--
To unsubscribe from this group and stop receiving emails from it, send an email to dev+uns...@urbit.org.
Michael, this is fascinating work. Thank you for sharing an update and for getting so involved here.
As you know, Tlon is focused mostly on building Urbit itself, and we don’t give much thought to tokens. We have typically steered clear of any projects that have to do with transacting Urbit address space. That said, we’ve heard from you and a few others that this is moving forward whether we pay attention or not. Generally that’s a good thing — Urbit is an ecosystem of developers, and Tlon is just one of those; we’re not the final arbiters of what should be done with Urbit. That said, it does appear that this project could have a significant impact on the security of the network as a whole, and so it has become something of an all hands on deck situation.
Taking your requests in order, our view is the following:
Generally our take on this work is that it’s a community project, not a Tlon project. The more the ecosystem of developers can do here the better. That said, we’ll fill in the gaps to make sure the network isn’t jeopardized.
I think I have to read Christian's email again to actually understand it. But the main thing is just that we'll help move this along and make sure it's realized in the safest way possible. Thanks for posting publicly!
The first and second audits have both been completed now, the results of which are attached.The first audit (the markdown file) didn't turn very much up at all, hence the delay in submitting it here.The second audit is more interesting and definitely worth a read. Would appreciate Phil's take.
On Wednesday, June 2, 2021 at 3:35:29 PM UTC-7 ~ticryn-ritsyd wrote:
Thanks to everyone for the constructive feedback. It looks like we’re set to continue moving forward with the project. I’ll plan to get in touch individually with those who have indicated a willingness to help.Best wishes,Michael
To unsubscribe from this group and stop receiving emails from it, send an email to dev+unsubscribe@urbit.org.
--Michael Hartl
IMO STR-01 is not an issue because I consider sponsoring a star to be a slight liability if they're not paying recurring revenue, but it's good to be aware of in case someone decides to incorporate "number of sponsored stars" into some algorithmic reputation model. It's also a good sign they took a broad examination of the contract implications.STR-02 is a legitimate concern, and they're correct that the Galaxies are the proper deciders of the "exception" of how to recognize that stars are lost and how or whether they should be reclaimed. Galaxies would only even consider reclaiming a star if it was provably lost, for example if some of the STAR token was sent to the 0x0 address. They're able to reclaim stars through an upgrade to the Ecliptic even without any changes to this contract, so I wouldn't change anything.For upgradability, if it became super important to upgrade, it is again possible for the galaxies, through an upgraded Ecliptic, to take the stars in the Treasury contract and give them to a replacement Treasury V2 contract. While the galaxies should avoid being overactive in governance, IMO this is exactly the kind of thing they should be doing: ratifying exceptions to the normal ownership rules when those exceptions don't violate accepted norms of ownership.On Fri, Aug 06, 2021 at 4:13 PM, Josh Lehman <jo...@urbit.org> wrote:The first and second audits have both been completed now, the results of which are attached.The first audit (the markdown file) didn't turn very much up at all, hence the delay in submitting it here.The second audit is more interesting and definitely worth a read. Would appreciate Phil's take.On Wednesday, June 2, 2021 at 3:35:29 PM UTC-7 ~ticryn-ritsyd wrote:Thanks to everyone for the constructive feedback. It looks like we’re set to continue moving forward with the project. I’ll plan to get in touch individually with those who have indicated a willingness to help.Best wishes,Michael
To unsubscribe from this group and stop receiving emails from it, send an email to dev+uns...@urbit.org.
--Michael Hartl