L2 Dai is not censorship-resistant

[brianmcmichael]

In the L2 Dai implementation, governance has the ability to burn Dai in any address.

This enables Dai censorship of a user's wallet by governance, which means that we can't make the claim that L2 Dai is censorship-resistant as it is on L1.

This needs a broad team, and potentially MKR holder, discussion.

optimism-dai-bridge/contracts/l2/dai.sol

Line 168 in bc3d63f

if (from != msg.sender && wards[msg.sender] != 1) {

[krzkaczor]

As long as the bridge is governance controlled, what's the difference between:

1. Governance removing liquidity from L1Escrow
2. Governance diluting L2DAI by minting an arbitrary amount of DAI
3. Governance burning users' funds (what you brought up here)

In my opinion, there is not too much difference between these after all. The solution is always the same -- removing governance control over the construct. This will be possible to do (and always was planned) once we are done with moving MCD to L2.

[hexonaut]

To be fair the point about burning is unique as single addresses can be targeted which is not the case with minting or stealing from everyone. Agree overall this is not a problem though as we will remove governance's ability to access the erc20 dai contract once MCD is deployed. At that point it should only be mint/burn able through the daiJoin contract same as L1.