Dstack Governor - dev tools for the Onchain-KMS

[amiller]

We are missing smart contract templates and release management tools for maintaining production TEE applications using an On-chain KMS .

The purpose of on-chain KMS is to enable TEEs to use smart contract security processes. Without this, the application developer is a single point of failure, since they can apply harmful software updates.

1. On the smart contract side, we can get pretty far just by copying existing patterns from OpenZeppelin Bravo. Basically the process consists of a) a notice period, and b) a security council that can veto or delay the proposal.

2. On the DevEx side, we need command line tools and/or a web interface to make proposals, and for a security council to review and reject updates if needed.

3. Documentation and guidance for the social layer, including the upgrade review process that the security council is supposed to oversee.

References:

• How to set up on-chain governance
• From Stage 0 to Stage 1: Security Council Best Practices in Rollup Governance