[Formal Review][RGP-17] Upgrade Governance Contracts to OZ Governor [September 24 Cycle]

Author(s): @lftherios @wildmolasses (ScopeLift) & @bendi (ScopeLift)
Type: executable
Created: 2024-09-02
Status: active

:information_source: This is the official Formal Review draft for RGP-17. Please formally review the proposal and vote on the Snapshot poll by :rotating_light: 17:00 CET - Monday 23rd September 2024 :rotating_light: If it passes, it will be submitted onchain next week.

:sparkles: Snapshot Poll Results :sparkles:: This proposal has PASSED :white_check_mark: with 4.1M $RAD in support of the proposal. See final results: Snapshot

It will be submitted onchain this week for a final vote.

Purpose

This proposal aims to:

  • Execute the upgrade from Radworks’ current governance contracts (Compound Governor Alpha) to Open Zeppelin Governor with the assistance of the ScopeLift team.
  • Adjust the voting delay from 1 block to 24 hrs
  • Pay the ScopeLift team the remainder of their fee to execute the contracts ($10k worth of $RAD)

In October 2023, the community approved [RGP-17] Upgrade Governance Contracts from Compound Alpha to Open Zeppelin Governor, a social proposal aiming to gain approval for an upgrade of Radworks’ governance system. The acceptance of this proposal signified the community’s consensus on upgrading Radworks’ governance contracts and also allocated a grant to the ScopeLift team for initiating the upgrade process

Overview & Background

Reminder: Why upgrade?

Compound Alpha governance contracts no longer suit the needs of Radworks governance system. While they have all of the basic capabilities needed to manage a community-governed treasury, the contracts are now deprecated, leading to a list of limitations and exposing the system to potential risk of MEV attacks (read more here). Other major DAOs have already moved on from Compound Alpha, including Compound itself.

Open Zeppelin Governor is the successor to Compound Governor Alpha & Bravo. It is not only fully compatible with Governor Alpha (i.e includes the same benefits and features), but also offers additional capabilities and allows for upgrades to governance parameters without requiring complete migration. The key benefits we see are:

  • Built-in upgradability: This will allow token holders to change minor parameters in DAO-governed contracts without having to completely replace the contracts (which is currently the process required with Compound Alpha). This lowers the barrier for the community to make minor adjustments and improve the governance system going forward.
  • Increased modularity of features and tooling integrations: Many tools or integrations are not compatible with Compound Alpha/Bravo)
  • Reduce multi-block MEV attack risk: Increasing the voting delay from 1 block will lower the risk here
  • More granularity in onchain voting choices: yes, no + abstain, ability to add note/reasoning to votes onchain

The Governance Committee believes that many of the features available in the OpenZeppelin Governor contracts will enhance Radworks’ governance system, enabling a more detailed expression of input into proposals and offering easier management tools for governance facilitators.

In addition, there are further capabilities that the OZ Governor contracts enable that can be beneficial for us to consider in the future:

  • OZ supports the Flexible Voting extension, which enables multichain voting (including voting from an L2) or voting from a shielded pool (e.g. vesting contract)
  • OZ lets you describe quorum as a fraction of the total supply instead of a fixed number of tokens
  • OZ supports NFT voting in addition to ERC20 voting

Ecosystem Adoption:

The OZ Governor has seemingly become the industry standard, and is used by many DAOs both small and large. In addition to being the default choice for many small DAOs, there are a number of large DAOs using it as well. For example, ENS launched their DAO on OZ Governor. HOP Exchange, Unlock, Optimism and others are other examples who use OZ-based Governors (i.e. some have built a customization on top of the OZ Governor but still use the core codebase).

OZ contracts also support useful integrations, such as the Flexible Voting extension. The Flexible Voting extension - which was created by the ScopeLift team & is only compatible with OZ Governor - was recently adopted by Gitcoin and PoolTogether during their upgrade to OZ Governor. The Governance Committee is interested in exploring Flexible Voting in the future due to its modularity, but believe it is best to not include in this initial upgrade.

Security:

The OZ Governor contracts were released in August 2021 and have been consistently audited since. According to ScopeLift, OZ Governor is actively maintained and at this point is considered “battle tested” given broader adoption in the industry over the past 2-3 years.

Read more about why we didn’t suggest upgrading to Compound Bravo here.

ScopeLift is a small team of expert, full stack EVM devs that was recommended to the Governance Committee by the Tally team. They were selected to help prepare the upgrade given their experience and expertise.

Since November, the ScopeLift team has spent time preparing and testing the contracts for the upgrade. They have spent around 200 hours preparing for the upgrade. They have deployed a candidate contract (see repo) that is being reviewed by Radworks’ developers now.

Adjusting the Voting Delay

“Voting delay” is the amount of time between when a proposal is submitted onchain to when the voting period starts. This delay provides an extra opportunity for the community to scan for potential malicious proposals and react before they are able to be voted on. This is currently set to “1 block,” which can vary in exactly how much time that takes, but currently that equates to about 12 seconds (depending on network conditions and activity).

Extending the Voting Delay allows more time to assess and ensure proposals that are being submitted onchain are legit and not malicious before the voting window starts. We plan to extend it to 24 hours as a part of this upgrade upon Scopelift’s recommendation. This means that governance participants will have to wait 24 hours after a proposal is posted onchain before they will be able to start voting. This will extend the “Submission” phase of governance by 1 day, and will require updates to the Governance Manual by the Governance Committee if passed…

Implementation

When the proposal is formally moving through the July cycle, ScopeLift will again update the test suite against the proposal data now onchain. This will ensure, once again, that no errors were introduced in the proposal process. They will also patch Seatbelt to run against Radworks’ Alpha Governor and produce a safety report for the upgrade. This test and report will happen as soon as the proposal is posted onchain during the 4th week of the July cycle.

The Governance Committee will coordinate with the ScopeLift team to make sure that the timing of upgrade does not interfere with any other governance proposals that may be active at the time.

The ScopeLift team has already received a grant to fund this first milestone of their work. The passing of this proposal will include a $RAD distribution from the Treasury as compensation for the final two milestones for their work (outlined here).

Reporting & Success Criteria

The upgrade will be successful if the proposal executes with no issues.

Budget & Timeline

The budget for milestones 2&3 of ScopeLift’s work total to be $10,000 worth of RAD. This was agreed on in their original Grant proposal . Using the last 30 days’ average closing price of RAD based on Radworks USD Historical Data | CoinGecko this comes out to 8,065 RAD.

This amount will be sent to the following ScopeLift address from the Radworks Treasury:

0x5C04E7808455ee0e22c2773328C151d0DD79dC62 (scopelift.eth)

Proposal Code

New Governor address: https://etherscan.io/address/0xd64d01d04498bfc60f04178e0b62a757c5048212

New Governor delpoy confirmation: https://etherscan.io/tx/0x54621849b4885270b98f8796e3f075f295f3ece3d7ba49f4a73687b91aea609e

# set pending admin of Radworks timelock to new governor
0x8dA8f82d2BbDd896822de723F55D6EdF416130ba
"setPendingAdmin(address)"
0xD64D01D04498bFc60f04178e0B62a757C5048212

# accept timelock admin role from new governor
0xD64D01D04498bFc60f04178e0B62a757C5048212
"__acceptAdmin()"

# Transfer RAD to scopelift.eth
0x31c8eacbffdd875c74b94b077895bd78cf1e64a3 0 "transfer(address,uint256)" 0x5C04E7808455ee0e22c2773328C151d0DD79dC62 8065000000000000000000

:sparkles: Snapshot Poll Results :sparkles:: This proposal has PASSED :white_check_mark: with 4.1M $RAD in support of the proposal. See final results: Snapshot