DAIHard Game Theory

How Credible Threat of Burn Powers an Unstoppable Gateway to Crypto

This article will detail, in a fairly rigorous way, how DAIHard can work as an unstoppable gateway to crypto, without using any centralized components such as arbiters or moderators.

(See my Toasted Money articles (part 1, part 2) for more on the theoretical background of Burnable Payments and Toastycoin, the experimental predecessor to DAIHard.)

If you haven’t yet seen the example usage video, go check it out first to get more context for this article.

The Scenario

A Seller creates a sell offer, 300 DAI for $300, by depositing the full 300 DAI. A Buyer commits by depositing 1/3 this amount, 100 DAI. (Or maybe the Buyer offered the trade first, by depositing his 100 DAI, and waited for the Seller to commit with 300 DAI). Either way, the trade now holds a balance of 400 DAI, and is in the Payment Phase.

The Buyer now has a decision to make, which forms the beginning of our game tree:

Make the Payment, and Click Confirm

The Buyer transfers the money via one of the payment methods included in the trade terms (cash drop, in person transfer, bank transfer, etc.) and clicks confirm. How nice!


Aborting will punish both parties, by burning 1/4 of the Buyer’s deposit (25 DAI) from each party. This clearly isn’t the best outcome, but it’s better than the ugliness that happens in the right branch, which we’ll get to in a moment.

Don’t Make the Payment, but Click Confirm Anyway

The Buyer clicks confirm, even though they have not delivered or transferred the fiat in full.

In the latter two cases, the trade moves to the Judgement phase. The Seller can react by burning or releasing, which we’ll represent with some additional nodes:

Now that we have all possible outcomes mapped, we can start reasoning about some of the final choices. Let’s start with the section on the right, the ugliest part — the Buyer didn’t send the fiat, but claimed he did.

The Fiat was Not Sent. Will the Seller Burn or Release?

First, remember that at this point, there is no option to get the DAI back. The only options for the Seller are: burn (destroy) the DAI or release it completely to the scammer.

There are two ways to analyze this choice: emotionally and rationally. The emotional argument is worth mentioning: people don’t want scammers to “get away with it”. If they have the choice, they’ll generally choose to prevent the scam from profiting even if it doesn’t reverse their own personal loss. So, from an emotional perspective, we can count on a Seller to burn instead of releasing.

But the argument from rationality is quite a bit stronger. Suppose the Seller released the money, even though he was scammed. The scamming Buyer would thereby profit, getting 300 DAI for nothing, but there’s more: he would be able to depend on the Seller as a free source of successful (profitable) scams. He would have an interest in watching and waiting for the Seller to open another offer (if he does), and would immediately commit to the trade and try to scam again.

Thus, by releasing the DAI to the scamming Buyer, the Seller has directly decreased the utility of the platform, because the chances of him being scammed have increased. This is true even in the absence of any reputation system (which is the state of DAIHard at launch), because a scamming Buyer can use third-party tools to know when the Seller opens another payment.

As reputation tools are added, this argument becomes stronger: releasing in response to a scam will attract not only the same scammer, but any scammer who happens to notice that the seller has a reputation of being a “weak player”.

So from two perspectives (emotionally and rationally), the “burn” option is much more likely to be chosen by a rational Seller, in response to a failure to transfer the fiat. We can conclude outcome D in the diagram to be game theoretically unlikely, and cross it off.

Now let’s look at the happier section of the game tree, on the left, where the fiat was sent:

The Fiat was Sent. Will the Seller Burn or Release?

Again we have both emotional and rational arguments, both of which are mirror-images of those just discussed.

Emotionally speaking, the Seller will be grateful for the completed trade, and so will be happy to release the funds.

Rationally speaking, the Seller would like to build a reputation (both with this specific Buyer and with future potential Buyers) for releasing in response to a successful fiat payment. Burning would only make any of his future sell offers less likely to find a committed Buyer.

(It’s also worth noting here that if the Seller is simply lazy and makes no choice, the funds will automatically release after the “release window” timeout.)

So by similar logic, we can cross off outcome B as well, as game theoretically unlikely.

Reverse Induction, FTW

Remember, to even attempt this scam, the Buyer must deposit 1/3 of his possible payoff (in our scenario, 100 DAI for 300 DAI). Before putting his 100 DAI in, he’ll first think ahead and imagine the response of the Seller once the scam has been revealed. He probably won’t sit down and draw up a game tree, but it’s likely he’ll arrive at a similar conclusion we did: once the scam is revealed, the Seller is much more likely to burn the total 400 DAI than release it, for both emotional and rational reasons.

(This is why reverse induction is useful: first we modeled the Seller’s final move, and then recognized that the Buyer would also do so, and arrive at the same conclusions. That lets us predict the Buyer’s predictions (and therefore his choices) with a high degree of accuracy.)

This leads us to some exciting conclusions about the platform in general.

An Intentional, Rational Scammer Will Simply Not Commit

If the Buyer’s idea all along was to scam, we can model that as him crossing off the entire left side of the tree:

Just like WOPR from WarGames, he’ll be forced to conclude that it is a strange game in which “the only winning move is not to play”.

Better to just keep his 100 DAI and move on.

(there are some corner cases in which this becomes less reliable, which we address below.)

An Undecided Scammer Will Decide Not to Scam

If the Buyer hasn’t decided whether he’ll attempt a scam or not, but has committed to the payment, the most attractive move by far is to play ball and transfer the fiat. All other moves result in guaranteed or probable punishment.

A Committed Buyer who Can’t Pay will Abort

If the Buyer intended to pay, but suddenly finds he can’t (maybe the payment methods were too vague? Maybe the Seller is not communicating?) he’ll be better off aborting, rather than pushing the contract to the Judgement phase, where both parties will lose out.

Corner Cases

Game theory always applies imperfectly to real life. There are some cases in which the game theoretical arguments above break down.

Short Auto-Release Windows and Inattentive Sellers

If you take a look at the DAIHard’s create page, you’ll see 3 time windows you can adjust. The last one is how long the Seller has to decide whether to release or burn, before the DAI automatically releases.

This feature is there to protect honest Buyers against the scenario where a lazy Seller is happy to get his fiat, and doesn’t care to return to the app (and pay the gas) to execute the Release method.

But there’s a downside to this default action: if a Seller isn’t paying enough attention, a Buyer could click Claim, moving the phase to Judgement, without having paid the fiat — just on the hope that the Seller will not click burn in time. If the auto-release window is anything less than 8 hours, for example, this could happen while the Seller is asleep.

(We recommend using Etherscan’s address watch feature to mitigate this danger.)

The Seller Leaks Personal Information

Consider the above scenario, where the auto-release window is 8 hours. With only this information, the scammer still can’t really guarantee a payout, because he doesn’t know when the Seller will actually sleep. But if he does know when the Seller falls asleep (or, close enough, knows what time zone he’s in), suddenly his chances of a successful scam go up significantly.

In addition to such strategic considerations, if the Seller’s identity is known, it’s possible that someone has a personal reason (game theoretically “irrational” but no less real) to hurt the Seller. They might be happy to throw away their own deposit to burn 3X that amount of the Seller’s DAI.

A State Burns DAI to Throttle Exit

Imagine DAIHard takes off in Zimbabwe, where irresponsible economic policies are having a huge negative impact on the locals. The people start exiting from the local economy into crypto via DAIHard.

To the extent that the Zimbabwean government has money to turn into DAI and burn, they can begin a campaign to identify every Zimbabwe trade on the platform and commit, only to force the Seller to burn the DAI. If they want to prevent their citizens from exiting the economy via DAIHard, this is about the best strategy they have.

This doesn’t kill DAIHard, but it does throttle it (for a specific type of trade, in a specific jurisdiction, as long as the government can fund the throttling). In a way, this is only a specific case of the previous point, where the “identity” that has been leaked is the fact that the trader is Zimbabwean, and the “irrational” reason the Buyer has to force the burn is to disincent usage of the platform.

Users could mitigate this risk by using things like unofficial gossip networks and codewords to keep ahead of the (comparatively slow) governmental reaction. Alternatively, users could use DAIHard primarily to find a reliable counterparty, by opening many small trades until one finishes successfully — then use that contact directly, off-chain, to engage in more trades.

A Reliable Platform with Explicit Risk

It’s quite a daring proposition to put your DAI into a contract that may put you in a situation where the best remaining option is to burn it all. This article has made the argument that this risk is unavoidable, yet small. However, note that such a risk is not unique to DAIHard , compared with alternatives — just more explicit:

  • A centralized exchange will always include the risk of a hack or exit scam, which also threatens the entire balance of any in-progress trades (not to mention the crypto left on the exchange post-trade). But worse than DAIHard, in these cases the entire method of exchange collapses. Each user who relied on the exchange must find a new gateway to crypto — if one exists at all in their jurisdiction.
  • A more direct parallel, in a slightly more distant field, is darknet markets. If you try to buy acid from a vendor on a darknet market, you run a very similar risk as in a DAIHard trade: there is no guarantee that the vendor won’t just accept your payment and not send the goods. A vendor’s reputation can only ever tell you that, so far, no such thing has happened, but it has no guarantee about his future behavior. Also, like an exchange, a DNM can be destroyed without warning.

In both cases, one cannot avoid the risk — but the risk is acceptably low, so we keep using the platforms. With DAIHard, at least, systemic collapse of the platform is never part of the risk, and a user who was burned once still has the option of using the platform again (perhaps more carefully this time).

How small is the risk of burning? We’ll have to wait and see. Likely the answer will be multidimensional, where the risk depends on the nature and context of the trade: how long is the auto-release window? What fiat type is being used? What is the margin? Is there a looming, controlling state, willing to burn money to throttle exit?

We are confident, however, that it’s not a matter of discovering whether DAIHard is worth using, but simply in which cases it’s useful. We can’t wait to watch this sort of knowledge being generated, and expect it to rapidly evolve beyond anything we could have imagined at launch.