Standardize wBTC DAO Governance and Multisig Framework

[sajanrajdev]

Context and Motivation

Miscommunication and an inadequate process regarding a proposed change to the multisig structure guarding the wBTC Controller led some of the involved organizations to believe it was part of a socially engineered attack on the DAO. Later, the intention was clarified, and the proposal and actors involved were found to be legitimate. Nevertheless, this incident shed light on areas for improvement regarding the DAO's coordination and multisig setup.

The following proposal aims to initiate a conversation to identify a decision-making structure, a framework for tracking and executing decisions, and a safer multisig setup for the well-being of wBTC.

Areas of Opportunity

• Decision-making framework: How should decisions regarding changes to the wBTC infrastructure and the composition and frameworks of the DAO be made? How can we ensure that decisions are made with the utmost transparency and that all stakeholders are heard and involved?
• Decision execution tracking and coordination: How can we better coordinate among the members of the DAO and signers to promptly, transparently, and securely execute decisions of the DAO?
• Multisig Setup Improvements: How can we ensure that all signers of the multisig(s) are active, qualified, and engaged? What are the standards of multisig safety and hygiene that should be enforced, if any? What tools could be leveraged to improve transparency around multisig operations (e.g., monitoring and alerting)?

Invitation

Though it may pose a challenge, I invite all stakeholders, groups, and individuals interested in the well-being of wBTC to come together and brainstorm the best path forward. Let's use this chance to set an example of how decentralization can enable safe organization.

[hinuri]

Thanks @sajanrajdev for kicking off. A few additional thoughts:

(1) WBTC DAO Group Verifications

Over the years, the group has evolved and a lot of the original signers have either: (a) left their previous projects, (b) want to leave, or (c) have lost their keys. Our primary communication channel (Telegram chat) also has individuals no longer affiliated with previous DAO seat holders.

I think we should make the following tactical changes:

• Update the ReadMe to include a table with each Team, affiliated signers, and a main representative
• Update Telegram Chat to the folks listed in the table (and remove non-affiliated participants)
• Maintain a separate WBTC Community Chat group for broader participants
• DAO signers / reps conduct verification calls (BitGo is happy to facilitate; this is to ensure we’re working with appropriate and legitimate teams)

(2) Update participation criteria

Historically, we’ve been very organic in so far as governing WBTC. One could say this is a feature (not a bug). But we want to balance this with the need to ensure that we continue to have the right teams involved AND that we don’t run the risk of losing keys (a constant problem with turnover amongst projects).

Ideas that we’ve heard before and should entertain:

• Increased commitment – anyone that isn’t active (misses some of the below items) should be replaced routinely
• Defined SLAs for signing – signings should be conducted within 72 hours (our last DAO migration took 8 weeks and this was the topic of many public discussions, including with regulators)
• Periodic Attestations – mandatory signing event once a quarter
• Wallet security requirements – discussion and playbooks for accepted wallet security (e.g. multi-sigs or equivalent)

(3) Create running log of proposals

Keep track of all our discussions as issues on our public repo. Conversations should continue to flow organically in chats, but more official decisions should be documented in the issue for posterity.

[storming0x]

Hey all, since we got notified of this on SEAL chat i thought i shared here a tool yearn uses to coordinate in TG for signers on multisig

it verifies PR, output and signatures

https://github.com/yearn/yearn-multisig-actions

Probably there are other similar tools out there but thought i shared in case since it has worked well for signer coordination and verification of actions for yearn.