True self-custody means your team is in complete control. Unlike other platforms where a third party holds your accounts – and the power to freeze or lose your funds – Trezu is strictly non-custodial. We provide the interface for your team to collaboratively manage assets; you remain the sole custodian of your assets and accounts.

This eliminates third-party risk, but it introduces a stark operational reality: if your team loses access to its Governance wallets, nobody - not even the Trezu team - can recover your treasury. This is not meant to be intimidating; it is simply a design feature of genuine decentralization.

To help you structure your operations, this guide breaks down what the Governance role actually does, why it holds so much power, and how to configure it to minimize the risk of freezing your account or exploring your capital.

What Does the Governance Role Do?

In Trezu, roles define exactly what a member is allowed to do. While the Requestor and Finance roles handle day-to-day payments, the Governance role manages the rules.

Governance is the only role that can propose and approve actions to:

• Add or remove treasury members.

• Assign or revoke roles for those members.

• Change the voting thresholds (e.g., upgrading a 2-of-3 approval requirement to a 3-of-5).

While Governance members do not draft or approve daily contractor payments, they have the ultimate authority to shape the treasury. Because this role can add members or change voting rules, whoever controls Governance ultimately controls the funds. This immense structural power is exactly why Governance actions must always be protected by a strong, multi-signature voting threshold. It ensures that no single individual can unilaterally rewrite your team's rules or grant themselves unauthorized access to your capital.

Why Governance is Kept Separate

Teams evolve, members leave, and security requirements shift as your project scales. You need the Governance role to adapt your treasury to these organizational changes.

However, because changing the rules carries immense operational weight, Trezu intentionally separates Governance from everyday workflows.

Best Practices for Structuring Governance

Setting up your Governance structure correctly takes just a few minutes, but it serves as a critical layer of protection for your team's capital.

• Use Cold Storage (Hard Wallets): Assign the Governance role strictly to hardware wallets, like a Ledger. These devices keep your private keys completely offline. Keep them in a drawer until you need to make an organizational change.

• Require Multiple Approvals: Relying on a single vote to approve governance changes creates a massive single point of failure. If that one person loses their seed phrase, gets hacked, or leaves the team on bad terms, your entire treasury is exposed.

• Share the Responsibility: Distribute the Governance role across multiple trusted co-founders, board members, or key stakeholders.

• Keep Governance Actions Rare: Only update roles when strictly necessary, and grant access to the absolute minimum number of people required to run your organization.

Common Mistakes to Avoid

When teams run into trouble with multisig setups, it usually traces back to one of these configuration errors:

• The "Lazy Setup": Giving every single team member the Governance role just to avoid setting up proper permissions. Always apply the principle of least privilege: only give people the exact access they need to do their jobs.

• One Wallet Holding All the Power: Even if you are a solo founder, holding all Governance power on a single device introduces severe operational risk

• Mixing Daily Ops with Governance: Using the exact same browser wallet for daily Finance approvals and critical Governance changes. You should separate these tasks across different wallets entirely.

• The "Perfect Security" Trap (Getting Locked Out): Setting a rigid, unanimous threshold like 3-of-3 for Governance. If just one of those three people loses their hardware wallet, the treasury is permanently frozen. To build in redundancy, use setups like 2-of-3 or 3-of-5.

• Having No Recovery Plan: Failing to document what happens if a key is lost. Teams must have a securely documented, offline procedure detailing how they will use their remaining quorum (e.g., the 2 remaining signers in a 2-of-3 setup) to rotate out a lost key before it becomes a crisis.

Secure Your Foundation

Your team's capital deserves a professional, resilient foundation. By treating the Governance role with the gravity it deserves – separating it from daily operations, using hardware wallets, and avoiding single points of failure – you can significantly reduce your operational risk.

Take 10 minutes today to log in, check who holds the Governance role, review your voting thresholds, and ensure your team's rules are built to last.

Review your treasury settings at trezu.app.

(Next up: Read our guide on recommended treasury setups to find the perfect balance between strict control and fast execution for your team's size).