[Proposal: MB23/MR19] Moonbeam Multisig support and optimization services for Moonbeam, Moonriver and Moonbase for Dec/2023 and full 1st Semester/2024

Title - [Proposal:] [Status: Submitted] Moonbeam Multisig support and optimization services for Moonbeam, Moonriver and Moonbase for Dec/2023 and full 1st semester/2024.

Moonbeam Multisig Official Link: https://multisig.moonbeam.network
Staging Environment: https://staging.multisig.moonbeam.network

Abstract

This proposal aims to ensure the continued availability of the Moonbeam Multisig interface (aka Moonbeam Safe), as well as the provision of support services for incidents, errors, discrepancies, and situations that require quick palliative actions, exemplifying the migration to WalletConnect v2 update or when the ledger, in a widespread web3 context, showing compromised behavior (meaning, we proactively disable it, conduct extensive testing, and reactivate it once everything is secure). Additionally, it involves generating reports, adding new functionalities such as Safe Apps, Modules, and Wallets and keeping the Safe components up to date.

All future tokens received by this grant will be exclusively used to cover infrastructure costs and to support our team (for maintenance, investment in new initiatives within the Moonbeam ecosystem, and as bonuses for our developers actively engaged in the project).

Motivation

Moonbeam Multisig is a fork of Gnosis Safe, which is well known as the most trusted platform to store digital assets on EVM due to its programmability. We consider this project a successful case where community users, DAOs and DeFi projects trust and use it to safely store assets and interact with Smart Contracts which directly supports TVL growth and would keep benefiting the Moonbeam community.

Project Overview and Team Experience

As the upstream Safe codebase is being constantly updated and changed by the Safe team, new releases need to be merged making sure it is updated and compatible with the Moonbeam Multisig instance.

Regular Safe updates will be performed and released on Moonbeam networks (Moonbeam, Moonriver and Moonbase). Updates consider Frontend (mainly user experience improvements), Backend services and Smart Contract.

Optimization also includes research and implementation of such features as Safe dApps, Modules, Guards, External Wallets Connectors, and customizations according to community needs.

Our team is a combination of management and development skills:

• fCTO: Ivan.
• Project Manager: Eduardo.
• Blockchain Engineers: Nick, Marta, and Nikita.
• DevOps Engineers: Leonid, and Ilya.
• Tester: Anton.

Protofire DAO team:

• Worked as part of the Gnosis team on delivery of web and desktop versions of Gnosis Safe.
• Delivered Gnosis Safe Apps (such as Compound, Synthetix Mintr Safe App, designed ENS Manager).
• Created a devkit to improve the synchronization of the code in the Gnosis DApps.
• Is a Gnosis Chain and Gnosis Beacon Chain validator.
• Have been deploying and maintaining Gnosis Safe instances over 30 chains such as: Evmos, Astar, Scroll, Mantle, Linea, Cronos, Holesky, Neon EVM, Rootstock to name a few.
• Is an active member of the Safe community (Safe Guardians); we use our power to contribute positively to the ecosystem, aligning with Safe vision to drive the adoption of smart contract wallets.

Rationale

Moonbeam Multisig adds value to the ecosystem in the following ways:

• Gives the community a trusted custody option for asset management. Safe smart contracts have passed the highest possible security standards in the industry including Formal Verification. Check it out.

• Allows Protocols to deploy and interact with smart contracts in a secure manner which attracts top protocols, increases adoption and TVL.

• Moonbeam Multisig attracts high-net-worth individuals, companies, holders, funds, developers, DAOs, and investors due to its reputation and programmability.

Key Terms (optional)

Safe/Gnosis Safe/Multisig Wallet: multi-signature smart contract wallet that allows users to define a list of owner/signer accounts and a threshold number of signers required to confirm a transaction.

Overall Cost

We are requesting funding for 7 months, starting from December/23, which was not part of the previous grant, and covering the first semester of 2024, from January (1) to June (6).

We had the opportunity to gradually reduce infrastructure costs (~22% less), so for this grant, we’ll be requesting a smaller amount compared to the previous grant, adding only a 10% margin for any potential fluctuations.

Total cost: 51,359 USD (equals a monthly cost of $6,4k + infrastructure costs) equivalent to 60/40 respectively in GLMR and MOVR.

The conversion rate will be set as the 30-day twap (time-weighted average price).

Use of Treasury Funds

Treasury Funds will be allocated as follows:

Previous Infra Costs:

Infrastructure - Previous Costs876×371 17.1 KB

Support and Optimization include:

• Safe Updates: Regular Gnosis Safe updates will be performed and released on the supported networks. Updates consider Frontend (mainly user experience improvements), Backend services and Smart Contract.

• Safe Features: Research and implementation of features like Safe dApps, Modules, Guards, External Wallets Connectors, client customization, etc.

• Infrastructure Support & Monitoring: DevOps support and monitoring, covering all aspects of infrastructure security, architecture optimization, monitoring and CI/CD pipeline enhancement in order to improve cost-effectiveness and scalability.

• General Support: General support is provided to Moonbeam community, business, and technical teams considering incidents analysis and troubleshooting, research, and general inquiries.

We expect the service distribution as:

Specifications

Safe Global Licenses describe all the third-party software that may compose (in small portions) our Moonbeam Multisig solution:

Safe{Wallet} – Licenses (only Web section is applicable).

Steps to Implement

Moonbeam Multisig is currently in the maintenance phase; funds will be allocated to cover only infrastructure resources and support service on maintenance, updates and optimizations.

On-chain Application Details

Total cost: 51,359 USD (equals a monthly cost of $6,4k + infrastructure costs) equivalent to 60/40 respectively in GLMR and MOVR.

Base spreadsheet for calculating 30-day TWAP and respective proposal values:

Hi @esantos089

I’m happy to inform you that I am your contact person from the treasury counil for this proposal (Assigned Treasury Member).

Thanks for submitting the information.
Minor notice first: your infra graph reads year 2024 for prev spendings but should be 2023 for sure.

Furhtermore, with the recent price action on Moonriver the ratio between amounts in both treasuries have shifted and we’d kindly ask you to calculate the total cost in a 60/40 split - requesting 60% of the total spend in GLMR and 40% in MOVR.

Most of the requested funds is dedicated on “Support and Optimization” which is quite generic and not much self-describing, that’s why I’d like to circle back on your last request and see what work has been done with the last 38.4k $ in that category?
Can you please give us an update on what features have been added and what updates have been applied?

Looking forward to hear back from you.

Hi @dev0_sik

Thank you for your comments.

Regarding the chart, I’ve already made the corrections. It seems I got “stuck” in 2024 .

As for the Ratio, I’ve updated the spreadsheet, and I’ve also revised the description in this proposal, just in case.

Regarding the completed tasks, I’ve extracted the tasks in which we’ve been working over the past 6 months. When I say “working,” you can see that some are in backlog/to-do, indicating that we’ve done some level of research/grooming/need more details; they haven’t moved to “in progress” yet.

Two important notes:

1. We consistently conduct research to identify new items, such as the most recent additions like the Tenderly Simulation tool and the Safe App Token Approval Manager, both of which are already in the to-do list.

2. There are tasks directly related to infrastructure, where we internally monitor, tune, and adjust as per the evolving demands of the Safe architecture (as it’s constantly being updated).

Report here: Moonbeam - Perfomed / To Do Tasks - Google Tabellen

In addition to these technical tasks, there’s also management work handled by me (on a daily basis), the DevOps manager, and our field CTO (both on a weekly basis). We have a Telegram group with Moonbeam members where we discuss items, improvements, and handle incidents.

Thanks a lot for coming back with that sheet @esantos089

Another quick question first: the last proposal outlined 90% of the work budgeting for dev topics and the new one 85%. Can you tell me to how many hours this translates? So what hourly rate you’re putting up there?

In the list of completed tasks I see a lot of minor stuff like changing RPC URLs or extending volumes, adding a link to a UI etc.
I was also lurking through the dev activity in your public repositories, for example the safe-transaction-service or the safe-react-apps but it’s hard for me to map everything. Also I’m not sure what’s the heavy hitters in the sheet. I assume stuff like integrating new Safe Apps is quite some work - can you point me to where that jazz was happening?

Please don’t see this as offend or attack - I am personally using your application and am aware of the importance and need of it
I’m just 1) a curious dev and 2) trying to bring transparency to the community in my role as treasury councillor.

Hi @dev0_sik ,

Thank you for your questions; all these answers will serve as the foundation for future applications. Thus, we can now provide more detailed material; I truly appreciate it.

Service Distribution:

Regarding service distribution: we included the tester profile, supporting us in conducting tests and currently working on automation; this way, we manage to alleviate the burden on developers (who, until a good part of last year, had to implement/test everything on their own). Also, as you can see, there were several tasks directly related to DevOps.

Additionally, concerning management, we are considering a lower percentage, as the team requires less management since our processes have been optimized, demanding less supervision.

Just a quick comparison:

About Hours:

Regarding the Hour Rate, we have a legacy table from 2021, which is $80/hour. The current tables from 2023 onwards are at least $100/hour + bonus in native tokens.

In terms of hours, we would have 80 hours per month, considering the required grant vs the hours price; in the past period, we consumed around 95% of what was stipulated.

@dev0_sik , one point to consider is that we are recently testing an approach focused on “service” instead of a static allocation of hours. The reason for this is that we identified R&D scenarios that are applicable across various chains in a row (we support 30+), and it is much more practical to conduct larger R&D and be more efficient in implementing the chains; a service approach benefits us in this regard; and obviously, we would not have hour restrictions to address stress situations and incidents. I see that we will have quantitative results from this year onwards, as it is a new approach.

About Tasks Weight:

Regarding the heaviest tasks, indeed, volume extensions are really light, just a matter of settings on Amazon AWS.

Integrations that are not native to Safe Global and require back and forth end up consuming time, both in terms of analysis/correction/testing; I would also like to emphasize that research also takes time. In the second half of 2023, we used efforts to research, for example, how the new SDK A.A. works; the research was carried out, and the next step will be a future application.

I’m not sure if all the questions have been fully clarified, so please give me feedback if clarity is lacking.

Hey @dev0_sik , I hope you’re having a great weekend.

Did you have time to check my latest messages?

At the beginning of next week, I’ll be a bit absent due to a personal commitment I have, so I might take a little longer to get back to you.

Sorry for not responding so far.
Yes I did read your message.

We’re having a treasury council meeting on monday and will discuss it
If you have some links to heavy git merge requests that would still be handy.

Have a nice weekend.

Hi @dev0_sik ,

For Moonbeam, we don’t utilize public git merge requests. Instead, we manage merges within Moonbeam Safe repositories:

• Web-core: https://github.com/protofire/moonbeam-web-core/commits/moonbeam/
• Transaction service used until Oct/Nov23: https://github.com/protofire/moonbeam-transaction-service/commits/moonbeam-stg/
• Config (Cfg) and Client Gateway (Cgw) services (infrequently updated due to their static nature):
  • Config Service: https://github.com/protofire/moonbeam-config-service/tree/moonbeam
  • Client Gateway: https://github.com/protofire/moonbeam-client-gateway/commits/moonbeam/

We streamlined our approach by transitioning backend services to Shared repositories, reducing the need for merges across multiple supporting chains:

• Safe Transaction Service: Commits · protofire/safe-transaction-service · GitHub
• Safe Config Service: Commits · protofire/safe-config-service · GitHub
• Safe Client Gateway: Commits · protofire/safe-client-gateway · GitHub

Additionally, we added the new Safe Event service:

• Safe Events Service: Commits · protofire/safe-events-service · GitHub

Key points:

• The majority of our work is typically centered around the config service, especially concerning new tools, dApps, etc. Integrations, like StellaSwap, often occur in their repository with our review/support.
• Infrastructure changes are usually made directly within Amazon AWS.

Thanks a lot for your answer.
Although I am not able to see the private GitHub repositories.

We would kindly ask you about an estimated feature/task timeline for the funding period up until end of Q2 2024 so we could later circle back on that.

As you already know our suggestion for proposals is to await 3 voting signals from @TreasuryCouncil members in the forum before submitting the proposals on-chain (because of the 3/5 voting threshold and to not slash your submission deposit).

I hereby signal my supportive vote for the upcoming proposals.

Hi!

Thanks for all the info provided up to now.

I strongly share and support the request that Sik just placed in his last post: it’s very valuable for us to have an outlook ahead so… much appreciated in advance!

In the meanwhile, I hereby signal my supportive vote.

Thanks from my side as well, @esantos089.

With @dev0_sik’s halfyear planning / timeline request in mind, I hereby signal my supportive vote for your proposal — with that you’re all set. 3/5 @TreasuryCouncil members signaling AYE votes already and your submission deposit is on the Safe side

Looking forward to see your proposal on-chain!

Hey Team, @dev0_sik , @Michele , @_yrn

I held an internal meeting with the devs to plan deliverables considering the support context, and we can list the following:

Planned for 1st semester - 2024:

• Integrate Safe App - Token Approval Manager
• Integrate Tool - Tenderly
• Integrate Safe App - Beamswap (waiting for them).
• Integrate Wallet - Trezor
• Integrate Zodiac Suit
• Safe rollout (update of all components), at least 1 every two months
• Integrate Safe App Snapshot

Nice to have:

• R&D Social Login
• R&D AA module for Moonbeam Safe

We will also have running in the background/possible unforeseen circumstances:

• DevOps
  • Monitoring
  • Optimizations
• Devs
  • Incidents & Troubleshooting
  • Items identified on the fly that require priority
• Management

And as much as possible, we will work on items that were not mentioned here but are part of our backlog list here.

If you have any additional suggestions for us to research in the context of Moonbeam Multisig, we are more than willing to add new items to our pipeline.

Hey @dev0_sik ,

Just for visibility:

Hey @dev0_sik , I hope you’re doing well!

Quick question: Should I do anything else? I ask this because it’s been a while since my last application here, and I’m not sure if I forgot something and I am blocking you guys.

Thank you!

It’s my turn. Gonna push it quickly.

Hey @dev0_sik , I hope you’re doing well.

Okay, agreed!

Do you have an estimate of when roughly this proposal would be pushed? I ask this because internally we need to plan the allocation of efforts and at the moment we are covering infra costs by our own.

Have a nice day.

Heyya

The current spending period is 3days 8hours left and it should get thru with that.

Have a wonderful day.

Hey @esantos089 - your Moonbeam proposal got just paid out and the Moonriver proposal is approved and will be transferred at the end of the current spending period (2d 4h from now).

Sorry for the long waiting time but we used your proposal as example to create educational material for future onboarding of new Treasury Council Members

@dev0_sik , thank you for informing me!