I read "How to make a contract updatable" post but my question is less technical and more general. I hired coders to work on my project and as a non coder I am trying to come up with the system architecture of how my DAO will actually work. I apologize in advance if I am posting in the wrong area or my prerequisite reading is missing a great deal. As an eager enthusiast I am trying to read as much as I can as quickly as I can
or if this question has already been answered somewhere else please correct me / direct me to some links.
My logic tells me that a contract cannot be modified by its creator after it is created without the risk that a malicious creator could disadvantage the principle participants. How can you be sure that the modifications are provably fair and more beneficial to the participants? If you can't modify a contract after its created how could you fix bugs or mistakes in the contract code?
I would like to create a DAO and this DAO will create a pool of insurance funds. My concept is that there will be the need of several different modules in order to collect premiums and pay out claims. Perhaps any of these modules might need to be tweaked or fixed to improve their function.
My current plan is to create a core contract which appears in the app store that has very few lines of code and is coded as carefully as possible but which calls and relys on other sub contract modules. This is the contract that would hold all the premiums and from which claims would be paid as well as holding the database of participants thus modifying its code after people have started using the DAO / DAPP would be avoided if at all possible. But the subcontract modules which perform various tasks from solving shelling point problems to holding the logic for how claims are paid out I could modify because those contracts are not directly connected to the principle participants.
Perhaps this core contract would allow people to vote upon their participation in a 2.0 upgrade at a future date which would facilitate the migration of participants to a new contract platform. But even if this would facilitate transferring over members individual accounts once premiums are paid they belong to the system not to individual members so if you transfer accounts to an upgraded contract that doesn't contain any premiums you wouldn't be able to successfully pay out claims unless your original contract contained instructions to transfer funds to a future 2.0 upgrade. But if you want to participate in the 1.0 app and see a line of code that will facilitate a future transfer of paid principle funds to a future 2.0 app that hasn't been written yet how can you know for certain the 2.0 upgrade isn't a scam?
Even if I have the freedom to manipulate the sub module contracts that are called upon by the main contract how can people know that these modifications also are provably fair? The contract modules used by the core contract would almost certainly need to be modified many times in an attempt to get everything to function correctly and to provide improved features. But this to me seems to open up doors for malicious entities to do malicious things which is why I am wondering how this can work.
What is the way it really works? What is the proper balance between fixed contract code and malleable contract code? What am I missing? Also I take this project very seriously so although I am working with a team of 2 other individuals to try and get it coded by Feb (we are still learning Python and haven't even started on Serpent yet) I realize almost immediately that even after taking our best stab at this we should seek out members of the Ethereum team for consultant support to make sure we are presenting something to the community which is fair, reliable, and helpful.
So although my question is primarily "how can I code something that can be changed in a provably fair way after people have paid into a contract" a larger question is what is the roadmap for developers who are serious about using this new technology so that they can make sure what they present to users is truly a quality product.
Again I really apologize I am incredibly enthusiastic and I am trying my best to read as much as I can as quickly as I can. haven't spent adequate time before writing this post to really research the forums/documentation as I'm sure this question is answered somewhere.