Multi-signature crypto wallets are the most secure option for DAOs
Decentralized autonomous organizations pave the way for community governance for all types of companies. We are seeing new creative use cases for DAOs, such as GameFi comics laying the groundwork for the development of trading card games and support from key players such as Ethereum co-founder Vitalik Buterin – who has argued that there is value in shared decision-making to eliminate cooperative actions.
But at the other end of the spectrum, there are DAOs dissolving or running out of Ether (ETH) to pay back lenders, and there is also waning optimism. The number of critics is increasing along with their concern over the many attack vectors affecting projects. To end this narrative, DAOs must explore new structures to remain indestructible. To that end, multi-signature wallets are a necessary step towards users and contributors viewing DAOs as a secure alternative to centralized corporate structures and are an important part of pushing this egalitarian approach to decision-making forward.
Not 100% safe, but close
Concerns about securing DAO funds have cast the biggest shadow over their egalitarian structure. Any resource investment in the DAO will be stored in the treasury, and a proper governance structure is not negotiable. The first thing to make clear is that all Web3 projects and DAOs that want to ensure the ongoing operation and future growth of their protocol must maintain funds.
Making better spending and investment decisions should start with financial management – especially when DeFi platforms like bZx are exposed to hacks, with all members involved in the DAO’s governance team being held accountable for the carelessness of the protocol. There is no such thing as a 100% completely secure crypto wallet, but multi-signature wallets protect against external hacking threats, as hackers need access to more than one key to do so.
Not your keys, not your crypto
Large amounts of funds can tempt anyone, so DAOs that want to reduce the risk of unauthorized transactions or blanket pulling will benefit from having multiple signatories to approve each transaction. Crypto businesses are also subject to key person risk, just like any traditional business. The benefits of multi-signature wallets are twofold: they protect DAOs from malicious actors and from being hacked.
Related: DAOs must neutralize whales (and more) if they want better governance
The most infamous example of this type of risk may still be QuadrigaCX, where the death of crypto-founder Gerald Cotten – who was the sole owner of the cryptographic keys to the exchange wallet – left $198,435,000 worth of funds in an unrecoverable state. A multi-signature scheme will act as a backup, providing a hedge against the loss of a private key by allowing multiple keys to be stored in different locations.
Multi-signature wallets add an extra layer of security and transparency to transactions. One of the biggest misconceptions is that the signing of every transaction must be unanimous. But for a successful key transaction, a threshold or a certain number of signatories must be met – say three out of five owners – to ensure a majority and prevent one person from having full control. DAO teams can also create spending limits for wallet owners so that small purchases don’t require every owner of the wallet to sign. This will speed up operations.
Do not give your keys to strangers
For individuals using a wallet for their own funds, there is no need to have another person sign off on their transactions; but for those who are custodians of an organisation’s funds into which others have deposited money or when people depend on that money for their livelihood – for example wages – it is crucial. It would be not only foolhardy but immoral to hold the fate of an organization to a single point of failure.
Related: Wave’s founder: DAOs will never work without fixing governance
Some people think it’s a matter of forming a DAO or using a multi-signature wallet – as if the two are at opposite ends of a spectrum. But using multi-signature wallets actually reduces the risk of falling short of the group’s goals. Nor does it mean that Web3 projects and DAOs are trading decentralization for the ability to process a transaction with higher runtime. This is as decentralized as it gets. Someone has to sign, so it’s better to have a few people sign off on transactions. However, you can’t get everyone to sign either, as nothing will ever get done.
Setting up the wallet is the easy part – the challenge comes when considering how best to coordinate signatories without reverting to a system where the rich have bought themselves into power and now hold the keys. Have an annual rotating roundtable, where three to five DAO members take on a signatory role for a certain period of time. DAOs can even nominate new people every year so that it is not the same contributors every time.
Too many hands in the pot
With more people involved, there is of course a greater risk of coordination becoming a challenge. You need more people to opt out, and everyone can see everything. Some DAOs will prefer convenience and accept the risk that comes with it. Others are unwilling to compromise and will gladly jump through the extra hoops to secure their money. We even see DAOs using a “pod” or subDAO architecture where they create multiple multi-signature wallets for smaller teams, allowing them to operate more flexibly and speed up the process. Ultimately, it’s a question of what will make The DAO a more viable option: agile, centralized wallet management or increased security for your money? Time will tell.
Tahem Verma is the co-founder and CEO of Mesha, an all-in-one smart management tool for Web3 startups and DAOs. He previously founded the English learning app Enguru. He received his Bachelor of Arts from the University of Pennsylvania and an MBA from Cornell Tech.
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed herein are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.