Overview
Last updated
Last updated
Running on the PUT chain, Multi-sig contract deployment defines and realizes a common multi-sig service, which provides online multi-sig service for contracts.
Contracts that need to access multi-sig can call the multi-sig program through CPI (Cross Program Invocation), while the private keys required for multi-sig are stored separately to avoid severe security problems caused by private key leakage.
Multi-sig contracts mainly provide interfaces for creating multi-sig accounts, creating proposal accounts, as well as proposal voting and proposal verification.
CPI calls the interface for multi-signature contracts, which we call the multi-signature interface.
The normal flowchart for a multi-signature interface to access a multi-signature contract is roughly as follows.
Create a multi-signature account
Get the address for multi-signature accounts
Contract developers bind the multisig interface to a multisig account (decide which multisig account to use when developing the multisig interface)
Account Alice initiates the first multi-signature interface call
A transaction proposal is created on the first call and an account is created in the multi-signer by means of a Cross Program Invocation. The content of the transaction proposal is defined by the contract developer, and we recommend that the proposal outlines the user's actions (the proposal content for an A -> B transfer transaction can be written as "Alice (the proposal initiator) init a A transfer 1 PUT to B proposal.")
Alice gets the address of the proposal account and gets the successful response of execution
Alice, the initiator of the transaction, informs other signatories of the proposal address (proposal_address) offline, and other signatories can vote after viewing the proposal
After the proposal is approved, Alice initiates a second multi-signature interface call
The multi-signature interface method verifies that the proposal has passed by calling the multi-signature contract through Cross Program Invocation
If the proposal is approved, the multi-signature interface starts executing the real contract logic
Return a successful response
You can see that multi-signature contracts actually increase the complexity of the multi-signature interface, mainly because methods that were called once now need to be called twice by the initiator.
However, multi-signature makes the contract interface more secure. From a security point of view, it is worth increasing code complexity.