Network Expansion Workgroup initiative: governance decision forwarding to non-L2 networks (LIP-24)

Executive Summary

  • Objective: Implement a framework for executing Lido DAO’s on-chain governance voted-in actions forwarded from Ethereum to outer networks to minimize or exclude involvement of multisigs, committees, and intermediates.

  • Context: For the recognized wstETH deployments on Layer 2 (L2) networks, Lido DAO currently utilizes established processes that employ canonical bridges, ensuring security congruent with the underlying rollups.

  • Proposal: This discussion aims to explore the adaptation of the governance infrastructure (a.DI) developed by BGD Labs to forward Lido DAO governance decisions (originated from the Lido DAO Agent contract on Ethereum) to external non-L2 networks, such as BNB Chain, to mitigate risks of third-party bridge services misoperation by utilizing bridge aggregation for messages.

Abstract

The a.DI system by BGD Labs serves as a cross-chain communication layer designed to facilitate secure interactions across different blockchain networks with minimal exposure to bridge-related vulnerabilities. This system is instrumental in AAVE’s governance v3 as a secure message bus and has undergone multiple security audits and formal verification rounds.

However, a.DI doesn’t contain a built-in execution module out of the box and requires one to be implemented supporting the interface needed. It’s suggested to derive BridgeExecutorBase for the governance motion payload format to be compatible with the one used for L2 networks forwarding by the Lido DAO.

Scope of pilot implementation

Immediate goals

  • Extend Lido DAO governance functionalities to pass executable decisions on BNB Chain

Proposed Adapter Configurations

  • Quorum Requirement: 3/4
  • Proposed Bridges: CCIP, HyperLane, LayerZero, Wormhole

Status

The proposed contractual solution shaped as a LIP, tailored for Lido deployments, is under audit by MixBytes(). Lido contributors anticipate sharing the comprehensive audit report on this forum shortly.

Testnet

Testnet deployments connecting the DAO Agent on Ethereum Sepolia and CrossChainExecutor on BNB Sepolia Testnet (Anchored to Sepolia) are available here. The deployments resemble the proposed adapter configurations.

Next steps

Should this proposal be considered favorably, Network Expansion Workgroup recommends to include a.DI to the scope of the follow-up wstETH bridged to BNB recognition proposal to avoid msig-based administration of the token and its bridge endpoints for wstETH on BNB deployments on Mainnet as early as possible.

Further details will be included in the corresponding snapshot proposal(s).

Feedback Request

Community feedback on the feasibility, security concerns, and any potential improvements to this framework to ensure robust and decentralized governance decision forwarding from Ethereum to diverse blockchain environments would be highly appreciated.

9 Likes

Ernesto from BGD Labs here. Really exciting to see the proposal to adopt a.DI into Lido!

As an update of the other active instance of of a.DI for Aave, it has been running in production for Aave since December without any problem, enabling all the stages of a quite advanced multi-chain governance, including the specific needs of Lido: forward governance decision to any destination network.
Additionally, we have been doing continuous improvements to the infrastructure, like:

  • A monitoring dashboard, detailing the whole lifecycle of proposals https://adi.onaave.com/.
  • Making a.DI compatible with extra underlying bridge providers, like Wormhole (and others in the pipeline).
  • Different minor updates on the smart contracts of the system.

I really believe this will be a good solution for Lido, and a perfect example of adoption of technology between long-term partners like Aave and Lido.

4 Likes

Thank you @TheDZhon so much for your proposal.

We generally agree with the the need of this kind of module to facilitate the governance execution to other chains and utilizing a.DI that has been running in production for Aave for a while makes sense as it reduces dependency on a single cross-chain protocol.

However, we’d love to understand more on why those 4 protocols have been chosen as a component of the Lido version of a.DI; CCIP, HyperLane, LayerZero, and Wormhole.

We suppose it is because of the original a.DI’s design, but would you consider adding more bridges in the future, or maybe replacing any of them? It’s very promising to see more flexible setups with additional considerations to which components Lido will apply once the continuous improvements by BGD Labs progresses.

2 Likes

Hey, @eboadom

Thank you for chiming in!

Really appreciate your input, and thank you for pointing out the monitoring dashboard; it looks pretty neat and super informative. :star_struck:

By the way, MixBytes() noted the uncompromised quality of the a.DI codebase during their audit. We will share the final report here and suggest attaching it to the cumulative portfolio of security checks.

2 Likes

GM, @Tane

Thank you for the feedback!

Yep, a battle-tested solution securing the cross-chain governance of the blue-chip DeFi protocol is what has inspired the NEW participants :slight_smile:

The same three adapters (CCIP, LZ, HL) are used for the AAVE governance (GitHub - bgd-labs/aave-delivery-infrastructure: Abstraction layer for cross-chain communication) for the BNB Smart Chain. Still, we enhanced it with the Wormhole bridge adapter that recently appeared in the original a.DI codebase, improving the quorum condition from 2/3 to 3/4.

In an ideal situation, the other adapter by Axelar might also be plugged in to get the quorum of 3/5; however, it wasn’t yet available at the time of the full-scope audit. Nevertheless, the setup allows for adding or replacing bridge adapters. That’s why I’d suggest considering it in the future based on the cross-chain governance demand, token standards adoption and upgrades, and bridge providers’ evolution.

Worth noting that the governance forwarding is not for regular use but mostly for future-proofing the cross-chain token and protocol parts.

3 Likes

Thank you so much for your clarification and we understand how you approach this initiative overall.

Especially,

This is really crucial and great to have.

Do you have specific areas you are thinking of applying this implementation, other than governance forwarding yet?

2 Likes

The MixBytes() audit has been finalized and published in the audits repository.

1 Like

The a.DI setup for forwarding Lido DAO motions to BSC has been successfully deployed to the Mainnet. It connects the DAO Agent on Ethereum with the CrossChainExecutor on BSC. The deployment uses the proposed adapter and quorum configurations.

Deployed contracts

Ethereum

BSC contracts

2 Likes