Polkadot Ambassador Fellowship (PAF) Governance: Critical Questions Before On-Chain Implementation

ltfschoen · September 26, 2025, 3:01pm

Following my previous post about critical governance questions for the Polkadot Ambassador Fellowship’s (PAF) on-chain implementation, I’ve developed this comprehensive proposal that addresses those concerns through specific governance commitments.

This document (Version 1.0.0 - Review Draft) outlines a structured approach to ensure proper governance safeguards are in place before and during the on-chain implementation process. It includes:

Specific governance commitments for ambassadors to vote on

Detailed implementation approach with clear timelines and responsibilities

Framework for independent technical documentation and security review

Comprehensive accountability mechanisms and transparency requirements

The proposal allows the current PAF implementation to proceed on-chain with core functionality while temporarily excluding the PAF extension pallet until these governance commitments are fulfilled. This balanced approach addresses the potentially critical security and accountability concerns I raised while minimising further delays to the on-chain implementation.

I’m sharing this as a Review Draft to gather community feedback before finalisation. Any input from the broader Polkadot ecosystem is valuable in ensuring these governance commitments effectively address the concerns raised and provide a solid foundation for the PAF’s on-chain future.

Below is the full document and I look forward to your thoughts and suggestions.

Polkadot Ambassador Fellowship: Governance Commitments and Implementation Plan

Reference ID: PAF-GOV-2025-09
Version: 1.0.0 (Review Draft)
Last Updated: 2025-09-26

Executive Summary

This proposal requests votes from all Ambassadors on key governance commitments for the Polkadot Ambassador Fellowship’s (PAF) on-chain implementation. Following the previous vote where most Ambassadors supported going on-chain, these commitments aim to:

Allow the current PAF implementation to proceed on-chain with core functionality
Temporarily exclude the PAF extension pallet until governance commitments are fulfilled
Strengthen governance readiness and address potential security concerns
Increase likelihood of referendum approval through responsible planning

If approved, these commitments will be incorporated into the Ambassador Fellowship on-chain proposal following the detailed implementation approach outlined in Appendix F, including specific timelines, working group formation, and pre-deployment requirements to ensure all governance safeguards are properly established.

Purpose

This discussion post proposes to request votes from all Ambassadors on key governance commitments for the on-chain implementation of the Polkadot Ambassador Fellowship (PAF), following the previous vote where most voting Ambassadors supported going on-chain. The goal is to allow the current PAF implementation to proceed on-chain with the core functionality, while temporarily excluding the PAF extension pallet (Polkadot Ambassador Fellowship Governance Extension Pallet) mentioned here Polkadot Ambassador Fellowship Governance Extension Pallet Grant Application by ltfschoen · Pull Request #37 · PolkadotOpenSourceGrants/apply · GitHub (that was withdrawn from that grant funding request) until these governance commitments are fulfilled. These commitments aim to strengthen our governance readiness, address potentially critical security and accountability concerns, and increase the likelihood of referendum approval by demonstrating responsible governance planning.

If approved, these commitments will be incorporated into the Ambassador Fellowship on-chain proposal following the detailed post-vote commitment approach outlined in Appendix F. This approach includes specific implementation timelines, working group formation, and pre-deployment requirements to ensure all governance safeguards are properly established.

Value Proposition and Critical Necessity

Why Governance Commitments Matter

These governance commitments establish important safeguards for the Ambassador Fellowship’s on-chain implementation. They address specific concerns that have been identified through technical review and community feedback:

Identified Technical Issues: Security reviews conducted by the author of the PAF extension pallet (August 2025) uncovered potential implementation concerns including potential treasury transaction batching inconsistencies and potential member limit discrepancies. These potential issues were submitted to the Parity Bug Bounty program but rejected due to Ambassador Fellowship involvement. This creates a concerning dilemma: contributors must choose between participating in ecosystem collectives or maintaining bug bounty eligibility. This led to the author’s recusal from reviewing the proposed PAF implementation, as any review comments could be considered a conflict of interest under the same policy. This creates misaligned incentives where those with the most relevant expertise may be discouraged from contributing directly to the projects they know best.
Governance Structure Safeguards: Without appropriate checks and balances, on-chain governance systems can concentrate decision-making power in ways that undermine decentralization principles
Treasury Controls: Lack of transparent fiscal controls and appropriate rate structures could lead to inefficient use of ecosystem resources, as seen in other treasury proposals
Accountability Mechanisms: Clear documentation practices, responsibility assignments, and transparency requirements are needed to ensure proper governance
Implementation Sequence: A structured approach to implementation ensures critical safeguards are in place before vulnerable functionality is activated
Delegation Chain Transparency: The Ambassador Fellowship Commitment Checklist requires full transparency, pre-vote disclosure, shared accountability, and comprehensive conflict of interest evaluation across all delegation chains, with no absolution of responsibility for the original delegate.

Tangible Benefits to the Polkadot Ecosystem

Implementing these commitments will deliver substantial value to the entire Polkadot ecosystem:

Enhanced Security: Comprehensive security review process with qualified experts reduces risk of exploits
Fiscal Responsibility: Transparent, market-appropriate compensation rates and treasury caps ensure efficient use of community funds
Governance Innovation: Establishes best practices that can be adopted by other ecosystem projects
Community Trust: Demonstrates commitment to transparent, accountable governance
Reduced Implementation Risk: Phased approach with clear safeguards minimizes potential negative impacts
Knowledge Transfer: Documentation practices ensure learnings benefit the broader ecosystem
Sustainable Growth: Balanced approach allows progress while ensuring proper governance foundations

Alignment with Polkadot Ecosystem Values

This implementation plan embodies core Polkadot ecosystem values:

Decentralization: Distributes responsibilities across multiple working groups with balanced representation
Transparency: On-chain documentation and clear decision-making processes
Security: Prioritizes proactive security reviews and risk assessments before deployment rather than reactive fixes after vulnerabilities are exploited, focusing on identifying and addressing potential issues in advance
Community-Driven: Incorporates broad ambassador involvement and feedback mechanisms
Fiscal Prudence: Reasonable compensation rates and transparent budgeting
Technical Excellence: Follows Technical Fellowship review processes and standards

Voting Approach

The following is a proposed process for gathering ambassador feedback on these governance commitments:

Discussion Period: A 5-day period from publication (Block #XXXXXX to Block #XXXXXX)

Open to comments from the broader Polkadot ecosystem, not just ambassadors
Ambassadors are encouraged to consider feedback from ecosystem stakeholders
Incorporating broader ecosystem perspectives may improve the eventual on-chain proposal

Voting Period: A 3-day period following discussion (Block #XXXXXX to Block #XXXXXX)
Eligible Participants: Verified Ambassador accounts
Voting Format Suggested: On-chain remarks based on the following example:

PAF-GOV-2025-09: Y(reason),N(reason),A(reason),Y(reason),N(reason),Y(reason)

Where:

Y(reason) = Yes with optional reason in parentheses
N(reason) = No with reason in parentheses (strongly encouraged for transparency and accountability)
A(reason) = Abstain with reason in parentheses
Each position corresponds to commitments 1-6 in order
Providing reasons, especially for No and Abstain votes, helps improve governance transparency

Note: This accelerated timeline is specifically designed to minimize further delays to the Ambassador Fellowship’s on-chain implementation in a scheduled runtime upgrade, while still ensuring adequate time for community input and ambassador consideration.

Governance Commitments for Vote

Following the previous vote where most ambassadors supported going on-chain, this vote seeks to establish specific governance commitments before proceeding with implementation. It proposes that all verified ambassadors would be eligible to vote, regardless of how they voted in the previous on-chain transition poll. Their vote on each commitment should help determine which safeguards are prioritized during implementation.

#	Commitment	Description
1	Security Review Process	Implement a comprehensive security review process led by qualified security experts (preferably Polkadot Assurance Legion (PAL) or suitable equivalent security audit providers) with appropriate Non-Disclosure Agreements (NDAs) and conflict of interest screening
2	Treasury Caps	Implement temporary treasury caps during initial implementation to reduce risk while governance safeguards are being established
3	Governance Safeguards Timeline	Commit to implementing critical governance safeguards before deployment and completing all safeguards within 90 days of on-chain approval
4	Technical Fellowship Involvement	Ensure Technical Fellowship review and approval of implementation approach through the formal RFC process
5	Dual-Use Risk Assessment	Conduct a formal assessment of potential dual-use risks (where governance mechanisms could be repurposed for harmful or malicious uses beyond their intended purpose) with appropriate mitigation strategies
6	Rank Reevaluation Process	Establish a transparent community-driven process to reevaluate ambassador ranks that were initially assigned by the Advisory Board

The following diagram illustrates the Decision Flow for Vulnerable Functionality:

Vote Verification

All votes must be submitted as on-chain remarks from verified Ambassador accounts on the Polkadot Relay Chain (using the standard Polkadot SDK System pallet’s remark extrinsic, which is accessible through any Polkadot wallet)
Only votes within the specified block range will be counted
A verification script should be published for independent vote tallying (this script should scan the blockchain for remarks matching the specified reference number and format from verified ambassador accounts within the block range, count the votes for each option, and generate a cryptographically verifiable report)
Results should be published in the Polkadot Forum post thread with links to on-chain evidence

Post-Vote Commitments Incorporation

If approved, these commitments will be incorporated into the Ambassador Fellowship on-chain proposal. The commitments create a balanced approach that allows progress while ensuring proper governance safeguards. For a detailed implementation timeline and approach, see Appendix F: Post-Vote Commitments Approach.

Relationship Between Commitments and Appendices

The governance commitments listed above represent the high-level principles that ambassadors are being asked to vote on. The detailed appendices that follow provide comprehensive implementation plans, working group structures, responsibility assignments, and supporting information for each commitment:

Commitment 1 (Security Review Process) is detailed in Appendix C (Implementation Responsibilities)
Commitment 2 (Treasury Caps) is elaborated in Appendix B (Collaborative Implementation) and Appendix F (Post-Vote Commitments Approach)
Commitment 3 (Governance Safeguards Timeline) is outlined in Appendix F (Post-Vote Commitments Approach)
Commitment 4 (Technical Fellowship Involvement) is explained in Appendix B and Appendix C
Commitment 5 (Dual-Use Risk Assessment) is addressed in Appendix E (Critical Governance Questions)
Commitment 6 (Rank Reevaluation Process) is covered in Appendix B under the working group responsibilities

The appendices provide the technical details, timelines, specific responsibilities, and budget information needed to implement these commitments effectively. Appendix B includes a detailed budget with rank-based hourly rates ($40-$100/hour based on expertise level) and transparent cost estimates for each working group. This budget follows the principle of fiscal responsibility, with reasonable market-appropriate rates and clear justification for all expenses. The appendices represent the operational and financial plan that will be followed if ambassadors vote to approve these governance commitments.

For a comprehensive understanding of these governance commitments, each appendix provides important context:

Appendix A: Addresses common misconceptions about the PAF extension pallet
Appendix B: Outlines a collaborative implementation approach with working group formation
Appendix C: Details implementation responsibilities including security review process
Appendix D: Explains how the PAF extension pallet helps prevent governance capture
Appendix E: Lists critical governance questions that must be resolved before implementation
Appendix F: Provides a detailed post-vote commitments approach with pre-deployment requirements and priorities

These appendices provide important context for your voting decision and address concerns raised in previous community discussions.

Disclaimer

Risk Assessment Limitations

The reference to a “safety in design” risk assessment is aspirational only and represents an approach to strive towards
No formal “safety in design” methodology was fully followed, nor has a Web3-specific equivalent been created yet
The risk assessment that informed the PAF extension pallet should not be considered exhaustive
It represents a selective focus on risks that the author personally identified as important based on individual experience and judgment
What is described as “critical” reflects the author’s interpretation and prioritization, which may differ from the assessment of qualified security experts

Not Professional Advice

This document does not constitute professional security, legal, or governance advice
All governance safeguards should be independently verified and validated by appropriate security professionals

Responsibility for Implementation

The Ambassador Fellowship, the broader Polkadot ecosystem (including all collectives, the Polkadot DAO, and Web3 Foundation), and all contributors bear responsibility for conducting their own comprehensive risk assessments with qualified experts before implementation
The author has attempted to reduce risks to As Low As Reasonably Practicable (ALARP) given resource constraints
No guarantees are made about the completeness or effectiveness of the proposed safeguards

Note on Appendices: Due to character limits, the detailed appendices for this proposal are provided in two reply posts below:

Reply #1: Appendices A-E (Common Misconceptions, Collaborative Implementation, Implementation Responsibilities, Preventing Governance Capture, Critical Governance Questions)
Reply #2: Appendix F (Post-Vote Commitments Approach with Implementation Timeline)

Please review these appendices for important implementation details that support the governance commitments outlined above.

Topic		Replies	Views
Transition to the On-Chain Collective: Next Steps for the Ambassador Fellowship Ambassador Programme	26	1084	August 8, 2025
Calling Polkadot Core Developers Governance	32	6925	December 2, 2022
Project Phoenix: The Fundamental Reform of the Polkadot Ambassador Programme Ambassador Programme	51	1870	December 5, 2024
Head Ambassador Election Process - Discussion Ambassador Programme ambassador-programme	28	1498	June 12, 2024
Lessons Learned from the reform of the Ambassador Program Ambassador Programme	9	391	August 30, 2024