Detailed Instructions

Begin by conducting a comprehensive audit of the treasury's on-chain assets. This involves aggregating holdings from all wallets and smart contracts under DAO control. Use portfolio tracking tools like Nansen or DeBank to get a consolidated view. The key is to quantify the concentration risk by calculating the percentage of the treasury held in the native governance token versus stablecoins, blue-chip assets (like ETH, wBTC), and LP positions.

• Sub-step 1: Compile a list of all treasury-controlled addresses from the DAO's governance documentation or multisig.
• Sub-step 2: Use a blockchain explorer or portfolio dashboard to query balances for each address, categorizing assets by type and volatility.
• Sub-step 3: Calculate the value-weighted allocation to each asset class. A high concentration (>70%) in the native token signals significant market and protocol-specific risk.

Tip: Consider off-chain assets and vesting schedules as part of the total picture, as locked tokens represent future supply pressure.

Detailed Instructions

Based on the risk assessment, propose a strategic asset allocation model. This is a governance-level decision that sets target percentages for each asset bucket. A common framework might allocate: 40% to stablecoin yield, 30% to blue-chip crypto assets, 20% to diversified DeFi yield strategies, and 10% kept liquid in the native token for operations. The strategy should define the rebalancing threshold (e.g., trigger rebalance when an asset class deviates by +/- 5% from target).

• Sub-step 1: Draft a temperature check or signaling proposal outlining the proposed allocation percentages and the rationale (e.g., capital preservation vs. growth).
• Sub-step 2: Formalize the strategy in a Snapshot or on-chain vote, specifying the target allocations and rebalancing rules.
• Sub-step 3: Document the approved strategy in the DAO's public handbook or treasury management framework for transparency.

Tip: Align the strategy with the DAO's runway needs and expense profile; a longer runway may allow for more aggressive allocations.

Detailed Instructions

Tactical execution involves breaking down large swaps to minimize slippage and market impact. For moving out of the native token, consider using a DEX aggregator like 1inch or CowSwap that splits orders across multiple liquidity sources. For stablecoin allocation, depositing into money market protocols like Aave or Compound provides a baseline yield and liquidity. Use a multisig or a dedicated treasury management smart contract (like a Gnosis Safe with Zodiac roles) to execute these transactions.

• Sub-step 1: For large native token sales, use a TWAP (Time-Weighted Average Price) strategy, breaking the order into smaller chunks executed over hours or days.
• Sub-step 2: Swap into target assets using aggregators, specifying a maximum slippage tolerance (e.g., 0.5%).
• Sub-step 3: Deposit stablecoins into chosen money markets, calling the deposit() function on the relevant protocol.

solidityCopy
// Example: Simple deposit to Aave V3 on Ethereum
import {IPool} from "@aave/core-v3/contracts/interfaces/IPool.sol";
IPool lendingPool = IPool(0x87870Bca3F3fD6335C3F4ce8392D69350B4fA4E2);
lendingPool.deposit(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48, 1000000000, msg.sender, 0); // Depositing 1000 USDC

Tip: Always verify contract addresses from official sources and conduct a test transaction with a small amount first.

Detailed Instructions

Beyond simple money markets, deploy capital into automated yield strategies to enhance returns. This involves using vaults or strategies from yield optimizers like Yearn Finance, Balancer Boosted Pools, or EigenLayer restaking. These protocols handle the complexity of farm rotation, compounding, and risk management. The choice depends on the target asset and risk profile; stablecoins can go into low-volatility Curve/Convex pools, while ETH can be restaked for additional rewards.

• Sub-step 1: Research and select a verified vault or strategy that matches the asset and desired risk level (e.g., Yearn's yvUSDC vault).
• Sub-step 2: Approve the vault contract to spend the underlying tokens using the approve() function.
• Sub-step 3: Deposit into the vault by calling deposit() or depositAll(), receiving a vault token (e.g., yvUSDC) representing the share.

solidityCopy
// Example: Interacting with a Yearn V3 vault (simplified)
IERC20 usdc = IERC20(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48);
IYearnVault yVault = IYearnVault(0x5f18C75AbDAe578b483E5F43f12a39cF75b973a9);
usdc.approve(address(yVault), 1000000000);
yVault.deposit(1000000000, msg.sender);

Tip: Monitor the vault's strategy details and historical performance. Diversify across multiple protocols to avoid smart contract concentration risk.

Detailed Instructions

Continuous oversight is critical. Use dashboard tools like Llama or Karpatkey to track the treasury's real-time value, allocation breakdown, and yield accrual. Set up alerts for when allocations drift beyond the predefined rebalancing threshold. Rebalancing can be executed manually via multisig or automated through keeper networks like Gelato or Keep3r if using a smart treasury contract. Regularly publish treasury reports to the community detailing performance, fees incurred, and any changes to the strategy.

• Sub-step 1: Configure a dashboard to pull data from all deployed contracts and wallets, updating at least daily.
• Sub-step 2: Schedule quarterly or monthly reviews to assess if the strategic allocation needs adjustment based on market conditions.
• Sub-step 3: Execute rebalancing transactions by withdrawing from overweight assets and depositing into underweight ones, mindful of gas costs and tax implications.
• Sub-step 4: Publish a transparent report summarizing portfolio value, yield earned, and current allocations against targets.

Tip: Automate performance reporting using subgraphs or custom scripts to ensure consistency and reduce manual overhead in governance communications.

Detailed Instructions

Begin by establishing a formal risk taxonomy categorizing threats into market, smart contract, counterparty, governance, and operational risks. For each category, conduct a thorough audit. Map all treasury assets, their on-chain addresses (e.g., 0x... vaults), and the protocols they interact with. Quantify concentration risk by calculating the percentage of treasury value in any single asset (e.g., >30% in ETH) or protocol (e.g., >20% in a single lending market). Document all administrative privileges, such as multi-sig signers and timelock controllers. This inventory forms the basis for all subsequent analysis and should be maintained in a living document like a Notion or GitHub wiki.

• Sub-step 1: Catalog all asset addresses, custody methods (EOA, multi-sig, Gnosis Safe), and delegated voting power.
• Sub-step 2: Calculate Value-at-Risk (VaR) metrics for volatile assets under different market scenarios.
• Sub-step 3: List all integrated DeFi protocols and their associated smart contract risks.

Detailed Instructions

Use quantitative models to translate identified exposures into measurable metrics. For market risk, calculate potential losses using historical volatility or Monte Carlo simulations, setting a maximum drawdown limit (e.g., 15% over 30 days). For liquidity risk, mandate a minimum allocation to stablecoins or highly liquid assets (e.g., 10-20% of treasury) to cover operational expenses for a defined runway (e.g., 24 months). Establish strict counterparty exposure limits; for instance, no more than 5% of treasury value can be deposited in any single lending protocol like Aave or Compound. These limits should be encoded into a treasury management policy ratified by governance. Regularly back-test these models against actual market events.

• Sub-step 1: Model portfolio VaR using a tool like RiskDAO or custom scripts analyzing on-chain data.
• Sub-step 2: Define and calculate the treasury's runway in months based on stablecoin holdings and burn rate.
• Sub-step 3: Formalize exposure limits into a Snapshot or Tally proposal for community ratification.

Detailed Instructions

Deploy technical safeguards to enforce policy limits programmatically. Use on-chain automation via keepers (e.g., Gelato, Chainlink Automation) to trigger rebalancing or withdrawal when a risk threshold is breached. Implement multi-layered transaction security: require 3-of-5 multi-sig confirmations for large transfers, enforce timelocks (e.g., 48-72 hours) for major treasury actions, and use asset management platforms like Llama or Sybil for proposal-based execution. Set up real-time monitoring alerts using services like OpenZeppelin Defender, Tenderly, or Forta to detect anomalous transactions, contract upgrades on integrated protocols, or deviations from whitelisted wallet interactions. This creates a proactive defense layer.

• Sub-step 1: Configure a Gelato task to automatically swap excess volatile assets to USDC if a concentration limit is exceeded.
• Sub-step 2: Set up Forta bots to monitor for large, unexpected outflows from treasury Gnosis Safe addresses.
• Sub-step 3: Use Defender Sentinel to track admin function calls on all integrated protocol contracts.

Detailed Instructions

Draft detailed contingency playbooks for plausible high-severity events. Scenarios should include a protocol hack (e.g., exploit in a primary liquidity pool), a stablecoin depeg (e.g., USDC losing parity), a key governance attack, or a severe market crash. Each playbook must specify trigger conditions, a clear chain of command (who can execute the emergency response), pre-approved on-chain actions, and communication protocols. Crucially, test these plans via simulation on a testnet or using a tool like Damn Vulnerable DeFi. For example, simulate draining a testnet liquidity position if a hack is detected. This ensures operational readiness and reduces panic-driven decision-making.

• Sub-step 1: Write a playbook for a MakerDAO-style "Black Thursday" event, detailing steps to manage collateralized debt positions.
• Sub-step 2: Conduct a tabletop exercise where multi-sig signers practice executing a time-sensitive withdrawal from a simulated compromised contract.
• Sub-step 3: Pre-draft templated governance and social media announcements for different crisis modes.

Detailed Instructions

Formalize emergency governance structures to avoid paralysis during a crisis. This typically involves creating a Security Council or Emergency Multisig with elevated, time-bound powers. The mandate, member selection process, and clear scope of authority (e.g., power to pause withdrawals, execute pre-defined contingency swaps) must be ratified by full DAO governance. Implement a graded response system: a "Level 1" event might only require alerting the council, while a "Level 3" event triggers immediate execution of a pre-approved transaction from a timelock-free safe. All emergency actions must be followed by a post-mortem report and retrospective vote to ensure accountability and continuous improvement of the process.

• Sub-step 1: Propose and ratify a Snapshot vote to establish a 5-of-7 emergency multisig with a 6-month mandate.
• Sub-step 2: Define the specific function signatures (e.g., emergencyWithdraw(address pool)) the council is authorized to call.
• Sub-step 3: Mandate a 7-day reporting and community ratification period following any emergency action execution.