Audit of the Governance tools and procedures of BanklessDAO: Emergency Protocol

General
1

Title: Audit of the Governance tools and procedures of BanklessDAO: Emergency Protocol

Draft Authors:

Working Group:

SUMMARY

TLDR;

The title of this post includes the words Emergency Protocol. Acknowledging that although this proposal, as all that have gone through the forum/have links to external google docs, Emergency Protocol was introduced as Appendix A, stating:

“APPENDIX A - Emergency Scenarios

An “Emergency Scenario” would refer to a proposal/motion that needs to fast track consensus and would likely consolidate power into the hands of a few for a short period of time, often the multisig signers 7. Examples could include:

  1. Liquidating positions due to black swan events
  2. Legal action against the DAO
  3. Smart contract hacks
  4. Immediate changes to governance (IE closing a governance loophole)

Emergency proposals would be titled with “Emergency Protocol” in the heading, which fast tracks soft and hard consensus by increasing quorum + voting requirements and removing all time requirements.

Since inception, BanklessDAO has used google docs to draft proposals and temp checks, the forum to gauge sentiment of and then vote on proposals and Snapshot to ratify the proposals.

All of these tools that have been used to ratify and store all proposals are able to be edited. Many proposals drafted on snapshot, have important details, specifications and implementations of the proposals linked via a google sheet. As you will see below, all of these methods have allowed our Governing Documents to be edited - During the voting period and after the results have been ratified.

The decision model at BanklessDAO is based with “quorum” being the deciding factor. There was the quorum removal vote, however, it always seemed no one really knew what quorum was and countless hours have been spent trying to figure it out.

The quorum removal vote was based on the proposal to ratify quorum itself didn’t meet quorum, however it didn’t have to.

These flaws in our governance system that either have led or could lead to our governance being corrupted.

There are also many other flaws within the systems, procedures, tooling, permissions, and has led to a build up of consolidated power, access and permissions, as you will see below.

BACKGROUND

Ratified Governance has been edited

The snapshot vote that ratified this Season 5 specification went live on July 29,2022 however the google doc that is linked in the Season 5 Specification Snapshot was edited 8/2/22, which was after the snapshot vote went live. It is important to note that we don’t know what was edited. It could have been as simple as adding a period to the end of the sentence. This can be seen in figures 1 and 2.

image
image1284×2754 264 KB

image
image1284×2778 370 KB

Forum pages have been deleted

The original BanklessDAO Wiki instructs to read more here about levels and roles within the DAO. This page has been deleted or is private.

The above demonstrates how 2 of the 3 methods that we use to store our Governance methods are accessible and editable and delectable. If we conducted an audit of our Governance docs, how many more documents would we find have been edited?

These documents and any documents that use either of these documenting and storage methods should all be considered void, as it has been proven that they have been edited. This either has led or could lead to our governance being corrupted. Almost every single snapshot vote is linked to a google doc.

image
image1284×1947 295 KB

All of BanklessDAO’s documentation is fragmented

Our governance documents have been so fragmented, that hours of research is needed to determine what has previously been put into place. We have seen above and the detrimental effects links within documents have caused to all of the documents that govern BanklessDAO. This also extends to the BanklessDAO notion.

image
image1284×2778 149 KB

image
image1284×1775 59.5 KB

The forum post Decentralization of Notion permissions This proposed model will decentralize Notion permissions by re-ordering the underlying page structure, groups, and permissions.

It gave minimal background information about the Bankless DAO Notion workspace being hacked. Other than:

“The hacker changed the content on the Mission, Vision and Values 23, and more concerning, the bank token address on the Gnosis Safe CSV Airdrop How-To 7 document.

Notion security hasn’t been a priority, so there isn’t a DAO-wide policy yet. Notion includes some tools to help us solve this issue, including groups, pages, page groups, and permissions.”

So we consolidated the power via administrative permissions. These permissions consolidated even more after upgrading the Notion package to have the ability to see what changes have been made to pages, and by who. What we are not able to see now are the tremendous amounts of deleted pages and who the pages were deleted by.

Such as the (L2): 35,000 BANK + Nomination/Vote process.

Or the member page or the this page.

Important information has been lost, like Guilds should have been adhering to KPI’s and filling out a budget request form, as seen in this proposal template or the funding template that voting to reduce the BANK minimum to join here and here. Incorrect Gnosis safe addresses are listed.

There is a project page and a project repo page. The project repo does not connect to the project pages as it should/did

Shouldn’t we have an overview of what has been funded? To see what has worked and what hasn’t.

Here is an overview of some important permissions along with relevant current initiatives being worked on.

Screenshot 2023-04-18 at 2.38.47 AM
Screenshot 2023-04-18 at 2.38.47 AM2544×724 131 KB

Fragmenting vital records affects the treasury.

image
image1284×1852 291 KB

BANK-ETH SLP Bond

Fractured information could be the cause of the treasury reports only being on the eth chain.

image
image1284×1100 117 KB

image
image1284×1554 199 KB

image
image1284×2778 424 KB

With deleted and edited pages, we miss LP pools of the DAO such as the 80/20 balancer pool on polygon that holds 454,853 20 WETH 80 BANK, 80/20 Balancer pool on eth, BANK-ETH slp Bond or the How many other token swaps from other DAOs, Pools

Uploading: 2D6779F6-75EE-4CCA-AA46-519BA085844B.jpeg…

Fragmenting the notion seems to have also omitted proposals like the forefront Treasury Diversification Proposal that allocated 1,000,000 tokens seen here

Or the partnerships established with FTW DAO, HumanDAO or the many others.

Draft 3 of Firming up Governance noting below is a table for quorum. Numbers are a weighted average of the results from the previous vote. Each season, quorum & voting requirements can be updated as part of the Seasonal Specwas ratified in this snapshot vote. The vote itself did not have to meet quorum, as this was the vote to set quorum.

image
image1096×392 95.2 KB

Permissions of our discord are also numerous and questionable. L2’s should be able to have

access to discord permissions and the ability to create categories and whatever this deleted page should say.

Right now, collab.land in the #collabland-join channel isn’t working correctly. There are no clear answers as to why. [image]

image
image1284×724 127 KB

If you notice the title of this post includes the words Emergency Protocol. Acknowledging that although this proposal, as all that have gone through the forum/have links to external google docs, Emergency Protocol was introduced as Appendix A, stating:

“APPENDIX A - Emergency Scenarios

An “Emergency Scenario” would refer to a proposal/motion that needs to fast track consensus and would likely consolidate power into the hands of a few for a short period of time, often the multisig signers 7. Examples could include:

  1. Liquidating positions due to black swan events
  2. Legal action against the DAO
  3. Smart contract hacks
  4. Immediate changes to governance (IE closing a governance loophole)

Emergency proposals would be titled with “Emergency Protocol” in the heading, which fast tracks soft and hard consensus by increasing quorum + voting requirements and removing all time requirements.

We have just seen how all of our internal documents and governing documents have been compromised and should be considered invalid. We have no choice but to start over,

We need new Governance Documents, we need them stored in a manner so they are not able to be edited, but can have portions altered when a vote has indicated to do so.

We need documentation of our processes and administrative control over our community, our work and our treasury spread.

There is a proposal currently on snapshot to switch multisig holders after 18 months with no change or issues.

4 months ago, the Coordinape administrator for the DAO admitted to altering records.

Everyone has different values, based on their background. We all should value the BANK token however. We should also portray the Bankless name with credibility, honesty and integrity.

Choose integrity.

SPECIFICATION

Current Form Proposal
Remove Unclear at this time /or see Grants Committee….

EXPECTED IMPACT

This emergency protocol proposal seeks to pause any current snapshot and forum votes, clarify the status of our governance documentation, provide a timeline for interim governance documents, and provide clarity over the multisig.

ANALYTICS

Unclear at this time

NEXT STEPS

initiate emergency protocol

WORKING GROUP BACKGROUND

There was no working group I did this on my own. This was due to the vote on snapshot to change the multisig signers.

4 Likes
2

I def don’t think we have a governance emergency, nor do I think it’s corrupted. FWIW, the multisig Snapshot already closed. This post will be the start of an interesting conversation, because I’m unclear as to much of what you’re getting at above, but I look forward to further explanations. We are far from perfect, but we are also a far way from an emergency imo.

6 Likes
3

Unsure what to do with this post…there’s no poll, but basically you want to pause the entire DAO?

IMHO the evidence you have presented does not justify this course of action. You gave a few examples of docs being edited/deleted from posts that are >1 year old, but most of those posts have been superceded by other governance docs, so they aren’t really a reason to pause governance. Can you point to something more recent?

The Projects Repo is an inline database in the Project page… here’s a link Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.. If I’m being honest, many of the issues you have written about seem to come from a misunderstanding of how Notion works.

…it feels like you are saying if I don’t agree with you, I don’t have integrity. Am I reading this right?

Ultimately I don’t agree that we should pause our governance or funding. This audit feels inconclusive and incomlete.

BanklessDAO only works via the goodwill and engagement of our contributors. Preventing them from accumulating governance without a good reason would probably cause many to walk away. To me, THAT would be an emergency.

5 Likes
4

This post is missing a lot of info. Why was posted in this form?

5 Likes
5

I figured as it was titled emergency protocol it should go up. I am adding the other information now

2 Likes
6

For the community’s reference, here are the thresholds required to enact Emergency procedures.

Screenshot 2023-04-17 at 12.58.23 PM
Screenshot 2023-04-17 at 12.58.23 PM1920×678 99.1 KB

They are from Firming Up Governance.

Please also put up a poll, as the enactment of these procedures requires 91 votes on Forum.

2 Likes
7

Knowing that records have been compromised and that there is a vote to change the multisig signers doesn’t count as an emergency, based on this protocol?

8

What records have been compromised?

Also a vote to change the multisig is not bad, it indicates a maturing governance at the DAO.
This is good!

4 Likes
9

They are in the doc. However the picture needs the words prior as context. “Numbers are a weighted average of the results from the previous vote.”

10

I am not saying that it isn’t a good thing. I am saying that the combination along with the clear consolidation of permissions is not a good thing.

11

I’m not going to go line-by-line, but what’s presented doesn’t rise to an emergency imo. The recently passed bDIP on multisig signers will just enable the DAO to hold elections for new signers; it doesn’t actually elect new signers. We need new signers, as 5 of the 7 are no longer active in the DAO, and only @Icedcool moves proposals to Snapshot, which is something else that falls within the sphere of our DAO multisig signers. We need active, mission-aligned members on the DAO MS - that bDIP was the first step in that process.

Our funds are SAFU and our governance is a work in progress. In fact, there are many who think we do a pretty darn good job of governating this sprawling beauty of a DAO. Is it messy, inconsistent, and subject to human error. :100: But as far as I can tell there is no crisis, no emergency, and nothing presented, when combined, rises to the level of something that, as @links said, basically shuts down the DAO.

6 Likes
12

Permissions for Notion were simultaneously consolidated and disbursed as per that proposal you posted @Sprinklesforwinners. In essence Notion permissions were decentralized to each DAO org unit to manage themselves. The alternative was the chaos of everyone being able to edit everything (including a hacker who changed the multisig addy). It was pretty brutal.

Personally I think the Notion works decently for the whole DAO now, but if you want to change it, can’t you write a proposal for that rather than shut down the DAO?

3 Likes
13

So I think you are flagging a high level challenge which is that decentralized organization and management is HARD.

That said, I don’t think we have on ongoing compromised system, and governance is moving forward.

  • Forum pages can be deleted by the user or admin, and there are only 4 of us admins.
    • AAJ, Lucas, Paulapivat, and I. (We are hosted by discourse, so secured by them. Although we should include someone from infosec…)
  • Notion has been secured down to a few contributors at the global level, and more granular at the Page levels. (This is still the case!)
  • Collabland is upgrading some of their infrastructure, so it looks like that may have caused an issue, but admin team is on it.
  • In terms of the liquidity pools, we are on top of all the DAO owned liquidity.
    • You can see a summary of all of it here: LINK
6 Likes
14

What we are not able to see now are the tremendous amounts of deleted pages and who the pages were deleted by.

Such as the (L2): 35,000 BANK + Nomination/Vote process.

This was the DAOisms Notion page which was archived when the information was included in the Constitution instead. The Notion team has restored it and added a new section on the DAO Notion home page for Archived / Outdated pages. The link included in this post now works again.

4 Likes
15

I noticed @0xbaer edited one of my forum posts yesterday, are edit permissions given to more people?

2 Likes
17

Only admin have edit permissions.

Could you share the post?
You should be able to see the edit log on your post as well and see changes.

1 Like
18

‘regular’ can edit titles

https://forum.bankless.community/badges/3/regular

1 Like
19

Huh… today I learned…

1 Like
20

But ‘regular’ can’t edit or take down posts.

1 Like
21

@Sprinklesforwinners WDYT of hosting docs on ipfs. You can use ipfs with Skiff. And generally has the same UX as Google docs. So no more docs will be lost on snapshot.