Multi-signature functionality for StarkNet.
Latest npm package:
Projects using this repository's code will be deleted in the next Regenesis. Read more below. Do not use in production.
The current version contains all basic multisig functionality. This version consists of two pieces:
- Cairo contract code
- Unit tests for testing all the multisig functionality
The current version supports on-chain multi-signatures. The multisig is a separate contract, which is called through your regular account contract (wallet).
StarkNet will have a regenesis event around the end of 2022.
The regenesis will break any deployments of this contract's code. Therefore the regenesis will basically destroy any deployed Starsign contracts.
It is therefore imperative that you do not use this repository's code before:
- Regenesis event has passed
- The code has been updated to Cairo version 1.0
- This README is updated accordingly
We regret the situation but there isn't much we could do about it. Any non-upgradeable contract will get destroyed in the regenesis. There is little point in making our contracts upgradeable just to accommodate the regenesis.
The contracts pre-1.0 version has been audited by Trail of Bits. The report can be found here.
The audit report only audited a snapshot of the repository and does not include information about implemented fixes to the code. Issues 1-3 mentioned in the report have been fixed, informational issue 4 resulted in a disagreement and ended up as not addressed.
The following functionality is supported:
- Create a new multisig contract with the following parameters:
- List of signer addresses
- Multisig threshold
- Submit a transaction
- Confirm a transaction
- Execute a transaction
- Revoke a confirmation
- Change the list of signers and threshold
When creating a new transaction, you should call the submit_transaction function with the following parameters:
to: Address of the transaction targetfunction_selector: Name of the target function, decoded as an integer (felt)calldata_len: The amount of custom parameters to pass to the target functioncalldata: The custom parameters to pass to the target functionnonce: Transaction nonce. Has to be +1 compared to the previous submitted transaction
Only signers of the multisig can submit a transaction.
Once a transaction has been submitted to the multisig, it needs to be confirmed by threshold amount of signers. To confirm a transaction as a signer, you should call the confirm_transaction function with the transaction nonce as parameter.
Only signers of the multisig can confirm a transaction.
Once a transaction has been confirmed by threshold amount of signers, it can be executed by anyone - the executer does not have to be a signer. The execution is done by calling the execute_transaction function with the transaction nonce as parameter.
If you, as a signer, have confirmed a transaction, but wish to revoke the confirmation, you can call the revoke_confirmation function with the transaction nonce as parameter.
There exist three functions for changing the signers and threshold:
set_thresholdset_signersset_signers_and_threshold
Only signers can change the threshold and the amount of signers. These actions need to go through the multisig itself, so you have to go through the submit_transaction function (setting the multisig contract itself as the transaction target).
In near future we'll get here:
- A real UI
- Possibly an option to use an account contract as multisig
- Possibly off-chain signatures
The current implementation uses Option 1 in the following image. Option 2 is in our roadmap for near future.
The contracts are:
- Multisig.cairo: main multisig functionality
- util.cairo: various helper functionality
- Target.cairo: a mock of the target contract for the multisig, used in testing
- Starknet Hardhat plugin
- Starknet devnet, a local Starknet instance
Recommended operating system is Ubuntu. If on Windows, use WSL2. Requires Python 3.8 or later.
Installation:
yarn
python -m venv .venv
source ./.venv/bin/activate
Follow the Cairo installation instructions. After that, inside the virtual environment:
- Install Cairo devnet (local blockchain)
python -m pip install starknet-devnet - Compile the contracts:
npx hardhat starknet-compile contracts - Run the devnet:
npm run local - Open another venv tab and run the unit tests with
npx hardhat test
Tested to be working at least with devnet version 0.2.10.
Thanks to Sam Barnes for creating the initial multisig code and offering it available.
Created by Equilibrium.
If you have any question, feel free to join our Discord.