Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

context around immutable contract implementations #2

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

context around immutable contract implementations #2

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
16d845a
context around immutable contract implementations
JordanCason Mar 7, 2024
65656c1
Added context to pauser
JordanCason Mar 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,11 @@ If the **Verifier** applies any state changes (even transient ones), they should
## Writing Pausers
Because the exploit will be detailed onchain for all to see after the claim tx is made, **Pausers** should pause as much of the protocol to prevent replicating the exploit across related components (pools) of the system. Only the HoneyPause contract should be allowed to call `pause()` on the **Pauser** contract. The pause *must* occur when `Pauser.pause()` is called, and not in the payer, which is called immediately afterwards.

## Writing Pausers for Immutable Contracts
For protocols that prioritize immutability as a gold standard, integrating HoneyPause offers a novel solution that blends the security benefits of immutable contracts with the flexibility to respond to unforeseen vulnerabilities. Immutable contracts can gain an additional layer of dynamic response capability through HoneyPause without sacrificing their core principle of immutability until proven necessary.

Upon detecting a legitimate exploit, confirmed through a claim, the Pauser mechanism, designed to be dormant under normal conditions to preserve immutability, activates. This action temporarily assigns control to a designated recovery team, allowing for mitigation only compromising the contract's immutable nature when such intervention is unequivocally required and mitigates what would have otherwise destroyed the protocols functionality.

## Writing Payers
The **Payer** contract will be invoked by HoneyPause to transfer the bounty to the whitehat. Bounties can be in either ETH or ERC20. HoneyPause will surround the `payExploiter()` call with balance checks to ensure that payment has been delivered. The **Payer** contract should only allow the HoneyPause contract to call its `payExploiter()` function.

Expand All @@ -72,4 +77,4 @@ The simplest **Payer** implementation will transfer the bounty directly out of a

## Credits

HoneyPause is originally an EthDenver 2024 hack by [@justinschuldt](https://github.com/justinschuldt), [@CryptRillionair](https://twitter.com/CryptRillionair), and [@merklejerk](https://twitter.com/merklejerk), but we ultimately want this project to be community owned, so feedback and contributions are welcome!
HoneyPause is originally an EthDenver 2024 hack by [@justinschuldt](https://github.com/justinschuldt), [@CryptRillionair](https://twitter.com/CryptRillionair), and [@merklejerk](https://twitter.com/merklejerk), but we ultimately want this project to be community owned, so feedback and contributions are welcome!