Ds-Chief
smart contract provides a method to elect a "chief" contract via an approval voting system. This may be combined with another contract, such as DSAuthority
, to elect a ruleset for a smart contract system.**DSChiefApprovals
provides the following public properties:**slates
: A mapping of bytes32
to address
arrays. Represents sets of candidates. Weighted votes are given to slates.votes
: A mapping of voter addresses to the slate they have voted for.approvals
: A mapping of candidate addresses to their uint
weight.deposits
: A mapping of voter addresses to uint
number of tokens locked.GOV
: DSToken
used for voting.IOU
: DSToken
issued in exchange for locking GOV
tokens.hat
: Contains the address of the current "chief."MAX_YAYS
: Maximum number of candidates a slate can hold.note
modifier from ds-note, meaning that they fire a standardized event when called. Additionally, one custom event is also provided:Etch(bytes32 indexed slate)
: Fired when a slate is created.DSChiefApprovals(DSToken GOV_, DSToken IOU_, uint MAX_YAYS_)
GOV
, IOU
, and MAX_YAYS
.lock(uint wad)
wad
GOV
tokens, issues an equal amount of IOU
tokens to the user, and adds wad
weight to the candidates on the user's selected slate. Fires a LogLock
event.free(uint wad)
wad
IOU
tokens, issues an equal amount of GOV
tokens to the user, and subtracts wad
weight from the candidates on the user's selected slate. Fires a LogFree
event.etch(address[] yays) returns (bytes32 slate)
slate
and return a unique identifier for it.vote(address[] yays) returns (bytes32 slate)
slate
, moves the voter's weight from their current slate to the new slate, and returns the slate's identifier.vote(bytes32 slate)
lift(address whom)
s/chief/hat
if it has more weight than the current s/chief/hat
.DSChief
is a combination of DSRoles
from the ds-roles
package and DSChiefApprovals
. It can be used in conjunction with ds-auth
(as an authority object) to govern smart contract systems.DSChief(DSToken GOV_, DSToken IOU_, uint MAX_YAYS_)
GOV
, IOU
, and MAX_YAYS
.setOwner(address owner_)
DSAuth
.setAuthority(DSAuthority authority_)
DSAuth
.isUserRoot(address who) constant returns (bool)
true
if the given address is the chief.setRootUser(address who, bool enabled)
DSRoles
.DSRoles
ds-chief
could be used as a token-weighted voting system governing another set of smart contracts that uses the ds-auth
with ds-roles
. In a scenario such as this, "candidates" would consist of contracts changing the state of the smart contract set under governance. Such a contract being elected as ”hat" would be granted all of the permissions to execute whatever changes are necessary. The ds-chief
could also be used within such a contract set in conjunction with a proxy contract, such as ds-proxy
or a name resolution system like ENS for the purpose of voting in new versions of contracts.DSChief
or other similar contracts use the same governance token by means of accepting the IOU token of the DSChief
contract before it is a governance token.DSChief
contracts (chiefA, chiefB, and chiefC) and a chiefA.GOV
that is the MKR token. If we set chiefB.GOV
to chiefA.IOU
and chiefC.GOV
to chiefB.IOU
, this allows all three contracts to run using a common group of MKR.ds-chief
, n is equal to 1.ds-chief
weighs votes according to the quantity of a voting token that has been chosen to lock up in the DSChief
or the DSChiefApprovals
contract. It's important to note that the voting token used in a ds-chief
deployment must be specified at the time of deployment and cannot be changed afterward.etch
and vote
functions must be byte-ordered sets.[0x0, 0x1, 0x2, ...]
is valid but using [0x1, 0x0, ...]
and [0x0, 0x0, 0x1, ...]
is not. This ordering constraint allows the contract to cheaply ensure voters cannot multiply their weights by listing the same candidate on their slate multiple times.lift
is called on it. So, even if a spell gains much more MKR on it than the hat, if lift
is never called on it, the hat will remain on a spell that no longer has the most MKR. This could lower the bar for the amount of MKR needed to pass something, potentially making the system less safe.hat
to be safe against governance attacks while the voters enacting the change itself must have enough MKR in the old chief to pass the proposal.