Trust Setup for DAO investment into GoldCOMP

After careful consideration of the feedback received on the previous proposal regarding multisig concerns, the Goldenboys have decided to create a “Trust Setup.” Contract deployed here: TrustSetup | Address 0xb9259d9f2249eb7fb44140926bfd376b63c4925e | Etherscan

This framework defines a constrained set of actions that can only be executed with prior approval from Compound Governance through a process referred to as granting a “Phase”.

Let us provide a detailed breakdown:

What specific set of actions can the Goldenboys multisig initiate, and under what circumstances?
The multisig has the capability to execute the following actions:

Invest
Divest (including queuing a divestment and its completion)
Convert rewards into WETH
Update oracle fee (setter)
Before addressing the conditions under which each action can be triggered, it is important to note that the “Trust Setup” begins in a phase called NEUTRAL, during which the multisig does not possess any rights to initiate either investment or divestment.

Under what circumstances is a PHASE updated, and what are the implications of such an update?
As previously described, there are two actions that can only be enabled if Compound Governance grants the Goldenboys multisig the necessary permissions: invest and divest.

This process will be executed through the Timelock and requires calling the grantPhase(uint8) function. Setting the argument to 1 will enable the multisig to invest, while setting the argument to 2 will enable it to divest.

It is important to note that only the Compound Timelock has the absolute authority to change the PHASE.

How will the multisig safely handle each of the INVEST and DIVEST operations once the PHASE has been granted?

The “Trust Setup” is designed to ensure that the minOut for each action is protected by on-chain logic, thereby ensuring that trust is not solely dependent on the operational competence of the multisig but is also verifiable on-chain (see _ratioCompBpt(), _calcMinBpt(uint256) & _minCompOut(uint256). Furthermore, the architecture incorporates an additional slippage check to further safeguard these operations. This slippage check will be calculated off-chain by the Goldenboys multisig to prevent manipulation. Please refer to the following methods for further details: invest(uint256 _expectedMinBptOffchain) and commenceDivestment(uint256 _bptToDivest, uint256).

How are the rewards processed and to which destination are they sent?

Rewards are processed by the Goldenboys multisig, initially converting them into WETH. Subsequently, any bot can convert these WETH rewards into COMP tokens by referencing the COMP/WETH ratio provided by the Chainlink oracle. Upon completion of the swap, the resulting proceeds are sent atomically to the Comptroller, as hardcoded within the smart contract.

Proposal Overview

The goldCOMP DeFi vault created by the Golden Boys is an exciting new strategy designed to provide COMP holders yields on their COMP tokens. When a user places COMP into the goldCOMP vault, the depositor receives goldCOMP, a semi-liquid wrapped token representing their initial deposit. These goldCOMP tokens can be placed in a 99/1 Balancer pool , creating a passive income stream for COMP holders who plan to hold COMP for a long period of time. The depositor’s goldCOMP can be burnt to receive the initial COMP during regular withdrawal windows with no risk of slashing or penalty. GoldCOMP is an exciting investment opportunity for any COMP holder, aimed to enrich the Compound Finance ecosystem.

The proposal seeks a one year investment of 92,000 COMP of Treasury funds into the Trust Setup vault described above, to generate interest on 5% of treasury’s non-interest bearing COMP holdings.

Proposal Operations

Transfer 92,000 COMP to 0xb9259D9f2249eB7FB44140926BFd376B63c4925e
Call grantPhase(1) to ALLOW_INVESTMENT

1 Like

Hi @Humpy ,

As discussed in your previous proposal we had concerns about the trustlessness of the prior setup and we feel as if this has not been entirely fixed with this proposal. When looking at TrustSetup we noticed 2 things:

  • Any form of withdrawal action (divest) is solely controlled by GoldenBoyzMultisig, meaning that the DAO cannot actually recall funds at any time under their own discretion. The DAO would first vote to initiate a PHASE update and then trust that the GoldenBoyzMultisig calls the relevant divest functions.

  • The goldCOMP vault that funds are deposited into delegates the deposited COMP’s governance rights to the GoldenBoyzMultisig. The requested 92k COMP is more VP than most active delegates at the moment. @humpy yourself alone retains 96k in COMP + assuming any of these addresses are related as described in Cylon’s security notice that’s ~417k COMP which is enough to pass quorum and pose significant threats to governance. So even if the DAO wanted to withdraw funds there is a possibility that it gets voted down.

Unfortunately, due to the above concerns, we are not in favour of this proposal. But we do appreciate the efforts that have gone into creating the TrustSetup

7 Likes

Please note that a follow-up proposal from the Golden Boys, Proposal 279, was recently submitted and will begin its voting phase in less than two days.

While the Golden Boys have attempted to address community concerns with a “Trusted Setup” detailed in this forum post , there are still many concerns with this approach as detailed by @WintermuteGovernance. We agree with these concerns and do not believe this approach sufficiently addressed the core issue with the COMP tokens being delegated without any clawback mechanisms or oversight from the DAO.

OpenZeppelin also shares @WintermuteGovernance’s concern that the large amount of COMP being requested would constitute a governance attack risk. We also remind community members that there is still nearly 230K of COMP delegated from a ByBit withdrawal source which may be aligned with the Golden Boys proposals, even though they have not yet shown any activity in voting. More on that in our prior governance security notice.

If the community wishes to vote against this proposal, we urge ALL governance delegates to be prepared to vote on Proposal 279 in case a large number of new delegate votes come into play.

6 Likes

The Compound Growth team is evaluating similar liquidity initiatives. Security concerns aside, From our early analysis there are much better POL opportunities available leveraging partnerships from emerging chains and dexes available. Most of these opportunities we are evaluating are starting at 15-20% APR and some as high as 40% APR. More information will become available as we push out the different case studies.

@Humpy happy to have a chat and discuss however much higher yield opportunities are available than 5%.

1 Like