How to make it easier for the community to audit the CFC?

Michi sent me a DM on Telegram. To me it illustrates some of the challenges the community is having with trying to audit us CFC folks.

Below is his message to me.

Summary

some basic questions about the fund. imho, the fund should be as transparent as possible.

-how much FIRO is in the community fund at the moment and where is it located?
the payee adress holds 9931 FIRO right now, reuben said we have 13875 total right now, so around 4k are anoymized. it would be most transparent to put them all back in normal non hidden official adress.

-on what poposals the money has got spend in the past?

it total received 30146 FIRO, so we spend around 16k already. i asked lucas about it, he wrote me:

"Alright, so I havenā€™t heard back from Reuben regarding it just yet so I may be off the mark.
So the address for the Firo community fund is here: Insight

If Iā€™m understanding as well as I hope I am understanding, there has been a total of 27,622.3805 Firo. 19,944.8805 ā€œSpentā€, and 7,677.5 transparent. Now the spent will include the anonymized because you sent it to be anonymized.

English Community Manager - 859.1 FIRO
Philippines Communtiy Manager - 100 FIRO
Masternodes.online - 200 FIRO
Pancakeswap liquidity pool - 10000 FIRO

Total: 11159.1 FIRO actually used so far. I think. I may have missed something.

So therefore of the spent there is 8,785.7805 anonymized. So adding that and the transparent balance we have 16,463.2805 Firo?

Take a grain of salt with this, I may be wrong. I havenā€™t been able to reach any of the guys to get feedback and confirm. Admittedly, I havenā€™t followed that part of the CF closely and the explorer is typically out of my wheel house haha."

ā€œI already noticed a mess up on my end lmao. For CM English proposal it is ā€œ2,692.43ā€ since it covered June and back pay, and then a second payment for July.ā€

so i guess when we add up lucas salery to the 11159.1 FIRO, we get the total spend amount. This should be: total received 30146 minus the 13875 FIRO we have left Reuben mentioned in the CFC Channel, ~16k.

imho, we should start to track that data and make it public for everybody. people are quite sceptical if a project use their block reward to fund something you cant rly track. and i cant see any argument to not make this public. so you can say to a newcumber: look, the fund reveived this amount, we spend it at this specific projects and this is the rest. down to the penny.

next and final topic is the control of the fund adress. right now i guess the team, so reuben, has control over it what is totally fine atm. i highly trust him. netherthenless shouldn`t it be controlled by a single entity in the long run.

i`m not sure how to solve this. mby make the fund adress a multi-sig adress with several keys? How much CFC members there are? 5? Make a 4 out of 5 multisig so we need 4 ayes to move funds. with some time lock mby to make it a 3 out of 5 after a period of time to avoid a freeze of the adress if 2 keys get lost or have bad intesions.
A real community fund should be controled by the community, in this case by the commetee.

i know this questions are nasty. im just thinking out loud and hope to get some other opinions. if you think im way overthinking it, i`m fine this this response, too.

Have a good one, cheers! :vulcan_salute:

Below is my reply.

Summary

Hey Michi

Firstly the questions are not nasty, and Iā€™m happy you took the initiative to ask these questions. I agree the fund should be as transparent as possible and easily auditable by the community.

Due to the error and subsequent correction with Lucasā€™s first payout, Iā€™m uncertain if the FCS system payout figures show 100% correct values. https://funding.firo.org/
There may possibly be limitations of the FCS system Iā€™m unaware of. However below are the figures I worked out and for my calculations I assume the system is showing 100% accurate figures.

Total Received = 30,164.2545398
Current Balance = 9,948.74

Paid out projects:

  • Firo English CM = 3823.66 FIRO

    • 1833.33 FIRO sent 2022-07-15
    • 859.1 FIRO sent 2022-08-08
    • 1131.23 FIRO sent 2022-09-02
  • masternodes.online 200 FIRO

  • Funding FiroDex Liquidity Pool 10,000 FIRO

  • Firo Philippines CM 100 FIRO

Total paid out on projects = 14,123.66

Taking these figures into account and assuming the FCS system reflects correct payout amounts, I get the following for the total anonymized coins.

Total received (30,164.25) - Current Balance (9,948.74) - Total Paid (14,123.66)A = Anonymized Balance of 6,091.85 FIRO

As for how to make audit-ability easier and more convenient for the community. I donā€™t know the best way forward and would defer that to the community to make suggestions and offer feedback if the current solution is insufficient. Perhaps something like a publicly viewable read-only spreadsheet/ledger could be a solution such as a google docs spreadsheet. We could link to this document directly from the Firo.org website. To the best of my knowledge however this solution lacks automation. This would leave the question of added administration, and who is to take on that burden. In my opinion maybe Lucas, being highly dependable, would be well suited for this task should the community and or other CFC members decide on such a solution. This assumes Lucas wouldnā€™t become over-burdened. If more duties are added to Lucasā€™s responsibilities as time progresses, maybe we could lighten his load by adding more community volunteer moderators?

Regarding keeping the CFC fund transparent. There may be a case to use community block rewards to increase anonymity sets, at least until spark is released. However as your message indicates, there is a desire for absolute transparency of the CFC. On balance I would say itā€™s better to keep funds 100% transparent in my opinion.

Lastly as to your point of who controls the CFC wallet. Right now the only option that makes sense in my opinion is that it remains in control of Reuben. To add other parties such as CFC members would actually introduce additional counter-party risk. This assumes CFC members have less trust than Reuben, which I think is obviously the case considering we have MUCH less history and havenā€™t demonstrated anywhere near the same level of commitment at this point in time
.
However longer term I think a multi-sig wallet probably a good solution at some point. I think we should also have contingency plans in place should there come a time Reuben is for whatever reason unable to continue being project steward.
A multi-sig wallet solution would require CFC members who are responsive, dependable and worthy of community trust. Perhaps signatories could include a combination of dev+cfc members as a way to minimize risk.

Maybe we could all brainstorm as to how we can make it as easy as possible for the community to audit the CFC. I was thinking maybe some kind of link to an online ledger/spreadsheet could be useful. Perhaps a single place that shows all outgoing transactions with address info, project name. Also show the current total wallet balance at the time of updating the spreadsheet. Perhaps the spreadsheet only needs to be updated once per month.
Another question Michi raised was regarding keeping the entire CFC balance that isnā€™t funding a project transparent.

@everyone #CFC

1 Like

How much FIRO is in the community fund at the moment and where is it located?

This is the main address but doesnā€™t count anonymized.
https://explorer.firo.org/address/aFA2TbqG9cnhhzX5Yny2pBJRK5EaEqLCH7

The main reason why I have been anonymizing is because due to the really small amounts, input selection and the wallet is extremely slow to the point we cannot send any amount out unless we manually select coin inputs. Somehow Lelantus anonymization works to consolidate this.
However we are already working to identify the issue on why transparent funds coin selection is like this. I plan to transfer it back to the transparent address so everyone can see the balance soon but we are troubleshooting this wallet so I donā€™t want to interfere with this process.

On what Proposals has the money been spent on in the past?

and

Note that the Pancakeswap liquidity is not ā€˜spentā€™ and held in a LP position. You can always see the current status of this position here.

Who controls the address?

Me and one other long term core team member has access to the seed for this. This is not ideal in the long term and Iā€™m open to ways to make it better. The reason it is the way it is currently is:

  • CFC members change and if there is any change of members, a hard fork is required to change the address. I have yet to figure out a neat multi-sig solution for this.
  • All expenditure is being disclosed along with regular reports of balances. This will be even easier to track once the small UTXO issue is resolved and can be looked up directly on the explorer. If I act improperly, I am jeopardizing my reputation and the project. Note there will be small differences due to fees used for sending, consolidating UTXOs etc.
  • The amounts we have arenā€™t large enough to use custodians for this which will incur additional cost AND thereā€™s risk as well if the custodian suddenly decides to seize for whatever reason.

I am totally for the creation of this ā€˜overviewā€™ page but would need to be lead and developed by someone other than the core team as we donā€™t really have the funds or spare capacity for it right now. Weā€™re heads down focusing on Spark and Elysium along with mobile wallet stuff. The current page was created by Cypherstack so perhaps they can be of assistance. The whole page is open source anyway.

2 Likes

All the tiny UTXOs have been consolidated and placed back into the main Community Fund address:
https://explorer.firo.org/address/aFA2TbqG9cnhhzX5Yny2pBJRK5EaEqLCH7

Funds sitting in the FCF is about ~13750 FIRO. Not inclusive of the existing liquidity in Pancakeswap and those already in the funding page.

2 Likes