Guardians

Problem

When issues occur—such as performance problems, critical bugs, or malicious attempts—Thunderhood must have a plan in place to (i) mitigate the risk of contagion and (ii) minimize the impact of the event, including potential loss of funds.

Simply shutting down the frontend or user interface is often insufficient, as it does not stop bots or other automated systems from continuing to operate.

Solution

The Guardians are designated NEAR addresses with the authority to pause the main contract <contract> . They play a crucial role in the fail-safe procedure, capable of acting in response to certain types of failures.

Events or situations they might address include, but are not limited to:

Ongoing attacks or exploits
Critical bugs discovered in production that have not yet been exploited
Releases or deployments that introduce potential security vulnerabilities

Procedure

Prerequisite

The Guardians MUST know how to handle the NEAR Command-Line Interface (CLI).

Process

Process Owner: The Guardian

Identify a situation that necessitates pausing the contract <contract>.
Verify the facts or situation thoroughly.
Notify the other Guardians.
Pause the contract <contract>.
Inform the Team and the contract owner.
Notify the Community.
Determine the steps required to reactivate the contract <contract>.

Only the contract owner can reactivate <contract>.

Anyone can view the list of Guardians by calling the following view method via CLI:

For more information, please refer to:

PreviousDeployer/Owner NextTerm and Service

Last updated 2 months ago