Summary

Liveness Expiration Monitoring exists to ensure that the owners of a specific Safe continue to demonstrate proof of liveness. Liveness Expiration Monitoring is used to monitor multiple different Safes, including the Security Council Safe and the Uniswap Safe.

If an owner does not demonstrate proof of liveness for some pre-configured amount of time (e.g., 98 days for the Security Council Safe on mainnet), the owner can be removed (by any account, permissionlessly) after which the signing threshold is adjusted automatically to maintain some percentage-based target threshold.

This runbook explains what to do in the case that you receive an alert related to Liveness Expiration Monitoring.

Alerts

Severity

The priority of this alert is represented by the priority value attached to the alert emitted by OpsGenie. For example, if the alerted emitted by ops-genie is "Priority": "P3", then the severity of the incident will be SEV3. Refer to the Severity definition and SLA document to better understand these different severity ratings.

Liveness Expiration Severity Levels

<aside> ℹ️

We assume a maximum of 5 days is needed to resolve an alert and complete all stakeholder tasks. To account for weekends and ensure timely action, we initiate alerts several days in advance. This proactive approach allows us to prevent incidents, as we can precisely predict when they will occur and determine the appropriate time to act.

Based on these considerations, we use the following alert schedule:

Alert 21 days before, we have 16 days to initiate actions ⇒ SEV3
Alert 14 days before, we have 9 days to initiate actions ⇒ SEV3
Alert 8 days before, we have 3 days to initiate actions ⇒ SEV3 </aside>

Contract Addresses

Network	Safe	LivenessModule Address	LivenessGuard Address
Ethereum (Mainnet)	Security Council	`0x0454092516c9A4d636d3CAfA1e82161376C8a748`	`0x24424336F04440b1c28685a38303aC33C9D14a25`
Ethereum (Mainnet)	Uniswap Safe	`0x4B4F1aF8d43C8c140D2355Fea663fC9f762067C2`	`0x9343c452dec3251fe99D9Fd29b74c5b9CD1751a6`

Investigation

Before escalating this issue to any other party, confirm that the alert is valid (rather than a result of some configuration error in monitoring or alerting).

Set your RPC based on the network where the alert was detected.
```
export ETH_RPC_URL= # set me
```
Find the LivenessModule and LivenessGuard addresses for the Safe that triggered the alert using the small table above.
```
export LIVENESS_MODULE= # set me
export LIVENESS_GUARD= # set me
```
Find the address of the owner in question as included in the original alert message.
```
export OWNER= # set me
```