Three Key Learnings from Six Years of Building Secure DAO Frameworks

Amidst growing global challenges, effective organization has never been so crucial. Now is a time that we need digital organization tools and secure DAOs more than ever

Three Key Learnings from Six Years of Building Secure DAO Frameworks

Aragon has been building secure DAO frameworks since 2017. Like many projects in this ecosystem, Aragon was created out of a sense of urgency to address emerging social crises and failures of current governance structures to address them. From the very beginning, DAOs were always envisioned to help us address the growing number of social issues we are facing, which are growing in magnitude, velocity, and complexity.

Amidst growing global challenges, effective organization has never been so crucial. Now is a time that we need digital organization tools and secure DAOs more than ever. From climate change to AI to humanitarian crises, organization will be the key to humanity not only succeeding, but surviving.

And along with these challenges, we’re facing an exponential acceleration in technological innovation, which only adds fuel to the fire.

There’s a gap between the number of challenges we face, the rate at which they’re growing, and how we as humans are keeping up with these challenges. As individuals, there’s only so much we can do to help solve such big problems. And we can only adapt so fast.

Through collaboration and effective organizations, we can make better decisions to tackle these challenges together. Currently, our governance structures are not equipped to adapt, especially not at the speed we need them too. Systemic change is cumbersome, inaccessible, difficult, and even potentially violent. We need new coordination mechanisms to keep up with evolving change.

The promise of DAOs is having tools to learn faster through hands-on experimentation with governance and coordination. This allows us to discover new ways of finding novel solutions at scale. But DAOs haven't yet realized this vision.

Things are changing so fast that we’ve realized we need to embed adaptability within our governance structures to increase our ability to respond to the growing challenges and changing world around us.

The bottom line is we need to build faster, together. Build smarter, together. Build better, together.

In order to build better, we need to go back to our foundations.

These are the three lessons we applied when building Aragon OSx and the Aragon App, and how they informed the development of a stack that can power any organization—from a small group of five friends to a network state with millions of citizens.

Let's dive into the:

  • 3 Lessons
  • 2 Products
  • 1 Stack

Lesson 1: Move from complexity, towards simplicity


When building our new stack, we conducted user interviews across the ecosystem. One word that came up in almost every interview we did was “complex."

Not only is the ecosystem overly complex for new entrants, but our old stack was highly complex, even when we'd tried to make it simple.

It was secure, robust, thorough, and advanced for the demands of the time. This meant complex DAOs with specific needs like Lido and early innovators like Aavegotchi, Decentraland, and API3 found their home at Aragon. But it also meant that it was difficult to experiment with and daunting for new builders.

We had so much functionality embedded into it, that only a handful of talented engineers could work with the original stack—severely limiting the velocity at which we could experiment with the ecosystem at the time when we needed it the most.

We had a lot of features, many of which builders didn’t need, and the robustness of the tool made it so that once a DAO was deployed, it became nearly impossible to make any significant changes to its governance structure. There were a lot of moving pieces to keep track of, making changes daunting, high risk, and difficult to implement for developers coming into the space.

We needed to reduce the complexity in logic by making the core of the protocol as lean as possible. We needed a future-proof way to add and remove functionality, more than we needed to embed more functionality into our product. We needed functionality to be dynamic and based on the needs of organizations, not the developers of the stack.

We needed to find a way to make the logic extendable without compromising on simplicity and ease of use.

Now, on our new stack, it takes builders an average of 8 minutes to launch their DAO using the Aragon App.

It’s why we focused on plugins as the main source of our new protocol's functionality. Rather than building a deterministic product full of embedded functionality, we wanted to embed adaptability into our product.

Simple things are the most elegant, functional, and beautiful. But they're often the most difficult to design.

Here's how Aragon OSx works under the hood:

How Aragon OSx makes it simple to adapt your DAO

Our Aragon OSx contracts are divided into two key sections, the core contracts and the framework contracts.

1. Core contracts: these are the primitives the end user will interact with (the DAO, the plugins, the proposals, etc).

The core contracts contain:

  • DAO contract: the main contract of our core. It holds a DAO's assets and possible actions.
  • Permissions: govern interactions between the plugins, DAOs, and any other address. The permissions grant or revoke the ability of plugins to execute actions on behalf of and within the DAO.
  • Plugins: base templates of plugins to build upon.

2. Framework contracts: which are in charge of creating and registering each deployed DAO or plugin.

The framework contracts contain:

  • DAO and Plugin Repository Factories: creates DAOs or plugins.
  • DAO and Plugin Registries: registers into our protocol those DAOs or plugins.
  • Plugin Setup Processor: installs and uninstalls plugins into DAOs.
Dive deeper at devs.aragon.org


Acting as the vault and permission manager, the DAO contract is the one holding all the funds and executing actions on behalf of the DAO.

DAOs install plugins by granting permissions to these plugin contracts. The permissions allow them to execute actions on behalf of the DAO when certain conditions are met.

At its core, the DAO is a permission manager that grants and revokes permissions to different plugins.


Plugins give builders the ability to install, uninstall, or upgrade the functionality they need at any given point in time. That way, DAOs are not paying gas for functionality they don’t need. They’re also not tied to the design they set up in the early days of their DAO. Rather, they can easily change as their organization evolves.

Mutable organizations on an immutable blockchain: that's the power of Aragon OSx.

Lesson 2: Great user experience is crucial for enabling healthy, secure DAOs

If our technology cannot be used by every human, whether they are builders or community members, then we are severely limiting the potential of what DAOs can accomplish.

The importance of good user experience, or UX, cannot be underestimated. That is one of the biggest pain points and feedback we received in the user interviews about our old stack, and also about the ecosystem as a whole. We've learned that bad UX is greatly limiting the types of organizations and people who can participate in this industry.

Because web3 is a paradigm shift in how we interact on the internet, it’s incredibly hard to make onchain experiences intuitive.

Aragon Client, a UI built on top of the old Aragon OS, was a step in the right direction. But it still required a lot of context and a steep learning curve to navigate. It didn’t feel like the easy experience we expect today when we download an app on our phones or try new software online.

So, we took this feedback and set out to build the easiest app for DAO builders to launch their organization on, no matter their background or technical skill set.

We embedded education into the experience with links to guides and tool tips that help you make important decisions, such as how to set governance parameters for your DAO. We also provided more descriptive error messages, details about the steps you're taking, and explanations about why they're important. This makes participating in your DAO more secure, because you understand what exactly you are doing onchain.

Tool tips, links to guides, and advice along the way help you choose your governance to build a secure DAO.

But even with the help baked into the App along the way, the UI still feels simple and clean. We also built a clearer view into your DAO's financial activity, so members are never uncertain on their DAO's funds and where they're going.

With the new Aragon App, anyone can participate in the governance of their organization onchain, all from one easy-to-navigate home base.

The DAO Dashboard is the home base for DAOs on the Aragon App.


Currently, the DAO ecosystem is fragmented. DAO members are required to learn a bunch of different tools in order to effectively run their organizations. They might use five or ten different tools that all come with a different learning curve. This creates a disjointed and confusing experience for community members and DAO builders alike.

It also opens up security vulnerabilities, because user error is more common when dealing with difficult interfaces. A simple, intuitive UI is key to not just happy DAO members, but to a secure DAO as a whole.

Our vision is for the App to act as a secure DAO home base, decreasing the learning curve builders and members face when growing or participating in a DAO.

And we're excited and proud that, just two months after mainnet launch, nearly 500 DAOs are using the Aragon App!

Lesson 3: Center our focus on inclusivity of all types of DAO builders

The first Aragon OS was built with Solidity engineers in mind, because we assumed those were the people building in crypto. But what we missed was the realization that if we wanted the entire engineering power to come to web3, we had to build for other types of engineers building in other languages as well.

In our old stack, we assumed developers would come rushing in to build plugins (called Apps in the previous Aragon OS) and would want to use them in our front-end. But in reality, people wanted to customize their DAOs with their own design, without necessarily having to interact with Solidity at all. Understandably, they wanted their own DAO branding in the interface, too.

Many people are interested in building DAOs, but not interested in learning how to code. DAO Builders are incredibly resourceful, but coding shouldn’t be a requirement for anyone to launch an organization onchain.

It’s critical we give more builders access to building on the blockchain, in their own coding language or with no-code tools. We adapted our stack to meet the needs of a wider range of builders, technical and non-technical alike!

A huge step towards our goal to make DAOs inclusive of all types of builders is the launch of our new Smart Contract Composer, a tool that allows any DAO to connect to any smart contract in the ecosystem without writing any code.

This means DAOs no longer need to operate in a silo. They can connect to the functionalities of other contracts and execute actions directly from the App.

To connect a smart contact, simply click "Connect smart contract" and paste in the address. Then, you can set up a series of actions that become executable if a vote is passed in your DAO.

To learn how to use the Smart Contract Composer, check out this guide and this video.

On top of the functionality for no-code builders in the Aragon App, we're building a developer experience which is inclusive of a wider range of technical levels, backgrounds, and programming languages. By using our permission management system, developers can grant and revoke permissions to any functionality onchain, bringing to life organizations we can’t even envision today.

We have an SDK that will make it easy to customize your DAO with a few lines of code, and an upcoming Open Design System which will allow you to create custom branding within the Aragon App.

Both the SDK and ODS power the Aragon App, which allows DAO builders to tap into the power of Aragon OSx without writing a single line of code. But we’re not limiting the potential of the protocol to the no-code and user-friendly app we are building. We want to be inclusive to all backgrounds and visions, and we're excited to see what all developers build on top of our stack.

And so far, they've built exciting things! From a Lens plugin that enables communities to vote with Lens Follow NFTs, to a dApp designed specifically for investment DAOs, to a plugin that allows you to vote with non-transferable tokens, the community has built countless inspiring projects that will help catapult DAOs into the next phase of growth and success. And we can't wait to see what you build next.

3 lessons, 2 products, 1 stack.

Building on our legacy and starting a new chapter for DAOs

Experimentation and implementing user feedback requires humility and openly learning from our experiences. Through these past six years of building secure DAO frameworks we've learned a lot, went back to the drawing board, rebuilt our foundations, and emerged with our new stack.

This stack is built upon Aragon's foundation of security, freedom, and openness, but marks a new chapter for DAOs. And with our new stack, we take one step closer towards delivering our mission: enabling everyone to experiment with governance at the speed of software.

Solving the great challenges ahead will require us to collaborate more innovatively and effectively. We don’t have the answers, you do. We create tools to help you build the new forms of organization and coordination the world so desperately needs.

We can't wait to continue building better, together.

Get started today on the Aragon App or dive into the developer documentation to build a custom DAO or plugin!