Proposal to enable Chainlink CCIP Cross-chain Transfers of sINV

Background:

sINV is the staked version of the INV governance token within the Inverse Finance ecosystem, designed to offer enhanced utility and long-term value for token holders. sINV automatically accrues rewards through the auto-compounding of INV staking rewards and DBR streaming rewards, providing a more convenient and efficient way for holders to benefit from staking without manual intervention. This token is issued as an ERC-4626 vault token, making it both flexible and portable… As Inverse Finance expands across multiple chains, cross-chain interoperability is crucial for maintaining liquidity and improving user access to the token’s benefits. Chainlink CCIP offers a decentralized, secure, and scalable solution for cross-chain communication and asset transfers. This integration will allow sINV token holders to transfer their assets seamlessly across Arbitrum, Base, Ethereum, and Optimism.

Motivation:

The expansion of sINV to multiple chains will:

• Increase liquidity: By allowing sINV holders to transfer tokens between different chains, ensuring efficient capital flows.
• Enhance user experience: Simplifying the process of managing sINV across different chains, reducing friction for token holders.
• Expand utility: Facilitate seamless integration with dApps and DeFi protocols across multiple networks.

Implementation:

A system of message-sending contracts has been deployed to facilitate cross-chain communication using Chainlink CCIP. These contracts support secure transfers of messages between Ethereum mainnet and L2s supported by CCIP, with the GovernanceProxy contracts acting as an outpost of Inverse DAO governance on the L2 they’re deployed to.

On each L2 a mintable receipt token has also been deployed with built-in functionality to add and remove minters of sINV tokens on the supported chains. This governance feature ensures that the DAO retains control over who can mint sINV, allowing it to support lock-and-mint bridging solutions like CCIP.

On-Chain Actions:

1. Take ownership of GovernanceSender contract on Ethereum Mainnet
2. Add minting rights of L2 mintable tokens to the Chainlink CCIP bridge:

• Arbitrum: 0x8728c15Ddd4dB933B0cbA8a0bf74090EdfC53A74
• Base: 0xA84a33295C869E9ad2131Ea66e9674A61805aC4c
• Optimism: 0x8A642dE15D7DCCb16eE68D0eF6821F5cf38cd7Fb

Where the contract audited? What are the risk vector for such solution. Honestly I don’t understand exactly from this post alone how all of this works. More precisions would be welcome.

Our CCIP integration from design phase to deployment has been under the supervision of Chainlink. To provide an additional layer of assurance, we are also pursuing a third-party audit to confirm that all components are functioning as intended.

How It Works:
The Chainlink CCIP integration facilitates a lock-and-mint bridging model (burn-and-mint when L2<>L2 bridge transactions):

• Locking Mechanism: sINV is locked on the origin chain when a transfer is initiated.
• Cross-Chain Message Transmission: Chainlink CCIP securely transmits the transfer request across chains.
• Minting on Destination Chain: The destination chain’s mintable token contract mints an equivalent amount of sINV, giving users cross-chain access to their assets.

Some risk vectors to consider are:

• Cross-chain transactions, which can face delays or message failures. Chainlink CCIP’s network has built-in mechanisms to handle such scenarios securely. Our GovernanceSender and GovernanceProxy contracts provide the DAO with control and verification over message passing and minting operations across chains.
• Potential vulnerabilities in message-sending and mintable token contracts. Chainlink and our third-party audit will offer the necessary validation. Additionally, the DAO retains control over L2 minter permissions, allowing revocation if security issues arise.
• Governance risks. Malicious or inaccurate proposals could compromise cross-chain contract management. The GovernanceHelper contract ensures that only mainnet governance controls minting rights on L2s. This setup creates a transparent, verifiable path for governance decisions to securely influence cross-chain sINV operations.

Chainlink have extensive documentation and guides made available for their CCIP protocol but happy to provide additional details if there are further questions.