Operational Security: Upskilling Your Online Safety Game | BanklessDAO Weekly Rollup
Discover more from Bankless Publishing
Operational Security: Upskilling Your Online Safety Game | BanklessDAO Weekly Rollup
Catch Up With What Happened This Week in BanklessDAO
Dear Bankless Nation 🏴,
We seldom realize the magnitude of what can be achieved when we work together towards a shared goal. The results often surprise and delight us. This sentiment was echoed by both Ryan and David in their opening remarks in this week’s Season 3 launch event on Twitter Spaces: BanklessDAO has surpassed their original expectations to become one of the strongest communities in Web3. Numerous successful projects, cross-regional sub-DAOs, an expanding family of publications, and a welcoming onboarding process are achievements we’re collectively proud of. It is said that people enter crypto for the gains but stay for the community—BanklessDAO is a prime example of that community.
In this week’s Rollup, we cover the community call highlights and look at the exciting things various guilds have been planning. Read on to find out where you can contribute.
As Ryan Sean Adams said, “You want alpha? Join BanklessDAO!”
Contributors: Cheetah, teeLEROO, theconfusedcoin, tigress, BorisSchickedanz.eth, d0wnlore, Thalia_M, siddhearta, hirokennelly.eth, Dippudo, Trewkat
This is the official newsletter of BanklessDAO. To unsubscribe, edit your settings.
🙏 Thanks to our sponsor:
🗓 Weekly Recap
BanklessDAO Weekly NFT Showcase 🔥
🧑🎨 Artist: Crypto Bushi & Sinjun
🏦 Auction Type: Open Edition
💰 Price: 0.028 ETH
Resident bDAO artists Crypto Bushi and Sinjun, along with clothing designer and all-around fashionista Kouros and footwear designer ARNLD, present RABBITHOLE.EXE....an animated short visualizing “the fall down the rabbit hole.” Part anti-corporate manifesto, part visual and audio feast, strap in and get ready for the most revealing 59 seconds in NFT history.
Community Highlights
🚀 Season 3 Twitter Spaces Launch Event
Remembering where we came from and understanding our future journey were recurring themes in this week’s community call. At the outset, Ryan and David acknowledged the success of BanklessDAO over the past season and noted that we are now an example for other DAOs in their infancy. As the adage goes, “With great power comes great responsibility.” We at BanklessDAO now have a responsibility to lead the ownership economy and become a model for DAO operations.
Opportunities abound for new members who are consistent and dedicated. ThePsychGuy related his experience in joining BanklessDAO: earning his way from a guest pass holder to a Level 2 contributor in just over 2 months.
Saying opportunities exist is one thing, proving it with data is another. The next presentation demonstrated the growth of the DAO through key metrics like engagement, governance, capital and community. We grew exponentially but also sustainably. Our Discord server expanded to 17,000 members and we generated $130,000 in profit!
Next we heard about some of the most successful and innovative projects of Season 2: DAO Dash, Bankless Consulting, DAOpunks, Bankless Mobile App, GMI, our beloved Degen bot, and media such as Decentralized Law and The Rug.
Last but not least, our goals for Season 3 were outlined. The focus for Season 3 will be on DAO organization and tuning our processes to function more efficiently.
What’s New
🧠 Crypto Sapiens Podcast: Hyype | Express Yourself
Today we talk with Supriyo, Founder and CEO of Hyype, the NFT social network that enables collectors and curators to connect stories to NFTs in their collections. We discuss providing a space tailored to the uniqueness of NFT communities, in addition to creating the culture, history and lore of the NFT universe.
✍️ BanklessDAO on Medium
Get Involved
🏔 DAODenver: The World’s Largest Gathering of DAOs
The Bankless family will be gaining altitude next month at ETHDenver and DAODenver, where multiple bDAO contributors are already on the speaking roster.
DAODenver is a two-day event presented by DAOists.xyz: held February 15 and 16 to coincide with ETHDenver’s BUIDL week.
Over ten thousand Ethereum and DAO enthusiasts are expected to descend on the Mile High City for these events.
Featured DAODenver speakers include: Rotorless🏴, Above Average Joe🏴, Jess Sloss (Seed Club), Juliette (Aragon, Surge Women), Griff Green (Giveth), Auryn MacMillan (Gnosis Guild), Ross Campbell (LexDAO), and Mark Lurie (Shipyard).
Temple Nightclub, arguably Denver’s best party venue, is DAODenver’s home for deep-dive DAO talks, panels, workshops, and networking opportunities by day, and cocktail hours and parties by night.
Tickets are on sale now at DAODenver.org with just a few early bird tickets remaining. Use the promo code BANKLESS20 to get an extra 20 percent off. (All event proceeds go towards the production of DAODenver, with any remaining funds used to establish the DAOists.xyz treasury in order to support our mission of furthering education on DAO principles and tools.)
🔥 DAO Heat: A Competition Featuring the Hottest Writing and Designs
DAO Heat is a BanklessDAO collaborative writing and design competition founded in the spirit of encouraging better inter-guild collaboration and movement. Each edition will have a specific theme and format picked out by the founders in collaboration with Writers and Design Guild members.
DAO Heat will be a two-stage contest:
Writing Competition: Using the theme and format of the edition, writers will submit pieces to be judged via a set of rounds. Three winning pieces will be chosen. The piece by the first prize winner will serve as the inspiration for the next stage.
Design Competition: Based on the winning written submission, designers will work their magic to produce design pieces. Again, following judging rounds, three winners will be chosen.
Prizes for both the competitions:
First Prize: 3000 BANK
Second Prize: 2000 BANK
Third Prize: 1000 BANK
Icing on the cake: The winning design will be converted into a set of 50 limited edition NFTs. The winning writer and designer will each receive 10% of the proceeds from the NFT sales.
DAO Heat will launch on the January 31, so get your creative juices flowing and stay tuned!
🥊 FC Edu Fireside Chat: How Can VentureDAOs Revolutionize VC?
Join our panel in the FC Dojo on Wednesday, January 26, 2022 11:00 AM PST. We will discuss how VentureDAOs can revolutionize venture capital. Our panel consists of exciting and seasoned speakers from the space, including:
TheJinKang: the Deal Lead with Global Coin Research
Medha: an investor with Komorebi
Pilkster: an Angel investor in Tech and an FC OG
The discussion and following Q&A will be moderated by Liza; the champion of the FC Edu webinar series and the co-founder of FTW DAO. POAPs will be distributed and will count towards completion of the FC Education track to becoming a Junior VC Analyst. For any questions on this session contact @fi_bo, @liza, or @kahuna.
Additionally, Fight Club is looking to gauge interest in their Genesis Fund. Please fill out this Tally form if you're interested in participating. Visit us in the #Fight-Club channel or go to our Notion page if you have questions!
🙏 Sponsor: Balancer.fi — Automated Portfolio Manager and Trading Platform.
Operational Security: On How Not To Be a Phish
Author: d0wnlore
Editor’s note: In light of the Discord phishing scams hitting the DAO this week, we are running this editorial on how to keep yourself and your frens safe. In addition to this guide, we’ll have a weekly “OpSec” column devoted to upskilling your safety game.
How to Spot a Scam
Scammers will pressure you or provide fake reassurance: time sensitivity, monetary gain, appearance of authority, or relief from pain. Take your time to understand the pros and cons of the offer given or action being requested.
Look for tell-tale signs of scams through URLs or usernames:
typos masked as similar characters (notion.so vs notlon.so, d0wnlore#1050 vs d0wn1ore#1050)
similar domains or handles (discord.com vs discord.com.co, d0wnlore#1050 vs d0wnlore#1060)
homograph attacks (aave.com vs ааve.com, the ‘а’ characters in the second domain are not Latin but Cyrillic and will take you to a different site, though Discord and modern browsers will make these mischaracterizations in URLs obvious)
Most apps will use only one or two domain names that closely match the brand name. As of the time of writing this piece Discord only uses three: discord.com, discord.gg and discord.gift. Be careful of URLs that try to appear as any of the listed.
Be your own last line of defense.
Strong passwords and 2FA will not protect your account if you introduce ways of bypassing them, such as using Discord's convenient QR code login method. This feature does not require a 2FA code and seems to be the main attack vector for Discord Nitro scams.
Store your passwords in a password manager that’s scoped to only the official website, such as discord.com. Always use that password manager’s autofill function so only the scoped website gets your credentials. Do not copy/paste credentials from there without 100% certainty (e.g. you downloaded the official Discord app from a trusted source and publisher.)
When using Discord in a browser, never paste and execute JavaScript code in your browser’s developer console. Do not screen share Discord with developer tools displayed. An exception could be where you are a Discord integration developer who knows what they are doing.
Was your account compromised?
Change your password immediately, preferably on a second device that was not used in opening the suspected bad link or downloading a potentially malicious file. Changing your Discord password signs you out on all other devices. But if your device has been compromised further, such as a keylogger being installed, then the attacker may know your new password. Hence you need to change your password on the most secure device you have.
Depending on your privileges on certain servers, alert the appropriate people so they can make announcements to their communities about possible spam messages/actions from you. Consider disabling any Discord integrations you may have access to through Server Settings, such as Webhooks, that can be further abused.
General Security Tips
See something? Say something! There are No Stupid Questions and everyone in the DAO plays a role in helping the DAO and each other remain secure.
Adopt a "Trust But Verify" mental model with your frens and DAO members. Trust that they mean well and are giving you correct information and safe links. However do your own due diligence and verify the trustworthiness of their content. See if any of the points from the Discord section raise red flags, as they may indicate that the other party’s account was compromised.
Get in the habit of keeping bookmarks of any apps and sites you use frequently, then only visit those sites using these bookmarks. Do not expect the first result on Google, DuckDuckGo, etc. to be authentic. If you are already in a community's Discord and have verified it is authentic, see if they have a trusted links channel and use those links to establish your bookmarks. Domain names are cheap and scammers are always looking for ways to get you to click their link instead of the legit one.
Consider compartmentalizing your crypto activity. Use a separate device, operating system user, browser or browser profile for such activity that you will not use for other, day-to-day tasks. Lockdown that compartment as much as possible by not installing software or extensions that are not needed and keeping them updated.
Wallet Security
Be extremely mindful of where you enter your seed phrase or private key. Your “natural default” should be to not enter it anywhere. This includes extensions such as MetaMask if you are not confident you have downloaded them from the official source and publisher, or if you feel it would be unsafe to do so (such as using a public device or one that you suspected has been compromised.)
Scrutinize token spending approvals. A common bait and switch scam is for malicious dApps to ask you to approve the spending of one token while you are lead to believe you are approving the spending of another token.
Revoke token spending approvals for any dApps or contracts you are not actively using, particularly for tokens you have a large quantity of. This can be done through blockchain explorers like Etherscan or portfolio dApps like DeBank (always verify you are using a widely trusted dApp when doing this.)
If you have been in crypto for a while you likely seen large quantities of valueless tokens appear in your wallet. Ignore them and do not interact with them. These tokens usually lead curious users to a dApp that will either trick them into approving spending of an unintended token, as mentioned before. or prompt the user to sell the token but with an abnormally large gas fee. This transaction will fail and eat up the gas fee anyway.
❤️ Contributor Care
Authors: tigress, borisSchickedanz.eth
BanklessDAO attracts great and diverse talent into a self-governed system. This creates a flexible and synergistic space which enables our members to develop and realize amazing ideas. Many of these ideas would not have emerged in traditional environments.
However, this often fast-changing and “ad-hoc” environment is intense. It puts extra stress on our mental, emotional, spiritual and physical health, making burnout a real problem.
We as a DAO therefore place a high priority on our members’ health at all levels—only healthy members can create and hold a fruitful space for world-changing ideas to emerge and grow.
Therefore we created the “Readiness” program:
How do you arrive at your keyboard everyday while being on the journey headed west?
Do you feel wired? Or tired?
Is there a sense of preparedness, alertness, and awareness on your mind? Or is there fog, dullness, and maybe even a sense of exhaustion?
Readiness is the score you give yourself for being ready for the day and aware of your needs and wants! It’s a self-assessed measurement of your creative powers, physical wellbeing, and mental as well as emotional debt. It’s here to support your growth within the “real” ecosystem.
Yes...okay, but why should I care?
DAOlife is not only about learning how to inhabit our freedom, but also to cultivate that readiness to be able to respond and engage with the intensity of the journey. - siddhearta
The moment you realize that your reactions and habits have become unconscious it’s time to pause.
Slow down. Breath in. Breath out.
This is the moment to check-in with your readiness. For example, you could ask yourself:
Why did I come here in the first place?
What was my intention? Learning? Earning? Building? Leading? Contributing?
What was I yearning for?
Now, once you have identified that goal, it’s up to you to self-reflect and build a system that works. A system that works for you (not against you) in the long run. A system that empowers and supports you in a sustainable way.
Because as human beings, we are not designed to run constantly all day long at high-speed. Computers and machines are built for this purpose. - tigress
We need to build a system that helps us grow as human beings and helps us evolve as a community. Therefore, within the next few weeks we’ll provide useful insights and mindsets as well as proven habits, routines, and inner tools to increase your readiness.
We’ll also be sharing ideas on how to create shared rituals within the guilds and community to strengthen the sense of connection. Additionally we want explore how to use the current tools and tech stack with greater self-awareness and make using them more brain-friendly.
The program will conclude in how to scale the Readiness system and culture from the individual contributor to the DAO-wide level.
Note: @tigress and @BorisSchickedanz.eth moderate the mental-health-channel, available to L1s and above.
Disclaimer: All the information in the Readiness section is for inspirational, informational, and educational purposes only. The information here is not intended as being a substitute for professional medical advice. If you are encountering troubles, make sure to reach out to a qualified professional.
🏛 Governance
Snapshot Proposals
🤝 BanklessDAO/Balancer DAO Collaboration
Balancer DAO offers to sponsor one BanklessDAO newsletter for the entire 2022 in exchange for a strong economic incentive in BAL for the BANK/WETH pool on Polygon.
Moreover, Balancer is interested in awarding a grant to BanklessDAO for obtaining media coverage concerning its DAO and the aforementioned BANK/WETH liquidity pool on Polygon.
👷♂️ Governance Solutions Engineer Program and Governance Solutions Engineer Elections
These Snapshot proposals are still active for some time so cast your vote! We need your votes to ensure we reach the necessary quorum to enact the GSE Program!
Proposals in Discussion
🤝 Sponsorship Project Proposal
The Sponsorship Project was undertaken to create tools to efficiently manage sponsorships for our newsletters, podcasts and international media nodes. The team has produced tools and resources such as a media kit, a sponsorship guide and a product menu. Through this proposal, the team is requesting a one time payment of 50,000 BANK for their efforts.
📰 Project Updates Newsletter, Part of CC Revamp Draft 2
The CC revamp details the requirement for a newsletter that covers project updates within BanklessDAO. As per the proposal, project leads will be required to give certain information about their projects on a google form for better coverage. It also details the roles required to publish the newsletter and the financial ask for it.
🎙 Legal Guild Podcast Series: Pilot Project Funding Request
Audio is the most accessible way to consume content. In light of this, the proposal details a podcast series with each episode focusing on succinctly addressing one particular DAO/crypto related issue through an interview with an expert. It aims to cover the issues faced by archaic regulatory regimes in relation to the new crypto ecosystem. The proposal seeks to monetize the podcast through sponsorships from law firms and other professional service organizations.
💪 Project Lifecycle Management Working Group 2.0
Projects are the lifeblood of BanklessDAO and they might struggle to address challenges that arise due to the lack of tools. This is aggravated by the low visibility that BANK holders have over the kind of challenges that projects may face. The Project Lifecycle Management Team intends to address these issues by offering retrospectives. Having aided 5 projects in Season 2, they also intend to create a database for project management best practices.
🌉 Content Gateway Season 3: Extended Budget Request
Content Gateway proposes a budget extension to fund team restructuring, a reformed project collaboration framework and the execution of a new market strategy. The new roadmap is a continuation of their work in evolving projects and reducing dependence on the founding team. The proposal details the financial ask, fund governance and responsibility and contributor incentives through milestones.
✅ Action Items
🚨 Vote on Governance Solutions Engineer Program and Governance Solutions Engineer Elections and the BanklessDAO/Balancer DAO Collaboration.
🎙 2FA: Enable two-factor authentication for your Discord by following the steps here.
❤️ Follow us on Telegram.
🏃♀️ Catch up: Review this week's community call notes or listen to the recording.
💝 Take time to reflect on your mental readiness each day.
🙏 Thanks to our sponsor
Balancer
Balancer is a flexible and versatile Automated Market Maker that enables efficient trading and the exchange of any combination of ERC-20 tokens permissionlessly.
Balancer also turns the concept of an Index Fund on its head: instead of paying fees to Portfolio Managers, you can now collect fees from traders who rebalance your portfolio by following arbitrage opportunities.
The Balancer Protocol is a core building block of DeFi infrastructure—a unique financial primitive and development platform.
Try us now:
