Introduce ChildChainGaugeTokenAdder

nventuro · May 30, 2022, 9:49pm

Introduction

Liquidity gauge depositors can receive not only BAL, but also extra tokens (called ‘reward tokens’). On Ethereum L1, this is relatively straightforward, and there’s already a subDAO managing this. On child chains however (i.e. non-Ethereum L1 chains, such as Polygon or Arbitrum), this task is a bit more nuanced, as the gauge system allows for irrecoverable user error.

ChildChainGaugeTokenAdder is a module that makes adding reward tokens to child chain gauges much safer, and should be the only means by which this is done.

Specification

The ChildChainGaugeTokenAdder contract (deployment addresses found here) must be granted permission to call IChildChainStreamer.add_reward and IRewardsOnlyGauge.set_rewards via the AuthorizerAdaptor. Then, the LM multisig 0xc38c5f97B34E175FFd35407fc91a937300E33860 must be granted permission to call ChildChainGaugeTokenAdder.addTokenToGauge.

Execution details

This will be done in multiple networks: the named arguments below should be replaced with the actual constants specified later.

Call grantRolesToMany on the Authorizer, with:

roles:
- add_reward_role
- set_rewards_role
- addTokenToGauge_role
accounts:
- ChildChainGaugeTokenAdder
- ChildChainGaugeTokenAdder
- LMMultisig

Polygon

Authorizer: 0xA331D84eC860Bf466b4CdCcFb4aC09a1B43F3aE6
ChildChainGaugeTokenAdder: 0x1554ee754707D5C93b7934AF404747Aba521Aaf2
LMMultisig: 0xc38c5f97B34E175FFd35407fc91a937300E33860
add_rewards_role: 0x7cb72b76789ff7bc3d3bf438294fb22e9ab21b8ab33ef92bde5343ffbefae722
set_rewards_role:
0x233b2a2aac7549ea477be4a1eb94890848d61b5a2a458718e2bc1bfed9730018
addTokenToGauge_role: 0x32982283bd3250ac03256468501ad749885a55561f6e27111ff7f9a661aca5b5

Arbitrum

Authorizer: 0xA331D84eC860Bf466b4CdCcFb4aC09a1B43F3aE6
ChildChainGaugeTokenAdder: 0xbfD9769b061E57e478690299011A028194D66e3C
LMMultisig: 0xc38c5f97B34E175FFd35407fc91a937300E33860
add_rewards_role: 0x848a449d6f3fea1c1e229330f28bbd34ce15b8828b8e59f6b046fe937ef76b76
set_rewards_role:
0x6164875d6ae7cbe0f88dcb6a153aeb65fec7e8fabf50f3e512288f01417a4d48
addTokenToGauge_role:
0x00970aa128369a6b7225384e0de035b547a6d56c2faeee4c3f3735de381d1ff7

Risks

The LM multisig could misuse its permission and add incorrect or faulty tokens to the gauges. Since these have a limit of 8 tokens and they cannot be removed, such a situation would require a gauge migration.

Alternatively, the LM multisig could designate a distributor that sets overly long distribution durations (e.g. 5000 years), which would effectively make the distributions unusable.

No funds are at risk. The only funds potentially affected are those being distributed, which could be re-distributed over an over by a malicious distributor, dilluting the effective distributon rate.

solarcurve · June 1, 2022, 7:43pm

This heads to the gov council tomorrow

solarcurve · June 2, 2022, 12:29pm

https://snapshot.org/#/balancer.eth/proposal/0xcf17f3174f1d80783c2506362fd8d8b762e9c376122ab8ac31d8782e371cf19f

Topic		Replies	Views
[BIP-54] Authorize Balancer Labs to initiate distributions on Optimism gauges General Proposal	1	754	August 25, 2022
[BIP-449] Add Child Chain Gauge Factory to Pseudominter on AVAX General Proposal	1	1039	October 12, 2023
[BIP-387] Give Balancer Maxis ability to add 3rd party rewards to mainnet gauges General Proposal	9	599	July 30, 2023
[BIP-277] Enable Authorizer Wrapper General Proposal	2	919	May 8, 2023
Introduce ProtocolFeesWithdrawer General Proposal	1	826	May 20, 2022