CosmosHub: Grant Eureka Security Council 08-wasm AuthZ permissions

Proposal

TL;DR - To match Eureka’s security response setup on Ethereum and enable timely security upgrades on Cosmos Hub, this proposal grants the Eureka Security Council AuthZ (on behalf of the gov module address) permissions on IBC 08-wasm to (1) store new wasm binaries used by 08-wasm light clients and (2) migrate existing light client contracts. This avoids the current requirement of two sequential 7-day governance proposals (store, then migrate) or coordinated binary upgrades, both of which are too slow and operationally risky. The voting period for this proposal is 7 days.

Motivation

Granting scoped AuthZ to the Eureka Security Council will improve the Hub’s security posture and responsiveness by enabling:

Timely storage of new 08-wasm light client binaries when critical vulnerabilities or consensus changes are discovered

Safe, auditable migrations of existing light client contracts to patched versions without halting the chain

Operational parity with Eureka’s Ethereum-side security council so both ends of the bridge can be upgraded within the same response window

As Eureka connectivity expands, light clients are a critical security boundary. Today, addressing issues requires two full governance cycles (one to store a new binary and one to migrate), or a coordinated binary upgrade, which is slow, error-prone, and burdens validators. Scoped AuthZ lets the Council execute only these two actions quickly and transparently, reducing risk while preserving on-chain accountability.

Previously, on the Ethereum side of Eureka, a Security Council model is already used to enable rapid, scoped responses. This proposal brings the Hub into alignment with that model so cross-chain upgrades can be executed consistently and safely.

Future Deployments

With this access, the Eureka Security Council will use AuthZ exclusively to manage 08-wasm light client lifecycle operations on the Hub after the community accepts this proposal. Specifically, actions are limited to:

Storing new wasm binaries intended for 08-wasm light clients (/ibc.lightclients.wasm.v1.MsgStoreCode)
Migrating existing 08-wasm light client contracts to stored versions (/ibc.lightclients.wasm.v1.MsgMigrateContract )

This streamlines security and maintenance because:

No chain upgrades or halts are needed to patch or upgrade light clients
Fixes and new upgrades can be deployed without two back-to-back governance proposals, reducing response time during incidents and agility
The Hub remains lean by keeping non-critical logic out of the Gaia binary while preserving clear on-chain audit trails

Eureka Security Council

The Eureka Security Council is a 4/7 DAO DAO multisig with the address: cosmos1k9hkmn7upap546a4tfn908sfuuseru640dwu2nzem3zxklwrm4vqhzkwdk

The members of the Eureka Security Council is a trusted consortium of community members and builders from across the industry consisting of members from:

Wildcat Finance
Informal
Hypha
ZK Validator
Chorus One
Keplr
Interchain Labs

Additional notes

This proposal grants AuthZ for exactly two message types relevant to 08-wasm light clients: storing new wasm binaries used by 08-wasm and migrating existing light client contracts. No other wasm or IBC permissions are included or modified by this proposal.

Governance votes

The following items summarize the voting options and what it means for this proposal:

YES - You agree that the Eureka Security Council should receive AuthZ to store 08-wasm binaries and migrate 08-wasm light client contracts, with a voting period of 3 days.

NO - You disagree that the Eureka Security Council should receive these AuthZ permissions.

NO WITH VETO - A ‘NoWithVeto’ vote indicates a proposal either (1) is deemed to be spam, i.e., irrelevant to Cosmos Hub, (2) disproportionately infringes on minority interests, or (3) violates or encourages violation of the rules of engagement as currently set out by Cosmos Hub governance. If the number of ‘NoWithVeto’ votes is greater than a third of total votes, the proposal is rejected and the deposits are burned.