Vote 22 : Risk Pod vote

Risk Pod facilitator vote

Below is a draft vote for the DAO that will discussed in a community call tomorrow, discussed here on the forum for 5 days. After questions have been clarified, it will be raised for a vote on vote.gro.xyz.

Summary

This proposes to establish a Pod that deals with risk aspects of Gro DAO and its product(s). Three different facilitator candidates are put up for the vote. Each of the proposals are slightly different in scope and focus so please read them carefully. If a facilitator is elected then they will be empowered to act within the remit and budget they have requested from the DAO. If the proposals are rejected, further discussions will be held in the forum/Discord to refine the proposals of existing candidates, and search for additional candidates.

Background

As part of Gro DAO’s podification, DAO members have proposed contributing to risk and treasury work streams. Several DAO members have drafted proposals both on Discord and in the forum to tackle these challenges. While several proposals have been made for granular risk aspects, three proposals have been made for the establishment of a risk pod:

• Rex : Risk Pod: Pod Creation Proposal

• Pavel : Risk Pod Creation Proposal

• Bernard : Finance and Risk Pod: Pod Creation Proposal

Additional proposals targeting grannular aspects of risk will not be raised in this vote, but it will be for the elected Facilitator to decide, after having assessed what is in place already:

• Bounty through veFunder: https://app.dework.xyz/vefunder-1/main-space-95?taskId=8a48c94e-c432-43ac-a651-0158a090471d

• Sentio’s proposal for monitoring and alerting : Real-time and open-source monitoring and alerting for Gro strategies

• Exponent’s proposal for real time defi risk metrics: Real Time DeFI Risk Metrics

Candidates

1. Proposal 1: Bernard, click for details

3-4 full-time contributors, requesting a total of $232k for a 6 month engagement. This proposal combines both multiple aspects of risk and finance/treasury work streams.

2. Proposal 2: Pavel, click for details

1 facilitator + Blockanalitica contributors, requesting a total of $140k for a 3 month engagement focused strictly on risks. After initial 3 month period a new DAO vote would be raised.

3. Proposal 3: Rex, click for details

1-2 part-time contributors, requesting a total of $100k for 6 month engagement focused strictly on operational risks.

Would there be a conflict of interest if the facilitator is also part of 1 of 5 proposals? a player should not be referee in the same game

almost all the facilitators have proposals, all were created before DAO formation though. Ultimately I think resource allocation decision should be up to the pod to decide, without requirement on individual proposals

https://community.gro.xyz/t/defisafety-security-framework-proposal-for-gro-dao/
https://community.gro.xyz/t/towards-web3-native-intelligence-tools-for-protocol-comprehension-and-stewardship/

It does concern me that these proposals are asking for significant budget and decision power, not to mention the potential conflict of interest.

To wit, in one of the proposals:

3 full-time contributors: 180,000 USDC over 6 months

* This covers the contributors named above (exa256.eth, Bernard), and includes the use of internal resources of our teams (Exponent, web3 Studios)

How can these prospective facilitators be “full-time” while employed by another team?

Hi Eligos,

Appreciate you pointing this out! As stated in our proposal we have the benefit of working in teams that cover a broad variety of skillsets that we will bring into this role (e.g., TradFi Financial Reporting skills, Dune Analytics Wizard, Smart contract risk resources).

Us serving in a “full-time” role, means contributing at least 40h per week worth of contributions. While this will be Exa and me to the largest extent (also given we additionally act as facilitators), other resources will be plugged in for specific tasks.

Here is the specific part in the proposal:
"* “Two of the full-time contributors (exa256.eth and Bernard) are part of larger teams (exponent and w3s) that will be tapped for the dedicated support and contributions that make up the full-time positions.”

For the scope discussed with other core members of the DAO, we see the budget for 3 full-time employees in line with other demanding tasks in the Gro DAO (e.g., in line with Groda Product Pod contributors; and below People Pod Facilitator). We firmly believe that this gives us the most impactful setup. Please also be mindful that in our proposal we merged the Treasury Working Group with the Risk Pod, and added additional Business and Strategy that we believe are valuable for the Gro DAO, i.e., the scope is much more extensive. Our individual Risk Part is priced on the very low end of comparable proposals.

PS: Welcome to the community (realized you just signed up 1h ago)! Feel free to join the Discord and say hi in tomorrow’s community call! Happy to answer more questions there

Thanks for the kind words and explanation! Have been lurking in the forum for a while, just never bothered to create an account to comment until now.

My concern is not the work load itself, I fully agree this should be a full-time, 40h/week job. My concern is:

a. this proposal is encapsulating many future decisions in one vote. Especially when someone commented " Ultimately I think resource allocation decision should be up to the pod to decide". This seems to be contradictory to the DAO’s direction towards more decentralization.

b. conflict of interest. In my line of work of supply chain management, essentially what you are proposing is to have a member from a vendor to be the head of procurement for the company, huge red flag for me. Facilitators should be independent from being a potential service/software provider, period.

wait, the question is actually relevant. You are a cofounder and actively engaged at web3 Studios + you’ll be full-time (at least 40h/week) at Gro Risk Pod. How does it work?

Hi @Eligos, appreciate your remarks, and thanks for keeping the discussion flowing!

(a1) On the inclusion of several decisions in this vote: Agree that this vote is definitely a bit more complex. Hopefully, the different approaches were made clear in the community call. I.e., deciding whether the Risk Pod should be a stand-alone function focused on specific types of risk (i.e., Market or Operational risk) or whether it should be integrated into a Finance and Risk Pod that seeks a more holistic view (starting with analyzing which Risks to solve for, and match capabilities based on that).

(a2) On „Does decision-making power over resource allocation within a Pod conflict with the decentralization ethos of DAOs?“ I am with your point that this is one of the hardest things to get right in DAOs. I.e., the power play between accountability and decentralization. We strongly believe in the Pod structure that gives sufficient autonomy to Pods making their own decisions at a granular business level (= efficiency and accountability), while reducing voting periods so the wider DAO has the ultimate say on the strategic direction (= decentralization) - here’s a great post from Vitalik on the topic.

(b) On the conflict of interest of procurement <> vendor. Fully agree that running procurement (i.e., in our context: having control over budget decisions) and selling services/software (i.e., in our context: charging for software or additional FTEs) would be a clear conflict of interest. In our case of the Finance and Risk Pod, we do not act as vendors of software or services of any kind. I.e., we would not take any budget responsibility to hire internal staff - they are simply supporting our full-time roles within the agreed-upon budget. If we ever find ourselves in a situation where we believe a resource that is part of our construct would be best suited for an advertised position, we would simply have the person submit a proposal and let the DAO decide - but never take advantage of any budget responsibility.

@Pavel, on us filling a full-time contributor role while being part of a larger team. Thanks for highlighting this again, maybe our attempt to explain it wasn’t 100% clear. You will get Exa and me as major contributors, incl. being the #1 counterparty doing the lion’s share of the work, and putting all the pieces together (facilitator part). For specific parts of the work, we will draw on resources from our firms (exponent, w3s) to assist us (e.g., creating financial reports, running analyses, preparing material, etc.).

This vote is live on snapshot and running from Nov 23, 2022, 8:15 PM GMT until Nov 28, 2022, 8:15 PM GMT

https://vote.gro.xyz/#/proposal/0x0290067292ccdf3024ff928e92f156fe85e4f76d1072ac1acff47ce0c159cdf0

Clarification:

Of course there are risks other than market ones. And Risk Pod should work on them. But as correctly pointed by @kat in the call last week, from experience two major risks that DeFi protocols face primarily are smart contract risks and market (collateral price drop => insolvency) risk.

As for smart contract risks, there is big crossover with Groda Pod:

Additionally, there are other approved budgets that are closely related to the proposed Groda Product Pod mandate. I propose these to remain under the DAO treasury for direct payout under the direction of Groda Product Pod.

$1mn Immunefi bounty approved in Vote 3 (ongoing)
$320k audit expenses approved in Vote 3 (audit has been completed; this should be paid out within the next few weeks)

Then there’s an issue of limited funds. Aave pays Gauntlet $2.4 mln/year to run (only market) risk modelling with protocol parameter proposals. Maker’s Risk CU (responsible only for market risks) monthly(!) budget is 230,000 DAI.

Evidently Gro needs risk management. But it needs to set priorities wisely.

That’s the foundation of my proposal. Recognise smart contract and market risks as top immediate priorities. Take into account significant crossover with Groda Pod on smart contract risks. Recognise significant limitations in regards to funds.

Start with leveraging battle-tested approaches, customise them to Gro needs, then proceed to scaling Risk Pod’s activities to other risk-related R&D.

Hi all,

Given the latest status of the Risk Pod vote (to reject all proposals) and the suggestion to give candidates another chance to review their proposals, we have worked to refine the RFP to inform the updated risk pod proposal is as follows:

• Please only request budget for facilitator and any additional pod members (if required), and not extra service spend. If you think additional (third party) services are justified in the near future, do include a high-level rationale as to why they may be needed
• Please tailor your request to be for 6 months, and illustrate the intended hours per week that you plan to spend on the role accordingly
• Intended risk assessments must cover operational risk at the very least, other risks will be considered in addition to this. Please also define how these assessments will be conducted and communicated to the DAO (e.g. what will the deliverables be?), and who you will need to work with for each type of risk

We are aware that some of you may have already included some of the points above in your existing proposals, but we are reiterating these points to ensure greater standardisation across each proposal.

@Bernard @pavel @Rex_DeFiSafety

Hi Guys,

Please find my reapplication as risk facilitator.

Process weaknesses are a huge risk (if not the biggest) in today’s DeFi. Just look at today’s rekt “The exploit was due to a private key compromise of the Ankr deployer address on BSC, potentially the result of a phishing campaign.” And even the rekt article misses the point. It does not discuss how the keys were compromised, or why there was no timelock. It does not touch key and wallet management. These are preventable errors. Solid, boring written processes can fix this.

How would you mitigate a stolen deployer key? Maybe add an alert upon execution and a timelock, then a process so that if the alert goes off, the team know what to do.

This is the first part of the value I bring. The second part is having a risk process that investors can respect. This will put GRO above other protocols.

Budget breakdown (six months): $30,000 to $60.000. 1 facilitator:

• 30,000 USDC over 6 months plus 40,000 GRO tokens (vested) or
• 60,000 USDC over 6 months plus 80,000 GRO tokens (vested)
• This accounts for a minimum of 8 to 16 hours per week or 20% or 40%of my time

I supply the two options at the discretion of the people pod, based on budget and required activities.

My time:

The allocated time spent will be a minimum and priority will be put on any specific risk tasks the other pods may request. The remainder of my time will be spent as president of DeFiSafety. This means 100% of my time is spent on DeFi risk and security. Everything I learn will be brought into Gro. If Gro has an intense period risk wise, I will spend whatever time needed.

Tasks;

When I am not on a specific protocol tasks, I will be developing written strategies for all of the risk types listed below. For each risk there would be mitigations, alerts and a written response plan. Much of the time generating these NOT be paid by GRO, as the generic docs are for DeFiSafety. We continually update risks (such as the incompatible token bug, I recently added.

Within six months, I expect GRO to have a documented risk framework that would make any DeFi fund confident that GRO’s security is unparalleled.

• Key Treasury Risk
  • Keys stolen
  • Token price plunges
  • Internal Bad actor damages protocol
• Pool
  • External bad actor drains pool
  • Undercollaterization
  • Incompatible token incorporated into protocol
  • Bad co-efficient updates
• Financial Operation Risk
  • Rapid loss of value of asset(s)
  • Bad tokenomics causes problem
  • Stable coin depeg
• Software Operation Risk
  • Loss of Funds via Hack
  • Website script injection (hijack website code)
  • Website Impersonation (DNS)
  • Scams to fake websites
  • Fake google ads
• Bad strategy deployment
• Governance Risk
  • Automated governance hack (a la beanstalk)
  • Have you considered voting distribution (one dude getting control)
  • VC takeover of DAO
• Regulatory Risk
  • A government makes the use of a countries population
  • Is it a security
• Environment Risks
  • Blockchain Risks
  • Blockchain Loses faith, users run
  • Bridge Risks
• Software Development Risk
  • Flaw created by a changed contract
  • Bad Algorithmic validation during development
  • Stolen deployer key

My background is in avionics (aviation software). In aerospace, procedures are defined, updated rigorously followed and then continuously improved. This culture of continuous improvement and solid documentation is what I am to bring to GRO. It is boring, but it works.

For clarity the above proposal will be for 40% of my time or 60k for 6 months.

For everyone’s visibility, we now have two refined proposals to be taken forward in the next Risk Pod vote:

1. @Rex_DeFiSafety - with their proposal as seen above.
2. @Bernard @pavel @exa256.eth - with their joint proposal as seen here: Strategy, Finance, and Risk Pod: Pod Creation Proposal

Thanks for the new proposals! Just want to make sure I’ve understood correctly. The summary of Bernard’s first proposal states:

3-4 full-time contributors, requesting a total of $232k for a 6 month engagement. This proposal combines both multiple aspects of risk and finance/treasury work streams.

My summary of Bernard’s refined proposal is:

3 half-time contributors, requesting a total of $110k + 120k GRO for a 6 month engagement. This proposal combines multiple aspects of risk, finance/treasury strategy, and business strategy.

The summary of Rex’s first proposal states:

1-2 part-time contributors, requesting a total of $100k for 6 month engagement focused strictly on operational risks.

My summary of Rex’s refined proposal is:

1 part-time contributor, requesting a total of $60k + 80k GRO for a 6 month engagement focused on operational and security risks.

Do I have it right? Keeping in mind that summaries are meant to be brief.

Right on my side. My proposal is 100% focused, professional risk mitigation and analysis.

Thanks for the summary @jaypow It’s correct on our proposal.

The biggest changes that made the Budget reduction possible on our end, were slimming down the Treasury Management and Financial Reporting parts. This resulted from getting a better understanding of what is nice-to-have, but not vital at this stage.

In the end, it’s also a commitment from our side, and we are aware that especially in the ramp-up phase there might be situations where we’ll have to spend more than the agreed-upon time.