Multi-sig for the DAO

Background

As discussed, the DAO is in need of a multi-signature wallet to become more agile with its payment and funding distribution. has reached out to me because Gitcoin has updated allo (its grants protocol). The new features implemented clash with Tally's call function from Arbitrum to ETH Mainnet and back to Arbitrum. was added to the conversation, and essentially, the Gitcoin team recommends establishing one wallet that receives the funds and then distributes them.

This occurrence is a good trigger to get this on the road and executed. But first, let me clarify a few things that will be important in making an informed decision.

What is a Multi-Signature Wallet

A multi-signature wallet, commonly known as a multi-sig wallet, is a type of cryptocurrency wallet that requires multiple signatures to authorize a transaction. Unlike traditional wallets that rely on a single private key, multisig wallets distribute the signing authority among multiple parties, enhancing security by eliminating a single point of failure. This setup is particularly beneficial for organizations or groups managing shared assets, as it requires consensus among several key holders before any funds can be moved, thereby reducing the risk of unauthorized access or theft.

Reasons for Establishing a Multi-Signature Wallet

Aside from the most recent occurrence with the retroQF round there are more general reasons why the DAO should hold a multi-sig wallet:

• Increased Security: Requires multiple signatures to authorize transactions, minimizing the risk of theft or loss due to a single compromised key.
• Shared Control: Distributes control over funds among multiple members, preventing any single individual from having unilateral access.
• Transparency: Enhances accountability as all transactions require consensus, which can be recorded and audited.
• Risk Mitigation: Reduces the impact of lost or stolen keys, as multiple keys are necessary to access the wallet.
• Facilitates Collaboration: Encourages teamwork and collective decision-making within the DAO by requiring agreement on transactions.

What Technology and How Does It Work?

Gnosis Safe (now Safe Global) is the most used and well-known option. Safe Global is a popular multi-signature wallet allowing users to securely manage their digital assets. The setup process is straightforward:

• Wallet Creation: Stella, as Lead Steward, could create a Gnosis Safe wallet by defining the number of owners and the number of required signatures (3).
• Address Generation: A unique multi-signature address is generated to receive funds in a few clicks on the platform page.
• Transaction Process: To initiate a transaction, one owner creates a transaction proposal that must be signed by the required number of owners (here 5).
• Signature Collection: Each involved party uses their private key to sign the transaction. Once the required number of signatures is collected, the transaction can be executed.
• Broadcasting: The signed transaction is then broadcast to the blockchain for processing

Rules for the Multi-Signature Wallet

To clarify, this multi-sig wallet is not meant to replace the timelock contract. It is meant as a supporting measurement. Therefore, the monthly DAO Payroll and everything that can be paid for using the timelock should continue to be paid through the timelock only.

Here are my suggested rules for how the DAO could/ should only use the multi-sig wallet when necessary:

• Access Control: A minimum of five elected DAO members should be in charge of the wallet. I suggest those people are either working group stewards or well-known DAO Delegates. After discussions in the DAO the aim would be to have rather more than less people being signers; up to 7. Since we currently have not enough eligible folks we would start with the lower number and eventually put up another election proposal.
• Disqualification Criteria: If an elected signee neglects their duty more than 3 times, the ability to sign will be taken away from them by the DAO.
• Minimum Signature Requirements: Ideally, we will have a minimum of five authorized signees. Three of those five will always be required to sign. By withdrawing from their role as a Delegate or Steward, this role will be retrieved and given to another eligible member of the DAO.
• Emergency Protocols: Let's ensure that we can handle a possible recovery if the managing account gets ever compromised or keys are lost for any reason. I can use help here 😆

Suggested Deployment Chains

Currently, SafeGlobal only allows for deployment on one chain per created wallet. If we indeed wish to be more flexible, we might want to set up more than one wallet. Taking into consideration our recent activities and what is to come, I would like to suggest that we have a wallet with the same signers on:

• Ethereum Mainnet
• Arbitrum
• Base

As a reference, these are all currently available networks with SafeGlobal: https://help.safe.global/en/articles/40795-supported-networks

Suggested Implementation Time

The implementation of a DAO multi-signature wallet should be swift and take no longer than 1-2 weeks. Our first transaction should be a test transaction to ensure everything works properly. However, in parallel, we should run an election vote for the first three holders, which requires a separate proposal.