- Project Name: Radworks Governor Upgradge
- Team Name: ScopeLift
- Payment Address: scopelift.eth
- Category: Core Infrastructure
ScopeLift will upgrade the Radworks’ Governor contract. Radworks’ onchain governance is based on Compound’s “Governor Alpha” contracts. Compound itself moved on from these contracts years ago, as have most major DAOs. Today, the best practice is to use the OpenZeppelin implementation of the Governor Bravo contracts.
Outdated governance contracts come with a number of specific risks and downsides:
- The DAO’s treasury is susceptible to a multi-block MEV attack due to a 1 block voting delay
- The DAO treasury cannot hold ETH directly in the timelock, and any ETH sent directly to the timelock would be stuck
- The DAO is limited to proposals that execute 10 onchain actions at a time
- The DAO’s governance parameters cannot be updated by the DAO
- The contracts are incompatible with tooling providers, who increasingly eschew support for Governor Alpha
Upgrading to a more modern Governor will solve theses problems. For a more detailed explanation of the advantages of bravo-compatible Governors, see this post on the subject from Tally.
Note: This proposal is contingent on the DAO signaling its desire to upgrade its Governor contract via Social Proposal.
Team Lead: Ben DiFrancesco
Additional Team Members:
- Ed Mazurek
- John Feras
- Gary Ghayrat
- Alex Keating
- Registered Address: [REDACTED]
- Registered Legal Entity: ScopeLift
ScopeLift is a small team of expert, full stack EVM devs. We’ve had the pleasure of working with many great projects in the space, including Uniswap, Optimism, Gitcoin, Endaoment, Llama, PoolTogether, Yield, Cozy, Obol, Railgun and others.
Smart contracts we’ve written have processed or custodied hundreds of millions of dollars. We have our own project called Umbra, a stealth address system.
ScopeLift has extensive experience in the areas of DAO Governance engineering. Most relevantly, we’ve lead Governor upgrades for Gitcoin and PoolTogether. We completed these upgrades without incident, protecting the treasuries and protocols of these DAOs collectively worth many 10’s of millions of dollars.
ScopeLift has also lead development and maintenance of Uniswap’s Seatbelt, an automated Governance security tool.
Finally, ScopeLift has developed an extension to the Governor called Flexible Voting. The extension has been adopted by Gitcoin, PoolTogether, and Frax Finance. It enables novel integrations and experimentation around DAO Governance Voting. ScopeLift has built out some of these usecases, such as Governance Voting while deposited in Aave and Compound, voting while bridged to L2, and more.
- ScopeLift · GitHub
- GitHub - ScopeLift/flexible-voting: 💪🗳️ Flexible Voting – A Powerful Building Block for DAO Governance
- GitHub - ScopeLift/l2-flexible-voting: 🗳️ L1 voting on L2
- GitHub - ScopeLift/pooltogether-governor-upgrade
- GitHub - ScopeLift/umbra-protocol: 🌕🌑 Privacy Preserving Shielded Payments On The Ethereum Blockchain
- apbendi (Ben DiFrancesco) · GitHub
- wildmolasses (Ed Mazurek) · GitHub
- jferas (John Feras) · GitHub
- garyghayrat (Gary Ghayrat) · GitHub
- alexkeating (Alexander Keating) · GitHub
ScopeLift is applying for this grant because DAO Governance engineering is one of our areas of expertise. By specializing in this area, we can provide a clear win-win proposition for the DAO. We execute on Governance engineering and ensure these sensitive tasks are completed without incident. At the same time, we free critical DAO developer resources to focus on the core project, rather than ancillary Governance concerns.
Upgrading the DAO’s Governance contracts helps it avoid security risks and keeps it in line with current best practices, as detailed above. In particular, by upgrading the Governor contract—while leaving the existing Timelock in place—we resolve the biggest issues that come from outdated contracts with minimal risk and disruption for the DAO.
- Total Estimated Duration: 8-10 weeks
- Full-time equivalent (FTE): 18-32 days
- Total Costs: $50,000
The Governor upgrade will have three main milestones:
- Development, Testing, and Simulation
- Deployment and Proposal
- DAO Vote and Upgrade Execution
Upgrading the Governor is a sensitive task that must be done carefully. If executed incorrectly, the upgrade could cause issues for the DAO. In the worst case, a botched Governor upgrade could result in locked treasury funds or the inability to update protocol parameters.
To ensure the upgrade will go smoothly, with no impact to the DAO or its members and users, ScopeLift will take extreme care in the development and testing of the upgrade. No corners can or will be cut in the upgrade process.
The first milestone is therefore where most of our time will be spent. Below is a summary of each milestone.
- Estimated Duration: 4-6 weeks
- FTE: 14-28 days
- Costs: $40,000
|1.||Governor Assembly||Putting together the actual Governor contract using OpenZepplin’s implementation of Governor Bravo.|
|2.||Deploy & Proposal Scripts||Foundry scripts that will be used to deploy the Governor and put the upgrade proposal onchain.|
|3.||Testing & Simulation||Writing and running hundreds of fuzz tests to simulate the upgrade and exercise the new Governor to ensure it will function after the upgrade.|
After initial requirements gathering with appropriate DAO stakeholders, we will assemble the new Governor. It will be built using either OpenZeppelin’s widely used, audited, and battle tested implementation of Governor Bravo.
We will then write a large suite of tests and simulations to ensure the upgrade will be successful, and that all DAO operations will be able to proceed normally after it is completed. Based on our previous experience with Gitcoin and PoolTogether, we expect this test suite will include hundreds of tests and thousands of lines of code.
These tests simulate the upgrade to the new Governor, from deployment, proposal, Governance vote, and future votes by the DAO. The tests run on a “forked” state from mainnet to simulate the closest possible production state. They exercise all scenarios before and after the upgrade, and ensure governance will still function properly after it is completed.
We will also write scripts for deploying the new Governor and for submitting a proposal for the upgrade to the existing Governor. The scripts will be exercised by the tests.
All tests and simulations are specific to Radworks. They exercise the actual code that is live on mainnet in a simulated environment. They will ensure the upgraded Governor can manage the DAO treasury and execute its role within the DAO, including but not limited to modifying parameters of treasury-governed contracts, e.g. Drips.
These tests will be written as fuzz tests and invariant tests, meaning they will take random arbitrary inputs rather than hardcoded parameters. We will execute millions of scenarios through these tests before proceeding.
- Estimated Duration: 3 weeks (includes offchain Governance cycle)
- FTE: 2 days
- Costs: $5,000
|1.||Candidate Governor||Candidate Governor contract deployed onchain|
|2.||Candidate Governor testing||Tests updated to run against the actual Governor code onchain|
When the upgraded Governor contracts have been rigorously tested as described above, we will deploy a candidate Governor contract to the Ethereum mainnet. We will then update our tests to execute again against the candidate Governor to ensure there were no errors introduced in deployment.
Afterwards, we will submit a proposal to go through the DAO’s governance process. This includes the online discussion, offchain vote, and finally onchain vote that is part of the DAO’s governance cycle.
- Estimated Duration: 3-5 days (includes onchain Governance voting)
- FTE: 2 days
- Costs: $5,000
|1.||Onchain Proposal||The proposal to upgrade the Governor is put onchain by a DAO delegate with. ScopeLift’s assistance|
|2.||Proposal Tests||Tests updated to run against the actual proposal which is now onchain|
|3.||DAO Vote||DAO members vote and upgrade executes if approved!|
If the social signaling vote is successful, ScopeLift will work with a DAO delegate who has sufficient voting weight to submit a proposal for the upgrade onchain. When the proposal is live, we will again update the test suite against the proposal data now onchain. This will ensure, once again, that no errors were introduced in the proposal process. We will also patch Seatbelt to run against Radworks’ Alpha Governor and produce a safety report for the upgrade.
Once the proposal is live onchain, the DAO will be able to vote for or against its execution. We will monitor the proposal vote and coordinate with appropriate tooling providers, such as Tally, to ensure the upgrade is reflected immediately after it passes. After successful execution, the DAO will be able to proceed with its governance of the treasury and protocol as normal.
Upgrading the DAO’s Governor is a one time task with a well defined scope. Once the upgrade has successfully executed, the work is effectively complete. That said, ScopeLift is deeply involved with DAO governance engineering, and eager to help Radworks in the future with any such needs.
ScopeLift was referred to Radworks by the team at Tally, and directed toward applying for a grant by Shelby Steidl.