An analysis of a non-custodial and trust-minimised way to delegate treasury actions.
DAOs are a crypto primitive. They represent a new organisational construct rooted in the digital age that advocates for permissionless and transparent governance through immutable smart contracts. Its decentralised ownership promotes cooperation through intricate incentive schemes governed by capital ownership.
However immensely useful to prevent the arbitrary decision-making of hierarchical structures, this approach has ultimately been taken to an extreme. The “decentralise everything” movement quickly evolved into an “everybody should decide on everything” mindset that has slowed progress in some technical matters across most DAOs so far. Treasury Management is undoubtedly one of those areas.
DAO token holders are the ultimate owners and decision-makers of the DAO. We could argue that voting on treasury-related actions is a logical central piece of every DAO. Isn’t this the whole point of decentralised ownership?
In practice, there are some issues. We would not vote on operational smart contract upgrades or whether a bug should be fixed. Most DAOs usually avoid this and leave the work to the experts.
The reason for this is two-fold:
Not everyone has the expertise in every topic required for constructive discussion and decision-making; but mostly because
These decisions often require immediate action, especially when risk is involved.
Technical decisions should not be voted on, and treasury management decisions are usually just technical decisions.
Today, DAO treasury management is primarily a part-time job performed by operational teams. As a tiny subset of the activities required to run a protocol, its efforts hardly go beyond occasional community proposals containing a specific set of transactions for the DAO to vote on. This requires every portfolio allocation and strategy execution to go through a long period of discussion and voting before being effectively implemented.
Voter’s apathy and fatigue sometimes lead to the lack of quorum to enforce decisions — but even worse — the public nature of this approach exposes the treasury’s strategy to potential frontruns, e.g. unbalancing a pool to profit at the expense of the treasury.
Lately, many treasuries have started investing some of their idle funds to generate revenues in the emerging DeFi ecosystem. DAO Treasury Management is essentially a risk management activity: volatility, price, and other market conditions require continuous monitoring:
Incentive Rewards markets are rarely stable — they change affecting economics, get paused, upgraded, and restarted again. Typically, it is worth optimising yield daily or weekly, as the size of treasury funds justifies gas and labour costs;
The nascent nature of DeFi leads to events like flash crashes, depegs, and hacks — and they can happen quickly and unexpectedly. You want to have automatic risk-protection procedures in place to avoid being caught by one of these events.
Ultimately, the crypto industry has been protecting the transparency ethos of DAO governance by enforcing the above-mentioned ossified treasury management approach at the very high expense of capital inefficiency.
But it doesn’t have to be like that. There’s a way of getting the best of both worlds, and that’s precisely what Karpatkey has been doing for the last two years with one of the biggest DAO treasuries.
We believe only strategic frameworks (or those conflicting with the DAO’s mission) should be voted on.
Beyond occasional token swaps or portfolio composition initiatives, this approach usually translates into proposing high-level portfolio strategies and agreeing on allowlisted DeFi protocols and parameter thresholds that limit the scope of the treasury team.
That way, an assigned expert committee, e.g. Finance Core Unit can execute non-custodial dynamic strategy adjustments under a constrained environment — minimising attack vectors. Through this, capital efficiency and risk management are massively improved, while the funds never leave the DAO’s custody. Let’s dig a bit deeper to understand the technical implementation.
The core of Karpatkey’s non-custodial and trust-minimised solution relies on the most battle-tested tooling to assist DAO treasuries: a proxy Management Safe and the Zodiac Roles Modifier.
The DAO treasury fund is held in a Safe wallet, controlled completely (1 out of 1) by the DAO. On the other hand, the Zodiac Roles Modifier Module enforces role-based permission presets that can unilaterally make calls to any pre-approved addresses, functions, and variables the role has access to. These presets are initially subject to community approval, e.g. Snapshot, and they can execute different types of pre-established sets of transactions. Those can range from simple DEX token swaps and CDP or farming positions to more complex bundled transactions combining several actions from different protocols.
The beauty of this execution infrastructure is that it allows for on-chain automation through custom-built bots while keeping the DAO’s ownership. These are valuable, especially for the more repetitive tasks such as rewards harvesting or those that require immediate action, such as disassembler procedures to protect against unexpected or less frequent events, e.g. depegs.
In the end, there’s still a lot of room for improving the crypto-native treasury management primitives, and we invite every developer to build on top of the Zodiac Treasury Open Standard. We want to keep empowering DAOs to push community-driven professional risk management decisions. Still, we firmly believe that a small group of experts should take care of day-to-day execution under a constrained environment.