I’m really excited to announce we are making available not one, but two Proposals to the DAO. Both have their code finalized the first one was already submitted to the Curators for addition to the whitelist following the formal procedure.

The first Proposal is a completely revised Proposal for DAO.Security. Initially, we had in mind for DAO.Security to include all aspects of what constituted the ‘security’ of the DAO, including the establishment and management of a Bug Bounty Program and several 3rd party audits of the DAO code itself.

However, the response of the community was loud and clear: you didn’t feel there was a need for such complex (and costly) set of mechanisms, and would probably prefer to eventually see a community-based security working group established rather than a crack team on call 24/7 outright.

We agree.

We also still feel that with over 14% of all ether now held in The DAO’s smart contract, it is important to take things one step at a time, correct the minor governance issues and give The DAO a nimble yet formal, established form of security from the get go. For this reason we still recommend the deployment of a single, full time expert at it’s helm.

This person will act as the first point of contact for security disclosures, and continually monitor, preempt and avert any potential attack vectors The DAO may face, including social, technical and economic attacks. They will also help the community with analyzing major Proposals for attacks. This will include highlighting 51% attacks, mismatched bytecode, and social engineering/collusion attacks.

We also want the DAO to start on the right foot, and before pushing the USN/EC Proposal, we’d like to address specific issues — the technical list of these changes is detailed in the GitHub issue repository for the DAO Framework and is limited to issue 165, 164, 163 and 148.

We decided to waive the fee for this development as we understand that while these issues are not critical, the community rightfully expects these to be promptly addressed by the people who have created the Framework in the first place.

Of course, remember this is purely a Proposal, and it does not have to be accepted.

The full text of the Proposal can be found at:

https://download.slock.it/public/DAO/proposals/daosecurity.pdf

SHA256 Hash is: 7c700cc79418d7578a9fe35e43b0b79830c645b122489113ab93658f3df57188

The code for the Proposal can be found at:

https://github.com/slockit/smart-contract/blob/master/DAOSecurity.sol

The address of the deployed Proposal is: f8c35f1cf2dc4dbeaeeb2ecb298a80b506a5781d

Talking about voting, this leads to my next post, the much awaited Universal Sharing Network proposal, which I will post within 24h.