RFC - Security Council Member Test

Summary

Introducing a preliminary technical test for Security Council candidates, which should simulate an emergency upgrade to the chain to demonstrate their technical skills and ensure that candidates can understand code.

Introduction

As many here already know, Arbitrum is currently the No.1 L2 by TVL, volume, and number of active wallets. If we want to keep it this way, we have to take safety seriously - starting with the Security Council.

789×484 59.3 KB

The main role of the Security Council is to execute software upgrades - this is the case in emergency and non-emergency actions. To do so, the Security Council members have to have at least some understanding of what’s going on, which is pretty difficult if they don’t know how to code. For example, in the case of an emergency action, they might have first to detect an exploit, figure out a patch, and then understand the proposed transaction to perform said patch + sign said transaction. So, they should have some technical skills necessary to ensure Arbitrum remains safe.

Given the current electoral process, there’s a slight risk that some candidates might be elected based on their popularity, not necessarily their technical skills or the extent to which they understand source code, exploits, etc.

Ensuring a technical Security Council

Based on the above, we believe that some measures could help ensure that the Security Council is only composed of individuals with a deep technical background.

To achieve this objective, we propose an initial test so that candidates can demonstrate their technical skills (this could also be incorporated into the constitution, but it could just be required by the foundation?), i.e., at the time of initiating the election process mentioned in Section 4 of the Constitution, applicants in Stage 1 (Contender submission) be required to complete a challenge or simulation in which they must detect an error or vulnerability in an upgrade.

Given that the DAO currently has a brand new security advisor at the ARDC (OpenZeppelin), they could be in charge of defining this challenge and how to carry it out. Ideally, we would also like to work on this in collaboration with Offchain Labs since their feedback would be very valuable throughout this process.

Requiring this challenge at the initial stage prevents delegates and other voters from casting votes at the Nominee Selection stage for candidates who do not meet the constitutional requirements for membership in the Security Council.

The test or challenge should be simple enough to detect that at least the candidates are capable to detect and patch potential exploits.

Keep Arbitrum safe

The idea behind this is to convey to all those who want to operate, trade, and build on Arbitrum that the chain is safe and that we take security seriously.

We believe that establishing a pre-election filter helps delegates choose the best candidates and that we leverage the DAO’s best resources and talents.

Remember that we currently have to keep $17B of TVL. Competition among L2s is also about safety, and if there’s something we should be picky about is safety.

Next Steps

Since this is just a request for comments, we are waiting for feedback from all delegates and community members to work on a more concrete proposal and move forward with the usual governance processes, looking forward to the next elections.

I fully support this proposal.

It will be useful not only to create professional members, but also to enable the community to understand which of them is ready to take on this position

The security council members elections should be scrutinize even higher as is super important we elect members with the security skillsets to act in good faith and competence during this sort of emergency event.

I’m in favor on this test.

This test would offer a clear objective metric to judge the capacity of council members. I would like to recommend the author to iterate on this test so that it is up to date with the latest trends and accurately evaluates the necessary competencies

Yeah, ideally, Open Zeppelin could design this test since they were elected as the ARDC’s Security member, but if they can’t or if someone sees a problem with it, then we could just find another third-party provider.

Procurement has been looking at potentially putting together a skill test for security service providers as well, could be some synergies there.

Hi everyone, Michael from OpenZeppelin here. We agree this is a good initiative to consider.

We will begin looking into how we could support this and follow-up with more detailed feedback.

I fully support this proposal.

In general, we would support this, maintaining the security and integrity of the chain should come before all else. We’ll wait for OpenZeppelin’s conclusions to comment further.

In my opinion this is somethig that should be conducted as a excersice to prevent errors in the worst case scenarios. I would value if this could be used to design procedures and use it to learn from mistakes. Documenting the process should be key to call it a success

Yes, the documentation would be super valuable. Honestly, I think it is a measure that should not only be promoted in Arbitrum, I hope that @SEEDGov and other governance actors/delegates will promote it in all governance forums.

We fully support this proposal. If we want Arb to lead the L2 space, we must take security seriously.