Governance Open Thread
As promised, here is an overview of ideas I and others have been working on around improving yearn Governance for open discussion.
I do not have all the answers. I have some opinions I’ve shared below and I’m totally open to changing and evolving if people have better ideas.
I apologize if I’ve made any mistakes, misundstood things, missed details, or poorly communicated concepts below. I erred on the side of speed and openness in sharing my thoughts rather than caution and diligence. Let’s work on this together – we can update the below and add details via comments, then potentially revise this into some kind of action plan and then a proposal or two.
Much of the below is based on the work of others, though if there are errors the fault is mine. I apologize for not comprehensively crediting folks, again erring on the side of speed here. Here are some of the people who’s ideas and work has informed this post: @lex_node @lehnberg @aliatiia @cyrus @Zakku @Substreight @chris @Arcturus @vsh_p2p @banteg @milkyklim and many others.
Please help us improve this through constructive discussion. I’ve asked @dudesahn and @Dark
to moderate closely — no personal attacks or trolling please. Let’s give each other the benefit of the doubt and see if we can’t create something beautiful together.
- This post is an open discussion on how to improve Yearn governance
- As per YIP-41 extension we have 3 months to transition from the multisig to a “multi-DAO” structure or propose some other new method of governance
- Transitioning means spreading decision-making and transaction execution powers to different groups and mechanisms
- Options for decision making, execution, and voting are discussed below
This list is a work-in-progress and will be updated through the discussion.
- Propose a new allocation of key decision making powers to 1) YFI-holders, 2) main multisig, 3) specific independent workgroups
- Enumerate specific independent workgroups and their powers
- Distribute some transaction execution powers off of the multisig
- Clarify the control surface of YFI voting
- Create a spec for a new DAO platform for YFI voting
- Clarify the role of the main multisig
YIP-41 and Multisig Transition
In August 2020, YIP-41 (Temporarily Empower Multisig) was approved by YFI holders to:
- temporarily empower yearn Multisig members “to make personnel & budgetary decisions” for a six-month period; and
- task the Multisig with “facilitating the creation and transition to a multi-DAO structure”.
On February 24th, YIP-59 extended these powers for 3 months, giving us a little more time to make the transition.
In considering how to implement this transition, let’s start by looking at what the multisig is currently doing and why this transition is important.
The multisig has been granted decision-making powers by YFI holders through the passing of four proposals. These proposals are quoted below. Text not pertaining to multisig powers has been removed.
YIP-41: Temporarily Empower Multisig [link]
YIP-54: Formalize Operations Funding [link]
YIP-56: Buyback and Build [link]
YIP-57: Funding Yearn’s Future [link]
The Multisig in Practice
In practice, the multisig does not act as a workgroup making all of these decisions themselves. What has emerged within Yearn organically is a number of interconnected workgroups that take on various responsibilities, make decisions, then propose these to the multisig for execution.
The Multisig reviews these decisions, offers feedback, and then signs them at each signer’s discretion. The essential role of the Multisig is as a safety valve rather than a decision-making or executive body.
Two Kinds of Powers
There are two important ways to think about transitioning power from the multisig:
- power to make decisions
- power to execute transactions
IMO we should implement a system that moves as much of these two powers off of the multisig and onto the most appropriate decentralized structures as possible.
Power to Make Decisions
Regarding decision-making, Yearn is already working as a kind of multi-DAO structure. As mentioned above, the majority of work at Yearn gets done in a number of interconnected work groups. Generally these groups cooridinate using telegram. Here are some examples of groups and some of what they do:
- Manage and organize docs.yearn.finance
- Write content for docs.yearn.finance
- Data aggregation and analysis
- Create financial reports
- Budget management
- General facilitation across all Yearn projects
- Coordinating across different teams
- Deciding on community grants
YFI Compensation Working Group
- Compensation design
YFI Web Advisors
- Discussion, feedback, and testing of yearn frontends
On quick count, I have 36 telegram groups with the YFI prefix we use when making a new workgroup. Some are temporary, some go idle after their work is done, and some have hundreds of messages a day.
Why transition decision making powers from the multisig? One reason is because most of them already are being made in these emergent groups and it’s working well.
Specifying and formally delegating certain decision-making powers to a number of these groups will significanly help our efficiency and the distribition of leadership within Yearn. While many contributors feel empowered to make decisions, the lack of structure or clarity around who is allowed to decide things often results in too many decisions flowing to the Ops team which is a poor use of resources.
Power to Execute Transactions
This is the kind of power often associated with DAOs (a multisig is a kind of DAO). The power to interact with contracts and move funds. This kind of power requires the security of something like the Gnosis SAFE multisig that we use.
The Yearn multisig executes on average 1.5 transactions a day, and some days many more. These are often complicated transactions that take a tremendous amount of work. As I’m writing this, banteg has just sent a message in one of our telegram groups asking for help:
And beyond creating the transactions, each one needs to be verified and signed by at least six signers. (you can see the list of our signers on the FAQ.) This is a lot of work, and risk, for the signers to take on.
Every kind of DAO mechanism — Gnosis SAFE, Aragon, Colony, MolochDAO, DAOStack, etc — has a high degree of technological friction in their operation. This is well worth it when we are talking about securing millions of dollars, but less of a great solution for some other transactions.
IMO we should work to transition as many of the transactions off of the multisig as we can while not sacrificing the operational flexibility that is one of Yearn’s superpowers.
Let’s look at the options for executing transactions, from highest friction & most secure to lowest friction & least secure:
- Coin-voting DAOs with on-chain execution
- DAO platforms: Aragon 2, MolochDAO, Colony, etc
- Governance libraries like Compound and Aave
- Gnosis SAFE Multisig
- EOA Wallet
We have work to do looking at the kinds of transactions the multisig currently executes and seeing what the other options are, for instance:
We could move some transactions to a DAO with on-chain execution.
- If we implement a new DAO platform with on-chain execution, transactions that require a vote, such as interacting with the YFI minting contract, could be moved off the multisig completely
- As it is now we use snapshot to vote and then the multisig executes the spec for proposals that pass with binding votes
- With on-chain execution for some votes the code would be included in the proposal and automatically executed if the proposal passes. This system does need some kind of breaker such as a court of multisig to intervene in some cases, such as if a bug is found in the code after it passes. But note that it’s a huge waste of resources to spend effort codifying proposals to the point where they are production-grade quality, only for them to be voted down and thrown away.
We could create additional multisigs
- We have tried this already when we created a docs multisig to distrubute docs budget, but that didn’t work well since there wasn’t that much money flowing and the friction was too high
- We recently gave the strategists multisig the power to control experimental vaults on ape.tax, this is a better example as this team has high technical capabilities, the need for security isn’t as high as the production vaults controlled by the main multisig, and it offloads work from the main multisig
And in some cases, discretionary EOA wallets should be used
- Many companies have petty cash funds. Often at yearn contributors pay small expenses out of pocket since it’s too much work to go through the normal channels
- @milkyklim currently has a 10k USDC allowance on the main multisig he can use without other signers which enables faster action and is independently auditable
But even by spreading some execution power around, there is no way I can see to get rid of the multisig completely, nor should we – it’s a valuable tool. Most decisions should still be executed by the multisig, but some could be offloaded including via on-chain execution from YFI voting (a small fraction of transaction) or those that don’t require the security of the multisig.
Ok, summarizing the above and adding some other small points, here’s what we need to do:
- We have 3 months to transition to a multi-DAO structure, let’s shoot for passing a proposal here this month
- Topics to consider in the propsoal
- on-chain execution for YFI voting
- delegating some transactions to other multisigs or EOAs
- delegating some decision-making powers to workgroups
- clarifying what decisions are not delegated and can only be made by voting
- clarying how YFI voters can revoke delegation and hold teams accountible
- a plan for regular rotation of multisig signers
- clarifying what principals the multisig uses to verify transactions are valid and can be signed
The last two points I haven’t mentioned yet. Although the multisig is primarily our system to execute decisions, what specific decisions should the multisig make? Outside of whatever set of operational decisions stay in their power, what is the criteria they should use for deciding whether to sign or not? Something like: Is this transaction valid within yearn’s set of rules? or, could this transaction be fraudulent? Etc. Let’s clarify this.
Although we have no specific mandate to improve YFI voting, I think many of us will agree this needs some work. This has been discussed a bit above, but let’s separate out some todos here:
- Do we need a platform for on-chain execution?
- Do we need vote delegation?
- What other voting systems should we consider?
- We need to decide and clarify more specifically what YFI voting should control
- We need to better document and communicate our voting rules
Platforms for On-Chain Execution
I had been working with Aragon on a proposal to use Aragon 2 for this purpose. This has been paused after some large changes at Aragon One, the company that develops their protocol. I really like Aragon and their team — I just felt it prudent to hold off for now since long-term stability is an important factor when chosing a platform for Yearn. Not ruling this direction out at all, just giving it some space.
Lots of good things about Aragon 2, some good links to review in Jorge’s post. Tl;dr is that it uses snapshot for gasless voting and can add in on-chain execution with a multisig or court in the middle for dispute resolution.
There is no clear best direction for us right now that I can see. There are a lot of cool developments we should track and consider though. Here’s a short list:
Colony v2 comes out soon
- So many good ideas here, definitely interested in testing it, but unsure of how it would fit our workflow
- Can work on xDAI
- Aave’s Governance contract
- Similar to Compound’s but I’m told it lets you parameterize quorum and timelock more easily
- I think it’s just on mainnet
- New projects to track
Clarify what YFI Should Control
In the early days of yearn there was a proposal to have Andre appear on a podcast. At that time this kind of proposal made some sense, but it no longer does and it illustrates the confusion around YFI voting.
There is no document that explains what YFI can or can’t be used to vote for. This is not just a documentation issue, it’s a collective intelligence issue – it is not something we as a community have fully figured out yet. And it’s time that we did.
This post outlines some developing ideas around improving the multisig and YFI voting. There are many options for how to implement our governance, and no one option is correct.
Where one system may work for one community, it may not work for another. Different communities have different needs and we are all experimenting. For instance, some people think that the DAO should make all the decisions via voting. That’s one POV and some DAOs do that. IMO it’s not a great fit for Yearn’s contributor community that has a bias towards trusting each other and taking action. That’s why I believe our model of constrained delegation has emerged and been quite successful, though not always clear enough. Delegating authority to people or groups does not invalidate decentralized governance – it’s just another postion in a multidimensional gradient of dynamic and evolving governance options. We get to decide how we want Yearn to run.
Towards that end, there are a lot of interesting concepts I haven’t gone into here, like liquid democracy, conviction voting, and other theories of governance — totally up to discuss those and more, what I have outlined above is by no means meant to be comprehensive.
This post is a starting point for discussion. Please weigh in and share your thoughts on how we can improve Yearn’s governance.