Summary

Implements governance upgrade todos:

Main points

• admin of a pod is set on a per pod basis via the PodConfig that is passed to factory.createOptimisticPod(). This is done for two reasons:
  • Allow the PodFactory to be be passed to PodAdminGateway, so that in veto() we can validate that podId corresponds to the passed timelock (there won't be a cyclical dependency)
  • Allow us to more easily upgrade the admin contract. An individual pod/safe can migrate itself, and then we will create all new pods in the future by passing a new admin. Rather than requiring to redeploy the factory
• Consolidated specific pod admin roles into: admin and guardian. Map onto existing global role abilities
• DAO vote will not be bricked by additional Orca pod deploys. We deploy the TribalCouncil first and get a unique podId. The DAO vote script will need updating with our TribalCouncil Id
• Replaced used of OptimisticTimelock.sol with TimelockController.sol
• Removed some unnecessary global roles and consolidated
• Have a simplified deployGenesisPod() function to deploy the first pod. It is used to deploy the TribalCouncil before the DAO vote FIP. This means we have the podId. It is not placed in the constructor of the factory as it relies on args passed to the constructor which I want to be immutable for future deploys