SIP-0047: Changing of the Guardians

You can find below a link to the draft SIP-0047: Changing of the Guardians:

You’ll notice that currently, the actual Guardian signers have not been specified. This is intentional. Right now we’re just looking for a high-level “concept ACK”. In the background we are working on compiling and reviewing the list of Guardian signers, once the people involved in this process have alignment on this list, we will extend formal invitations to be a signer to everyone on the final list, and once we get approvals from everyone invited, we will update the SIP with the list of names and addresses of the final proposed Guardian signers.

Happy to answer any questions or take feedback here.

1 Like

It isn’t clear who or which entities are the individual signers of each multi-sig. Is this intentionally redacted?

It states “We further propose updating the membership set of the Exchequer Multisig and renaming this multisig the Bitocracy Guardian”. So, Exchequer members are the signers for Bitocracy Guardian. But what about for Contracts Guardian, who are the signers on that one and how will those be chosen?

I added a section to the OP above about this

1 Like

Is the 3-9 and 3-12 multisig for a guardian role some kind of standard in Defi protocols?

I understand that the Guardians are an “improvement” over the current Exchequer Multisig but was there a wider discussion around the topic of a Guardian veto? Is there a need for a discussuin around this topic?
As I recall when the staking contract was paused recently some people expressed concern. Naturally I want the protocol to be secure but giving this veto power to 3 people/address “feels” weird.

Are the guardians a permanent feature of the Sovryn protocol or will they be unnecessary at some point?

In the examples of harmful proposals section, how can a proposal transfer ownership or do any such harm before the bitocracy has even voted on it?

In the non-harmful section, perhaps I misunderstood, but would that also mean that IF 3-of-9 people who hold veto get compromised that they CAN implement KYC or any of the other things mentioned against the will of bitocracy?

Is “BEST Effort” the best that Sovryn stakers can expect? Is there an explanation for this concept somewhere that can help me understand this? Because when I read that paragraph it makes me think that these multisig will have the power but no responsibility, you are on your own. Again maybe I misunderstood.

There is no standard for this. But having a multisig with the power to either veto onchain proposals or have the exclusive right to enact them is not uncommon.

The Guardian has been in place since the beginning of the project. There may have been some private discussion among the founders about it but I don’t think it was ever explicitly discussed at length in public and with the wider community. The Guardian has been take as a given.

If you can link to those concerns I’d be interested to document them here. Note that this veto power is already held by three people (Exchequer Multisig is a 3-of-5 multisig).

We originally intended to implement the ability for Bitocracy to override a veto, if the proposal has overwhelming support (supermajority quorum, supermajority support). But given the issues with the Staking contract recently (which could have screwed us over had we implemented this override functionality) we decided to put this off and revisit in 5 months.

Proposals can only be vetoed after they have been approved, during the timelock period before they are executed. I noticed looking at this section that the language could be tightened up, so thanks for drawing my attention to it.

No. Guardian can only veto proposals, not push them through.

You read that correctly. It basically means that the Guardian signers shouldn’t be expected to catch every malicious proposal. They are only human, and the complexities of life could get in the way of them fulfilling their role.