Try   HackMD

How to check the Lido DAO onchain vote #183

What the vote is about

It packs together the execution of the two different motions:

  • CSM: Enable Permissionless Phase, Increase the Share Limit and Increase the Priority Exit Threshold
  • Node Operator (NO) Acquisitions: Change the name of Bridgetower to Solstice

Resources for the Proposal Validation

The resources mentioned in this section are assumed to be trustworthy and reliable.

Voting Script

I. CSM: Enable Permissionless Phase, Increase the Share Limit and Increase the Priority Exit Threshold

  1. Grant MODULE_MANAGER_ROLE on CS Module to Aragon Agent
  • The CSModule address can be checked via Lido docs
  • The vote calls the method grantRole with the parameters role set to 0x79dfcec784e591aafcf60db7db7b029a5c8b12aac4afd4e8c4eb740430405fa6 (that's the keccak of "MODULE_MANAGER_ROLE" that can be verified by calling this method) and account set to 0x3e40D73EB977Dc6a537aF587D48316feE66E9C8c (that's the address of the AragonAgent that can be verified via Lido docs)
    ​​​​On [CSModule]
    ​​​​0xdA7dE2ECdDfccC6c3AF10108Db212ACBBf9EA83F
    
    ​​​​function grantRole(
    ​​​​    bytes32 role,
    ​​​​    address account
    ​​​​)
    
    ​​​​Call data:
    ​​​​[1] 0x79dfcec784e591aafcf60db7db7b029a5c8b12aac4afd4e8c4eb740430405fa6
    ​​​​[2] [AragonAgent] 0x3e40D73EB977Dc6a537aF587D48316feE66E9C8c
    
  1. Activate public release mode on CS Module
  • The CSModule address can be checked via Lido docs
  • The current state can be checked by querying the publicRelease method – it should return false
  • The vote calls the method activatePublicRelease as requested in the research forum post and supported during the snapshot
    ​​​​On [CSModule]
    ​​​​0xdA7dE2ECdDfccC6c3AF10108Db212ACBBf9EA83F
    
    ​​​​function activatePublicRelease()
    
    ​​​​Call data:
    ​​​​[empty]
    
  1. Increase stake share limit from 1% to 2% on CS Module and increase the priority exit threshold from 1.25% to 2.5%
  • The StakingRouter address can be checked via Lido docs
  • The current data can be checked by querying the getStakingModule method with id set to 3 (the id given to the CSM when it was created) – it should return the structure with the current data
  • The vote calls the method updateStakingModule with a couple of new parameters – new _stakeShareLimit set to 200, _priorityExitShareThreshold set to 250, and the rest of the parameters are the same as they were
    ​​​​On [StakingRouter]
    ​​​​0xFdDf38947aFB03C621C71b06C9C70bce73f12999
    
    ​​​​function updateStakingModule(
    ​​​​    uint256 _stakingModuleId,
    ​​​​    uint256 _stakeShareLimit,
    ​​​​    uint256 _priorityExitShareThreshold,
    ​​​​    uint256 _stakingModuleFee,
    ​​​​    uint256 _treasuryFee,
    ​​​​    uint256 _maxDepositsPerBlock,
    ​​​​    uint256 _minDepositBlockDistance
    ​​​​)
    
    ​​​​Call data:
    ​​​​[1] 3
    ​​​​[2] 200
    ​​​​[3] 250
    ​​​​[4] 600
    ​​​​[5] 400
    ​​​​[6] 30
    ​​​​[7] 25
    
  1. Revoke MODULE_MANAGER_ROLE on CS Module from Aragon Agent
  • The CSModule address can be checked via Lido docs
  • The vote calls the method revokeRole with the parameters role set to 0x79dfcec784e591aafcf60db7db7b029a5c8b12aac4afd4e8c4eb740430405fa6 (that's keccak of "MODULE_MANAGER_ROLE" that can be verified by calling this method) and account set to 0x3e40D73EB977Dc6a537aF587D48316feE66E9C8c (that's the address of the AragonAgent that can be verified via Lido docs)
    ​​​​On [CSModule]
    ​​​​0xdA7dE2ECdDfccC6c3AF10108Db212ACBBf9EA83F
    
    ​​​​function revokeRole(
    ​​​​    bytes32 role,
    ​​​​    address account
    ​​​​)
    
    ​​​​Call data:
    ​​​​[1] 0x79dfcec784e591aafcf60db7db7b029a5c8b12aac4afd4e8c4eb740430405fa6
    ​​​​[2] [AragonAgent] 0x3e40D73EB977Dc6a537aF587D48316feE66E9C8c
    

II. NO Acquisitions: Bridgetower is now part of Solstice Staking
5. Rename Node Operator ID 17 from BridgeTower to Solstice

  • NodeOperatorsRegistry address can be checked via Lido docs
  • The current name can be checked by querying getNodeOperator method with _nodeOperatorId set to 17 and _fullInfo set to true – it should return a structure with the field name equal to BridgeTower
  • The vote calls the method setNodeOperatorName with the parameters _nodeOperatorId set to 17 and _name set to Solstice as requested in the research forum post
    ​​​​On [NodeOperatorsRegistry]
    ​​​​0x55032650b14df07b85bF18A3a3eC8E0Af2e028d5
    
    ​​​​function setNodeOperatorName(
    ​​​​    uint256 _nodeOperatorId,
    ​​​​    string _name
    ​​​​)
    
    ​​​​Call data:
    ​​​​[1] 17
    ​​​​[2] Solstice
    

How to Validate the Proposals

Using the how-to, one can verify all addresses and details of the instruction. Let's check one address as an example to ensure it is not malicious.

Imagine the following situation: there was a merger of two different node operators (NOs) that resulted in a request to change the name of a NO.

To do that, we go through several steps:

  1. At first, we're going to work with https://docs.lido.fi to make sure that the contract belongs to Lido:

    • In the search bar in the upper-right corner, paste the address and click on the result
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
    • Using Cmd + F (on Mac) or Control + F (on Windows), find the address on the page and check that it belongs to the registry:
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
  2. Next, we want to make sure that the method mentioned in the instruction does what it says it does:

    • Go to the contract page (click on the address);
    • Press the "Contract" button:
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
    • Press the β€œWrite as Proxy” button:
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
    • Find the method mentioned in the instruction and click on its name, then check the description:
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
  3. We need to check the params:

    • Ensure that the names of the params for the method setNodeOperatorName on https://etherscan.io and in the instruction match:
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
  4. Now, let's verify the values of the params:

    • Ensure that the values mentioned in the description and in the code match:
      Image Not Showing Possible Reasons
      • The image was uploaded to a note which you don't have access to
      • The note which the image was originally uploaded to has been deleted
      Learn More β†’
  5. At last, it's necessary to verify that the description of the proposal on https://research.lido.fi (+ https://snapshot.org/#/lido-snapshot.eth if there's a snapshot) and in the instruction match. Don't forget to check the author of the proposal and comments (to ensure there are no objections)

We've verified one address, the params for its method, and the description of the proposal by using https://etherscan.io/, https://docs.lido.fi, https://snapshot.org/#/lido-snapshot.eth, and https://research.lido.fi/. By following these steps, you can verify the rest of the information provided in this instruction to ensure that it is not malicious.