An Analysis of Monero Governance

TL;DR: Cryptocurrrency governance is informal, abstract, and under appreciated. I explore Monero’s governance process and how the ideology and community influence these design decisions. This is the first piece in a series around governance — I will explore more projects in the future.

What is Decentralization?

Measuring decentralization in Crypto protocols has 3 main components:

  1. Node-level (cost of running full node, flat vs tiers)
  2. Architectural (How much power do miners hold, is mining distributed?)
  3. The governance process (how do the rules change?)

The first and second are largely technological problems and design choices. There are many models along the spectrum, such as PoW, PoS, DPoS, and Masternodes. There is much debate over what solution is optimal, and how to balance the tradeoff between decentralization and scalability.

The governance process, however, is a more human issue and is often not formally defined (though projects like Decred, Dfinity, and Tezos are experimenting with on-chain voting). Most projects today appear decentralized from a node or architectural level, but remain quite centralized in their governance structure.

To maximize a network’s resiliency from all sorts of attacks, the governance should be as decentralized as possible, even at the expense of efficiency and innovation.

This is not an issue that can be solved through technology. What matters is ideology and philosophy. In this essay I explore how the Monero project tries to achieve this through their informal governance process, touching on its use case, history, core stewards, and funding mechanism.

Monero: Optimizing for Sovereign-Grade Censorship-Resistance

Monero is a privacy focused coin, aimed at individuals who care about financial privacy. Often called a “Mobile Swiss Bank”, there is a huge market for Monero in the offshore banking sector, wealthy who want to avoid targeted crime, and those who want a truly fungible cryptocurrency.

Potential attackers include governments, hackers, criminals, and researchers. Aside from the obvious 51% attack, attackers could target key individuals through seizure or arrest. They could influence a handful of developers to secretly insert backdoors, or drive the direction of the protocol to benefit themselves.

In this scenario, it won’t matter how strong the anonymity set is, or how cheap transactions are. If there’s an attack vector through a centralized and vulnerable governance process, it will be exploited and the network may become less secure.

On the decentralization spectrum, an ideal privacy coin should maximize for protection against Governments, corporations, and nefarious actors. Monero’s governance aim is to maximize for “sovereign-grade censorship-resistance”, at the expense of everything else.

This statement sounds obvious, but this is different from projects like Ethereum that are optimizing for “platform-grade” censorship-resistance. Chris Dixon puts this philosophy bluntly when he states that “decentralization for government censorship is not the main reason decentralization is important”. Dixon believes that the real importance of decentralized systems is the level playing field they create for 3rd-party developers.

Though hardcore bitcoiners and libertarians may shake their heads at this, there is some truth to what he’s saying. Not everything needs to be maximized for resiliency and sovereign grade censorship resistance. One could argue that flexible multipurpose projects like Ethereum, EOS, or Tezos need centralized decision making to have any chance of effectively evolving and iterating. Monero has a more simple and restricted use case, and it’s unlikely the core protocol will need the rapid iterations and large pivots of other projects.

History of Monero: The Importance of Stewardship

To get a full idea of Monero’s governance ideology, one must understand its origins. Bytecoin was the first implementation of the Cryptonote protocol, but users discovered that 80% of the total supply was premined by unknown parties. User thankful_for_today decided to fork and launch Bitmonero, but he proposed controversial changes and refused to listen to the community. Seven community members forked and launched Monero, becoming Monero’s first Core Team.

Unlike most protocols where the core developers drive protocol development, the Monero Core Team aims to act as stewards, with the goal of enabling others to contribute to Monero. They aim to build the minimum amount of structure that open source protocols require, while encouraging a decentralized governance and development process.

“One of the Core team’s roles is to manage the codebase of the Monero Project, which includes merging code on Github, keeping backups, and ensuring the safety, security, and free access of the code from any party.” — Source

The result is 192 developers contributing code to Monero over the last 12 months. Finding well intentioned, altruistic developers is the biggest challenge for open source projects, and the community encourages new members to learn and participate.

Monero’s Scheduled Hard Forks

The term ‘hard fork’ has a negative connotation, and is associated with ineffective and contentious governance. Monero embraces the concept and undergoes schedule hard forks every 6 months to roll out new software releases and fix bugs. Upgrades like RingCT, multisig, and bulletproofs are implemented through these schedule hard forks. At a predetermined block height, miners and users will opt into the new software and development continues as before.

These hard forks go through smoothly, because the Monero is still small and evolving. Developers are very focused on improving the base layer, and steady progress is essential. At some point, however, the design is going to stabilize and the protocol will reach a more mature level. Hard forks will become more problematic, consensus will be harder to achieve, and scheduled hard forks might go away altogether. Only when there is a pressing issue (quantum computing) will the base chain undergo hard forks.

This is a natural evolution that all cryptocurrency protocols must undergo. An increase in stakeholder diversity and usage will make achieving consensus harder.

On /u/fluffyponza, Monero’s Resident Troll

Most people familiar with Monero will be familiar with Riccardo Spagni, the lead maintainer for Monero. He is one of two core team members who aren’t anonymous. Newcomers often think of him as the “leader” or inventor of Monero, similar to Zooko’s role for ZCash. He is very direct, trolls alot and often addresses critics in an abrasive manner. This alienates many people and lead some to question the quality of the Monero as a whole.

Fluffy has put forward explanations for his behavior, but part of it is an attempt at maximizing resiliency and decentralization for the project. Fluffy believes that “dev worship” is a huge problem and should be especially avoided for privacy-specific projects. Having a public leader for an open source protocol can be helpful in establishing a vision, driving development, and making quick decisions in times of crisis. This attracts investors who are used to seeing famous CEOs enact their grand visions (Jobs, Musk, Gates, etc). This phenomenon repeats itself in many cryptocurrencies today, such as Ethereum (Vitalik) and Litecoin (Charlie).

However, protocols with a single public face also have single points of failure. What if Fluffy is forced to leave the project, or is targeted by authorities? What if he gets compromised somehow? If Fluffy acted as a focal point for Monero, it could be beneficial in the short term and attract lots of attention and support. However, the long term costs (centralization, tail risk) could be too great. That being said, there is a delicate balance becoming the “Face of the project”, and trolling too much and alienating potential valuable contributors.

The most resilient “cockroach” protocols focus on community and tech, not price and personality. They should be respected despite the people involved, not because of them.

Part of the reason Bitcoin has survived for so long is the lack of a dominant personality, even if it’s at the expense of driving forward development in an efficient manner. Satoshi left the Bitcoin project in 2010, as he probably felt the community had reached a point where it could sustain itself without a central leader driving the project.

Monero Funding: The Forum Funding System

Funding open source projects is a notoriously difficult task. Token sales could be the long term solution, but the model is under regulatory scrutiny at the moment and might not be applicable to payment and store of value coins.

Monero is funded purely through a donation-based crowdfunding system, called the Forum Funding System (FFS). This is a pure meritocracy, where anyone can propose ideas and request funding. The funds remain in escrow until certain milestones are reached, ensuring accountability. Successful fundraising requests have include salaries for core devs and researchers, hardware wallets, meetup materials, and integration of Monero into other payment platforms.

In its short history, FFS has been fairly successful. Many high quality proposals have been fully funded and completed. There are some strengths and weaknesses compared to other novel funding mechanisms in the crypto space.

Strengths:

  • FFS is a completely Meritocratic and Democratic system, allowing anyone to request funding or donate. It allows contributors to work on the project full time when they otherwise could not. Only high quality proposals are taken seriously and fulfilled. There is a much smaller risk of someone raising a huge amount of money and running off with it.
  • FFS itself is a decentralizing force. Instead of most projects where only core team members get compensated through receiving a portion of crowdsale funds, any skilled dev or researcher that contributes and puts in the work can request funding. It enables newcomers to take a more active role in the project. Additionally, the feedback given on FFS proposals is a great source of crowdsourced feedback/intelligence.
  • FFS lowers the chance of developers steering the protocol in the direction of a corporation that funds them (Bitcoin/Blockstream). Devs/researchers now have alternative funding mechanisms, and are kept in check by regular updates/logs and meeting milestones. The incentive structure aligns nicely, as it holds project recipients accountable in the public eye. If they fail to reach their goal, future funding proposals might not get filled.

Weaknesses:

  • FFS might not be a powerful enough funding mechanism. Projects that have conducted token sales have tens of millions of dollars in their treasury. ZCash uses a block reward mechanism, and the ZCash company and Foundation collectively receive 2.63% of all ever coins mined. Based on the current inflation schedule, the ZCash company and foundation collectively receive $75,000 (at ZEC = $400) every day. Dash operates with a similar model, as 10% of block rewards are reserved for successful treasury proposals. The Dash team receives about $4 million a month (at DASH = $600). Having a huge warchest enables rapid expansion, powerful marketing efforts, and a margin for error.
  • Donations might dry up over time. How will the FFS perform if there’s a prolonged Crypto recession? Efforts reliant on funding could stall if the whole space crashes and prices crater. Market conditions could have a strong effect on the ability for developers and contributors to keep working. After the dotcom bubble popped, Wikipedia’s biggest backer Bomis withdrew funding, and the cofounder Larry Sanger left, feeling unable to commit to the project on a volunteer basis. Wikipedia was able to succeed despite the setbacks, but it remains an outlier. Open source projects that lose funding tend to lose developer interest as well. In contrast, projects that have assembled huge warchests from their token sales have a runway for many years regardless of market conditions.

Future of FFS:

As Monero grows, there will inevitably be development of second layer solutions like lightning network or MimbleWimble while preserving user optionality (they can use main chain or second layer solutions). The possibility of second layer mining split (a la Decred or ZCash) could be explored as a complementary funding mechanism. To maintain decentralization, the main chain should remain incentive and reward free, but teams building on second layer solutions could explore this possibility.

Conclusion

Decentralization is a core ethos of the cryptocurrency movement, yet most projects remain quite centralized in terms of of decision making and governance. Monero eschews this model, favoring community driven consensus and decentralization instead of rapid implementation and efficiency.

This is a rational approach for a privacy coin aiming to maximize its censorship and collusion-resistance capabilities. Bitcoin tried to optimize for the same conditions, but has fallen into a gridlock around scaling and debate, resulting in numerous forks. As it grows and more people become involved, the biggest challenge for Monero will be maintaining this focus and balancing the tradeoff between decentralization and protocol innovation.

If you enjoyed this piece, you can find me on Twitter!