Thank you for your feedback, we greatly value the insights and questions you’ve shared. The following should provide clarity on the structure and use cases for the Execution App.
Setup:
The managed Treasury, also known as the Avatar Safe, currently requires a 6/11 signer threshold to execute transactions and is solely owned by the BalancerDAO, with the same signature scheme as the Main Treasury. In contrast, the Manager Safe, the owner of the Avatar’s Manager Role, is solely owned by karpatkey and can execute transactions with a 2/8 threshold. Permission changes, such as those introduced by BIP-784, directly affect the permissions assigned to the Manager Role.
This proposal suggests implementing a parallel setup within the Avatar Safe. It introduces two new roles: Disassembler and Swapper. These roles will be assigned to an Externally Owned Account (EOA) that requires only a single signature to execute transactions on behalf of the Avatar Safe.
Use cases:
This setup is designed as a contingency measure for rare and critical scenarios. If an on-chain event triggers an alert in our risk system or a team member identifies a potential exploit, Asset Managers can take immediate action without relying on:
- dApp interfaces.
- Tools to construct complex payloads.
- Availability of additional signers in a timely manner.
Transactions will be executed through a custom UI and signed using the EOA. As highlighted by @zekraken, allowlisted team members will have the ability to initiate necessary transactions via this EOA, which operates with a single private key (PK) for all actions included in the two new roles.
Considerations:
It is important to emphasize that the long-term goal for these new roles is to integrate them directly with our risk management system, eliminating the need for human intervention entirely. This represents an intermediate step that brings us closer to achieving our vision.
The permissions being added to the new roles are specifically designed to enable a faster and safer exit from riskier asset classes or positions. Even in the event of EOA compromise, its capabilities will be highly restricted to exit positions only, ensuring that no malicious actions can be executed. This safeguard will protect the Treasury’s Assets Under Management (AUM) from any adverse impact.