In this episode of Governance Futures, hosts Jamilya and Eugene speak with Isaac Patka about the evolving landscape of security in decentralized systems. Isaac Patka is a developer and founder in the Ethereum ecosystem specializing in security and compliance infrastructure. He is the co-founder of Shield3, which conducts incident response training through Wargames exercises for major DeFi and infrastructure protocols, performs operational security audits including multisig configuration and infrastructure reviews, and builds policy and compliance infrastructure specifically for stablecoin projects. Isaac is also a founding member and initiative lead at the Security Alliance (SEAL), an industry group of top researchers, auditors, developers, and lawyers working together to improve the security landscape of web3. Isaac brings a rare mix of technical insight and human awareness to Web3, exploring how culture, design, and attention failures shape the vulnerabilities of DAOs. The conversation dives into topics like proof of inattention, optimistic governance, and the hidden power of dispute resolution. Isaac shares stories from his work in white-hat hacking, DAO roasts, and wargaming—real-world simulations that help protocols identify weak points before hackers do. He also explains why paranoia is healthy in crypto, why multi-sigs often fail from social engineering rather than code, and how simple practices can drastically reduce risk.The episode closes with reflections on AI, security culture, and why the future of governance may look a lot like the past—council-driven, human-centered, and built on trust. Security Alliance (SEAL): https://www.securityalliance.org/SEAL Frameworks: https://www.securityalliance.org/frameworksWargames: https://www.securityalliance.org/wargamesNounsDAO: https://nouns.wtf/Timestamps: 00:00 – Cold start 00:56 – Introduction: Jamilya and Eugene welcome Isaac Patka 03:06 – Why everyone eventually gets phished: real-world hacks and human error 05:23 – The growing attack surface in decentralized ecosystems 07:42 – The birth of DAO Roasts: fact-checking decentralization claims 10:04 – NounsDAO and the challenge of decentralization with veto power12:23 – White-hat hacking: testing governance systems responsibly 14:48 – Defining white-hat vs. gray-hat ethics in crypto 17:07 – How security gray zones blur the line between defense and offense19:24 – The LampDAO experiment: voting to turn a real-world light on and off21:47 – DAO governance meets physical reality and off-chain limits24:07 – “Proof of inattention” as a governance failure mode 26:31 – Delegates, fatigue, and the limits of direct democracy 28:54 – Why most voters copy trusted delegates without understanding proposals31:15 – Guardrails and veto power: trade-offs in optimistic governance33:36 – The real locus of power: dispute resolution and enforcement35:55 – The origins of Security Alliance and the birth of WarGames38:16 – Simulating incidents: chaos drills for DeFi protocols40:42 – Threat modeling: finding vulnerabilities beyond smart contracts43:01 – SEAL-911: the crypto emergency hotline45:17 – Human trust in automated systems: staking and delegation47:39 – Why protocols still underestimate operational risks50:06 – Security culture: humans all the way down52:30 – Paranoia as a governance virtue54:51 – Practical safeguards: how to verify urgent messages and avoid scams56:54 – AI in governance: new attack surfaces and security implications59:19 – Overwarning fatigue and the limits of “Accept risk and sign” popups01:01:35 – Access control and permission boundaries in multisigs01:03:52 – How to stay safe: real-world scams and social engineering examples01:08:34 – Long cons, fake grants, and deepfakes in the crypto world01:12:59 – Vigilance without paranoia: staying human in security01:15:22 – Physical safety, seed phrases, and low-profile best practices01:17:43 – Crypto conferences, travel safety, and not standing out01:19:59 – Security fra