Aggregation ISM

Aggregate security from multiple ISMs

Developers can use an AggregationISM to combine security from multiple ISMs. Simply put, an AggregationISM requires that m of n ISMs verify a particular interchain message.

Interface

AggregationISMs must implement the IAggregationIsm interface.

// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.6.11;

import {IInterchainSecurityModule} from "../IInterchainSecurityModule.sol";

interface IAggregationIsm is IInterchainSecurityModule {
    /**
     * @notice Returns the set of modules responsible for verifying _message
     * and the number of modules that must verify
     * @dev Can change based on the content of _message
     * @param _message Hyperlane formatted interchain message
     * @return modules The array of ISM addresses
     * @return threshold The number of modules needed to verify
     */
    function modulesAndThreshold(bytes calldata _message)
        external
        view
        returns (address[] memory modules, uint8 threshold);
}

Configure

The hyperlane-monorepo contains an AggregationISM implementation that application developers can deploy off-the-shelf, specifying their desired configuration.

Developers can configure, for each origin chain, a set of n ISMs, and the number of ISMs needed to verify a message.

AggregationISMs can aggregate the security of any ISMs. For example, users can deploy a Multisig ISM with their own validator set, and deploy an AggregationISM that aggregates that ISM with the Hyperlane default ISM.

The hyperlane-deploy repo contains the tooling and instructions needed to deploy and configure an AggregationISM.

Customize

The hyperlane-monorepo contains an abstract AggregationISM implementation that application developers can fork.

Developers simply need to implement the modulesAndThreshold() function.

By creating a custom implementation, application developers can tailor the security provided by a AggregationISM to the needs of their application.

For example, a custom implementation could require that low value messages be verified by a Multisig ISM, and require that high value messages also be verified by a Wormhole ISM.

Last updated