Initial proposal for excubiae framework
#3
Conversation
…d; conform to natspec
|
|
||
| /// @notice Tracks whether an address has successfully passed the gate check. | ||
| /// @dev Maps an address to a boolean indicating pass status. | ||
| mapping(address => bool) public checked; |
There was a problem hiding this comment.
so here's the tricky part, given this is supposed to be the abstract contract everyone inherits from, I think it's best that either this mapping is as generalized as possible, so instead of address you store the encoded data like bytes (which not sure if it always works), or you omit this mapping from this contract and make it clear that each gate contract should implement this mapping to prevent double signups. Just thinking along the lines of: a user comes to the gate with something they own, and that something that owns is what grants them access, like in a door you grant access to anyone that has a key. If you then keep an image of their face to prevent entering once, they could give the key to someone else to enter, but if you prevent the same key from entering, even if they give the key to someone else they won't be able to enter. If someone though gives you their unused key then you could enter twice which is a problem, but they wouldn't be able to enter themselves (so maybe this needs even a bit more thinking, and storing both what you own and who you are if both make sense for the specific gate). This assumes the "key" can be transferred which might not always be the case in something like EAS, Zupass, etc. but just trying to make this as general as possible if that makes sense
There was a problem hiding this comment.
TLDR I think in general it might be easier if a specific gate decides the data type of this mapping
There was a problem hiding this comment.
OK, all clear. To stop someone else (a passerby) from using the same data, regardless of protocol, to try to pass the gatekeeper check twice but with a different address, we need to save two mappings: one for the passerby and one for the data.
In short, we have two options:
- Do nothing and let the abstract contract implementer decide what information to save in the pass + check logic to avoid sibyl.
- Make sure everyone saves the address and data in mappings.
As we discussed in the chat, let's stick with the first option for now until we come up with a registry or logic that can be merged into a single solution. Therefore, people need to implement their own method based on their own "credentials" to potentially avoid:
- different addresses using the same data to pass the check.
- the same address passing the check twice with the same data (can be useful for some protocols, for others not).
There was a problem hiding this comment.
btw, reflected these decisions in the usage section of the README, specifying that the developer needs to provide their own logic for gatekeeping + preventing unwanted access.
0xjei
force-pushed
the
proposal/gatekeepers
branch
from
f552677 to
f10bd6d
Compare
…heck; add unit test
Add basic `EASExcubia` implementation
Description
This PR proposes a framework for general purpose on-chain gatekeepers. You can find more at the following HackMD document.
Related Issue(s)
None.
Other information
None.
Checklist
yarn formatandyarn compilewithout getting any errors