Sharing the blog post that came out this morning announcing the Security Council. Feel free to read the full blog post in the link above. Below, I copied the relevant portion.
Introducing Scroll Security Council
Today, we are excited to announce the launch of the Scroll Security Council, marking another significant milestone in our journey toward greater decentralization for the Scroll protocol.
The Security Council acts as a decentralized governance body responsible for overseeing protocol upgrades, emergency responses, and other critical decisions that affect the Scroll ecosystem. Its primary goal is to safeguard the security and integrity of the Scroll network.
Core Duties and Responsibilities
The Security Council is composed of 12 members from different organizations and diverse geographic locations. This Council controls a 9 of 12 multisig that can perform the following key actions:
- Routine protocol upgradesIn normal circumstances, protocol upgrades are first proposed and reviewed in the governance forum, followed by a vote and approval from the Scroll DAO. Afterwards, the Security Council reviews the voting outcome and executes protocol upgrades onchain.
- Emergency protocol upgradesDuring emergency situations, the Security Council is responsible for making time-sensitive decisions and can bypass the governance process to implement emergency upgrades with no delay.
- Full admin controls over the governance systemThe Security Council serves as the admin to the Governance contracts. It holds the ability to modify or intervene in the governance process when it is necessary to ensure the correctness and safety of Scroll governance.
Security Council Members
The initial 12 Security Council members are thoughtfully selected based on their technical competency, reputation within the Ethereum community, and geographic diversity. We have also ensured that no more than two members are from or affiliated with the same organization.
The members of the Security Council are divided into two cohorts, Cohort A and Cohort B. Cohort A shall have an initial term of 18 months, with subsequent terms of 12 months each. Cohort B shall serve 12-month terms initially and in subsequent cycles.
Cohort A
- Haichen Shen (Up Labs): co-founder of Up Labs, leading the design and development of Scroll protocol and zkEVM circuits.
- L2BEAT: a leading research and analytics platform that offers in-depth analysis analysis on security, risks, and adoption of Ethereum L2 protocols and bridges, and advocates for higher security standards across the L2 ecosystem.
- OpenZeppelin: a leading provider of comprehensive security solutions, offering battle-tested solidity libraries, auditing services, and automated security tools to blockchain applications. They have audited Scroll’s bridge and rollup smart contracts.
- Péter Garamvölgyi (Up Labs): the protocol lead at Up Labs, leading the protocol design and node implementation of Scroll protocol.
- Yoav Weiss (Ethereum Foundation): a security researcher at the Ethereum Foundation, has been actively contributing to the Ethereum ecosystem since 2017, including account abstraction (ERC-4337), OpenGSN, Layer 2 security, etc.
- Zellic: the security firm with deep expertise in blockchain security and cryptogrpahy, led by the best hackers in the world; also a founding member of the Security Alliance (SEAL). They have audited Scroll’s smart contracts and zero-knowledge circuits.
Cohort B
- 0xRajeev (Secureum): founder of Secureum and TrustX where he dedicates his time to scaling Ethereum security. During his 25 years in the security industry, he previously worked as a security researcher at Spearbit and collaborated with many leading security projects.
- Fredrik Svantes (Ethereum Foundation): the Protocol Security Research Team Lead at the Ethereum Foundation, experienced in red and blue teams, building and running a SOC, as a security architect, and as a CISO.
- Gauntlet: the leading model provider in crypto, building optimization data-driven strategies for tokens, protocols, and chains.
- Lefteris Karapetsas (Rotki): founder of rotki and a seasoned blockchain developer, known for his contributions to Ethereum’s early Solidity and core client development, the DAO, and the Raiden Network.
- Leo Alt (Powdr): co-founder of Powdr Labs and former formal verification lead at the Ethereum Foundation, specializing in security and performance.
- Shield3: a security and compliance platform dedicated to strengthening the security foundation of Web3 organizations through comprehensive incident response preparation; a founding member of the Security Alliance (SEAL) where they deliver customized security wargames and simulations.