Proposal: COW-specific Smart Contract Wallet with 2 keys with differing roles (withdraw+trade)

Please create this COW-specific Smart Contract Wallet. I can’t.
The idea is that it’s managed by 2 keys: 1 for trading and 1 for withdrawing.
The “withdraw” key can (1) send/withdraw the funds to any external wallet, (2) add ERC20 tokens to a whitelist, (3) Update the “trade” key. — The “withdraw” key is kept in cold storage.
The “trade” key can trade any of those whitelisted ERC20 tokens into any other whitelisted ERC20 token. — The “trade” key can be a hot wallet. If it gets compromised the worst the attacker can do is initiate a bunch of trades.

There’s probably some added complexity with “allowing to spend”, but that’s besides the point. Perhaps the allowance should be granted at the same time the “withdraw” key adds a token to the whitelist.

Interesting idea. Something like this can already be done with a combination of Safe, a transaction guard, and a Safe module. I think this may be a little orthogonal to CoW Protocol and whose implementation is a bit of a niche case. Thanks for the idea though!

Interesting that it can already be done with transaction guards, but configuring that is over my head. I agree it’s kinda orthogonal to COW Protocol, but unless such a smart wallet comes 100% configured and ready to use out of the box, it’s going to out of reach for many (myself included).

I could easily get a prototype of it by just asking ChatGPT to generate one… but securing and auditing it is another story and out of my depth.

I for one would trade much more frequently if I didn’t have to warm up my cold wallet every time. I suspect there are others out there who would trade more too, since COW’s users are above average in intelligence/skill (both for not using a CEX and again for not using a DEX).

How much could I pay you to implement this lol? Or could I/we propose a COW Grant and have the Treasury pay for it?

I genuinely think this would be extremely popular amongst cold wallet users… they just need to learn of it’s existence! Most users probably don’t even realize it’s possible. It also has a use case for bots since bots necessarily have to be “hot”.

One could conceive of a non-COW-specific version of this but then the allowed function call (for Trade key) has to be carefully vetted and poses a huge security risk. Being COW-specific (and COW endorsed/official) greatly simplifies things.