Skip to content

Commit

Permalink
introduced four new proposals
Browse files Browse the repository at this point in the history
  • Loading branch information
@estmcmxci @lucemans
estmcmxci authored and lucemans committed Jun 11, 2024
1 parent e24b2a7 commit 0fc577b
Show file tree
Hide file tree
Showing 4 changed files with 244 additions and 0 deletions.
84 changes: 84 additions & 0 deletions docs/dao/proposals/5.5.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
{/** @type {import('@/lib/mdxPageProps').MdxMetaProps} */}
export const meta = {
description: 'This specification is the amount requested from the DAO treasury to the Public Goods Multisig to fulfill anticipated budgetary needs through September 2024.',
emoji: '📖',
contributors: [
'Coltron.eth, Vegayp.eth, Simona.eth'
],
proposal: {
tally: '48839151689001950442481252711111182244814765601408465024742109276815020082612',
type: 'executable'
}
};

# [EP 5.5] Funding Request: ENS Public Goods Working Group Term 5 (Q1/Q2)

## Abstract

The ENS Public Goods Working Group requests funding to **support operations until the September 2024 funding window**.

The Public Goods working group funds projects and builders improving the Web3 ecosystems. This funding stream is authorized in [Article III](https://docs.ens.domains/dao/constitution#iii-income-funds-ens-and-other-public-goods) of the ENS DAO Constitution. This funding supports initiatives related to open-source software, tooling, research, and any practical implementations that broadly benefit a wide range of users of Ethereum and Web3.

This social proposal is submitted to satisfy the requirements set out in Rule 10.1.1 of the Working Group Rules ([EP 1.8](https://docs.ens.domains/v/governance/governance-proposals/term-1/ep12-working-group-rules)) and further required by [this snapshot proposal in Nov. 2023 modifying steward rules](https://snapshot.org/#/ens.eth/proposal/0x26a5c8dec547837495707e70446d1e7cd874a91f75753c602998f6e70083a266). If this proposal is passed, the funding request will be included in a collective executable proposal put forward by all three Working Groups.

## Specification

The balance of the Public Goods multisig at the time of Snapshot contained 147.2k USDC and 33.5 ETH.

If passed, this proposal will transfer 450.3k USDC and 21.5 ETH from the DAO wallet to the Public Goods working group to accommodate the proposed budget below.

### Balances (March 2024)*

| **USDC** | **ETH** | **ENS** |
| :------- | :------ | :------ |
| 147.2k | 33.5k | 200 |

*Balances above reflect amounts at time of original proposal at time of Snapshot. Current balance information can be found at [https://enswallets.xyz](https://enswallets.xyz).

### Expected Spend (Through September 2024)*

| **Initiative** | **USDC** | **ETH** |
| :------------------ | :------- | :------ |
| Large Grants | 387.5k | 0 |
| Small Grants | 0 | 50 |
| Bounties | 45k | 0 |
| Events + Hackathons | 115k | 0 |
| Discretionary | 50k | 5 |
| **Total** | **597.5k** | **55** |

*Multisig contains 200 ENS that has no planned use. This may be transferred back to the DAO wallet during the term.

---

## Description of Initiatives

### Large Grants

Grants up to 50k USDC with applications accepted on a rolling basis throughout the year-long term. Large Grants will resume in Q2. With five grantees completing milestones from last term, the budget includes remaining payouts yet to be disbursed. We plan to add at least two more grantees during Q2 while piloting new grants management software. In the second half of the year, we will run another full-size round supporting up to 10 grantees at a time with a 200k USD total prize pool.

### Small Grants

Multiple micro-grants voted on by the community. Small Grants will resume during the first half of the year shortly after ETHDenver. We have added the amount expected to spend through the end of the year with no increase from last term. This is approximately 12.5 ETH per quarter. With market fluctuations, stewards may right-size and lower the amounts distributed during round.

### Events and Hackathons

The working group will support Public Goods events and hackathons. Funds have included expenses related to the funding of hackathons, events, and related participation in events (judging, panels, speaking) where necessary.

The current earmarked events are:

* [ETHGuatemala](https://ethereum.gt/)
* [EthLatam](https://ethlatam.org/)
* [ETHGlobal London](https://ethglobal.com/events/london2024)
* [ETHCanal](https://www.ethcanal.xyz/)
* [ETHCC](https://ethcc.io/)
* [ETHGlobal Brussels](https://ethglobal.com/events/brussels)
* [DAO Tokyo](https://dao-tokyo.xyz/)
* [ETHGlobal San Francisco](https://ethglobal.com/events/sanfrancisco2024)
* [ETHGlobal Bangkok](https://ethglobal.com/events/bangkok)
* [Devcon](https://devcon.org/en/)

This list is not guaranteed as several events are still in the planning stages. The PG stewards will continuously assess opportunities to expand the public goods conversation and collaborations.

### Discretionary

The funds in this initiative are reserved for additional grant opportunities and expenses that arise during the term. Spending on this initiative is at the discretion of the working group stewards.
57 changes: 57 additions & 0 deletions docs/dao/proposals/5.6.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
{/** @type {import('@/lib/mdxPageProps').MdxMetaProps} */}
export const meta = {
description: 'This EP authorises metagov to withdraw 30 ETH from the endowment each month for fees, and reimburses metagov for 43.54 ETH in fees already incurred.',
emoji: '📖',
contributors: [
'Nick.eth'
],
proposal: {
tally: '45720656345448826187222659689199787286494046921153399380076959662321080408931',
type: 'executable'
}
};

# [EP 5.6] [Executable] Enable Self-Funding for the Endowment

Authorizes metagov to withdraw 30 ETH from the endowment each month for fees, and reimburses metagov for 43.54 ETH in fees already incurred.

## Abstract

This proposal outlines a strategic shift allowing the Endowment to autonomously finance its operations. Specifically, it grants the Metagov stewards the authority to withdraw up to 30 ETH monthly from the Endowment, designated for payments to karpatkey and [@steakhouse](https://discuss.ens.domains/u/steakhouse) for their services in managing the Endowment. This initiative provides the stewards with a direct allowance for these expenses, eliminating the need for these costs to be continually factored into their requests for DAO budget allocations.

Additionally, this proposal seeks to reimburse the [Metagov Safe](https://etherscan.io/address/0x91c32893216dE3eA0a55ABb9851f581d4503d39b) for the payments made to karpatkey and Steakhouse Financial during 2024, covering the service fees for [January](https://etherscan.io/tx/0x4ef4b34d397e6ce1fbe1fbe3e94340dcf02d590fc9d93c7107a76282beb201c6) and [February](https://etherscan.io/tx/0xdd631a42ccc3762e285276043926c52b86dedbc70fa34dddd611585a38534a89), which total 43.54 ETH.

## Motivation

Since the initiation of the Endowment through the execution of the [first tranche](https://discuss.ens.domains/t/ep3-4-executable-fund-the-endowment-first-tranche/16277#specification-3), payments to karpatkey and Steakhouse Financial for their services have been categorized as operational expenditures. These costs were funded through the Metagov Safe, necessitating routine funding requests from the Meta-Governance Working Group to the DAO.

To simplify and enhance the financial autonomy of the Endowment, we propose granting a monthly allowance of up to 30 ETH to the Metagov Safe by leveraging the Spending Limits feature available on Safe.

This measure allows Metagov stewards to settle Endowment fees directly from funds within the Endowment itself, thus eliminating the regular necessity to refill the Metagov Safe. Should the allowance cap be reached, further withdrawals will be paused until the commencement of the next 30-day cycle. This adjustment eradicates the need for frequent funding operations, paving the way for the Endowment's sustained self-sufficiency.

The monthly cap of 30 ETH has been carefully chosen to align with the Endowment's scale and historical fee structure, ensuring it suffices to cover monthly expenses. Should there be a need to revise this limit to better suit future requirements, adjustments can be facilitated through the submission of a new proposal.

Finally, to ensure the strategic shift is applied retroactively from the outset of 2024, this proposal requests that the Endowment reimburse the Metagov Safe for expenses incurred through payments to karpatkey and Steakhouse Financial. This reimbursement, aimed at covering the service fees for January and February 2024, amounts to a total of 43.54 ETH.

## Specification

The following payload will be executed by the DAO Wallet to create the mentioned allowance and refund:

```plaintext
Calldata:
0x6a76120200000000000000000000000040a2accbd92bca938b02010e17a5b8929b49130d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000014000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c000000000000000000000000000000000000000000000000000000000000002448d80ff0a000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000001eb004f2083f5fbede34c2714affb3105539775f7fe6400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024610b5925000000000000000000000000cfbfac74c26f8647cbdb8c5caf80bb5b32e4313400cfbfac74c26f8647cbdb8c5caf80bb5b32e4313400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024e71bdf4100000000000000000000000091c32893216de3ea0a55abb9851f581d4503d39b00cfbfac74c26f8647cbdb8c5caf80bb5b32e43134000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a4beaeb38800000000000000000000000091c32893216de3ea0a55abb9851f581d4503d39b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a8c00000000000000000000000000000000000000000000000000000000001b33acd000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000041000000000000000000000000fe89cc7abb2c4183683ab71653c4cdc9b02d44b700000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000
Target:
0x4f2083f5fbede34c2714affb3105539775f7fe64
Value:
0
Calldata:
0x6a76120200000000000000000000000091c32893216de3ea0a55abb9851f581d4503d39b0000000000000000000000000000000000000000000000025c3d2750b08200000000000000000000000000000000000000000000000000000000000000000140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000016000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000041000000000000000000000000fe89cc7abb2c4183683ab71653c4cdc9b02d44b700000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000
Target:
0x4f2083f5fbede34c2714affb3105539775f7fe64
Value:
0
66 changes: 66 additions & 0 deletions docs/dao/proposals/5.7.mdx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
{/** @type {import('@/lib/mdxPageProps').MdxMetaProps} */}
export const meta = {
description: 'This EP aims to safeguard the DAO by establishing a Security Council with a two-year, time-limited veto power to counter malicious proposals, ensuring the protocol's integrity and promoting decentralized governance.',
emoji: '📖',
contributors: [
'alextnetto.eth'
],
proposal: {
snapshot: '0xf3a4673fe04a3ecfed4a2f066f6ced1539a5466d61630428333360b843653c54',
type: 'social'
}
};

# [EP5.7][Social] Security Council

## Abstract
The primary mission of ENS DAO is to govern the protocol and allocate resources from the treasury in line with the DAO's constitution and broader objectives. However, due to changing economic dynamics, the DAO is increasingly vulnerable to attacks aimed at draining its treasury.

To safeguard the DAO's integrity and longevity, a Security Council with the authority to cancel malicious proposals is needed. To avoid perpetuating centralized power, the Security Council's authority will have a built-in expiration date. After two years, anyone will be able to call a function that revokes the council's power to veto proposals, ensuring a time-limited mechanism to counter malicious attacks while promoting more delegation and governance distribution.

## Motivation
As ENS continues to grow, its treasury in ETH is always growing. Simultaneously, the percentage of tokens actively delegated is on the decline.

![Dune.png](ipfs://bafkreifqrdrm5t3qzlbbsssdlebild2azbfovyjixwa5cedlg5f3ijsxuu)

This imbalance creates a risk where an attacker could acquire enough $ENS to gain control of the DAO at a cost lower than the treasury's total value. This has been a growing concern since March 2023.

![image](ipfs://bafkreicuwrazcaaxvn6ywavjzc2ozutbmnbt5q2pd2lfakb6d7iszfq4q4)

Past attacks on DAOs have exploited similar vulnerabilities, with some [being thwarted](https://twitter.com/AragonProject/status/1656028382939815937) by components with veto power. Currently, the ENS governance process involves a proposal passing through the governor, relying on delegated voting power for approval. If approved, the governor queues the proposal in a timelock contract, delaying execution by two days. While the governor can cancel proposals, it follows the same pathway as a malicious proposal, introducing potential risks.

The short-term solution was delegating 3.8M $ENS to a contract that can only vote "Against"; more details about this can be found in [Nick's forum post](https://discuss.ens.domains/t/introducing-veto-ensdao-eth/19088). The attack is still profitable and, depending on market conditions can be up to a 3x ROI, like in Dec 2023. We need a mid-term solution to cancel the attack, which is this proposal. An article about this research done by the Blockful team will be published [here](https://blockful.io/blog/ens-security-council-snapshot) after the proposal is executed and there is no attack risk.

## Specification
To enhance security, a veto contract will be deployed. Controlled by a Security Council multisig and will have the PROPOSER_ROLE in the timelock, granting it the ability to cancel proposals without the power to initiate or modify other DAO actions. The scope of this proposal is to assign the PROPOSER_ROLE to the veto contract,

To ensure decentralization, the contract will also feature a time-based expiration mechanism that allows anyone to revoke the PROPOSER_ROLE after two years. This window provides time to strengthen delegation and address current vulnerabilities, facilitating the DAO's transition to a more secure governance model.

## Security considerations
Assigning the PROPOSER_ROLE to a multisig within the timelock contract is overly broad for our requirements as it allows the address to add proposals directly to the queue. If the multisig signers are compromised, they could potentially propose and execute malicious changes. Therefore our approach would be to deploy a new contract similar to the current veto.ensdao.eth contract, which can only do one action: to CANCEL a transaction in the timelock. That would be a trivially simple contract and it would be hard locked to only accept calls from a newly created SAFE multisig.

The risk is mitigated but one scenario remains: if the whole multisig is compromised then a malicious entity could kick other signers and effectively stop the DAO from executing proposals by canceling all transactions, including any that would remove this contract from the proposal role. Anyways, after 2 years, anyone can remove the proposal role.

With that in light. the following considerations are essential for ensuring the Security Council's multisig operates securely:

- Availability of Signers: It is critical to avoid scenarios where signers are unavailable during emergencies. Events like the Shanghai attack, where real-life occurrences prevent signers from accessing their wallets, must be avoided. Council members should ensure wallets and necessary equipment are accessible at all times.
- Secure Wallet Practices: Security Council addresses should be exclusive to ENS-related operations. Private keys must be stored using best practices to minimize exposure to risks.

Finding the right balance for the multisig threshold is crucial. A higher threshold can complicate coordination but reduces the risk of malicious activity. A lower threshold, while more agile, could make the DAO more susceptible to attacks or unintended consequences if a few signers are compromised. The suggested composition is a 4/8 multisig.

## Council Operations
It is in the best interest of everyone to make clear the expectations and responsibilities ENS DAO put on those members, backed by the reputation, other roles and gains those might have in the organization.

The security council is expected to act only in emergency, in the given following situations or similar cases:
- If a proposal goes against the ENS constitution
- If a proposal is approved with malicious intent against the DAO longevity/sustainability
- If such proposal is approved by any group of voters, but directly financially incentivised to vote against the DAOs interests to preserve their own financial stake.
- If any approved proposal goes directly against the DAO for the sole benefit of an attacker.

Those definitions are not exhaustive, and the trust deposited in the elected members for the council also encompasses the trust in their capacity to:
- understand ENS DAO thoroughly
- listening to the community feedback on extreme situations
- take quick action on behalf of the DAO
- comprehend the proposals being approved and their repercussions

The Security Council members will be the same signers for the veto.ensdao.eth, their identities are known, have signed a pledged to uphold the ENS constitution and live in countries with a solid legal system.
Loading

0 comments on commit 0fc577b

Please sign in to comment.