => Alternative options: Gitlab, Bitbucket etc. We should keep local copies in case the Maker account gets suspended e.g. techops making a local copy once a day.

  • https://ipfs.io/ => Alternative options Arweave,Swarm etc. Pretty decentralized with good availability.

  • https://etherscan.io/ => no good alternative. Blockscout or sourceify not widely used and without the same features.

  • https://discord.com/ = > https://signal.org/ or telegram? Create communication channels.

  • https://signal.org/ => use also telegram? We can share emergency emails for all governance facilitators and spell casters/revierwers.

  • https://tenderly.co/ => There is no other alternative replacement since the testenets are deprecated.

  • Foundry = > Hard to replace. Low severity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SidestreamColdMelon SidestreamColdMelon

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SidestreamColdMelon @0xp3th1um