In the light of ErgoHack III going on, I am revising different known contracts regarding privacy.
One of the most unknown things still, unfortunately, is how treasury contract is done. And there are some interesting things here. One of them is updateable threshold scheme, which can be interesting per se.
Treasury contract is done in ErgoTree, as ErgoScript was not available back then. In ErgoScript, the general idea can be expressed as:
{
val selfOut = OUTPUTS(0)
val sameScript = selfOut.propositionBytes == SELF.propositionBytes
val sigScript = SELF.R4[SigmaProp].get
sameScript && sigScript
}
So the script is ensuring that the template is stored (in OUTPUT #0), and a condition to spend the box is stored in register R4 actually. Register type is of [SigmaProp], which means a trivial boolean value (true/false) or a statement provable via a sigma protocol. In case of Treasury contract, the value is
0e6f98040483030808cd039bb5fe52359a64c99a60fd944fc5e388cbdc4d37ff091cc841c3ee79060b864708cd031fb52cf6e805f80d97cde289f4f757d49accf0c83fb864b27d2cf982c37f9a8b08cd0352ac2a471339b0d23b3d2c5ce0db0e81c969f77891b9edf0bda7fd39a78184e7
which is AtLeast(2, Coll(Pk_A, PK_B, PK_C)) condition, so threshold signature requirement, written into register as a byte array.
So currently the Treasury is protected by 2-out-of-3 signature , where ring members are initial core developers, but the protection can be updated.
Similarly, updateable protection can be useful for DAOs, offchain banks, and other contracts.