✔️ TDP 44: mStableDAO Restructure

Simple Summary

It is proposed to restructure the mStableDAO in order to increase its efficiency as well as overall ability to scale in the future without further re-adjustments down the line in order to prepare for the release of mStable v2.

Since the restructuring process as a whole is extensive, it is also proposed to split the mStableDAO restructuring into multiple TDPs in order to maintain explicitness in the voting outcome as well as ensuring a digestible format for Meta Governors. The entire process will contain 4 TDPs in total.

TDP 44: mStableDAO Restructure is concerned with the overall consensus on

  • Whether or not Meta Governors wish the mStableDAO to be restructured as described below
  • The format of having subsequent TDPs that will resolve more granular details of the restructuring process as a whole

Abstract

This first TDP is targeted at the overall proposition to begin the restructuring of the mStableDAO.

The key actions proposed include:

  • Introducing a general universal contributor title which would involve removing current individual rules and holding a full election process (part of the next TDP) for each of the available seats inside of the respective DAO. Both DAOs will operate under a 4/6 multisig.
  • Merging the Asset Management subDAO with the TreasuryDAO and absorb primary funding functions of the Funding subDAO back into the TreasuryDAO.
  • Creation of a new “Builder subDAO” to separate the ProtocolDAO from the full-time contributor’s group that is responsible for the continuous roll-out and operations of the mStable product line. The creation of this subDAO will ensure the long-term success of the protocol while preventing any centralized points of failure or sensitivity to external threats

Motivation

mStable is transitioning toward a new vision of becoming a leader in 4626 vaults and an efficient DAO structure is critical in making this vision a reality.

Since its inception, the mStableDAO has gone through several iterations in an attempt to improve its efficiency. Examples include improvements to the ProtocolDAO structure, the creation of the Asset Management subDAO and creation of the Funding subDAO.

Fundamentally, the ProtocolDAO and TreasuryDAO have proven to serve their purpose in executing the will of the Meta Governors. However, we have learned that slow execution in multisigs has not always been resolved by reducing the size of the signer group and that in fact, 2/3 multisigs may be more susceptible to delays than larger structures such as 4/7 multisigs. This is evidenced by the efficiency of the current ProtocolDAO, and the delays that have been experienced in smaller signer structures within the Asset Management and Funding subDAOs. Instead, delays tend to be caused by a lack of clarity in the responsibilities of signers and a lack of availability and engagement, as well as time zone differences in some cases.

Inefficiencies that have been identified in the current DAO structure include:

  • The complexity of the current DAO structure and a lack of clarity around the responsibilities and purpose of each entity
  • A number of disengaged signers on the TreasuryDAO, leading to long delays in transaction execution
  • Lack of thorough review and verification of transactions due to low involvement in the governance or decision-making process
  • Compromised security in the Asset Management subDAO, which now custodies around $3.5m in assets, without significant gains in efficiency
  • Growth of off-chain entity operations and associated costs, leading to more centralization and complexity
  • A disconnect between the way the core team works together and the structure of the DAO
  • A lack of clear purpose and deliverables for entities funded by the mStableDAO

This proposal aims to address the inefficiencies outlined above through simplification of DAO structure and clarification of the purpose, responsibilities, and decision-making processes within each entity.

Aside from aligning with a new vision and focus for mStable, the timing of this review also coincides with a number of key dates that would have already required individual governance processes, so it’s the perfect time to consolidate all of these requests in this restructuring proposal.

Specification

1.) Begin parallel rollout of TDP 45 for the election process, TDP 46 for the GrantsDAO and Community subDAO consolidation & review of the GrantsDAOs success after it’s first year of operation, as well as TDP 47 for the proposed compensation model under which the mStableDAO will fund its workforce.

2.) Resolve the voting outcome of TDP 44: mStableDAO Restructure in order to begin the creation of subsequent key proposals in the following epochs. In case of an unfavourable voting outcome, the mStableDAO will not be restructured and votes on subsequent TDPs and further resolutions listed in the specification not take place.

3.) As each of the TDPs resolves, begin implementing the changes as ratified via Meta Governors in parallel as to reduce overhead and increase efficiency of the rollout.

4.) After the elections have been successfully held, begin the process of replacing all old signers in the respective DAO with the newly elected contributors.

5.) Start the process of migrating all key positions the Asset Management subDAO holds back into the TreasuryDAO. This will be done after elections in order to ensure an agile redeployment.

During this transition period, the Asset Management subDAO will have the TreasuryDAO signer structure replicated. After the migration has been completed, the Asset Management subDAO will be sunset.

Next Steps

Pending no significant changes to its content, this proposal will be taken to a Snapshot vote on Monday, the 27th of June 2022 .

Voting will be open for a 5 days window to give adequate time for a concurrent discussion. Governors can change their vote at any time should the discussion sway their decision. We look forward to hearing what MTA token holders have to say and seeing how they cast their votes.

3 Likes

Thanks for this @mZeroNine
I’m highly in support of the content proposal: both on the way signers’ requirements are getting explicit (and subsequently rewarded) while introducing this status of a universal contributor with frequent rotations. It seems to be an ideal way to have the DAO mechanics reflecting the focus of the project on 4626 vaults

I also think a multi-TDP approach fits very well into the restructuring process.
Can’t wait to ideate on the TDP 45

2 Likes

A few points from my side:

  • I would recommend a 5/8 Multisig. We are talking about controlling important aspects of the protocol and the entirety of our funds.

  • How will the current team structure be present or changed with this mStableDAO restructure? Will it just change umbrellas? Or will the structure be adjusted of how we operate now as core contributor? Will we further define how the BuilderDAO operates?

  • Recommend to have clarity in the proposal whether we name it Product or Builder subDAO.

Generally in favour! Looking forward to the subsequent proposals.

2 Likes

Thanks for the feedback dimsome!

Regarding the multisig, there is now 3 proposed structures:

1.) 4/6 from the TDP

2.) 3/5 for TreasuryDAO & 4/7 for ProtocolDAO (Raised internally)

3.) 5/8 for both the TreasuryDAO/ProtocolDAO (I assume you recommend this for both?)

Regarding the current team structure, I presume you refer to the mStable Core Team? They will all be part of the Product/Builder subDAO and operations should remain the exact same, but @soulsby or @james.simpson probably have this worked out in greater detail.

Regarding the name, I think we can simply create a poll here and the winning name will be included in the TDP, sounds fair? To be honest, the subDAO should do this poll internally though, as they will be the ones living in the subDAO, but happy either way.

1 Like

Wow, it’s crazy to me that anyone would suggest controlling our Treasury with a 3/5 multisig.

Yes, I would suggest that

I don’t think it’s fair to adjust that later, that just leaves a trial of different names. So Yup, agree. Let’s do a poll here and decide what to write down in the proposal :slight_smile:

1 Like

Thanks @mZeroNine.

To add my comments in response to @dimsome’s questions as well:

  • I raised some concerns that 4/6 (67%) could be a little too higher bar to clear to make transactions efficient, and therefore suggested 4/7 for the ProtocolDAO and 3/5 for the TreasuryDAO. I understand the concerns around security, but I think this should also be balanced with efficiency and cost of a larger structure. Currently, the ProtocolDAO is 4/8 (so 4/7 would be an improvement in security) and the TreasuryDAO is 4/7 (but much of the Treasury is managed by the 2/3 Asset Management subDAO, so on balance I think 3/5 would be an improvement here as well).

  • I don’t envision any major change compared to how contributors currently work. There would be another RFC to propose the first round of funding for the Builder subDAO which should outline more details of how the subDAO plans to operate. This should be put together by current contributors and proposed to MTA Governors.

  • As @mZeroNine mentioned, we could do a poll here but I feel like the consensus has been moving towards Builder subDAO.

1 Like

Thanks @soulsby, but I can’t fully agree on this.

Security >> efficiency

  • There would be little need to be efficient if we can be compromised by 3 signers. All the entirety of MTA holders, our core team would rely on a multisig that is safe to provide value to both parties.

  • I would prefer having a safe but inefficient multisig when it comes to the ENTIRETY of our funds rather than an unsafe but efficient multisig.

  • The comparison with the ProtocolDAO is flawed. The ProtocolDAO reach is limited and for the upgrades of the contracts there is a delayedProxyAdmin of 7 days. There is no such thing for the TreasuryDAO.

  • The subDAOs should only have a limited amount of money they managed, that’s why we accepted the tradeoff, however, the portion that is under both subDAOs is also something of concern.

  • Wasn’t the whole point of electing and positioning new signers into a new signer role to be more actively engaged as signers. Isn’t that the proposed solution addressing these inefficiencies. This is why we do this whole signer roles, elections and universal signer contributor: to be more actively engaged and efficient.

2 Likes

Ok, just posting the poll here to conclude how to move ahead with the naming of the Product/Builder subDAO. Voting will be open until Saturday.

I think it also makes sense to poll out the proposed multisig structure to gather how everyone feels about this, and then take it together with the discussion to come to some agreement and consensus! I don’t think we should let the poll here be the ultimate deciding factor, but rather serve as a temperature check, do you guys concur? Feels too important to hinge on a forum poll :grin:

What should the new Team subDAO be called?
  • Builder subDAO
  • Product subDAO

0 voters

How should the multisig of the ProtocolDAO & TreasuryDAO be structured?
  • 3/5 for the TreasuryDAO & 4/7 for the ProtocolDAO
  • 4/6 for TreasuryDAO & ProtocolDAO
  • 5/8 for TreasuryDAO & ProtocolDAO
  • Other setup (specify in a comment below)

0 voters

1 Like

Thanks @dimsome . To be clear, I agree we should not prioritise efficiency to the point of reducing security below an acceptable level. It’s always a matter of finding a balance between decentralization and cost/operational efficiency. And we should certainly debate where the correct balance lies.

I was merely making the point that in both cases, I believe this to be an improvement over the status quo. We could also reduce the amount custodied by the TreasuryDAO by sending future MTA emissions to the emissions controller. In that case, in terms of where Treasury Assets are held, we would essentially by replacing a 2/3 with a 3/5. I do agree though that the current risk level within the AM subDAO is a concern, so perhaps that is not a good benchmark.

Imo 5/8 goes too far in the other direction, especially if compensation is to be $1000 per month per signer. $16k per month in MTA is a large expense and over the long term could have a significant impact on the project’s funding runway.

Perhaps a 4/6 structure on both could be a nice option as it maintains a high level of security and keeps cost slightly lower. There would have to be a high expectation around signer availability though.

As I mentioned in the main DAO restructure RFC, another option would be to look at reducing compensation and also reducing other expectations of signers to make it cost effective to maintain a larger structure.

2 Likes

This all makes sense to me but I think I will have more opinions when the next TDPs come into play.

Thanks for putting this together :clap:

1 Like

Some thoughts around the current discussions :slight_smile:

To give some perspective, currently, the Asset Management SubDAO is basically controlling those funds and in a 2/3 Multisig. (60% vs 66%)
I strongly agree that security should be one of the key concerns of the project governance restructure. However, as a signer of the Treasury DAO, I’m very aware that it just took us 5 days to confirm a tx on a 5/7 Multisig.
Also, because this DAO will have an extended mandate including the current AM DAO one) , it will be operating a lot of tx, and I think we need to find a coherent balance between flexibility and security.
I don’t have a strong opinion on a specific signer number but a 5/8 could be a lot to operate even with highly active signers

3 Likes

I’m okay with a 4/6.

I’m aware of the ongoing price of this security to the protocol, so unless there is an explicit proposal about mixing the stipend source (some as MTA, some from treasury yield, some from protocol revenue, etc…) I think it’s prudent to run a little leaner than we’d like.

3 Likes

Streamlining operations and lowering cost is always good. Discussions in GrantsDAO have revealed that $1000 a month for being a signer is likely more than is required, but it is less than is required for those leading the group such as @stonp89. mStable has been stable and secure since inception and there is a large value in that design which to me puts a premium value on having 5/8 multisigs. Since the ever suspicious @trustindistrust is ok with a 4/6, I would potentially agree with the intent to move to 5/8 once the protocol hardens more.

  • 5/8 is more secure than 4/6 and security is a commodity in which mStable thrives
  • signers do not need to be paid the same as cat herders / leaders for subDAOs
  • thus, 5/8 should not be a significant additional cost since most of the cost would be for the lead
  • achieving a (6 choose 1) p (1-p)^5 + (6 choose 2 ) p^2 (1-p)^4 + (6 choose 3 ) p^3 (1-p)^3 probability of 3/6 signers not acting within a given time frame compared to a (8 choose 1) p (1-p)^7 + (8 choose 2 ) p^2 (1-p)^6 + (8 choose 3 ) p^3 (1-p)^5 + (8 choose 4 ) p^4 (1-p)^4 probability of 4/8 signers not acting at a certain speed does not seem to be a large drop in efficiency, in fact it can be faster if all signers are equal
  • I like to think of it as you’ve added two more parties and if they are as responsible as the original 6 then the redundancy actually makes it easier to achieve the desired number of signers in a shorter time frame given high quality signers (see below)
  • thus, ultimately it boils down to the quality of the signers and whether we have 8 quality, engaged, and responsive signers or if we only have 6 with substatially higher quality, engagment, and responsiveness then that would be preferable. But there are simple scenarios where you only have 7 quality candidates, then a 4/7 is better than 5/8.
  • for the above function “p” represents the probability that a signer makes a quality signature within a given time.
  • I suggest that the candidates be voted upon with rank voting before allocating the numbers (beyond rank voting, I would want each individual to be rated publicly in terms of their expected quality/thoughfulness and responsiveness/timely signatures).

Pro

In this graphic, we can see than 5/8 is superior to 4/6 in timeliness given that each candidate has a 50% chance or greater of responding by a given time period.

2 Likes

Thanks for all the fantastic feedback.

So it seems to me we’re having 2 final trends emerge:

1.) Stay with the 4/6 to find a concession between security and efficiency and costs
2.) Chose 5/8 if we want a slightly hardened version, with pretty much the same or slightly better efficiency, but with higher costs (currently around $24k yearly, unless we changed the responsibilities to lower this)

Personally, I feel we should go ahead with the 4/6 deployment for now and observe the efficiency and feeling of security over the course of 1 term, and then have a new discussion on whether or not we felt the need to increase to a 5/8 in the following term.

That’s of course only my own opinion, and the vote results so far show that the community is in two minds about it.

One thing that I’d like to re-iterate is that the runway for mStable is crucial, and 24k extra are significant for the project. I think if we were to consider such a move, and to slightly anticipate a move to a 5/8 eventually, we should seriously consider raising the protocol revenue distribution to the treasury to 75% or even 100% for the time being, especially in this current bear market and seeing that this might become relevant soon.

This will be part of another RFC though, as I don’t wish to derail the topic. So I guess the question now is if there are severe objections to trying 4/6 for one term (looking at you @dimsome) and then re-evaluate for a switch, or if we are ok to keep this way and simply adapt the Team subDAO name to Builder subDAO in the TDP?

I was hoping to post the Snapshot for this next Monday, but if there are strong feelings, we can delay a bit more of course.

Happy to hear your thoughts! As an alternative, we can also deploy the Snapshot with 2 “For” votes for either 4/6 or 5/8 and then one “Against”, but I am positive we can come to consensus without the need for this :grimacing:

1 Like

Wow, this is a fantastic analysis, thanks @Jeshli.

I understand now also the concerns about compensating another signer. I just wanted to strongly reject a 3/5. Given the concerns about compensation, I am fine with a 4/6. @mZeroNine

2 Likes

Probability of Attack Achieved
The simplest model confirms your claim that a 3/5 is much weaker than a 4/6. I am actually quite surprised how close the 4/6 is to the 5/8. They are equal when signers have a 40% chance of being evil, but 5/8 is only slightly better in the more realistic range. I added a 6/9 for reference because 6/9 is the same ratio as 4/6.

4 Likes

This is very relevant information. Given the calculations, we can confirm that with a lower probability of a bad actor (lower than 50%) 4/6 and 5/8 are equal.

Thanks for this @Jeshli, I am now even more fine with a 4/6.

4 Likes

Voting for TDP 44 is live and Meta Governors have until Friday to cast their ballot! :innocent:

After reading all the comments above and the amazing approach that @Jeshli took by showing with data the pros and cons . I think am pro 4/6 on the multisig and happy enough with the structure presented .

1 Like

Voting for TDP 44 has resolved unanimously in favour, and we’ll be restructuring the mStableDAO as proposed. Keep your eyes out on the following TDPs to decide exactly how the restructuring will take place in the coming weeks! :sunglasses: :facepunch: