Summary
Implement a small module which allows some authorized addresses to shut down module execution paths when security vulnerabilities are discovered.
Problem Definition
Circuit breakers have been discussed before #926 but never implemented. Essentially, we need a way to shut down critical exploit paths of security vulnerabilities ASAP before they can be exploited.
Proposal
I propose a very minimum viable circuit breaker module with the following features:
- a list of approved circuit tripper/reset addresses (optionally scoped to specific
Msg execution paths)
- a method to trip the circuit breaker and disable a list of
Msg execution paths in the ante handle, or even disable all Msgs
- a method to reset tripped circuit breaker paths
- methods for governance to add and remove circuit tripper addresses
- standalone go module that works with v0.45.x+ so this can be integrated ASAP
In the future, we can iterate and add more advanced features, but what is proposed above can be implemented and released relatively quickly.
Summary
Implement a small module which allows some authorized addresses to shut down module execution paths when security vulnerabilities are discovered.
Problem Definition
Circuit breakers have been discussed before #926 but never implemented. Essentially, we need a way to shut down critical exploit paths of security vulnerabilities ASAP before they can be exploited.
Proposal
I propose a very minimum viable circuit breaker module with the following features:
Msgexecution paths)Msgexecution paths in the ante handle, or even disable allMsgsIn the future, we can iterate and add more advanced features, but what is proposed above can be implemented and released relatively quickly.