The Internal Operating Procedures for Phase 0 of the Security Council have been finalized. They are now under review by the legal team of the Foundation. Once the review is finished, I will update this post to include the Internal Operating Procedures.

Optimism Security Council — Public Operating Procedures

As set out in the Security Council Charter (the “Charter”), the immediate goal of the Security Council (the “Council”) is to turn admin keys for OP Mainnet, and eventually, all OP Chains in the Superchain, over to a public, decentralized set of individual actors (“participants”) accountable to Optimism Governance.

These Public Operating Procedures (the “Procedures”) supplement the Charter. The Procedures provide additional information on the processes that Council participants will endeavor to follow in the course of the day-to-day internal operations of the Council. This includes procedures relating to:

• Composition – the current composition of Council participants and their Cohorts.
• Communication – how Council participants communicate among each other and with Optimism Governance.
• Coverage – procedures for operational continuity when one or more participants are unavailable.
• Conflicts – how interpretative conflicts between the Procedures and the Charter should be resolved.
• Changes – how the Procedures may be modified from time to time.

Notably, the Procedures explicitly do not (except as specified in “Communication with Optimism Governance” and “Liveness Checks” below) cover specific practices relating to upgrade key management and use. As stated in the Charter, for security purposes, the details of those additional procedures will be developed, but remain private, among the Council.

Composition

There are 15 participants currently on the Security Council. The participants are:

• 14 key holders, appointed to either Cohort A (12 month term) or Cohort B (18 month term); and
• A Council Lead, who is not a key holder.

The term of each participant will commence upon the launch of Security Council Phase 0. The key holders for each Cohort are:

• Cohort A
  • [Individual] Kris Kaczor (Phoenix Labs)
  • [Individual] Layne Haber (Connext)
  • [Individual] Jon Charbonneau (DBA)
  • [Individual] Alejandro Santander (Independent, former Synthetix)
  • [Individual] Mariano Conti (Independent, former MakerDAO)
  • [Individual] Martin Tellechea (The Graph Foundation)
  • [Individual] Yoseph Ayele (Borderless Africa)
• Cohort B
  • [Entity] OP Labs PBC
  • [Individual] Yoav Weiss (Ethereum Foundation)
  • [Entity] Test in Prod
  • [Individual] Kain Warwick (Synthetix)
  • [Entity] Coinbase Technologies, Inc. (Base)
  • [Individual] Elena Nadolinkski (Ironfish)
  • [Entity] L2Beat

The Council Lead is alisha.eth.

The Council Lead will ensure the above list is kept current as new participants are added and removed from the Council.

Communication

• Communication with Optimism Governance.
  • Regular Updates. The Security Council will publicly communicate with Optimism Governance by posting in the Security Council Communication Thread (available ) after the following actions are taken:
    • The Security Council has completed signing an upgrade.
    • The Security Council uses its emergency powers.
    • The Security Council does not enact a valid Governance-approved outcome.
  • Ceremonies and rehearsals. The code for all ceremonies and rehearsals will be done in public, and posted to the Optimism Github repo, unless intervening factors lead the Council to determine that confidentiality is needed in a given instance.
  • Retrospectives. As appropriate, and consistent with the Charter, the Security Council should endeavor to communicate with Optimism Governance via periodic in-depth retrospectives describing (a) its onchain actions, especially when involving the use of the Council’s emergency powers, and (b) from an internal operations perspective, what is working and what could be improved. In general, the Council should aim to provide at least one high-level retrospective (evaluating overall performance, as opposed to specific signing decisions) every other Season of Optimism Governance.
• Communication among Council participants.
  • Group chat. Council participants will communicate internally via a group chat, which will be the primary channel for communication within the Council. The Council Lead will designate the group chat that will be used for this purpose, as well as the platform the group chat is hosted on. For security purposes, the platform used to host the group chat should be end-to-end encrypted by default and ideally, not collect personal data.
  • Monthly and ad hoc calls. Council participants will attend regular calls, approximately monthly, and any additional, ad hoc calls that are reasonably required to address significant, more immediate needs (including, for example, emergency response measures). If a call is missed, the participant will review all notes or meeting materials that are made available by the Council Lead. The Council Lead will schedule the calls, implement procedures reasonably designed to ensure that the identity of all call attendees is verified prior to commencing any call, and, in its discretion, compile and retain appropriate meeting materials and notes.
• Retention. Council correspondence will be retained according to internally defined schedules designed to optimize for security and minimize the risk of data breaches compromising Council operations. These schedules will not, however, apply to official correspondence between the Council and Optimism Governance, which by its nature is public and should be retained indefinitely / as necessary to facilitate Collective continuity.

Coverage

• Temporary unavailability.
  • Where a Security Council participant anticipates being temporarily absent or unable to perform its role for whatever reason, such as limited or no internet access, the participant should give notice to the other participants in the Security Council group chat prior to becoming unavailable. The participant should then only become unavailable for reasons under its control once it has reasonably satisfied itself that the unavailability will not critically undermine the Council’s ability to function as otherwise intended.
  • Where the Security Council Lead is temporarily absent or unable to perform its role, the role will be temporarily performed by the first key holder to volunteer in the Security Council group chat. If no key holder volunteers, or the absence / inability would otherwise extend for a significant duration, the Foundation will appoint an interim Council Lead to do so.
  • Where a Security Council key holder is temporarily absent or unable to perform its role, the other key holders can continue to operate in the ordinary course. If the absence / inability would otherwise extend for a significant duration, the Council can rely on Liveness Checks or Optimism Governance to initiate the removal and replacement of that key holder.
• Liveness checks. Key holders will be required to complete a liveness check approximately every three months. The liveness check will require each key holder to undertake onchain action to demonstrate it controls and is able to access its keys. Failure to respond to the liveness check may result in the removal of the key holder from the Council.

Conflicts

In the event of conflict between the provisions of the Procedures and the Charter, those of the Charter will control.

Changes

The Council Lead may update the Procedures periodically subject to internal consultation and approval by the requisite Council participants. Upon updating the Procedures, the Council Lead will notify Optimism Governance via the Security Council Communication Thread.