Pragmatic steps forward to decentralize contract upgradability

šŸ› Token House Governance
1

As far as I understand, protocol upgrades will be proposed on Snapshot, requiring a 51% approval. However, Optimism Foundation still maintains a backdoor with emergency upgrades possible. In this post, Iā€™ll cover some ideas for how we can decentralize this as well.

  1. The bridge has circuit breakers - i.e. if thereā€™s anomalous activity it pauses and notifies watchers.
    1.5) Certain components can be immutable or require regular protocol upgrades, if possible. E.g. bridge funds cannot be touched via emergency upgrades.
  2. Optimism Foundation retain emergency pause rights (i.e. they can pause the network outright), but cannot push an emergency upgrade through.
  3. Thereā€™s an emergency council consisting of top N delegates + M representatives from Optimism Foundation, where M < 1/3(N+M). 2/3(N+M) can approve emergency upgrades with no timelocks. (Can be a more gradual transition as OP is distributed.)
  4. The emergency council can veto emergency pauses by the Optimism Foundation.
  5. Over time, Optimism Foundationā€™s emergency pause rights and voting rights on the emergency council are deprecated.
  6. Further over time, emergency upgrades have timelocks added, depending on approval. E.g. if 100% of top N delegates vote, no timelocks; however if only 51% vote then X days.
  7. As the protocol matures, the emergency council is dissolved, and all protocol upgrades go through the regular process.
7 Likes
2

Sounds like a sensible path in general, couple of questions:

For clarity, when you say ā€˜Pause rightsā€™ do you mean a veto on upgrades? Or an emergency brake in case something is breaking?

Iā€™m not completely sure about immediately giving the foundation no power in this council, because OP is tradable a bad actor with sufficient budget could change the top delegates. It might prove to be that their is insufficient liquidity for this to be a concern going forward but at least initially Iā€™d be more comfortable with quorum requiring at least a single Foundation member.

The goal youā€™re laying out is to decentralize the process, so obviously in the end we want to make the Foundation less relevant but I think this is covered by your points 5, 6 and 7 - which are definitely where I hope Optimism ends up eventually.

4 Likes
3

Thanks, addressed your points above. Of course, this is just a gist of it - the details need to be worked out.

2 Likes
4

Got it, thanks. Iā€™m really interested to see how this discussion continues.

2 Likes
5

maybe we can wait for the citizen house, and use the soul-bound NFT