[RFC] - Multisig Enhancement

If the anons rug then law enforcement can go to discord and have them identify info that will help in locating those individuals and bringing them to justice. This is the obvious reason.

I believe this would cover the concern a lot better than a Discord name, no ?

Not really when we don’t have any legal department or law firm we are affiliated with to ensure this happens. 3/6 isn’t overly secure and with lack of any legal entity encrypting the data is vague at best and how would legal department know how to decrypt it should it be required?

I don’t trust the Operation Officer’s ability to handle this task alone given a prior and consistent pattern of conflict of interest.

Or they just call the lawyer.

That‘s actually their idea. And obviously the info would be provided to them. We are in process of onboarding with a legal firm, that info will be public to all.

Not sure how this is anything but ridic but lets play. Let the FO evaluate them then.

It seems we have the cart before the horse then. This should come after legal is established. It doesn’t specifically say keys to decrypt will be provided and I don’t like assuming on things which aren’t in writing.

I wonder where all the supporters for this proposal are
Looking at the vote it should be pretty even, but looking at the comments it looks like only the team is supporting this.

I would assume that, as a Community Manager yourself, you have noticed that disagreement is always louder. When you agree with a proposal, there’s no need to take action. However, when you disagree with it, you have to make a comment and wait for a reply before making another comment. I’m stating general truths which I’m sure you are already aware of, thus I don’t understand your comment.
Since I have to comment for the masses, I’m in favor of this proposal.

The community rewards proposal seems to disagree

For reference
(https://dao.wonderland.money/t/rfc-community-rewards-proposal/19793/)

Actually not just that, pretty much all of the other proposals have received positive feedback from the community

Can be changed for WIP.

Thank you for bringing to my attention this example, as it might be the most appropriate to validate my point. You can see in the proposal you posted that all comments are made by the moderators team in an effort to boost engagement while there is only one comment from a community member. There is no disagreement for this proposal which leads to a small amount of comments, forcing the management to participate seeking further engagement.

Check the link again - I mistakingly added the DD instead of the RFC (Given this is also an RFC)

It’s shocking a proposal called “Community Rewards” has the majority of the community’s approval. I understand your point.

Let me preface my response by saying I’m going to speak in plain English as I’m not 100% confident in the use of the lingo.

I can appreciate the need to try and add another layer of security, but I feel like it’s a lot to ask investors not to have any idea who to hold accountable in the event of an attack on the treasury (suspicious transactions/theft).

I understand Multisig signers would prefer to remain anonymous for safety concerns; however, if we are to believe that a sophisticated team of evildoers is capable of first uncovering the identities of all the multisig signers - then coordinating a simultaneous attack on all of them in order to obtain the keys — then why wouldn’t this sophisticated team simply be able to take the extra measure finding the FO and extracting the identity of the multisig signers first. If they can do one then they can certainly do the other.

Now, if we’re talking about random “wrench” attacks then perhaps a more moderate solution would be to include “hazard pay” with the position. Maybe hire a firm to continually monitor the internet/social media for the possibility that one of the signers is doxxed. And/or provide each with a highly trained attack dog.

The bottom line is that transparency is one of the hallmarks of this project and it’s a slippery slope when you start chipping away at that transparency even if it’s under the best of intentions.

For those reasons it’s a no for me.

We trust the team with the multisig, ops etc, right? What’s the difference in trusting them with ‘publicly’ anon holders, but who have been doxxed and is known by the same team?

If it turns out we don’t like the performance of the team or a team member we at least have the recourse of voting them out. We have a clear understanding of their duties and responsibilities and it’s very transparent.

This is the Wild West and there are no protections or safeguards for our investment. So yes, I’d like more than just a “trust me, bro” in regards to who holds the keys to the proverbial vault.

Would it be possible to consider allocating security privileges to multisig members and requiring them to be at least semi-doxed? In general, I support the proposal.

You can do the same for any multisig signers.

Each of them have a specific address. You can measure their performance by looking at who initiates transactions, signs them and executes them.

You can see how long a transaction was pending before it was excuted. If the three signers are always the same one, but somehow transaction can be pending for days with only one or two signatures then the performance of the other signers may not be good enough for the DAO and it can ask for the signer with a specific address to be replaced.

Your only argument here is trust. Trust in those anon members that you don’t know the identity of and trust in the team that they are appointing someone trust worthy.

The idea that the DAO will know who to hold accountable because it knows a made up name on a tech platform is laughable at best.

There is a doxxing mecanism proposed, it can be improved/better defined if it judged not good enough, but I don’t see a lot of that being proposed. Most comments seems to be asking for a level of transparency that will only give the DAO a fake sentiment of security.