--- tags: governance, howto, omnibus --- # 31.05.22 How to check the vote for Merge-ready protocol upgrade (round 2) The vote [#130](https://mainnet.lido.fi/#/lido-dao/0x2e59a20f205bb85a89c53f1936454680651e618e/vote/130/) has the number of actions without descriptions. There is a list of things that are going to be performed: 1. Create role RESUME_ROLE and grant to Voting 2. Create role STAKING_PAUSE_ROLE and grant to Voting 3. Create role SET_EL_REWARDS_WITHDRAWAL_LIMIT_ROLE and grant to Voting 4. Set Execution Layer rewards withdrawal limit to 2BP 5. Wrap stETH burner into the composite receiver 6. Attach composite receiver to lido oracle as beacon report callback 7. Revoke 'BURN_ROLE' permissions from Voting 8. Grant 'BURN_ROLE' constrained permissions to stETH burner 9. Create role MANAGE_PROTOCOL_CONTRACTS_ROLE and grant to Voting 10. Revoke SET_TREASURY from Voting 11. Revoke SET_INSURANCE_FUND from Voting 12. Revoke SET_ORACLE from Voting To get the data in the voting script in readable format please refer to our how-to on checking Aragon votes: [https://docs.lido.fi/guides/checking-aragon-vote/](https://docs.lido.fi/guides/checking-aragon-vote/) Or use our new UI for Aragon votings: https://vote.lido.fi/vote/130 After parsing, you will get the list of elements. And here are explanations and all links to [etherscan.io](http://etherscan.io/) for verification: ## Point #1,2,3/12. ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: createPermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = 2fc10cc8ae19568712f7a176fb4978616a610650813c9d05326c34abb62749c7 _manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e ``` ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: createPermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = 84ea57490227bc2be925c684e2a367071d69890b629590198f4125a018eb1de8 _manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e ``` ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: createPermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = ca7d176c2da2028ed06be7e3b9457e6419ae0744dc311989e9b29f6a1ceb1003 _manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e ``` **1. Create role RESUME_ROLE and grant to Voting** **2. Create role STAKING_PAUSE_ROLE and grant to Voting** **3. Create role SET_EL_REWARDS_WITHDRAWAL_LIMIT_ROLE and grant to Voting** calls Aragon ACL‘s ([0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb](https://etherscan.io/address/0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)) [createPermission](https://etherscan.io/address/0x9f3b9198911054b122fdb865f8a5ac516201c339#code#L879) function with parameters: _entity is [Aragon Voting contract](https://etherscan.io/address/0x2e59A20f205bB85a89C53f1936454680651E618e) _app is [Lido contract](https://etherscan.io/address/0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84) _manager is [Aragon Voting contract](https://etherscan.io/address/0x2e59A20f205bB85a89C53f1936454680651E618e) The changing parameter in these three points is the _role: 1. _role is `keccak256('RESUME_ROLE') = 2fc10cc8ae19568712f7a176fb4978616a610650813c9d05326c34abb62749c7` 2. _role is `keccak256('STAKING_PAUSE_ROLE') = 84ea57490227bc2be925c684e2a367071d69890b629590198f4125a018eb1de8` 3. _role is `keccak256('SET_EL_REWARDS_WITHDRAWAL_LIMIT_ROLE') = ca7d176c2da2028ed06be7e3b9457e6419ae0744dc311989e9b29f6a1ceb1003` ## Point #4/12. ``` Contract: 0xae7ab96520de3a18e5e111b5eaab095312d7fe84 Function: setELRewardsWithdrawalLimit Inputs: _limitPoints: uint16 = 2 ``` **Set Execution Layer rewards withdrawal limit to 2BP** calls Lido's [0xae7ab96520de3a18e5e111b5eaab095312d7fe84](https://etherscan.io/address/0xae7ab96520de3a18e5e111b5eaab095312d7fe84) [setELRewardsWithdrawalLimit](https://etherscan.io/address/0x47ebab13b806773ec2a2d16873e2df770d130b50#code#F1#L454) function which sets limit on amount of ETH to withdraw from execution layer rewards vault per LidoOracle report _limitPoints - limit in basis points to amount of ETH to withdraw per LidoOracle report (_limitPoints: uint16 = 2) ## Point #5/12. ``` Contract: 0x55a7e1cbd678d9ebd50c7d69dc75203b0dbdd431 Function: addCallback Inputs: _callback: address = 0xB280E33812c0B09353180e92e27b8AD399B07f26 ``` **Wrap stETH burner into the composite receiver** calls CompositePostRebaseReportReceiver [0x55a7e1cbd678d9ebd50c7d69dc75203b0dbdd431](https://etherscan.io/address/0x55a7e1cbd678d9ebd50c7d69dc75203b0dbdd431) [addCallback](https://etherscan.io/address/0x55a7E1cbD678d9EbD50c7d69Dc75203B0dBdD431#code#F3#L46) function with a parameter _callback which is a new deployed contract SelfOwnedStETHBurner [0xB280E33812c0B09353180e92e27b8AD399B07f26](https://etherscan.io/address/0xB280E33812c0B09353180e92e27b8AD399B07f26) ## Point #6/12. ``` Contract: 0x442af784a788a5bd6f42a01ebe9f287a871243fb Function: setBeaconReportReceiver Inputs: _addr: address = 0x55a7E1cbD678d9EbD50c7d69Dc75203B0dBdD431 ``` **Attach composite receiver to lido oracle as beacon report callback** calls Oracle's [(0x442af784A788A5bd6F42A01Ebe9F287a871243fb)](https://etherscan.io/address/0x442af784a788a5bd6f42a01ebe9f287a871243fb) [setBeaconReportReceiver](https://etherscan.io/address/0x1430194905301504e8830ce4b0b0df7187e84abd#code#F1#L188) function, which sets the receiver contract address to `_addr` to be called when the report is pushed. _addr is CompositePostRebaseReportReceiver [0x55a7E1cbD678d9EbD50c7d69Dc75203B0dBdD431](https://etherscan.io/address/0x55a7E1cbD678d9EbD50c7d69Dc75203B0dBdD431) ## Point #7/12. ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: revokePermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22 ``` **Revoke 'BURN_ROLE' permissions from Voting** calls Aragon ACL‘s ([0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb](https://etherscan.io/address/0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)) [revokePermission](https://etherscan.io/address/0x9f3b9198911054b122fdb865f8a5ac516201c339#code#L923) function with parameters: _entity is [Aragon Voting contract](https://etherscan.io/address/0x2e59A20f205bB85a89C53f1936454680651E618e) _app is [Lido contract](https://etherscan.io/address/0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84) _role is `keccak256('BURN_ROLE') = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22` ## Point #8/12. ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: grantPermissionP Inputs: _entity: address = 0xB280E33812c0B09353180e92e27b8AD399B07f26 _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22 _params: uint256[] = [1766847064778384329583298519817564677528502418348182484542425076446822182] ``` **Grant 'BURN_ROLE' constrained permissions to stETH burner** calls Aragon ACL‘s ([0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb](https://etherscan.io/address/0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)) [grantPermissionP](https://etherscan.io/address/0x9f3b9198911054b122fdb865f8a5ac516201c339#code#L908) function with parameters: _entity is [SelfOwnedStETHBurner contract](https://etherscan.io/address/0xB280E33812c0B09353180e92e27b8AD399B07f26) _app is [Lido contract](https://etherscan.io/address/0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84) _role is `keccak256('BURN_ROLE') = e97b137254058bd94f28d2f3eb79e2d34074ffb488d042e3bc958e0a57d2fa22` The parameter `_params` is needed to check that the address can burn only its own tokens. For `_params` we use a string that is formed as concatenation of three params: ``` const argId = '0x00' // arg 0 const op = '01' // operation eq (Op.Eq == 1) const value = padWithoutPrefix(addr, 240 / 8) // pad 160bit -> 240bit, remove '0x' const paramStr = `${argId}${op}${value}` ``` addr is [SelfOwnedStETHBurner](https://etherscan.io/address/0xB280E33812c0B09353180e92e27b8AD399B07f26) 0xB280E33812c0B09353180e92e27b8AD399B07f26 ``` paramStr = '0x00'+'01'+'00000000000000000000' +'B280E33812c0B09353180e92e27b8AD399B07f26'’ ``` ``` (100000000000000000000B280E33812C0B09353180E92E27B8AD399B07F26)16 = (1766847064778384329583298519817564677528502418348182484542425076446822182)10  ``` that is equal to the parameter ``` _params: uint256[] = [1766847064778384329583298519817564677528502418348182484542425076446822182] ``` ## Point #9/12. ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: createPermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = eb7bfce47948ec1179e2358171d5ee7c821994c911519349b95313b685109031 _manager: address = 0x2e59A20f205bB85a89C53f1936454680651E618e ``` **Create role MANAGE_PROTOCOL_CONTRACTS_ROLE and grant to Voting** calls Aragon ACL‘s ([0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb](https://etherscan.io/address/0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)) [createPermission](https://etherscan.io/address/0x9f3b9198911054b122fdb865f8a5ac516201c339#code#L879) function with parameters: _entity is [Aragon Voting contract](https://etherscan.io/address/0x2e59A20f205bB85a89C53f1936454680651E618e) _app is [Lido contract](https://etherscan.io/address/0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84) _role is `keccak256('MANAGE_PROTOCOL_CONTRACTS_ROLE') = eb7bfce47948ec1179e2358171d5ee7c821994c911519349b95313b685109031` _manager is [Aragon Voting contract](https://etherscan.io/address/0x2e59A20f205bB85a89C53f1936454680651E618e) ## Point #10,11,12/12. ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: revokePermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = 9f6f8058e4bcbf364e89c9e8da7eb7cada9d21b7aea6e2fd355b4669842c5795 ``` ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: revokePermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = d6c7fda17708c7d91354c17ac044fde6f58fb548a5ded80960beba862b1f1d7d ``` ``` Contract: 0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb Function: revokePermission Inputs: _entity: address = 0x2e59A20f205bB85a89C53f1936454680651E618e _app: address = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84 _role: bytes32 = 11eba3f259e2be865238d718fd308257e3874ad4b3a642ea3af386a4eea190bd ``` **10. Revoke SET_TREASURY from Voting** **11. Revoke SET_INSURANCE_FUND from Voting** **12. Revoke SET_ORACLE from Voting** calls Aragon ACL‘s ([0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb](https://etherscan.io/address/0x9895f0f17cc1d1891b6f18ee0b483b6f221b37bb)) [revokePermission](https://etherscan.io/address/0x9f3b9198911054b122fdb865f8a5ac516201c339#code#L923) function with parameters: _entity is [Aragon Voting contract](https://etherscan.io/address/0x2e59A20f205bB85a89C53f1936454680651E618e) _app is [Lido contract](https://etherscan.io/address/0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84) And the third parameter differs in 10, 11, 12 points: 10. _role is `keccak256('SET_TREASURY') = 9f6f8058e4bcbf364e89c9e8da7eb7cada9d21b7aea6e2fd355b4669842c5795` 11. _role is `keccak256('SET_INSURANCE_FUND') = d6c7fda17708c7d91354c17ac044fde6f58fb548a5ded80960beba862b1f1d7d` 12. _role is `keccak256('SET_ORACLE') = 11eba3f259e2be865238d718fd308257e3874ad4b3a642ea3af386a4eea190bd`