Shaping Season 4 | BanklessDAO Weekly Rollup
Dear Bankless Nation 🏴,
For the last year, BanklessDAO has been drafting the blueprint for the way a large organization can operate as a DAO. While we have yet to finalize the design, we're a lot closer to understanding how the machine operates.
During Season 3, BanklessDAO made great progress towards its goal of empowering people and projects. We built an Academy, launched Web3’s first consulting firm, got DEGEN out of jail, maybe for good, and thanks to the IMN project, our work can now be translated into 22 languages. And let’s not forget we regularly launch NFT collections and, just this month, we spun out a venture capital firm — hello Fight Club! Ssshhh.
Our DAO-wide Coordinape gets underway today, so remember to GIVE — and don’t be afraid to send a note with your allocation. Make sure to read Jake and Stake’s editorial on the Season 4 specification proposal to get the lay of the land. And remember, we have a gap week to wind down and chill out for these next seven days. Unless you are a project lead working on budgets and seasonal planning, take the time and recharge. Even if you’re a lead, take some time! But no matter what, lean back, catch a few words, and we’ll see you for a short Rollup next week. Miss you already.
Contributors: theconfusedcoin, AustinFoss, Yofi, Jake and Stake Trewkat, d0wnlore, siddhearta, hirokennelly.eth, Dippudo
This is the official newsletter of BanklessDAO. To unsubscribe, edit your settings.
🗓 Weekly Recap
BanklessDAO Weekly NFT Showcase 🔥
🧑🎨 Artist: Cy00t
🏦 Auction Type: Limited Open Edition
💰 Price: 0.025 ETH
#1: DAOies
Explore a collection of 50 images inspired by BanklessDAO’s guilds and members.
Community Highlights
🧥 MetaFactory Merch
Hello Merch Team! The Bankless Box "Logo" Tee. Just look at it in all of its soft, durable glory.
As always, this high-quality garment will last for years. Whatcha waiting for peeps? Click or tap and get yours now.
🧠 Crypto Sapiens Podcast
Crypto Sapiens is on a two-week break, retooling to increase the impact of the conversations they host with Web3 pioneers.
They are creating two new weekly series on Twitter Spaces with new hosts :
Diversity, Equity, and Inclusion
Web3 identity
LFG.
🇳🇱 Announcing Bankless Amsterdam
Are you headed to the Devcon/ETH Amsterdam hackathon?
The team wants to invite you to join the Bankless Netherlands Telegram, because there's one more thing to love other than the thrill of new Web 3 developments: meeting like-minded BanklessDAO contributors who share the same enthusiasm!
The team will be posting about meetup times, locations, and other fun stuff.
Join group here.
What’s New
🎙️Bankless Africa Podcast Launched
Bankless Africa launched the first episode of their new podcast this week!
🎧 Bounty Hunter Is Now Live!
Bounty Hunter is a show about what it’s like to work in Web3 and DAOs.
✍️ Bankless Publishing on Medium
💰 Grants Committee Proposal Best Practices
Creating a proposal is hard. But it doesn’t have to be! Here are three quick tips from our Grants Committee that will help improve your proposals, and get them signed off faster:
A brief summary of the project - When building a proposal, always start with a summary of what the project will achieve. This helps keep everyone on the same page when going through the details.
Don't ask for more than is in the proposal - It's best to stick with what is in the proposal.
Flex KPI goals - KPIs are great because they allow us to measure our success. They also let us know if we need to adjust our strategy for maximum impact. Don’t be afraid of destination, augmentation.
🌐 The International Media Node is Growing Fast
In the month of March, the total audience of the IMN project grew by 17.5%, to over 35,000 members. With the addition of three language nodes, Arabic, Dutch, and Bengali, the total number of active language nodes now stands at 22. The team also surpassed their external revenue goal of 10,000 USD in Season 3!
🏦 Two New Fuse Pools Launched on Rari Capital
Two new fuse pools, the GMI Hot Tub and the Bank Vault, were launched this week. The GMI Hot Tub pool will allow you to use tokens within the GMI Index as collateral to borrow stablecoins within GMI. The Bank Vault creates the foundation for the DAO Treasury Fuse model conceived by @delitzer. Together, the pools will improve capital efficiency and help DAO members borrow against their holdings.
💳 BanklessCard: The Card for DAOs, Built by BanklessDAO
What if you could earn cash back in your DAO’s native token, while increasing the value of that token? What if you could use a single card, built and serviced by a DAO, as an on-ramp and off-ramp between your crypto life and the fiat world? BanklessCard aims to do all this and more. Please fill in this feedback form to help formalize this proposal. The team is also looking for contributors, so reach out to links if you want to help!
Get Involved
💰Coordinape Allocation Is Live!
The allocation phase of the April Coordinape round starts today! At 2:30pm UTC, you can head over to Coordinape, select your circles, and GIVE to folks who have been contributing and spreading good vibes throughout the DAO during this past month.
Here's the timeline: Starts: 2:30pm UTC on April 8. Ends: 2:30pm UTC on April 12
🧐 Mind the Gap Week
A message from Tomahawk and the Writers Guild. Take some time for yourself. Go outside. Breath. Mind the Gap Week.
🙏 Sponsor: CitaDAO - Marketplace for Tokenized Real Estate
Shaping Season 4
Author: Jake and Stake
As Season 3 draws to a close, it’s time to renew and refresh as we move into Season 4.
The first draft of the Season 4 Specification can be found on Forum, with a full version linked in a document and a second draft to be released on April 21, 2022. This gives us the perfect opportunity to discuss what changes we’d like to see, as we have several items to discuss with respect to how the DAO is shaped.
How should projects be kept accountable and measured? How should we reward our contributors? Should we change our membership threshold? How will that affect the BANK price? Let’s dig into it.
Membership Threshold
There have been discussions about whether or not to change the membership threshold. Should we increase, reduce, or maintain the current threshold of 35,000 BANK?
If we increase the membership threshold requirements, there may be reduced selling pressure as members that want to be Level 1 will be required to hold a higher amount. On the other hand, this may be a barrier to entry for newer participants. If they feel as if the higher threshold is too much to overcome, they may simply work and continue to sell the tokens that they earn.
If we reduce the BANK threshold, we may attract more contributors. These members won’t need to be issued guest passes and sale pressure may be reduced because new bDAO members will continue to enter the DAO and hold.
The BANK token price is at 0.02676 USD at the time of writing, so the cost of becoming a new member is the lowest it’s been since BanklessDAO’s inception. In effect this has lowered the financial threshold to become a member while maintaining the required BANK figure.
In the long term, the best approach will depend on what the DAO decides is the most appropriate way to execute the agreed vision. In general, selling a token causes the value of that token to drop. Some members feel that fewer members holding more BANK will mean more loyalty to the token and reduced selling. This is often referred to as having ‘skin in the game’. Others believe that maintaining a steady flow of new contributors balances the workload for members, while also ensuring that BANK is distributed widely and that new projects can be resourced easily.
It’s also true to say that the membership threshold is not the sole driver of sell pressure on BANK. The DAO must continue to introduce utility and governance power for the token in order to drive up its non-financial value.
Season Length
How long should seasons be? Should we increase them to help projects keep focus, decrease them to help projects adjust course, or keep them the same? Right now, seasons are three months long. The current season length aligns with DeFi protocols and financial quarters, and shorter seasons give teams more opportunities to re-evaluate goals, assess their current progress, and plan or pivot into the future.
Still, longer seasons require long-term planning, and hopefully, ambitious roadmaps. Project contributors and creators could spend less time on budgeting and spend more time providing value. Value that will be important for us to bank on in the future.
Season Budget
The DAO treasury currently holds 182M BANK, with an additional 33M expected to vest during Season 4. Here’s what the seasonal budget was over the last three seasons (guilds & projects):
Season 1: 11M BANK
Season 2: 20.5M BANK
Season 3: 30M BANK
Should we increase, decrease, or maintain the same budget for Season 4?
According to the Genesis proposal implemented via the first Snapshot vote:
“[...] the community treasury [was] left with 5% of the total supply plus the first month’s vesting distribution in liquid BANK. This fund should act as an initial bootstrapping mechanism for the DAO while the remaining 40% allocation unlocks over the next 3 years.”
While the treasury will increase through the vesting schedule over the next two years or so (at the rate of ~11M BANK per month), there is a finite supply of BANK. This is usually referred to as the DAO’s ‘runway’ — the amount of time we have remaining before the vested supply of ‘new’ BANK runs out.
By the time that happens, the DAO will need to have put in place the ongoing revenue streams and robust utility for BANK in order to ensure contributor incentives can continue to exist.
Project Funding
As a result, we’re changing the way projects are funded. In the past, some projects were constrained by their allocated budgets. With the new funding framework, we plan to disburse more funds, based more accurately on project needs. The Grants Committee will continue to review requests for funds based on each project’s past performance and previous capital allocation. Projects should only ask for what is necessary. In a bear market, everyone has to do more with less and the last thing BanklessDAO wants is groups making a “BANK run” on our treasury, shortening the DAO’s runway.
One compromise is to introduce a flexible funding framework that increases transparency around project progression and metrics. In this respect, projects get what they need as long as they can share this information and maintain transparency. Transparency is a defining characteristic of blockchains and important for creating trust within an organization. There’s some hesitation to introduce KPIs as a way to measure projects too early in their life, but receiving last-minute funding from the DAO will require some kind of metric to assess the value created.
That said, should we implement KPIs, milestones, and reporting for all projects? In some cases, we might not see the fruits of our hard work until much later in the project’s life and in other cases, KPIs that may have been—or thought to have been—important in the past are no longer relevant today. One option is for us to require these measures from projects that are awarded over 100,000 BANK. Given that they are being trusted with a large amount of funds, transparency is even more important and ill-defined projects, without some kind of traction, are unlikely to receive funding.
What hasn’t been discussed to date is how to maintain the transparency and accountability of the Grants Committee. Currently, meetings are not recorded and it’s unclear what “success” for the Grants Committee really means. links, an incoming member of the Grants Committee, was kind enough to comment:
“There are only two DAO-wide groups that have the authority to hold guilds and projects accountable – the Treasury Multisig and the Grants Committee. I’m a believer that we should always start with ourselves, so if we want more accountability for guilds and projects at BanklessDAO, we should start by creating more accountability for the Grants Committee.
What is our purpose? What are our KPIs and milestones? If we can answer these questions, we’ll not only provide a positive example for our projects and guilds, but also make it easier to make funding decisions.”
Funding, Funding, Funding
Grants Committee Funding
Most projects that have been funded for Season 3 will qualify for Season 4 funding. In total, the Grants Committee has spent 45% of its budget for Season 3. Should we increase, decrease, or maintain the current Grants Committee Funding (7M BANK)?
Guild Funding
In Season 3, the treasury distributed 8M BANK to the 13 guilds in Bankless DAO. You can get a full breakdown of the funding distribution here.
Project Funding
Season 3 distributed 11M BANK to the 17 projects in Bankless DAO. This funding does not include projects funded through the Grants Committee. You can get a full breakdown of the funding distribution here.
Should we change the amount of funding guilds and projects receive? If so, should it be flexible funding as outlined above?
Contributor Rewards
Season 2 expanded the Coordinape Contributor Rewards to monthly rounds for Level 2 Contributors, Level 1 members, and recently, Guest Pass holders. In total, 3.5M BANK was distributed via this method. Season 3 increased contributor rewards further, with 4M BANK distributed via the monthly rounds. How should we think about local compensation? Should we keep this the same, increase, or decrease it?
Should we continue to remunerate contributors monthly via Coordinape rounds or should we do so at a different frequency?
Hourly Compensation Guideline
Further, there have been problems with how to measure contributor compensation. Since the DAO’s inception, the guideline for a contributor rate has been 1,000 BANK per hour. This value fluctuates based on the price of BANK. In bear markets the value is low and in bull markets working for bDAO is quite lucrative (if measured in equivalent fiat). Remember that due to the fluctuation of BANK, we would be paying contributors anywhere between $26 per hour and $120 per hour. Should we change the BANK rate? Should we denominate in fiat? Should we try to ‘divorce’ BANK from fiat by increasing the utility and inherent value of the token?
Governance Solutions Engineers
We’ll finally get to see the Governance Solutions Engineering Team (GSET) get implemented. In the spirit of experimentation and accountability, this team will have the flexibility to modify the Seasonal Specification throughout the Season, especially with regards to contributor alignment and creating guidelines for project evaluations.
Closing Thoughts
These are important questions to ponder as we think about rewarding and retaining contributors and stabilizing BANK token price. No doubt, the people who stay at bDAO and continue to build our community should be greatly rewarded; this is what will set us up for the next bull market and launch us into the future. But these builders that meme, code, and create for the long-term should be rewarded in the short term in a way that is sustainable, equitable, and acceptable.
🎣 Phishing School
Authors: d0wnlore and the InfoSec Team
Improving Your Use of 2FA
Many newsletters ago we covered the importance of two-factor authentication (2FA). But even with this added layer of security on top of our online accounts, it does not mean we can be complacent and assume that our account is fully protected.
The security of our accounts is ultimately a shared responsibility between us and the service provider. A determined attacker can still compromise an account with 2FA enabled if either party drops the ball.
Here I will go over two ways such an account can be compromised and how hardware authenticators have properties that make it more difficult for your account to be fully compromised.
Login Approval Notification Spam
When a service has both a desktop/web and mobile application, they can use the mobile app as the second factor to approve logins made for the desktop/web app. Google is the most popular example, where most of their mobile apps can receive a notification asking if you want to approve a recent login attempt.
There are two ways these login approval requests are fulfilled through notifications:
The notification will have a code that you enter, similar to the codes you would get from an authenticator app like Authy.
The notification will prompt you to accept or reject the login attempt with a relevant screen on the mobile app.
There is far less friction in the latter method and here is how attackers will abuse that convenience. For this attack to be most effective, the attacker needs to know that you are using the companion mobile app as the second factor, that it prompts you to approve the request instead of giving you a code, and to know what time zone you are likely to be in at the time of the attack.
Scammer compromises your account to the point where the second factor is needed for them to continue.
They will repeatedly make the HTTP request that triggers your companion mobile app to prompt you to authorize the login.
You may think to yourself that you can just ignore the notifications and/or explicitly reject them if the service provider allows it. But depending on how the service provider has implemented this system, you may be overwhelmed with the flood of notifications that you would rather just have gone away. This becomes more dangerous if time zones come into play, as the attacker can perform this attack while you are sleeping, where you are more likely to make a mistake in your half-awoken state.
Social Engineering
Social engineering can be used in cases where 2FA codes are sent to you, such as through SMS and email 2FA implementations, or if your companion mobile app in the above section sends you codes.
Here the attacker will try to convince you to divulge the 2FA code you just received. To succeed it helps if they have some personal information about you that the service provider would possess, specifically your name and phone number.
Scammer compromises your account to the point where the second factor is needed for them to continue.
Scammer triggers the 2FA code to be sent to your companion mobile app. They will then call you and construct an elaborate story about why you received the code and why you should give the code to them.
While this may seem easier said than done, this scenario has occurred for at least one bDAO member in the past few weeks. The stories these attackers create will be different each time. But a popular story is that your account has allegedly been locked and the attacker, claiming to be an employee of the service provider, needs your 2FA code to unlock your account.
How Hardware Authenticators Help
Hardware authenticators, such as a Yubikey, are becoming a useful tool in helping secure online accounts. Other than the cryptography systems used on these devices, they are pretty simple compared to your password manager or mobile phone. But that simplicity is really useful to have in a second factor. Hardware authenticators are less likely to lead into ‘footgun’ incidents, compared to an unlocked phone or compromised password manager vault.
Let us take the above scenarios, where an online account with 2FA was enabled but still compromised, and see how the situation changes if a hardware authenticator protected our account instead.
Login Approval Notification Spam
Scammer compromises your account to the point where the second factor is needed for them to continue.
Assuming your hardware token is registered as your second factor, instead of the companion mobile app prompt or SMS, you will not receive a notification that could lead you to authorizing the login request by accident (and can sleep soundly at night as well). The attack stops here.
Social Engineering
Scammer compromises your account to the point where the second factor is needed for them to continue.
It is not trivial to give a valid code generated by your hardware token to the attacker, so the chances of you being tricked into approving the attacker’s login attempt are nearly zero. The attack stops here.
Perform a Personal 2FA Audit
With this new knowledge, I invite you to do a quick audit of your online accounts and check what factors those services will use to verify a login attempt. Even if you do not have a hardware authenticator right now, it is important to know what factors your services use and whether you need to disable those that are more likely to lead to compromises, such as SMS 2FA.
🏛 Governance
Proposals in Discussion
🪙 Tokenomics - Stake 10 ETH from Treasury using Rocket Pool
The proposal is to stake (10 ETH) of the ETH in the bDAO treasury (34.45 ETH) for rETH to generate passive yield on ETH and support permissionless, decentralized PoS ETH staking. The reason for starting with a 10 ETH stake is to minimize our initial Rocket Pool protocol risk exposure. We should stake more after we are more confident in the benefits of staking our ETH with Rocket Pool. The future vision is to make holding rETH (or other decentralized ETH PoS pools) the standard for the BanklessDAO treasury. This proposal is our initial foray into this vision.
Scaling Fuse Lending Markets with Backstop Protocol (B.Protocol)
This proposal seeks to integrate bDAO’s and IndexCoop’s jointly launched GMI: Hot Tub Fuse Pool with the Backstop Protocol. This integration will help us offer higher Collateral Factors (LTV) due to a more robust liquidation mechanism. There will be no need to run liquidation bots (democratizing the liquidation process) and a risk analysis of the market can be conducted that can provide quantifiable insights into each asset in the pool.
✅ Action Items
💰 Action: Allocate your GIVE for Coordinape
🔍 Review: Read the Season 4 Spec.
📖 Rest: Wind down and recharge for Season 4 .
🏃♀️ Catch up: Review this week's Community Call notes or listen to the recording.
🙏 Thanks to Our Sponsor
CitaDAO
CitaDAO is a decentralized finance (DeFi) platform, allowing real estate to be tokenized on chain. The ERC-20 tokens will be composable with other DeFi applications and primitives that operate within the Ethereum protocol, creating an ecosystem for real estate in the DeFi ecosystem.
👉 Follow us on Twitter
👉 Join us on Discord
