-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add PodAdmin gateway - expose admin fns and veto #587
Add PodAdmin gateway - expose admin fns and veto #587
Conversation
ef1ca5d
to
7f9f80c
Compare
I think a much more scalable architecture would be to hash the podId with some salt like "ORCA_POD" and have that role be the "specific pod admin". We'd only need at most one of these roles per pod. Instead of giving ROLE_ADMIN the control over this, perhaps a better role would be "POD_ADMIN" which specifically can do all of these things. The POD_ADMIN should also be able to grant these role specific admins. So then we have the following admin priviledges for all pods: AddMember(): GOVERNOR and POD_ADMIN and "specific pod admin" |
This makes sense and I like it, it's more scaleable as you say. Implementing |
Summary
Introduces a
PodAdminGateway
contract, which is set as thePodAdmin
address for all deployed Orca pods.It is introduced for three reasons:
The goal is for the pods to have the following TribeRoles with the following admin priviledges :
addMember()
:GOVERNOR
,POD_ADMIN
and specific pod admins granted this granular roleremoveMember()
:GOVERNOR
,POD_ADMIN
,GUARDIAN
and specific pod admins granted this granular roleveto()
:GOVERNOR
,POD_VETO_ADMIN
,GUARDIAN
and specific pod admins granted this role