DAOrayaki DAO Research Bonus Pool:
Funding address: 0xCd7da526f5C943126fa9E6f63b7774fA89E88d71
Voting progress: DAO Committee /7 passed
Total bounty: 150 USDC
DAOrayaki DAO Research Bonus Pool:
Funding address: 0xCd7da526f5C943126fa9E6f63b7774fA89E88d71
Voting progress: DAO Committee /7 passed
Total bounty: 150 USDC
Types of research: DAO, Coin Voting Governance, DeGov
Original Author: Vitalik Buterin
Contributors: DAOctor @DAOrayaki
Special thanks to Karl Floersch: Dan Robinson and Tina Zhen for their feedback and review. See Notes on Blockchain Governance, Governance, Part II: Plutocrats Are Still Bad, On Collusion and Coordination, Good and Bad, for early thinking on similar topics.
An important trend in the blockchain space over the past year has been the shift from focusing on DeFi to also considering decentralized governance (DeGov). While 2020 has been widely hailed as the year of DeFi, since then the growing complexity and capabilities of the DeFi projects that make up the trend have led to growing interest in decentralized governance to address this complexity. There are many examples within Ethereum. YFI, Compound, Synthetix, Uniswap, Gitcoin, etc. have all launched or even started using some kind of DAO.
There is no denying that some form of decentralized governance is growing in popularity, and there are important reasons why people are interested in it. But it’s also important to understand the risks of such schemes, as the hostile takeover of Steem and the subsequent mass exodus of Hive made clear.
In some cases, decentralized governance is both necessary and dangerous, for reasons I will describe in this article. How can we reap the benefits of DeGov while minimizing risk? I'll argue a key part of the answer: we need to move beyond existing forms of token voting.
first level title
01 DeGov is necessary
Since the 1996 Declaration of the Independence of Cyberspace, there has been a key unresolved contradiction in the so-called cypherpunk ideology. On the one hand, cypherpunk values were all about using cryptography to minimize coercion and maximize the efficiency and reach of the main non-coercive coordination mechanisms of the time: private property and markets.
The economic logic of private property and markets, on the other hand, is optimized for activities that can be "decomposed" into repeated one-to-one interactions through which the information of art, documentation, science, and code is produced and consumed Circles are just the opposite.
This environment has two inherent key issues that need to be addressed:
Funding public goods: Funding projects that are valuable to broad and non-selective segments of the community but often have no business model (e.g. layer 1 and layer 2 protocol research, client development, documentation...) ?
Early blockchain projects largely ignored these two challenges, pretending that the only public good that mattered was network security, which could be achieved with a single algorithm fixed in perpetuity and paid for through fixed proof-of-work rewards.
This scenario in terms of financing was initially possible due to the extreme rise in the price of Bitcoin in 2010-13, followed by the ICO boom in 2014-17, and the simultaneous second cryptocurrency bubble in 2014-17, All of this makes the ecosystem rich enough to temporarily mask the inefficiencies of large-scale markets.
Long-term governance of public resources is similarly neglected: Bitcoin follows the path of extreme minimalism, focusing on providing a fixed supply of money and ensuring support for second-layer payment systems such as the Lightning Network. Ethereum continues to develop largely harmoniously, as its pre-existing roadmap has strong legitimacy, and complex application-layer projects that require something more do not yet exist.
first level title
Here's what happens in the diagram:
02 DeGov needs to fund public goods
It is necessary to step back and look at the absurdity of the current situation. The daily mining issuance reward from Ethereum is approximately 13,500 ETH, or approximately $40 million per day. Transaction fees are equally high, with the non-EIP-1559 burn portion still around 1,500 ETH (about $4.5 million) per day. As a result, billions of dollars are spent on cybersecurity every year.
Here's what happens in the diagram:
In the Ethereum ecosystem, this difference can arguably be irrelevant. Tens of millions of dollars per year are "sufficient" for the required R&D, and adding more money won't necessarily improve the situation, so the risks to the platform's credible neutrality of establishing in-protocol developer funding outweigh the benefits. But in many smaller ecosystems, whether those within Ethereum or entirely separate blockchains like BCH and Zcash, the same debate is brewing, and at these smaller scales, imbalances can makes a big difference.
Then enter the DAO field. Projects launched as pure DAOs from day 1 can achieve a previously uncombinable combination of two properties: (i) well-funded developers, and (ii) reliable funding neutrality (the coveted "fair launch") .
Of course, it's hard to make distribution completely fair, and the unfairness caused by information asymmetry is often worse than the unfairness caused by public pre-mining (considering that by the end of 2010, Bitcoin had issued a quarter of its supply, almost no people have had a chance to hear about it, is Bitcoin really a fair offering?). But even so, in-agreement compensation for public goods from day one appears to be an important step towards securing adequate and more credible neutral developer funding.
first level title
03 DeGov requires protocol maintenance and upgradesIn addition to public goods funding, another equally important issue requiring governance is protocol maintenance and upgrades. While I advocate minimizing all non-automated parameter tuning (see the "Limited Governance" section below) and am a fan of RAI's "non-governance" strategy, sometimes governance is unavoidable.
Price oracle inputs have to come from somewhere, and sometimes somewhere needs to change. Improvements must be coordinated somehow before the agreement can "zombify" into its final form.
An important distinction is whether off-chain governance is feasible. I have long been a fan of supporting off-chain governance wherever possible.
In fact, off-chain governance is absolutely possible with the underlying blockchain. But for application layer projects, especially DeFi projects, the problem we encounter is that application layer smart contract systems often directly control external assets, and this control cannot be forked.
If Tezos' on-chain governance is captured by an attacker, the community can hard fork without any high losses. If MakerDAO's on-chain governance is captured by an attacker, the community can definitely launch a new MakerDAO, but they will lose all ETH and other assets in the existing MakerDAO CDP.
Therefore, while off-chain governance is a good solution for base layer and some application layer projects, many application layer projects, especially DeFi, inevitably require some form of formal on-chain governance.
first level title
04 DeGov is dangerous
However, all current instances of decentralized governance come with significant risks. For followers of my articles, this discussion is not new.
I worry about two main types of problems with token voting: (i) inequality and incentive imbalances even in the absence of attackers, and (ii) outright attacks through various forms of (often obfuscated) vote buying. For the former, there are already a lot of proposed mitigations (such as delegated voting), and there are more to come. But the latter is the more dangerous elephant in the room and I don't see a solution in the current token voting paradigm.
A small group of wealthy participants is better at successfully executing decisions than a large group of small holders. This is because of the tragedy of the commons for small holders: each small holder has negligible influence on the outcome, so they have little incentive not to be lazy and actually vote. Even if there is a reward for voting, there is little incentive to research and think carefully about what they are voting for.
Token voting governance empowers token holders at the expense of the rest of the community: the protocol community is made up of diverse constituencies with many different values, visions, and goals. However, token voting only empowers one constituency (token holders, especially the wealthy) and leads to overestimation of the target of increasing token prices, even if this involves harmful power rent-seeking behavior.
There is one main type of strategy that is attempting to solve the first problem (and thus mitigate the third): delegated voting. Small holders don't have to judge every decision themselves; instead, they can delegate to community members they trust. This is an honorable and worthwhile experiment; we'll see how effectively delegated voting can alleviate this problem.articleimage description
Vitalik's Gitcoin page
article
complained:
Can crypto protocols be considered public goods if ownership is concentrated in the hands of a few whales? Colloquially, these market primitives are sometimes described as “public infrastructure,” but if blockchain serves the “public” today, it is primarily a form of decentralized finance. Fundamentally, these token holders have only one common concern: price.This complaint is misplaced. Blockchain serves a richer and broader public than DeFi token holders. But our token-driven governance system is completely unable to capture this, and it seems difficult to build a governance system that can capture this richness without a more fundamental change in the paradigm.first level title
05 Deep Foundational Vulnerabilities of Token Voting: Vote Bribery
Once it is determined that an attacker trying to subvert a system enters the picture, the problem gets worse. The basic vulnerability of token voting is easy to understand.
A token in a protocol with token voting is a bundle of two rights combined into a single asset: (i) some economic interest in protocol revenue and (ii) the right to participate in governance.
This combination is deliberate: the goal is to align power and responsibility. But in practice, these two rights are easily separated from each other.
Imagine a simple wrapper contract with these rules: If you deposit 1 XYZ into the contract, you get 1 WXYZ. WXYZ can be converted back to XYZ at any time, plus it can generate dividends. Where does the dividend come from? Well, while the XYZ tokens are in the wrapper contract, the wrapper contract is free to use them in governance (making proposals, voting on proposals, etc.). The wrapper contract simply auctions off this right on a daily basis and distributes the profits to the original depositors.
As an XYZ holder, is it in your interest to deposit tokens into the contract? If you're a very large holder, it probably isn't. You love dividends, but you fear what a misplaced participant might do with the governance power you sold. But if you're a smaller holder, it's a great fit. If the governance rights of the wrapper contract auction are bought by an attacker, you will personally only suffer a fraction of the cost of bad governance decisions made by your token, but you will personally receive the full benefit of the dividend governance auction. This situation is a classic tragedy of the commons.
Suppose an attacker makes a decision that breaks the DAO, thus benefiting the attacker. The damage to each participant of a successful decision is D, and the chance of a single vote skewing the outcome is P. Assuming the attacker bribes B, the game graph looks like this:
If B﹥D×p, you tend to accept bribes, but as long as B﹤1000×D×p, accepting bribes is collectively harmful. Thus, if p < 1 (usually much lower than 1), the attacker has the opportunity to bribe users into adopting negative network decisions, thus compensating each user for much less than the harm they suffer.
A natural critique of the fear of voter bribery is: would voters really be so immoral as to accept such an obvious bribe? The average DAO token holder is a fanatic, and it's hard for them to be happy with such a selfish and blatant sale of the project. But what this misses is that there are more nebulous ways to separate profit-sharing rights from governance rights that don't require anything as explicit as a wrapper contract.
The simplest example is borrowing from a DeFi lending platform such as Compound. People who already hold ETH can lock their ETH in a CDP (“Collateralized Debt Position”) on one of these platforms, and once they do, the CDP contract allows them to borrow an amount of XYZ, say half the value of the ETH they put in , and then they can do whatever they want with this XYZ. In order to get their ETH back, they will eventually need to pay back the XYZ they borrowed plus interest.
Note that throughout the process, the borrower has no financial exposure to XYZ. That is, if they use their XYZ to vote for a governance decision that destroys the value of XYZ, they don't lose a penny. The XYZ they hold is XYZ and they eventually have to pay it back to the CDP anyway, so they don't care if its value goes up or down.
This way we achieve a split: the borrower has governance rights but no financial interest, and the lender has financial interest but no governance rights. Some DAO protocols are using techniques such as timelocks to limit people's ability to participate in such attacks, but ultimately timelocks can be bypassed. As far as security systems go, time locks are more like a paywall on a newspaper website than a lock and key.
There are also centralized mechanisms that separate profit-sharing rights from governance rights. Most notably, when users deposit their tokens into a (centralized) exchange, the exchange has full custody of those tokens, and the exchange has the ability to vote with those tokens.
It's not just theory. There is evidence that exchanges use users' tokens for transactions in multiple DPoS systems. The most notable recent example has been the attempted hostile takeover of Steem, where exchanges used customers' tokens to vote in favor of proposals that would help solidify acquisitions of the Steem network, but were strongly opposed by a majority in the community. This situation can only be resolved by an outright mass exodus where a large portion of the community moves to a different chain called Hive.
Currently, many blockchains and DAOs employing token voting have managed to avoid these attacks in their worst form. Occasional signs of attempted bribery:
But despite all these important issues, simple economic reasoning suggests that there are far fewer examples of direct voter bribery, including using forms of obfuscation such as financial markets. The natural question to ask is: Why haven't more direct attacks occurred?
My answer is that "why not yet" relies on three contingent factors that are true today, but may become less true over time:
2) The wealth of token holders is highly concentrated and coordinated; large holders have a higher ability to influence outcomes and invest in long-term relationships with each other (both the "old boys club" of VCs and many other equally powerful but low-profile groups of wealthy token holders), and it makes it harder for them to take bribes.
3) The financial market for governance tokens is immature: off-the-shelf tools for making wrapped tokens exist in proof-of-concept but not widely used, bribery contracts exist but are equally immature, and the lending market is illiquid.
All of the above bribing attacks fail when a small co-ordinated group of users holds more than 50% of the tokens, and they and everyone else are invested in a tight-knit community, and very few tokens are being lent out at reasonable rates. Might remain a theoretical possibility.
But over time, no matter what we do, (1) and (3) will inevitably become less true, and (2) must become less true if we want DAOs to become fairer. Will DAOs remain safe while these changes occur? If token voting is not sustainable against attacks, what can?
first level title
06 Solution 1: Limited Governance
One possible mitigation to the above problem, and a solution that has been attempted to varying degrees, is to limit what token-driven governance can do. There are several ways to do this:
2) Limit governance to fixed parameter choices: Uniswap does this because it only allows governance to affect token distribution and the exchange's 0.05% fee. Another good example is RAI's "non-governance" roadmap, where governance can control fewer and fewer features over time.
3) Add a time delay: Governance decisions made at time T only take effect at e.g. T + 90 days. This allows users and applications whose decisions are deemed unacceptable to move to another application (possibly a fork). Compound has a time delay mechanism in its governance, but in principle the delay could (and ultimately should) be longer.
4) More friendly to forks: Make it easier for users to quickly coordinate and execute forks. This makes capturing governance less rewarding.
But limited governance by itself is not an acceptable solution. The areas most in need of governance, such as the allocation of funds for public goods, are themselves the most vulnerable. Public goods funds are vulnerable because attackers can profit from bad decisions in a very straightforward way: they can try to push a bad decision that sends funds to themselves. So we also need technology to improve governance itself...
first level title
07 Solution 2: Non-Token Driven Governance
The second approach is to use non-token-driven forms of governance. But if tokens don't determine an account's weight in governance, what is? There are two natural options:
2) Proof of participation: The system proves that an account corresponds to someone who has participated in a certain activity, passed some education training, or performed some useful work in the ecosystem. See POAP for how to do this.
There are also hybrid possibilities: an example is quadratic voting, which makes the power of individual voters proportional to the square root of the economic resources they have to make decisions. Preventing people from gaming the system by allocating their resources across multiple identities requires proof of personality, while the financial part that still exists allows participants to credibly show how much they care about an issue and how much they care about the ecosystem. Gitcoin quadratic financing is a form of quadratic voting, and the quadratic voting DAO is being built.
The proof-of-participation mechanism is less well known. The key challenge is that determining the level of participation itself requires very strong governance structures. The simplest solution might be to bootstrap the system with a handpicked group of 10-100 early contributors, then gradually evolve over time as selected participants in round N determine the participation criteria for round N+1. centralized. The possibility of a fork helps provide a path to recovery from governance derailments and provides an incentive.Both Proof of Personhood and Proof of Participation would require some form of anti-collusion to ensure that the non-monetary resource used to measure voting power remains a non-financial resource, rather than itself ending up in a smart contract that sells governance rights to the highest bidder.
first level title
07 Solution 3: In-Game Skins
A third way is to break the tragedy of the commons by changing the rules of voting itself. Token voting fails because while voters are collectively responsible for their decisions (if everyone votes for a bad decision, everyone's tokens go down to zero), each voter is not individually responsible (if a bad decision decision happens, those who support it suffer no more than those who do).
Can we build a voting system that changes this dynamic and makes voters individually accountable for their decisions, not just collectively?
If the fork is done the way Hive forked from Steem, fork-friendliness can arguably be a game tactic. If a disruptive governance decision succeeds and there is no longer opposition within the protocol, users can fork at their own discretion. Also, in that fork, tokens that voted for a wrong decision could be destroyed.
This sounds harsh, and may even feel like a violation of an implicit norm that “the immutability of the distributed ledger” should remain sacrosanct when forking tokens. But viewed from a different angle, the idea seems more plausible. We maintain the idea of a strong firewall where individual token balances are not expected to be violated, but apply this protection only to tokens that do not participate in governance. If you participate in governance, even indirectly by putting tokens into wrapping mechanisms, then you may be responsible for the cost of your actions.This creates personal liability: if an attack occurs, and your tokens voted for the attack, your tokens will be destroyed. If your tokens did not vote for the attack, your tokens are safe.
Responsibility spreads upwards: If you put tokens into a wrapper contract, and the wrapper contract votes for the attack, the balance of the wrapper contract will be wiped, so you will lose your tokens. If an attacker borrows XYZ from a DeFi lending platform, anyone who lent XYZ will fail when the platform forks (note that this makes lending out governance tokens generally very dangerous; this is the intended outcome).
But the above only works to prevent really extreme decisions. What about petty robberies? Unfairly favoring attackers to manipulate the economics of governance, but not bad enough to cause devastating damage? What about simple laziness, and the fact that token governance has no selection pressure in favor of higher quality opinions in the absence of any attackers at all?The most popular solution to this type of problem is futarchy, introduced by Robin Hanson in the early 2000s. Voting becomes a bet: by voting yes, you are betting that the proposal will lead to a good outcome, and by voting against the proposal, you are betting that the proposal will lead to a bad outcome. The reasons for Futarchy introducing personal responsibility are obvious:
If you bet well, you will get more tokens, if you bet badly, you will lose your tokens."Pure" futarchy has proven difficult to introduce, since in practice the objective function is hard to define (people want more than token prices!), but various hybrid forms of futarchy can be quite effective. Examples of hybrid futarchy include:
1) Vote as a buy order:Voting for a proposal requires creating an executable buy order to purchase additional tokens at a price slightly lower than the current price of the token. This ensures that if a bad decision works out, those who backed it may be forced to buy out their opponent, but it also ensures that in more "normal" decisions, token holders would More decisions can be made based on non-price criteria.
See this post from the Optimism team. Public goods are retroactively funded through some voting mechanism after they have already achieved results. Users can purchase project tokens to fund their project while demonstrating confidence in it. If the project is deemed to have achieved the desired goals, purchasers of project tokens will receive a reward.
See Augur and Kleros. The value of lower-level decisions is consistently incentivized by the possibility of resorting to higher-effort but more accurate higher-level processes. Voters who voted for the final decision will be rewarded.
There are also solutions that combine elements of the above technologies. Some possible examples:
In the latter two cases, the hybrid futarchy relies on some form of non-futarchy governance to measure the objective function or as a final dispute layer. However, this non-future governance has several advantages over direct use: (i) it activates later, so more information can be accessed, (ii) it is used less frequently, so less effort can be spent, and (iii) It has bigger consequences every time it is used, so relying solely on forks to adjust the incentives of the last layer is more palatable.first level title
08 Hybrid solutions
There are also solutions that combine elements of the above technologies. Some possible examples:1) Time delay plus elected expert governance:
Here's one possible solution to the age-old conundrum of how to make a cryptocurrency-backed stable investment with locked-up funds that can exceed returns without risking governance being seized. the value of the coin.The stablecoin uses a price oracle constructed from the median of the values submitted by N (e.g., N=13) elected providers. Token holders vote to select suppliers through tokens, but it can only eliminate one supplier per week. . If users notice that token voting has resulted in an untrustworthy price provider, they have N/2 weeks to switch to a different price provider before stablecoin trading breaks.
2) Futarchy + Anti-collusion = Reputation
: Users vote with "reputation", a non-transferable token. Users gain more reputation if their decisions lead to desired outcomes, and lose reputation if their decisions lead to undesired outcomes.
3) Loosely coupled token voting
