FIP-55: PCV Guardian

Summary:
Introduce the PCV Guardian which can move PCV only to governance whitelisted locations.

Motivation:
Governance takes multiple days to act and is extremely public. In the event of an issue where assets need to be moved quickly, there is no way to do so.

Giving PCV control to the existing Guardian multisig alone would be a huge risk and trust in the Guardian to not be malicious. Contracts should be used instead to minimize trust.

Proposal:
Create a contract which can move PCV only to safe locations, namely other PCV deposits that are particularly low risk.

This would help save assets in the event of a hack or extreme market conditions if Fei Protocol has a heads up.

The code exists here: fei-protocol-core/PCVGuardian.sol at feat/v2/base · fei-protocol/fei-protocol-core · GitHub and is audited by ConsenSys Diligence

  • Yes PCV Guardian
  • No PCV Guardian

0 voters

3 Likes

Can you please elaborate whether this new function allows PCV to be moved only to whitelisted locations with or without timelock (without timelock being an effective emergency switch); or the PCV can be moved to whitelisted locations without timelock and continue to be moved to all locations pending governance vote?

This is a great initiative, and I have been advocating for an emergency unwind button for many months.
I am wondering what is the list of “PCV deposits that are particularly low risk”?

Excellent question. Only to whitelist without timelock via Guardian (emergency switch).

Governance can move PCV as usual.

Currently I have the DAO itself for all ERC20 (i.e. the withdraw goes back to DAO timelock) and Compound, Aave, Reserve stabilizer for ETH. Open to suggestions if we should add more but I think this is a good start

1 Like

Snapshot live Snapshot