[Proposal] [Discussion] Adding a More Restrictive Long Term Savings Multi-Sig Wallet

The Matryoshka's Daughter by ~curiousmoth

Proposal, Discussion starting point

As part of Experiment 002 I would like to suggest we talk about setting up a more restrictive (adding reasonable security) multi-sig wallet.

In Experiment 000 we followed this guide MMT: Let's create a bitcoin multisig wallet (async) to set up a 6 person multi-sig wallet with two cosigners required. This is excellent for ease of use (only two signatures required) and suitable for our high trust group.

In many other scenarios this may not be a desirable level of permissiveness.

Suggestion

Lets set up another multi-sig wallet with 6 people and 3 or 4 cosignatories required. We can then keep the majority of the BTC savings there and keep say 1 - 2 months in the more permissive wallet. Think of this like a savings account and a cash account. This type of arrangement is common practice amongst myriad organisational forms - so trying this out might be quite useful.

This would mean we have TWO main wallets. 4/6 Longterm and 2/6 Shortterm. When funds are running low in the Shortterm we can then move them from Longterm.

What do you think?

Interested to hear what y'all think of this? Ammendments? Questions? Blindspots? Worries? Blocks

Loomio-vote

Once we have had a full discussion here I suggest we then make our proposal / vote in Loomio - given this seems like a Big Thing tm

cc: @Alanna, @pbx1, @Kieran, @peg, @mix

This seems reasonable and easy, and could possibly have some hidden good things. I'm already wondering what it might be like to have event more money that I'm responsible for. Super interesting!

Also will force some learning about "what's it like to onboard / offboard members" (how often are we comfortable running the wallet creation ritual).

For this round I think I'd like to explore our due dilligence process - i.e. how do we check each others practice. If this proposal is accepted, I'd like to add a proposal about how we do that.

How often do we intend on actually making payments?

Its worth talking about regularity of payment ( which is going to be informed by rate fluctuation ). If we're talking about paying by the month, rather than in week / two week blocks (current experimental phase), it could be that this would inform how much goes into the 2-of-6, which would dictate the necessity at this stage for a 4-of-6.

Having a second 'longer-term' wallet would minimise the frequency with which @Dan Hassan would have to inject funds, as it could be done once every 6 months into a 4-of-6, managed collectively and moved every month or two into the 2-of-6.

Would also echo @mix's emphasis on the need for due dilligence, especially following our accidental overpayment. A clear workflow / process of how to check a tx when cosigning and the means to review by-gone tx's

@mix "For this round I think I'd like to explore our due dilligence process - i.e. how do we check each others practice. If this proposal is accepted, I'd like to add a proposal about how we do that."

Is this the same thing as you and @Alanna are working on through this experiment? Analysing what other tools such as cobudget or opencollective have to offer?

@Kieran "How often do we intend on actually making payments?"

In UK the standard is every 4 weeks. No-one I know actually likes this frequency. I imagine it was set up this way to reduce the accounting costs for businesses.

In Australia it is standard to get paid every fortnight. I much prefer this personally.

Not sure what the standard in NZ is, or DE.

@Kieran "Having a second 'longer-term' wallet would minimise the frequency with which @Dan Hassan would have to inject funds, as it could be done once every 6 months into a 4-of-6, managed collectively and moved every month or two into the 2-of-6."

True, hadn't thought of that.

There is also then an additional free benefit that there are different grades of permissiveness/risk. When some new folkx join the team and are more unknown/unfamiliar with what we are doing, there is less exposure to high value wallets, which opens up the opportunity to build in grace periods before becoming a subcore cosignatory on long term holdings whilst also being able to be invited to the shortterm wallet and experience a ceremony and the power and fun of this... maximising good time ritual whilst also mitigating risk...

oh sorry - by due dilligence I meant "how do I know Dan has actually sharded his 4/6 wallet seed, because if he loses it and I lose mine we're dangerously close to an unrecoverable wallet"

@Alanna: "I have many times performed the financial admin role in organisations with traditional two-to-sign bank accounts, and it's always been a huge pain in the ass."

Same. I really, really hear you on this one.

@Alanna: "So what I am saying is.... for this to work we'd need to all be prepared to take it a lot more seriously than "normal" banking security and "normal" group responsibility to one another. I hadn't really thought about it in those terms until now."

You've gotten to the heart of something quite profound here. I'll try and unpack this, but my thinking and understanding here is still super entangled, apologies if this gets esoteric (at best) or non-sense (most likely).

I believe we're a new type of formation.

We're spread across Fiji, New Zeland, Australia, Germany and UK. We don't have a formal organisational form. We don't have a bank account. We operate a shared Bitcoin multisig wallet.

The following is overly simplistic - but you'll hopefully see what I am getting at. If something goes wrong with the signatories of the charity, there is proceedure and process to work around those issues. If there are issues at the banking level then there is recourse through either insurance companies or by going to the government (who can print more money and bail out banks).

Early Bitcoiners' call to arms was "Be Your Own Bank". For some time I have been thinking of this from the commons/community perspective of "Being Our Own Bank" - but @Alanna you've reminded me here that it is actually something different even beyond that. When the Banks fuck up - they have people who can bail them out. If we fuck up, we won't...

IMO this is both dread filling, but also the opportunity space for uplift, community-actualization and space to grow into a new form of collective power.

"I believe we're a new type of formation"

I'll short hand this as a Free Association (Free as in Freedom, rather than "free beer")

I think we're most similar to an open-source project operating cooperatively which has been funded by a grant. In this way we're kind of similar to an opensource project operating an opencollective account. There are some similarities with the Start Up world in the sense that everyone working on the project is paid (at least part time) and that there is a 'run-way'. We're different from a SU in that's it's not clear that we're trying to turn this into a Business - though a product may be produced off the back of this.

One thing which is already being produced are models, strategies and approaches for Formations such as this. Essentially it's a map of one way of handelling cryptocurrencies for organisations. At some point I think it would be worthwhile figuring out some good documentation for successful tools, strategies, learnings, pitfalls, risks and processes.

@Alanna basically "harder to steal" (or make an error with).

I think if we tried 3/6 and did due dilligence assessing each othres backup situations there's a low chance we'll lose the wallet. Which leaves us in a good position to test if our comms are as shit as your Board Members @Alanna. I notice if your scenario the difference is you were the delegated "Nag". We don't have one of those in our group, and I don't want us to (it could be @Dan Hassan but I will fight to keep anyone from putting on the Nag hat). There's a small chacne we'll be better at comms .... is it worth testing?

@Alanna "Can someone articulate why it's desirable/necessary to have more required co-signers? @Dan Hassan you mentioned it was so we could keep more money in the wallet, but you didn't really connect the dots on why that was so. What's wrong with keeping more money in a 2-sign wallet?"

Mainly for learning/experimentation. Exploring what is possible with different configurations.

For our particular composition of group our current setup of 2/6 would likely be fine for 1 BTC or 100 BTC. Whilst there may be many groups within our ecosysystem which share this extremely high trust arrangement, there are many more gradients within the organisaitional landscape.

My suggestion was based on incremental experimentation which might give us insights into processes and setups which might be useful for organisations across a broader range of the organisational landscape.

Here are a few other examples:

1. When issuing gifts/endowments to other groups such as #greaterthan or some other projects one of the first questions after setting up wallets was:

"When should we cash this out? Should we keep it as crypto?"

An alternative to cashing all out immediately would be to set up different multisig wallets with different parameters and conditions:

a. keep 1% in a restrictive multisig wallet till 2020 OR when BTC-USD rate hits 1,000,000k USD per coin.
b. keep 2% in a restrictive multisig wallet till 2020 OR when BTC-USD rate hits 500,000k USD per coin.
c. keep ... etc

...

Have run out of steam for now... will come back later.

@Alanna

I'd like to voice support for @Kieran's idea above to have one short term wallet that's 2-sig with "ready cash" and a long term one with more signers - if not right now then in the future if we're doing more frequent small transactions. I think that would strike a balance of security and usability.

Agreed

Can I suggest we set up the more secure wallet and use it for a few weeks of real tranactions before moving lots of funds in? I think we'll want to iron out our process before locking ourselves in.

Good idea. I would support this.

This also brings up the question of who is included. Our current wallet is 6-sig but day to day our active team is four people.... Not sure I'm clear on how we decide who is a signer.

Do you mean for the longer term storage?

@Alanna I think it's enough if it's enough for each person involved. Is that too circular/meta?

@Alanna : "Should we be approaching starting these wallets much more lightly than starting a co-op or governing a company? Or are we actually setting up long-term mutual commitments here."

Yes. This has been the tendency so far.

At the beginning of this mmt experiment I said to everyone that I could commit to funding it for 6 months, review at 6 months if we want to keep going for another six months (12 months). We're about 3-4 months into that. I personally think running the project for 12 months is an interesting prospect.

At a meta-level this is a totally new approach for me, and I suspect for all of you as well. A patron (me) has offered funding for a time-period based around a group of people and a domain (cryptocurrency / financial literacy). How this is going to work out is still unfolding.

What does it mean to be 'in' this group. At first it was simply by my invitation. Incrementally I have been dissolving my central role. The group is moving towards managing all the available funds. It seems logical that for any new people to be invited into the group also be controlled by the group.

One of the main risks that I can see is that of "opportunity-cost". By using our time on this project/experiment we are closing down the opportunity to work on other projects. In the worst case scenario this mmt iteration will run out of funding without a clear notion of a useful product or process to rally around. I guess one of the clarifying questions for deciding to invest our time in this is that if the worst case scenario is an acceptable outcome...