Not my script bro. I am fine with a technocracy. @Neo is convinced though we should have all candidates elected. I am fine with appointing members since it is more secure and we can make certain there is sufficient knowledge in CC.
Would they be temporary less active, long term…how should I know! They are not my responsibility, I cannot read their mind. Besides, did we have better people to replace them?
So are you arguing we should not have any criteria, not have safety measures for attacks on governance, just likes? Explain why you would think that would be better for the continuity and the security of the CC. It is so easy to criticize, provide a well argued better alternative.
Since this discussion is rather important for the long term security of the project, I would like to encourage the current CC members as well as those who step(ped) down, to give their input in this discussion or on the draft document on GitHub. @neo@Mokhtar@mcm-mike@davidtavarez@hendi@Paouky
Me and Anon have had alot of discussion around this and have tried to find some middle ground. I support the basis of the proposal he’s put forward.
There should be clear requirements( conditions) in order to be eligible for candidacy. If a candidate doesn’t meet those requirements then CC members can remove their endorsement and effectively veto the candidacy
To further safe guard this, perhaps OC should also have the same effective veto power?
If a candidate meets those requirements there should also be conditions around voting that gives existing CC members the power to veto the popular community vote, eg if they suspect fraudulent voting activity
To further safe guard this, perhaps OC should also have the same effective veto power?
CC members should not be able to veto a candidacy just because they don’t like like outcome of the community vote and their preferred candidate didn’t win.
Running an election based on votes isn’t something the CC has introduced. The initial process involved members being appointed and elected via voting on this forum- It did require an endorsement from OC members, however, this proposal put forward effectively does that aswell, just in reverse. There’s also stricter conditions around voting eligibility.
I do like the weighted voting idea. Or at least setting min requirements based on forum activity. eg a member needs to have had x posts before they’re eligible. Obviously any system could be gamed, however, it would be the CCs ( and communities) responsibility to analyze votes and for CC to remove their endorsement / vetoing a candidate if they suspected fraudulent activity( or whatever other conditions are defined).
We currently have a small/ tight community with strong opinions, so many in the community are going to be analyzing votes and if something doesn’t look right, it’s gong to be pointed out. Probably even before CC mentions anything.
I don’t support the idea of appointing candidates. It only serves to widen the gap between CC & the community. I honestly wouldn’t know which community member would add the most value to Grin by them joining the CC or who I would put the most trust in. Who’s to say the CC/OC would be any better than the wider community at selecting a candidate? Historically having appointed members hasn’t worked out well. I’d rather put this responsibility back on the community.
If we had a large community full of crypto bros, then I’d be less inclined to support an election based on community votes( this might need to be revisited in the future) However, as mentioned above, we currently have a small/ tight-knit community and most members have good knowledge and domain skill, and are equipped to make informed votes.
You wouldn’t know but you would have higher % chance to pick a suitable candidate than the community members since you know more than them. When there was a debate about auto-receive/itx/nitx i’ve realized that majority of the community doesn’t understand the difference between those (so the protocol itself), therefore i can’t imagine how they could select a more suitable candidate than someone with more knowledge (to be clear, them not knowing that is fine, just makes me question if they’re suitable as voters). It’s also important to note that what the community (investors) want is often not the same as what the protocol needs, although when the community is smaller that’s imo less of an issue (same as with cheating as you’ve mentioned). I wouldn’t say that historically having appointed members hasn’t worked out well, i think it’s normal that people lose interest and move to something else, would expect the same to happen if those people were voted in.
I agree that this makes things quite a lot easier and it’s true that the smaller the community the bigger the average knowledge, so we have that going for us
I also want to mention that we shouldn’t be thinking of 4 evil people causing problems, but 3 instead since if 3 are evil they can also “drain” the money - by not signing any transaction (forever).
I added option 4) Having an OC member or other strusted community member hold a backup key to protect against freezing of funds based on the input from @vegycslol@ardocrat and @Neo
Based on the input so far I think we can modify the document to include option 3) One OC or trusted member having a backup key and instead of option 2) weighted voting, we can simply put trust level 1 on the forum as condition for voting as well as condition for being a council member candidate. This is not perfect protection but it ensures voters have some minimal forum activity and making fake votes harder since you would need to earn trust level 1 for each fake account.
Problem is nobody wants to be in CC I can see
Too much pain, too much drama, too much responsibilities.
If you feel you can not change smth, but to be just key signer is not worth it possible.
Exactly what I’m thinking, the current model of CC is not efficient (that’s also the reason people no longer interested to be involved) and seems noone wants to join CC. Too much pain.
To protect the fund, just add 6 more trusted people.
One option that is growing on me is to allow CC members to stay key-holder for a while but replace council members more easily. This could either be a complete replacement without changing keys or choosing a temporary representative. For example, if I know I would not have sufficient time for Grin for six months, I could ask @Cobragrin to represent me in that time, giving him my full voting power. The only role I would have is to sign transactions.
The big advantage here is that we do not need to change the MultiSig all the time. Changing the MultiSig wallet and as such the donation address of CC is now a big obstacle for rapid and flexible changing of CC members. This would also make it easier for a council member to take on the roll for a short time, which I think many prefer. I think more people are willing to take on the role for 6 months, only having to actively join the discussion, than choosing to dedicate alot of time for years. In case of seperate key-holder and council member, a council member can much more easily step down since the key-holder can take over untill a new representative or full council member has been found.
If a council member knows he/she cannot dedicate enough time for long, we downgrade that member to key-holdrt and organize a CC election without changing the keys. On the long term, e.g. every 2, 3 or 4 years (something to discuss) the community will review all keyholders and CC makes a new MultiSig wallet with extra spare key for OC for security.
The problem is, several CC members have demonstrated an inability even to be online for TX signing. That is why I propose the iered approach. ‘Tresurers’ only need to come online once quarterly to sign one and only one transaction to top up the CC spending acount.
The CC can then spend out of that account frequently/quickly and as they see fit, without reducing the security of the entire treasury.
I agree with KISS, but we are currently executing the simplest possible architecture and it doesn’t work.
Some people are very trusted, but unable/willing to even come online to sign transactions regularly
Some people are able/willing to be CC members, but maybe shouldn’t be trusted with the full purse.
The simplest solution to this is what I propose. Let the trusted people manage the purse without requiring them to come online often or participate at all. Let the communjty elect who it wishes to CC without the burden of vetting for trust.
Future elections will be dead simple, because we do not have to vet candidates as much. After several terms, I’m sure high performing CC members will emerge as ‘trusted’ if we ever need to augment the treasury member set.
In contrast, adding a new signer accomplishes little. It too is simple, but security is reduced, Elections would still be complicated, because candidates need to be vetted extensively every time.
Major rewrite taking into account all feedback. I think the document is balanced and a good step forward for governance . Any feedback is still welcome:
Managing the CC Multisig wallet
An additional 1 key is created for any new CC Bitcoin Multisig wallet to be hold by an OC or otherwise trusted community member. In the current setup this translates to a 4/7 Multisig. This extra key protects and deters against attacks on the CC where without this extra key only three council members could take CC funds hostage or even destroy funds simply by refusing to sign any transactions. The key-holder of this extra key will only be asked to sign a transaction if the funds or the functioning of the council is at risk.
So this other key holder would have no voting rights when it comes to CC refunding requests? Happy to do this if someone from OC will put their hand up. Or it could also suit some long standing member who cares about Grin but doesn’t want to deal with politics and is willing to help out in a worst case scenario.
This is a great option for allowing community member to give Grin governance a try without having to ‘commit’ for the longer term to the council. In case a representative step down, the key-holder can simply jump to activity again to prevent any disruption to the council’s governance.
If a CC member steps down while they have a representative in their place. Would the representative then be offered the position based on a 4/6 appointment? or would CC hold another election?
Yes, this extra key holder has no ‘political influence or voting rights’, it is purely a safety measure.
OC members, old CC members like @Paouky, @hendi or other trusted members like @vegycslol could hold the key if they are willing. We would require nothing from them except for being part of creating the Multisig, something we will try to do as infrequent as possible (every few years). The system with representatives can avoid the hassle of changing key-holders and having to redo the dance of creating a new Multisig for every little change.
Good that you bring that up, we should specify it in the document. The way I intended it is that representatives are appointed based on 4/6 votes. However, any community member can object to appointing a representative just like they can object to a CC member, as long as they bring good arguments. Community members can also ask for reviewing a representative just like for a CC member. Being a representative would be a good stepping stone to becoming a full CC member in the future. In case a representatives wants to become a full CC member and replace the original key-holder, a public election would still be in place since any changing of keys would require a community election. So basically in every step or at any time anyone can object or ask for a review or any CC member or representative (democratic) which will only be granted if accompanied by solid argumentation (technocratic).
I edited the documents to be specific about the extra key-holder having no voting right and the procedure to appoint a representative, that any community member can object against a representative and full CC election in case of changing of keys:
To become a CC candidate in an election, a community council member needs to meet the following three requirements: *1) A minimal trust level of 1 on the forum *2) A proven track record of mainly constructive contribution to Grin as project *3) A minimum of one year being an active community member.
For ex, some members are not active forum, but they are known in the community more than a year. So if the 1 first criteria falls, still can be candidate or those 3 conditions all together mandatory?
These are guidelines, I do not think we should interpret them as written in stone. In case someone clearly has contributed a lot to the project, would be valuable as CC member, we can make an exception. In the end for any decisions, solid arguments and logic should be the determining factor. At least, that is my opinion, I cannot speak for the rest of the CC.
