Try   HackMD

31.05.22 How to check the vote for Merge-ready protocol upgrade (round 2)

The vote #130 has the number of actions without descriptions. There is a list of things that are going to be performed:

  1. Create role RESUME_ROLE and grant to Voting
  2. Create role STAKING_PAUSE_ROLE and grant to Voting
  3. Create role SET_EL_REWARDS_WITHDRAWAL_LIMIT_ROLE and grant to Voting
  4. Set Execution Layer rewards withdrawal limit to 2BP
  5. Wrap stETH burner into the composite receiver
  6. Attach composite receiver to lido oracle as beacon report callback
  7. Revoke 'BURN_ROLE' permissions from Voting
  8. Grant 'BURN_ROLE' constrained permissions to stETH burner
  9. Create role MANAGE_PROTOCOL_CONTRACTS_ROLE and grant to Voting
  10. Revoke SET_TREASURY from Voting
  11. Revoke SET_INSURANCE_FUND from Voting
  12. Revoke SET_ORACLE from Voting

To get the data in the voting script in readable format please refer to our how-to on checking Aragon votes: https://docs.lido.fi/guides/checking-aragon-vote/
Or use our new UI for Aragon votings: https://vote.lido.fi/vote/130
After parsing, you will get the list of elements. And here are explanations and all links to etherscan.io for verification:

Point #1,2,3/12.

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: createPermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = 2fc10cc8ae19568712f7a176fb4978616a610650813c9d05326c34abb62749c7
_manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: createPermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = 84ea57490227bc2be925c684e2a367071d69890b629590198f4125a018eb1de8
_manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: createPermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = ca7d176c2da2028ed06be7e3b9457e6419ae0744dc311989e9b29f6a1ceb1003
_manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e

1. Create role RESUME_ROLE and grant to Voting
2. Create role STAKING_PAUSE_ROLE and grant to Voting
3. Create role SET_EL_REWARDS_WITHDRAWAL_LIMIT_ROLE and grant to Voting

calls Aragon ACL‘s (0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)
createPermission function with parameters:
_entity is Aragon Voting contract
_app is Lido contract
_manager is Aragon Voting contract

The changing parameter in these three points is the _role:

  1. _role is keccak256('RESUME_ROLE') = 2fc10cc8ae19568712f7a176fb4978616a610650813c9d05326c34abb62749c7
  2. _role is keccak256('STAKING_PAUSE_ROLE') = 84ea57490227bc2be925c684e2a367071d69890b629590198f4125a018eb1de8
  3. _role is keccak256('SET_EL_REWARDS_WITHDRAWAL_LIMIT_ROLE') = ca7d176c2da2028ed06be7e3b9457e6419ae0744dc311989e9b29f6a1ceb1003

Point #4/12.

Contract: 0xae7ab96520de3a18e5e111b5eaab095312d7fe84
Function: setELRewardsWithdrawalLimit
Inputs:
_limitPoints: uint16 = 2

Set Execution Layer rewards withdrawal limit to 2BP

calls Lido's 0xae7ab96520de3a18e5e111b5eaab095312d7fe84
setELRewardsWithdrawalLimit function which sets limit on amount of ETH to withdraw from execution layer rewards vault per LidoOracle report
_limitPoints - limit in basis points to amount of ETH to withdraw per LidoOracle report (_limitPoints: uint16 = 2)

Point #5/12.

Contract: 0x55a7e1cbd678d9ebd50c7d69dc75203b0dbdd431
Function: addCallback
Inputs:
_callback: address = 0xB280E33812c0B09353180e92e27b8AD399B07f26

Wrap stETH burner into the composite receiver

calls CompositePostRebaseReportReceiver 0x55a7e1cbd678d9ebd50c7d69dc75203b0dbdd431
addCallback function with a parameter _callback which is a new deployed contract SelfOwnedStETHBurner 0xB280E33812c0B09353180e92e27b8AD399B07f26

Point #6/12.

Contract: 0x442af784a788a5bd6f42a01ebe9f287a871243fb
Function: setBeaconReportReceiver
Inputs:
_addr: address = 0x55a7E1cbD678d9EbD50c7d69Dc75203B0dBdD431

Attach composite receiver to lido oracle as beacon report callback
calls Oracle's (0x442af784A788A5bd6F42A01Ebe9F287a871243fb) setBeaconReportReceiver function, which sets the receiver contract address to _addr to be called when the report is pushed.
_addr is CompositePostRebaseReportReceiver
0x55a7E1cbD678d9EbD50c7d69Dc75203B0dBdD431

Point #7/12.

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: revokePermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22

Revoke 'BURN_ROLE' permissions from Voting
calls Aragon ACL‘s (0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)
revokePermission function with parameters:
_entity is Aragon Voting contract
_app is Lido contract
_role is keccak256('BURN_ROLE') = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22

Point #8/12.

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: grantPermissionP
Inputs:
_entity: address = 0xB280E33812c0B09353180e92e27b8AD399B07f26
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22
_params: uint256[] = [1766847064778384329583298519817564677528502418348182484542425076446822182]

Grant 'BURN_ROLE' constrained permissions to stETH burner
calls Aragon ACL‘s (0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)
grantPermissionP function with parameters:
_entity is SelfOwnedStETHBurner contract
_app is Lido contract
_role is keccak256('BURN_ROLE') = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22

The parameter _params is needed to check that the address can burn only its own tokens.
For _params we use a string that is formed as concatenation of three params:

​​ const argId = '0x00' // arg 0
​​ const op = '01' // operation eq (Op.Eq == 1)
​​ const value = padWithoutPrefix(addr, 240 / 8) // pad 160bit -> 240bit, remove '0x'
​​ 
​​ const paramStr = `${argId}${op}${value}`

addr is SelfOwnedStETHBurner 0xB280E33812c0B09353180e92e27b8AD399B07f26

paramStr = '0x00'+'01'+'00000000000000000000'
​​          +'B280E33812c0B09353180e92e27b8AD399B07f26'’

(100000000000000000000B280E33812C0B09353180E92E27B8AD399B07F26)16 = 
(1766847064778384329583298519817564677528502418348182484542425076446822182)10 

that is equal to the parameter

_params: uint256[] = [1766847064778384329583298519817564677528502418348182484542425076446822182]

Point #9/12.

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: createPermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = eb7bfce47948ec1179e2358171d5ee7c821994c911519349b95313b685109031
_manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e

Create role MANAGE_PROTOCOL_CONTRACTS_ROLE and grant to Voting
calls Aragon ACL‘s (0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)
createPermission function with parameters:
_entity is Aragon Voting contract
_app is Lido contract
_role is keccak256('MANAGE_PROTOCOL_CONTRACTS_ROLE') = eb7bfce47948ec1179e2358171d5ee7c821994c911519349b95313b685109031
_manager is Aragon Voting contract

Point #10,11,12/12.

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: revokePermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = 9f6f8058e4bcbf364e89c9e8da7eb7cada9d21b7aea6e2fd355b4669842c5795

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: revokePermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = d6c7fda17708c7d91354c17ac044fde6f58fb548a5ded80960beba862b1f1d7d

Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb
Function: revokePermission
Inputs:
_entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e
_app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84
_role: bytes32 = 11eba3f259e2be865238d718fd308257e3874ad4b3a642ea3af386a4eea190bd

10. Revoke SET_TREASURY from Voting
11. Revoke SET_INSURANCE_FUND from Voting
12. Revoke SET_ORACLE from Voting
calls Aragon ACL‘s (0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)
revokePermission function with parameters:
_entity is Aragon Voting contract
_app is Lido contract

And the third parameter differs in 10, 11, 12 points:
10. _role is keccak256('SET_TREASURY') = 9f6f8058e4bcbf364e89c9e8da7eb7cada9d21b7aea6e2fd355b4669842c5795
11. _role is keccak256('SET_INSURANCE_FUND') = d6c7fda17708c7d91354c17ac044fde6f58fb548a5ded80960beba862b1f1d7d
12. _role is keccak256('SET_ORACLE') = 11eba3f259e2be865238d718fd308257e3874ad4b3a642ea3af386a4eea190bd

Last changed by 
lido
Lido Finance
0
1161
Published on HackMD