Proposals

Proposals

/

Proposal

Executed

[TFIP-42] — Timelock Migration to Gnosis Safe Multi-Sig (Transition Period)

User profile image

by

by

0x5D545DE6e81da180dBbb57926a0e49be7...

0x5D54...8Fb7

ID 230633...2571

ID 230633...2571

Proposed on: Mar 30th, 2026

Proposed on: Mar 30th, 2026

Votes

Actions

Type

Address

Details

Custom

0x4f4A...3d07

grantRole(..)

Custom

Account

0x4f4A...3d07

Method

grantRole(..)

Custom

0x4f4A...3d07

grantRole(..)

Custom

Account

0x4f4A...3d07

Method

grantRole(..)

Custom

0x4f4A...3d07

grantRole(..)

Custom

Account

0x4f4A...3d07

Method

grantRole(..)

Custom

0x4f4A...3d07

grantRole(..)

Custom

Account

0x4f4A...3d07

Method

grantRole(..)

Custom

0x4f4A...3d07

revokeRole(..)

Custom

Account

0x4f4A...3d07

Method

revokeRole(..)

Proposal

Abstract

This is a defensive, temporary measure to secure protocol infrastructure during governance migration.

This proposal requests that the TrueFi DAO authorize the transfer of all administrative roles currently held by the DaoGovernor over the Timelock contract 0x4f4AC7a7032A14243aEbDa98Ee04a5D7Fe293d07 to the existing New Treasury Gnosis Safe multi-signature wallet 0xC03151bAc97F692e5b71Eb49635A624141f7477b on Ethereum Mainnet.

This transition is a temporary security measure designed to protect protocol-controlled vault factories and legacy smart contracts during the governance migration period. Specifically, this applies to the window in which:

  • TRU tokens are locked in the Asset Portal, and
  • The BRLA-based governance system on HyperEVM has not yet been deployed.

Background & Motivation

Current Governance Architecture

TrueFi’s on-chain governance currently operates via Tally(DaoGovernor), where TRU token holders stake and vote on proposals. Successful proposals are executed through the Timelock smart contract, which acts as the administrator of several legacy components, including:

  • Vault factories on Ethereum Mainnet
  • Various legacy TrueFi smart contracts
  • Other protocol-controlled addresses

Timelock Address: 0x4f4AC7a7032A14243aEbDa98Ee04a5D7Fe293d07

The Governance Transition Problem

TrueFi DAO is undergoing a strategic governance migration:

  • TRU (Ethereum) → no longer the primary governance token
  • BRLA (HyperEVM) → will become the new governance instrument

This creates a temporary but critical security gap:

  1. TRU tokens are locked in the Asset Portal and cannot vote
  2. BRLA governance is not yet live
  3. Cross-chain governance (HyperEVM → Ethereum) is not deployed

During this period, the Timelock could be vulnerable to a low-participation governance attack.

The Risk

If no action is taken:

  • Governance attacks via Tally remain possible
  • Vault factories and legacy contracts remain exposed
  • Timelock delays limit the DAO’s ability to respond quickly

Proposal

Primary Action — Transfer Tally's admin roles over Timelock contract to Gnosis Safe

All administrative roles currently held by the Tally shall be transferred to:

New Admin (Gnosis Safe): 0xC03151bAc97F692e5b71Eb49635A624141f7477b

This Safe is already used as the New Treasury and operates as a 4-of-7 multi-signature wallet.

Why a Gnosis Safe Multi-Sig

  • No single-party control
  • Higher resistance to manipulation vs low-turnout votes
  • Fully reversible once new governance is live
  • Already known and trusted by the community

Gnosis Safe Details

Safe Address: 0xC03151bAc97F692e5b71Eb49635A624141f7477b

Network: Ethereum Mainnet

Threshold: 4 of 7

Type: Gnosis Safe

Signers:

AddressSigner0x5D545DE6e81da180dBbb57926a0e49be7c868Fb7 - Stefan Tanase 0x546AB7E55E9c9790679Bb2bE905300322A59Bb10 - 2nd CFO 0x97F8De405D7e70c0F66c2308d9882A9227097d6f - Sebastien Davies 0x25022f216b97641d396e6Efe68ba45F80AD7A56b - Ferengi 0xB2F3cE5e63b0c303C475667f8CB28a47b14b9d9b - Kelvin Sparks 0x2ac4a7daD1eE2eACfA3E90dd6C69466CC66Df7B2 - Goblin 0x57cD8ecAA060C857B23f9C68853f09dFfC3b7453 - Marcus Leanos

Action Items

1.Transfer Admin Roles

Grant all admin roles to Gnosis Safe

Action Type: grantRole

To: Gnosis Safe (0xC03151bAc97F692e5b71Eb49635A624141f7477b)

Scope: Timelock contract (0x4f4AC7a7032A14243aEbDa98Ee04a5D7Fe293d07)

2.Revoke Tally Privileges

After transfer, revoke all admin roles from the Tally to eliminate duplicate control

Action Type - revokeRole

To: DaoGovernor (0x585CcA060422ef1779Fb0Dd710A49e7C49A823C9)

Scope: Timelock Contract (0x4f4AC7a7032A14243aEbDa98Ee04a5D7Fe293d07)

3.Verification

Core contributors will verify on-chain that:

  1. Gnosis Safe holds all required admin roles
  2. Timelock holds none
  3. A confirmation report is posted to the forum

Duration & Reversal

This is a temporary arrangement, remaining in effect until:

  1. BRLA is live on HyperEVM
  2. Cross-chain governance is deployed and audited

At that point, a new TFIP will transfer control back to DAO governance.

Risks & Mitigations

Risk Mitigation: Signer collusion 4-of-7 threshold, distributed signers Key loss: Only 4 required Governance delay: Public roadmap commitments Scope creep: No new powers granted beyond Timelock

Governance Process

Step 1 — Forum Discussion (72h)

Community feedback and iteration

Step 2 — Tally Vote (Binding)

On-chain execution of proposal

Conclusion

TrueFi is at a critical point in its governance evolution.

The new BRLA structure introduces a temporary but meaningful security gap. This proposal provides a practical, transparent, and reversible solution by transferring control to a trusted multi-sig during this period.

This ensures:

  • Protocol safety
  • Operational continuity
  • Minimal centralization

We encourage the community to support this proposal to enable a secure and orderly transition.

Votes
Status