1/ π― DAO Vulnerabilities Report: Exploring & Mapping Lido Governance
The results of a resilience assessment of @LidoFinance liquid #ETH staking protocol governance.
𧡠A TL;DR tweet thread of the findings, relevant to all in #Web3 & #DAOs
medium.com/block-science/β¦
The results of a resilience assessment of @LidoFinance liquid #ETH staking protocol governance.
𧡠A TL;DR tweet thread of the findings, relevant to all in #Web3 & #DAOs
medium.com/block-science/β¦
2/ Based on @kelsiemvn's #DAO vulnerabilities piece, @LidoFinance asked us to undertake a governance assessment of its DAO.
medium.com/block-science/β¦
medium.com/block-science/β¦
3/ IDing vulnerabilities can produce opportunities to improve adaptive capacity, resilience & growth - essential for true DAO autonomy.
This requires understanding both human stakeholders & technical mechanisms, and using controls to align incentives between stakeholders.
This requires understanding both human stakeholders & technical mechanisms, and using controls to align incentives between stakeholders.
4/ We used qualitative methods - stakeholder interviews & reviews of:
π Code repos
π Block explorers
π Analytics dashboards
πΌ Contract interfaces
π‘ Communication channels
The report includes Lido context, gov insights, vulnerabilities & suggestions for further research.
π Code repos
π Block explorers
π Analytics dashboards
πΌ Contract interfaces
π‘ Communication channels
The report includes Lido context, gov insights, vulnerabilities & suggestions for further research.
5/ β What is @LidoFinance?
βͺ A financial platform offering #ETH staking derivatives for a management fee.
βͺ Users earn liquid token staking rewards w/out locking assets or maintaining their own staking infrastructure.
βͺ Users deposit ETH, receive stETH & 10% flows to the DAO
βͺ A financial platform offering #ETH staking derivatives for a management fee.
βͺ Users earn liquid token staking rewards w/out locking assets or maintaining their own staking infrastructure.
βͺ Users deposit ETH, receive stETH & 10% flows to the DAO
6/ π THE PROOF OF STAKE LANDSCAPE
If blockspace producers can re-order or censor transactions, governance over that process is critical for blockchains to exist as public goods.
To read more about PoS markets, check out this piece by @alkimiya_io
mirror.xyz/alkimiya-protoβ¦
If blockspace producers can re-order or censor transactions, governance over that process is critical for blockchains to exist as public goods.
To read more about PoS markets, check out this piece by @alkimiya_io
mirror.xyz/alkimiya-protoβ¦
7/ If blockspace on PoS chains becomes a winner take all market, to be competitive @LidoFinance needs to:
βͺ Gain market share to become dominant "decentralized" #ETH staking provider
βͺ ID & address vulnerabilities
βͺ Remain adaptive & resilient
βͺ Gain market share to become dominant "decentralized" #ETH staking provider
βͺ ID & address vulnerabilities
βͺ Remain adaptive & resilient
8/ πΊοΈ LIDO STAKEHOLDERS
βͺ PRIMARY: LDO token holders, governance sub-committees, multi-sig signers, employees & stETH users
βͺ SECONDARY: stETH DApps, validators, oracle operators, interface operators, etc.
βͺ OUTER: Layer 1 blockchains, competing staking service providers
βͺ PRIMARY: LDO token holders, governance sub-committees, multi-sig signers, employees & stETH users
βͺ SECONDARY: stETH DApps, validators, oracle operators, interface operators, etc.
βͺ OUTER: Layer 1 blockchains, competing staking service providers
9/ π‘ GOVERNANCE INSIGHTS: #GovernanceMinimization
1st used by @paradigm to mean "reducing the power and reliance on governance wherever possible." AKA people trust a system that *can't* change vs. operators saying they won't.
paradigm.xyz/2020/10/870
1st used by @paradigm to mean "reducing the power and reliance on governance wherever possible." AKA people trust a system that *can't* change vs. operators saying they won't.
paradigm.xyz/2020/10/870
10/ π€ An approach: deferring governance to algorithmic processes at the tech layer.
This is gov *process* automation - #governance itself cannot be automated. It merely moves decisions from ops to the strategic design layer which shifts who can see & affect the decisions.
This is gov *process* automation - #governance itself cannot be automated. It merely moves decisions from ops to the strategic design layer which shifts who can see & affect the decisions.
11/ Gov minimization can reduce political battles, but where automation & human #governance are applied is political.
If minimized too much, a system can't be "steered" & loses adaptivity.
medium.com/block-science/β¦
If minimized too much, a system can't be "steered" & loses adaptivity.
medium.com/block-science/β¦
12/ β @LidoFinance must:
βͺ Apply constraints to avoid systemic risk
βͺ Allow freedom for operational efficiency
Balancing adaptivity & resilience over time is crucial for success.
βͺ Apply constraints to avoid systemic risk
βͺ Allow freedom for operational efficiency
Balancing adaptivity & resilience over time is crucial for success.
13/ π GOV INSIGHTS: Right Sizing
How does Lido maintain this balance?
βASK:
βͺ What is operational? (can be automated)
βͺ What is strategic? (requires human input)
βͺ What can be observed? (sensors & analytics)
βͺ What can be controlled? (actuators & mechanisms)
How does Lido maintain this balance?
βASK:
βͺ What is operational? (can be automated)
βͺ What is strategic? (requires human input)
βͺ What can be observed? (sensors & analytics)
βͺ What can be controlled? (actuators & mechanisms)
14/ π These dynamics can be tuned to achieve a system's goals
#Decentralization for its own sake is not productive - rather:
βͺ Reduce single points of failure
βͺ Put constraints on operator permissions around system level decisions
βͺ Create options for users to voice & exit
#Decentralization for its own sake is not productive - rather:
βͺ Reduce single points of failure
βͺ Put constraints on operator permissions around system level decisions
βͺ Create options for users to voice & exit
15/ π #GOVERNANCESURFACE
Enables a system to adapt to fulfill its function - surface should be as small as possible, but no smaller:
β Too small - no levers to "steer"
β Too big - impossible to observe & control
This report explores minimizing risk, and separating gov & ops
Enables a system to adapt to fulfill its function - surface should be as small as possible, but no smaller:
β Too small - no levers to "steer"
β Too big - impossible to observe & control
This report explores minimizing risk, and separating gov & ops
16/ πFORM FOLLOWS FUNCTION
#DAO concepts #decentralization & βautonomyβ mean no one party controls the system. What this looks like for @LidoFinance is different than say, a Layer 1 protocol. Lido is optimizing for its stated goal - simple, secure, liquid staking.
#DAO concepts #decentralization & βautonomyβ mean no one party controls the system. What this looks like for @LidoFinance is different than say, a Layer 1 protocol. Lido is optimizing for its stated goal - simple, secure, liquid staking.
17/ Lido gov processes adapted & evolved to enable new functions + put constraints on existing functions i.e. Easy Track Governance:
βͺ Sub-system w/ more freedom for operators (adaptivity)
βͺ What can be acted on is constrained (Governance Minimization)
blog.lido.fi/optimizing-daoβ¦
βͺ Sub-system w/ more freedom for operators (adaptivity)
βͺ What can be acted on is constrained (Governance Minimization)
blog.lido.fi/optimizing-daoβ¦
18/ Creating sub-systems for operational functions that are separate from root level strategic DAO decisions, @LidoFinance can minimize governance risk and move towards trustless #ETH staking.
blog.lido.fi/the-road-to-trβ¦
blog.lido.fi/the-road-to-trβ¦
19/ πΊοΈ LIDO VULNERABILITIES
To discover the social/technical/economic vulnerabilities in the #governancesurface of @LidoFinance, including general vulnerabilities that could affect other #DAOs, read the full report:
medium.com/block-science/β¦
To discover the social/technical/economic vulnerabilities in the #governancesurface of @LidoFinance, including general vulnerabilities that could affect other #DAOs, read the full report:
medium.com/block-science/β¦
20/ Governance and related assessments are a process not a destination & are highly complex in the nascent domain of #DAOs. We commend the Lido team and community efforts towards decentralized liquid staking.
lido.fi
lido.fi
21/ A special thank you to report authors @kelsiemvn burrrata @mZargham @JessicaZartler + the BlockScience team for review & @LidoFinance & interview participants for catalyzing this assessment. π
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
γ
