Multisig wallet have to make storing the funds more secure, also it may implement complex logic for funds management. It has a flaw because the more logic becomes complicated the more probability for vulnerabilities increases.
The solution is to make multisig wallet upgradeable. That way the owners can change the functionality by their agreement.
Main contract store the address of permanent state. Delegate calls to replaceable wallet contract.
Permanent state store constant fields, increasing nonce, and the address of wallet contract that can be changed.
Implementation of multisig wallet that execute transactions confirmed with detached signatures of owners.
npm install -g truffle
npm install
truffle test
- Edit config.json (set owners and required field)
- Run migration to deploy contracts
truffle migrate --network ropsten -f 2
- Prepare new version of MultisigWalletUpgraded.sol
- Collect signatures from owners and set
signaturesfield at config.json - Run migration to deploy prepared version of methods and call method to change wallet in proxy
truffle migrate --network ropsten -f 3
Multisig deployed at 0xfa16f7f41a981e63956e493f00d4c1b2b9a67fe2
State deployed at 0x98dde691512e12fed869baa519aa0a213b066b25
Methods deployed at 0x8df3823ae493120c31318a26515ecbc271b8c140
- State has predefined structure
- Owners cannot add/remove owner