Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only. T&Cs apply

Find out more

Tool safety

Explanation of potential risks involved with DAO tools
person sitting at computer looking at phone with padlock
© RMIT 2023

DAO tooling is an extremely important part of the DAO ecosystem, and many developers have created innovative ways to solve issues experienced in the ecosystem. However, these tools are very new in the industry and yet to be put to the test at scale. You may run into a number of challenges when using DAO tools – these could relate to security concerns, constraints on interoperability, and the potential limitations of “one size fits all” tools that might not be fit for purpose in your DAO. This step flags what to look out for when using various DAO tools and explores how you might mitigate some of their risks.

Security concerns

There are some security concerns around using DAO tooling, and around certain communications and coordination tools like Discord, Slack, Google Drive, Zoom, Notion and Github. They are great tools that offer a community a free, accessible way to communicate and coordinate through an intuitive user face, but they can pose a risk to information security, permission management, bot detection and ensuring hosted meetings are secure. Tools liek Notion and Google Drive work well for small teams but once your DAO grows, it can be difficult to ensure security at scale. DAOs generally don’t have secure ‘company’ emails to serve as barriers to malicious actors. Tools like Discord and Telegram, for example, can be overrun with bots and without gating or other verification mechanisms communities can be targeted by malicious actors running scams or social engineering attacks.


DAO tools are built to solve an issue or streamline processes for these new organisations. These tools work well to perform the task they have been programmed to do but often the outputs that these tools create will need to be input into another tool. For example, Coodinape informs the DAO on how much each user should be compensated for their work. In order for DAO contributors to be paid, the transaction data will typically need to be manually input to the DAO’s multi-sig wallet.

This also applies to voting on-chain. If an on-chain vote about the release of treasury funds is carried out and teh proposal passes, the funds won’t automatically unlock. Instead, this will need to be manually executed by a DAO member before all contributors on the multi-sig wallet can sign the transaction and transfer funds to the relevant party.

In this early stage of DAO evolution the level of interoperability between DAO tools is low, which means many tasks still have to be done manually. This creates what we call “manual buffers” between tasks. These manual buffers increase the risk of human error, opportunity for malicious actions, and generally slow teh completion of a range of important tasks. In order for DAO tooling to provide more utility and security, there will need to be greater (easy) interoperability between DAO tools.

One Size Fits All

Many current-generation DAO tools are built as one-size-fits-all models, leaving DAOS with little scope to customise acording to their needs. This can limit the functions of DAOS that have new or ‘unconventional’ forms, or DAOs that grow faster than the capacity of the tools to adapt. To illustrate – Coordinape requires members to delegate an amount of tokens to each contributor based on how much value they have created for the project. As a team scales up, contributors might not connect with each other very frequently, so it can be difficult to fairly assess individual members’ contributions. Platforms such as Aragon (for example) are trying to solve this issue by creating an ecosystem of interoperable tools that provides DAOs with the flexibility to create a system that fits their individual needs.

However, due to some tools one size fits all it doesn’t fit unique team configurations or large teams scaling. This example shows some of the limitations that a one-size-fits-all tool design can have for DAOs.

In this step we have outlined some of the risks and limitations with current DAO tooling. It is important to note that DAO tools are nascent in nature and provide a lot of utility to the ecosystem that wouldn’t be possible without them. Additionally, as the industry matures, these issues will undoubtedly be resolved. However, for now it is important to be aware of these issues when interacting with DAOs in the ecosystem.

© RMIT 2023
This article is from the free online

Introduction to DAOs: Decentralised Autonomous Organisations

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now