Context: Genesis is running since two months with no major attack attempts. Reputation holders stand at 84, few of them having over 2% of reputation (a proxy measure of activity given that most people started around 1.5% REP).
What happened: On the 23rd of October Pat sounded the alarm bell with the following message:
"It is my belief the DAO is under attack"
This proposal was recently boosted to send ETH and reputation to an unknown address:
We must form a coalition to prevent the DAO from passing this proposal. “
The proposal had no title and no description, asked for funds, was boosted and had positive voting.
After a few minutes ATF members and pollinators mobilized to investigate and react against such claims.
Daniel and Felipe actually wanted to vote in favor to test the community response
A few minutes later a new pollinator came forward and explained the proposal was his and but something went wrong, finally he resubmitted a correct version.
We tagged DAOstack devs and moved the discussion to the Tech Support channel on Discord.
It turned out the proposer tried to submit on Bohendos & Shiv’s explorer instead of the official website.
We coordinated with Bohendo to close the gap for misunderstandings and shefas / Algirdas submitted his proposal again.
Lessons learned and recommendations:
First of all the ATF is satisfied with the reaction speed and organic decision making capability of the community but can count ourselves lucky for several reasons.
What is more problematic is the lack of official procedure to follow which would be a larger issue if:
- It was a real attack with large amount of funds being taken away
- The timing was made so that few people and reputation holders are awake
- The community were less centralized in its ability to coordinate
- The resolution of the conflict was less one-sided and more acrimonious
Given this, the ATF believes it’s advisory role should be used to alert the community on the matter of setting official guidelines for treating similar future cases.
This should be debated and decided by the entire DAO and not just a few ATF officers in their ivory tower. That said, the ATF also recognize it’s position to suggest some initial groundwork/assumptions/framework/bootstrap.
We can use this draft document to gather potential solutions: