![Nexus Logo](https://i.imgur.com/JoJ8cXZ.png)

**Each weekday leading up to devcon2, Nexus will highlight a dapp, library, or package (something with a `dappfile`) as a promotion of our toolchain and as case studies for other developers. [Yesterday's Post.](https://steemit.com/ethereum/@nikolai/dapp-a-day-3-eth-token-wrapper)**

`ds-auth` is an opinionated access control pattern. It is an extension of the "owner" pattern which allow switching the contract into "ACL lookup" mode.

https://github.com/nexusdev/ds-auth

The dual control modes allow making sequences of administrative changes on-chain easier to write in the form of "update" contracts.

There may be some more usability/safety upgrades (like using distinct addresses and doing additional sanity checks when switching modes during handoffs), but it will likely be a major version upgrade.

You might notice that `DSBasicAuthority is DSAuth`. It's turtles all the way down! The control hierarchy should be "rooted" in something other than one of the given Authority types.

Tomorrow we will introduce one example: A fixed multisig actor.