Hey developer community,
It took over 6 months but upgradeability for Secret contracts is back on the top of the list after much design consideration was put into it and other issues and requirements were solved.
The method most agreed solution to upgradeable contracts seemed to have been D but unfortunately due to technical complexity this wont really be an option. - Verifying governance outcomes is an untrusted data problem not solveable with the current verification (light-client etc.) stack.
This is why Labs has thought of a method that works similar but different and would love to get some final comments and feedback before implementing.
- New contracts will be upgradeable based on admin-key choice similar to vanilla cosmwasm contracts. - Please follow best practices to minimize privacy and value risk to users.
- old contracts may become upgradeable but there is only one moment at which people can decide to do this and it will be shortly before the upcoming upgrade after which a signalling proposal for it has to pass on SCRT governance. Contract hashes will be matched to the chosen admin key and added to a list which will be hardcoded inside the enclave to reference. From the upgrade moment there-after all these contracts will have upgradeabillity similar to vanilla cosmWasm, all other old contracts will remain non-upgradeable indefinitely.
After this post i will get in contact with all dApp teams on Secret to collect potential upgradeable contracts alongside an address, its security scheme (multisig, dao etc) and the reason for wanting this feature. I will make a strong suggestion to all dApps to take this security matter very serious and only opt-in for this feature if really required. SCRT governance will have to decide upon the final list for all contracts + admins.
A timeline for the coming upgrade (v1.10) has not yet been set but id expect it no sooner than end of August.
Please don’t hesitate to contact me directly or reach out here with any questions.
Best regards,
Gijs - Ertemann