Prohibit setting unreasonable threshold/signers in mutlsig contract
Clarification and motivation
Generic multisig contract in
morley-multisig allows to set some unreasonable and practically useless values in its storage, specifically:
- Threshold equal to 0 – quite useless because then everyone can execute any operation on behalf of the contract. If threshold is set to 0, chances are that it was done accidentally and it is dangerous. So it is safer to prohibit that. If someone really wants to let anyone execute operations on behalf of the contract, they can deploy another contract which explicitly allows that and let it do whatever the multisig could do.
- Threshold greater than total number of signers – if it happens, the contract will be unable to perform any operations, so it should be definitely prohibited.
All multisig contracts we have should not allow to set threshold to 0 or a value greater than total number of signers.