Risks Each DAO role is designed to mitigate (see TIP-103)

General
1

This document outlines the risks the roles recommended in TIP-103 are designed to mitigate. The restructure workgroup believes these part-time contractor roles with the weekly hours noted in TIP-103 are the minimum needed to mitigate risks to the protocol, tBTC and the DAO (token holders).

Role: Tech support & Discord management

Victor started contracting with the DAO July 2022, with the proposal **CP-004 Threshold Support Moderator Proposal.** This proposal was approved as a contracting role under the TIG management that later evolved to a fully-fledged DAO contributor overseen by the TTG.

Function: Tech Support

Risks without this function (or not done correctly):

  • User experience suffers when encountering an issue
  • Potential network impact due to node issues that operator cannot resolve alone

Work streams:

  • Managing support requests and resolving problems efficiently as well as expediently. Determine when a support request requires dev resources and escalate quickly to ensure user experience is not further impacted by the issue at hand
  • Resolve application issues during and after install, usually related to configuration issues, Diagnose issues and determine how to best resolve the issue at hand. Restoring nodes to operational status to minimize potential network impact due to operator downtime

Function: Discord Management

Risks without this function (or not done correctly):

  • Discord becoming overrun with scammers
  • Discord cluttered and not well organized/difficult to navigate
  • Participants lack proper permissions/or user access policies don’t follow PoLP

Work streams:

  • Comb through Discord and remove harmful and spam messages to ensure people that need help are heard and reasonable efforts are made to prevent users from being scammed. Connect folks that come into the server with the relevant individual(s) at Threshold.
  • Manage and maintain bots, in particular Hal9000 and Sapphire, and update their rules to effectively manage spam and manage disruptive/malicious actors. Create new channels as needed, maintain onboarding flow and secure server from bot raids
  • Build and maintain Discord onboarding flow (still a work in progress) - designed to tailor channels to user’s needs to ensure they get access to the resources they need
  • Reevaluate roles and channel permissions to ensure appropriate access is granted where appropriate (e.g. TG guests), and removed where not needed (Principle of Least Privilege)

Function: Optimistic Minter/Relayer bot/etc Monitoring

Risks without this function (or not done correctly):

  • tBTC minting will slow to a crawl if optimistic minters aren’t funded
  • tBTC redemptions stall if certain contracts aren’t funded
  • tBTC cross-chain minting stalls if relayer bot runs out of ETH

Work streams:

  • Monitor optimistic minter balances via Nagios plugin which will push an alert if a balance drops below 0.15/0.20 ETH
  • Review contracts needing to be topped off every few days and make necessary adjustments via treasury multisig transactions

Function: Manage/Liaise/Support Beta-Staker Expansion Program

Risks without this function (or not done correctly):

  • Communication breakdown with beta-stakers affecting availability
  • Node downtime if support requests are not addressed

Work streams:

  • Maintain communication channels with beta staker providers to ensure rapid communication capabilities in the event of problems
  • Inform participants of updates when they are released and track update/upgrade completion status
  • Track node uptime using custom Nagios plugin and alert beta staker to up-time issues
  • Diagnose beta staker related issues (generally these are issues related to misconfigured network settings)

Role: POL & treasury operations

East started contracting with the DAO in 2023, with the proposal **TIP 55: Contractor role for POL Operations Coordinator.** This proposal was voted via Snapshot and approved August 2023. Since then, East has been performing his functions as a DAO contractor under the oversight of TTG.

Coordinate Treasury Management with several goals:

  • Build and preserve a resilient DAO treasury
  • Ensure DAO-wide runway, liquidity and revenue
  • Well-run and optimized operation

Risks of not doing these tasks below:

  • out of control treasury depletion
  • no support for tBTC business development
  • no expense gets paid
  • no control over DAO assets, risking huge losses.
  • chaotic treasury, transactions and multisig management
  • T would be lower

Resilient treasury:

How ? By continued efforts into building value and preserving capital :

Examples:

  • Bond program, diversifying T into tBTC
  • thUSD program, use thUSD for expenses with tBTC as collateral
  • OTC transactions (ETH and CRV)

Results:

  1. From a pure T treasury back in 2022 we’re now 44% in other assets .

  2. stopped using only T for expenses, replacing most with thUSD, reducing a considerable selling pressure.

  3. If we reexpress all the DAO’s treasury in terms of T, we would have 917m of T.

This means only 8% less than the 1 billion T the DAO started with 3+ years ago in January 2022.

Revenue generation:

  • POL invested the right way provides means for revenue, by deploying liquidity and earning fees and rewards.
  • this hasn’t been an primary goal since the launch of tBTC, since we shifted focus to provide liquidity as seed capital for every pool that was launched.
  • Bridge fees management

Runway - emergency funds:

  • by maintaining a healthy and diversified treasury the DAO can always count on having a emergency funds at hand to continue its operations as a tBTC enabler.

Liquidity foothold:

  • Drive value to T and tBTC by keeping healthy liquidity in pools

Operational tasks executed by this role:

  • keep treasury overview and composition updated
  • keep track of expenses, budget and executed transactions and it’s impact on assets
  • plan upcoming transactions, execute required steps :
  • expenses (with T, thUSD, stables or others)
  • asset availability for payroll (T or thUSD)
  • seed tBTC to different protocols or pools and chains (Synonym, Gearbox, WBTC party, Ajna, Aerodrome and Curve cbBTC, Bob thUSD, Arrakis, Symbiotic, GMX)
  • rewards from POL (claim, transfer, swap and/or vote lock)
  • reimbursement, top-ups:
  • keep knowledge about contracts, assets and transaction for a smooth operation
  • keep relationship, operation and updates with all the treasury providers (e.g. Aera, Flowdesk, Sense)
  • bring issues and subjects up for discussion and decision-making in the TTG
  • research new ways to manage, deploy capital or simplify operations
  • analyze market conditions and propose changes to the DAO assets (sell, buy, swap, debts, repayments, diversifications, hold, etc)
  • taking care of occasional events (e.g. tBTCv1 & VendingMaching transactions or ARB Grant planning and execution)

Role: Project Manager

Luna5 started working as a contractor for the DAO in 2022 with the proposal **CP-003 Application for DAO Project Manager.** This was voted via Snapshot and approved June 2022. Since its inception, the role has experimented variations and changes to the workstreams, adapting to the new scenarios of the DAO. We only describe below those that will be relevant in the new Threshold 2.0 structure.

Function: Bug Bounty Program Manager & triager

Risks without this function (or not done correctly):

  • Risk of bug bounty program not covering a critical vulnerability and getting exploited.
    1. BBP contracts can be outdated, risking essential assets not being protected by the program.
    2. By not fulfilling our contracted compromises of SLA and communications with whitehats and Immunefi, our contracts with the platform can be rescinded and we can loose the protection of such programs.
    3. Any deviation of the contractual obligations in payments, can rescind our contract with Immunefi platform.
    4. Any misconduct around reviews, payments or code of conduct with Immunefi can erase our legacy bug bounty agreement with Immunefi, and force us to move to the new Immunefi fee model, that has a high yearly cost (~$50k per program per year).

Work streams:

  1. Keep bug bounty programs agreements up to date, improve our programs as needed (either by Immunefi request or due to internal needs), review and monitor program pages and ensure the information is correct and coherent in both. Maintain an open communication with bug bounty program providers and ensure there’s bi-directional communication about issues and improvements needed.
  2. Triage reports, calling dedicated reviewers to each bug report, reminding of SLAs and making sure the reports are correctly reviewed in time, or delays properly communicated to whitehats, as contractually obligated.
  3. Oversee payment of bug reports that qualify for them, ensuring the corresponding committee queues and executes the payment correctly, within the contractually outlined time, including the payments for Immunefi. This also includes the communication of such payment to whitehats and Immunefi finances team.

Function: Governance Manager

Risks without this function (or not done correctly):

  • DB proposals can get outdated, making the proposals in our organization to collide in codes, record of results would be lost, and the governance structure would be chaotic.
  • Lost of transparency or chaotic performance of governed bodies risk DAO governance reputation, therefore there is a risk to DAO products image, reputation and trust.
  • Unstructured processes, guidelines and rules risk introducing vulnerabilities into our systems, finances management and risk introducing malicious behaviours in our governing bodies. There is a risk of sensitive information disclosure, bad management of assets, and further security breaches.
  • Risk of staled proposals at different levels in the governance pipeline, risk of onchain proposals not being executed timely. Risk of proposals being malformed and splitting votes.
  • Risk of malicious proposals being executed onchain unadvertised and inadvertently.
  • Risk of malformed and undocumented updates to the DAO products.

Work streams:

  • Maintain the proposals DB keeping track of our governance history
  • Manage DAO elections, according to rules and processes for governance of the DAO previously approved. The elections need to be called through the forum, discord and socials. The elections need to be called in accordance with a clearly established timeline, a regular cadence and concrete structure to allow for clarity and transparency. Requirements for the elections and for elected members need to be clearly stated and follow up of compliance is needed to ensure there is a good working structure for the elected bodies. Transitions, onboarding and offboarding of members need to be handled correctly and within a determined period of time.
  • DAO processes and rules need to be clearly stated, and available in our documents, they need to be up to date and cover the guiding principles to work in our community. This, also applies to our guidelines and good practices. Some of these documents need to be kept locked and protected for security reasons, disclosed only as a need-to-know basis.
  • DAO proposals need to follow a structure for clarity and traceability. These proposals need to follow a standardized governance pipeline, where voting periods, method of vote and requirements for the proposal need to be coherent with our rules and guidelines. The proposals need to be well formed, to ensure the votes correctly represent the options outlined for the tokenholders to be voted. For proposals that need on-chain voting, there is an additional need to oversee and make sure the proposal is well formed, queued and executed following the correct timeline.
  • Monitor the DAO contracts to alert the council about malicious proposals in need of veto.
  • Verify updates to our products via council.

Function: Reporting and docs management

Risks without this function (or not done correctly):

  • Risk of losing accountability of reporting governed bodies.
  • Risk of losing valuable lessons learned and expertise acquired the past years.
  • Risk of losing accountability of contractors.
  • Risk of having inefficient and disorganized documents and working infrastructure for DAO contributors to work on them.
  • Risk information loss, failure to comply with contracts and obligations with entities and providers due to interface loss with them.

Work streams:

  • Maintain a DAO governed bodies reporting infrastructure, sending reminders to said bodies to monthly report. Keep track of reports and contributions for accountability and transparency.
  • Maintain a working infrastructure for the DAO bodies needs, where information is clearly organized and up to date.
  • Maintain a DAO contractors reporting infrastructure, sending reminders to contractors for monthly reports. Keep track of reports and contributions for accountability and transparency.
  • Liase with contracted entities to receive reports and unblock development. These reports are received and transferred to the reference bodies within the DAO. This role would also take on the oversight of reports of any contracted entity such as tLabs.
  • Maintain documentation available for the relevant bodies about lessons learned on different matters.
  • Maintain DAO process docs updated and reachable by relevant stakeholders.
  • Contribute to threshold docs with relevant information on governance and DAO matters. Improvement of documentation on different products and systems. Reviewer of docs as needed.

Role: DAO communications/engagement/education

Ashley (aka MrsNu) has been contributing to the DAO since the merger, her position of marketing lead became official with the proposal TIP 50: Contractor role for a DAO Marketing Lead, voted May 2023.

We now present the role Risk Summary for Threshold Communications, Engagement & Education.

Function: DAO Communications

Risks without this function (or not done correctly):

  • Loss of Visibility and Brand Awareness: Without blogs, newsletters, and social posts, Threshold risks losing relevance and visibility within the broader crypto ecosystem. This directly impacts the DAO’s ability to attract new product users.
  • Disorganized or Inconsistent Messaging: Without clear, coordinated announcements and updates, community members and partners may be confused, damaging trust and credibility.
  • Missed Opportunities for Ecosystem Growth: Poorly managed announcements or lack of coordination with partners can cause missed opportunities for cross-promotion and ecosystem expansion.
  • Community Frustration and Attrition: If important updates are not properly communicated then the community may become disengaged or leave.

Work streams:

  • Content Creation: Newsletters, blogs, social media posts, and educational content.
  • Community Calls: Coordinate and host regular community calls to provide updates and foster discussions.
  • Announcements: Manage important communications across channels, ensuring clarity and alignment.

Function: Community Engagement

Risks without this function (or not done correctly):

  • Governance Participation Decline: Without active engagement on Discord, forums, and X, fewer token holders will participate in critical DAO votes, weakening decentralization and governance legitimacy.
  • Fragmentation of Community: Without a strong presence on social platforms and regular interactions, the community may become fragmented, reducing collaboration and support.
  • Loss of Influence in Key Ecosystems: Failure to engage with other DeFi communities (e.g., Aave, Curve) may cause Threshold to lose visibility and partnerships within the broader DeFi ecosystem.
  • Increased FUD (Fear, Uncertainty, Doubt): Without active moderation and engagement, misinformation and rumors could spread, harming Threshold’s reputation.

Work streams:

  • Platform Engagement: Active participation and moderation on Discord, Forum, X, CoinMarketCap Community, and Telegram.
  • Governance Participation: Drive participation in proposal discussions and voting through reminders and explainer content.
  • Cross-Community Engagement: Engage with other DeFi communities (e.g., Curve Telegram, Aave Discord) to foster partnerships, help new users and amplify Threshold’s presence.

Function: Education

Risks without this function (or not done correctly):

  • Lower Product Adoption: Without clear, educational materials, users may struggle to understand Threshold products (e.g., tBTC, TACo, thUSD), leading to low usage and adoption.
  • Increased Support Load and Contributor Confusion: Without a maintained FAQ or consistent responses to questions, the same issues will be repeatedly raised, creating inefficiencies and frustration among contributors.
  • Lost Opportunities for Growth: Without turning events (e.g., podcasts, Spaces) into social and video content, Threshold misses valuable opportunities to reach new audiences and increase visibility.
  • Erosion of Trust: Inconsistent or unclear answers to questions about Threshold products or governance may confuse users, causing doubt and disengagement.

Work streams:

  • Educational Materials: Develop videos, blogs, infographics, and other resources explaining Threshold products and concepts.
  • Content Repurposing: Turn events, podcasts, and Spaces into shareable social and video content.
  • Knowledge Management: Maintain a clear, up-to-date FAQ database to ensure contributors provide consistent, accurate responses to community questions.
  • Review and suggest changes to documentation as needed to enhance the user experience.

Contributor: John Packel**

John has been a very active and valuable contributor to the DAO since mid-2022. He has taken on projects related to treasury, legal and regulatory, and has been compensated under the oversight of both TMG and TTG for his work.

Function: liason/alignment between T governance and Threshold Foundation

** no dedicated role in restructure proposal; remaining work with counsel to update bylaws reflecting Threshold governance can be completed on a project basis, then ongoing coordination can be split between two Threshold Committee member roles.

Risks without this function (or not done correctly):

  1. putting the DAO, its assets and products (and potentially token holders) in legal jeopardy of seizure, shut down, liability.
  2. risk of penalties for non-compliance w/ laws in various jurisdictions, tax or other avoidable liabilities.
  3. quality contributors may avoid/reduce their involvement (owing to personal risks outweighing benefits); need to shield Labs properly.

Work streams:

  1. share counsel’s legal & regulatory recommendations w/ stakeholders, help determine any actions, mitigation.
  2. ensure that counsel understands major TIPs so they can create resolutions reflecting them (and enable director to sign).
  3. understand governance process and TIP detail; drive alignment on key issues & communicate for transparency > add this to Luna’s governance role?
  4. Monitor TRM screening results daily, discuss w/ Victor & Evandro as needed then share/discuss issues w/ stakeholders > Victor take over whole function?
  5. Cayman & BVI legal filing/accounting preparation: this will be greater going forward > move it to Wuji?

Function: TTG member, secretary + additional work

Risks without this function (or not done correctly):

  1. reduced advisory benefits to DAO, tokenholders, Council - from misalignment or lack of clear decisions.
  2. similar legal/governance risks in liason function above.

Work streams:

  1. prioritize & prepare meeting agendas, capture notes, post takeaways; tasks like queuing complex Gov Bravo tx.
  2. administer contracts (review/alignment, liaison) & invoices; source & manage crypto to fiat provider (to pay legal) > move this to Wuji or Wai?
  3. input to significant process updates (e.g., governance, reward calc & tx queue process).
  4. identify, propose and help execute documentation of decisions & actions (for clarity later, foundation/legal requirements, etc.)