Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add emergency treasury initialization and recover funds function #134

Closed
wants to merge 1 commit into from
Closed

feat: add emergency treasury initialization and recover funds function #134

wants to merge 1 commit into from

Conversation

taayyohh
Copy link
Member

@taayyohh taayyohh commented Aug 24, 2024
edited
Loading

After a successful proposal from BuilderDAO to SelloutDAO -- this transaction was executed: https://nouns.build/dao/base/0xe8af882f2f5c79580230710ac0e2344070099432/vote/15

The issue is, because BuilderDAO is now on BASE, and nouns.build allows users to create DAOs on multiple L2s, the shortcuts that compose proposal arguments (in this case Transfer), do not take into account the possibility of cross chain interactions.

So the funds were sent to the address of our treasury on BASE instead of the address of our treasury on Zora Network.

Using CREATE2, the Manager contract is able to deploy the Treasury contract on Base with the same address that it exists on Zora, however there are 2 issues

  1. The Treasury must be initialized by the Manager contract (setting the owner of the treasury contract)
  2. The Treasury contract can only interact with funds through proposals (this is a good thing)

To recover the funds on BASE I am proposing to make these temporary changes to the protocol that allow the owner of Manager to initialize a treasury using CREATE2, and then allow the owner of a treasury (which is the governor contract for all existing DAOs) to withdraw the funds to an arbitrary address

I believe this should not introduce any security concerns for existing DAOs, but would also allow the multisig that controls Builder to help Sellout DAO recover these funds

Steps to Recovery

  1. changes to Treasury and Manager contracts in my open PR are approved and merged in
  2. new implementation of Treasury contract is deployed
  3. new implementation of Treasury is registered as an upgrade
  4. new implementation of Manager is deployed
  5. manager is upgraded to this implementation
  6. multisig calls function to deployAndInitializeTreasury with the given args to determinsticaly deploy to the treasury address that exists on Zora, but we do so on Base (making my EOA the owner of this treasury)
  7. my EOA is now owner of initialized treasury, I upgrade treasury to the newly registered upgrade
  8. I call recoverFunds on treasury to send funds to my EOA, bridge to Zora, deposit in my DAOs treasury
    CLEANUP
  9. change Manager implementation back to previous implementation

@taayyohh taayyohh requested a review from neokry August 24, 2024 15:27
@taayyohh taayyohh force-pushed the theo/recover-funds branch from c81c3de to fca5e92 Compare August 24, 2024 15:30
@taayyohh taayyohh requested a review from kulkarohan August 24, 2024 15:31
@taayyohh taayyohh force-pushed the theo/recover-funds branch from fca5e92 to 4fcf610 Compare August 24, 2024 20:21
@taayyohh taayyohh force-pushed the theo/recover-funds branch from 4fcf610 to 32897f3 Compare August 24, 2024 20:31
@taayyohh taayyohh force-pushed the theo/recover-funds branch from 32897f3 to e42fa3f Compare August 24, 2024 20:32
@taayyohh taayyohh force-pushed the theo/recover-funds branch from da16295 to 104b1ef Compare August 24, 2024 20:45
@taayyohh taayyohh requested a review from iainnash August 24, 2024 21:32
@taayyohh taayyohh marked this pull request as draft August 25, 2024 21:35
@taayyohh taayyohh closed this Aug 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neokry neokry Awaiting requested review from neokry

@kulkarohan kulkarohan Awaiting requested review from kulkarohan

@iainnash iainnash Awaiting requested review from iainnash

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@taayyohh