Smart accounts using aragonOS


#1

Following my post on personal DAOs, I wanted to sketch out a possible form they can take.

From now on, I will use the term smart accounts coined by Jeremy Macaluso on this post.

Contract

Your account is represented by an aragonOS app. This app forwards transactions on your behalf when a set of criteria is met.

Since the smart contract would be an AragonApp , it would get upgradeability and interoperability with other Aragon apps for free.

The contract would store:

  • An array of addresses called addresses , that are controlled by this account

  • An integer called threshold , which defines how many signatures from those addresses are required for the Identity contract to forward a transaction

This identity contract would expose the following functions.

forward

It implements a forwarder, which forwards any payload to another address. By this means, the identity can manifest its will.

This method would have to be provided with a threshold amount of signatures from addresses . This way, signatures could be created off-chain, and put together when the account needs to forward a message, thus reducing the number of on-chain transactions.

addAddress / removeAddress / swapAddress

Methods for modifying addresses . They could have different permission settings, but in this particular case, let’s say that just this smart account app can do it.

recover

This method forwards a message overriding the signature checks that are present in forward . This method would be under a permission that could be set so a group of friends or trusted parties can call it.

For example, a Voting app could have permission to call it, and a Token Manager app could have permission to open new votes. You could give Account recovery tokens to the parties that you trust for this process.

Its functionality could also be restricted to call the methods that modify addresses and threshold .

Features

Self-upgradeable

The account can have permissions to upgrade its own reference in the kernel, therefore enabling self-upgradeability.

Mutable

We can set the smart account itself as its permission manager, therefore it could change its own permissions over time, and change how it works.

Elegant recovery

All checks can be overriden all by using recover , which just enables the account to forward a message. Since the account has permissions over itself, recovering means just forwarding a message to itself.

Open questions

  • Is this gas efficient? Would just need to check signatures to forward the transaction, so I’m guessing so

  • Can we implement a forward function that takes signatures as a parameter?

  • Isn’t this just an aragonOS-based multisig? It can seem so, although I’d argue that the most basic smart account is just a multisig with a smart and governable recovery mechanism


#2

This is a great smart organization that could be implemented relatively soon. I think that we could implement it using some of the apps that already exist. The voting app is already a forwarder that implements all the necessary threshold logic and has been audited. All we need is a token manager that implements addAddress/removeAddress/recover.

  • We can implement a forwarder which only forwards functions from a specific private key based account, which is equivalent to taking a signature as a parameter, I think.
  • This is an aragonOS-based multisig, but this is just the start. I don’t think that there is any other multisig with the composability, upgradability, or permissions features that this provides.

#3

This is an aragonOS-based multisig, but this is just the start. I don’t think that there is any other multisig with the composability, upgradability, or permissions features that this provides.

Totally agree! This is a great plus, just it being an Aragon app

On the token manager that implements addAddr/removeAddr/recover, don’t you think having a token manager may be too much for that? Deploying a MiniMe token can be an overkill if what we need is closer to https://github.com/christianlundkvist/simple-multisig. Thoughts?


#4

Would it make things simpler if the minime token could be added to the Smart Account as only a proxy contract? e.g. https://github.com/Recoblix/minime-app .