[TFIP-42] — Timelock Migration to Gnosis Safe Multi-Sig (Transition Period)

Abstract

This is a defensive, temporary measure to secure protocol infrastructure during governance migration.

This proposal requests that the TrueFi DAO authorize the transfer of all administrative roles currently held by the TrueFi Timelock contract
0x4f4AC7a7032A14243aEbDa98Ee04a5D7Fe293d07

to the existing New Treasury Gnosis Safe multi-signature wallet
0xC03151bAc97F692e5b71Eb49635A624141f7477b on Ethereum Mainnet.

This transition is a temporary security measure designed to protect protocol-controlled vault factories and legacy smart contracts during the governance migration period. Specifically, this applies to the window in which:

• TRU tokens are locked in the Asset Portal, and

• The BRLA-based governance system on HyperEVM has not yet been deployed.

Background & Motivation

Current Governance Architecture

TrueFi’s on-chain governance currently operates via Tally, where TRU token holders stake and vote on proposals. Successful proposals are executed through the Timelock smart contract, which acts as the administrator of several legacy components, including:

• Vault factories on Ethereum Mainnet

• Various legacy TrueFi smart contracts

• Other protocol-controlled addresses

Timelock Address:
0x4f4AC7a7032A14243aEbDa98Ee04a5D7Fe293d07

The Governance Transition Problem

TrueFi DAO is undergoing a strategic governance migration:

• TRU (Ethereum) → no longer the primary governance token

• BRLA (HyperEVM) → will become the new governance instrument

This creates a temporary but critical security gap:

1. TRU tokens are locked in the Asset Portal and cannot vote

2. BRLA governance is not yet live

3. Cross-chain governance (HyperEVM → Ethereum) is not deployed

During this period, the Timelock could be vulnerable to a low-participation governance attack.

The Risk

If no action is taken:

• Governance attacks via Tally remain possible

• Vault factories and legacy contracts remain exposed

• Timelock delays limit the DAO’s ability to respond quickly

Proposal

Primary Action — Transfer Timelock Admin Roles to Gnosis Safe

All administrative roles currently held by the Timelock shall be transferred to:

New Admin (Gnosis Safe):
0xC03151bAc97F692e5b71Eb49635A624141f7477b

This Safe is already used as the New Treasury and operates as a 4-of-7 multi-signature wallet.

Why a Gnosis Safe Multi-Sig

• No single-party control

• Higher resistance to manipulation vs low-turnout votes

• Fully reversible once new governance is live

• Already known and trusted by the community

Gnosis Safe Details

Signers

Action Items

Action 1 — Transfer Admin Roles

Transfer all admin roles from Timelock → Gnosis Safe

---

Action 2 — Revoke Timelock Privileges

After transfer, revoke all admin roles from the Timelock to eliminate duplicate control.

Action 3 — Verification

Core contributors will verify on-chain that:

1. Gnosis Safe holds all required admin roles

2. Timelock holds none

3. A confirmation report is posted to the forum

Duration & Reversal

This is a temporary arrangement, remaining in effect until:

1. BRLA is live on HyperEVM

2. Cross-chain governance is deployed and audited

At that point, a new TFIP will transfer control back to DAO governance.

Risks & Mitigations

Governance Process

Step 1 — Forum Discussion (72h)

Community feedback and iteration

Step 2 — Tally Vote (Binding)

On-chain execution of proposal

Conclusion

TrueFi is at a critical point in its governance evolution.

The migration from TRU to BRLA introduces a temporary but meaningful security gap. This proposal provides a practical, transparent, and reversible solution by transferring control to a trusted multi-sig during the transition.

This ensures:

• Protocol safety

• Operational continuity

• Minimal centralization

We encourage the community to support this proposal to enable a secure and orderly transition.