Aragon OSx Updates: seamless and optional updates for your DAO
Aragon OSx Updates, a seamless way to make security and feature updates to your DAO, is live on the Aragon App. Each DAO deployment is entirely self-sovereign, so updates are always optional.
Every DAO on the Aragon App is built on Aragon OSx, the underlying DAO framework. With this new feature, your DAO has the option to update its Aragon OSx contracts to the latest version by passing a proposal, giving you access to security and feature updates made by the Aragon team.
This process is safe, easy, and intuitive, no matter your familiarity with smart contracts. The release notes of each update are transparent, so anyone can dive into the details of each update and evaluate it. An example of the release notes can be found here.
Each update automatically goes through a safety check that is visible to all DAO members. The safety check analyzes the proposal to make sure that the proposal actions will result in a safe update. For example, it checks that the address of the update is in the Aragon OSx registry, the right methods are called, the actions in the proposal are properly ordered, and more. This protects DAO members from unknowingly passing malicious upgrades that do not come from the Aragon team or do not follow best practices.
If you decide you want to propose the update to the DAO, the necessary smart contract changes are automatically populated as actions within a proposal, so there’s no possibility of adding the actions incorrectly. There is a verification panel that automatically checks if the actions in the proposal are safe, which all DAO members can view. Then, the DAO must pass a vote to make the update available. For the final step, a wallet must execute the action.
Typically, smart contract updates of this kind require advanced Solidity experience. With Aragon OSx Updates, we've made it so that anyone can propose updates safely without writing any code!
Updates are optional and can be made whenever you choose, similar to operating system updates on your computer. In stark contrast to operating system updates, however, there are no “automatic updates” passed without your consent. The App will make you aware that updates are available, but never require you to make the update. Your DAO is self-sovereign, so updates are entirely your choice.
Every update is built and evaluated carefully within the Aragon team. The Aragon OSx protocol is governed with a 3/5 Aragon OSx multisig, which can upgrade the protocol but not existing DAOs. Security is our utmost priority, so we thoroughly test and evaluate every update. In over six years of building, none of Aragon’s products have ever been hacked, while cumulatively governing over $18B in assets.
Learn more about Aragon OSx Updates:
Aragon OSx contracts are upgradeable
The Aragon App is built on Aragon OSx, a smart contract framework for building DAOs. Aragon OSx is upgradeable, meaning the underlying code of the smart contract framework can be modified, but each individual DAO’s state, address, and balance are kept the same.
We made Aragon OSx contracts upgradeable to enable us to stay at the forefront of technological advancements in the space. This means there are many versions of OSx, each with new security and feature updates that improve running your DAO. This is similar to the many versions of your Mac or PC operating system—each has different levels of updates that you may want to make in your DAO.
DAOs on Aragon OSx and App are entirely self-sovereign
DAOs on Aragon OSx and App are entirely self-sovereign, meaning the Aragon team does not have the ability to change anything on the backend of your DAO.
This is important, because DAOs are inherently meant to be autonomous, self-sovereign organizations. If a centralized party was controlling them on the backend, that would defeat the purpose of what DAOs are made to do.
DAOs need a way to update their contracts while still retaining autonomy.
Aragon OSx Updates solves that.
When you create a new DAO on the Aragon App, it’s automatically created with the latest version of Aragon OSx contracts. But older DAOs won’t be automatically updated with the latest version. That’s why we created a system for DAOs to pass a proposal to install the latest updates if they choose to.
DAOs can skip updates or forgo them all together. The process is intentionally optional, so you have full domain over your DAO’s contracts.
How it Works
Create automatically-generated proposals to make updates
Whenever a new update is available, it will appear as a banner on the Aragon App. You can click “view all updates” and see what contract updates are available. Read the details and decide if you want to automatically generate a proposal to make this update. The automatically-generated update removes the possibility of incorrectly configuring the actions.
Option to evaluate the open-source code in the update before making your decision
DAO members can read the details of the update before making their decision. Each update automatically goes through the safety check process, but DAO members can also read the details of the update before making their decision. Release notes are written to be understood by anyone, even non-technical DAO members. And for DAO members who want to dive deeper, you can read the exact changes that are being made in Github.
All code we push at Aragon is open source. We will never put forward an update that’s not open and readable to anyone!
Make multiple updates with one proposal
You can make multiple updates at once, reducing the governance overhead of multiple proposals. Simply select the updates you want to make and click “Next” to create your proposal. This speeds up the process of getting your DAO contracts up to date!
Plugin updates take two transactions
Plugins—contracts that adapt the governance, membership, or treasury management of your DAO, such as the token voting plugin or the multisig plugin—are also upgradeable. This is important, because it means plugins can get security and feature improvements.
For added security, plugins follow a two-step process to update. That means you need to sign a transaction to prepare the plugin first before installing it. You’ll see a “Prepare plugin” button when this is required. Simply click the button, sign a transaction, and the plugin will be ready to install after a proposal is passed.
Updating your DAO is never required
Your DAO is entirely self-sovereign. That means you can continue using older version of the OSx contracts on the Aragon App if you choose to.
Where can I read more about the updates?
Consult the changelog on Github to see what’s been changed with each new iteration of the contracts!