Multisig Management
SKALE Chain administration may be controlled by a Multisig contract, where a predefined number of signatures are required to confirm and execute transactions.
The SKALE chain owner manages many settings of the SKALE chain and IMA bridge. Smart contracts control these settings, and some of these settings are configured on Ethereum and others on the SKALE chain itself.
During SKALE chain creation, the owner specifies its address, which is used by smart contracts to authorize it.
| If the SKALE chain owner uses a multisig wallet on Ethereum (for example, Gnosis SAFE) to control a SKALE chain, it can’t make direct calls to smart contracts on the SKALE chain. |
In this case, there is a Marionette smart contract to allow the SKALE chain owner to call smart contracts on a SKALE chain. It’s a representative of the multisig wallet on the SKALE chain, and it’s predeployed and set up from the beginning of the SKALE chain.
| SKALE chains deployed before V2 release don’t have Marionette functionality. |
Marionette listens to messages from IMA, and if the message sender is equal to the SKALE chain owner address, it decodes function call and performs it.
| Arbitrary contract calls can be encoded into an IMA message using https://github.com/skalenetwork/multisigwallet-cli. |
Example using Gnosis SAFE
Assume a Gnosis SAFE multisig wallet owns a SKALE chain named example-chain.
Running this command:
npx msig encodeData example-chain ConfigController addToWhitelist <ethereum-address>will print a hex string representing transaction data that needs to be sent to IMA to trigger the addToWhitelist function of the ConfigController smart contract.
Further creation, signing, and execution of a regular Safe transaction with the data will eventually perform needed changes on the SKALE chain.
Fallback option & Example using Predeployed Multisig
There is a fallback option to control Marionette directly without using IMA. For this purpose, Gnosis MultiSigWallet is predeployed on the SKALE chain. Initially, it has only one owner specified by the SKALE chain owner during SKALE chain creation as the originator address.
It’s the SKALE chain owner’s responsibility to add additional owners to predeployed MultiSigWallet after chain creation to support sufficient security level.
|
Predeployed MultiSigWallet has the same authorization level in Marionette as the original SKALE chain owner multisig connected via IMA. The MultiSigWallet can send requests to Marionette to execute arbitrary smart contracts calls. This process can be simplified by using multisigwallet-cli.
Example
The first step is to set the SKALE chain endpoint and MultiSigWallet owner private key. (See multisigwallet-cli readme)
The second step is to execute:
npx msig submitTransaction ConfigController addToWhitelist <ethereum-address>This transaction will be encoded and added to the MultiSigWallet. Further signing and execution can be done either via multisigwallet-cli or Gnosis MultiSigWallet UI