Initiative Title
Provide a concise and descriptive title for your initiative. Use the format [Draft/Discussion] [OBRA] Your Initiative Title - Author for submission.
Role-based Access Control & Pilot Browser Extension – Gnosis Guild
Previous Discussion
Provide links to any relevant previous discussion
Abstract
Provide a brief summary of your initiative
This is a proposal to integrate Gnosis Guild’s Roles Mod into the Safe Core SDK, Safe Wallet, and Pilot Browser Extension.
Aligned Strategy
Which pre-approved strategy is this initiative driving forward?
Strategy 2: Foster Module Ecosystem
Funding request:
What resources are being requested from SafeDAO in USDC?
180.000 USDC
If applicable, upfront funding:
Indicate if upfront funding is needed. Refer to 'Payout’ under Get funding from SafeDAO for lump sum payment options.
N/A
Relation to budget:
State the requested funding as a percentage of the total initiative budget (e.g. if you ask for 50k for Strategy 1: 25%)*
60%
Metrics and KPIs:
Which metrics and KPIs will the initiative be measured against?*
-
Impact on governance participation (direct attributable increase in participation through tool):
-
Increase in TVL in Safes with Roles Mod (Roles) enabled
-
Increase in Total number of Safes with Roles enabled
-
Increase in developer engagement with Roles
Initiative description:
What is the initiative about?
Gnosis Guild plans to extend Safe’s core functions by developing and integrating specific mods in their modular tool suite, Zodiac. The impact of this work will increase the interoperability and modularity of the Safe ecosystem, enhance overall ecosystem security, and facilitate easier adoption of Safe wallets. As a result, we estimate an increase in TVL in Safes with these changes.
For this initiative, we will extend Safe’s core functionalities and increase Safe wallet TVL by natively integrating the Roles Mod (Roles) into Safe Wallet and Safe Core SDK. The mod allows Safe owners to extend secure transaction permissions to any member address through flexible, customizable roles.
Roles is steadily becoming a core piece of infrastructure for the Safe ecosystem, providing fine-grained access control on top of Safe and powering karpatkey’s treasury asset management (expected to drive billions in Safe TVL). A tight integration would provide expressive and granular permissions to all Safe wallets, expanding on and eventually replacing the Spending Limit module. It would also create more secure transaction environments through Roles’s meticulous permission scoping and access control safeguards.
This integration would also include a new and vastly improved version of Roles. For over a year, karpatkey has been managing multiple large-scale DAO treasuries (GnosisDAO, ENS, Balancer, etc.) using v1 of the Roles mod. The design and implementation of Roles mod v2 is informed largely on learnings from these use cases, along with a handful of other current and upcoming use cases. Aside from a significant refactor, v2 includes a handful of new features:
- threshold limits
- rate limits
- arbitrary parameter decoding
- support for complex parameter types (tuples, arrays, arrays of tuples, etc)
- new comparison types
- custom comparison types
We plan to add support for Roles by opening a PR to the safe-wallet-web repo, integrating the mod in a similar way to the current integration of the Allowances Mod. To further enhance developer accessibility, we will create comprehensive documentation for the Roles SDK, along with adding Roles as a kit to the Safe Core SDK. This not only fosters ease of adoption but also encourages the creation of and compatibility with future role- and permission-based Safe modules.
Finally, we also plan to further develop and improve Pilot, a user-friendly Chrome extension that makes it much easier and more efficient for Safe wallets to interact with dapps. Pilot allows for batching multiple transactions to save on gas, routing transactions through modules, simulating transactions with Tenderly for accuracy, and submitting transactions directly to Safe for signing. The whole process occurs directly within the dapp’s interface and is designed to work synergistically and seamlessly with Roles.
Current status:
Does the offering (product/service) already exist or is the funding used to create it?
The Roles Mod v1 and v2 contracts have already been implemented and audited, along with a Roles Safe app and SDK supporting Roles Mod v1. Roles Mod v2 is not yet fully integrated into the Roles Safe app and Roles SDK, and has yet to integrate with the Safe Core SDK and Safe Wallet. Funding will be used to complete these integrations.
Risks:
What risks does the initiative entail?
The obvious risks involved are implementation and execution risks. Given our years of experience building secure Zodiac modules, we find these risks minimal.
Timeline and milestones:
Provide a detailed timeline or roadmap, include key milestones
Week | Focus | Outcomes | USDC | $SAFE |
---|---|---|---|---|
1-4 | Development | Roles Safe App supports Roles v2. | 45.000 | N/A |
5-8 | Development, Design, Documentation | Roles v2 kit is implemented in Safe Core SDK. Roles v2 is ready to be integrated natively into Safe Wallet. | 70.000 | N/A |
9-16 | Development | Roles v2 is integrated natively into Safe Wallet. Roles v2 is integrated into the Pilot Chrome extension. | 65.000 | N/A |
Initiative lead:
Who is the accountable initiative lead? (individual or organization)
Team:
How many individuals in total will be working on this initiative and what role do they have? Please provide a brief background of the team members, highlighting their relevant experience and expertise
Gnosis Guild would assign a full pod (one designer/PM and two engineers) to this initiative for 16 weeks.
Additional support/resources:
Are there any resources (non-financial) requested from the Safe Ecosystem Foundation or the core contributors?
None
Implementation dependencies:
Does the implementation of this initiative require any prior changes in the current governance processes, e.g., updates to the governance framework, or have any other dependency? If yes, please specify these. Note that the funding of the initiative will be dependent on the approval and (if needed) successful implementation of such necessary governance modifications or any other dependency.
This proposal has no dependencies.