 So, I got a call from somebody about two days ago saying you have to present this talk because they first did not take it and someone canceled, they wanted somebody a sacrificial goat at the last minute. So, that's why I'm here and I threw together this presentation in maybe the last couple of hours but I'm very familiar with the topic so there may not be everything that I wanted to say in here so please excuse me. So this talk is on the autonomous risk management of DAOs where obviously DAOs, DAOs is a decentralized autonomous organization and I call this ARM with apologies to ARM, the chip company. So the themes are very simple, what are, you know, institutions, the evolution of the institution, the DeFi stack, risk and management of risk, the DeFi stack reworked, implementation and of course references and Q&A. Of course you can do, you can ask questions anytime you want but for your questions to be recorded you have to have a mic or you have to tell me so that I can repeat the question, all right? So the DeFi stack, you know, is, before I go into the DeFi stack I wanted to talk a little bit about institutions. Institutions may seem a strange word because we use the same term for a place where you send people who are not right in their head to recover but institution has a long and sort of varied meaning. The meaning that I intend here is the meaning that is ascribed to an institution from Douglas North and new institutional economics. Only this, their thesis, I mean the new institutional economics thesis is that institutions are the basis of society, institution is just a law, like some kind of a law, the rule of law. Property rights being the primary one which the western societies have adopted and Douglas North and others think that that is the main reason for the rapid economic development of western societies and obviously the IMF has taken that and said, oh, you know, governance matters. So they want every society to be reflected, you know, to be similar to western society which obviously has problems because that is not the only thing that controls the evolution of the institution. The institutions evolved through organizations, organizations meaning more organized groups of people or actual structures that created this sort of take off point. What the main thesis I want to say is that it is not an end point meaning western society in this particular form is not an end point and that's what Douglas North was saying that it's an end point. Obviously we have seen new forms of organizations coming to being decentralized autonomous organization being one of them. And obviously the same principles that animate the regular economy will animate this too. One of the things that is important there is property law meaning, you know, the rights enforcement of rights and enforcement is usually not just a law standing by itself but it's some form of government that has to do the enforcement with the standing army or some other way of enforcing that law. So the thing that the DeFi stack, DeFi's lack today is a structure similar to that. It does not have to be a centralized government but it has to be some kind of a something that is monitoring and enforcing the law of property which means if I own a token, if somebody else steals it then there has to be recourse. And obviously that's a problem, you know, today it's a problem, it cannot be done very simply. So the DeFi stack, you know, this is proposed by some guys long before but it is a very familiar stack for us, right? There is a base, immutable orders, blockchain, assets, tokens of all kinds. And what distinguishes DeFi is logic, so this is all reworked by me, you know, these names were not in the original paper but we are familiar with this and the logic layer is the most important layer for DeFi which we already know. That is what is decentralized autonomous organization means. It is animated by logic and of course the highest level is the UX layer. That is wallets and APIs. So let's back up a little bit, we have now risk in DeFi which is liquidity risk, transformation of maturity risk which means that, you know, we are trying to leverage using one asset and exchanging it for another asset, the various exploits. So the main way that we can manage the risk in this is using ideas from C5. One of the ones is dynamic and static scoring, scoring the logic layer or scoring the asset layer. The other one is circuit breakers. You might be familiar with the idea of circuit breakers from equity markets which is also due to program trading which is a kind of autonomous execution of trades without human intervention but it has cost a lot of problems including rapid falls in the price of certain equities or a turmoil or volatility in the market which is not a natural volatility, it is cost purely by the autonomous programs acting on their own. After one of the crashes people proposed that we should have some kind of a circuit breaker. If the price of an equity falls at a certain rate, you know, like 20% in an hour or in three minutes or whatever, whatever the rate is, that security will no longer be traded, there is an automatic pause that goes on for, you know, depending on the exchange it will be for 20 minutes, 30 minutes and so on. So that is the idea of circuit breakers. The other one which is the scoring stuff, we are already familiar with it from, normally it is scoring of individuals but you can also score any organization or an asset using certain conditions, using certain criteria, sorry. And when we say dynamic scoring that means that score constantly changes and how would this work is if you are a trader in that market, first of all you have two types of trades, one is the ones that you hold positions in and the other is stuff moving up and down all the time and you decide either to participate in the market or sell off in the market. So it's for individual decision making and also, you know, this kind of method can be used for scoring of any asset including decentralized assets. In DeFi there is several types of risk, one is a contagion risk which means that if for example the stablecoin Terraluna lost its peg and went down rapidly it caused mayhem across the market, right, that is called contagion which is in regular centralized finance. The other is systemic risk not just in the crypto asset market but also in the regular market. Why? Because let's say that you have a stablecoin like USDT, their reserves are held in corporate bonds. So if there is a run on USDT where people are rapidly trying to get dollars back from the USDT market then they have to sell off the corporate bonds rapidly which of course will cause prices of corporate bonds to fall. So now you have a cross system contagion. The liquidity and maturity risk is, you know, we know that if buyers disappear from the market, that prices will fall and if sellers disappear, you know, prices will rise. If there is more demand than supply, supply, you know, the old, you know, this liquidity risk in regular markets is controlled by centralized organizations like the central bank. Central bank is the liquidity provider of last resort. There is no such organization in DeFi. So obviously that is very difficult to do in a decentralized marketplace. The other is autonomy risk which is things happen rapidly. Just like in program trading, you know, you can have a rapid fall or rapid rise in the prices of certain tokens or assets and that is also due to autonomy. So now I'm proposing another layer called an analysis layer which does audit and control. We are familiar with the analysis layer which just does auditing, meaning it's monitoring the prices, it's reporting out all of the, you know, the websites like CoinGecko, they all rely on this kind of reporting tool. But nobody has a way to using the, what's happening in the market to then control it because obviously it's not meant to be controlled. The decentralized autonomous organizations cannot be censored, right? But there is a thought today that we have to extend the token standards to include facilities to control the token, meaning like TTF proposed that it should be, there should be an interface which pauses the token and then resumes the token. But obviously not everybody can call this, it has to be some kind of a governance-based control, meaning there has to be a wallet or a set of wallet with a multi-sig that is under the control of this analysis layer that can issue those commands. And it would operate similarly, meaning that if the price, the observed price falls rapidly, the observed price rises rapidly, then they would call a pause on the token. This idea has been tried a little bit in, for example, in some of the bridges. But there are multiple problems with these, this approach, that means if someone hacks the smart contracts not to, let's say, obey the command to pause or presume the token could be permanently disabled, but with enough controls we can take that, you know, we can try to fix that problem. So this is probably one of the last slides and I don't know how I'm doing for time, but I have about 15 minutes, but, you know, I want to leave enough time for questions because this is not just some, this is all material that is absolutely new in some sense. So to build such a system, what do you need? A system that consists of tunability, that means like, I will say, okay, 20% down, if the token goes down by 20%, then we pause, or I can tune it to say if it goes down by 19.5% or, you know, some other percentage. So that's what I call tuning. I mean, that's a simple example of a token that is controlled by an exterior system, not exterior, but, you know, now you can try to enlarge the system by saying, okay, how can I make it decentralized? How can I make the analysis system, analytic system itself decentralized? These are some of the ideas that we are playing around with, you know, I have been talking to some people about these implementing, you know, building something like this. The other is upgrades, which is how do you upgrade either the analytic layer or the smart contract itself? There are ways to do the smart contract upgrades. It's a very rigorous process, you know, and so on. Then adopting techniques from stock markets, which we discussed just now. There are other techniques that we can talk about, that is, you know, either to throttle the system. That means if the system rate is observed to be, let's say, 20% higher than normal, then you can say bring down the rate so that it's, you know, let's say only 10% higher. You can do a lot of different things with this, and it has to be in the governance. That means most tokens today, most DAOs operate with the white paper. Maybe we have to state these governance ideas in the white paper itself so that it controls the way, you know, the arm works, and people are not hit with unexpected effects. The third idea is to reuse already existing infrastructure, right? Like, for example, the graph, which uses the Ethereum events to create a database of events, and then it exposes a graph-sequel, you know, interface. And you can build on top of it. So that's another idea. The fourth idea is, of course, do not give all the control to programs, but have some way of manual intervention. And these are my references. You'll get the PowerPoint presentation from the site. And now, of course, it's Q&A. If you guys have any questions, I'd be glad to answer. And he's going to hand out the mic. Hi. Thank you for the presentation. Interesting topics that are addressed. Less than a question, but more probably than a point of discussion is, like, you suggested, for example, having something like a multi-seq wallet that can, let's say, can assemble the agreement of the entities controlling the wallet in order to pose a token and something like this. So my question is, don't we already have this in the economies that we know since years, and it's called, like, governments, for example? Yes. And I'm not criticizing what you are saying or what you are suggesting. On the contrary, I'm seeing the, and I'm critical towards the, how DeFi works and what is being claimed there, because generally there is, and again, that's my personal opinion, like, a lot of claims put there, like, oh, we don't trust our governments, we don't trust who controls the economies, and so on. And that's where we try to bypass all that through DeFi. But at the end of the day, I think the reality is that if you don't trust your governments or what you named the institutions that govern your everyday life, probably, you have more problems that you can solve with the blockchain. And it's more like theoretical and, how to say it, like, philosophical point to discuss rather than technical, but would you like to comment on that? Because you also bring the point of taking, let's say, approaches that we know from the traditional, let's say, economies and applying them to the DeFi world. So, where are we? And where are we going to? So with regards to this, can you comment a bit? Yes, definitely. Most DeFi is actually centralized, because anybody, some wallet controls the smart contract. I can put another smart contract in there, and that can steal all the stuff. So, I agree with you that there exists already government, but there also exists the Dow, and people are trading on it daily, with billions of dollars. So, we have these two situations. I'm trying to say, how do we bridge the gap? How do we bring them together? What can we do that is similar to a decentralized way of thinking that will bring, you know, that will bring some kind of an institution, a rule of law to the Dow. That's where I'm going with this. I'm not talking about idealism, I'm talking about reality, because both of these things exist, right? Governments exist, and so do Dow's. The other point is the multi-sig wallet could be controlled by multiple analytic programs, and only if like two out of three agree, then you will do the pause. I mean, that's one way of doing it, because human beings cannot intervene in the time that it takes for these to go south. It always happens very rapidly. We are not, you know, we are not cyborgs, not yet anyway. And we have to have delegation to certain things that we can trust. But who will watch the watchers? I mean, this is, you know, it can be an infinite regress, but at the same time we have to be realistic and say, okay, you know, we'll have multiple watchers and they will do certain things. And so that's how we advance by degrees, not by, you know, like one day governments disappear and we will be all safe. Anybody else? Yeah. Thank you. So when you're talking about the management of risk, so if I understand correctly, you're trying to superimpose the concept of a Dow to basically do risk management, but with the Dow's in production, like the way that we're so when you deploy a smart contract, right, a lot of the code that has been deployed out there, you cannot fundamentally change. You can change a state though, through like subsequent actions. And when you're saying mitigate risk, so like my primary concern is that any centralized system is always going to be strictly faster than a decentralized system, right? And your stipulation is correct that humans cannot intervene in a time necessary for a malicious attack to happen. So my primary question is, is it necessarily like true that if we're imposing these like analytic mechanisms, like we're operating at the speed of code here, how can we necessarily at scale prevent, you know, like basically a plus one attack. So an exploit happens. How can the humans like in a Dow necessarily intervene? Because it's like some attacks are too large in which, you know, an exchange gets hacked, right? And you could have an emergency font to, you know, disperse that to the parties affected. But I think for like a truly scalable solution, I think there needs to be the implementation of, for example, formal like formal verification or things that could really operate at the edge. So we could basically verify that what do we determine and how could we arbitrate on an autonomous way? What is malicious behavior versus non malicious behavior? So can you be more precise about how we're doing that in a Dow based setting? Well, you made several statements which I have problems with right away, right? The first thing you said is smart contracts cannot be changed. They can be. Second thing is the first Dow attack was handled by the fact that the Dow did not allow immediate withdrawal of funds but had to be segregated into a separate area before and had to wait for 48 hours or whatever before the person could withdraw it. So Vitalik and others created a fork where they actually proscribed that wallet address and that wallet could never be spent inside Ethereum after that fork. So, you know, all of these things have happened before but what I'm proposing is, you know, some way to, first of all, there's no system without risk. Every system has risk. And when you invest in a system, you want the reward to be commensurate with the risk you're taking. So the scoring mechanism, for example, you know, all scoring mechanism are flawed. So does that mean that we should never have any scoring mechanism? It means that we have a scoring mechanism and then we see where are the false positives, where are the false negatives and we keep improving that system. So in terms of that, the scoring mechanism would be an edge solution. That means you, as an investor in multiple tokens, can say or multiple systems, Ethereum based, Solana based, you know, whatever else based. And you say, okay, what is my risk across the spectrum? And how would I manage that risk? So along with the risk, there is risk management that is not perfect. I mean, we had the crash of 2008-2009. There were plenty of risk systems in operation then. But they have changed the practice of risk after 2008-2009, mainly by slowing down things, mainly by changing things. All I'm talking about is, you know, reality based approach, not idealism, you know, not something that is, I mean, we can talk about this outside, maybe, because I think I'm coming to the end of my, yeah, it is 346, I mean, whatever, 246. Is that the time? Yeah. So, I mean, if you have any comments or questions, I'm always willing and able to answer them. Or hopefully, if I cannot, then, you know, we can explore it together. And anyway, all of this is sort of spun out of my mind, in a way, in a very short period of time. And I'm writing a paper for UCL, University College London, which is on this topic. And, you know, it's a work in progress. Let me put it that way. Thank you.