SIP-151: Migration Contracts for Upgrades

Author
Discussions-Tohttps://research.synthetix.io
StatusImplemented
Created2021-06-21

Simple Summary

The creation and use of solidity contracts to perform smaller upgrades of the protocol atomically.

Abstract

In order to reduce protocol downtime, this SIP proposes the creation of migration contracts - for example - which would be given temporary ownership over the requisite contracts to do the protocol upgrade, before relinquishing back to the protocolDAO.

Motivation

The current architecture of Synthetix is quite intricate. While many newer contracts rely on the AddressResolver which can be updated atomically, many older ones still require manual updates each time a core contract is upgraded (Proxy.setSynthetix or TokenState.setAssociatedContract). In order to prevent data corruption caused by users intereacting with the protocol in between these upgrade steps and potentially losing funds, the protocol suspends the system completely before the upgrade and resumes it once complete. Due to the nature of SNX being locked in place rather than being sent to the protocol, this requires even the suspension of SNX transfers during upgrades - which is very problematic for centralized exchanges such as Coinbase.

In order to bundle these transactions together into a successful migration, once created the migration contract must be given ownership at the beginning of the transaction. While ownership transfers are rudimentary, the potential for loss of the system is very high - if ownership is not relinquished back to the protocolDAO at the end of the transaction, then potentially the system can no longer be upgraded. Thus these migrations must be carefully analyzed by both Protocol Engineers and auditors.

Specification

Overview

To add a step to the deploy script within Synthetix to auto-generate a migration contract which will upgrade the protocol atomically (in a single transaction).

Rationale

The deploy script in Synthetix performs deployment of all new contracts and connects the new contracts to the existing ones. This process can be tweaked to generate solidity code to perform all necessary tasks.

Technical Specification

The deploy script will need a new flag --generate-solidity and will need to be tweaked to generate the upgrade as solidity code without actually performing the upgrade itself.

Implementation proposal: https://github.com/Synthetixio/synthetix/pull/1313

Test Cases

TBD

Configurable Values (Via SCCP)

N/A

Copyright and related rights waived via CC0.