EthDAO governance

Scope:

  • The organization has the authority to manage funds intended for ecosystem development.
  • The organization will be granted an initially finite pool of funds, and possibly some ongoing set of funds by diverting a portion of the block reward to the organization’s vault.
  • The organization will host a technical council for formal signaling on EIPs.
  • As the DAO for the base layer protocol, we can rely on protocol forks as part of the process.

Summary

We describe an Aragon organization configured for the purpose of grant making and technical signaling for the the Ethereum community.

The organization leverages existing Aragon apps to define a grants council and technical council. ETH holders are granted root authority over the organization via a vote.

Grants Council

  • A committee of public stakeholders will be formed by granting specific addresses with a single non-transferrable token.
  • Members of the grants committee are expected to be engaged with the grant process and are granted permissions to submit grant proposals to a vote.

Technical Council

  • A committee of public stakeholders will be formed by granting specific addresses with a single non-transferrable token.
  • Members of the technical council will be expected to signal their approval (or lack thereof) for EIPs which have been moved to the accepted state.

Adding and Removing Members

An initial set of addresses is added at initiation, members can be added or removed by council vote.

Grants Process

  1. A member of the grants committee submits a funding transfer to an address from the organizations vault referencing a proposal stored on GitHub.

  2. A vote of grants committee members is open for 1 week, with 10% approval quorum, and 50% support requirements.

  3. If approved, funds are transferred after a 3 week delay.

Root Authority

An ETH Holder vote is considered the root authority in the organization. A 2 week long vote with 25% approval quorum and 50% support can make arbitrary changes to the permissions of the organization.

EthDAO permissions

Parameterization

Voting (Root)

  • Duration: 2 Weeks
  • Approval Quorum: 25%
  • Support: 50%

Voting (Grants)

  • Duration: 1 Week
  • Approval Quorum: 10%
  • Support: 75%

Voting (Technical)

  • Duration: 1 Week
  • Approval Quorum: 10%
  • Support: 75%

Token Manager (Grants)

  • Transferrable: False
  • Max: 1

Token Manager (Technical)

  • Transferrable: False
  • Max: 1

Thanks to @lkngtn, author of this governance scheme

7 Likes

While I admire the initiative, I have to nitpick on some of the details.

If the purpose of this is to allocate the EF’s budget, I believe that protecting against capture is paramount. In this setup, the EF would lose sovereignty over their funds as soon as they are sent to the DAO—they would not be able to withdraw their funds without the approval of the DAO. Further, because the rules of the DAO can be arbitrarily changed by ETH holders, you could end up in a scenario where the ETH holders attempt to hijack the funds (which would take 2 weeks) and the EF would have one attempt to try and withdraw their funds via a grant payment to themselves (which would take 1 week).

It is exactly these issues that led me not to use Aragon for the MolochDAO.

Second, I don’t think ETH holders should be able to have final say. Holding ETH does not strike me as having enough skin in the game to have the right to decide the ultimate fate of the DAO. Instead, I think ETH holders who want to participate should be forced to spend some of their own ETH towards the grants they decide to fund, and only earn voting rights proportional to their contributions. This is doable in the proposed paradigm but is weakened by the ability of ETH holders to make arbitrary changes at will.

Again, I admire the initiative here. We’re all in this together and want to see Ethereum transcend to the next level. If some of these changes were made I would be much more optimistic about the EF allocating some of their budget to this DAO, and would likely use it to build the next iteration of MolochDAO as well.

8 Likes

Furthermore, I strongly caution against 50% majority rules voting and recommend a combination of meritocracy/futarchy/game theory:

https://apache.org/foundation/how-it-works.html

https://vitalik.ca/general/2019/04/03/collusion.html

Basically, a voting system without voting (because as long as a voting system involves votes, it cannot be fair):

  1. Anyone who has a project proposal just starts working on it

  2. Anyone can view any project

  3. Anyone can “vote” for a proposal by joining it and contributing crypto/work/ideas/moral support

So it’s

  1. Github but with no PRs, just forks by anyone

  2. How the Apache Software Foundation works but with a blockchain

  3. Blockchain but people can “pool” their wallets by paying the wallets of the members of a project (possibly through a project wallet that automatically disperses the funds according to the % investment = % ownership for each member)

I think this is actually a great idea. In the long term future, you could just implement futarchy as the DAO’s governance and reward their participants if the ETH price goes up.

But in the short term, I think the “spend to buy voting rights” mechanism makes sense to incentivize people to have skin in the game. This would actually be trivial to implement in an Aragon DAO.

Not sure I follow – are you talking about a 51% attacks on the DAO, where a cartel decides to distribute the money to themselves and screw passive participants over?

1 Like

I love that train of thought, however I was trying to articulate something so simple that it could be deployed in a week. Meritocracy, futarchy, etc. are still early and may take months to actually be usable

3 Likes

imo simpler works better

1 Like

are you talking about a 51% attacks on the DAO, where a cartel decides to distribute the money to themselves and screw passive participants over?

Yes, exactly this. Although it doesn’t have to be as extreme as a cartel deciding to give themselves the money, it could also just be that they no longer agree with how the rest of the token holders are voting to allocate the resources and want to exit. The ability to exit at any time is what preserves their sovereignty over the funds.

2 Likes

We are building the Aragon Court which completely solves 51% attacks, but I guess we shouldn’t wait until the end of the year to have this DAO launched.

2 Likes

I’m not sure you get it. From the Aragon Court description it seems that it’s just a way for ANT holders to arbitrate issues in Aragon DAOs, not for the individual members of those DAOs to retain sovereignty. It actually further abdicates sovereignty of the DAO to the ANT holders, creating an additional attack vector.

The fact that you think this “completely solves 51% attacks” makes me seriously question your understanding of the game theory at play here.

To be clear, if the funds solely come from the EF and the only DAO members are trusted members of the EF, then the risk of 51% attack is reduced. But at that point the DAO is indeed a glorified multisig, and my primary hesitation would be the security risk of using less battle tested contracts to manage the funds than the EF / Gnosis multisig contracts.

If, on the other hand the EF wants to join forces with the greater Ethereum community to help allocate the funds in a more decentralized way, then this outside participation inherently increases the risk of a 51% attack. Having the ragequit function for this is essential because it allows coordination even in the absence of trust.

1 Like

From Aragon Court v1

A design goal of the mechanism is to require very few jurors to adjudicate a dispute and produce a ruling. A small number of jurors is adjudicated by default to a dispute, and their ruling can be appealed in multiple rounds of appeals.

Jurors are randomly drafted to adjudicate disputes. Because the Court isn’t sybil resistant, jurors chance to be drafted is proportional to the amount of ANJ they have activated.

If your objectives are to have few jurors, that condones centralization / cartel formation based on ANT/ANJ concentration and antithetical to solving for 51% attacks because you make it easier for the 51% attacker to collude with the adjudicators (there are fewer adjudicators).

At the very least have some kind of quadratic costing mechanism to discourage concentrated voting so that it’s more difficult for collusion between the 51% attacker and the court jurors. Your quorum is so low (10-25%) so incentivizing DAO users to participate in adjudication would also still get the job done (you don’t need ANT whales) and users would participate if fees were sufficiently competitive (eg. dynamic fees in mining).

2 Likes

The objective is to be able to resolve disputes involving few jurors in the first round to make the Court as efficient as possible. Jurors know that their ruling can be appealed multiple times and each appeal brings a larger amount of jurors to adjudicate (the last appeal involving all active jurors).

Then in the final appeal:

The most voted option will be the winning ruling of the dispute, and all jurors that vote for the winning option will have their ANJ locked for a period of time. So in the case of a successful 51% attack of the court, all the tokens that participated in the attack will be locked for a period of time, giving the losing jurors the opportunity to sell their tokens to the curve.

A successful 51% attack on a DAO that uses the Court for protection would first require a 51% attack of the Court that would lock them into the Court for some time, allowing honest jurors to exit the curve, making the attack very expensive.

4 Likes

Allowing the EF to unilaterally deposit and withdraw funds from the org would simply require granting their multi-sig address the transfer funds permission. From a launch perspective this could be a simple way to dip feet without much risk relative to the status quo.

I think this approach would make sense if the source of funds were coming from new donations only, though in that case it seems duplicative of the efforts on Moloch DAO. The underlying premise here is to make the use of EF funds more transparent and accountable to ETH holders. I think the justification for ETH holders having control of funding decisions is based on the fact that they are the source of funding for the protocol, both in the initial crowd-sale and through the ongoing funding of the block reward out of ETH inflation.

In the current version of the proposal the “exit” strategy is to have all fund transfers subject to a 3 week delay, so an illegitimate transfer would take a total of 1 week for voting and 3 weeks prior to being executed. If we allow the EF to withdraw funds from the vault at any time that is a 3 week period to exit prior to funds moving, if we don’t allow the EF to withdraw unilaterally then the assumption would be a HF and irregular state change could be used to block the transfer.

Normally I think relying on a HF + irregular state change in a DAO would be unreasonable, but given that this proposes the organization as an extension of the overall Ethereum governance process which largely revolves around social consensus it seems reasonable to set the expectation and norm that the organization is ultimately subservient to the existing social consensus layer.

I don’t want to fully respond to this here, as its not really relevant to the proposal, but for clarities sake. The court is intended as an opt-in dispute resolution layer which an organization can choose to use to help provide subjective constraints on what an organization can do, and assuming there is consensus among the organization stakeholder an organization can also opt-out and choose to no longer use the court. It is intended to protect minority and passive participants within an org from actions taken by the majority of stakeholders within the organization. I think that it is a good solution for “51 percent attacks” in many circumstances, but it’s still an untested mechanism and shouldn’t be seen as a solution to anything until it has been tested in incrementally more critical situations.

6 Likes

Vitalik also has an idea for eliminating 51% attacks: https://ethresear.ch/t/explanation-of-daicos/465

• Both investors and developers can ragequit

• Game theory

• Alternatives to voting

I wonder if there’s a way to combine equity/vote/crypto rewards <–> founding/merit/work contributions in a cycle of checks and balances, or just replace voting completely with say forking.

3 Likes

I’ve been a big proponent of “DAICOs” for a long time. Giving people who are contributing explicit rights as to how funds are used and where possible providing a means for them to exit is something that should absolutely be done. I think this was always the biggest issue with the ICO mania–there was no transparency or accountability to capital providers.

This proposal is very much in that spirit, as the the idea is for funds that were raised in the Ethereum ICO to be moved into a DAO so that they can be managed in a more transparent manner and have more accountability to ETH holders… However, given that ETH is the native asset on the platform the idea of rage quitting necessarily ends up requiring a hardfork (which happens off-chain and requires no voting!).

At risk of getting too off topic, In many ways everything that we are building at Aragon is intended to allow for those sorts of structures. There is already the flexibility to have an organization have multiple groups within an organization based on different tokens representing different stakeholders. You can see a basic example of this in the Aragon Coop org where there is a non-transferrable token limited to one per address used to manage organization membership, and a separate non-transferrable token used to manage reputation. Right now Aragon Black is working on set of applications to facilitate accountable crowdfunding based on bonding curve and tap mechanism, funders would have a transferrable token that can be exchanged against a bonding curve, and funds are gradually released to the projects discretionary pool over time.

8 Likes

I like this idea too! We’ve implemented it and welcome further discussion.

https://github.com/disclosure-exchange/smart-contracts/wiki

1 Like

Aren’t they already in place on a global scale?

Is there any though into how this committee will be selected?

3 Likes

I’d think that multiple committees can be proposed, and then ETH holders can vote their favorite one. Alternatively, people present themselves for the committee, and the top X most voted get into the committee.

1 Like

I’d think that multiple committees can be proposed, and then ETH holders can vote their favorite one. Alternatively, people present themselves for the committee, and the top X most voted get into the committee.

Sorry if I’m missing something here, but how would that voting happen? Getting any type of signal from the broader Ethereum community is extremely noisy and unreliable, esp because the default is to have people manually comb through social media to aggregate signals. This often leads to inconsistent results that favor the noisiest group or the last man standing after everyone else is exhausted and burnt out. Would you create a DAO or coinvote type thing specifically for that process, or do you have something else in mind?

1 Like

Exactly, just a coinvote DAO

2 Likes