Access control via DAO (with timelock controller) proposal


I'm writing some DAO ecosys using Governor with GovernorTimelockControl extension.

In the doc, it says

When using a timelock, it is the timelock that will execute proposals and thus the timelock that should hold any funds, ownership, and access control roles. Before version 4.5 there was no way to recover funds in the Governor contract when using a timelock! Before version 4.3, when using the Compound Timelock, ETH in the timelock was not easily accessible.

So after deployment, I have two contract addresses:

  • DAO from deployment of Governor
  • TLC from deployment of TimeLockController

If I have another contract whose function I only want DAO can access (through proposal execution), should I check msg.sender against DAO or TLC?

My understanding is TLC as it executes all proposals instead of DAO. But wanna get a confirmation here. Thanks

Yes, I think you should use the TimeLockController contract.

In a governance system, the `TimelockController` contract is in charge of introducing
a delay between a proposal and its execution. 
1 Like