openzeppelin / defender-docs Goto Github PK
View Code? Open in Web Editor NEWSecurity Management to Protect the Open Economy
Home Page: https://openzeppelin.com/defender
Security Management to Protect the Open Economy
Home Page: https://openzeppelin.com/defender
Will be introduced by: https://github.com/OpenZeppelin/defender/pull/2727
We're seeing this question pop up multiple times (eg see here), which is expected since most libraries in the Ethereum ecosystem produce consistently the same signature for the same payload. Let's add this to the documentation of Relayer, as well as to the documentation of the sign
function in the relayer package.
Hedera sentinels will be supported in this coming release. The docs should reflect this.
Currently the instructions don't include what to press and the screenshot doesn't show what to press.
https://docs.openzeppelin.com/defender/guide-keep3r#activate_your_relayer
Also need to add a note and link in the Bond your relayer section that users need to Activate. As suggested in the forum:
https://forum.openzeppelin.com/t/is-there-a-way-to-connect-a-relayer-to-the-keep3r-dashboard/4622/4?u=abcoathup
Write a guide on how to detect state changes using Forta Sentinels. As an example for the guide, write an agent that detects when the balance of LINK for an account goes below 1e18. Use this example for inspiration.
We should include a link to how to publish a Forta agent, the sample code for the agent, and the step-by-step on how to ingrate it in Defendr via Sentinels. Bonus points for connecting it to an Autotask that re-fills the target account using a Relayer.
When using autotask conditions with Contract Sentinels you can populate the metadata field and pass it to the autotask notification function. This is quite useful, but where to find that field is not correctly shown in the docs.
According to the docs, it shows that the metadata field should be inside the matchReasons of the event. But it is actually coming as a separate field in the event.
Here’s a gist showing the difference
Currently, we release on every push to the main
branch: https://github.com/OpenZeppelin/docs.openzeppelin.com/blob/ded24596d5b6ac3ae618e96d518906a177dc9f95/playbook.yml#L62
Since many documentation PRs pertain to new features/changes in the main Defender app or defender-client packages, this produces somewhat of a clunky process where we need to merge multiple docs PRs only after the app is released and can result in accidental releases (or non-releases).
Many of the other docs.openzeppelin.com feeder repos release based on a different branch than main
such a v-*
(pushed when a new version is released). We should do something similar in Defender. Ideally we would add minimal requirements to the existing release process.
Add an explanation on how to use the new Withdraw Funds and Send Transaction actions in the Relayer documentation
Sentinel and relayer API documentation currently does not contain the custom mapping prefix as described in: https://github.com/OpenZeppelin/defender/issues/2647
Currently API calls to those endpoints will fail.
This should include:
It should be noted that Admin and Relay are behind a feature flag
Can not find in the documentation how to manage upgrades on Diamond contracts with a multisig. Is there a way to call the method diamondCut directly?
New feature was added in:
defender
: https://github.com/OpenZeppelin/defender/pull/2563
defender-client
: OpenZeppelin/defender-client#99
The new endpoints should be added to: https://docs.openzeppelin.com/defender/autotasks-api-reference
We've received requests for sending private txs (ie txs not visible on the mempool, so they cannot be frontrun) via Admin (also via Relayer, but that's a different story). Since txs in Admin are sent from the user's wallet, this can be done just by configuring the Flashbots Protect RPC endpoint on Metamask as described here.
Write a short guide explaining why private txs are useful, linking to Flashbots Protect guide on metamask setup, and showing an example of executing a multisig action using the Protect endpoint.
I'm using defender and hardhat for my project that uses a Transparent proxy.
Currently, our multisig is the owner of our proxy therefore, a proposal must be made before upgrading the implementation contract.
When creating a proposal, I do not see an option to pass initializer arguments.
Here is my hardhat task :
task("propose-multisig-upgrade", "Propose a new updated contract to be upgraded via multisig")
.addParam("proxy", "Address of the proxy")
.addParam("name", "Name of the updated implementation contract (must be existant in artifacts)")
.setAction(async (taskArgs, hre) => {
try {
const NewImplementation = await hre.ethers.getContractFactory(taskArgs.name);
console.log("Preparing proposal...");
const proposal = await hre.defender.proposeUpgrade(taskArgs.proxy, NewImplementation);
console.log("Upgrade proposal created at:", proposal.url);
return proposal.url;
} catch (error) {
console.log(error);
}
});
Is there a work around for this?
PS : I do not want to deploy the implementation before hand manually then propose the upgrade.
Thank you in advance.
The metatx guide currently uses the MinimalForwarder contract as an example. However, this contract was removed in OpenZeppelin/openzeppelin-contracts#4346.
I believe it would be beneficial to update the documentation and utilize ERC2771Forwarder.sol instead.
If you agree with this suggestion, I can create a pull request with the necessary changes
The link of "reach out to us" at the bottom of the available networks section is sending me to https://www.openzeppelin.com/defender-2.0-feedback and gives a 405 page not found error.
If there is any other network or layer-2 solution you would like to use from Defender 2.0, please reach out to us!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.