While I'm familiar with Olympus' multisigs at a high level (that we use a few distinct multisigs, with different signatory counts on different parts of the project (DAO, Policy, Treasury), I was wondering if anyone with experience in this area could weigh on the topic.
For context, I'm a long-term holder in both Olympus, and the recently-exploited Beanstalk, the latter of which is in the process of pivoting from on-chain governance to a snapshot + multisig model similar to what's employed by Olympus.
In the interests of getting a fuller picture on best practices regarding multisig control, I was curious what Olympus does in regards to the following:
- How did we determine the total and threshold values for our various different multsigs (e.g. 4 of 8 on the treasury, 3 of 5 on policy)?
- Are all our signatories DAO members / insiders, or do we also have signatories from outside the project (e.g. prominent community members, notable figures in the wider defi space, etc?)
- While the core team is anonymous, do we have any preference between anonymous and doxxed for multisig signers? Do we prefer a mix of both, purely anon, purely doxed, or no particular preference?
- In general, what criteria are used in selecting signatories for a protocol-controlling multisig?
- Once we've set up a given multisig, do we periodically rotate signatories, or do we leave it as-is (with the exception of events like individual signatories migrating to new wallets)
- Aside from the obvious best practices for individual signatories (use of a hardware wallet, secure seed backup in multiple locations, etc), are there any other best practices you'd recommend, for both individual signatories and the overall use of a multisig setup to control a protocol?
I do hope it's okay to ask all this. Security is such an important aspect of anything on-chain, and I feel we all benefit from building up a greater common base of knowledge around security best practices.