--- # System prepended metadata title: 'Verifiable DAO Proposal Risk Agent: from “trust the dashboard” to “verify the vote”' --- # Verifiable DAO Proposal Risk Agent: from “trust the dashboard” to “verify the vote” DAO governance has a trust problem hiding in plain sight: voters are asked to approve executable bytes they rarely have time, tooling, or context to inspect. A forum post may say, “raise a supply cap.” The actual payload may also touch an oracle, introduce a new dependency, transfer an admin role, or change a bridge configuration. For most voters, those details are buried inside `(target, value, calldata)` tuples and protocol-specific contracts. Existing dashboards can simulate proposals, but the voter still has to trust the dashboard operator, its database, and its domain name. That is the wrong trust model for decisions that move protocol risk. ## The problem today DAO proposals are increasingly complex. A single governance action can touch risk parameters, proxy implementations, oracle sources, treasury approvals, and cross-chain execution paths. The higher the complexity, the harder it becomes for voters to answer the basic question: **what will this proposal actually do if it passes?** The current process has three major gaps: 1. **Human-readable descriptions can drift from executable payloads.** A proposal title and forum post are not the source of truth. The calldata is. 2. **Simulation tools are often centralized.** A green dashboard is useful, but it is still a claim made by a service operator. 3. **Voting windows are short.** Voters need a fast, reproducible signal before the window closes, not a post-mortem after execution. In other words, the governance system is decentralized, but the analysis layer that informs votes is often not. ## The DAO Risk Agent solution The Verifiable DAO Proposal Risk Agent turns proposal review into a deterministic, signed verification pipeline. Given an Aave governance proposal URL or supported Snapshot proposal URL, the agent: - resolves the actual executable payload; - decodes calldata using verified ABIs from Etherscan or Sourcify; - forks mainnet at a deterministic proposal lifecycle block; - simulates execution locally with Anvil; - snapshots important protocol state before and after execution; - builds a structured state diff; - runs a versioned YAML ruleset over that diff; - classifies the proposal as `SAFE`, `WARNING`, or `CRITICAL`; - emits a canonical JSON report; and - signs the report hash with the agent identity. The output is not just a screenshot or a mutable dashboard page. It is a verifiable artifact. Anyone can recompute the canonical report hash, recover the signing address, and check that the report was produced by the expected agent under the expected ruleset and watchlist. This changes the review conversation. Instead of asking, “Do we trust this website?”, voters can ask, “Does this signed report match the payload, block, ruleset, and agent identity we expect?” ## Why this matters for DAOs The agent is designed for the kinds of changes that create real protocol risk: - admin or owner role transfers; - proxy implementation upgrades; - oracle source changes; - liquidation-threshold changes; - large supply or borrow cap changes; - timelock-delay reductions; - treasury transfers or approvals; - new dependencies outside the known watchlist; and - bridge, DVN, or multisig configuration changes. These are exactly the changes that can hide inside ordinary-looking proposals. The DAO Risk Agent does not replace human governance review; it gives reviewers a forcing function. It surfaces concrete state changes that humans can debate before voting. ## How EigenCloud helps EigenCloud, through EigenCompute, supplies the trust layer this kind of agent needs. Running the agent on EigenCompute means the critical simulation and signing path can be tied to an attested container, an app wallet identity, and an operator set backed by EigenLayer economic security. The report is no longer merely “hosted by someone.” It is produced by a specific container image, signed by a specific agent identity, and inspectable through EigenCloud’s verification surface. EigenCloud helps in four practical ways: 1. **Container attestation** — voters and integrators can connect a report to the code image that produced it. 2. **App wallet identity** — reports are signed by the agent identity, not by a random server key controlled by an operator. 3. **Operator-set redundancy and economic security** — the trust model moves away from a single centralized operator and toward EigenLayer-backed execution. 4. **Agent-native infrastructure** — the agent can use EigenCompute deployment, persistent storage for reusable artifacts, and EigenCloud’s AI gateway for optional plain-English advisory notes without making those notes part of the signed report. The signed report remains the source of truth. Optional IPFS artifacts, registry anchors, UI summaries, and LLM advisory text are useful context, but they do not change the canonical report hash. ## From governance dashboards to governance evidence The goal is not to make every proposal automatically safe. No ruleset can catch every future attack. The goal is to make trust explicit. A voter should be able to see: - which payload was analyzed; - which block was used for simulation; - what changed before and after execution; - which rules fired; - which agent signed the report; - which ruleset and watchlist were used; and - whether the signature still verifies. That is the difference between a dashboard and evidence. DAO governance needs more than readable proposal descriptions. It needs verifiable risk analysis that survives adversarial conditions, short voting windows, and operator trust assumptions. The Verifiable DAO Proposal Risk Agent is a step toward that future: proposal review that is deterministic, signed, and built for decentralized trust. ## Links - Public URL: https://verifiable-proposal.vercel.app/ - GitHub URL: https://github.com/megabyte0x/verifiable_proposal - Eigen Cloud Dashboard URL: https://verify.eigencloud.xyz/app/0x73e33474CccFda5D64160804F94F7DE0C2c85d69