Lido DAO ops multisigs policy

Motivation

Day-to-day DAO operations require significant flexibility & safety at the same time. To some extent and use-cases gnosis multisig wallets provide for both and are used widely across different parts of Lido DAO operations. The proposal outlines general rules under which those multisig wallets will be used in operations. Lido DAO can also promote and encourage this policy adoption by other cooperating 3rd parties.

General rules

Generally, every multisig under Lido DAO ops workstream should have (please see Special cases for exceptions or additional rules set):

1. At least 3 signers.
2. At least 50%+ threshold.
3. For multisigs holding $1m+ — at least 7 signers.
4. For multisigs holding rights and roles — at least 3/5 setup.
5. Multisigs holding funds should set Lido Agent contract 3 as beneficiary 1 with unlimited allowance on tokens the wallet is funded with.

Public process

Multisig use, while being highly flexible, requires transparency for DAO members & general public.

1. Every multisig should have a research.lido.fi 2 forum post with stated purpose & “operating rules” of the wallet, along with the 1) address; 2) list of signer addresses.
2. Address of the multisig must be listed in https://docs.lido.fi/deployed-contracts/#lido-dao-multisigs 4 section.
3. Signers “apply” by sharing the proof of the address ownership 4 in the forum post’s comments.
4. Any changes in signers list must be announced in the “multisig forum post” along with another proof of address. Unless it is explicitly specified that signers are fixed, the multisig signers can be rotated, but track record must be made publicly available.
5. Emergency brake multisigs 7 and LEGO multisig 7 signers list can be changed only after DAO snapshot.
6. No change in multisig signers should 1) lower the absolute number of signers below DAO-vetted one; 2) lower the signing threshold. If this is required, those changes must be passed through the Lido DAO Snapshot vote 2.

Special cases

1. Any LEGO wallet changes are to be approved by the DAO through Snapshot vote.
2. Any Emergency Multisigs 7 changes are to be approved by the DAO through the Snapshot vote (last Emergency Multisigs update could be found on the forum 1).
3. Unless it’s mentioned explicitly, multisigs managed by Lido-on-X (non-Ethereum Lido protocols) teams aren’t subject to this policy.
4. Lido DAO contributors can employ specific ad-hoc multisigs for operations. In case of not holding any rights and roles and not being funded by the DAO directly such “convenience wallets” need not conform to the above process. The main use-case for such wallets are “gas fund” for dev & ops teams.