PoA Manager Contract
Understanding the PoA Manager contract and why it simplifies multi-sig governance
Why Another Contract?
You might be wondering: Why do we need a PoA Manager when we already have the Validator Manager?
The short answer is: you don't have to use it. The PoA Manager is an optional convenience layer that makes multi-sig operations significantly easier.
The Problem with Direct Multi-Sig Ownership
When you transfer ownership of the Validator Manager directly to a multi-sig wallet (like Safe), you encounter several challenges:
1. Complex Transaction Building
Multi-sig wallets like Safe need to construct transactions that call the Validator Manager's functions. Each validator operation (add, remove, change weight) requires building complex calldata with:
- Node IDs
- BLS public keys
- Owner structs
- Weight parameters
2. Multi-Phase Operations
Remember from the previous chapter that validator operations are two-phase:
- Initiate on the L1/C-Chain
- Complete after P-Chain confirmation
With a direct multi-sig setup, each phase requires a separate multi-sig transaction approval, doubling the coordination overhead.
3. Parameter Complexity
The Validator Manager functions take complex parameters like PChainOwner structs. Building these correctly through a multi-sig UI is error-prone.
The PoA Manager Solution
The PoA Manager acts as an intermediary contract that simplifies multi-sig governance:
How It Works
- Ownership Transfer: The Validator Manager's owner is set to the PoA Manager contract
- Multi-Sig Control: The PoA Manager itself is owned by your multi-sig wallet
- Simplified Calls: The PoA Manager exposes simpler function signatures that the multi-sig can easily call
Key Benefits
| Aspect | Direct Multi-Sig | With PoA Manager |
|---|---|---|
| Transaction Complexity | High - complex calldata | Low - simple parameters |
| Error Risk | Higher - manual encoding | Lower - contract handles encoding |
| Upgrade Path | Difficult | Easier - only update PoA Manager |
| Default Parameters | None | Can set sensible defaults |
PoA Manager Contract Structure
The PoA Manager contract is designed to be a thin wrapper around the Validator Manager:
contract PoAManager is Ownable {
IValidatorManager public immutable validatorManager;
constructor(address _owner, address _validatorManager) {
_transferOwnership(_owner);
validatorManager = IValidatorManager(_validatorManager);
}
// Simplified validator operations
function addValidator(...) external onlyOwner { ... }
function removeValidator(...) external onlyOwner { ... }
function changeValidatorWeight(...) external onlyOwner { ... }
}Is PoA Manager Required?
No! You can absolutely transfer Validator Manager ownership directly to a multi-sig. The PoA Manager just makes the multi-sig experience smoother. For simple setups or if you're comfortable building complex transactions, direct ownership works fine.
Architecture Overview
Here's how the complete multi-sig setup looks:
In the following sections, you'll set up this architecture step by step:
- Create an L1 with VMC on C-Chain
- Set up a Safe/Ash wallet
- Deploy the PoA Manager
- Transfer ownership through the chain
Is this guide helpful?
