Protecting your DAO with multi-signature wallets
If you’ve been along for the ride so far with the Traxa.io Medium series you’ve learned what a DAO is and considerations on why you should incorporate it. (If not, start here). Whether or not you incorporate a company for your DAO, a key decision at the beginning of setting up the DAO is governance around access to the treasury. This article informs you on considerations for setting this up and illustrates it with the real-world scenario of the Traxa.io DAO.
For any organization to function, resources are required which include people and capital. In the traditional world, capital is usually in the form of cash contributed by investors in exchange for shares of the company. With DAOs, there are many more options on how that capital is represented. It could be a standard token such as ETH, it could be a token native to the DAO or it can be a mix of different cryptocurrencies. Strategies for the treasury will be covered in another article.
Regardless of the tokens used, the common thread which is covered in this article is that all the capital is tied to a wallet address. Any resource investment into the DAO is stored with a wallet address and is typically called the treasury. If the entire treasury is tied to a single wallet address you can see the importance of having proper governance for access to it.
Having only one person able to access the wallet through the private keys is an example of what not to do. Things that could go wrong include:
- The person disappears with the entire Treasury off to their own island in the south, rug pulling the DAO
- Even if the single person is trustworthy should something unfortunate happen to them the treasury is locked if the private keys aren’t shared with someone else
- Since there is a single person tied to the DAO should there be legal problems there is a single point of accountability for those problems
The solution then is to have multiple people have access to the wallet so that transactions require more than one person’s approval. This is typically called multisig transactions. Ethereum doesn’t have multisig built into the protocol so you need to either code it yourself in smart contracts or use a product that implements the smart contracts for you.
Gnosis Safe is a smart contract wallet running on Ethereum that requires a minimum number of people to approve a transaction before it can occur. You can decide how many people have permission to approve a transaction and how many are required for the transaction to proceed. For example, if you have three main stakeholders in your business, you are able to set up the wallet to require approval from all three people before the transaction is sent. This assures that no single person could compromise the funds and avoids the other problems listed earlier in the article.
The full details of getting started with Gnosis Safe are here. A fun fact about Gnosis Safe, as Feb 8 2022 there is over $100B USD worth of digital assets stored is Gnosis.
Some best practices for setting up the multisig wallet include:
- As a signer, use a completely separate wallet address instead of any of the ones you use personally.
- Use a wallet that you maintain custody of the private keys. Good examples are the Ledger and Trezor hardware wallets.
- Consider how to best coordinate signers. DAO’s might have people all around the world in different times zones. If there is a critical, time-sensitive transaction that needs to take place you don’t want to have to chase people around.
- DAO’s often have board members that earn those positions through their vested interest (such as time or money) in the DAO. Consider alignment between board members and those who are signers.
One of the first things Traxa.io did at the inception of the DAO was to put a Gnosis Safe in place with multiple signers. When the original DAO was formed, there were only three members. Therefore, when the Traxa DAO Gnosis safe was created, three (3) people were granted signing authority and two (2) were needed to approve a transaction. Getting frameworks like this in place early prevents rework later.
Once you have the wallet infrastructure in place the next step is the governance on making decisions. We will tackle that next when we discuss proposals and stakeholder votes.
Oh and one last fun fact. There is a forcing function built in to motivate signers to sign quickly. The last signer has to pay the ETH fee for the transaction.