We would like to initiate this conversation following the feedback received on the Security Council Election Process Improvements forum post.
Thank you to the delegates who highlighted that we should also discuss how to enhance the candidate pool for future elections, improve the Security Council’s operations, strengthen other off-chain aspects of the Security Council election process, and address topics identified in OpenZeppelin’s Arbitrum Security Council Recommendations. We agree that it is important to address these broader topics (listed below) and that now is a good time to do so.
1. Should the DAO or AF take a more proactive role in sourcing candidates?
It is already common for the AF to proactively reach out to prospective candidates ahead of election cycles. We believe that the DAO should also assist in outreach efforts by sharing Security Council and Security Council election documentation (e.g. Security Council Elections 101, How to Register as a Candidate, Security Council Members: Duties and Principles, Arbitrum Governance Docs, ArbitrumDAO Constitution) with suitable candidates in their networks. We believe reputable, security-minded individuals who have already contributed to securing the Arbitrum or wider Ethereum ecosystem—and who have a background in blockchain and smart contract security—make excellent candidates.
2. Why has the number of candidates recently dropped? How can we attract more high-quality candidates?
There may be multiple reasons why the number of candidates applying for the recent Security Council election declined. We believe that previous candidates who were not elected (some of whom applied multiple times) may have been discouraged from applying again. In addition, it quickly becomes exhausting for candidates to repeatedly re-apply given the frequency of elections. This is partly why the Security Council Election Process Improvements proposal aims to reduce the frequency of elections.
As noted by @maxlomu, we agree that further clarity on expected time commitments and operational responsibilities could incentivize more candidates to apply. These expectations are included in the declarations section of the application form on Tally, but we will also update our communications to better reflect them.
As mentioned above, we also rely on the DAO to reach out to suitable candidates within their own networks.
3. What do we consider the ‘right candidate’?
The forum post referenced by @krst has been iterated on ahead of each election cycle, namely 12 times over the past two years. As always, we welcome community feedback on whether the listed attributes are still relevant or whether additional qualities should be added. We believe that OpenZeppelin’s Arbitrum Security Council Recommendations on the qualities of an ideal Security Council Member are already largely reflected in this forum post.
The Arbitrum Foundation does not currently have a preference for whether individuals or entities should serve on the Security Council. However, as stated in this guide, entities must:
-
be mature organizations with a sizeable workforce
-
be active and offer a service that benefits the blockchain community
-
have been operating for at least one year with sufficient runway to continue for at least three years
-
be represented by an appointed individual who will be responsible for operating on behalf of the entity on the Security Council.
Despite OpenZeppelin’s recommendation that organizations should be allowed to use a 1-of-N multi-sig for Security Council participation, we currently believe that the risks outweigh the benefits. This is primarily because it is impossible to guarantee the intended ownership of a nested multi-sig (i.e. a multi-sig serving as a signer on the Security Council), since any signer on a nested multi-sig could change any of the singer addresses at any time, while bypassing the 18-day governance timelock. Moreover, if a nested multi-sig uses a ≥2-of-N configuration, it could increase coordination time as it would require more signatures, which could therefore slow the Security Council’s overall emergency response time.
That said, we will continue evaluating whether organizations should be allowed to participate via multi-sig as more information becomes available, and may allow this change in the future. We are aware that Security Councils in other ecosystems already support this feature—mainly to improve entity availability during incidents—but we are not yet comfortable adopting it ourselves.
4. What do we expect from candidates in the election process?
Candidates should accurately answer the questions listed in the Candidacy Details section of the Tally application form. They may also share additional relevant information by introducing themselves on the forum, as described in this guide.
Security Council elections are a strategic component of the ArbitrumDAO. It is therefore the responsibility of delegates to review applications carefully in order to make well-informed decisions in both the Nominee Selection and Member Election phases. To make this easier, the AF will provide more frequent and summarized communications about the various candidates going forward.
The question of whether candidates should be required to pass standardized assessments has previously been raised by Cattin and OpenZeppelin. While we see merit in such assessments, we believe implementing them would introduce additional overhead that suitable candidates might not want to take on. As noted, we’ve seen a drop in candidates, and mandatory assessments would likely reduce participation further. Moreover, technical competence is only one of several important capabilities. It is equally critical that members are highly available and ready to sign transactions when needed. For example, a candidate might not be able to complete advanced technical assessments but may still have the technical proficiency to understand the situation and sign the relevant transaction.
That said, it may make sense to introduce assessments as an optional step initially, to see what percentage of candidates complete them and whether this influences delegate voting behavior, before deciding whether to make them mandatory.
5. Is the position attractive enough (financially or otherwise) to draw the kind of candidates we want?
As stated in the governance docs, Security Council members each receive $5,000 per month in $ARB for their time, expertise, and service to the community. We believe this is sufficient compensation for the role. We deliberately avoid emphasizing this figure too much to avoid attracting candidates motivated solely by compensation.
6. How should we handle the Security Council’s funding going forward?
Since its inception, the AF has opted to fund Security Council operations and we do not anticipate any issue continuing to do so.
7. What is the relationship between the Security Council and the DAO?
We believe the Security Council’s current relationship with the DAO—being elected by delegates and providing reports on actions taken—is appropriate. Its primary responsibilities are to uphold the constitution, remain highly available to address critical vulnerabilities, and execute time-sensitive upgrades (which are then published on the forum). Anything beyond this—such as posting on the forum or joining governance calls—is optional.
8. Should there be an internal structure to the Security Council?
At present, the Arbitrum Foundation acts as the de facto lead for the Security Council. We help onboard new members, provide guidance when issues arise, and support with operational tasks. To our knowledge, there is no known issue with the current setup that a Security Council lead or hierarchy will fix.
9. Do we still need the ‘small Security Council’? Should we change the language of the Constitution around the Security Council’s scope?
The Security Council has carried out a handful of routine, non-controversial, and time-sensitive upgrades, including:
- Non-emergency action to update Arbitrum Nova’s DAC keyset
- Non-emergency action to fix a fee oversight in The ArbOS Version 20 “Atlas” upgrade
- Non-emergency action to facilitate key rotation of the Security Council in June 2024
- Non-emergency action to facilitate key rotation of the Security Council in October 2024
- Non-emergency action to facilitate key rotation of the Security Council in December 2024
Right now, most upgrades go through the DAO as that is what gives an upgrade legitimacy. At some point, the Security Council may take a more proactive role, as outlined in the constitution, so it makes sense to preserve that optionality.
10. Should we introduce some kind of a transparency report / retrospective for the Security Council to better understand its past actions and the performance of particular members?
We believe that adding such a responsibility to the Security Council’s scope would add too much to its workload.
11. Why wasn’t OpenZeppelin’s research referred to in the Security Council Election Process Improvements proposal?
As mentioned above, we have reviewed OpenZeppelin’s research and considered the suggestions that are relevant to the Security Council Election Process Improvements proposal’s scope. We agree with some of these suggestions (e.g. Security Council Member Capabilities), but not others (e.g. maintaining existing term durations and introducing technical assessments).
Conclusion
We welcome delegates’ thoughts on these topics.
We would like to reiterate that any relevant insights from this discussion can be raised through another temperature check and bundled into the on-chain Security Council Election Process Improvements proposal (intended to take place at the end of the year, assuming it passes the relevant temperature check(s)).
As a reminder, the Security Council Election Process Improvements proposal aims to improve specific technical aspects of the election process and reflect these updates in the constitution. We intend to take it to Snapshot this week so that prospective September 2025 cohort candidates can gauge whether these improvements are likely to be supported by the DAO.