Author: @alain_ncls @goinfrex
Title: Make Testnets Permissionless
Type: Verax Improvement Proposal
Abstract
We propose to make instances of Verax across testnets totally permissionless. This includes Linea Sepolia, Arbitrum Sepolia, and Base Sepolia, as well as any future testnet deployments.
Overview of Proposal
Currently developers that want to experiment with Verax need to seek to have their wallet addresses added to the issuers list on the testnet instance. This usually involves reaching out to one of the devs on Discord. This introduces an overhead and a delay in getting started, and generally just adds unnecessary friction to the process. This proposal aims to remove that friction and to make it much easier for developers to get started and to experiment.
Motivation
The rationale behind making Verax permissioned was originally 2-fold:
- It avoids schema spam, whereby there are thousands of schemas, most of which aren’t’ used, many of which are duplicates, and which are poorly formed and lack any helpful metadata.
- Avoids any issues around “PII-poisoning” where malicious or unsolicited attestations regarding natural persons makes its way onto an public, permissionless, immutable ledger.
Note that in this case the mainnet instances of Verax are semi-permissioned but decentralized. They are semi-permissioned in that once an issuer is onboarded, they have full control over what they issue. It’s decentralized insofar as the issuer onboarding is under governance, and as more issuers are added, the size of the voter set grows.
While there is an argument for making all instances of Verax completely permissionless, this warrants much more debate, and so this proposal seeks to make testnets permissionless for now.
Technical considerations
Testnet instances can still be subject to PII poisoning attacks, and this is something to consider. That being said, testnets see much less visibility than mainnet, and thus any erroneous information would likely be swallowed up by testnet noise and go unnoticed. This data is not usually indexed by any dapps and has no integrations with third party services, and is only really used for dapps for development and testing before mainnet deployments. Furthermore, testnets have their own life cycle, and usually only last for a certain amount of time, and the data is not expected to be available in perpetuity.
We could even consider regularly re-deploying a fresh instance of the Verax Registry on testnets, to aim for even shorter cycles of data.
Expected Timeline
We would like to take action on this within the next two months, if not sooner.
Design Considerations
In order to maintain codebase parity, we would need to introduce a feature toggle to the PortalRegistry so that we can toggle off the issuer list check. This would mean that the contract owner can set a flag that turns off checking if an address is on the issuer list when attempting to register a Portal, Module or Schema.
In the PortalRegistry:
function isIssuer(address issuer) public view returns (bool) {
// TODO: add feature toggle
return issuers[issuer];
}
Then, we’d need a function to toggle the feature on and off.
Next Steps
Next steps are for stakeholders to review and comment on this proposal, and suggest any changes or amendments as necessary. Following a period of discussion, then we will need to create user stories for the deliverables described above. Critically, we will need to agree on when to vote on this proposal in order to proceed with the implementation, especially on the core contracts