Update Governance Timelock Admin

Summary

A proposal to transfer the Governance Timelock admin to the Treasury League multisig before the forthcoming IDLE snapshot to mitigate the risk of governance attack.

Background

The Idle DAO governance relies on token-weighted voting, which is effective in normal conditions. However, this system can be vulnerable to governance attacks if an actor acquires a significant amount of IDLE tokens. Past incidents in the DeFi ecosystem, such as the one suffered in 2024 by the Compound DAO, have demonstrated how malicious governance actions can disrupt protocols, resulting in significant financial and reputational damage.

Currently, Idle DAO governance holds critical control via Governor Bravo, which in turn uses the Idle Timelock over all BY products, the Fee treasury, ecosystem funds, long term LP funds and other DAO contracts.

Proposal

The primary goal of this proposal is to prevent a governance attack that could happen after the upcoming IDLE snapshot.

A malicious actor could purchase IDLE tokens at market prices, which will likely be impacted by the forthcoming snapshot, gain significant voting power, and execute harmful proposals. These include but are not limited to:

  • Stealing DAO treasury funds: Redirecting funds intended for community growth or strategic initiatives held in the DAO treasury.
  • Disrupting Best Yield functionalities: reallocating funds deposited in the Best Yield smart contracts.

By temporarily transferring the admin of the Governance Timelock to the TL multisig, the Idle DAO can ensure that critical functions are safeguarded against potential exploits during this transition period.

This proposal is a proactive measure to strengthen the Idle DAO’s governance structure and protect the protocol from potential threats. By moving the admin of the Timelock contract to the TL multisig before the upcoming IDLE snapshot, we ensure that the protocol remains secure, reduce the risk of governance attack, and safeguard DAO treasury and Best Yield users.

Next steps

We are going to open the temperature check soon to ensure the security change is in place before the incoming snapshot.

3 Likes

Temperature check voting

The voting phase to approve the update of governance timelock admin starts now :ballot_box:

  • For - Agree with the governance timelock admin update
  • Against - Disagree with the governance timelock admin update
  • Discuss more - Discuss more the governance timelock admin update

:arrow_right: Poll for $IDLE holders: HERE
:arrow_right: Poll for $IDLE stakers (stkIDLE holders): HERE

:alarm_clock: Polls will close on 2025-01-10T14:00:00Z

The final $IDLE voting weights will be calculated using the approved calculator.

Looking to delegate your vote on Snapshot? Follow the official Snapshot guide.

Let your vote count! :writing_hand:

1 Like

We are aware of an issue preventing users from voting on the new Snapshot app.

In the meantime, $IDLE holders and stakers can rely on the v1 app to cast their votes.

:arrow_right: Poll for $IDLE holders: HERE
:arrow_right: Poll for $IDLE stakers (stkIDLE holders): HERE

:alarm_clock: Polls will close on 2025-01-10T14:00:00Z

1 Like

Temperature check results

Temperature Check passed :white_check_mark:

The Timelock admin update has been approved and the needed actions will be included in the next IIP-42.

Voting option Votes Distribution
For 954,034* 100%
Against 0 0
Discuss more 0 0

*290,536 from stkIDLE

1 Like