Caravan: A shared wallet for everyday adventures
Project description
Overview
Ruffsack: A rugged multisig wallet for everyday adventures
Design
Ruffsack is a simple, yet flexible, multi-owner smart contract wallet designed for high-value, day-to-day activities. It is designed to support multiple users (up to 11) working together to co-sign and execute important transactions.
Out of the box, Ruffsack is designed to be used via RuffsackProxy,
which is a simple, upgradeable forwarding proxy that calls (via delegateproxy)
to a singleton deployment of Ruffsack.
It is only designed to be used via the Proxy, as it is intended to be a long-term stateful contract containing important assets
that we don't want to lose when upgrading to a newer version of the code.
The singleton deployment is deployed once per chain and is used as that chain's official copy of that particular version.
The versioning of this repo matches the versioning of the deployments on-chain, where the git tag should match 1:1 to
the value of VERSION() on the singleton (as well as your personal proxy).
To create a new Ruffsack, this project has a simplified factory RuffsackFactory
intended to serve as the officially recommended way to create new instances of the proxy contract.
It also serves as the official registry of released versions, allowing users to discover new releases to upgrade to purely on-chain.
Proxy instances are deployed using CREATE2 with a salt chosen by the initial
set of signers, initial signer threshold, and a user-specifiable tag (which allows the creation of multiple wallets per combo).
This makes it possible to recreate the same Ruffsack on multiple chains, without worrying about having a specific nonce.
There are two types of EIP712 structures used within Ruffsack: Update and Execute.
They are designed to ensure that only important administrative updates occur via Update,
and common, non-admin transactions occur via Execute.
This is done to create a physical separation between critical, configuration-modifying transactions, and non-critical ones.
It is highly recommended to downstream signing infra that works w/ Ruffsack to create a clear UX distinction between
these two types of calls, making it clear that critical actions can impact the operational safety of a Ruffsack.
[!NOTE] The way that signatures are collected to be placed on-chain is out of scope for this specification.
Additionally, both types of transactions have "Guards" which are 3rd party contracts that should implement pre- and post-execution
checks on their respective transaction types.
Use cases for Guards can include (for admin Updates) adding timelocked update restrictions, blacklisting certain addresses,
or (for normal Executes) adding per diem limits on asset transfers, restricting calls to certain contracts, etc.
Having two separate Guards, one for each transaction type, is useful because an Execute Guard being non-functional does
not represent an existential threat to the operation of the wallet, only with an Update Guard.
This should encourage the use of Guards for proper operation of the wallet in day-to-day operational scenarios,
increasing overall safety when using Ruffsack.
Finally, Ruffsack implements "Modules" which are contracts that can be enabled in the wallet (through an Update action)
that are allowed to bypass the signer signature check when commiting arbitrary Execute transactions.
This functionality is extremely useful for adding automation to your day-to-day operations, making your operation of the
wallet safer and less prone to social engineering exploits.
[!NOTE] Technically, while it is possible to use Ruffsack for a "personal" multisig (where you own all the signers on the wallet), it is suggested to make use of something like
Purse(with a secure cold wallet instead) to add automation and advanced capabilities to your personal, high-valued wallets.
Ruffsack is inspired by Safe Smart Account.
Contributing
This project is written in Vyper.
This project uses ape to compile, test and script it.
See the Installation Guide for help installing it.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file caravan_py-0.1.0.tar.gz.
File metadata
- Download URL: caravan_py-0.1.0.tar.gz
- Upload date:
- Size: 236.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.17 {"installer":{"name":"uv","version":"0.9.17","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Fedora Linux","version":"43","id":"","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fdbd75c72956081f5aa3003fec5d800fd5f397f091e7a998870f5ebecd5423f3
|
|
| MD5 |
f5f15c0fad95b6f33d6af851d0516dc2
|
|
| BLAKE2b-256 |
bd5c237eef5c72b9e0f3090c625907d6f4df6dc9efa134e6473e9766752b0c61
|
File details
Details for the file caravan_py-0.1.0-py3-none-any.whl.
File metadata
- Download URL: caravan_py-0.1.0-py3-none-any.whl
- Upload date:
- Size: 79.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.17 {"installer":{"name":"uv","version":"0.9.17","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Fedora Linux","version":"43","id":"","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e3ad79c5fde02dacef65b7fccb6b848e8c463b65e8f72b218431e3eaecfadd26
|
|
| MD5 |
3dc8b1c40592aab0a6844f29edf98c75
|
|
| BLAKE2b-256 |
7406a3e201f936ae66e96def8b250cf4fd52807a19ce7a157770cddb7c3e13f3
|
