��# Issue 22: Add Multi-Signature Approval for Critical Operations
Problem
Critical operations (admin rotation, result publication, pause) require only one admin. No safeguard against rogue admins.
Solution
- Add
Approver address list to contract state
- Implement
approve_operation(operation_id, approver_address) function
- Require M-of-N approvals (configurable) for critical operations
- Store approval history in events for audit trail
Implementation Tasks
Note for Contributors
This is a security and governance feature for decentralized control. Define critical operations: admin rotation (Issue #7), result publication, contract pause (Issue #21), upgrade scheduling (Issue #19). Require M-of-N approvals for these operations where M is typically 2-3 and N is the number of approvers. Store the approver list in contract state and allow admin to manage it. When critical operation is triggered, create a pending operation ID and store approval count. Accept approvals from approvers only. Execute operation only after reaching M approvals. Operations must include operation ID, operation type, and parameters. Emit approval events with approver address for governance transparency. Support canceling operations if not yet approved. Consider time-limits on pending approvals (e.g., expire after 7 days).
��# Issue 22: Add Multi-Signature Approval for Critical Operations
Problem
Critical operations (admin rotation, result publication, pause) require only one admin. No safeguard against rogue admins.
Solution
Approveraddress list to contract stateapprove_operation(operation_id, approver_address)functionImplementation Tasks
approve_operation()functionconfigure_approval_threshold(m, n)(admin only)Note for Contributors
This is a security and governance feature for decentralized control. Define critical operations: admin rotation (Issue #7), result publication, contract pause (Issue #21), upgrade scheduling (Issue #19). Require M-of-N approvals for these operations where M is typically 2-3 and N is the number of approvers. Store the approver list in contract state and allow admin to manage it. When critical operation is triggered, create a pending operation ID and store approval count. Accept approvals from approvers only. Execute operation only after reaching M approvals. Operations must include operation ID, operation type, and parameters. Emit approval events with approver address for governance transparency. Support canceling operations if not yet approved. Consider time-limits on pending approvals (e.g., expire after 7 days).