[PROPOSAL][DRAFT] Enable permissioned wasm applications on the hub

I am planning to submit a signaling proposal aimed at introducing permissioned smart contracts on the Cosmos Hub, a significant step toward cultivating a diverse ecosystem of decentralized applications (dApps).

This initiative is strategically designed to position the Cosmos Hub as a thriving center, attracting the best dApps to apply via proposals. The ultimate goal is to transform the Cosmos Hub into the “Apple Store” of trusted dApps, offering an unparalleled platform for users from all connected IBC chains to experience and harness the full potential of the Cosmos.

The Cosmos Hub, true to its namesake, was conceived as the core of activity in the IBC world, envisioned to ensure seamless interoperability among interconnected chains. This remarkable technology led to the rise of multiple chains, many of which adopted the wasm technology developed by the Confio team to further boost development.

Nevertheless, there remained a pressing need to ensure a steady revenue flow back into the Cosmos Hub as IBC does not generate income, prompting the creation of the Inter-Chain Security (ICS) to serve this purpose.

Currently, incentives for using ICS are limited, mostly the potential for funding from the community pool, a token swap and increased project visibility being the primary benefits. Moreover, the imminent arrival of mesh security raises concerns that ICS might become even less enticing as with mesh you retain full sovereignty.

To address these challenges and propel the Cosmos Hub towards becoming the central hub of commerce, we must bring liquidity directly to the hub through permissioned dApps.

The vision behind the Cosmos was to create a decentralized collective of chains, fostering an environment where groundbreaking ideas flourish and exceptional applications are built. The name “Cosmos Hub” reflects the trust placed in it as the mother chain, envisioned to be the epicenter of activity.

However, by solely focusing on ICS chains, the Cosmos Hub risks becoming just one hub among many, almost ignoring the possibility of being a hub to all IBC chains.

By embracing permissioned applications, we will open doors for the best applications from all Cosmos chains to appeal to ATOM holders, seeking approval to run on the Cosmos Hub. This transformation will elevate the Cosmos Hub into the esteemed “Apple Store” of trusted applications, attracting a flow of activity and liquidity to its core.

While IBC itself fosters a system where chains can utilize tools from others, the misalignment of incentives often leads to reinventing the wheel to retain user bases. Such dynamics isolate communities and cause infighting within the broader Cosmos ecosystem. By establishing a trusted dApp store at the hub, each chain can strive to have their dApps accepted and integrated into the interchain, promoting unity and collaboration.

Having permissioned dapps on the hub opens a new world of possibilities to interface with permissionless dapps on other chains which really levels up the potential and will draw in new users from outside the Cosmos as a whole.

Furthermore, we recognize the time sensitivity of this opportunity. As ICS grows, chains that do not adopt it may face increasing detachment from the hub. The forthcoming mesh security introduces additional risks to the hub’s potential. Hence, becoming the central hub of trusted applications translates to becoming the hub of user activity and, consequently, liquidity. This proposals goal it to add the additional feature of permissioned applications to the hub, not altering ICS.

Together, let us support this proposal to unlock the Cosmos Hub’s full potential, cementing its position as the leading destination for cutting-edge dApps and ensuring a prosperous future for the entire Cosmos ecosystem.

Hopefully founders won’t offer airdrops to vote either way on this one.

YES - You wish to enable permissioned wasm smart contracts on the Cosmos Hub.
NO - You do not wish to enable permissioned wasm smart contracts on the Cosmos Hub
NO WITH VETO - You deem this to be spam. If the number of ‘NoWithVeto’ votes is greater than a third of total votes, the proposal is rejected and the deposits are burned.
ABSTAIN - You wish to contribute to quorum but you formally decline to vote either for or against the proposal.

So we all know how this went the last time. What has changed since then?

As I recall, a few of the cited reasons for “no” were:

1. Performance overhead for validators- not sure if this has been improved. I believe Jacob was talking about this on the last proposal.
2. Possibility of chain halts- I know this has been addressed in the ICS context by @jtremback and whether or not this is a real concern like it was previously. How frequent are chain halts on CW chains? Is it even that huge of a deal?
3. Broadly, “Security”- I suppose this is always a concern, but permissioned contracts are only as secure as the devs who write them and the auditor who audits them.

I’m not against it since it gives hub many options and the fact they’d be permissioned like Osmosis and others eliminates some of the concern, but i’m sure there are some who will never be convinced of this being a good thing.

One thing I think needs to be discussed before this would go live is a constitution or agreement about exactly WHAT can be deployed as a contract. For example, would governance/dao tooling be more palatable than something that is on the finance side, possibly manages funds, etc…?

Seems like we are going in circles. Just today, two props on the forum that have been recently rejected. The marketing DAO and this one. Interestingly enough, I am actually pro this. But after 4 years of full time Cosmos, I have come to learn that the chain doesn’t support this idea. Basically, a lot of the citizens are currently concerned with the idea of having AEZ expanded at any cost (which is what’s happening) without looking at other directions of development. As a validator, I believe that we should strive to work together, more so as an ecosystem. Seems to me pointless to try and change the course of development at this point. Anyhoo. Just to point out, I am actually pro this. But don’t see this happening

I fully support this initiative to enable permissioned smart contracts on the Cosmos Hub. It will augment the Hub’s sovereignty by relying less on ICS chains. It will also accommodate mesh security, which in its current shape requires CW. We could envision enabling Mesh as an SDK module but that’s clearly not the right way to implement it and the end implementation would likely be less flexible.

Permissioned CW can also position the Hub as the governance center of the Interchain by bringing tools like DAO DAO that if properly marketed, can attract dozens of DAOs to operate and coordinate directly on the Hub…

I fully support this proposal.

The previously mentioned reasons for voting “no” spanned numerous reasons that have nearly all been debunked or overly exaggerated, imo:

1. Validator Performance Overhead is negligible to the point of irrelevance. The cost-benefit analysis tips more towards the benefits due to ease of upgrading features without coordinating chain-halting governance upgrades. This will also save time and is much more efficient.

2. Chain Halts: Understand that every chain upgrade brings an opportunity for a halt, the risk isn’t unique to the implementation of Cosmwasm. It’s part of the natural risk associated with any upgrade in a blockchain environment. There have been a plethora of rolling upgrades, “planned” halts, and governance chain upgrades (halts) to fix vulnerabilities within the last few months alone for items that were NOT even related to cosmwasm.

The statements of “cosmwasm is a substantial threat to a chain halt” is disingenuous fear mongering, at best, directed at the people who don’t actually run chains.

The issue is people are conflating permissionless cw with permissioned cw. The nature of the latter, being governance-gated, drastically reduces the risk of malicious contract execution. Therefore, the security concern, specifically regarding chain halts, becomes much less of an issue than initially believed.

We have the excruciatingly long 14 day governance period to decide whether or not code should be uploaded to mainnet. I believe we can handle that.

I think that at this point, there are more benefits as opposed to risks with implementing permissioned Cosmwasm. I feel like it’s the right time.

Even if is permissioned wasm, set rule first.

A small constitution?

Will it funded by the hub or what?

Why people will build in a permissioned if they can build in neutron?

in my point a view, this draft proposition need to be work much more with more detail with a plan.

Create a dao about permission wasm in the hub?

I think what would help is providing real examples of what contracts would make sense on the hub. Some may point to Neutron, Duality, etc. as a better candidate for certain contracts, but what would make sense directly on the hub that can’t be accomplished on a consumer chain?

The main one seems to be the CW implementation of mesh security, though there have also been talks about consumer chains themselves being able to join a mesh.

I think something like DAO DAO directly on the hub would make sense. Various working groups like AADAO who serve the hub would then have their own on-chain organizations.

Outside of governance-related things or DAO’s, I struggle to imagine what would make sense directly on the hub, but many out there probably have some ideas.

i mostly agree with this now cw has been battle tested and is well funded for the years ahead.

if i could give some humble advices:

-permissioned is not enough. as we can see on osmosis, closed source code is now uploaded to the chain, even if permissioned. do we want that?
i believe this proposal has to be more restrictive than just “permissioned cw”.

-since Range has just got a grant from AADAO, it would be nice (and reassuring?) to associate them with this eventual integration process, alongside teams maintaining the SDK/the consensus engine/the testnets builds

if i’m being mistaken on some points, happy to be corrected.

o/

fully support this idea. moving to the right direction

We need to decide in what direction we want Hub to proceed.

Are we going to be security providers or do we want to do everything? We can do certain things doesn’t mean we should do those things.

What is the purpose of a neutron then? kick them out they are useless.

the hub should do everything. Have L2 on it. have consumer zones. Be the IBC hub for those zones

I have a different point of view. Whatever HUB does it should be covered from all aspects. We always make uninformed decisions. We have just launched ICS we should be aiming to make it successful not just for the chains but also for all the stakeholders mainly the validators (their losses multiplied because of ICS).

But we want to do everything too quickly to handle.

clock is tiking, maybe the best way for the validator is to increase the tax ( temporaly).

when the ATOM go up, this issue will be solved. Important to grow the Atom value first imo

Hub needs to lead the interchain.
Stop saying low taxes, no friction…
If a consumer chain wants to aligne with the hub, more taxes to he hub and its validators had to be recuired

15% for stride rise to 30%
25% neutron rise to 50% for exemple.

With a default IBC fee token in ATOM in the AEZ

From my perspective as a developer working on the Hub: Permissioned CosmWasm is just another programming language.

I agree that we should use it if we need it to enable some functionality, but I do not agree that the Hub should become a catch-all platform to launch new CosmWasm projects. That is what Neutron is for.

As it happens, we will need CosmWasm to enable some upcoming functionality: Mesh Security.

Mesh Security will be great for the Hub, and will enable the Hub to secure projects that are not a good fit for Replicated Security. You can read more about my views on this here.

Once Mesh Security is ready, there will be a proposal to enable it on the Hub, including installing CosmWasm so that it can run. But the fact that it uses CosmWasm is an implementation detail.

IMO, if there is something that uses CosmWasm that people want to see on the Hub, they should make a proposal for that specific thing, and mention that it will run on CosmWasm. Until then, I don’t see the rush to install it and then not run anything on it.

People from all chains would submit their best dapps to be on the Cosmos ‘Hub’.

They can build on Neutron, but why not on the hub where Atom Holders own the chain?

Atom holders only own a tiny minority of Neutron so having permissioned smart contracts on the hub itself is a way to filter the best development upwards towards the hub (from all chains - ICS and Mesh), making it an actual hub.

Neutron early backers and founders holding such a large token share means the Hub putting serious contracts like DAODAO for governance on it is kind of risky. Not to mention they can always leave ICS in the future if better rewards exist elsewhere for their token-holders.

neutro1286×665 11.9 KB

A detailed implementation proposal would follow, assuming governance passes this signal proposal.