Document Contract Relationship and Migration Strategy #361
Description
Done Criteria
- Document the current relationship/coupling between various contracts.
- A visual here would help.
- It would be good to include details about which contracts are upgradeable due to proxies.
- For each of the main components (PDP Verifier, Filecoin Pay, and Filecoin Warm Storage Service) answer, "If there were a flaw in *this* piece, what then?"
- From those “what then?” analyses, propose concrete migration mechanisms (even if they’re manual at first):
Why Important
We want to identify where the story is so bad that we actually need contract design changes now because we wouldn't want to be operationally exposed later..
Notes
Examples to think through and document:
- If PDP Verifier’s proof system has a security bug and we need a new PDP Verifier:
- What happens to existing deals/verifications?
- How do we link new verifier(s) to existing or new warm storage?
- If Warm Storage needs a v2:
- How do users move data / authorizations / balances?