Governance Proxy

The core function is to delegate voting rights from a user's wallet (the principal) to the proxy contract. The proxy holds no tokens itself but is authorized to cast votes on behalf of the delegator. This enables:

• Persistent delegation without transferring assets.
• Batch voting across multiple proposals.
• Support for vote delegation to smart contracts (e.g., Compound's Governor Bravo).

Employs a modular design separating the proxy (holding delegation) from the execution logic (holding voting logic). This pattern, similar to Ethereum's proxy upgrade system, allows for:

• Upgradability: The core voting strategy can be improved without migrating delegations.
• Gas Efficiency: Users delegate once to the proxy; complex logic changes don't require re-delegation.
• Security: A compromised logic contract doesn't necessarily compromise the delegated tokens held in wallets.

Proxies significantly reduce gas costs for active participants. Instead of each user paying gas to vote on every proposal, the delegated proxy contract votes once on behalf of many. This enables:

• Gas-less voting for delegators via meta-transactions or sponsored transactions.
• Automatic execution of complex strategies (like voting based on a DAO's treasury policy).
• Batch proposal creation and voting, as seen in systems like MakerDAO's Governance Relay.

By delegating to a smart contract, voters can implement sophisticated, automated decision-making that isn't possible with manual wallet voting. Examples include:

• Weighted voting based on off-chain data (e.g., Snapshot polls).
• Conditional voting (vote for if certain on-chain conditions are met).
• Liquid delegation where voting power can be dynamically re-delegated via secondary markets.
• Futarchy-inspired prediction market execution.

Using a proxy introduces specific security considerations. The delegator must trust that the proxy and its logic contract will:

• Faithfully execute the voter's intent (no malicious votes).
• Be technically secure against exploits.
• Properly handle upgrade mechanisms without introducing centralization risks.
• This creates a trust-minimized model compared to full custody, but a trust-assumed model compared to direct wallet voting.

Compound's governance system is a canonical example. Users delegate COMP tokens to a Governor Bravo proxy address. This proxy then interacts with the Timelock and Comptroller logic contracts to execute votes. Key metrics:

• Delegation is mandatory for voting.
• Proposals execute via a multi-step process (queue, timelock, execute).
• The system has facilitated hundreds of governance proposals, setting a standard for DeFi protocols.

Token holders delegate their voting power to a trusted expert or delegate who votes on their behalf. This is the core function, allowing:

• Passive participation for non-technical users.
• Informed decision-making by delegating to subject-matter experts.
• Vote aggregation to amplify the influence of a cohesive community or DAO sub-group.

Proxies enable programmable voting strategies beyond simple delegation. Users can set rules for their proxy to execute autonomously, such as:

• Voting with the majority of a specific delegate set.
• Following the recommendation of a trusted governance forum or oracle.
• Automated voting based on pre-defined parameters (e.g., always vote 'Yes' on treasury grants below a certain threshold).

Proxies act as a security layer between a user's wallet and the governance contract. Key security use cases include:

• Cold storage voting: Voting rights can be delegated from a secure cold wallet to a hot wallet proxy, keeping assets safe.
• Mitigating slashable proposals: A proxy can be configured to reject or abstain from high-risk votes that could lead to slashing of staked assets.
• Time-locked delegations: Delegations can be set to expire, preventing indefinite or unwanted control.

Proxies are the foundational primitive for more advanced governance models like liquid democracy (delegable democracy). This enables:

• Transitive delegation: Delegates can further delegate, creating a network of trust.
• Vote lending/renting: Temporary delegation of voting power in exchange for compensation, forming a vote market.
• Dynamic representation: Users can change their delegate instantly for each proposal, allowing for issue-specific expertise.

Proxies significantly reduce transaction costs and complexity for voters. They enable:

• Gasless voting: Users sign off-chain messages (e.g., via EIP-712) which the proxy submits, often sponsored by the protocol.
• Batch voting: A single proxy transaction can vote on multiple proposals across different contracts, aggregating gas fees.
• Simplified UX: Voters interact with a single proxy interface instead of multiple complex governance contracts.

Major DeFi protocols implement governance proxies with distinct features:

• Compound Governance: Uses a canonical Governor Bravo proxy contract; delegates vote with COMP tokens.
• Uniswap Governance: Employs a flexible proxy system where delegates represent UNI token holders.
• Aave Governance: Features a robust Aave Governance V2 framework with time-locked executors and guardian roles, all managed via proxy delegation.
• ENS DAO: Leverages delegation to enable community-driven control over the Ethereum Name Service root.

The proxy contract becomes a centralized attack vector. If compromised via a bug or exploit, an attacker can control all delegated voting power. This risk is amplified if the proxy holds executive authority to upgrade other protocols or manage treasuries. Historical incidents, like the Compound Finance governance bug, demonstrate how a single flaw can threaten an entire ecosystem's governance.

Proxies can exacerbate governance centralization. Large token holders or whales often control the most influential proxies, skewing decisions toward their interests. Simultaneously, voter apathy leads many users to delegate without due diligence, creating a system where a few entities wield disproportionate power. This undermines the decentralized ethos and can lead to proposals that benefit insiders.

Delegating to a malicious delegate who votes against the delegator's interests is a key risk. More common is delegation to incompetent delegates who are inactive, lack expertise, or are easily influenced. Users must continuously monitor their delegate's voting record, which negates the convenience of delegation. There is often no slashing mechanism to penalize bad actors.

Many proxy implementations have upgradeable logic controlled by admin keys or a timelock. This introduces risks:

• Timelock bypass: If the timelock is too short or has a privileged bypass.
• Admin key compromise: A multisig signer being hacked or acting maliciously.
• Implementation bug: A faulty upgrade to the proxy logic itself, which could brick the contract or change delegation rules unexpectedly.

Proxies enable vote sniping, where a malicious actor borrows or acquires tokens just before a snapshot, delegates them to swing a vote, and returns the tokens after. This exploits the lack of a commitment period in many systems. Furthermore, the transparency of delegation can lead to bribery markets or coercion, where large delegates are incentivized to vote a certain way.

Protocols implement several guards to reduce proxy risks:

• Enforced Timelocks: Mandatory delays on all governance actions executed by the proxy.
• Delegate Reputation Systems: Platforms that track and score delegate performance and participation.
• Vote Delegation Limits: Capping the percentage of total supply a single delegate can control.
• Secure by Default Designs: Using minimal proxies or transparent proxy patterns (EIP-1967) to reduce attack surface.

The underlying asset (e.g., UNI, MKR, COMP) that confers voting rights within a decentralized autonomous organization (DAO). A governance proxy interacts directly with these tokens to:

• Query a holder's voting weight.
• Cast votes on their behalf.
• Execute delegated voting strategies. The proxy itself does not issue tokens but is a mechanism for wielding the power they represent.

A public, on-chain smart contract that maintains a record of delegation relationships. When a user delegates via a proxy, this transaction updates the registry. Key functions include:

• Storing mappings from delegator to delegatee addresses.
• Allowing any contract (like a voting module) to query a user's voting power.
• Enabling delegation to contract addresses for complex strategies. It is the foundational ledger for proxy-based governance systems.

Modular logic that defines how voting power is calculated for a specific proposal. A governance proxy can employ different strategies, such as:

• Token-Balance: Power based on a simple token snapshot.
• Time-Weighted: Power based on tokens held for a duration.
• Multi-Asset: Power derived from a basket of governance tokens (e.g., voting with staked LP tokens). Proxies execute these strategies to determine a user's effective voting weight.

A user experience enabled by governance proxies and off-chain signing. The process involves:

1. A user signs a vote message off-chain (paying no gas).
2. A relayer (which can be the delegate or a service) submits the signed message and pays the gas fee.
3. The governance proxy contract verifies the signature and casts the vote on-chain. This dramatically reduces voter participation costs.