> ## Documentation Index > Fetch the complete documentation index at: https://docs.story.foundation/llms.txt > Use this file to discover all available pages before exploring further. # Security Council A Security Council is an independent, semi-centralized group of trusted individuals or entities empowered to act swiftly to protect a decentralized protocol during emergencies. While decentralization is the ultimate goal of Story, the council provides a pragmatic layer of operational security that can mitigate risks that decentralized governance cannot quickly address. ### 🛡️ Purpose and Core Responsibilities The Security Council’s primary role is to safeguard the integrity of the Story Network and Story Protocol through technical oversight, by * Proposing parameter adjustments to the protocol and network. * Veto network upgrade or parameter changes * Monitoring and alerting for: * Critical vulnerabilities in smart contracts. * Monitor and alert for ongoing exploits draining user funds. * Monitor and alert for compromised admin keys or governance mechanisms. * Malicious governance or upgrade proposals. * Reviewing improvement proposals and alerting of harmful security or economic side effects. ## 🪄 Council powers ### **Emergency Actions** The Council has authority to take critical actions immediately, without delay, in the case of security emergencies (e.g., exploits or vulnerabilities that threaten network integrity). * Pause or freeze contracts using privileged functions. * Revoke or change access to admin keys or contracts. * Schedule upgrades, patches and parameter changes before full DAO approval. * Restore funds in coordination with governance, if feasible. > Transparency requirement: After any Emergency Action, a full transparency report must be issued as soon as it is safe to disclose what was done and why. ### ☑️ **Non-Emergency Actions** In non-emergency scenarios, the Council can: * Integration with Story Improvement Process (SIP) * Reviewing proposals (e.g., SIPs, forks, smart contract upgrades). * Writing SIPs * Issuing technical recommendations * Review SIPs for technical feasibility * Verify that DAO vote’s result in executed onchain outcomes * Propose adjusting protocol parameters like: * Protocol fees. * Validator staking amounts and commission rates. * Reserve rates for the \$IP token pool. * Propose cancellation or roll back scheduled upgrades. Beyond emergency responses, the council may: * **Participate in code reviews** and smart contract audits. * **Maintain a risk register** to track known threats. * **Respond to bug bounty reports** alongside core developers and audit firms. * **Coordinate with white-hat hackers** during disclosures. Their goal here is **preventative security**, not just reactive defense. ## 🤝Meetings Regular meetings * Will be held bi-weekly with the focus of reviewing and establishing the governance process and upgrade execution setup. Frequency might be adjusted later on. * Example of topics * Review of SIPs * Review of previous changes and scheduled upgrades * Evaluation of security reports or incidents * Synching with Foundation or other stakeholders * Meetings will be minuted for transparency, with a report being published after. Emergency meetings * Security council members will be on-call for ad-hoc, immediate meetings convened when any critical issue arises (e.g. security breach, discovered vulnerability, exploit in progress). * They will be confidential until public disclosure is safe ## 🏛️ Structure and Membership ### **Self-Governance** The Council can: * Elect a **Security Council Chair**. * Establish **internal procedures** to enhance its functioning. * Implement **staggered terms** for its members to ensure continuity. ### Composition * The Security Council can have **up to 11 members**. * Current members: * Michael Lewellen: [https://x.com/LewellenMichael](https://x.com/LewellenMichael) * Public Key: `0xc1583ef962954b123b5d043788f30ef2450956b5` * Vera the Ape: [https://x.com/veratheape](https://x.com/veratheape) * Public Key: `0x83C24415F202e0370e164cfbd914A84138cC1Ae4` * Anton Astafiev: [https://www.linkedin.com/in/astafiev](https://www.linkedin.com/in/astafiev/) * Public Key: `0xBD4AD66012C443F87465E12CA91eDc42957aDD3A` * Patrick Collins: [https://x.com/PatrickAlphaC](https://x.com/PatrickAlphaC) * Public Key: `0xAF43958ad62389BE3E0B553dFd259Ec335814c1C` * Jason Li: [https://x.com/lxjhk](https://x.com/lxjhk) * Public Key: `0xAdCDF85a75200015B25685c453f5738333dC63A5` * Raúl Martínez: [https://x.com/ethicraul](https://x.com/ethicraul) * Public Key: `0x576fa14594D1Ab7dc3fa7E08466E873321f5C95B` * Members are empowered to carry out Emergency and Non-Emergency Actions, and ensure SIPs comply with the Constitution. ### Phased Membership Model **First Phase:** * Until the later of 1 year post-Constitution or a vote to transition to Phase 2: * Up to **7 members** are appointed by Foundation Directors. * Up to **4 members** are elected by a **majority vote of incumbent members**. * At least **3 members** must be appointed directly by Foundation Directors. **Second Phase:** * Tokenholders gain the right to **elect a majority of Council Members** via a **Constitutional SIP**. * Incumbents finish their terms. ### Term Length and Renewal * Each Security Council Member serves a **12-month term**, automatically renewable unless: * A new member is elected. * They resign. * They are otherwise removed. ### Removal of Members * Tokenholders can remove Council Members via a **Constitutional SIP**. * Removed individuals cannot rejoin the Council for at least **12 months** after removal.