<p></p>
<blockquote>
<p><em>This is a Bisq Network project. Please familiarize yourself with the <a href="https://bisq.wiki/Project_management" rel="nofollow">project management process</a>.</em></p>
</blockquote>
<h2>Description</h2>

<p>"In the wake of the Apr 7th security incident, it's clear that we need to take our security practices to the next level. " (<a href="https://github.com/bisq-network/admin/issues/75" data-hovercard-type="issue" data-hovercard-url="/bisq-network/admin/issues/75/hovercard">cbeams</a>)</p>
<p>The purpose of this project is to create and follow a roadmap to establish a security team in terms of management structure, its duties, authority and responsibilities.</p>
<h2>Rationale</h2>

<p>I propose and drive the following strategy to get to a point where a "security team" can be effective:</p>
<p><strong>short intro video</strong> I will create a short video presentation where I introduce the idea of a security team by taking a look at the past and also by taking a look at the future, what happened already, what will happen eventually. In the course of the presentation I will be asking questions on how such a security team can look like, in terms of definitions, agenda and also how it can integrate with the Bisq DAO.<br>
<strong>call agenda</strong> I will create a (template) gdoc accompanying the presentation where everyone is welcome to share their thoughts on the questions I asked. This very gdoc will become the agenda for the kickoff-call held week 20/2020.<br>
<strong>call</strong> The call will have discussions and decisions on the agenda points. One followup call can be held if the discussion needs regrouping. I will host and moderate these calls.<br>
<strong>let the DAO decide</strong> The outcome of the call(s) is going to be formed into a <a href="https://github.com/bisq-network/proposals">Bisq proposal</a> ready to be accepted or rejected by the Bisq DAO in cycle 13 (around May 20th, 2020).<br>
<strong>done</strong> If and only if the DAO approves the proposal, the information will be transcribed into the Bisq wiki and the security team can take up its work.</p>
<h4>Why should it be done now?</h4>
<p><a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="607668547" data-permission-text="Title is private" data-url="https://github.com/bisq-network/admin/issues/75" data-hovercard-type="issue" data-hovercard-url="/bisq-network/admin/issues/75/hovercard" href="https://github.com/bisq-network/admin/issues/75">bisq-network/admin#75</a></p>
<h2>Criteria for delivery</h2>

<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> the DAO decided on the security team structure</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> if it is decided that there is a security team similar to Dev/Growth/Ops/Support, then
<ul>
<li>create a proposal in <a href="https://github.com/bisq-network/proposals">bisq proposals</a></li>
<li>deliver a Team description in the <a href="https://bisq.wiki/Category:Contributor_Docs" rel="nofollow">bisq wiki</a></li>
<li>include duties</li>
<li>include authorities</li>
<li>include responsibilities</li>
<li>include an agenda covering short, mid and long term goals</li>
</ul>
</li>
</ul>
<h2>Tasks</h2>

<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> create gdocs to hold agenda for the kickoff call</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> create and publish kickoff presentation</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> schedule and hold kickoff call</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> schedule and hold follow-up call if necessary</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> create <a href="https://github.com/bisq-network/proposals">proposal</a> to be voted on by the DAO to seal the security team</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> transcribe contents of approved proposal to Bisq wiki</li>
</ul>
<h2>Notes</h2>

<p>I set the labels according to the progress that is already made. Please adjust if necessary. Also, I skipped some headline because it seemed to me that it is already decided that we do this project and cannot guess why the admin team wants the security team.</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/bisq-network/projects/issues/33">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AJFFTNWKZB64UCHUY7K2Q3DRQEICFANCNFSM4M2GTCLA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AJFFTNXULWHTJQFRRIBQUT3RQEICFA5CNFSM4M2GTCLKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4JELMN5A.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/bisq-network/projects/issues/33",
"url": "https://github.com/bisq-network/projects/issues/33",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>