aragonOS
aragonOS copied to clipboard
ACL: privileged root account / mode
Preamble
Similar to some discussions in https://github.com/aragon/aragonOS/issues/546, but generalized to also work for already deployed organizations who may want to do many permission changes at once (e.g. a permissions migration). Ideally, this would also work for the onboarding case in https://github.com/aragon/aragonOS/issues/546.
Changes
Add storage slots and management functionality to the ACL to keep track of one (or perhaps more?) "root" addresses that has the ability to change any aspect of the ACL.
The ideal user would write a contract / evm script that completes all the permissions migrations atomically, and then wrap a call into this contract / evm script with an enterRootMode()
and exitRootMode()
. Their ACL would enter and exit root mode in the same transaction, leaving no exposed vulnerabilities by the end.
We may even want to further protect access to this functionality by only offering an exposed function that already has this wrapped, that accepts either a contract address and calldata or evmscript.