You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With governance v1, when executing messages that may be submitted by governance a check is performed to make sure that the address of the signer matches the authority set in the keeper. In the current design, it is possible only to specify one authority, which means that besides the governance module it is not possible to allow other address, such as x/group policy addresses, to also execute messages.
Proposal
Once the PR to self-manage 02-client params is merged, we could add an extra field to 02-client Params to store a list of addresses that, besides the authority set during instantiation of 02-client keeper through its constructor, would be allowed to execute the messages to recover and upgrade a client. This new field may be named, for example, AllowedAuthorities, and would be of type []string.
This addition would fulfil the delegation of responsibility for IBC related proposals to trusted groups (edit) benefit mentioned in #1282, and would be used for #3326.
The text was updated successfully, but these errors were encountered:
After discussion with the SDK team, we will follow the approach recommended by them of granting other parties permission to execute messages on behalf of governance using authz.
Part of #1282
Problem
With governance v1, when executing messages that may be submitted by governance a check is performed to make sure that the address of the signer matches the authority set in the keeper. In the current design, it is possible only to specify one authority, which means that besides the governance module it is not possible to allow other address, such as
x/group
policy addresses, to also execute messages.Proposal
Once the PR to self-manage 02-client params is merged, we could add an extra field to 02-client
Params
to store a list of addresses that, besides the authority set during instantiation of 02-client keeper through its constructor, would be allowed to execute the messages to recover and upgrade a client. This new field may be named, for example,AllowedAuthorities
, and would be of type[]string
.This addition would fulfil the
delegation of responsibility for IBC related proposals to trusted groups (edit)
benefit mentioned in #1282, and would be used for #3326.The text was updated successfully, but these errors were encountered: