To operate the wPOKT bridge, we need a Gnosis Safe 5/7 multi-sig that can mint wPOKT as needed to supply tokens to the liquidity bridges.
Rather than putting forward a predefined selection of signers for the wPOKT multi-sig, then getting the stamp of approval from the DAO, we wanted to make the selection process more inclusive of our community.
Therefore, this proposal invites anyone to volunteer to be a signer, by responding below.
The multi-sig signers will be responsible for reviewing/signing the wPOKT minting transactions that supply the token pools in the liquidity bridges (Boosty and Ferrum). The signers are not approving every bridge transaction, only the occasional wPOKT mint to supply the bridges. When the DAO votes to mint more wPOKT, the multi-sig must execute this decision.
Therefore, the multi-sig should consist of signers who are:
- trustworthy (won’t collude to gain a 3/7 veto on the DAO’s decision)
- already active community members (will be responsive signers)
- committed for the long-term (won’t become unresponsive signers over time).
There are also security requirements for the Ethereum address belonging to the signer:
- Hardware wallet
- Brand new account (0 transactions, no ENS)
While we want to be inclusive of the community, we also have concerns about all 7 signers being identified. Even the pseudonyms among us are not perfectly anonymous; they could be doxxed with a little effort and incentive, of which there will be many as POKT and wPOKT grow more valuable.
Therefore, we are including a “security by anonymity” option in this proposal. If the DAO approves this option by a 50% majority (of those who voted), the Pocket Network Foundation will select 3 anonymous signers, and the remaining 4 signers will be determined by the above selection process. If the DAO rejects this option, all 7 signers will be determined by the above selection process.
Why 3? This allows the anonymous signers to veto transactions in the event that the other 4 identified signers have been compromised. As a result, this should deter would-be attackers from attempting to compromise the 4 identified signers.
The multi-sig signer selection process will be as follows:
- Voting on Security by Anonymity Option (starting: 1st Jan): We will first hold an initial Approve/Reject vote on the option to have 3 of the 7 signers be anonymously selected by the Foundation. This will determine how many of the most popular volunteers (4 vs 7) are selected in the Voting on Volunteers starting 7th Jan.
- Volunteering (deadline: 6th Jan): Anyone can volunteer to be a signer. They should reply to this proposal arguing why they meet the requirements for the role and providing an Ethereum address that meets the security requirements.
- Voting on Volunteers (starting: 7th Jan): Voting will begin the day after the volunteering deadline and last for 1 week. All valid volunteers will be listed in a multiple-choice Snapshot poll and chosen using Approval Voting, which means each voter will be able to cast 1 vote for each of the volunteers they approve of (with a weight of 1 per choice). The most popular signers according to an aggregate of all of the voter’s approvals will be the final signers selected for the wPOKT bridge multi-sig. This will be 4 signers or 7 signers depending on the outcome of the vote on the Security by Anonymity Option.
Reply below with the following details:
Which meets the security requirements above
Why I want to be a signer:
(Your statement of intent.)
I confirm that:
- I’m willing and able to be a signer in the wPOKT multi-sig. I understand this is an ongoing role that requires being responsive to signature requests.
- I understand that this role does not entitle me to make my own decisions, I am simply executing the will of the DAO.
- I understand that being a signer is an unpaid voluntary role.
My qualifications as a Pocket Network community member:
- Discord (optional):
- Telegram (optional):
- Twitter (optional):
- GitHub (optional):
- Additional URL or blog (optional):
Below are the volunteers who fulfilled the security requirements for their provided Ethereum addresses.