Philip Daian recently published two articles exploring how trusted hardware can be used to facilitate vote buying in a particularly concerning way. If you haven’t read the articles yet, I highly recommend taking the time to do so in full.
The general premise is that trusted hardware such as Intel’s SGX platform can be used to sell limited access to a private key. In such a setup someone can provably grant access to sign a vote without giving up ownership of the voting key itself. Such activity can happen opaquely, so it is not clear to any other party that such a transaction has occurred. This vulnerability is related to the key generation process, and is possible with any scheme that allows users to generate their own key in an untrusted environment.
He goes on to explore both simple and more complex attacks that exploit this process, with the most interesting being the idea of a “dark DAO” that acts as a vote buying cartel that is completely hidden. Such an organization would accumulate influence by having voters run malicious software and when activated would swing votes in order to create unexpected bad outcomes and profit from short-selling.
This has significant impacts on DAOs and other on-chain organizations that rely on voting (including the consensus layer, both PoW and PoS). This post is intended to discuss such attacks, their feasibility, and possible mitigations.
First, for such an attack to be successful users must be willing to trust their key (and associated assets) to custom wallet software that allows vote buying. Its unclear whether a significant portion of users would be willing to take such a risk, especially, as such an action could easily result in their assets being stolen by a malicious party.
At first glance it would seem that 1p1v and other identity constrained systems are more heavily impacted by vote buying attacks, because in 1p1v systems each voter has a small and identical influence, but voters may have drastically different stakes. In such a system voters who have low stakes will be willing to sell their votes relatively cheaply.
In stake-weighted or reputation-weighted voting, voters influence is more closely tied to their stake in the system and therefore would need to be compensated much higher in order to convince them to take an action that would cause them to loose or devalue their stake. PoW is weighted hash-power weighted voting, and can probably be thought of similarly to proof of stake, though the possibility to fork and remove stake may be a significant difference.
However, despite this, even stake weighted/reputation weighted systems seem vulnerable if voters assume that others are likely to participate in vote buying, as they may choose to participate as a means to cut their loses.
The best option seems to require key generation in a trusted environment, however, such an approach could be challenging while retaining the permissions nature of a public blockchain application.
For some types of DAOs it may be possible to require voters to provide a written justification along with their votes that can be used to determine if a vote is legitimate or not. Votes which are bought may struggle to provide a convincing justification, particularly if they are being manipulated through a semi-automated process like a dark DAO. These justifications could be combined with a subjective oracle mechanism, like the Aragon Court, in order to slash voters in the event that their written justification appears fishy. Such a mechanism would increase the risk of participating significantly.
Forking and subjectivity may also be a possible solution, where in the event of an attack a fork can be created and then a market based mechanism used as a fork-choice rule. This may be easier to implement at the base layer, but in narrow cases may also be applicable at the application layer (eg Augur). This type of approach is unlikely to work well in cases where there are communal assets which cannot be forked.