Recently there have been two hacks on Gnosis Chain leading to a complete loss of funds in two protocols on Gnosis Chain - Agave and hundred.finance.
The cause for the hack was that the used code (open source code from Aave and Compound) is not safe to use with specific tokens. Tokens that have been bridged in the past from Ethereum mainnet to Gnosis Chain (including e.g. USDC, GNO, WETH) have that specific feature.
While it is ultimately the responsibility of dapp developers to make sure their contracts are safe or of governance to only list tokens that are compatible - it is the goal of Gnosis Chain to make the chain welcoming and as easy as possible to use for any developer from the wider Ethereum ecosystem. Not being able to use widely tested and successful contracts like Aave and Compound on Gnosis Chain safely very much goes against this goal.
So the question is - what can be done to fix this problem?
The canonical bridge of a chain is theoretically just one out of many applications of a chain but for all practical purposes an essential part of the chain’s infrastructure. Dapp developers don’t want to deal with building bridges - they just assume tokens from Ethereum are available.
Tokens from the Omni-bridge are not upgradable. So to address the situation only 2 paths are possible:
a) try to establish a new default bridge and get all users of the tokens of the old bridge to manually migrate
b) do a hard-fork of the blockchain that changes the functionality of the existing tokens.
Governace and stakeholder
All of this was just a preface to discussing whether and how hard-forks are possible. Gnosis Chain does not have a formalized upgrade mechanism (on-chain governance). Instead, it is a decentralized blockchain with many stakeholders. Similar to Ethereum upgrades a hard fork without a chain split can only happen if all those stakeholders simultaneously agree to an upgrade.
The Stakeholder of Gnosis Chain
- All Dapps deployed on Gnosis Chain
- Any user with a balance on Gnosis Chain
- current Validators (on Execution layer)
- Beacon chain validator
- “ETH1” Client teams (Nethermind, Open Ethereum, Erigon)
- ETH2 client teams (Prysm, Lighthouse, Nimbus, Teku)
- all Stake and GNO token holder
- Gnosis Team
- former xDAI team
- xDAI Bridge operator
- Omni Bridge operator/ and governance DAO
- Wallets serving Gnosis Chain
- Exchanges that have Gnosis Chain integrated