An ID DAO Concept for Blockchain-Based Referendums
Our current systems, based on representative democracy, face many problems. They are dysfunctional because they do not fulfill the fundamental goal of democracy, which is to ensure that the will of the majority prevails.
In a representative democracy, we typically choose our decision-makers from a very narrow selection. Often, the only criterion is choosing the “lesser evil”. After the election, the people don’t have much say in decision-making. For this system to function as a true democracy, where the state truly represents the will of the people, much more direct involvement from the citizens would be necessary. While the theoretical possibility exists in the form of referendums, organizing a paper-based referendum requires a vast amount of resources.
Fortunately, today we have the technology to hold online referendums in a cheap, secure, and completely anonymous way, allowing people to clearly express their will to the decision-makers.
This was the basic idea that led me to start exploring the concept of zero-knowledge-based anonymous voting. I’ve written several articles about it.
Besides being cost-effective (we could hold referendums on multiple topics even daily), such a system is virtually impossible to hack. However, this has one very important requirement: a reliable ID service is needed to guarantee that only real people are voting. (If you’re interested in why such a system is impossible to hack, read my article below.)
There are several ‘proof of humanness’ systems. Perhaps the most exciting one is WorldCoin, where people identify themselves with their retinas, ensuring that each person has only one account.
However, WorldCoin is not suitable for such an online referendum system, as it is important that only the citizens of the given country can participate in the vote. In this article, I will outline the concept of such a system.
To summarize briefly, WorldCoin’s WorldID works by creating an identifier after scanning the retina, which ensures that only one user account can be linked to each retina. The retina image cannot be reconstructed from the identifier, so the user’s privacy is not compromised, but the uniqueness of the user account is guaranteed.
When the user identifies themselves to a service, a zero-knowledge proof is generated. This ensures the user’s anonymity while allowing the service to be certain that the user can only register once. If the user registers with two different services, no connection can be made between the registrations at the two services. (If you’re interested in learning more about how WorldCoin works, read the article above.)
An ID service for referendums would work similarly to WorldCoin, but instead of the retina, some state-issued certificate would be required, proving that the user is a citizen of the given state and thus eligible to vote.
Obviously, the most straightforward solution would be for the state itself to operate the system and issue an identifier similar to WorldID. However, the state may have conflicting interests. If the state serves private interests (a captured state), it would not be interested in allowing the people to continually hold referendums to prevent this. In such cases, an alternative solution is needed.
A DAO-based ID and blockchain-based referendum is an improved alternative to the current representative democracy, similar to how Bitcoin is an alternative to the imperfect monetary system.
As the name suggests, the solution is based on a DAO, where users identify each other. The user performing the identification takes responsibility for ensuring that the identified user’s data is correct. To minimize the chance of fraud, each user is verified by four randomly selected other users. Fraud can only occur if all four randomly selected users are also fraudulent, which is highly unlikely. The identification can be repeated at certain intervals (for example, quarterly), further increasing security. The steps of the process are as follows:
- Anyone who has already gone through the identification process can apply to become a validator. Users pay for the identification service, and this fee is distributed among the validators, incentivizing them to perform the identification.
- If a new user wants to identify themselves, they pay the identification fee.
- The system randomly selects a validator (for example, using RANDAO) who performs the user’s identification. A video recording is made of the identification, so the additional validators only need to verify this recording.
- The system selects an additional 3 validators who review the video recording. If everyone approves the identification, the user’s account is recorded on the blockchain, with a unique hash generated from the certificate used for the identification serving as the unique identifier. This ensures that a user can only be added to the list once.
- If any validator is found to be fraudulent, they permanently lose their validator status. Additionally, all accounts they have validated become invalid, and the verification must be done again.
The entire system is very similar to Ethereum’s Proof of Stake solution, but here the stake is not a specific amount of money, but the person’s unique identifier. If someone cheats, they permanently exclude themselves from the list of validators. Similarly, validating users and video recordings is equivalent to mining, as validators receive payment for this. The first validator, who makes the video recording, receives 40% of the amount, while the other 3 validators receive 20% each for reviewing the video recording.
The system is not perfect, but it is very secure. If 10% of the validators are malicious, there is only a 0.001% chance that all four randomly selected validators will be fraudulent. Additionally, the process is repeated at regular intervals (e.g., every 4 months), making it very difficult to maintain a false identity in the long term.
It is also possible to validate not just citizenship, but other personal data as well (e.g., date of birth). This is made possible by the Semaphore library. When we register the user on the blockchain, a unique identity commitment is recorded alongside them. By default, this is a hash generated from the public key provided by Semaphore.
It is possible for this commitment to be not just a hash generated from the public key, but a hash of the public key and a Merkle root. The Merkle root is the root of a binary tree that contains the desired data in key-value format. After the user identifies themselves with a zero-knowledge proof, they can further prove the authenticity of any of their personal data using a Merkle proof. With this solution, in addition to citizenship, other personal information such as date of birth or residence can be verified, enabling local elections as well.
Such an ID service can be used not only for voting but also for building other systems, such as microcredit systems. Currently, a large portion of the money circulating in the world is credit money, created by banks out of thin air. Credit always requires collateral. What if we could provide the loan directly, with the other party’s identity serving as collateral? This concept is realized by Karma money, which is also based on a well-functioning ID system.
It is clear, then, that implementing such a DAO-based ID system would not be complicated, yet it would be extremely useful in many areas of application.