[EP 6.27] [Executable] Endowment permissions to karpatkey - Update #7

Abstract

This proposal introduces a routine update to the permissions for the Endowment Manager. These updates continue to evolve diversification to lending markets. This update also removes a permission no longer needed.

Motivation

The permissions in this update focus on in increasing the availability of lending markets, specifically Morpho Vaults curated by kpk and others on Fluid Protocol.

Specification

This proposal adds and removes the following contracts and functions:

Additions

1. Tokens

2. Morpho Lending Markets

3. Fluid Protocol Lending Markets

4. Other

Removals

Other

Reviewing Zodiac Roles Modifier Permissions Policy

To review, the following resources are below:

• Payload: client-configs/clients/ens-dao/mainnet/payloads/ensPermissionsUpdate7.json at main · karpatkey/client-configs · GitHub (Updated to remove EURc)

• Zodiac Diff Visualisation Tool: https://roles.gnosisguild.org/eth:0x703806E61847984346d2D7DDd853049627e50A40/roles/MANAGER/diff/fiM5U8aU0VkbG4NglApFoWkapISvh5vuvcfqsVXUJE?annotations=false

Considerations

The assets in these lending markets are considered to conform to the risk tolerance specified in the Investment Policy Statement (IPS).

Morpho vaults curated by kpk collect no additional fees.

Next Steps

The proposal will be introduced in the next meta-governance call. Pending review from Blockful and no revisions following the discussion in during the meta-gov call, this proposal will progress to an on-chain executable vote.

Draft proposal calldata security review

The calldata draft executes successfully and achieves the expected outcome of the proposal. All simulations and tests are available here.

To verify locally, clone the repository, checkout commit 2ffd43, and run:

forge test --match-path "src/ens/proposals/ep-kpk-draft/*" -vv

Note: The draft was provided by @kpk on Nov 28.

Thanks for the proposal, a couple of clarifications would help questions I have regarding the alignment with the IPS:

1. EURC addition

The IPS defines allowed stablecoin equivalents as USDC, USDT, and DAI, and all runway requirements/expenses are USD-denominated.
Could you provide more details on how EURC is intended to be managed within these guidelines?
Clarity here helps ensure that expanding permissions does not implicitly modify or conflict with the IPS.

2. kpk-curated vaults

Allocating through a vault means we also inherit the vault’s strategy risk and smart-contract risk.

• Is there a defined risk framework or documentation confirming that each curated vault meets the IPS’s conservative risk profile?
• What are the advantages of deploying via curated vaults rather than depositing directly into the underlying markets?

The original intent behind permitting EURC was to hedge against USD exchange rate fluctuations, prioritising stablecoin capital preservation.

However, since the initial draft, the yield advantage of EURC has diminished over time, making it a less competitive option. Additionally, onboarding EURC requires a minor amendment to the IPS stablecoin definition

Allowed assets:

• ETH and their staked equivalents
• Stablecoin equivalents: USDC, USDT, DAI, EURC

After reconsidering, we will remove EURC and the related vault permissions from this proposal. We do suggest that EURC and the preferred stablecoins are reassessed for inclusion at a later stage if FX risk becomes material again.

@netto.eth We will provide the updated calldata, excluding EURC, and resubmit the calldata for review.

While allocating through curated vaults introduces strategy-specific risk, it also provides meaningful benefits. From a smart contract perspective, the risk is comparable to that of direct market deployments.

Each kpk-curated vault is subject to a strict risk assessment process. Once onboarded, collaterals are classified using a tiered framework that defines their eligibility for allocation and borrowing. Complete documentation is available in the kpk Curation Risk Framework.

Current collaterals:

• USDC vault: WBTC, wstETH, cbETH, weETH, lBTC, tBTC
• ETH vault: wstETH, WBTC, cbETH, weETH, rsETH, ezETH, ETH+

The DAO has already approved part of these markets. Some new products are introduced, but with strict allocation caps (10-40%) to limit exposure. All of them align with the treasury’s conservative risk profile, characterised by deep liquidity, battle-tested protocols, robust oracle systems, and strong operational track records.

Key advantages of curated vaults:

• Active management: Vaults are rebalanced continuously across liquid markets based on real-time conditions.
• Automated risk controls: An exit agent dynamically reduces exposure to less liquid markets to preserve full redeemability.
• Operational efficiency: Delegates benefit from increased automation, which reduces manual oversight without compromising risk standards.

Draft #2 proposal calldata security review

Draft v2 had changes: removing EURC related operations

The calldata draft executes successfully and achieves the expected outcome of the proposal. All simulations and tests are available here.

To verify locally, clone the repository, checkout commit 1fa8a7e, and run:

forge test --match-path "src/ens/proposals/ep-kpk-draft/*" -vv

Note: The draft was provided by @kpk on Dec 11th.

Proposal is now live on Tally: Tally | ENS | [EP 6.27] [Executable] Endowment permissions to karpatkey - Update #7

Proposal calldata security review - Live

Calldata executes the expected outcome.

The simulation and tests of the live proposal can be found here.

To verify locally, clone the repository, check out commit d6704d5, and run:

forge test --match-path "src/ens/proposals/ep-6-27/*" -vv