Project / Team Name
PoolTogether Onchain Governance Contracts Upgrade / ScopeLift
The budget being requested will be used to fund 125-200 engineering hours from the ScopeLift team. In that time, we will execute on an upgrade to the PoolTogether DAO’s onchain Governance contracts.
ScopeLift1 is a 7 person team of expert EVM devs. We’ve had the pleasure of working with many great projects in the space, including Uniswap, Optimism, Gitcoin, Endaoment, and others. We have our own project called Umbra2, which is a tool for privacy preserving payments. Contracts we’ve written have processed and custodied hundreds of millions of dollars.
ScopeLift has extensive experience relevant to the project being proposed. We have previously received grant funding for Governance related work from Uniswap, Aave, and the Ethereum Foundation. We created Flexible Voting3 and helped build and maintain Seatbelt4. We are currently working with Gitcoin5 to execute a similar Governor upgrade for that DAO.
Scope of Work
PoolTogether’s onchain governance is based on Compound’s “Governor Alpha” contracts. Compound itself moved on from these contracts years ago, as have most major DAOs. Today, the best practice is to use some variant of the OpenZeppelin implementation.
The outdated governance contracts come with a number of specific risks and downsides:
- The DAO’s treasury is susceptible to a multi-block MEV attack6
- The DAO treasury holds 30.41 ETH (~$59,000) that cannot be transferred
- The DAO is limited to proposals that execute 10 onchain actions at a time
- The DAO’s governance parameters cannot be updated by the DAO
- The contracts are incompatible with tooling providers, who increasingly eschew support for Governor Alpha
- The DAO cannot take advantage of the growing ecosystem of Governance integrations being built with Flexible voting (DeFi Voting, L2 Voting, etc…)
Upgrading the DAO’s Governor contract to an OpenZeppelin variant, with ScopeLift’s Flexible Voting extension, will solve all the aforementioned problems. It will also allow the DAO to sunset its custom Governance portal in favor of off-the-shelf options like Tally7, should it choose to. To learn even more about the advantages of Governor Bravo compatible contracts, check out this blog post8.
The goal of this project is to safely upgrade the DAO’s Governor contract. This upgrade will resolve the issues documented above. It also leaves the DAO well positioned to execute onchain Governance successfully for the forseeable future.
If executed, the upgrade will require no action from POOL tokenholders, delegates, or protocol users. The token contract and timelock contract will be unaffected.
Milestones & Deliverables
The Governor upgrade will have three main milestones:
- Development, Testing, and Simulation
- Deployment and Proposal
- DAO Vote and Upgrade Execution
Upgrading the Governor is a sensitive task that must be done carefully. If executed incorrectly, the upgrade could cause issues for the DAO. In the worst case, a botched Governor upgrade could result in locked treasury funds or the inability to update protocol parameters.
To ensure the upgrade will go smoothly, with no impact to the DAO or to PoolTogether users, ScopeLift will take extreme care in the development and testing of the upgrade. No corners can or will be cut in the upgrade process.
The first milestone is therefore where most of our time will be spent. Below is a summary of each milestone.
Milestone 1: Development, Testing and Simulation
We will assemble the new Governor from ScopeLift’s fully audited9 Flexible Voting10 extension, built on OpenZeppelin’s widely used, audited, and battle tested implementation of the Governor.
We will then write a large suite of tests and simulations to ensure the upgrade will be successful, and that all DAO operations will be able to proceed normally after it is completed. Based on our previous experience with Gitcoin DAO, we expect this test suite will include hundreds of tests and thousands of lines of code.
These tests simulate the upgrade to the new Governor, from deployment, proposal, Governance vote, and future votes by the DAO. The tests run on a “forked” state from mainnet to simulate the closest possible production state. They exercise all scenarios before and after the upgrade, and ensure governance will still function properly after it is completed.
We will also write scripts for deploying the new Governor and for submitting a proposal for the upgrade to the existing Governor. The scripts will be exercised by the tests.
All tests and simulations are specific to PoolTogether. They exercise the actual code that is live on mainnet in a simulated environment. They will ensure the upgraded Governor can manage the DAO treasury and execute its role within the PoolTogether protocol, including but not limited to modifying prize pool, setting reserve rates and drip rates, modifying protocol parameters, etc…
These tests will be written as fuzz tests and invariant tests, meaning they will take random arbitrary inputs rather than hardcoded parameters. We will execute millions of scenarios through these tests before proceeding.
Milestone 2: Deployment and Proposal
When the upgraded Governor contracts have been rigorously tested as described above, we will deploy a candidate Governor contract to the Ethereum mainnet. We will then update our tests to execute again against the candidate Governor to ensure there were no errors introduced in deployment.
Afterwards, we will submit a PTIP proposal on the PoolTogether Governance forum to begin the formal process for the DAO. If consensus is reached in the forum, a vote on the upgrade can occur on Snapshot.
Milestone 3: DAO Vote and Upgrade Execution
If the Snapshot vote is successful, ScopeLift will work with a DAO delegate who has sufficient voting weight to submit a proposal for the upgrade onchain. When the proposal is live, we will again run the test suite against the proposal data now onchain. This will ensure, once again, that no errors were introduced in the proposal process.
Once the proposal is live onchain, the DAO will be able to vote for or against its execution. We will monitor the proposal vote and coordinate with appropriate tooling providers, such as Tally, to ensure the upgrade is reflected immediately after it passes. After successful execution, the DAO will be able to proceed with its governance of the treasury and protocol as normal.
A large majority of our time will be spent on the upfront engineering work, i.e. the Development, Testing, and Simulation milestone. The other milestones are bound by the nature of governance process, rather than our time.
- Week 1-4: Development, Testing, and Simulation — ScopeLift executes on the engineering work described above
- Week 5-8: Deployment and Proposal — ScopeLift deploys and tests the candidate Governor contract, then submits a PTIP proposal on the PoolTogether Governance forum. After 5 days, if consensus is reached, the proposal can move to a Snapshot vote, which takes another 2 weeks by convention.
- Week 9: DAO Vote and Upgrade — ScopeLift works with a DAO delegate to get the proposal onchain, then executes tests again with the live proposal data. The DAO votes on the proposal, which executes ~1 week later if successful.
We are requesting $USD 40,000 in total, with half paid up front and half paid out over 8 weeks via a streama. We are also requesting 25% of the funds paid out via POOL for incentive alignment of ScopeLift with the DAO.
This funding is in addition to the $10,000 already received in the form of a grant, which funded the initial technical discovery and a portion of the development work.
The funds for this proposal can be sent to scopelift.eth (0x5C04E7808455ee0e22c2773328C151d0DD79dC62).
|20000||USDC||June 20th,||8 weeks|