Archived

JBP-null: Extend Multisig’s permission to set TokenUriResolver till end of April 2023

Author

Anon

Cycle

loading

```
Author: Nicholas Date: 2022-03-10
```

Synopsis

Extend the multisig’s permission to set the TokenUriResolver till the end of April 2023.

Motivation

The TokenUriResolver gives metadata to JB Projects. After significant review and improvement from the contract crew, the v1 token resolver is finally working on testnet and ready to ship. This proposal will extend the permission the DAO gave the multisig to set and change the TokenUriResolver in JBP-321.

Specification

Grant the multisig permission to set and change the tokenUriResolver. Nicholas, Jango, DrGorilla, Ba5ed, and Viraz will communicate with the multisig to update the tokenUriResolver until the end of the specified term as they deem necessary. 

Transfer ownership of the TokenUriResolver contract to a 3/5 multisig composed of Nicholas, Jango, DrGorilla, Ba5ed, and Viraz, to deploy iterative upgrades to the DefaultTokenUriResolver – which provides the default metadata to projects that do not set custom resolvers – until the end of June 2023. As owner of this contract, the multisig will only be able to update the default resolver with richer visuals, metadata, and theme customization. 

Rationale

Finalizing the v1 of the token resolver has taken longer than anticipated and was deprioritized several times as it does not directly generate revenue or adoption of JB. Nevertheless, in the past few weeks a flurry of dev activity has led to 1) a version of the contracts that we are ready to launch, and 2) several ancilliary contracts that will support further onchain token metadata development. 

This proposal extends the multisigs permission to set the TokenUriResolver -- a permission which has not been used thus far – so that this element of the protocol can be brought to fruition. It also grants a new multisig composed of contract crew an extended time limit to update the default renderer, because there are several improvements that can be made to the default metadata without changing the core TokenUriResolver contract.  

Risks

The tokenUriResolver could be used to deploy bad metadata that is deceptive or underwhelming. In the extreme worst case, the tokenUriResolver could enable malicious wallet interaction in unsafe NFT metadata browsers — though OpenSea and other major marketplaces have protections in place to remove this threat vector.

Timeline

Grant open ended permission to the multisig to update the tokenUriResolver until the end of April 2023.

The tokenUriResolver is a low stakes parameter of the protocol. Granting open ended permission to the multisig to update it poses no major threat to the security or usability of the protocol, and gives JBDAO’s devs the opportunity to improve the tokenUriResolver contract iteratively.