Dual Governance release is around the corner & the Aragon vote starts this Wednesday.
To make sure that Dual Governance is sane and sound, four layers were audited:
• Specs: mechanism design, proposal lifecycle, critical governance states.
• Code: contracts for signalling escrow, rage quit, timelocks, committees.
• Parameters: thresholds, delays, triggers.
• Deployment & vote: mainnet contracts match audited code, voting script.
See who's tested, audited & certified Dual Governance:
Dual Governance is designed to protect Lido DAO and stETH holders from governance attacks. Yet, the mechanism is so complex it could become an attack vector itself.
To make sure this isn't the case, several teams tried to break it (repeatedly).
This included Lido contributors and some of the best security teams in the space.
👇
Specs
The Technical Specification outlines the key implementation details of the system mechanics.
It has undergone two third-party design reviews:
• @CertoraInc:
• @rv_inc:
Code
The final code version is published on GitHub:
Formal verification by:
1. @CertoraInc
2. @rv_inc
Audited by:
1. @OpenZeppelin
2. @statemindio
More on each 👇
@CertoraInc
Performed formal verification and security assessment of the system. Modeled the full logic, encoded key invariants, and stress-tested critical conditions for malicious proposals, separately stressing the flashloan-enabled attack vectors.
🧾
@OpenZeppelin
Reviewed the implementation in two rounds, identifying logic risks and implementation flaws. Challenged assumptions and edge cases, including non-obvious failure modes.
🧾
@statemindio
Brought a fresh perspective and helped validate the system's resilience against edge behavior and potential abuse. Audited both the core mechanics and interactions between the governance contours + performed deployment verification.
🧾
@rv_inc
Ran deep formal analysis of the system's behavior over time. Checked safety and liveness guarantees, especially around Veto Signalling, Rage Quit, and timelock transitions.
🧾
Agent-based model research by @CollectifDAO
Ran stress simulations using a public model to assess how different actors could manipulate proposal flow or stall exits.
🧾
39.94K
0
The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.