Summary:
We propose adding a three person security council to the AMKT governance process to ensure no single group of actors can unilaterally upgrade AMKT contracts. This also ensures there’s readily available support in the event of a security concern.
The security council would have the power to propose upgrades to AMKT on the same level as AMKT token holders (note: the AMKT multi-sig does not have Proposer rights).
In order for a proposal to be effectuated, the AMKT multi-sig will have veto power over any proposed upgrade or changes, introducing a check and balance system to ensure malicious proposals cannot be implemented.
Below we nominate three candidates we believe to be well qualified for the council.
Motivation:
The purpose of the Security Council is to ensure the AMKT multi-sig is not able to unilaterally upgrade the AMKT smart contracts (since a party besides the multi-sig will always need to function as the proposer) and a group of security engineers are overseeing security concerns relevant to the AMKT DAO as they are flagged.
Implementation:
The Security Council would consist of three individuals appointed by the AMKT DAO.
The role of the Security Council is to propose changes to the AMKT network in the following circumstances:
Where there is a time-sensitive change related to network security, etc.
In the event of a governance attack or take-over
The Security Council is a 1 of 3 multi-sig, meaning that 1 member of the Security Council will need to sign a transaction that makes a proposal to the network.
Example: Sequence of a Security Council Proposal
-
AMKT multi-sig identifies an issue that cannot be addressed through normal token governance (e.g., because the governance process has been taken over, or because there is a network issue that requires immediate attention); Alerts the Security Council to the issue.
-
The Security Council signs a proposed change (either code-based or non-code-based) that is published directly in TimeLock for 4 days;
-
At the conclusion of the 4-day period, the AMKT multi-sig executes the proposed change.
A proposal made by the Security Council does not follow the standard governance voting steps, on the assumption that the Security Council will only make a proposal where the voting process should be bypassed, e.g., where a change is time-sensitive and/or where token governance has been compromised.
We propose the following three individuals for the AMKT security council:
- Zach Obront (@zachobront)
- Liam Eastwood (@0xleastwood)
- Harrison Leggio (@PopPunkOnChain)
Security council members will be paid at the rate of $10,000 per year, distributed monthly, for their role.
Risk Factors:
A security council member could propose a malicious upgrade. We believe this risk will be mitigated by the required AMKT multi-sig signature to effectuate the proposed change.
A security council member could be hacked or otherwise compromised. Again, this risk is mitigated by the other two council members as well as the AMKT multi-sig.
Conclusion:
We recommend AMKT holders vote FOR our proposal to appoint a security council, improving security for the network.