Community Pool Spending

Hmm. Not sure how you’d do a local bypass? (since any call to the oracle is noted and the oracle’s state changes with every call).

The UX price you can handle by wrapping the oracle interaction in handled libs/having your program run on a random seed that gets pulled initially/periodically (which for sidechannel reasons is better anyway)

I can query my own node’s oracle locally, as if txs from the network were received. If I see a result I like I can rewind my local node to the network’s state and broadcast the same ‘good’ tx to the network.

It all collapses to the same solution we have now - there’s shared randomness/hidden internal state. That, alongside some external public information can lead to fresh pseudo-randomness, but this is risky since it can be manipulated. Surely, there are ways to minimize that exposure (e.g., your suggestion, or others that make it really hard to predict that oracle locally and then broadcast that to the network), but it’s tricky, and in that case I’d argue that using other solutions like commit-reveal or threshold signatures are better.

Clearly, I’m playing devil’s advocate here. I’m happy to be proven wrong on this, but to do so you should propose a more complete solution that carefully examines the issue of oracle manipulation/predictability.

https://eprint.iacr.org/2005/029.pdf seems relevant.

How can you query your own node’s oracle locally? This seems like an issue with the ‘everyone is running every task’ setup

(because if you can query your own node locally, you can use search-decision to pull out any secret data)

You don’t need to query it directly, but because all nodes run the same calculations and have the same state you can run calculations locally without broadcasting them, specifically calculations that use the oracle’s state after the “request for x bits of randomness” you described. If the response is on-chain like you said then it’s part of the state of every node (even if it’s encrypted), and there’s no way calling the oracle, waiting for the response and using the randomness in the same tx/block, because then we are exposed to reentrancy attack https://www.cosmwasm.com/docs/getting-started/smart-contracts#avoiding-reentrancy-attacks

Wait, contracts can’t pull data from other contracts midway through execution??? you can’t allow inline calls to other contracts of any sort???

That does make this harder lol

Putting this here for others to be able follow this conversation on discord:

2 Likes

I would like to see a new module built that would enable multiple parties to be compensated through a single proposal.

How it works right now
Right now if you put forward a proposal to fund something via the community pool you can only set one recipient for funds in the proposal.

How I’d like it work
When someone submits a proposal they can designate amounts for multiple recipients.

What does this solve?
Currently if a proposal with multiple contributors is worked on these are the available options to get everyone compensated.

  1. One party gets all the funds and disperses them to the other contributors.
  2. A general proposal passes on the network that doesn’t secure funding for the work, then each contributor needs to individually submit a proposal to the network to be compensated for their work.

A couple ways this could be used
A) Get a vote on a proposal + secure funding for everyone in 1 proposal.
B) Get a vote on a proposal that multiple parties work on then after all the work everyone can get paid in 1 proposal.

For projects with many participants this would lower the total number of proposals needed to happen in association with one project.

My understanding is that this is entirely possible to do. I can add further technical information on one approach to this if needed.

2 Likes

Cool idea @moonstash, this can also be done right now with multisig.

The multisig approach is valid but it has more coordination and points of failure needed than the module approach. In the short term i agree multisig works though.

1 Like