In this episode of Governance Futures, hosts Jamilya and Eugene speak with Isaac Patka about the evolving landscape of security in decentralized systems. Isaac Patka is a developer and founder in the Ethereum ecosystem specializing in security and compliance infrastructure. He is the co-founder of Shield3, which conducts incident response training through Wargames exercises for major DeFi and infrastructure protocols, performs operational security audits including multisig configuration and infrastructure reviews, and builds policy and compliance infrastructure specifically for stablecoin projects. Isaac is also a founding member and initiative lead at the Security Alliance (SEAL), an industry group of top researchers, auditors, developers, and lawyers working together to improve the security landscape of web3. Isaac brings a rare mix of technical insight and human awareness to Web3, exploring how culture, design, and attention failures shape the vulnerabilities of DAOs. The conversation dives into topics like proof of inattention, optimistic governance, and the hidden power of dispute resolution. Isaac shares stories from his work in white-hat hacking, DAO roasts, and wargaming—real-world simulations that help protocols identify weak points before hackers do. He also explains why paranoia is healthy in crypto, why multi-sigs often fail from social engineering rather than code, and how simple practices can drastically reduce risk. The episode closes with reflections on AI, security culture, and why the future of governance may look a lot like the past—council-driven, human-centered, and built on trust. Security Alliance (SEAL): https://www.securityalliance.org/ SEAL Frameworks: https://www.securityalliance.org/frameworks Wargames: https://www.securityalliance.org/wargames NounsDAO: https://nouns.wtf/ Timestamps: 00:00 – Cold start 00:56 – Introduction: Jamilya and Eugene welcome Isaac Patka 03:06 – Why everyone eventually gets phished: real-world hacks and human error 05:23 – The growing attack surface in decentralized ecosystems 07:42 – The birth of DAO Roasts: fact-checking decentralization claims 10:04 – NounsDAO and the challenge of decentralization with veto power 12:23 – White-hat hacking: testing governance systems responsibly 14:48 – Defining white-hat vs. gray-hat ethics in crypto 17:07 – How security gray zones blur the line between defense and offense 19:24 – The LampDAO experiment: voting to turn a real-world light on and off 21:47 – DAO governance meets physical reality and off-chain limits 24:07 – “Proof of inattention” as a governance failure mode 26:31 – Delegates, fatigue, and the limits of direct democracy 28:54 – Why most voters copy trusted delegates without understanding proposals 31:15 – Guardrails and veto power: trade-offs in optimistic governance 33:36 – The real locus of power: dispute resolution and enforcement 35:55 – The origins of Security Alliance and the birth of WarGames 38:16 – Simulating incidents: chaos drills for DeFi protocols 40:42 – Threat modeling: finding vulnerabilities beyond smart contracts 43:01 – SEAL-911: the crypto emergency hotline 45:17 – Human trust in automated systems: staking and delegation 47:39 – Why protocols still underestimate operational risks 50:06 – Security culture: humans all the way down 52:30 – Paranoia as a governance virtue 54:51 – Practical safeguards: how to verify urgent messages and avoid scams 56:54 – AI in governance: new attack surfaces and security implications 59:19 – Overwarning fatigue and the limits of “Accept risk and sign” popups 01:01:35 – Access control and permission boundaries in multisigs 01:03:52 – How to stay safe: real-world scams and social engineering examples 01:08:34 – Long cons, fake grants, and deepfakes in the crypto world 01:12:59 – Vigilance without paranoia: staying human in security 01:15:22 – Physical safety, seed phrases, and low-profile best practices 01:17:43 – Crypto conferences, travel safety, and not standing out 01:19:59 – Security frameworks and starting points for learning 01:22:24 – What DAOs should fix first: access control 01:22:59 – Why decentralization is the most misused word in Web3 01:23:36 – The future of governance: humans, councils, and lessons from the past 01:24:15 – Closing thanks and outro