GMX Security Committee Season 4

Summary

This proposal seeks DAO approval to constitute Season 4 of the GMX Security Council for the term May 1, 2026 through October 31, 2026.

The Security Council serves as a dedicated security and governance oversight body for the GMX protocol. Its mandate is to review upgrades, verify deployments, oversee timelock transactions, and provide structured governance feedback to reduce execution and operational risk.

Season 4 will continue the established six-month term structure. One seat is open due to a member stepping down, and the DAO is invited to nominate candidates.

Background

The current Security Council (Season 3) began its term on November 1, 2025, with the following elected members:

• 50

• Q

• SniperMonke

• Raoul

• Owen

The Council operates on a six-month term, with elections held twice per year, and all five seats directly voted on by the DAO.

Due to increased commitments with Chaos Labs, 50 will not continue into Season 4. As a result, one seat is vacant, and the DAO is invited to nominate and elect a new member.

All remaining members may stand for re-election.

Key Responsibilities

The Security Committee’s core mandate includes:

• Reviewing, verifying, and auditing protocol upgrades, smart contract deployments, and timelock transactions
• Monitoring protocol operations and flagging any inconsistencies or vulnerabilities
• Evaluating DAO proposals on the GMX Forum and Tally, providing security-aligned feedback
• Overseeing accurate role assignments across GMX V2 contracts

Composition & Compensation

Season 4 will consist of five members, elected directly by the DAO.

Each member will receive an honorarium of $500 per month in recognition of time and responsibilities.

Exception: Owen is exempt from this honorarium, as Guardian receives compensation through a separate ongoing retainer arrangement with GMX.

Members are expected to commit at least five hours per week, with additional availability during upgrades or urgent situations.

Season 3 Contributions

Over the previous six months, the Security Council has materially strengthened governance discipline and protocol safety through:

• Proposal Oversight: Review of multiple DAO proposals across the Forum and Tally.

• Timelock Reviews: Auditing all timelock executions prior to completion.

• GMX V2 Role Management: Verification of role assignments and contract deployments against audited code.

• Infrastructure Expansion: Support in setting up the security multisig on MegaETH.

These processes have improved transparency, reduced execution risk, and enhanced accountability across governance actions.

Nomination & Election Process

Nomination Window

• Opens: March 4, 2026

• Closes: March 11, 2026

All community members are invited to nominate themselves for the open seat. Current members may also seek re-election.

Voting Process

Following the nomination period:

• A Snapshot vote will be conducted to determine the Season 4 composition.

• Any delegate may challenge an individual member or propose an alternative slate.

• All five seats remain subject to DAO approval.

Special Case: Single Nomination

If, at the close of the nomination period, only one eligible candidate has nominated themselves for the open seat, the proposal will not proceed to Snapshot voting for that seat.

In such a case, the nominee will be considered elected by default and will join the Security Council for Season 4.

This avoids unnecessary governance overhead while preserving transparency and the DAO’s right to challenge during the nomination window.

Conclusion

With the current six-month term coming to an end, the GMX DAO will begin the process of electing the Season 4 Security Council. As noted above, one member will not be continuing, creating an open seat, while the remaining members have expressed their willingness to serve again if re-elected, ensuring continuity.

Community members are encouraged to step forward and participate in shaping the next phase of GMX’s security governance.

Nomination Template

If you’d like to put your name forward, please reply to this post using the template below:

Name:

Twitter Account:

GitHub Link:

Can you read and write code?

Relevant Experience: Please share any links and supporting information.

Familiarity with GMX DAO: How well do you know GMX and its governance?

Suggestions for the Security Committee: Do you have ideas for how the committee can maximize its impact in Season 4?

Time Commitment: Can you commit at least 5 hours per week to serve on this committee?

Declaration of Conflict of Interest (if any):

A crucial role considering how important security is to GMX. If you feel you have the relevant background, please do nominate yourself!

Name: 0xjunwei

Twitter Account: https://x.com/0xjunwei

GitHub Link: 0xjunwei (Jun Wei) · GitHub

Can you read and write code:

Yes, able to code in Solidity and afew other languages primarily python nowadays, C is rusty now.

Relevant Experience:

• mainly worked in traditional cybersecurity previously (Incident Responder, but qualified in penetration testing, mainly web application testing)
• Based on the responsibilities, i am able to perform the actions required, as i have experience reading blockchain explorers along with understanding access controls

Familiarity with GMX DAO: been in GMX since 2022, spoke with several DAO members and do think I know how the DAO works but not privy of internal team structure.

Suggestions for the Security Committee:

• conduct more opsec reviews, other than code reviews, the human factor is also a risk whereby do we have sufficient defence in place if an attacker compromise a contributor computer. Not privy of full security measures but would generally think of these vectors too on top of audits, as malware is still being used to target crypto folks.

Time Commitment: yes able to commit 5 hours weekly.

Declaration of Conflict of Interest (if any): n/a

Point to note: I am currently back to being a student previously worked in the military as an incident responder for 3 years before returning back to complete my studies. Been in cybersecurity for the past 8 years and have experience in penetration testing against web applications and networks, if i see any other suitable individuals for this role, i would withdraw my application.

Nice to see your nomination JunWei

Name: Saulius

Twitter Account: https://x.com/sliux

GitHub Link: available upon request

Can you read and write code?

Yes. Writing and reviewing Solidity smart contracts and DeFi infrastructure, Developing analytics and on-chain monitoring tools (Dune, Python/web3).

Relevant Experience:

I am the creator of the popular GMX Analytics dashboard on Dune, which provides transparent and accessible analytics for the ecosystem:

https://dune.com/saulius/gmx-analytics

A large part of my daily routine is independent monitoring of few protocols activity, including fund transfers and transactions of deployers and multisig wallets. I regularly review on-chain activity and share notable findings with the community when relevant.

Familiarity with GMX DAO:

My journey with the GMX ecosystem spans more than five years, starting from the early XVIX days, through migration to Gambit, and into the current GMX protocol. During this time I have closely followed the protocol’s development and governance.

I have been an active member of the community chats and GMX governance forum, regularly participating in discussions and contributing to the community dialogue around protocol development and governance.

Suggestions for the Security Committee: Do you have ideas for how the committee can maximize its impact in Season 4?

One area where I believe we can improve is transparency around protocol-controlled wallets.

Today, many important protocol wallets exist (deployers, multisigs, operational wallets, etc.), but their roles and purposes are not always clearly documented or labeled publicly. Even for active community members as myself it can sometimes be difficult to fully understand the workflows behind protocol operations.

If selected, one of my first initiatives would be to push for clearer public documentation and labeling of protocol wallets by purpose, so the community can more easily understand protocol operations.

Greater transparency in this area would benefit both community trust and security monitoring, and I believe it would be a valuable improvement for the ecosystem.

Time Commitment: Can you commit at least 5 hours per week to serve on this committee?

Yes — I am able to dedicate the time required to fulfill the responsibilities of the Security Committee.

Declaration of Conflict of Interest (if any):

I am a long-term GMX token holder, which means my incentives are fully aligned with the long-term security, transparency, and success of the protocol.

Got two participants for the 5 seat and will be closing the nominations and moving to a Snapshot vote tomorrow

I hope you mean will be total 6 candidates for 5 seats?

Not exactly. There will not be 6 candidates for 5 seats. Nominations are open for one seat only, as the 5th member stepped down due to workload. The remaining 4 members are continuing in their positions, so only one seat requires an election, as outlined in the proposal.

So these “remaining 4” have guarantied positions for lifetime or how it works?

No, these are not lifetime positions. The 4 remaining members have been working diligently in their roles and have expressed their interest to continue. Opening all seats for election would result in significant operational changes, and signficant resources have already been invested into this process. The nominations are open for one seat only, as outlined in the proposal, to ensure a smooth and efficient transition.

Following the Governance Committee’s feedback, we will be moving forward with elections across all six candidates as per the posted rules.

On a separate note, given the operational realities we have seen through this process onboarding, offboarding, hardware and resource allocation it may be worth the revisiting terms going forward. Longer or staggered terms could go a long way in making this more sustainable.

Snapshot goes live on Monday.