Summary
We propose adding oSnap, a governance tool developed by UMA, to the Gitcoin Grants Matching Pool Safe to allow for automatic Safe Tx execution of grant distributions after successful Snapshot votes.
This is an amended proposal that incorporates feedback from the Gitcoin team and community. The original proposal can be found here.
Abstract
The current grant process relies on multi-sig signers of the Gitcoin Grants Matching Pool Safe to govern and manage funds because grant funds are in a Safe that is separate from the Gitcoin treasury. Adding oSnap enables GTC voting to govern how the funds are allocated from the Safe and removes the reliance on the multi-sig signers.
oSnap secures over $250M for treasuries including CoW Protocol, Across, Connext and Shapeshift. A dashboard of all oSnap users can be viewed here. oSnap was built by UMA, an experienced leader in optimistic verification. UMA’s optimistic oracle currently secures $450M of TVS across bridges, prediction markets and governance tools.
Motivation
Adding oSnap decentralizes the execution of grant decisions and empowers GTC holders by enabling tokenholders to govern how the Gitcoin Grants Matching Pool Safe funds are allocated. Due to Gitcoin grant funds being in a Safe and Gitcoin having an active Snapshot space, adding oSnap requires minimal effort and no disruption to existing DAO governance systems. On top of these benefits, oSnap is highly aligned with Gitcoin as it is a public good that increases decentralization.
Specification
oSnap is a module that is added to a Safe with rules on how to evaluate a Snapshot proposal. oSnap Safe app lets you add oSnap to your Snapshot space and Safe in a few minutes with no developer time required. A video demonstration of the oSnap Safe App can be viewed here.
Once enabled, Snapshot proposals related to the distribution of funds from Gitcoin’s Gitcoin Grants Matching Pool Safe can include transaction data with the proposal (details below). After a successful Snapshot vote, the transaction is proposed in Safe (put onchain) and verified by UMA’s optimistic oracle before being executed by the Safe. There will be no changes to the Gitcoin DAO treasury or proposals for treasury distributions or social votes relating to governance, removing a director, etc.
The updated Snapshot flow for proposals that include grant distributions would be:
- An oSnap enabled Snapshot proposal is created. This process is the same as a normal Snapshot proposal with the addition of transaction data that will be verified and executed if the proposal passes. The Snapshot transaction builder is specifically designed to make it easy to create and verify transaction data for token transfers.
- GTC holders vote on the proposal like any other Gitcoin Snapshot proposal
- If GTC holders approve the proposal by vote, any address can post a bond (2 WETH) for a challenge period (1 to 3 days) and propose to execute the transactions onchain. UMA has implemented a bot that validates proposals (vote passed, meets min voting period/quorum) and posts the bond for DAOs along with covering gas costs for execution (there are no fees to use oSnap).
- If no dispute arises about the proposal’s accuracy during the challenge period, the transactions can then be executed.
- In case of a dispute, the proposal is not executed. UMA token holders vote to resolve the dispute, with the correct party rewarded from the opposing party’s bond. This bonding and dispute mechanism punishes incorrect proposers and disputers and incentivizes honest disputes. Any proposal that was incorrectly disputed can be re-proposed to the oracle for execution without requiring revoting. It is important to note, the dispute resolution decided by UMA token holder votes are not deciding if the transactions can be executed or not, only the bond allocation between the proposer and disputer.
UMA created and maintains oSnap as a public good with no implementation or usage fees because we believe decentralized governance tools are critical to the entire Web3 ecosystem. Since UMA is already running robust monitoring across all of our optimistic oracle integrations and can recycle the bonds posted, the additional costs associated with these services are negligible and it is sustainable to continue providing this service for DAOs. If any changes were to be made in the future, we are committed to having existing DAOs not face any changes (aka be “grandfathered in”).
Benefits
The benefits of Gitcoin adopting oSnap are:
- oSnap enables GTC voting to govern how Gitcoin Grants Matching Pool funds are allocated and remove the reliance on the Safe multi-sig signers (signers can still act as a fail safe, if needed).
- Transaction payloads included in proposals that are approved by voters are trustlessly and permissionlessly executed which increases transparency and decentralization.
- Automatic transaction execution by UMA bots is faster than waiting for multi-sig signers along with the bot paying the gas costs for execution. The gas cost of the transaction execution is paid for by these bots instead of the multi-sig signers.
- The UMA team is continuously making frontend improvements as per user feedback and improving open source monitoring infrastructure for oSnap.
UMA has also focused significant resources on monitoring efforts:
- The same bot that proposes and executes transactions also automatically disputes inaccurate proposals if the following criteria are not met:
- The proposed onchain transactions match the transactions that were approved in the Snapshot proposal
- The Snapshot proposal passed with the minimum parameters specified (majority in favor, meets minimum voting period and quorum)
- The proposal follows the strategy specified in the Snapshot space.
- Proposals are included in the UMA Oracle UI (https://oracle.uma.xyz/) which is the same interface used by disputers verifying and disputing for other third-party integrations (Polymarket, Sherlock, Cozy, and other oSnap integrations).
- UMA sponsors a verification program, that pays UMA community members to verify all optimistic oracle assertions So when any transactions are proposed through oSnap, a Discord ticket is automatically created and an experienced verifier from the UMA community completes a multi-step verification process that focuses on areas such as the transaction payload matching the intent of the proposal, verifies transactions do not include interactions with malicious contracts, etc.
Drawbacks
While we recognize UMA is new to Gitcoin, oSnap has been deployed without problems to other ecosystems. We are hoping to forge a stronger relationship with Gitcoin to overcome the unknown nature of the technology and team supporting it.
It is worth noting that automation tools like this are only as secure as the voting structure and votes themselves. Configuration of Snapshot now becomes an attack vector for those with the authority to make proposals where previously off chain proposals were still gated by the safe signers. We plan to work with Gitcoin to ensure the snapshot strategies are sound and configured properly for their implementation along with Gitcoin being comfortable with the steps to include transfers in Snapshot proposals.
Onchain bot proposed transactions may expose the treasury to funds being drained if there is an error in the mechanism or transaction payload approved on Snapshot. The waiting period, challenge period, and the bot proposing transactions directly from Snapshot help alleviate that risk, but it’s difficult to guarantee no such actions can ever occur.
While oSnap has been audited by Open Zeppelin, as with any system, there may be unforeseen vulnerabilities.
Vote
For - Formalizes the community is “for” adding oSnap to the Gitcoin Grants Safe.
Against - Formalizes the community is “against” adding oSnap to the Gitcoin Grants Safe.
