OpenZeppelin Upgrades App for Gnosis Safe

 

As part of our efforts OpenZeppelin Upgrades Plugins for Buidler and Truffle to make smart contract upgrades safer and easier to use, we are rolling out a Gnosis Safe App for managing proxy-based smart contract upgrades! This allows you to transfer ownership of a proxy or proxy-admin to a Gnosis Safe, and use the app to directly propose an upgrade.

Governance of smart contracts systems is a critical part of the system’s security, and upgrades governance is particularly sensitive, since an upgrade has the potential to completely change a contract. The so-called admin-key risk is an important opsec problem, and no project should hit production with a single externally owned account having control over their users’ funds.

A first step that many projects take in the path of progressive decentralization is to start with a multi-sig wallet having admin rights of the protocol. This requires a minimum number of trusted parties to be in agreement of every change to be implemented, and mitigates the security risk of a single key being compromised.

However, the usability of multi-sig wallets for managing upgrades has not been the best. It often required custom scripts and setups difficult to review. With that in mind, and in collaboration with the Gnosis team, we set out to build a new App specifically for upgrades management.

The app can manage proxies from the OpenZeppelin Upgrades library, which follow the EIP 1967 standard, and expose an upgradeTo method. It can upgrade proxies directly owned by the Safe, or proxies managed by a proxy-admin which is in turn owned by the Safe. All you need to do is choose the proxy address, the new implementation address, and hit upgrade. This will create a new transaction proposal in the Safe that, when executed, will perform the upgrade.

You can start using the App today by going to your Gnosis Safe Apps list, and choose the OpenZeppelin Upgrades app from the list.


This app is part of our effort to make upgrades safer and easier to use not just during development, but also during the operations of an Ethereum project. We are working on more products to address operational security of smart contract systems, so let us know if you have any suggestions for us!