Governance: Not Just Coin Voting
An article from Vitalik Buterin’s “More Money: What Ethereum Is and How the Blockchain Is Changing the World”
In late March, Individuum published Vitalik Buterin’s More Money: What Ethereum Is and How the Blockchain Is Changing the World, a collection of articles by one of the leading crypto visionaries, written at different times. With the publisher’s permission, we publish here with minor abridgments the translation of the article “Governance: Not Just Coin Voting,” devoted to some fundamental problems of decentralized autonomous organizations (DAOs) and current options for addressing them. The English-language original can be read here.
The Need for DeGov
Since the Cyberspace Independence Declaration, published in 1996, regarding what we mean by the hacker-ethos ideology, there has existed a key unresolved tension. On the one hand, the hacker ethos is to use cryptography to minimize coercion and to maximize the efficiency and influence of the dominant coordination mechanism where coercion did not exist: private property and markets. On the other hand, the economic logic of private property and markets is optimized for activities that can be split into repeating one-on-one interactions, while the information sphere where art, documentation, science, and code are ultimately produced and consumed through public interactions, runs counter to this original aim.
Two key problems emerge that require solutions.
Funding Public Goods: how to fund projects valuable to a broad and diverse portion of the community but lacking a business model (for example, research on layer-one and layer-two protocols, client development, documentation…)?
Maintaining and Updating Protocols: how to coordinate protocol updates, as well as ongoing maintenance and adjustments of its non-static components (for example, safe-asset lists, price oracle sources, multi-party computation keyholders)?
The initial blockchain projects largely ignored both issues, pretending that network security is the only important public good to be secured with a carved-in-stone algorithm and paid for with fixed rewards under PoW. This funding stance arose first from the Bitcoin price spike in 2010–2013, then from the ICO boom of 2014–2017 and the concomitant second crypto bubble. All this enriched the ecosystem enough to temporarily cover up serious market shortcomings. The question of long-term governance of common resources also went unaddressed: Bitcoin pursued extreme minimization and focused only on providing a currency with a fixed supply and supporting second-layer payment systems like Lightning. Ethereum’s development, by contrast, proceeded relatively harmoniously (with one notable exception) thanks to the undisputed legitimacy of its original roadmap (in short: “proof of stake and sharding”). Yet there were no substantial applied-level projects requiring more than this.
But lately circumstances have not been so favorable, and questions arise about how to coordinate protocol support and updates, as well as how to finance documentation, research and development, while avoiding risks of centralization.
The Case for DeGov in Financing Public Goods
Let’s take a step back to assess the absurdity of the situation. Daily, Ethereum pays about 13,500 ETH — roughly $40 million — as mining rewards. The portion of transaction fees not burned by EIP-1559 remains substantial: about 1,500 ETH (~$4.5 million) per day. Thus billions are spent each year to fund network security. And what is the Ethereum Foundation’s budget? About $30–60 million per year. There are other players, willing to back Ethereum’s development (for example, ConsenSys), but their investments are only slightly larger. In Bitcoin, the story is similar; public goods not tied to security receive even less funding.
Some may say that for the Ethereum ecosystem such a disparity is not especially important; that tens of millions per year are enough for all necessary R&D, and additional resources would not necessarily improve the situation, so direct intra-protocol funding for development poses more threats to the platform’s credible neutrality than benefit. But in many smaller ecosystems — and in ecosystems inside Ethereum, as well as in distinctly separate blockchains like BCH and Zcash — such debates have already matured, and on a smaller scale the imbalance is more evident.
Consider a DAO. A project that from the outset is a “pure” DAO may combine two properties that previously seemed incompatible: first, adequate funding for development, and second, credible neutrality of funding (the much-desired “fair launch”). Funding no longer comes from a strictly immutable list of paying addresses; the DAO itself can make decisions.
Of course, it is difficult to make a launch completely fair, and information asymmetry injustices are often far worse than the injustices of explicit pre-mining (was Bitcoin launched fairly, given how few people had the chance to hear about it by the end of 2010, when a quarter of tokens were already distributed?). Yet, even so, if from the first days of a project you embed in its protocol a reward for the development of public goods not linked to security, that would be a step toward necessary and more credibly neutral funding for development.
The Need for DeGov to Support and Update Protocols
Beyond funding public goods, governance requires attention to another important problem — maintaining and updating protocols. Even as a proponent of minimizing non-automatic parameter settings (see “Limited Governance” below) and a fan of RAI’s ‘no governance’ strategy, I agree that sometimes certain decisions must be manual. Price oracle inputs must come from somewhere, and sometimes that source must change. Until a protocol fully hardens, its updates must be coordinated one way or another. It happens that the protocol community decides it is ready to take a fixed form, only to confront the harsh reality that requires a complete restructuring, which raises questions and disagreements. What if the US dollar collapses and RAI, to keep their stablecoin relevant and up-to-date, needs to quickly create and maintain its own decentralized CPI? DeGov is needed here too, so a complete rejection of it would be infeasible.
It is also important to understand whether governance can be done off-chain. For a long time I argued that this method should be used wherever possible, and base-layer blockchains are well suited for this. But in applied-level projects, and especially in DeFi projects, we often encounter the problem of direct control of external assets by smart contracts, and that control cannot be distributed. If a malicious actor seizes governance within Tezos on-chain, the community could hard-fork with no losses other than (admittedly high) coordination costs. If a malicious actor seizes MakerDAO governance on-chain, the community could easily create a new MakerDAO, but it would lose all ETH and other assets stuck in the existing MakerDAO CPI. Therefore, while off-chain governance works well for base layers and some application-layer projects, for many application-layer projects, especially DeFi, formal on-chain governance is required in some form.
DeGov Is Dangerous
However, all current forms of decentralized governance carry substantial risks. For those who read my articles, this is not new. I am concerned by two main categories of coin-voting problems: first, inequality and imbalance of incentives even in the absence of malicious actors; second, open attacks via bribery in various forms (often quite sophisticated and tangled). To mitigate the first, solutions have been proposed (for example, delegation); more will follow. But the second is far more dangerous — it’s the elephant in the room that, in my view, cannot be addressed within today’s coin-voting paradigm.
Problems with Coin Voting Even in the Absence of Attacks
Even without explicit attacks, coin-voting problems become more evident and collapse into a few categories.
- Small groups of wealthy participants (“whales”) implement their decisions more often than large groups of small holders. This relates to the tragedy of the commons in the second group: since each participant cannot significantly influence the result, they have no incentive to bother voting. Even if participation is rewarded, there is little incentive to study the issue and cast a thoughtful vote.
- Coin voting expands the power of coin holders and advances their interests at the expense of other parts of the community: protocol communities consist of various groups with different values, views and goals. But coin voting concentrates power in a single group (coin holders), especially the wealthy, leading to excessive emphasis on raising the coin price, even if that implies harmful rent extraction.
- Conflicts of interest: the right to vote accrues to one circle of participants (holders of the coin), and the wealthiest members of that circle gain too much influence. This can lead to excessive influence of conflicts of interest within that elite (for example, investment funds or holders of tokens of other DeFi platforms with which this platform interacts).
The most commonly employed remedy to the first problem (and thus to mitigate the third) is delegation. Small holders do not need to participate in every vote; instead they can delegate decision-making to trusted community members. This is a worthy and useful experiment that could show how delegation might soften the problem.
On the other hand the problem of centrism among coin holders is more complex: it is embedded in the very system in which their votes are the sole data input. A mistaken belief that this mechanism was designed intentionally rather than arising from a bug already leads to confusion and dangerous consequences. Here is what the author of one (generally excellent) article on the public goods of blockchain complains: “Can crypto protocols be considered public goods if they are owned by a few ‘whales’? In discussions these market-based base elements are sometimes called ‘public infrastructure,’ but if today blockchains serve the ‘public,’ then the public of decentralized finance. Essentially, these token holders have only one common interest: price.”
These are unfair accusations; the public blockchains serve is much wider and more diverse, but our coin-voting governance systems fail to reflect this idea. It seems creating a governance system worthy of this diversity will be difficult without a fundamental rethink of the paradigm itself.
The Deep, Fundamental Vulnerability of Coin Voting: Buy Votes
The situation worsens when attackers step in with the aim of undermining the system. The fundamental vulnerability at the heart of coin voting is plain to see. A token in a coin-voting protocol embodies two rights combined into one asset: first, an economic stake in the protocol revenue, and second, the right to participate in governance. This is a deliberate combination intended to merge power and responsibility. But in practice these two rights can be separated quite easily.
Imagine a simple wrapper contract with the following rules: if you deposit 1 XYZ into the wrapper contract, you receive 1 WXYZ in return. This WXYZ can be converted back into XYZ at any time, but you also receive dividends. Where do the dividends come from? While the XYZ coins remain inside the wrapper, the wrapper contract alone has the right to decide how to use them in governance (proposing, voting on proposals, etc.). Each day the wrapper contract simply auctions this right and distributes profits among the initial depositors.
As the XYZ holder, would you want to invest in such a contract? If you are a very large holder, perhaps not. While the dividends would help, you would fear that an unknown buyer could wield your governance rights without your knowledge. But if you hold only a small stake, you would be highly interested. If an attacker buys your governance rights, you would suffer only partially from bad governance decisions you participated in, but you would receive all the dividends from the auction where they were sold. This is the classic tragedy of the commons.
Suppose the attacker, pursuing their interests, disables the DAO. The harm to each participant from such a decision is D, and the probability that a single vote changes the outcome is p. Suppose the attacker offers a bribe of B. The payoff table would look like this.
If B > D × p, you are likely to take the bribe, but if B < 1000 × D × p such a decision will harm the community. Thus, if p < 1 (and usually p is far less than 1), an attacker will have the opportunity to push a harmful decision by buying votes from users and ensuring each is compensated far less than the harm they cause.
Those who doubt the bribery problem might ask: are voters so immoral that they would accept such an overt bribe? The average DAO token holder is an enthusiast who is unlikely to welcome such brazen and selfish betrayal of the project. But there are far more sophisticated ways to separate profit-sharing rights from governance powers, where something as explicit as a wrapper contract is not required.
A simple example is loans on a DeFi lending platform (e.g., Compound). A user can lock their ETH in a CDP (collateralized debt position) on one of these platforms, after which the CDP contract allows them to borrow some XYZ — up to roughly half the value of the ETH deposited. They can then do anything with this XYZ. To retrieve their ETH, they must return the borrowed XYZ plus interest.
Note that throughout this process the borrower bears no financial risk from owning XYZ: if they use their XYZ to vote on a governance decision that destroys XYZ value, they themselves do not lose a penny. They must return to the CDP exactly as many XYZ as they borrowed, so they do not care what happens to the price of XYZ. Now the rights are separated: the borrower has governance rights without economic interest, and the lender has economic interests without governance rights.
There are also centralized mechanisms to separate these rights. The most notable is that when users place their coins on a (centralized) exchange, the exchange holds all these coins and is the one that retains the ability to use them for voting. This is not mere theory; there is evidence that exchanges use their users’ coins in several DPoS systems.
Some DAO protocols employ time-locking methods to limit such attacks: to have voting rights, users must lock their coins and not move them for a while. These methods can limit short-term attacks like ‘buy-vote-sell’ but ultimately time-lock mechanisms can be circumvented: users can hold coins and vote through a wrapper token contract (or, more trivially, through a centralized exchange). Regarding defense mechanisms, time-locks are more like a newspaper paywall than a lock and key.
So far many blockchains and coin-voting DAOs have managed to avoid such attacks in their most dangerous forms. Signs of bribery attempts do occasionally appear.
Although these are serious problems, simple economic logic suggests there should be more examples of direct bribery of voters, including its intricate forms using financial markets. A natural question arises: why do aggressive attacks occur so rarely?
I would say three factors currently matter, but may fade in the future.
- Team spirit of a cohesive community where everyone feels part of a single “tribe” and a shared mission.
- High wealth concentration and coordination among token holders; large holders have a strong influence on outcomes and invest in long-term relationships with each other (ranging from “old boys clubs” of venture capitalists to other equally influential but more covert communities), making bribery substantially harder.
- Immature governance token markets: ready-made tools for creating wrapped tokens exist in the form of proofs-of-concept, but they are not widely used. There are also bribery contracts, but they are not fully developed, and liquidity in lending markets is low.
When a small coordinated group owns more than 50% of the coins, which together with the rest are invested in a cohesive community, and only a small number of tokens are lent at reasonable rates, all the above bribery attacks may remain only theoretical. But over time the first and third points will inevitably lose their power, and the second must lose power if we want to make DAOs more fair. Will DAOs remain secure when these changes occur? And if coin voting cannot reliably resist attacks, what then can?
SOLUTION 1: LIMITED GOVERNANCE
The first, already tested, way to mitigate the listed problems is to limit the power of coin-based governance. There are several ways to do this.
Use on-chain governance only for applications, not for base-layer governance: Ethereum already does this, since the protocol is governed off-chain, while DAOs and other applications atop the protocol are sometimes (but not always) governed on-chain.
LIMIT GOVERNANCE TO FIXED PARAMETERS: Uniswap does this, allowing governance to influence, first, token distribution and, second, the 0.05% fee on the Uniswap exchange. Another good example is the RAI “no governance” roadmap, where gradually fewer functions are controlled.
ADD TIMING DELAYS: when a governance decision made at time T takes effect, for example, only at time T+90 days. This allows users and applications that view the decision as unacceptable to switch to another app (perhaps via a fork). Compound’s governance has a time-delay mechanism, but in theory the delay could be (and ultimately should be) much longer.
BE MORE FORK-OPEN: make it easier for users to coordinate and implement forks. That way, a governance capture would be less profitable.
The Uniswap case is particularly interesting: the idea is that on-chain governance funds teams that can develop future versions of the protocol, but upgrades to these versions can occur only with user consent. This is a hybrid of on-chain and off-chain governance, leaving on-chain governance with limited powers.
But limited governance alone is hardly a viable solution; the areas where governance is most needed (for example, funding for public goods) are themselves the most vulnerable to attacks. This weakness in funding public goods is tied to the fact that an attacker can gain by pushing through a bad decision that channels funds to themselves. Therefore, we also need techniques to improve governance itself…
SOLUTION 2: GOVERNANCE NOT BASED ON COINS
The second approach involves moving toward governance forms not based on coin voting. But if not coins, what should determine the weight of a given account’s vote? There are two natural alternatives.
- Identity verification (proof of personhood): such systems can verify that an account corresponds to a real person so that each person gets one vote. This idea has been attempted with Proof of Humanity and BrightID.
- Participation verification (proof of participation): such systems can verify that an account corresponds to a person who participated in an event, completed a course, or performed some valuable work in the ecosystem. This idea has been attempted with POAP.
There are also hybrid variants: for example, quadratic voting, where the weight of a vote is proportional to the square root of the economic resources the voter commits to the decision. To prevent people from manipulating the system by spreading their resources across many accounts, identity verification is required, and the remaining financial component allows participants to convincingly demonstrate how much they care about the issue and the ecosystem as a whole. Gitcoin’s quadratic funding is one form of quadratic voting. DAOs with quadratic voting are also being created.
With participation verification, things are more complex. The main problem is that determining adequate participation again requires a robust governance structure. Perhaps the simplest solution is to seed the system with 10–100 manually selected early participants, and then gradually decentralize as the selected participants of Round N determine participation criteria for Round N+1. The possibility of a fork provides a path to restoration if governance “goes off the rails,” and generally discourages attempts to seize power. Both identity verification and participation verification require some form of anti-circumvention to ensure that the non-monetary resource used to measure voting rights remains non-monetary and does not end up in smart contracts that sell governance powers to the highest bidder.
SOLUTION 3: SKIN IN THE GAME RISK
The third approach envisages ending the tragedy of the commons by changing the rules of voting itself. Coin voting fails because, although voters bear collective responsibility for their decisions (if everyone votes for a terrible decision, their coins become worthless), each individual voter does not bear personal responsibility (if a terrible decision is made, those who supported it suffer no more than its opponents). Can we create a voting system that changes this tendency and imposes personal, not just collective, responsibility on voters?
Open to forks can work as a “skin in the game” strategy if forks are created as Steem and Hive did. When a destructive governance decision is made and it becomes impossible to challenge it inside the protocol, users can undertake to create a fork. Moreover, in that fork coins that voted for the wrong decision can be destroyed.
This may seem harsh and perhaps even an encroachment on the unwritten rule of ‘immutability of the ledger’ in cryptocurrency forks. But viewed differently, it seems much more reasonable. We preserve the idea of a robust firewall, where personal coin balances remain unharmed, but under this protection only coins that do not participate in governance are protected. If you participate in governance, even indirectly, via wrapper mechanics, you can be held liable for the costs associated with your actions.
This creates personal accountability: if an attack happens and your coins vote for it, they will be destroyed. Otherwise they are safe. Responsibility spreads bottom-up: if you put your coins into the wrapper contract and the wrapper contract votes for an attack, the wrapper contract’s balance is erased, and you lose your tokens. If a malicious actor borrows XYZ from a DeFi lending platform, in a fork scenario any lender loses. (Note that under such conditions it becomes generally very risky to lend a governance token to someone, and that is a deliberate choice).
RISK OF SKIN IN THE GAME IN DAILY VOTING
But the above protects only against truly dangerous decisions. What about smaller thefts where an attacker unfairly gains broad opportunities to manipulate governance economics, yet does not lead to serious destructive consequences? And beyond attacks, what about simple laziness and the fact that coin voting governance does not incentivize making better decisions?
The most popular solution to such problems is futarchy, proposed by Robin Hanson in the early 2000s. Votes become bets: to vote for a proposal you place a bet that it will lead to a good outcome, and to vote against — that it will lead to a bad outcome. Futarchy introduces personal accountability for obvious reasons: if you place good bets, you receive more coins; if you place bad bets, you lose coins.
Implementing pure futarchy proved difficult because in practice it is very hard to define objective functions (people care about more than the coin price!). However, hybrid forms of futarchy might work. Here are some examples.
- Voting as a buy-order: to vote for a proposal, you must place an irreversible order to buy additional tokens at a price slightly below the current price. This guarantees that if the decision is terrible those who supported it will be forced to buy back their opponents’ tokens, and in more “normal” decisions holders will have a wider field of decision criteria beyond price.
- Retrospective funding of public goods: public goods are funded via a retrospective voting mechanism — that is, after the result is achieved. Users can buy project tokens to fund it, signaling their trust, and receive a share of the rewards if the project’s goal is deemed achieved.
- Escalation games: aligning values for lower-level decisions is motivated by the possibility that the question might be considered more actively at a higher level, but more carefully. Voters whose votes align with the final decision will be rewarded.
In the last two cases, hybrid futarchy depends on some form of non-futarchy governance that can adapt to the target function or become final arbiter in dispute resolution. Yet this non-futarchy governance has several advantages that disappear when used directly: it comes later into effect, thus having access to more information; it is used less often, thus requiring less effort; and each use bears significant consequences, so it is wiser to rely on forks to align incentives for that final tier.
Hybrid Solutions
There are also solutions that combine elements from the approaches above. For example, the following:
- Time delays + elected governance specialists: this is one of the possible solutions to the ancient puzzle of how to create a crypto-backed stablecoin whose locked assets can exceed the value of the yield token without risk of governance capture. The stablecoin uses a price oracle based on the median of values provided by N selected providers (for example, N=13). Providers are chosen by coin voting, but only one provider per week. If users detect that voting attracts unreliable price providers, they have N/2 weeks to switch to another.
- Futarchy + anti-collusion = reputation: users vote by ‘reputation’ — a token that cannot be transferred. They gain more reputation if their decisions lead to desirable results and lose it if results are unfavorable.
- Weakly-coupled (advisory) coin-voting: such coin voting does not implement the proposed change directly, but merely publishes the results and makes the decision more legitimate when governance occurs off the chain. Here we gain the benefits of coin voting but risk less, since the legitimacy of coin voting automatically declines when there is evidence that it has been paid for or influenced by someone.
But these are just a few examples. There are many more opportunities to explore and develop token-free governance algorithms. The most important today is to move away from viewing coin voting as the sole legitimate form of decentralised governance. Coin voting is attractive because of its apparent neutral neutrality: anyone can go and obtain a few governance tokens on Uniswap. Yet in practice coin voting today may seem safe precisely because of the imperfections of its neutrality (namely that a large share of all coins remains held by a tightly coordinated group of insiders). We must approach the idea with caution that current coin voting forms are “safe by default.” Much remains to be learned about how they function in times of rising economic stress, as well as in mature ecosystems and financial markets, so now is the time to start experimenting with alternatives.
The translation of Vitalik Buterin’s “More Money: What Ethereum Is and How the Blockchain Is Changing the World” was prepared by Inna Provorova.
Рассылки ForkLog: держите руку на пульсе биткоин-индустрии!