Introduction
Liquidity gauge depositors can receive not only BAL, but also extra tokens (called ‘reward tokens’). On Ethereum L1, this is relatively straightforward, and there’s already a subDAO managing this. On child chains however (i.e. non-Ethereum L1 chains, such as Polygon or Arbitrum), this task is a bit more nuanced, as the gauge system allows for irrecoverable user error.
ChildChainGaugeTokenAdder
is a module that makes adding reward tokens to child chain gauges much safer, and should be the only means by which this is done.
Specification
The ChildChainGaugeTokenAdder
contract (deployment addresses found here) must be granted permission to call IChildChainStreamer.add_reward
and IRewardsOnlyGauge.set_rewards
via the AuthorizerAdaptor. Then, the LM multisig 0xc38c5f97B34E175FFd35407fc91a937300E33860
must be granted permission to call ChildChainGaugeTokenAdder.addTokenToGauge
.
Execution details
This will be done in multiple networks: the named arguments below should be replaced with the actual constants specified later.
Call grantRolesToMany
on the Authorizer, with:
-
roles
:add_reward_role
set_rewards_role
addTokenToGauge_role
-
accounts
:ChildChainGaugeTokenAdder
ChildChainGaugeTokenAdder
LMMultisig
Polygon
Authorizer: 0xA331D84eC860Bf466b4CdCcFb4aC09a1B43F3aE6
ChildChainGaugeTokenAdder: 0x1554ee754707D5C93b7934AF404747Aba521Aaf2
LMMultisig: 0xc38c5f97B34E175FFd35407fc91a937300E33860
add_rewards_role: 0x7cb72b76789ff7bc3d3bf438294fb22e9ab21b8ab33ef92bde5343ffbefae722
set_rewards_role:
0x233b2a2aac7549ea477be4a1eb94890848d61b5a2a458718e2bc1bfed9730018
addTokenToGauge_role: 0x32982283bd3250ac03256468501ad749885a55561f6e27111ff7f9a661aca5b5
Arbitrum
Authorizer: 0xA331D84eC860Bf466b4CdCcFb4aC09a1B43F3aE6
ChildChainGaugeTokenAdder: 0xbfD9769b061E57e478690299011A028194D66e3C
LMMultisig: 0xc38c5f97B34E175FFd35407fc91a937300E33860
add_rewards_role: 0x848a449d6f3fea1c1e229330f28bbd34ce15b8828b8e59f6b046fe937ef76b76
set_rewards_role:
0x6164875d6ae7cbe0f88dcb6a153aeb65fec7e8fabf50f3e512288f01417a4d48
addTokenToGauge_role:
0x00970aa128369a6b7225384e0de035b547a6d56c2faeee4c3f3735de381d1ff7
Risks
The LM multisig could misuse its permission and add incorrect or faulty tokens to the gauges. Since these have a limit of 8 tokens and they cannot be removed, such a situation would require a gauge migration.
Alternatively, the LM multisig could designate a distributor that sets overly long distribution durations (e.g. 5000 years), which would effectively make the distributions unusable.
No funds are at risk. The only funds potentially affected are those being distributed, which could be re-distributed over an over by a malicious distributor, dilluting the effective distributon rate.