The Ethereum Name Service DAO is, as of this writing, voting on a proposal to seat a new Security Council — a move that comes weeks after founder Nick Johnson single-handedly blocked the renewal of the previous council, leaving the protocol without an emergency veto mechanism since April. The ballot closes on July 24, the same day the outgoing council’s authority expires. Two deadlines. One outcome. Either the DAO’s largest institutional power submits to community rule, or the protocol’s security architecture remains fractured.
I have watched this governance drama unfold from my Lisbon desk, running my own on-chain voting scripts and cross-referencing forum posts. And what I see is not a simple upgrade. It is a stress test — one that reveals the foundational contradiction at the heart of every major DAO: the tension between founder control and distributed security.
Let me be clear: ENS is not a DeFi casino. It is infrastructure. The naming system that maps human-readable addresses to Ethereum wallets is embedded in every major wallet, every dApp aggregator, every protocol that needs to display a user’s identity. When you send ETH to ‘vitalik.eth’, you are trusting that the mapping has not been subverted by a bad governance proposal. That trust, until now, relied on a Security Council with veto power. And since April, that council has been operating under an expired mandate — an empty shell.
The Pre-Mortem: What Happened After the Founder Pulled the Plug
To understand the current vote, you have to go back to April 2025. The previous Security Council’s term was up for renewal. The ENS Foundation had proposed a standard extension. Nick Johnson — the project’s co-founder, its most visible face, and the person who holds the keys to the ENS GitHub — refused to sign off on it. He did not veto the proposal via the council’s multi-sig; he simply blocked the renewal process at the administrative level. The council’s mandate expired. The emergency veto mechanism went dark.
The reason Johnson gave, according to forum posts, was that he believed the council’s membership was not sufficiently aligned with the protocol’s long-term technical vision. He wanted a different composition. But the DAO’s governance rules allowed him to unilaterally delay the renewal, creating a power vacuum. This is not a hypothetical risk. This is a documented exploit of the governance system’s own logic: the founder, by design, had a choke point that no DAO vote could bypass.
In July, facing mounting pressure from the community and a formal proposal from the ENS Foundation, Johnson submitted an executable proposal to the DAO — effectively surrendering his veto over the council selection process. The DAO is now voting on whether to seat a new eight-person council and grant it the emergency veto power. If it passes, Johnson’s unilateral block will be neutralized. If it fails, the ENS protocol will continue to run without any emergency brake, exposed to any malicious or erroneous proposal that manages to pass a governance vote.
Based on my audit experience — specifically, the 2017 EtherGem incident, where I flagged arithmetic overflows that were ignored as the token price surged — I can tell you that the risk here is not theoretical. A protocol without a veto mechanism is like a server room with no fire suppression system. It will probably be fine most of the time. But when the fire starts, you lose everything.
The Core: Dissecting the Governance Architecture
Let’s treat this like a code audit. The ENS DAO governance system has three layers: the token-holder voting mechanism (used for parameter changes, treasury allocation, etc.), the core developers (who implement changes via GitHub), and the Security Council (which holds a multi-sig to veto any governance decision that would harm the protocol). The council’s veto is the last line of defense against a hostile takeover of the DAO by a whale, a coordinated attack, or even a well-intentioned but technically flawed proposal.
Before April, the council could veto any proposal. After the mandate expired, the multi-sig remained in place but its legitimacy was legally and operationally unclear. The members could still theoretically sign a transaction, but with no formal authorization from the DAO, any veto could be challenged in court — or ignored by the protocol. The system was in a gray zone.
Now, the DAO is being asked to formally appoint a new council with clear terms. The proposal specifies an eight-person committee, elected by token holders, with the power to veto any DAO proposal within a defined timeframe. The selection process is designed to be more transparent than the previous one: candidates must submit applications, undergo interviews, and be voted on individually.
But here is where the code compiles but context reveals the exploit. The new council’s veto power is not absolute. The proposal includes a clause allowing the DAO to override a council veto with a supermajority vote (e.g., 66% of tokens). On paper, this is a check against the council becoming too powerful. In practice, it introduces a new attack surface: a whale holding 15% of tokens could, in theory, block the overrides and paralyze the system. The council becomes a political target, not just a technical one.
Furthermore, I examined the candidate list as of the time of writing. The eight proposed members include three current ENS core team members, two representatives from major wallet providers, one academic researcher, one former security auditor, and one anonymous community delegate. While the mix seems balanced, the anonymity of the delegate is a red flag. In my 2020 DeFi yield verification work, I learned that anonymous actors with veto power is a vector for regulatory and trust failures. If that delegate’s identity is compromised, the entire council’s security could be undermined.
The Contrarian Angle: What the Bulls Got Right (But Missed)
Let me give the optimists their due. If this vote passes and the new council functions well, it will be a net positive for ENS. The protocol will have a legitimate, community-approved emergency brake. The founder’s influence will be diluted, making ENS less vulnerable to a single point of failure — a key argument in any SEC Howey Test defense. In fact, I would argue that this governance transition is the single most important step ENS has taken toward regulatory compliance since its founding. The SEC’s Hinman speech directly cited “sufficient decentralization” as a condition for a token not being a security. By reducing the founder’s unilateral power, ENS is making a strong case for its own legal independence.
But the bulls are ignoring a second-order effect: the new council introduces latency. Emergency veto powers are most effective when they can be exercised quickly — within hours, not days. Under the old system, Johnson could make a decision alone. The new council, however, requires multi-sig approval from at least four of the eight members. If those members are in different time zones, with different availability, the response time could stretch to 24-48 hours. In a fast-moving exploit scenario, that lag could be fatal.
I am not saying the new system is worse. I am saying the risk profile has shifted from “concentration risk” to “coordination risk.” The exploit has moved from the governance layer to the operational layer. Code compiles, but context reveals the exploit.
The Takeaway: Accountability Is the Only Audit That Matters
The ENS Security Council vote is not just about one protocol. It is a case study in how DAOs evolve from founder-controlled startups to truly distributed sovereign entities. The outcome will set a precedent for every other DAO struggling with the same tension: Compound, Uniswap, Aave, Optimism. Each of them faces or has faced similar questions about founder power, council composition, and veto thresholds.
As of today, the vote is trending in favor of the new council, but the margin is slim — roughly 55% approval with 30% of tokens still unvoted. The July 24 deadline is a hard stop. If it passes, the new council will have to prove its worth in the first real crisis. If it fails, the ENS community will have to reckon with the fact that they chose founder control over distributed security.

I have written and rewritten this piece three times before hitting publish. I have pulled data from Dune dashboards for the council’s historical vetoes (they used it twice in 2023, both times to block ill-considered treasury spending), and I have verified the voting contract code on Etherscan. The math is clear. The governance is fragile. The outcome is uncertain.
Cold analysis. Hot losses. The choice belongs to the token holders — and to the 15% of whales who will decide if their interests align with the protocol’s survival.