Initial Developer DAO Treasury Setup

One of the Core Teams objectives as defined in our Season 0 proposal was to deploy the DAO Treasury. This document provides details on how we’ve set this up.

Overview

Our Treasury has been deployed as a “multisig” contract wallet via gnosis safe with a 6/3 threshold. That means, out of the 6 signers listed below, 3 will need to sign any transaction for funds to leave the treasury.

Initial signers of the treasury multisig:

• Nader Dabit - @dabit3
• Will Kempsterrrr - @kempsterrrr
• marc - @wolovim
• Will Blackburn - @willhblackburn
• with-heart - @grow_love
• Erik_Knobl - @Erik_Knobl

This initial set of signers will serve for Season 0 and Season 1. This will provide stability and allow time during Season 0 for our community to stand up Governance processes and our new ERC-20 Governance token to be launched. Once these are in place, token holders will then vote to either keep or replace the existing signers.

We also maintain a legacy EOA wallet for specific use cases listed below. The same signers have access to both wallets.

Treasury address - 0x7128f5ff32eD07Ce12E6a9deBE32BB40F9884b3C
EAO wallet address - 0xdd00Cc906B93419814443Bb913949d503B3DF3c4

Management of funds

The Treasury stores the vast majority of DAO assets.

This includes but is not limited to any vested allocations of our ERC-20 Governance token once launched, revenue from on-chain activities and tokens received in partnership arrangements.

The only current exception to this is management for our ENS domain (devdao.eth) and a small amount of “working capital” provided by the core team which is stored in the EOA wallet. The reason for this is to provide easy management for mirror and snapshot, as well as voting as an ENS delegate.

Whilst there are no current plans to actively manage Treasury assets, we expect to open up discussions about this as the Treasury grows.

Governance of the Treasury

Decentralised and transparent Governance of the Treasury is key to ensuring trust in our community.

To that end, whilst each individual transaction does not require a vote, budgets must be pre-approved by DAO members via a snapshot vote. A record of transactions that ties them back to an approved budget will be made publicly available and can be verified on-chain via etherscan.

Governance and management of the Treasury will become more decentralized over time as our governance process and tooling matures. For now this set-up provides the ability to move forward whilst ensuring oversight from the community.

Forgive my little knowledge of multisig, but I was wondering the following:

1. What would be the official wallets from each of the signers to verify that it’s they are signing and not someone by mistake?

2. What is the process of changing the guard, when someone might need to be replaced or is unable to continue their duties.

3. Are there stipulations / written responsibilities for each of the signers that they’ve agreed to?

4. How would bad actors be factored in? In case someone’s wallet gets compromise, etc.

5. The time table for the responsibility of the multisig would be for how long? Season 0 only?

1. These are the owners of said treasury. You can go to Gnosis App, click “Import” and paste the treasury address (that’s how I found it).

   

   image761×593 38.4 KB

2. My guess is - majority vote on removing/adding wallet.

3. Leaving up to team.

4. That’s why multisigs exist, so that there’s no single point of failure. If one’s wallet gets compromised, you still need majority vote to have something executed.

5. Leaving up to team.

Thanks!

Follow up to the definition of majority, does that mean 50% or anything slightly above that?

From the overview, looks like a 50% at this time:

Thanks for the clarification

Thanks @LucaSilverhand for sharing these responses Will expand on what you’ve provided here to give a little more clarity.

What would be the official wallets from each of the signers to verify that it’s they are signing and not someone by mistake?

The wallet addresses @LucaSilverhand has shared are “owned” by the signers listed in the proposal. These are the only wallets that can interact with the multisig to make transaction, although like any other wallet there are not restrictions on deposit.

What is the process of changing the guard, when someone might need to be replaced or is unable to continue their duties.

Adding or removing signers, or changing the threshold on for a transaction from 3/6 are on-chain transactions that update the state of the multisig to change how it works. See add owner button below, there is a similar view on settings for changing the signing threshold.

This can also shed some light point 4.

How would bad actors be factored in? In case someone’s wallet gets compromise, etc.

Given there is a signing threshold of 3/6, someone would need to gain control of 3 out of the 6 wallets to do anything with the multisig. Therefore if it was discovered that one wallet was compromised, the other wallet holders could remove that wallet address as an owner and replace it with a fresh one via an on-chain transaction.

Screenshot 2021-11-26 at 13.33.312578×1520 327 KB

Are there stipulations / written responsibilities for each of the signers that they’ve agreed to?

There is really much to be responsible for, other than executing the transactions the community have agreed are allowed via snapshot votes on budgets and ensuring a good level of personally security for the wallets we are responsible for that sign transaction.

On security, every wallet here is either a hardware wallet or a fresh wallet that is being used exclusively for the purpose of signing these transaction. That reduce the risk significantly of the wallets being compromised.

The time table for the responsibility of the multisig would be for how long? Season 0 only?

This was stated in the original post

This initial set of signers will serve for Season 0 and Season 1. This will provide stability and allow time during Season 0 for our community to stand up Governance processes and our new ERC-20 Governance token to be launched. Once these are in place, token holders will then vote to either keep or replace the existing signers.

As for the process itself this doesn’t currently exist. We need to stand up these processes during Season 0 as a community including rules for how long signers can “serve” being needing to be reelected.

Hope that goes some way to answer the questions @manny thanks again @LucaSilverhand

Yep this is correct. 3 out of the 6 wallets are required to sign any transaction for funds to leave the treasury. This setting can be changed via another on-chain transaction. We set it at 3/6 to balance security with ease of use and risk of loosing access.

Why can’t we make it 4/6 instead of 3/6? Of course the treasury will be better secured, but I presume it has something to do with availability of the signers? If that’s the case, then it doesn’t make sense for the community to have signers who don’t have enough time to the point where we need to give up security of the treasury.

It’s always a balance between theft of funds and loss of funds. Generally speaking, in the middle is best. We want to avoid enough accounts being compromised. At the same time, we want to avoid a situation where a couple of treasury members lose their private keys.

Given the maturity & methods of the treasury signers setup, both of these are highly unlikely and being in the middle protects us from both.

Makes sense!

Thanks for the response! Didn’t thought of loss of funds.

Glad you mentioned this! In terms of the signer addresses, do you think there’s a case to be made for requiring them all to be hardware wallets? Don’t want to make the process onerous for y’all but maybe this would alleviate concerns about the 3/6 signer threshold. We could potentially pay for them with the operating capital y’all have gathered.

We could potentially pay for them with the operating capital y’all have gathered.

I’d also be happy to personally kick in for this, if needed.

There are also talks about new guilds, whos leaders could probably also become signers too.

So, we will become more decentralized in the future.

3/6 could become 5/10 in the future.

I would imagine we’ll also get to the point where we want to have multiple accounts (ex. one per guild) to decentralize further and allow guilds to operate autonomously. However, this’ll require some sort of budget process at the dao-wide level to properly fund each guild’s “sub-treasury”. I’d expect that to run through our governance process as per usual

Hello everyone, thanks for all the effort here, things are looking very promising.

I am wondering how budgets will work. I can see clearly how budgeting can cap total amount spend but do we have some strategy to tie this spending to some sort of categories (e.g. infrastructure costs, IRL events) ?

Also I think that although all transactions are on chain it would be good to have some sort of accountability checkpoints/reporting to improve DAO members visibility.