Discussion: Community-Owned Validator on Secret Network

Utilizing DAO-run Validators for a Community-Owned Validator on Secret Network

Introduction:
The idea of this post is to start a discussion regarding the use of DAO DAO to launch a community-owned validator on the Secret Network. We, as a community, could create a NFT collection, whereas the NFT grants you membership to the Secret DAO. The raised funds (selling NFTs) could then be used as the treasury for the DAO. So the NFT has two functionalities: Regulate access to the DAO and bootstrapping the treasury.

Afterwards a SubDao can be created, which launches the validator. This validator is then community-owned as the voting behaviour is determined by governance decisions of the Secret DAO.

The treasury is governed by the DAO and can be used for several purposes. The DAO could decide to be rather passive and to stake its assets to increase its influence on the network, provide liquidity for key pairs on DEXs and to earn incentives and trading fees or even position itself as a community run VC.

Concept of a DAO-run Validator:
DAO DAO recently launched DAO DAO v2, which rolls out new features like SubDAOs and powerful Actions. These features allow a DAO to create a validator, making it fully accountable to the DAO’s governance. In a DAO-run validator, the DAO’s votes are the validator’s votes, and rewards and commission flow to the DAO’s treasury. The built-in voting rationales give a natural place for validators to share their voting decisions with their delegators. In addition, DAO-run validators offer better security as the DAO can heal in case of a compromised wallet, and accountability to the DAO as the DAO can override the governance decisions of the validator SubDAO. [more: DAO DAO Validator: A validator run by a DAO | by DAO DAO | Jan, 2023 | Medium]

Conclusion:
In conclusion, utilizing the approach of DAO DAO to launch a community-owned validator on the Secret Network offers numerous benefits. It provides accountability, better security, and a transparent voting process. Right now, the governance on Secret Network is rather centralized and you only need 2 SCRT to join the active set. I would like to see this project come to live and serve as a trial run for other community run validators. I see a future with many community run DAOs and validators, with unique profiles. There might be DAOs consisting of people who want to push for as much decentralization as possible, others who want to support the ecosystem (f.e. they could use their treasury to provide liquidity on Shade DEX or for SCRT LPs on other networks) and much more.

Disclaimer: This idea is in a very early stage and such a validator only exists on Juno at the moment, run by the DAO DAO team itself (Interchain Explorer by Cosmostation). So I am not aware, if it is possible atm to use ICA to run a validator on Secret Network, so it might be something for the near future. At the same time, some other things need to be discussed, but this could be a great starting point to explore together with the DAO DAO team how we can in general integrate secret network in their products (private voting f.e.)

Your input would be appreciated.

AFAIK there is no such thing as a true “DAO owned validator” because the validator private key, which is separate from the owner private key for the validator, cannot be “owned” by a DAO and requires trust of the operator.

Of course someone has to run the HW, but if I’m not mistaken the keys are somewhat secure and owned by the DAO.

Anyway, @Cristiano could make the deepdive a bit broader ( if that’s possible, I’m not sure how wide is the DAODAO documentation ), what would make more sense to me is to make DAO that would own the SCRTs and only delegate to validator.

One of the keys are owned and controlled exclusively by the validator, not the DAO. I dont know of a currently viable and secure solution that would allow a DAO to actually own both keys, only the owner key.

I have no idea either, which is why I say it would require a proper deepdive, all I know is that DAODAO has such a feature.

DAODAO does not have a way to solve what I said. There is not currently a secure way to do it without trust and security compromises. If there was, it would be Secret 2.0.

Ok cool, anyway let’s stop talking about the technical solution, as I said it can be done with simple delegation.

@Cristiano, personally I like this idea a lot, I’m not sure if NFT is needed for this or ?-20 token will be enough, anyway its cool

In theory it should be possible to use a private key stored inside a contract as a validator key that signs the tendermint stuff for the validator. It’s a bit inception-y, but I can’t think of a reason why it wouldn’t work

1. Doing so would put the val pk at risk in the event of a similar scenario that played out recently. Correct? Same reason why we dont suggest storing crypto private keys in contracts right?

2. How would the validator itself run while the pk was in the contract and are there any pros and cons you could share?

1. Not necessarily. If protecting against such a scenario was warranted (though TBH you can’t really do that much with a validator key), you could encrypt the key inside the contract. So you’d have the encrypted key inside the contract, with signatures being done from queries with a password (= decryption key) that would never be stored on chain (can also take this a step further and have the password be a part of the key etc)

2. As long as signing is done via query it should be possible to query the node from some tendermint key vault. Also request times should be fast enough that this wouldn’t add significant delay

You can double sign it / hostage the DAO if you gain access to the val pk. No?

I guess it may be sufficiently mitigated if you have a password on it.

anyways, thanks for your input Cashmany. I know to trust your experience on these things.