Developers Forum for XinFin XDC Network

Cover image for Proposal: Safe on XDC Network
Daria Lapus
Daria Lapus

Posted on

Proposal: Safe on XDC Network

Motivation

The motivation behind this proposal is the intention of contributing to XinFin, starting from a relatively simple project (Safe deployment to XDC Network) and expanding the cooperation over time.
We would be happy to propose additional infrastructure and ecosystem projects, which increase TVL and interest in XDC Network. At the same time, we would like to become a senior partner of the project and receive benefits, since we believe in XinFin ecosystem and share its values.

Ecosystem Benefits

  • Safe's multisig wallet can provide secure self-custody for institutional investors and large fund holders, mitigating risks of lost or stolen keys and hacked devices. This can help increase your TVL significantly.
  • Integrating Safe can attract various protocols and dApps to your platform, as they rely on Safe contracts and components, including popular protocols such as Chainlink, Sushi, and Balancer.
  • Safe is a modular solution with a range of features, including Safe Apps, Modules, and Guards, making it convenient and secure for users to interact with multiple dApps and protocols through one interface.
  • Safe is a widely adopted standard on Ethereum, used by numerous DAOs, protocols, and companies to secure and manage their funds on-chain, with the total amount of funds stored in Safes being over $100B.

About Protofire

  • 80+ engineers working for 10+ DAOs;
  • Is a machine which attracts, builds, and retains engineering teams for protocols and DAOs;
  • Teams pick DAOs to work for;
  • Start with small project;
  • Fully-integrated, dedicated teams - Solidity, Rust, JS/TS, GoLang, Py, Swift/Kotlin, QA, UX/UI, Growth/Recruiters;
  • Unique specialty: bootstrapping demand side and developer adoption for leading L1/L2/cross-chain/oracle networks and select DeFi protocols;
  • What makes us different: our teams aim to ship business outcomes, not just code. Outcomes like number and $ value of transactions.

We are Safe Guardians!
Safe Guardians are active members of the Safe community, who have verifiably proven their commitment to this vision. Guardians steward the SAFE ecosystem and protocol, and align with our vision to drive the adoption of smart contract accounts.

Chains that we Safe:
Cronos: https://cronos-safe.org/
Oasis: https://safe.oasis.io/
Astar: https://safe.astar.network/
Moonbeam: https://multisig.moonbeam.network/
And others!

Proposal

The goal of the main proposal is to deliver a fully functional, reliable, and secure GS solution on the XDC network.

The main proposal includes 2 phases:

  • Bringing the entire infrastructure into working condition and up-to-date
  • Providing monthly support & maintenance

The first phase includes measures necessary fixes, patches, configuration adjustments, required for bringing current GS instance in working condition ASAP. All components and smart contracts will be updated to the latest stable versions. In the end, we will provide verification of the code and add XDC Network in the Gnosis Safe official repository as a supported network.

The second phase covers all the activities, required for keeping GS up-to-day and secured. As the upstream Gnosis Safe codebase is being constantly updated and changed by the Gnosis team (guaranteed 2 releases per month), adjustments need to be merged promptly. A monitoring service will be provided for observing all the components. In addition, we provide support to customers and businesses using GS in their daily activity, for better adoption and widespread usage.

Deployment Milestones

We are targeting a fast Safe deployment. We deploy the latest Safe version with the basic features on a default, robust and secure infrastructure model.

Milestone 1 Milestone 2 Milestone 3
Deterministic Testnet & Mainnet Smart Contracts Deployment (Done) Spin Up Staging Infrastructure & configure network(s) Setup Backend Services
Spin Up Production Infrastructure & configure network(s) Setup Frontend Services
Setup Django Admin Customize Frontend
Setup Monitoring Tools Functional Tests
Prepare Handover Document

Team:

  • Field CTO;
  • Full-stack Engineers;
  • Project Manager;
  • DevOps Engineers

Maintenance

Safe Updates
As the upstream Safe codebase is being constantly updated and changed by the (Gnosis) Safe team, new releases need to be merged with the fork deployed by Protofire, making sure it is updated and compatible with your Safe instance. (Gnosis) Safe team makes releases approximately every 15/16 days (2 times per month).
Regular Safe updates will be performed and released on the supported networks. Updates consider Frontend (mainly user experience improvements), Backend services and Smart Contract.
Safe features
Team scope of work includes research and implementation of such features like Safe dApps, Modules, Guards, External Wallets Connectors, client customization, etc.Improvements can be proactively suggested by Protofire or requested by XDC Network team/community.
Infrastructure support & monitoring
DevOps support and monitoring, covering all aspects of infrastructure security, architecture optimization, monitoring and CI/CD pipeline enhancement in order to improve cost-effectiveness and scalability. This team supports troubleshooting incidents and issues in the infrastructure context.
General Suport
General support is provided to Customer’s financial, business and technical teams considering incidents analysis and troubleshooting, research and general inquiries. All potential end-users support requests must come from the Customer’s teams. Support will be provided through specific channels (E-mail, Slack, Discord or Telegram group).

Grants Request

We request a grant of 30,000 USD from the XDC foundation to cover the development and infrastructure costs of the Safe Deployment.
We anticipate that the development process will take approximately 2-5 weeks.
Development rate is 70 USD per hour, hours breakdown are as follows:

Role Most Likely Estimate Pessimistic Estimate
Developers (Fullstack + Solidity) 72 hours 113 hours
DevOps 24 hours 36 hours
Leadership (fCTO + PM + Tech Lead) 10 hours 30 hours
Total 106 hours 179 hours

The reason why we work with a range, most likely and pessimistic estimation, is because unexpected issues can happen (and they do happen) even more when integrating with networks / RPC nodes. This range is a way to set expectations if inconvenient issues appear.
We are confident that the necessary hours tend to be around the most likely estimation.

So the final cost breakdown will look like:

Network Quantity Effort Timeline Base compensation(USD) Dev compensation(USD Equivalent)
Testnet 1 106 - 179 hrs 1 - 3 weeks 7,420 - 12,530 USD 3,710 - 6,265 USD
Mainnet 1 43 - 72 hrs 1 - 2 weeks 3,010 - 5,040 USD 1,505 - 2,520 USD
Total 2 149 - 251 hrs 2 - 5 weeks 10,430 - 17,570 USD 5,215 - 8,785 USD

Approximate Grand Total is 15,645 - 26,355 USD

Part of the compensation is dedicated to developers (+50% of base compensation, USD equivalent in XDC, XDCE, USDC or USDT).
Such an approach allows us to allocate the most professional and senior specialists, who are motivated with the success and potential revenue.

The rest of the budget will be spent on support and adding new features, such as, Safe Apps (like CSV Airdrop App, Drain Account, WalletConnect, Revoke.cash, and/or others), updating Safe components (once released by Gnosis Safe team), setting up monitoring and other types of maintenance.
Results and Reporting
After the deployment, we'll provide a comprehensive report that outlines the time spent on individual tasks, as well as the problems that were resolved and any issues that were addressed.

Relevant links

https://protofire.io/
https://github.com/protofire

Contact

Name: Daria
Email: daria.lapus@protofire.io
Telegram: @daria_lapus

Discussion (4)

Collapse
riteshkakkad profile image
Ritesh kakkad

How it's differ from from below links:
yodaplus.com/multisig-wallet.html

Also global safe community already added XDC contract code. Please check url : github.com/safe-global/safe-infras...

Please reply to above questions to get more clarification on your proposal.

Ritesh

Collapse
daria_protofire profile image
Daria Lapus Author

Thanks for your questions Ritel and Atul!
Here are our answers:

Regarding Yodaplus wallet.
It seems to be a fork of the original (Gnosis) Safe solution (the code is open-source), which is positioned as a custom Yoda-branded product. There are some important points that we want to mention:

  • Commitments and Obligations: this solution is owned and managed by a 3rd party company. Since it's not an official XDC wallet, there are no commitments and obligations regarding keeping it working in the long term. Recommended (by Gnosis Safe team) infrastructure costs around $300-$500/m (depending on Safe utilization) and the solution itself doesn't earn money, so there is no clear motivation for YodaPlus company to keep it working, especially in case of usage growth. We suggest deploying an official public XDC Safe, owned by the community. This wallet will be fully XDC branded, code will be published in XinFin GitHub repository and Protofire will support & maintain it officially until the Gnosis Safe team will take it over. We are a long-term partner of the Gnosis Safe team and our track record (we deployed Safe on more than 15 networks) and reputation speak for themselves, so the community cannot worry about the security and reliability of the suggested solution.
  • Keeping it up to date: YodaPlus vault is significantly outdated and already deprecated. While it's hard to check BE components, based on published UI we can say that solution versions were not upgraded for at least 9 months (it also correlated with commit history in Yoda GitHub github.com/yodaplus/gnosis-safe-re...). From January 2023 Safe-React repo is deprecated and Web-Core is released instead (github.com/safe-global/web-core). These updates brought not only decoration but plenty of new features and the most important: security improvements. That's why we believe that updating it timely is crucial. Our proposal includes further support, updating & maintenance. In addition to new features development and integration, which significantly improve Safe adoption.
  • Robust solution: we also found this solution more like a Demo or Sandbox - Terms, Privacy and Licenses links are not clickable. Helpdesk is not working as well, so legally this is a grey solution. But apart from legal, based on our experience (we do have a sandbox for illustration purposes), the infrastructure behind it is not reliable, so traffic peaks may lead to accessibility issues. All Safes deployed and published by our team are always legally correct and the DevOps team constantly monitors the load and is ready to scale it on the fly.

Regarding XDC pull requests and commits - mostly they are related to Safe contracts (mentioned PR is a minor improvement, however, there is a list of valuable PRs made by Ruslan Wing - forum.safe.global/t/add-support-fo..., which made possible to deploy Safe on XDC).

We don't include this part in our proposal (marked as done), but it's important to understand that smart contracts stuff is only a part of deployment (usually takes 10-30% of effort). The biggest part of the work is setting up a reliable and scalable infrastructure, deploying BE and FE components, and configuring them together. In addition, as a part of our normal approach - we enable features (such as WalletConnect, XDCPay, and basic Safe Apps), and we prepare all branding & legal requirements.

As for being added to Safe. Global - Gnosis Safe team has a very limited capacity, so they cannot add XDC officially now to their UI. Here is their comment - forum.safe.global/t/add-support-fo..., so they suggested Safe deployment on XDC to us, however, we consider this XDC deployment as a first step - we will prepare infrastructure and the whole setup according to Safe team requirements, so it will take hours to take control of XDC safe and add it to the canonical UI, once they are ready.

In short: we suggest a Safe deployment with a very transparent pricing (payment for real dev hours) and further, support & maintenance by the team, totally dedicated and experienced with this type of work, at the same time, the XDC team can focus on some other tasks; the whole XinFin ecosystem can efficiently grow in this very competitive time.

We hope we answered your questions!

Collapse
akhekade profile image
Atul Khekade

Do you have any communication with Gnosis Safe dev team? Apparantly there are some PRs there for xdc integration already. Would they commit to supporting XDC Network in their official Safe Dapp?

Collapse
thanasimos profile image
Thanasimos

XDC already has a deterministic deployment of Gnosis Safe:
app.oryy.io/welcome?chain=xdc