Discussion surrounding the instant upgradability of zkSync and exploration for ways to incorporate the community into the upgrade process

Recently Matter Labs has decided to make the following change to the upgradeability policy of zkSync:

I think it would be good to have a thread on this forum where the community could have somewhere to put ideas about ways to potentially include the community in the protocol for instant upgrades to be made, or alternatively to mention ways in which the upgradability protocol could be strengthened and made more resilient than relying on 9 people (9 out of 15) and the security of their private keys (I’m not suggesting that the multisig members do not have good opsec, rather that it’s a small number of people to secure a network such as zkSync against a motivated malicious actor, especially when a malicious actor may be on a nation-state level).

Ultimately, I do not mean to make this a thread about the potential pitfalls of a 9/15 multisig for zkSync but rather seek to provide a forum where ideas are free to be placed regarding improving the security of the upgradability process.

1 Like