[Discussion] Are we moving too fast? Reevaluating risk in anticipation of Maker Foundation hand-off

This thread is intended to be an expansion of @ElProgreso’s thread about the potential need to slow down (which can be found here). That thread centered on some comments from @cmooney on the December 3rd G&R call two weeks ago.

This thread was inspired by @ElProgreso highlighting a different comment from @cmooney in the B.Protocol informal poll thread. I fell the topic at hand is deserving of a new post because the original thread centered on the question of the overwhelming amount of work and pressure on the Smart Contracts team and the risk that brings, where I intend this thread to center on the entirely different risk we will be facing once the Maker Foundation “turns over the keys.” Given today’s events with the PSM, I feel it is an important discussion to have.

We as a community obviously take risk management very seriously. Anytime a new proposal is brought forward, there are countless people sounding off on the potential severity of the risk such a proposal would bring (myself included). However, IMO up until this point we have not been “playing for keeps.” Again, this is not to say that the community hasn’t been taking risk seriously up until this point, but rather up until this point (and for a few months longer) we’ve had the Foundation as a backstop. In other words, so far when a mistake or oversight took place, as long as we were able to shut it down before the platform was consumed, it could be viewed as a learning experience. The Foundation would still be able to pay key contributors and “full-time” contractors so as long as we didn’t lose the trust of the broader DeFi community we could pick up and build stronger. Today we got a little taste of the monumental amount of risk we are playing with thanks to the realization that we almost put a DC of $500M out of the gate on a brand new smart contract. To be clear, I was someone who voted for this exec and didn’t even realize the true risk it represented. The first bit of this post has been sitting in my drafts for two days and still made that mistake.

But as much as the PSM debate today (on Rocket.Chat and the forums) highlights the need to slow down, there are many sentiments leading up to this point that are equally troubling when we as a DAO eventually take the reigns and have to find a way to get everyone paid while keeping the system safe. In particular, I see a reoccurring dismissal of “we are already exposed to this risk” when objections are brought up to new proposals/vault types/collaterals. While it is certainly worth noting that the community has already stomached some platform risks, expanding our offerings generally means multiplying that risk. As a portfolio manager you wouldn’t excuse risk management concerns for an option strategy simply because you already hold the underlying stock and are exposed to its risk. Even in the situation where it is the exact same type of risk, you wouldn’t justify buying more stock because it’s already in your portfolio. We have to start thinking of risk more holistically.

To that end, I personally believe the surplus buffer is a great place to start. There is some serious disconnect when we (again myself included here) say “well lets start with a small DC of $5-10M just in case we’ve missed anything” when we only have $4M sitting in the reserve. Obviously, compared to $1.1B, $10M is pretty small. But once the foundation steps away, we will have to ensure we can pay ourselves for working on new developments and maintaining the old ones. Even if an error causes a “small” loss compared to the DAI in circulation, the loss could be crippling to our ability to self govern and pay to retain talent. If all our fees must be diverted to rebuild the buffer, we could potentially be put in the situation of trying to convince MKR whales to devalue their holdings in order to keep our payroll going. Yikes. A much larger surplus buffer seems like a good place to start, IMO.

Above is obviously an extreme scenario, and I don’t mean to imply that we are one small mistake from collapse, but rather that the stakes are constantly getting higher, and will take a colossal leap once the Foundation is no longer behind us. We must increase our caution levels in kind. In order to keep building and spreading the use of DAI we are under no obligation to keep rapidly expanding our collateral type offerings. There are several risk management reasons why it makes sense to do so rather than just keep increasing our current DCs when they get above 75% utilization, but all the reasons for adding new asset types go out the window if we’re not confident we can safely deploy them. I think another good idea for helping with this problem is implementing an prioritized task list. We could allow the DAO to vote up or down items on this list, ensuring that available talent is finishing the implementation one item at a time. While this would slow the expansion of the platform (and potentially divert resources and attention span to the list), I believe it would give more time for sign off abs sanity checks rather than the current system where projects (like PSM) are being pushed through because they are a priority and the community starts to wonder what’s taking so long when they see all the new deployments that were lower on the priority list. Just some ideas to get the discussion rolling.

I hope this is not seen as a post to stir FUD, because to me it is a post celebrating how far we’ve come and the huge step we are about to take. I believe there are plenty of areas we should be moving fast in: recruitment, contributor compensation, community development, and spreading the good word of MakerDAO far and wide. I am still new to this community, but to me this is the most exciting thing in the world right now. By 2030 I see a world with over $1T of DAI in circulation. We are changing lending and bringing true financial freedom across the globe.

I would like to hear your thoughts on how we can prevent our appetite for growth and improvement from putting the system at risk. Maybe you think I’m full of it and talking out my ass. Either way, this is the place where we govern and I think it’s high time we engage in a discussion on how we think about risk in light of soon having no backstop to fund our endeavors should something go wrong.


I’ve seen occasional pushback to innovations like YFI, WBTC-B, yield farming, and PSM because the surplus buffer is too low to accomodate the risk. DeFi is changing every second, and resisting innovation is death. Let us automate the increasing of the surplus buffer.


I see this as a failure of expecting token holders to vote on the details of each decision made for MakerDao. No successful organization or company works this way. Shareholders elect an executive group who is accountable for decision making. We need to prioritize vote delegation and select a group to make and execute on key decisions. If they make bad decisions, they get voted out, but we cant have everyone vote on every detail of every decision.


Much to unpack here but all are good discussions to have.

Surplus Buffer and risk management: Fully agree that the surplus buffer is an issue as we manage it by feeling more than science. That’s why I put solvency work (i.e. sizing the surplus buffer) in my Risk Facilitator application. I know that @Primoz is working on that already.

Governance & micromanagement: Fully agree with @latetot. We are voting and discussing on details. For the PSM the main vote as to decide to go with the PSM (and therefore saying that we will no longer be paid for hoarding USDC). The discussion on setting stability fees for (old) USDC-A vaults, the timeline on introducing the PSM (small DC first or not) is really not important. This is the realm of experts. Meanwhile, I worry more about what we don’t spend enough governance time.

prioritized task list: this one is an important item. The collateral onboarding priority list was a good start but isn’t accurate anymore (as solving the peg is … done). We need a clear strategy and align everyone around that. That’s what governance should do, not working the details.


Yes, I hope that one day we will get away from the addiction of some of these DeFi experimental tokens and focus more on becoming a hardened protocol. Would be nice to build a gigantic War Treasure/Strategic Reserves–and have the option to explore anything from Derivatives to Buying a 40M DAI property in London/Paris/NYC. Or, why not become Angel/Seed Investors in this ecosystem, AI, Bioscience, etc. – Just like the foundation has helped out startups like Degens, rTrees, and many others. Do you know that Sequoia will book over $15 Billion Dollars in profits this year from investing in startups?

The RWA folks recently had a super duper nice showcase of many of the Hard Assets that want to use DAI. From Farm Land to payments of invoices–Yet, barely anybody spoke about it, or got excited. Yet, the outside folks gets excited when they learn about DAI and the freedom it can provide.

Anyhow–Let’s hope the Maker Community will rise and start making the proper risk analysis. The possibilities of hardening our DAO and spreading the RISK are endless. We need our Community Members to help and push DAI to become a common word, as in “Google it”, or “let’s do Airbnb”. All-in-all we have a very diverse group of talented and intellectual people who can make a difference. The future is bright, IMO.


Really liking the discussion here. @zenithlight I think automatically increasing the buffer is a great way to keep things moving forward. It sets an almost natural cadence where as we pass new things we have a bit of a wait time for the buffer to fill back up again, and in theory the community then becomes more open to adding on our risk. I’m definitely not an expert on what makes the most sense, but like proper portfolio management, sitting on 10% DAI seems like a reasonable place to start. That’s obviously a huge number and we wouldn’t get there over night, but having 10% of DAI in circulation in a surplus would make a lot of the risk with adding new collater types pretty easy to stomach. That seems to be the point which the community would like us to get to (adding new collateral easily) but I imagine it would be quite hard to convince large MKR holders to put that much DAI aside when it could be buffing up their asset. Either way, $4M is objectively too small to keep pushing the rate of innovation that we are voting on.

I agree with you @latetot that a more corporate like structure with grease the wheels and get more things done, but from my prospective doing such would potentially undermine the DAO. No one really agrees on what “decentralized” means in practice, but having a bunch of gatekeepers making the decisions doesn’t sound too decentralized to me. I think perhaps having less frequent votes and more resources available to those who wish to vote could help accomplish some of the same things.

@SebVentures curious on getting your take from a purely risk management prospective, are there any “simple” solutions that could help us keep from rushing into proposals? I think mandated commenting periods are a good place or us to have started, but when a lot of the “big guns” of the community weigh in on an issue, everyone seems to go along with it. Are there projects/ admin work that can be done by those outside of the risk team so they have more time to respond to the increasing amount of signal requests?

I love the things you share @ElProgreso and think we could learn a lot just from your reading list. It is also my hope that we will be able to step into the derivatives market (allowing vaults to engage in selling covered calls and DAI covered puts seems like a logical first step). I too was inspired by the diversity of projects that wished to partner with Maker from the RWA side. If we follow your lead of attending and engaging on so many different community calls I have a feeling we’ll be attracting plenty of outside attention that will scale the platform without having to rely on adding every platform token under the sun.


@prose11 I think MakerDAO will become a complex beast (and it is already). I don’t know what decentralization is in this context. The only difference I get is that we lack leadership. Leadership is decentralized from the CEO to MKR holders. But overall we are less decentralized than the Medici Bank 600 years ago. If decentralization is opposed to managerial capitalism, this will not go well.

I don’t think much work can be done outside of Maker teams. First, if it is complex you need to invest a good chunk of time just to understand things. Then, most of the knowledge is not externalized putting outsiders at a disadvantage. Finally, an outside proposal can be an issue for inside teams’ morale. To have a high performing MakerDAO, a good political balance between MKR holders, the governance forum members (which are more or less the CEO), and domain facilitators should be found.

For instance, taking the PSM, the current executive vote is not on the way to pass (the Dec 11th hat got more and more vote to avoid the PSM to take place). MKR sends the message that they don’t agree with both the gov forum and the domain facilitators. Doing this too often will end up with MKR holders destroying MKR value.

@prose11 what we need is to define a strategy to have an alignment of all stakeholders. If we agree on a strategy, the number of signal requests will go down and we will be able to focus more efficiently on complex issues. I have an idea for that, but it will have to wait. We have a governance issue it seems. Maybe we are moving too fast on the code, but on governance, we are not moving fast enough.


Wow really great points here and a lot to unpack, thanks again @SebVentures. It’s important to remember we are essentially a start up and without clear leadership directives people will lose steam and move on to other projects with a more clear vision forward. The real challenge is how to we blend the startup nature of this project with the organizational imperative of being a DAO.

Teams are a great place to start, and allow pretty well for this hybrid startup/DAO model where we are still decentralized (many teams, many different actors, and an emphasis on low barriers to entry) and to that end we have an issue with our teams not being clearly visible. As a new member, I am still learning of separate teams existence through being invited to join in on a call. Really neat from a personal prospective of being invited into all these doors, but from an organizational view definitely not ideal that so many teams are spread out and there’s not a clear direction on who is involved or a posted goal of what they are trying to obtain. Your spreadsheet is a great place to start IMO.

It does bring up another issue though as to what constitutes being in a team or working group? I wasn’t sure where to put myself seeing as many groups have invited me to sit in on calls and collaborate, but as a new member is it fair to say I’m apart of the team because I sat in on one or two zoom calls? I ended up going with groups that I’ve been invited to a rocket.chat channel for, but the confusion definitely indicates an organizational issue. I think if we better define who is working on what and why. It will be easier to find alignment when people who disagree/think parameters should be tweaked have a clear group to come to and voice concerns.

One of the biggest issues, IMO, is the way voting currently takes place. Basically we have to put in a ton of work to get something to an executive (usually meaning the DAO is paying quite a lot for each proposal) and we are left with the possibility that despite passing an on-chain poll, significant MKR holders can still block a proposal at the 11th hour. In traditional governance, it’s decently easy to align stakeholders because as the saying goes “you’re either at the table or on the menu.” In typical governance, stakeholders have to show up and voice their opinion because representatives have to power to pass legislation against their wishes. With our set up MKR holders have all the power and no incentive to “show their hand” in the development process.

I’ve seen this sentiment tossed around a few times but it’s really starting to sink in: shareholders (which in many ways are analogous to governance token holders) only get to bring forth and vote on proposals once a year in most corporate structures. We are having votes every week with no limit on what can be brought forward and when. Now, in some ways this is extremely important, if we need to have an emergency addressed there has to be a governance cadence that allows us to know MKR holders are ready to vote and address it. On the other hand, the current set up allows for “filibusterer” type moves where anyone that doesn’t like even a small portion of an executive can gather up MRK and block it, without actually needing the requisite MKR to be able to vote the proposal down.

Things like voting rewards will incentivize some to take a bigger role in the process, but if you’re a fund that holds MKR, the cost/benefit for actively participating in debate will almost never be there. Your most efficient action would be essentially to have one guy that tunes in on Thursdays and gives a “sounds good:” or “I don’t like it.” Personally, I’m a big fan or the buy/burn mechanism, but I’m starting to wonder if there’s a solution in taking a portion of that MKR that is bought and distributing it among affirmative voters every time an exec is passed. Obvious dangers here are that it could stifle opposition opinions, but I’m wondering if there’s a way where we could tip the scales so whales are encouraged to chime in and edit proposals in order to get to a point where they could support them.

Either way, it’s clear incentives aren’t aligned properly when it comes to voting and until we start to address that it is going to be incredibly difficult to find stakeholder alignment. Would really welcome dissenting opinions and different ideas for getting governance to align with MKR holders.


Thanks to move things further @prose11

We have to see what will happen, but, obviously, MKR token holders can too easily sink a proposal. They never have to disagree or argue. They just have to do nothing. If we look historically, there isn’t a lot of executives that weren’t passed. Some failures were probably because it was vacation time. For the rest, we don’t know. Nevertheless, I remember that some executives were hard to pass.

For your solution using MKR, one way is to mint 50k (or another amount) MKR that remains inside the protocol (so they don’t count). They will be used by mandated actors to push what MakerDAO, as an organization, want. MKR token holders can still go against it, but it requires some work on their end. This is just like a CEO in a corporation has some soft power over the shareholders.

An alternative would be that the Foundation gives its voting rights to the mandated actors (vote delegation).

Vote delegation might also solve the problem by itself.

But the current system is not good from a theoretical point of view.

1 Like

But wouldn’t this leave the Foundation liable? Would be best to dissolve and abstain from liabilities IMO. But yes, these are all complex question. We shall see what the Community decides is the best path forward


That’s a really intriguing idea. I particularly like the thought behind putting a multisig behind it, with the options to either vote yes on a proposal that passed on-chain polling or not deploy the MRK. Especially if we limited their ability to vote to 50% of the hat, that way there’s still plenty of opportunity for the community (and whales too) to react if something risky is uncovered between the polling and official vote. I think that does a lot more than trying to pay for yes votes (if you’ve got plenty of MKR it would be hard to gift enough per yes vote to matter).

Additionally, with such upward pressure on passing motions whales will be more incentivized to voice concerns and modify proposals before they get to the on-chain phase. And since the multisig would only be voting “for” or not voting it would be hard to say the group’s existence is threatening decentralization. I agree with @ElProgreso that it gets stickier if we let the foundation set the actors, but we could just as easily gather people from the community and put forth a MIP to create the multisig. Really exciting stuff, if you wanted to create a new thread for the purpose of exploring interest in this idea I’d be fully in support @SebVentures and I would try to draw as much attention to it as possible!


Such things work best in a drama situation (and when you actually have mandated actors independent from the Foundation). I want to hope that the PSM will pass without much drama.

1 Like

Fair enough, I too share that hope (we’re under 2k MRK to go!)

Thank you.