Bricked Chains

# Bricked Chains _All information on past bricked chains on both Polkadot and Kusama can be found [here](https://docs.google.com/spreadsheets/d/1DIdr-nyJkNiAWNt7C8BwkP-DhGw6paUOdCoENzZvX-0/edit#gid=1485638287)._ The following intends to outline when a chain bricks and potential solutions around it. A chain is considered bricked once it cannot continue producing blocks that are validated by the relay chain. This isually happens when theres a mismatch between the head or the wasm of the parachain, and that that's expected from the relay chain. All these should be carefully considered, as some of them go against the shared security model of Polkadot. Having a third party modify the on-chain storage of parachain items (head / wasm) means that they are tampering with the shared security architecture. In general, four scenarios will be considered: 1. A chain is bricked at startup. This means that a team did not register the correct artifacts and therefore didn't manage to produce a single block. 2. A chain is bricked on a runtime upgrade. Could be for several reasons, such us wrong wasm pushed or storage migration ran out of time. A common pattern here is a bug on the `on_initialize` handler: if a parachain can't process a block in 0.5s and keeps on trying that then the chain will not be able to progress. 3. A chain is bricked because there was wrong block produced. This would be an expected case that the block is rejected because something malicious is being pushed. | Concept | Frequency | Possible Solution | |----------------|:---------:|-------------------------------| | Startup | 7 | Unlock Parachains by default. | | Runtime Update | 15 | Rollback to previous state / system-parachain parachain governance. | | Wrong block | 0 | Do nothing | Watchouts and considerations: - Unlocked parachains by default should only be done for those projects that don't open crowdloans. If not, the relay chain can't act as a guarantee of the proposed code for the parachain that contributors contributed to. - The governance system-parachain should be a DAO management that teams use to control their parachain account on the relay chain. - Need to investigate how to contrast points (1) and (2). Probably need more exploration of the runtime upgrade path and the signals in the process.