The job of securing YAM’s treasury, the infrastructure, and other related aspects of the DAO has so far been a fragmented and happenstance process. There have been a few different elements that have typically worked simultaneously to fulfil these tasks. These include:
Guardian Multi-sig: This is a multi-sig wallet that is currently set up in a 3/8 configuration and includes current and past contributors to YAM. It is responsible for vetoing any malicious on-chain votes that are proposed via governance.
Expenses Multi-sig: This is a general purpose multi-sig used for reimbursables and miscellaneous expenses that do not need to go through the full governance process. it is a 2/4 multi-sig
Infrastructure: Different elements of infrastructure are managed, owned, and paid for by various contributors to the DAO.
The process for which these roles and responsibilities came about is often circumstantial and based on a short term needs and not a long term strategy. Multi-sig signers are added based on who is available and many signers do so without any remuneration (pay). Numerous key infrastructure pieces that the DAO relies on are often controlled and managed by one person and there is no plan in place if that person leaves or fails to do their job. While this is not expected, it highlights a vulnerability in the DAO and is counter to the ethos of decentralization that we preach here at YAM.
Many of the above responsibilities are held by similar people in the organization. This is a reflection of the small size of the current team, as well as the specialized nature of some of these tasks. Many of these tasks could be performed exclusively by the same people with no problem, which is what I am proposing we do.
I propose that we create a single, elected group who are responsible for the main YAM multi-sigs (guardian, expenses, etc), responsible for the core infrastructure, and to deal with any security issues which come up. This group, which I am calling the YAM Guardian Council, would be nominated and voted into the positions and serve a specific term, after which new elections would be held. For the most part this doesn’t change the work that those who fulfill these roles already do. It simply formalizes and clarifies the processes.
This is similar to the Synthetix Spartan Council and Protocol DAOs. It should contain a minimum of 5 members, with at least 2 developers in the group at all times. Each member would earn a stipend for this work, paid in YAM, with the expectation that it only takes a few hours of work a month. We could also require a bond to join this group, similar to how the Synthetix Protocol DAO does. We may even be able to use their contract.
If the group has a minimum of 5 members, then all multi-sigs could be adjusted to be 3 of 5.
Determining how this group can manage infrastructure is a more complicated question, but one that the DAO needs to answer if it intends to live up to its decentralized name. For infrastructure that allows multiple admin roles, these should be given to all members of the group. For infrastructure that only allows 1 admin role, a new account could be created that holds ownership, and access to that account can then be distributed to the members. At the end of a term, passwords would need to be changed and ownership transferred to the new members.
This methodology may not be possible in all instances and the actual implementation will need to be discussed and vetted by security minded DAO members. The best case would be to move to infrastructure that can be actively managed directly by the DAO or a multi-sig. But because that is not possible at this time, we must explore other solutions.
I understand that decentralization is a spectrum and we won’t be able to move from a system that has been cobbled together as we go to a fully decentralized one overnight. But we must start having these conversations and thinking about solutions to these problems.
This framework fits into the minimal YAM structure that many contributors at the DAO have been working on recently. Minimal YAM creates a structure for work to be specified, approved and completed within YAM, but does not have a clear process for how and who is responsible for coordinating around broad issues that impact the DAO. While ultimately the YAM token holders must decide the direction of the organization, it makes sense for these to be a visible group of people who can quickly coordinate and communicate with token holders around complex issues that may arise.
Comments, Critiques welcome and desired!