Hi mate, ICL is used for Fee Rate Strategy Orders, IDO Proposal Voting, OAMM Creation Proposals, VIP-maker Qualification Proposals, and Project Governance, etc. Refer to Section 4 of the whitepaper for details.
1 Like
The team will open the conversion portal after the launch of the sns, so stay tuned for our latest news.
1 Like
thanks for the clarification.
Thanks for the clarificationā¦
Dear ICLighthouse team,
Iām curious why one of the SNS dapp canisters 7vkf4-jqaaa-aaaaj-azrua-cai has a self-authenticated principal as one of its controllers.
Dfinity team - are you aware of this? @tiago89 @domwoe
Are there any other SNS projects with this vulnerability?
@GeekFactory is there any chance the āsnsGeekā portal could make this information more transparent?
Thanks for the reminder, the developer was temporarily added as a controller due to a previous upgrade that required manual action, we have now removed the controller
Thanks.
How is it technically possible to add an additional controller? Is the only way to do this through an SNS proposal?
1 Like
If it is this easy to grant control over a canister managed by a DAO, especially in projects like ICLightHouse and other SNS initiatives that handle usersā assets, what safeguards are in place to prevent misuse? Specifically, how can we be sure that a developer with temporary access wonāt exploit this control to take all the usersā assets? This situation raises significant concerns about the security and integrity of user funds in these projects. What measures are being implemented to prevent such vulnerabilities in the future?
Just to clarify, for any canister (sns or anything else), only controllers are allowed to add and remove controllers as per the IC spec.
So the developer could only have been added by any existing controller, in this case probably through an SNS vote (where SNS is the controller).
Iām more curious why a developer needed to be temporarily added as controller, since a canister can already be upgraded through the SNS (by vote). Was there anything missing that couldnāt be done through the SNS?