Below are the opinions of the UADP:
The following points are more relevant to the DAO as opposed to the Superboring team.
From what I can recall, this is the third instance of a proposal like this being proposed. The last two examples passed successfully through the Snapshot phase.
Example 1: RARI — passed both onchain and Snapshot
Example 2: USDS and sUSDS (Sky tokens) — passed Snapshot
The Generic Custom Gateway Router is owned by the Arbitrum DAO, and only the DAO can approve new custom gateway registrations through a constitutional AIP. This involves calling setGateways on the Router, which maps the L1 token to its custom L2 contract, ensuring a canonical address to avoid multiple L2 representations of the same token, which would probably confuse users and developers.
Many “random” tokens are bridgeable without a governance vote because they use the permissionless standard ERC-20 gateway, which supports basic ERC-20 functionality without needing DAO approval. But projects like Sky and RARI require governance because they use the Generic Custom Gateway for tokens with non-standard features (including governance, interest accrual, etc.), which involves modifying the DAO-controlled Router.
In our opinion, the process behind these proposals has been unnecessarily arduous. Delegates ideally shouldn’t be tasked with facilitating such proposals through the governance process, especially considering that this is a constitutional AIP. We are having enough trouble hitting quorum onchain, and with a proposal like this, delegates are tasked with overhead that can otherwise be mitigated. There should be an effort to integrate a more seamless operational mechanism for these initiatives. We do understand that proposals like this are classified as constitutional AIPs because they modify core protocol components, namely the bridge. So, to prevent trust issues around core changes from being altered too drastically, we propose a more streamlined process for instituting these proposals:
-
- Projects submit their custom gateway and L2 token contracts to OCL for a technical review to confirm compatibility with the Generic Custom Gateway Router, bridge security standards, etc. Community feedback on Sky’s proposal emphasized that delegates preferred that OCL was consulted as opposed to consulting the whole DAO, with most delegates having minimal to no key feedback on the proposal.
-
- Projects must attain an audit (like RARI was reviewed by OpenZeppelin and Sky by ChainSecurity) for their custom gateway and L2 token contracts, verifying security and compliance with Arbitrum’s bridge standards.
-
- After pre-validation by OCL and auditors, the project team can post a proposal with the stated stamps of approval so that delegates have an easier time conducting a review.
We are also curious to hear alternative means by which operations can be made more seamless.