Possum Core, a principled approach to on-chain governance
TLDR:
- The first version of Possum Core, an on-chain governance module will soon be released
- PSM can be staked for rewards that depend on commitment and governance activity
- Possum Core enables the community to directly shape budget decisions
Context
Possum Labs is spearheading the development of positive sum DeFi which entails alignment of interests among stakeholders.
While we design our systems with governance minimisation in mind, i.e. creating immutable protocols with no need for management, a young project like ours can benefit from swarm intelligence fuelled by an active community.
We are happy to announce our first version of on-chain governance facilitated by PSM staking, giving the community the power to distribute a significant budget of PSM and earn rewards for doing so.
Our guiding principles for Possum Core:
1. Reward long-term commitment to the project
2. Reward active governance participation over passive staking
3. Provide maximum flexibility & access to capital for stakers
The current state of on-chain governance
Governance in DeFi and crypto in general is plagued by long standing problems and increasingly gets a bad reputation for corruption, centralising tendencies and value destructing power games. This is of no surprise as most forms of governance systems replicate actual governments but in a much more primitive and naïve way. Spending other people’s money, i.e. taxes on a country level or protocol fees and treasury assets in crypto leads to obvious misalignment of interest, especially if the involved participants are not required to have significant skin in the game. This is the case with politicians and too often a parallel can be drawn to opaque crypto governance schemes.
There are three main categories of governance systems in crypto:
1. The most common approach involves off-chain voting tools like snapshot with a subsequent execution by a multi-sig.
The obvious flaw with this approach is that the voting result is not enforceable on-chain in any way, if the key holders of the multi-sig don’t execute what was decided. The extreme centralisation of this form of governance is worth emphasizing. Not only is the execution dependant on a small set of insiders that can be coerced, bribed or otherwise influenced to make decisions in bad faith, but the centralisation starts even before that stage. Who decides what proposals are being put to vote in the first place? In most cases, the controlling team and their backers. On that topic, these systems widely use the 1-token-1-vote approach which ensures that insiders, i.e. team and early investors are in guaranteed control. Lastly, the lack of incentives for the average retail investor to participate in governance leads to apathy and easy game for the insider group.
There are good arguments to be made that certain decisions should be made by a dedicated and professional development team instead of the DAO. The mentioned governance approach is often used to simply avoid regulatory scrutiny and is “decentralised in name only” (DINO). Put differently, these are centralized businesses that make you believe you have a say. The latter part is the problem and all too common.
2. The second type of prevalent governance systems is a closed loop system that only rules over certain functions, such as incentive distributions.
Curve pioneered this type of governance with the CRV gauges and it’s probably the most copied governance system in crypto. This approach has merit, because it eliminates ambiguity about topics to govern over and sets the rules from the beginning. Closed loop governance also has the potential to be fully immutable and therefore reliable, which is an important quality for all participants and investors of a protocol. However, in practice, many such systems re-introduce centralisation via trusted parties (usually the team multi-sig) to change crucial settings or execute vital but permissioned functions such as reward conversions and distributions.
3. The third type of governance is full on-chain control over the governed protocol including code upgrades to fundamentally alter the system.
This type of governance was pioneered by Compound and forked many times, but also other approaches based on the same principles have been explored, for example by Beanstalk, which has led to a 150 million USD exploit in 2022.
The obvious downsides of this type of governance are concerns regarding security and reliability. As mentioned before, it’s usually prudent to let expert engineers make technical decisions, not a community of token holders who largely don’t have expertise in solidity, software development or mechanism design. This issue is exacerbated by the availability of flashloans and the general tendency to use the flawed 1-token-1-vote system. In combination, this is a powder barrel that waits to explode, just like the case of Beanstalk has highlighted. It also sets users of the protocol in constant alert mode because the protocol can be upgraded any time (usually after a timelock of a few days), exposing their funds to risks that may not be well understood — or feeding them outright into a malicious upgrade that rugs everyone.
Among the three main approaches, only the narrow focus of closed loop governance addresses the structural issues of ambiguity in decision-making, centralisation by design, security & reliability and incentivises retail participation.
However, present systems of that category are plagued by a variety of issues, like trusted management, potential upgradability, and lack of access to staked tokens by investors. Locking tokens for multiple years without a way to access their value in the interim poses a high opportunity cost to investors which can lead to the contrary result than what was intended. Instead of being long-term focused, participants in long duration hard-lock systems such as CRV tend to be short-term oriented because this is the only way they can realise their investment’s value within a reasonable timeframe.
When designing closed loop governance systems, it is important to consider second order consequences, which is still not widespread in crypto. It’s easier to put lipstick on a pig and make a quick buck of course, which is the bane of this industry. /rant
How Possum Core solves governance issues
As mentioned, a closed loop governance system with embedded rewards is the most obvious choice to solve for concerns around security, reliability and retail participation.
However, it is worth exploring how the decision tree of this type of governance looks like on a more abstract level to engineer a system from first principles that achieves set goals.
Effective and closed-loop on-chain governance has two major decisions to make.
First, where does money flow, i.e. which addresses can receive tokens.
We call this the decision over capital allocation — what the project can spend money on.
Second, how much value flows where and when.
We call this the decision over capital distribution — who gets money, when and how much.
In the case of Curve, the decision of capital allocation was already made by the designers of the system. Capital can only be directed towards liquidity pools within the protocol. The decision about capital distribution is a mix of predetermined decision making, i.e. the predefined emission curve, and stakers having the power to direct emissions to LPs of their choice.
Possum Core will be released as an immutable smart contract, cementing the rules from the very beginning and giving participants ease of mind. The mixture of being rewarded for commitment and activity over passive bag holding while preserving capital availability encourages participation and nudges stakers to act like business owners instead of chasing short term profit maximisation.
How Possum Core works in detail
The community of PSM holders can stake their tokens in the Possum Core contract to accrue “Core Fragments” (CF).
Upon staking, participants need to determine how long they want to commit their tokens to remain staked. The commitment period can be as short as 0 seconds, i.e. complete flexibility, and can be up to 1 year. However, committing the stake for a longer duration comes with benefits. The CF accrual rate increases linearly from 12% APR (0 seconds) up to 72% APR (1 year). This means, someone who stakes PSM and only wants to commit for 3 months would accumulate Core Fragments at 27% APR, i.e. 27 CF for every 100 PSM staked over a full year. In this example, participants could withdraw their stakes and potential rewards after 3 months without penalty or remain staked and continue to accrue CF.
However, in contrast to popular locking mechanisms, the commitment period chosen by the staker is a soft lock. This means that the stake can be withdrawn anytime and in full, even during the commitment period. However, doing so would forfeit all accumulated rewards, providing a strong incentive to maintain the stake until the end of the chosen period. A soft lock mechanism like this has the advantage that participants can always access their funds, if necessary, which can be very important for a multitude of reasons. This reduces the barrier of entry and boosts participation which is an important goal.
Now, what to do with the accruing Core Fragments?
CF can be allocated to whitelisted addresses. Allocating 1 CF to a valid address means that the contract sends 1 PSM to that address and also rewards the staker with 1 PSM in pending rewards. A classic win-win scenario.
While increasing the commitment period increases the rate at which CF become available (and by extension increase the potential rewards), there is another feature that encourages frequent activity and involvement: compounding.
Pending rewards are added to the staker’s balance when calculating the accrual of Core Fragments. This means that stakers can compound their rewards and exponentially earn more CF over time by staying active. Further, there is no need to unstake and restake. Governance participants can distribute CF and compound rewards for as long as there is PSM available to distribute in the contract. The contract will be preloaded with 300M PSM tokens to allow the system to run for well over a year, offering us the opportunity to gather valuable insights to optimize the next version.
Worth mentioning is that partial withdrawals and stake additions are possible as well. When withdrawing a portion of the initial stake, a proportional number of rewards will be forfeited or sent to the staker, depending on if the withdrawal happens during the commitment period or afterwards.
Stake additions work as you would expect. Upon adding to the stake, users can either extent the commitment period of the combined stake to maintain or increase the APR. Alternatively, users can add tokens but maintain the current ending date of the commitment period, which effectively means that the added tokens are staked for a shorter period and hence offer a lower CF accrual APR. The APR of the combined stake is the weighted average of the two stake positions where pending rewards count towards the existing stake.
Example:
Bob stakes 100 PSM and commits for some time to get a 40% CF accrual rate. After half the duration has passed, bob has accumulated 10 PSM in rewards. Now he adds 90 PSM with a commitment period ending at the same date as the existing stake. For easy numbers, let’s say the APR of the new stake is 20%.
Bobs combined CF accrual rate:
APR = ((100 + 10) * 40% + 90 * 20%) / (110 + 90)
APR = (44 + 18) / 200
APR = 0.31 = 31%
That being said, readers might have noticed that all of the above only explains the mechanism for capital distribution, but not how decisions regarding capital allocation are made.
Enshrining both levels of decision making on-chain while keeping it as flexible and open as possible is a great challenge because it requires two independent systems. Only one system can be directed by PSM because otherwise edge cases arise where the governance structure can be corrupted by sufficiently capitalized, malicious actors who list their own wallets and distribute rewards to themselves, effectively double dipping in a parasitic way.
Further research and simulations need to be done to determine a suitable approach, but NFTs look promising as a sybil-resistant identity method that is disconnected from the value and availability of PSM.
There’s more to come but for this version of Possum Core, the project’s multi-sig will manage the listing and delisting process with input from the community. Further, to guarantee stakers’ ability to distribute CF and earn rewards, there will be three addresses whitelisted on deployment, of which at least one must always remain listed.
This measure provides all important guarantees for participants while enabling us to test and experiment with the system to acquire further insights that will help us make informed decisions for the final version.
In summary, the proposed mechanism for the first iteration of Possum Core is engineered from first principles with clear goals in mind: Activate the community to participate in budget decisions, reward activity and commitment disproportionately, and ship fast to acquire insights for future iterations.
Stay Tuned For More
If you have any questions, comments, or feedback, we’d love to hear from you on Discord as well. To stay up to date on all announcements and alpha as we release new protocols and updates, make sure to join our Discord and follow us on X.