DAO Governance Threat Identification & Proposed Mitigation

Unmitigated Potential Liability: ENS DAO Governance Risk from Unwrapped Assets

Abstract

This research examines the evolving legal landscape surrounding Decentralized Autonomous Organizations (DAOs), with a specific focus on the governance threat from liability exposure for the Ethereum Name Service (ENS) DAO stemming from its Endowment’s holdings in assets linked to unwrapped Assets and/or unwrapped DAOs. Recent judicial decisions classify such DAOs as general partnerships, potentially exposing token holders—including affiliated entities like the ENS Foundation and the ENS DAO—to joint and several liability. This poses a direct and potentially catastrophic risk to the governance integrity of ENS DAO.

This analysis dissects landmark cases, clarifying the distinction between governance tokens (like Lido’s LDO, which ENS does not hold) and other associated tokens (like Lido’s LSTs, which ENS does hold). It highlights the escalating risk posed by mechanisms granting governance rights to previously non-governing tokens, such as Lido’s impending Dual Governance (DG) for LSTs. This development transforms passive asset holding into potential active governance participation, exponentially increasing liability risk. The situation represents a ticking time bomb, where lawsuits can emerge unexpectedly, and failure to act proactively increases vulnerability. Crucially, even divestment may not negate liability for the period assets were held. The research concludes by proposing a refined mitigation strategy emphasizing immediate risk assessment and divestment where necessary, alongside robust governance protocols, while explaining why ENS DAO’s unique structure makes it an exceptionally attractive target for judgment creditors.

I. Introduction

Decentralized Autonomous Organizations (DAOs) represent a novel organizational structure, yet face significant legal challenges. The ambiguity surrounding liability protection has been partially clarified by recent California court decisions treating DAOs lacking formal legal wrappers as general partnerships, subjecting token holders involved in governance to joint and several liability. This precedent has profound implications, not just for individuals, but critically for the governance stability of DAOs like the Ethereum Name Service (ENS) DAO, especially when their treasuries or endowments hold any assets linked to unwrapped DAOs or protocols governed without a clear legal entity.

This research specifically examines the legal risk profile threatening ENS DAO’s governance through its Endowment’s investments, using Lido Liquid Staking Tokens (LSTs) as a prime example, but recognizing the risk applies more broadly to all assets. This work distinguishes between primary governance tokens (like LDO) and other tokens (like LSTs), but focuses on how holding such assets, especially with looming changes like Lido’s Dual Governance (DG)⁸ activating voting rights for LSTs, creates liability pathways that could jeopardize ENS DAO’s governance. This risk profile constitutes a ticking time bomb; liability can crystallize suddenly through litigation, and inaction now merely compounds the potential future fallout. This research proposes a targeted mitigation strategy centered on proactive risk assessment, divestment, and strengthened governance policies to safeguard the ENS DAO, particularly given its unique attractiveness as a collection target.

II. The Evolution of DAO Legal Structures

A. The Emergence of DAOs as Novel Organizational Forms

Decentralized Autonomous Organizations emerged as a governance mechanism for blockchain protocols, allowing token holders to collectively manage resources and make decisions without traditional corporate structures. Initially, many DAOs operated without formal legal recognition, existing purely as smart contracts on blockchain networks. This approach, while technically innovative, created significant legal uncertainties.

B. Limited Liability Protection Through Legal Wrappers

Some forward-thinking DAOs, including the ENS DAO, established legal entities to provide limited liability protection to their participants. As stated in ENS documentation: "Why have a legal entity? ‘It provides limited liability to DAO participants… Without a legal entity, participants may be individually held liable for anything the DAO as a whole does.’"¹ These legal wrappers typically take the form of foundations, limited liability companies, or other structures that can shield participants from personal liability while enabling the DAO to interact with traditional legal systems, enter into contracts, and hold assets such as intellectual property rights. However, this protection primarily applies to the DAO’s own actions, and not liabilities incurred through holding assets of other, unwrapped entities.

III. Judicial Treatment of DAOs: Emerging Case Law

Recent judicial decisions have begun to crystallize the legal status of unwrapped DAOs, with concerning implications for token holders and affiliated entities holding their tokens.

A. Sarcuni v. bZx DAO, 664 F. Supp. 3d 1100 (N.D. Cal. 2023)

This ruling established that an unwrapped DAO could be deemed a general partnership under California law. Key findings included:

  1. The DAO constituted an unincorporated association of persons who carried on a business for profit.²
  2. Governance token holders who voted on DAO proposals were partners in this association.³
  3. All voting token holders were jointly and severally liable for the actions of the DAO.

The court’s reasoning emphasized participation in governance.³ The court specifically rejected limited liability arguments for token holders without a recognized legal entity, stating participants remain general partners.⁴ This interpretation dramatically expanded potential liability.

B. Samuels v. Lido DAO (Central District of California, 2024)

This class action lawsuit involving the Lido protocol provided further nuances:⁵

  1. Liability was focused primarily on major token holders and those with demonstrable influence.
  2. However, the court did not foreclose potential claims against any token holder with voting rights.
  3. Critically, the court noted that holding assets conferring voting rights in an unwrapped DAO could potentially establish a partnership relationship. While stating "mere token ownership does not necessarily create partner status, but the exercise of governance rights… may establish the requisite intent,"⁶ this focus on voting rights becomes acutely relevant as tokens like LSTs gain such rights.

This ruling is particularly concerning for entities like ENS DAO holding tokens (like LSTs) associated with unwrapped DAOs, especially when those LSTs are poised to gain DAO governance rights.

IV. Liability Risk Analysis Focused on ENS DAO Governance

A. Direct Liability Through Token Ownership and Governance Participation

The precedents suggest participation in an unwrapped DAO’s governance via voting can lead to direct partner liability. While ENS DAO itself is wrapped, its holding of any assets that possess or gain governance rights in an unwrapped DAO creates significant risk. The Lido LST example is illustrative: historically lower risk than holding LDO, the impending activation of voting rights via Lido’s Dual Governance (DG) mechanism⁸ fundamentally changes this. DG gives LST holders governance powers ("dynamic user-extensible timelock on DAO decisions and a rage quit mechanism"⁸), aligning directly with the courts’ focus on governance participation. Once DG is implemented, holding LSTs transitions from passive asset ownership to potentially active governance participation, significantly increasing direct liability risk. This principle applies to any asset held by the ENS Endowment linked to an unwrapped DAO where the asset carries governance potential.

B. Indirect Liability Through Asset Ownership and Affiliation

Holding assets like Lido LSTs (especially post-DG) exposes the ENS Foundation to indirect liability:

  1. Voting Rights Activation: Exercising (or merely possessing) governance rights via held assets in an unwrapped DAO could deem the ENS Foundation a partner.⁷
  2. Economic Beneficiary Status: Significant economic benefit might support constructive partnership arguments.
  3. Cross-Jurisdictional Enforcement: Judgments against an unwrapped DAO (e.g., Lido) could be enforced against the ENS Foundation in its domicile (Cayman Islands) through a domestication of the foreign judgment under common law.

C. Governance Capture Risk: The Existential Threat

The most severe risk is governance capture. If the ENS Foundation is deemed liable for an unwrapped DAO’s actions (due to holding its tokens):

  1. A judgment is obtained against the unwrapped DAO.
  2. Plaintiff enforces against ENS Foundation as a “partner.”
  3. A court allows attachment of ENS Foundation assets, crucially including the >51% of $ENS governance tokens it holds.
  4. The creditor uses seized $ENS tokens to control ENS DAO governance and future protocol revenues.

With ENS DAO owning assets in protocols exceeding its own assets by many multiples, it is reasonably foreseeable a judgment now or in the future against any one of these protocols could exceed ENS’s total assets. Thus this unmitigated potential liability unnecessarily risks loss of control over ENS DAO governance.

D. The Ticking Time Bomb and Inescapable Past Liability

The current situation represents a ticking time bomb. Lawsuits against unwrapped DAOs can arise at any time, triggered by hacks, regulatory actions, or other unforeseen events. Each day that ENS DAO holds assets linked to unwrapped assets and/or governed by unwrapped DAOs extends its likelihood of exposure. Crucially, under the principle of joint and several liability for partnerships, liability attaches during the period of association. This means that even if ENS DAO divests risky assets like Lido LSTs now, it likely does not erase potential liability for the period it already held them if Lido DAO were later found liable for actions during that time. Liability, once incurred through partnership status, may be inescapable for past actions. This underscores the critical importance of this research and the urgency of mitigating ongoing and future risk accumulation immediately, while understanding that past exposure might persist. Failure to address these risks proactively simply allows the potential liability (and the complexity of defending against it) to grow.

V. Case Study: ENS DAO Liability Risk Profile (Revised Focus)

A. ENS DAO Structure and the Liability Bridge

ENS DAO utilizes the ENS Foundation for liability protection. However, the Endowment holds assets, including Lido LSTs and potentially others linked to unwrapped protocols and/or DAOs. Any such holding creates a potential liability bridge exposing ENS assets to the risks of associated unwrapped DAOs.

B. Liability Exposure Pathways via Unwrapped Assets

ENS DAO faces liability through its holdings linked to unwrapped DAOs:

  1. Direct Partnership via Token Voting: Holding tokens with current or future voting rights (like LSTs post-DG) in an unwrapped DAO is the primary vector for establishing partnership.⁷
  2. Judgment Enforcement: A judgment against an unwrapped DAO could lead to enforcement against the ENS’s assets via its connection through token holdings.
  3. ENS Governance Vulnerability: The critical risk is attachment of $ENS in DAO wallets, enabling governance capture.

C. Imminent Risk Escalation: Protocol Governance Changes (e.g., Lido DG)

The risk is actively escalating whenever underlying protocols change governance structures, as exemplified by Lido’s Dual Governance mechanism⁸ granting LSTs voting rights.⁹ This isn’t theoretical; it’s an active development transforming passive assets into potential governance instruments, directly triggering liability concerns highlighted by courts. This underscores the need for continuous monitoring and urgent mitigation before such rights are activated. Moreover, without ongoing monitoring consistent with this research, diversification of the Endowment seeking to minimize traditional risk counterintuitively increases this potential legal risk and threat to ENS DAO governance.

D. Historical Vulnerability Indicators

The DAO’s history of reactive legal cost absorption and suggests a vulnerability to both foreseeable and unforeseen legal risks, reinforcing the need for proactive identification and mitigation of legal risks.

E. Why ENS DAO is an Exceptionally Attractive Target for Judgment Collection

Consider a hypothetical scenario: A plaintiff secures a massive judgment (e.g., $1 billion) against Lido DAO due to a catastrophic failure. The plaintiff, under joint and several liability principles, can seek collection from any deemed “partner,” including potentially the ENS Foundation/DAO (due to its LST holdings). Even if other large LST holders or Lido contributors exist, the plaintiff’s counsel might strategically target ENS for several compelling reasons:

  1. Concentrated Control Asset: ENS DAO holds a uniquely valuable asset: over 51% of all $ENS tokens. This isn’t just monetary value; it represents controlling interest in the ENS DAO, its governance, its treasury, and crucially, its future revenue streams from domain registrations and renewals.
  2. Lack of Traditional Shareholder Protections: In traditional corporate law, creditors often face limitations like “charging orders,” which grant rights to distributions (dividends) but typically prevent the creditor from seizing the shares themselves, voting them, or forcing a sale, thus protecting corporate control. $ENS tokens, as governance tokens do not explicitly provide equivalent charging order protections under the law.
  3. Strategic Value Beyond Monetary Recovery: Seizing control of ENS DAO offers strategic value far exceeding the mere dollar value of the tokens needed to satisfy the judgment. A creditor could influence ENS policy, direct its treasury, or even liquidate protocol assets. This makes ENS DAO not just deep pockets that can satisfy a judgment, but makes ENS DAO an exceptionally attractive and strategic target for collection efforts, potentially prioritized over other liable parties who might only offer monetary compensation.

This hypothetical illustrates that the risk isn’t just about the value of the Lido LSTs held, but the disproportionate and existential threat posed by the potential seizure of ENS DAO’s core governance asset due to liability flowing from those LSTs.

VI. Comprehensive Mitigation Strategy Focused on Asset Risk

A. Immediate Risk Reduction: Assess and Divest Risky Assets

Given the clear, escalating, and potentially inescapable nature of liability from holding assets tied to unwrapped DAOs, immediate action is critical:

  1. Urgent Portfolio Review & Divestment: Conduct an immediate, thorough review of all Endowment assets. Identify all holdings linked to unwrapped assets and/or governed by unwrapped DAOs or protocols lacking clear legal entities, especially those with current or potential future governance rights. Direct Karpatkey to urgently liquidate high-risk assets, prioritizing those like Lido LSTs facing imminent governance changes (DG), within a defined, short timeframe (e.g., 30 days). This addresses the “ticking time bomb” by halting further accumulation of liability exposure, even if past liability cannot be erased.

B. Asset Segregation and Legal Wrapper Implementation

For any assets carrying residual risk deemed necessary to hold, segregation is key:

  1. Single Wrapper Approach: Creating a dedicated legal entity (e.g., subsidiary holding company) to hold Endowment assets to help isolate liability and limit liability to said assets protecting ENS DAO’s treasury and $ENS holdings.
  2. Multiple Wrapper Approach: Establishing distinct entities for each asset owned by the Endowment isolating risk and potential liabilities to a single asset. Based on the size of individual holdings and total Endowment this is a cost effective approach to risk mitigation.

These structures require careful jurisdictional analysis and should aim for robust liability protection.

C. Governance Standards for Risk Management

Formal governance standards are crucial to prevent recurrence:

  1. Strict Asset Review Protocols: Mandate regular audits specifically identifying exposure to unwrapped assets, protocols and DAOs. Maintain an inventory of the legal status of entities associated with all held assets.
  2. Revised Investment Policy Guidelines: Amend the investment policy to explicitly prohibit holding assets representing participation in unwrapped DAOs or carrying potential governance liability, unless held within structures offering robust, verified legal protection equivalent to the limited liability protections ENS Foundation offers $ENS holders.
  3. Proactive Legal & Protocol Risk Monitoring: Dedicate resources to continuously monitor legal developments and underlying protocol governance changes (like DG) that could alter asset liability profiles.

D. Proactive Legal Strategy Development

Develop proactive legal strategies:

  1. Legal Counsel Retention: Maintain relationships with counsel experienced proactively identifying and mitigating legal risks.
  2. Scenario Planning: Develop response protocols for risks and potential liabilities.
  3. Industry Collaboration: Participate and lead in efforts to establish clearer legal frameworks for DAO that protect DAO participants and token holders from risk of liabilities.

VII. Conclusion

The evolving case law classifying unwrapped DAOs as general partnerships poses a significant threat, particularly to the governance stability of DAOs like ENS holding associated assets. This risk extends beyond mere finances to potential governance capture via liability enforcement. The situation is a ticking time bomb, demanding immediate attention.

The risk applies to any ENS asset holding linked to an unwrapped DAO, with Lido LSTs serving as a critical current example due to the impending Dual Governance mechanism⁸ granting them voting rights. This change transforms LSTs from passive holdings into instruments of governance participation, potentially triggering liability under recent court precedents.

Therefore, a mitigation strategy prioritizing immediate, comprehensive review and urgent divestiture of high-risk assets (like Lido LSTs before DG activation) is paramount. This must be coupled with robust long-term solutions: potential asset segregation, strengthened investment policies prohibiting exposure to unwrapped entities without adequate protection, and continuous legal and protocol monitoring. Understanding ENS DAO’s unique vulnerability—where its core control tokens ($ENS) lack traditional protections and represent immense strategic value—makes proactive defense against this liability pathway an existential necessity. By taking decisive action now, ENS DAO can best shield its governance structure and uphold its fiduciary duties in a legally uncertain environment.

Footnotes

¹ ENS Documentation.

² Sarcuni v. bZx DAO, 664 F. Supp. 3d 1100 (N.D. Cal. 2023) (Order on Motion to Dismiss).

³ Id.

⁴ Id.

⁵ Samuels v. Lido DAO, No. 2:24-cv-08763-JVS-PVC (C.D. Cal. 2024) (Order on Motion to Dismiss).

⁶ Id.

⁷ Id.

⁸ Lido DAO Forum, "Dual Governance - Design and Implementation Proposal.” Dual Governance: design and implementation proposal - Proposals - Lido Governance (“The Dual Governance mechanism (DG) is an iteration on the protocol governance that gives stakers 1) a dynamic user-extensible timelock on DAO decisions and 2) a rage quit mechanism taking into account the specifics of how Ethereum withdrawals work.”)

3 Likes

As a follow up - 4 hours ago it was reported by Lido DAO that one of their Oracle addresses was compromised and drained, see Emergency rotation of compromised Chorus One oracle - Proposals - Lido Governance

This is just one example of an actual real world legal risk identified in my report where ENS DAO has unnecessary legal exposure to 3rd party liabilities, specifically Lido.

As detailed in my report, any party suffering a loss could file suit against Lido for damages, and potentially collect against ENS through domestication of a foreign judgment in Cayman Islands. ENS DAO has no limited liability protection for these specific assets outlined in my report.

My report has been reviewed and complimented by multiple attorneys, including a (US) judge and a Trump nominee for US Attorney prior to posting. I expect to hear back from kpk general counsel, but I can’t overemphasize that ENS DAO risk exponentially increase overtime through inaction.

2 Likes

Punks, there’s a lot here. I appreciate you taking the time to put this together, and I’m sorry that we haven’t seen the DAO respond sooner. As a fully decentralized protocol with fully decentralized governance, decisions that require immediate action are hard to effectively encourage.

It would be good to see a response from Karpatkey on this. Your analysis is solid and raises important points. The DAO’s investment managers and legal experts should weigh in so the DAO’s delegates can make informed decisions about how to address these potential risks.

2 Likes

I understand. This risk isn’t as straightforward as a potential bad actor acquiring $ENS sufficient to pass a DAO vote uncovered by blockful’s great work - this risk requires some specialized knowledge of limited liability protections, international law (domestication of foreign judgments in Cayman Islands), and the ever evolving regulatory framework/case law.

I want to re-acknowledge I have been in communication with kpk from the research phase of my work to pre-publication. kpk has been tremendously helpful, demonstrating why they have a reputation as an industry leader, including their reputation for risk management. While legal risk like this is outside the scope of their duties and thus risk monitoring, they were quick to confirm understanding of the scope of the impact following review of my work and request review by their GC.

1 Like

Agreed - and for the full avoidance of doubt, my post was in no way meant to highlight KPK in any negative way.

Karpatkey is, and has always been, an excellent partner to the ENS DAO, and the level of service they provide is second to none. :trophy:

That said, concepts like this benefit from all the DAO’s various subject matter expert’s sharing their opinion. Most delegates in the DAO probably don’t have the background to be able to evaluate this accurately.

The CTA here is for anyone with expertise to chime in.

2 Likes

Thank you for bringing this to our attention, @ENSPunks.eth. We appreciate and recognize the well-thought out concerns you detailed about third-party governance activities that could result in potential DAO liability.

We want to be clear that we do not provide legal advice to ENS DAO. Our role is to provide non-custodial management and oversight of the ENS Endowment in line with the mandate and investment policy put forward by DAO. This aside, we are comfortable making comments that reflect how we assess the risk from our perspective as a treasury manager.

With regard to the LidoDAO-concerns you raised, our understanding is that before any risk would materialise:

  1. LidoDAO needs to do something, or not do something, which causes damages for which its governance participants could subsequently be held liable, based on general partnership rules or similar in another jurisdiction;
  2. An aggrieved party would have to file a lawsuit in another jurisdiction that applies the general partnership rules to unwrapped DAOs;
  3. That lawsuit would have to result in a judgment against the LidoDAO and its participants; and
  4. the foreign court judgment would need to be domesticated and then enforced against ENS Foundation in the Cayman Islands; and,
  5. obviously, the Dual Governance proposal needs to be approved.

We continuously monitor these and other developments relevant for our activities and always welcome additional insight from the community.

With regard to next steps, we understand that others are looking into the issues you identified and if the DAO wishes to enact policy to de-risk through divesting from any certain asset, we would welcome an amendment to the Investment Policy Statement. At the present time, kpk does not have a bounty program for this type of initiative.

We believe the points raised are important considerations for unwrapped DAOs in general, in particular where their governance is extended to holders of tokens that were initially not conceived to have governance rights.

We appreciate the time and effort involved in presenting your concerns.

5 Likes

Just offering a perspective here that’s more academic in nature—meant to help us think through potential scenarios, not to suggest any immediate risk or action.

First, in the interest of long-term preparedness, how might the DAO begin to build clarity around how it would respond if drawn into litigation? Even if unlikely, having some understanding of process or precedent could help frame future governance decisions.

Second, aside from the concerns already raised in this thread, are there any other notable vectors—technical, governance-based, or otherwise—that might represent areas of exposure for the DAO?

No public response is necessary—given the potentially sensitive nature of these topics, feel free to respond via DM or not at all. Just putting this out there for consideration as part of the DAO’s broader effort to think critically and responsibly about risk.

1 Like

Thank you for the thoughtful response.

I think this is generally a fair summary for liability - though for the non-lawyers & DAO it may be too abstract to help evaluate the reality of the exposure and risk so maybe the following will be helpful:

Imagine ENS is a car, the driver is the DAO and car insurance is limited liability protection.

The driver (DAO) has insured the vehicle (ENS) so if there is an accident the driver is protected. However, by merely owning a certain token, the driver (DAO) has accepted risk liability for a 2nd driver and their car which is uninsured. The DAO has no control over the 2nd driver, and this driver has already been in one accident and is being sued. Within 2 weeks of publishing my risk report, the 2nd driver was in another accident.

While it’s true for the DAO to be liable, there must be an accident, lawsuit, domestication of judgment - but the risk and exposure materialize way before the accident even occurs. The risk and exposure materialize at the point the DAO accepted potential liability for the 2nd uninsured driver. Although the DAO has not been pursued for the liability of the 1st two accidents, by the time the accidents occur there is no escaping the potential liability.

Yes, that is my understanding and I am awaiting further communication. While I am a lawyer, I am not the DAO’s lawyer and not giving legal advice - just providing independent research and mitigation with respect to a threat to DAO governance and assets.

Ultimately the DAO must determine their own risk tolerance now that they are aware, but I think your welcoming an amendment to the Investment Policy Statement is prudent and consistent with my proposed mitigation strategy.

Understood, and while my work is broadly applicable to DAOs as you stated, it is tailored specifically to ENS’ assets and risks, and I performed this work directly because the ENS DAO precedent supporting and compensating blockful for their independent and unsolicited research identifying and mitigating another governance threat and risk to DAO assets estimated at ~$150M whereas the risk identified in my work is an order of magnitude higher and encompasses all ENS assets.

2 Likes

Disclaimer: Not a lawyer.

Appreciate the effort and thought you’ve put into this @ENSPunks

Could you provide sources here?

This is obviously not ideal, but building technology in a new and emerging market means that there is going to be new legal surface area that needs consideration.

Is this still not the case?

This is interesting. I’ve requested it in a separate context, but I’d like to see the DAO provide public clarity, likely through legal counsel, exactly what the relationship between the Foundation/DAO is.

But the ENS DAO is wrapped?

Even if we gain those rights, we are not using them.

participation being the crucial thing here, no?

Noting again that I am not a lawyer, this seems highly unlikely though? The impression that I get is that with emerging legal stuff if you act with good intent, and collaborate with lawmakers to create the appropriate legal landscape then people are generally friendly.

The DAO through its legal entity, The ENS Foundation obviously needs legal council. I believe they do have legal council but perhaps Metagov or Foundation directors could clarify?

Agree. Would also like to see clarity on the DAOs positioning here.

I think there is a clear distinction here, namely that the vector blockful pointed out could be acted upon by a well resourced malicious actor then and there. The risk of loss was large, and immediate. Noting the disclaimers above, I do not believe that this is the case here - there is a lot of ifs, coulds, and general hypotheticals in the description of this vector.

That said, I am extremely appreciative of your effort here. My personal crux takeaway is that I’d like to see the DAO clarify on their legal position and approach - posts like this should probably have official legal responses.

Pinging Metagov stewards: @5pence.eth @daostrat.eth @alextnetto.eth
Pinging Foundation directors: @AvsA @nick.eth @validator.eth

2 Likes

Sorry looks like I didn’t include the links in the footnotes to the respective court orders, links below if you have any issues I can send you copies:

² Sarcuni v. bZx DAO, 664 F. Supp. 3d 1100 (N.D. Cal. 2023) (Order on Motion to Dismiss).

⁵ Samuels v. Lido DAO, No. 2:24-cv-08763-JVS-PVC (C.D. Cal. 2024) (Order on Motion to Dismiss).

Correct, this is exactly why the DAO should NOT willingly and knowingly subject itself and its assets to risk of 3rd party lawsuits and liabilities.

The law is constantly evolving, but the recent case law provides meaningful legal precedent which should inform the DAO in equally meaningful ways to perfect its legal protections in such an uncertain legal environment.

This is where I think there is the most confusion - yes ENS DAO has a “legal wrapper” and so $ENS token holders receive limited liability protections provided by the Foundation. However, ENS DAO is a token holder of one or more assets that don’t provide any limited liability protections to ENS DAO. Thus, the very same legal protections and standard $ENS tokens holders get from ENS DAO are being waived for the ENS DAO itself. My diagram is intended to help visualize this breakdown and my proposed mitigation (green = legal wrapper/limited liability protections & red = no legal wrapper/potential liability)

This gets very nuanced. The two courts are split: 1) in bZx DAO case the court ruled any holder of the DAO token is jointly and severally liable for the unwrapped DAO (nothing further required); 2. In the LidoDAO lawsuit the Court’s initial ruling was more limited to participants and investors - but the court made very clear nothing in that ruling would prevent the plaintiff from seeking joint servals liability against additional DAO members following discovery. Generally in risk management you would not hope for the best, you would plan for the worst, particularly where ENS is risking its entire treasury & governance/protocol capture and the mitigation is zero cost (divest the risky assets) or otherwise extremely cost effective in light of the risk by using holding companies (legal wrappers) to isolate risky assets from the greater DAO treasury.

Unfortunately joint and several liability in this context has nothing to do with intent or being friendly. Joint and several liability within the context of partnership law is well established - anyone deemed a general partner - any token holder in the bZx case - can be liable for 100% of the damages caused by the bZx exploit.

Edited with a generated comparative analysis:

enspunks Risk: Legal Liability as a Governance Threat

  • The risk is immediate: ENS DAO’s exposure to joint and several liability exists now, simply by holding assets in protocols like Lido without proper legal wrappers.
  • If an adverse event occurs—such as an exploit or legal action—liability could be imposed instantly and retroactively, with no opportunity to mitigate the risk for past exposures.
  • For example, approximately two weeks after the legal risk research was published, Lido’s pricing oracle wallet was exploited due to a compromised private key, resulting in a loss. This type of event could trigger joint and several liability for ENS DAO, even though ENS DAO had no involvement or fault.

blockful Risk: Malicious Proposal as a Governance Threat

  • This risk is also immediate and ongoing: as long as governance vulnerabilities remain, a malicious actor could exploit them at any time by accumulating enough voting power to pass proposals.
  • The result could be draining the treasury and a takeover of DAO governance and control.
  • The risk can sometimes be cured if detected early and votes can be accumulated to defeat the bad actor, but once executed, the impact is severe and often irreversible.

Comparison Table

Risk Report Immediacy Trigger Event Can Be Cured After Trigger?
enspunks Immediate (exposure exists now) Protocol exploit, lawsuit, regulatory action No, creating even greater urgency to cure now.
blockful Immediate (vulnerability exists now) Malicious proposal, vote attack Sometimes, if detected early and votes can be accumulated to defeat bad actor

Both risks are immediate governance threats to ENS DAO. The legal risk is a “ticking time bomb” that can only be mitigated before an adverse event, while the malicious proposal risk is an ongoing threat requiring constant vigilance and robust governance safeguards. Both must be addressed proactively to protect ENS DAO’s governance and treasury.

1 Like