dgf-prototype/specification/docs/system-design.md

9.1 KiB

System Design

In the Requirements section, we identified the need for the following smart contracts: Reputation, Bench, Forum, Work, Proposal, and Rollup.

We also identified the need for a mechanism for coordinating Rollup Post validation. To address this need, we introduce Matrix, a federated messaging protocol. Our application uses the Client-Server protocol to communicate with a Matrix Homeserver.

Contracts

The following is a dependency graph, where the arrows represent one contract calling another.

flowchart BT
subgraph Core Contracts
Reputation
Bench
Forum
end
subgraph Business Logic
Work
Proposal
Rollup
end
Bench --> Reputation
Proposal --> Bench
Proposal --> Reputation
Work --> Reputation
Work --> Bench
Work --> Rollup
Work --> Proposal
Forum --> Reputation
Bench --> Forum
Rollup --> Bench

Reputation, Forum, and Bench can be considered core contracts. Together they provide the necessary primitives for a DAO to carry out its business.

Work, Proposal, and Rollup can be considered business logic. They allow the DAO to support arbitrarily complex use cases, according to its needs.

Reputation

We can achieve the requirements of the Reputation contract as follows:

  1. Reputation may be implemented as an ERC20 token contract.

  2. transfer and transferFrom methods must be disabled, so that REP may not be transferred.

  3. Reputation internal methods (mint, burn, update) may be called only by the Bench and Forum contracts.

Bench

To achieve the Bench requirements, the contract must do the following:

  1. Define a minimum quorum

  2. Define a minimum and maximum VP duration

  3. Keep a record of Validation Pools

  4. Implement a method for initiating a Validation Pool (VP)

    1. The caller should be able to provide an optional callback to be executed when the VP is concluded
  5. Implement a method for evaluating the outcome of a Validation Pool

    1. If provided, the callback should be executed, and should be passed the results of the VP

Forum

To achieve the Forum requirements, the contract must do the following:

  1. Keep a record of Posts, indexed by Post ID

  2. Implement a method to add a Post

  3. Implement a recursive method to distribute Reputation to a Post's references and authors.

    1. This method must be called only by the Bench, when a Validation Pool is accepted.

Proposal

To achieve the Proposals requirements, the contract must do the following:

  1. Define an attestation threshold

  2. Keep a record of Proposals

  3. Implement a method to initiate a Proposal

    1. The caller should be able to provide an optional callback to be executed when and if the Proposal is accepted
  4. Implement a method for a DAO member to attest to a Proposal

  5. Implement a method to evaluate the attestation for a given Proposal

    1. If the attestation threshold is met, begin the referendum process
  6. Implement the referendum process

    1. Initiate the VP for the current stage referendum

    2. Provide a callback to be executed when each referendum VP concludes, that advances the Proposal through the referenda stages according to the requirements.

    3. If the Proposal passes all referenda stages, and a callback was provided, the callback should be executed.

Availability

For convenience, we can define an Availability contract, as a base contract that other contracts may extend. Work contracts as well as the Rollup contract need to use this Availability mechanism.

To achieve the requirements, the Availability contract must do the following:

  1. Keep a record of Worker availability stakes

  2. Implement a method to accept Worker availability stakes

  3. Implement a method to select a Worker by random weighted selection, weighted by the amount each Worker staked.

Work

To achieve the Work Smart Contract requirements, a work contract must do the following:

  1. Inherit from the Availability contract

  2. Define a price for the work

    1. Optionally, implement a method to initate a Proposal to change the price
  3. Implement a method for a Customer to request work

  4. Implement a method for a Worker to submit Work Evidence (WEV)

  5. Implement a method for a Customer to submit work approval/disapproval

    1. Once approval/disapproval is submitted, either initiate a Validation Pool tarageting the WEV, or submit the fee and worker's REP stakes to the Rollup contract instead (explained below).

Rollup

Rather than submit every Post on-chain and conduct every Validation Pool on-chain, it is more efficient to keep a collection of Posts off-chain, and add a single Rollup Post on-chain representing multiple off-chain Posts.

With this Rollup Post, we have the opportunity to attribute credit to multiple authors, with a weight assigned to each author. We can express this weight as parts per million (PPM), for a balance between numerical precision, and ease of visual recognition.

The Rollup Post can weight authorship in accordance with the off-chain Validation Pools that have taken place. The off-chain system can fully model the Forum and Bench outlined in the Requirements section. For demonstration purposes, our prototype makes some simplifying assumptions. Work Evidence Posts (WEV) are assumed to contain no references to prior Posts. In reality, we want WEV to be able to reference prior Posts, such as those representing policies of the DAO, prior work by other DAO members, prior art outside the DAO, and so on. So, a proper implementation of this system should account for these references, just as the Forum contract must.

To achieve the Rollup requirements, the contract must do the following:

  1. Inherit from the Availability contract

  2. Keep a queue of items to be batched

  3. Implement a method to add an item to the queue of items to be batched

  4. Implement a method for the current batch worker to initiate a Validation Pool targeting a Rollup Post that represents items from the batch queue.

    1. Items must be submitted in order without skipping any items
  5. Implement a method to select a new batch worker

    1. If this method is called to replace a batch worker who has failed to submit the next batch, a Validation Pool should be initiated and the batch worker's stakes submitted in favor of the VP. The DAO members may then stake against this VP, punishing the worker who failed to submit the batch.

Off-chain Operations

As outlined in the Rollup section above, we need to define processes for handling off-chain Posts and Validation Pools. On-chain, Posts are represented by a unique identifier, but the Post content is always stored off-chain. So, every on-chain Post must have a corresponding off-chain Post. These off-chain posts should be visible to the public. To achieve this, we introduce a Forum API, that supports writing and reading off-chain Posts.

Forum API

Write

Parameters

Name Type
sender Wallet address
authors Array of tuples: (Wallet address, weight)
content String
references Array of tuples: (Post ID, weight)
embeddedData Object
signature Sender or author signature of content and embeddedData

In order to protect the integrity of the off-chain Forum, the API should verify that the Post is signed by one of its authors, or by the sender. The reason for allowing the Post to be signed by the sender rather than by an author, is to support the use case of adding a Post on behalf of its author(s).

The API should compute a hash of all input parameters except for references, and use this hash as the key for storing the Post. The hash should also be returned to the caller.

The reason for excluding references from the hash, is to support the use case of importing Posts from an existing data source. If we included the references, then to import any Posts from an existing data source, we would have to import every referenced post, starting with the earliest, in order to compute the entire tree of references made by a given Post. By omitting references from the hash, it becomes possible to precompute the hash (a.k.a. ID) of referenced Posts that have not yet been imported.

The reason for excluding references from the signature, is to reduce the number of queries that must be made to an existing data source when importing a Post.

Note that because references is not included in the hash, there is a replay attack vulnerability. Someone could read an existing Post, modify the references, and write the modified Post back to the API. The signatures will still be valid even though the references have changed, and the new references will overwrite the previous references. Note that this would only affect the off-chain record of the Post's references. If the Post is published to the on-chain Forum, it is not subject to such modification, as a Post with a given ID can only be added once. To mitigate this vulnerabliity in the off-chain Forum, we should reject a write attempt if a Post with the given ID already exists.

When

Read

Automated Staking

Validation Pool

Rollup

User Interface

Web App

Widget

Other

  • Register Matrix Identity
  • Imprt from Semantic Scholar
  • Import from Matrix
  • Bot Commands