Proposal Name: Secure Transition of Funds to Multisig Wallet - Phase 1
Proposal Category: Process
Abstract
Indeed, it’s time to update the system in our DAO. This proposal seeks to establish a secure, efficient, and clear process for the Apecoin DAO to take custody of 1% of the funds currently held at Coinbase, and transfer them to a multi-sig wallet controlled by the five members of the Special Council and the three members of the Governance Working Group. The goal is to ensure that this transition is done with the utmost security and in accordance with best practices. This proposal only covers the initial transfer of 1% of the funds. A subsequent proposal will be required for the transfer of the remaining funds.
Boring Security, an ApecoinDAO-funded proposal (AIP-133), will audit this proposal and supervise the implementation process to ensure best security practices are followed. Their role is particularly vital given the risks associated with keeping funds in centralized entities like Coinbase, which are facing increasing scrutiny from legal institutions.
Benefit to ApeCoin Ecosystem
The successful implementation of this proposal will bring several key benefits to the ApeCoin ecosystem:
-
Enhanced Security: By moving funds to a multi-sig wallet, the DAO will significantly increase the security of its assets. The requirement for multiple signatures for any transaction reduces the risk of unauthorized access and fraudulent transactions. Regular audits and the guidance of Boring Security will further bolster the security measures in place.
-
Greater Control: The transfer of funds from a centralized entity like Coinbase to a multi-sig wallet increases the DAO’s control over its assets. This move aligns with the principles of decentralization and self-custody, central tenets of the ApeCoin ecosystem.
-
Increased Transparency: The use of a multi-sig wallet allows for greater transparency in the management and movement of funds. Every transaction will require the approval of multiple signers, making the process more open and accountable.
-
Risk Mitigation: The plan to gradually transfer the funds, beginning with 1% and reevaluating at each step, allows the DAO to mitigate risks associated with the transition. This cautious approach ensures that any potential issues can be identified and addressed early in the process, without endangering a large portion of the funds.
-
Legal Compliance: With legal institutions increasingly scrutinizing centralized entities like Coinbase, moving funds to a multi-sig wallet can help ensure that the DAO stays ahead of any potential legal issues.
-
Community Trust: By taking these steps to secure and decentralize the DAO’s funds, the proposal also serves to enhance trust within the ApeCoin community. Demonstrating that the management of funds is taken seriously and handled in a secure and transparent manner can contribute to increased confidence and participation in the DAO.
-
Faster Funding of Proposals: By having the funds in the DAO’s control, the speed at which approved proposals can be funded is likely to increase. This can lead to quicker implementation of initiatives, thereby accelerating the growth and development of the ApeCoin ecosystem.
Motivation
With the funds currently held at Coinbase, the DAO is exposed to risks associated with centralized entities, including potential legal actions and the lack of full control over its assets. This proposal seeks to rectify this issue and enable the DAO to better protect and manage its assets, in line with the DAO’s principles of transparency, decentralization, and self-custody.
Rationale
A multi-sig wallet offers multiple layers of security for the DAO’s funds and ensures that no single person has control over the assets. This transition aligns with the DAO’s goals of decentralization and security. It also provides a more transparent and accountable system for fund management.
This is where the DAO assets are as of the moment writing this proposal
We pay large amounts of fees to Coinbase as included in the latest APE FOUNDATION
TRANSPARENCY REPORT
Currently, we are incurring costs while placing ourselves under the control of a single entity. This centralized entity could potentially be shut down or have its assets, including our treasury, frozen by a single court order in one jurisdiction. This represents a considerable risk to our operations and financial security.
Specifications
The process of transition will involve these steps:
-
Transition Planning: The Special Council and Governance Working Group will jointly plan the transition process hand by hand with Boring Security. This will include identifying the necessary steps, determining the sequence of these steps, and setting timelines for each step. Boring Security will audit the plan and provide feedback.
-
Wallet Setup: A multi-sig wallet will be set up with the five members of the Special Council and the three members of the Governance Working Group as signers. Boring Security will supervise the setup to ensure it is secure and follows best practices and has 2 keys for the wallet held by them making it 5 SC - 3 WGS - 2 Boring Security, totaling 10 keys.
After establishing the treasury working group successfully 3 more signers for stewards of that group will be added, totaling 13 keys, further discussion will be opened then.
When the treasury working group is active we can discuss further more about how to work with stewards of that working group, but the urgency for this proposal can’t wait as we have the DAO in a vulnerable position with the current practices.
- Fund Transfer: A test transfer of 10,000 Apecoin will be conducted. If successful, the remainder of the 1% of the funds will be transferred from the Coinbase account to the multi-sig wallet in a controlled and secure manner within a week of the test transaction. Boring Security will oversee the transfer and provide guidance to ensure it is done securely.
The process will also include several safeguards to mitigate risks:
-
Multiple Signatures: Any transaction will require the approval of at least 5 - 6 out of 10 signers. This prevents any single person from unilaterally making transactions and adds an extra layer of security.
-
Regular Audits: The DAO will conduct regular audits of the wallet to ensure its security and the accuracy of its records. Boring Security will conduct these audits or provide guidance on best practices for conducting them.
-
Backup Plans: Contingency plans will be in place in case of emergencies, such as a signer losing access to their private keys. Boring Security will provide guidance on creating these plans.
As an author of AIP I want to be involved in the meetings regarding executing this proposal as much as possible as a community member that will make sure to carry this forward with care and a neutral perspective.
Steps to Implement
-
Formally request Boring Security to audit this proposal and provide feedback on it.
-
Identify and invite the five Special Council members and three Governance Working Group stewards to be signers.
-
Set up the multi-sig wallet with the supervision of Boring Security.
-
Plan and schedule the transition of 1% of the funds from Coinbase to the multi-sig wallet.
-
Conduct the test transfer of 10,000 Apecoin and, if successful, proceed with the remainder of the 1% transfer within a week. This will be done under the supervision of Boring Security.
-
Set up regular audits and contingency plans with guidance from Boring Security.
Timeline
This proposal will be implemented within 60 days of its approval, to allow for thorough planning, setup, and transition. The test transfer of 10,000 Apecoin will take place within 60 days of the proposal’s approval, and the remaining transfer to complete the 1% will occur within a week of the successful test transfer.
A subsequent proposal for the transfer of an additional amount of the funds (approximately 10%) will be submitted by me within two months of the completion of the 1% transfer but before the end of the third month. If I fail to do so Boring Security will lead the initiative completely from there, the ultimate goal is to have transferred 80% of the funds within a maximum period of 1 year 6 months as a maximum deadline but can be done before that, with a reevaluation at each step and any party that delays this proposal execution after it gets approved will be held accountable from the community, the time window offered is more than enough to arrange meetings and open dialogue with the necessary people to get it done.
Overall Cost
The implementation of this proposal will have minimal direct costs, primarily associated with the transaction fees for transferring the funds. However, the DAO should consider allocating a budget for potential audits and security measures, as well as any fees associated with Boring Security’s services.
(It can be zero cost if AIP133 can cover this initiative, I would appreciate your feedback on this point and all of the proposal put together)