Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FR] - Proactive protection against GovAction deposit losses #900

Closed
gitmachtl opened this issue Sep 18, 2024 · 2 comments · Fixed by #963
Closed

[FR] - Proactive protection against GovAction deposit losses #900

gitmachtl opened this issue Sep 18, 2024 · 2 comments · Fixed by #963
Labels
enhancement New feature or request

Comments

@gitmachtl
Copy link
Contributor

gitmachtl commented Sep 18, 2024

As we talked about this issue in the CLI/API workgroup meeting #2 , i will leave a link here to the original
issue raised on the ledger repo. IntersectMBO/cardano-ledger#4605

If not possible to implement it on the ledger level, we should at least try to implement a basic guard against governance action deposit losses via a wrong or retired deposit-return stake address on the cardano-cli level.

So the major two things to check would be:

  • The scenario that someone uses a wrong stake address as the deposit return address. Once submitted, there is no way to correct the wrong address anymore afterwards. Deposit funds would be lost. A basic check should be done at time of submit (cardano-cli transaction submit), that the stakeaddress used as deposit-return-address in a governance action actually is registered on chain. Thats not a total protection in case someone uses a wrong existing stakeaddress, but at least it would help to prevent mistakes a little better.

  • Another scenario is, that someone is doing a stakeaddress deregistration while that same stakeaddress is involved in an active governance proposal. Once the proposal times out or gets enacted, the deposit fee (currently 100kAda) would be lost. So there should be a check at time of the retirement certificate submit (cardano-cli transaction submit), that there are no active actions running that include that same stake address as a deposit-return-address. One little drawback would be that some 3rd party player could block the deregistration of a stakeaddress by using it as the deposit-return-address in there action propsals. But than also the deposit amount would go to that stake address. So very unlikely.

@CarlosLopezDeLara
Copy link
Contributor

CarlosLopezDeLara commented Sep 18, 2024

Perhaps the most natural place would be in build, however that would leave build-raw users without this protection. So I think it makes sense to add the check on transaction submit as suggested by @gitmachtl.

EDIT: Since IntersectMBO/cardano-ledger#4639 prevents us from using unregistered stake addresses in proposals' deposits and treasury withdrawals, we can now just implement a fail on build.

@CarlosLopezDeLara CarlosLopezDeLara added the enhancement New feature or request label Oct 1, 2024
Copy link

github-actions bot commented Nov 1, 2024

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 120 days.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants