Governance of Blockchain Networks & Other DAOs (Part 2)
Read Part 1 here
This is a chapter from “Token Economy,” Voshmgir, Shermin. 2019.
It is partially based of a journal article which was published by the author in 2017: Voshmgir, Shermin: “Disrupting governance with blockchains and smart contracts,”, Journal for Strategic Change.
Governance is the term that is colloquially used by many to describe the social consensus process over protocol evolution. It is a decision-making process that can happen either “off-chain” or “on-chain.” However, the governance process of a public blockchain network really consists of two parts. In addition to the “social governance” process, that defines the network’s policies on a collective level, the “algorithmic administration of governance” automates the enforcement of those policies.
The governance of Web3 networks and their decentralized application consists of two parts: “social governance” and “algorithmic administration of governance.” Algorithmic administration of governance refers to the protocol rules written in machine-readable code — a blockchain protocol or smart contract code — which are automatically enforced by the P2P network of computers. These protocol rules also define how protocol updates are to be conducted. In an autonomous setup, tokenized invectives are at the core of the economic coordination game forming the protocol. While Web3 and their applications allow us to automate certain bureaucratic functions of organization and formalize institutional rules with self-enforcing code, what we write in the code, or how we upgrade the code, is a result of public debate and collective action of all network agents.
Social governance refers to the human decision-making process over when and how to conduct potential protocol upgrades in a Web3 network or in the smart contract code of a DAO. It deals with the institutionalized decision-making process of how stakeholders in the network receive necessary information to make educated decisions about future protocol upgrades. Discussions over protocol upgrades happen on social media, like YouTube, Twitter, Reddit, or other open or closed online forums like Slack, Telegram, etc. Information is vital for node operators to decide over which protocol upgrade to accept. They need to be properly informed to make informed decisions. However, navigating in a sea of information, and evaluating the authenticity and credibility of that information and signaling is difficult.
DAOs are co-steered by the human agents acting as node operators who all have different preferences and goals. They have collective influence over the general network behaviour (system outcome) and will react to the system outcome. It is assumed that each stakeholder in the network has their own individual self-interest, and that these interests are not always fully aligned. Stakeholders in the network propose or vote for policy changes that will be formalized as protocol upgrades, reflecting their own self-interest. The human agents are part of the system and actively participate in the systems, either by using the services of a DAO (users), by contributing code to the network constitution (developers), or by contributing to maintain network services. In the case of the Bitcoin network, miners individually contribute to collective maintenance of a P2P payment network (read more: Part 1 — Bitcoin, Blockchain & Other Distributed Ledgers). In the case of Steemit, curators and content creators contribute to the collective maintenance of a social network (read more: Part 4 — Steemit & Hive). In the case of MakerDAO contributors are rewarded for the collective maintenance of the Stable Token DAI (read more. Part 3 — Stable Tokens). In the case of Aragon network actors are/were rewarded for the collective maintenance for a DAO platform. As a result, there are feedback-loops between the individual actors and the whole network. Since individual actions affect the system, who all have interdependencies with external events, the system as a whole evolves over time.
While the governance structures of nation states had centuries to evolve and mature, blockchain networks have only existed for ten years, and many governance questions around how to conduct protocol changes are still unresolved. What we can see from the brief history of blockchain networks is that, while blockchain protocols and smart contracts are a great tool to replace large-scale bureaucracy, in their current form, they are an insufficient tool when confronted with “unknown unknowns” in complex multi-stakeholder environments. Smart contracts can only be as smart as the people who developed and audited them, based on the information, coding practices, and toolchains available to these people at the time of coding. Algorithmic administration of business logic and governance rules can therefore only depict known knowns, and known unknowns, but not unknown unknowns that are a result of: (i) conditions that change over time; (ii) human error; or (iii) information asymmetries in complex multi-stakeholder environments.
- Conditions that change over time are best understood through the events that unfolded in the Bitcoin network around the so-called “Block Size Debate,” which took over two years and resulted in a subsequent hard fork that led to splitting the network. Blockchain networks are still nascent, and there is continuous need to improve and adapt the protocol to new circumstances and needs. Most of the recent protocol changes in the Bitcoin network and similar blockchain networks deal with issues of scalability, privacy, and decentralization (for example, building ASIC resistance into the protocols to avoid the centralization of mining). Public networks, therefore, need to be able to continuously adapt their protocols and make improvements. Such improvements, however, require a consensus of network actors on how to conduct these protocol updates, the dynamics of which are subject to political science, organizational science, and sociology. How the different stakeholders respond to changes in the code has become increasingly critical for the success of many blockchain projects.
- Unforeseen events that might trigger protocol upgrades can be best understood when analyzing the events around TheDAO, and the subsequent Ethereum hard fork in 2016. A vulnerability in one of the smart contract functions, designed to represent minority rights, was exploited and used to drain 3.6 million ETH (roughly 50 million USD at the time) from TheDAO smart contract. This incident exposed the lack of dispute settlement and governance mechanisms for “edge cases” induced by unforeseen events, both on a smart contract level (the token governance rules of TheDAO) and on the level of the Ethereum network itself. The incident displayed the limitations of pre-defining and pre-regulating all possible human interactions, including potential attack vectors of bad actors, with complex lines of code.
The reality of these complex socio-economic systems is that they are technology-enabled social organisms. They require an iterative social governance process of finding consensus about policy upgrades. This process can be conducted either “off-chain” or “on-chain.” The topic of the governance of Web3 networks is gaining more importance, especially in the light of the increasing number of disputed protocol updates of public and permissionless networks, like the above mentioned cases of the Bitcoin and Ethereum networks, the Aragon network, or in the case of the Steemit network and the subsequent hard fork into the Hive protocol (read more: Part 4 — Steemit & Hive) There seems to be a growing consensus that questions of governance of large multi-stakeholder environments are often complex, and conditions are unpredictable and emergent and cannot be fully engineered in advance. However, there is no common understanding on what an ideal system of governance could look like. The “human governance process” is a messy one, and this, after all, is what what crypto-anarchist movement behind the Bitcoin network wanted to avoid in the first place. However, governance problems are applied social problems, and often need to be resolved by human intervention, not only math.Checks & Balances in the Network
As more diverse and alternative distributed ledger systems are entering the Web3 playing field, it is hard to generalize the stakeholders in such networks. To keep it simple, however, the main stakeholders can be summed up as (i) miners, (ii) developers, (iii) users running full nodes, (iv) users not running full nodes, and (v) the business ecosystem that might act as a market maker, including exchanges, merchants, etc.
- Miners write transactions to the ledger and keep the network safe from attacks. Their network contributions are incentivized by block rewards and transaction fees, which means that they tend to prefer protocol upgrades that could secure or increase their future earnings. Miners generally have a better ability to coordinate, as they are a smaller and more concentrated group. This gives them disproportionate power compared to other stakeholders who are more scattered and usually with less means to coordinate their interests. In theory, wealthy miners could pay developers to pursue protocol updates that are in their best interest, thereby gaining more power in the network.
- Developers create the protocol and maintain the network with regular protocol upgrades. Many public protocols like Bitcoin or Ethereum have no native mechanism to incentivize developers, which is one of the short-comings of the decentralized governance of early blockchain networks. Personal ideology and reputation very often seems to be a driving force to contribute with code. Indirect incentives could result from contributing to the network’s resilience, which could potentially increase the value of their existing token holdings.
- Token holders running full nodes: Depending on the type of network, and the type of software fork, users running full nodes have more or less say in the case of protocol upgrades. If full nodes have a right to contribute, they are likely to prefer upgrades that could improve the functionality of the network and/or increase future token prices.
- Token holders running light nodes usually have no say in the network, since they use third-party services without running their own full node. In some cases, these token holders might be able to “coin-vote” with their tokens. They can also sell their tokens altogether, thereby influencing the market price and a potential mass exodus from the network.
There is a certain form of checks and balances in place, where miners and token holders who run full nodes can adopt proposed changes or not. The process is as follows: Developers submit so-called “pull requests,” a code improvement proposal. Miners decide whether or not to actually adopt the laws in practice. Token holders who run full nodes of the network can veto by not running a version that aligns with what the miners are running. Any token holder, full node or not, can revolt by selling his tokens or by using different networks. Some argue that forking reflects a strong exit, while selling tokens reflects a weaker exit.
Experience has shown that community dynamics with protocol upgrades are quite similar to public discussion led by media, including social media, before national elections. We therefore need an institutionalized mechanism to coordinate stakeholders in the network while balancing the interests of everyone. If a certain group of stakeholders can coordinate better than others, this could result in information asymmetries and power imbalances.
While different stakeholders have some incentives in common, it is hard for any consensus protocol to fully align the interests of all stakeholders. Token holders running full nodes and developers might prefer upgrades that result in lower transaction fees. Miners will find such a proposal unattractive, since transaction fees are a source of income for them. They might favor protocol upgrades that would yield larger block rewards, which would increase the inflation rate and thus would probably not be in the long-term interest of any of the stakeholders involved. Since an absolute incentive alignment is not feasible, the question of how to institutionalize the social governance process of protocol upgrades is a delicate balancing act
Off-Chain vs. On-Chain Governance
Early blockchain protocols like the Bitcoin and Ethereum protocols rely on a simplistic assumption of “code is law,” and have a rather spontaneous and not well institutionalized social consensus process that happens “off-chain.” Several newer blockchain projects, such as Tezos, Dfinity, and Decred, have introduced alternative proposals of how to mitigate the shortcomings of the governance processes of the Bitcoin and Ethereum networks. They introduce various “on-chain governance” models where protocol governance is regulated and implemented, at least partially, on the protocol level.
“Off-chain governance” describes a protocol upgrade process where decision making first takes place on a social level, and is then encoded into the protocol by developers. It has to be accepted by miners and users. Both the Bitcoin network and Ethereum network rely on off-chain governance processes. Developers share their improvement proposals online. Any developer can submit the so-called “pull requests” of an improvement proposal to the community. This is similar to how representative democracy works: anyone can make a proposal to change a law, however, there are certain institutionalized procedures in place that might vary from country to country. The same is true for blockchain protocols.
- The Bitcoin governance process: In the Bitcoin network, developers coordinate via a mailing list and a repository of improvement proposals, also referred to as BIP (Bitcoin Improvement Proposals), where anyone can contribute proposals for a protocol upgrade. Developers coordinate and discuss implementation proposals via Slack channels, Skype, IRC, etc. Users can contribute with opinions on discussion forums like “bitcoin-talk,” on subreddits like “r/bitcoin” and “r/CryptoCurrency,” or via Twitter. It is important to note, however, that there is no native reward mechanism in the Bitcoin protocol for developer contributions. Some developers are paid by companies, who have their own interest in the Bitcoin network, to contribute with code. The Bitcoin Network has gone through several soft forks and hard forks in the past. More politicized protocol updates like the aforementioned “Bitcoin Block Size Debate” resulted in heated and prolonged discussions in the community, giving rise to several hard forks of the chain, like “Bitcoin Cash.” Since hard forks require all miners to upgrade their clients to the new protocol, which can lead to splits in the network, many protocol upgrades were included as soft forks (read more on forks: Part 1 — Bitcoin, Blockchain, & Other Distributed Ledgers).
- The Ethereum governance process: As opposed to the Bitcoin network, which is more decentralized, the development of the Ethereum network was funded and governed by the Ethereum Foundation in the first years of its creation, and was therefore less decentralized. The foundation raised funds in a public token sale that issued some amount of pre-mined Ether (ETH) to investors against Bitcoin, and allocated some additional pre-mined Ether to the foundation. Similar to Bitcoin, the Ethereum protocol is open source, and anyone can contribute with code and make improvement proposals, also referred to as EIPs. Developers, hired by the foundation, drive new ideas and try to be transparent about the development process, for example, by broadcasting their core developer discussions on YouTube. Similar to Bitcoin, developers who are not hired by the foundation have limited incentives to contribute to core development, except for bug-bounties and development grants. Past protocol upgrades have shown that coordination around challenging issues happens faster than in the Bitcoin network. This might be the result of a different network culture. After all, Ethereum was created as a reaction to Bitcoin’s tendency toward a more conservative understanding of “code is law.” Furthermore, as opposed to Bitcoin, where the creator Satoshi Nakamoto is anonymous, and stopped communicating over the Internet on his view of Bitcoin’s state of development a few years back, Vitalik Buterin, the founder of Ethereum, is visible, outspoken, and trusted by the community. His opinions seem to matter to many when it comes to controversial decision making. The similarities to Bitcoin’s improvement proposal process will change, however, if and when Ethereum switches to Proof-of-Stake. Current miners will lose power to token holders with a sufficient amount of ETH to run a so-called “virtual miner” (validator). Given the fact that solutions like “1protocol” allow even the smallest ETH holder to participate, the distinction between a miner and a user could also potentially democratize the validation process, which is currently concentrated around an oligopoly of mining pools.
The lack of incentives for developers is one of the greatest challenges in current protocol development, which leaves the maintenance of these networks under the control of a small group of core developers who are either paid by private companies (Bitcoin) or a foundation (Ethereum). In both cases, the development process of the public infrastructure is limited to a small group of people, which makes the whole network vulnerable to bribery and attack.
“On-chain governance” Some novel blockchain networks have integrated coordination mechanisms for “on-chain” governance that allow developers to broadcast their improvement proposal on-chain, to be voted upon and deployed on the test network for a certain amount of time, after which the proposal will be voted upon again and deployed on the main network. This means that any decision that is being taken is automatically executed.
In this process, developers get compensated with tokens on the fly when their improvement proposals are executed. Anyone with the necessary skills can submit a proposal and be rewarded with network tokens, providing a strong incentive for decentralizing maintenance of the network. Users can also coordinate on-chain, which could reduce the power of developers and miners compared to off-chain decision processes. “On-chain” governance protocols might also be designed in a way to roll back and edit ledger history, allowing a “self-amending ledger,” as opposed to off-chain governance that requires a hard fork to erase a past transaction. It is possible that such retroactive amendments will require different voting thresholds, depending on the type of change.
- Tezos is a public and permissionless blockchain network similar to Ethereum, with built-in governance and more security mechanisms around smart contracts. While the project has faced serious managerial problems, their governance model is quite interesting: token holders can approve protocol upgrades, which are automatically deployed on the network once approved. The proposed protocol upgrade comes with an attached invoice in the form of a smart contract, which pays out the developer upon approval and inclusion of their upgrade. Improvement proposals to the protocol can be conducted by any developer. Once approved, changes would go live on a test network, and upon further approval, be implemented on the main network. On final implementation of the improvement proposal on the mainnet, the developer would be paid in newly minted network tokens.
- Dfinity is a tokenized and decentralized network for cloud computing. In addition to the Tezos proposal, they allow retroactive changes to the ledger in cases of consensus among the token holders. Amending the ledger is highly controversial, since “immutability” is considered by many as the core USP of the Bitcoin network and other public distributed ledgers. However, proponents of the self-amending ledger appreciate its ability to remove what some might consider “illegal activities by bad actors.” However, the definition of “illegal” is subject to jurisdiction and also prone to censorship limiting freedom of speech; it is therefore considered a double-edged sword.
A challenge with current proposals for “on-chain governance” is that they are plutocratic, which means that protocol upgrades are decided proportional to one’s token holdings. Token holders with more tokens would therefore have more voting power than smaller token holders. This is a considerable design question, given that token distribution is often disproportionately uneven. In the case of Bitcoin, at the time of writing this chapter, 3.06 percent of addresses hold 95.66 percent of the total supply. In May 2016, from a total of 11,000 investors, the top 100 holders held over 46 percent of all TheDAO tokens. In light of such plutocratic voting mechanisms, using the term “decentralization” could be perceived as contradictory.
Most on-chain governance solutions are proposals or have not been operational for a long time. It is, therefore, hard to foresee what the implications of such systems will be. Furthermore, while on-chain solutions can increase coordination and fairness, they are also risky, as they are harder to change once instituted, and might be exploited more easily. Off-chain governance, on the other hand, is relatively centralized and excludes many small token holders, especially those who lack the technical knowledge or financial power to assess network decisions adequately. However, despite potential centralization tendencies, token holders in a blockchain network can always easily exit by selling or hard-forking.
One can only assume that a certain amount of on-chain coordination makes global coordination easier, but it does not resolve the human factor. It is still unclear what the right balance between “on-chain” vs. “off-chain” coordination could look like. A meaningful combination of both approaches would most likely be best to resolve the decision-making process in large multi-stakeholder environments.
The Myth of Decentralization & Trustless Networks
- Smart Contracts as a default state: The inability to foresee unknown future events, as in the case of TheDAO incident, showed that smart contracts can only be a default state, which might need to be overruled by supermajority consensus within the relevant community whenever deemed necessary. The absence of dispute settlement and governance mechanisms for edge cases divided the community on a smart contract level (TheDAO), as well as on the blockchain level (Ethereum). Furthermore, code does not write itself, and is therefore prone to human error. While so-called “formal verification” in software development can reduce human error, it cannot eradicate all errors, or short-sighted assumptions. Artificial Intelligence may have, in the future, some impact. For the time being, however, while code can simplify transactions, it remains susceptible to human bias. Code can therefore only be a default state, based on which social consensus happens, if and when necessary.
- Inertia: Similarly, the Bitcoin scaling debate of 2016 and 2017 demonstrates how inertia can result from inadequate governance rules that account for large-scale decisions in a multi-stakeholder environment with unaligned interests at stake. In the absence of more flexible governance structures, the movers and shakers of the community inadvertently become the thought leaders and quasi agents of the principal (the token holder and other stakeholders). This might lead to inertia (case of Bitcoin) or the splitting of the network (case of Ethereum).
- Immutability & Censorship Resistance: TheDAO incident and subsequent Ethereum hard fork also raise questions about censorship resistance and immutability. Advocates of the Ethereum hard fork were accused of censoring the ledger, by going back in time and invalidating the transaction of the attacker. Advocates of the hard fork claimed that in a decentralized community, like TheDAO or the Ethereum network, no single entity can make such a decision without the majority of the community agreeing. They argued that, if there is consensus about changing the ledger, it wouldn’t count as censorship, but rather a community-driven natural evolution of the code or state of the ledger.
- New Gatekeepers: While smart contracts can reduce bureaucracy, and resulting principal-agent problems, there will always be a need for experts. The community of network stakeholders who get to decide on protocol updates must trust the design judgement of those experts. While such experts are more distributed, none of whom have executive power to decide what to do, they do concentrate power around their expert knowledge, and become the new “quasi” agents in a distributed network where “code is law.”
- Yes, it’s open source, but how many people can read it? Currently, only a handful of software developers and system architects understand the ins and outs of specific blockchain protocols to make educated decisions about protocol upgrades. Centralization is likely to coalesce around experts, developers, and system architects. Given the fact that coding skills are still not part of mainstream curricula in schools, educated decision making in a machine economy is a far illusion, from today’s perspective. While anyone, in theory, can contribute to the code, the required engineering skills needed might be considered an entry barrier, creating new principal-agent problems around understanding not only simple code (smart contracts) but also complex blockchain protocols.
- Information: The distributed nature of expertise, the multiple channels of communication, and the current lack of effective reputation systems make it hard for stakeholders to follow the online discussion process. While issues of communication and information dissemination are also concerns of contemporary (political) governance systems, Web3 communities are even more susceptible for such concerns. Where does reliable information come from, and what tools, such as visualizations and decision trees, are required to facilitate such processes? Experience from past protocol upgrades shows that if issues of information, moderation, transparency, aggregation, and reputation are not resolved, decentralization might become a meaningless word.
Read Part 1 here
References & Further Reading
- Alex T.: “On Chain VS. Off Chain Governance: The Ins And Outs“, April 25, 2018, retrieved from: https://coinjournal.net/on-chain-vs-off-chain-governance-the-ins-and-outs/
- Axelrod, Robert: “The Emergence of Cooperation among Egoists”, The American Political Science Review, Vol. 75, №2, Published by: American Political Science Association, pp. 306–318, June 1981
- Balaji, Arjun: “Zcash & the founder incentive trilemma Reorganizing the firm presents new principal-agent problems”, Jun 28, 2018, retrieved from: https://medium.com/@arjunblj/zcash-the-founder-incentive-trilemma-fe7689fc8293
- De Filippi, Primavera: “A $50M Hack Tests the Values of Communities Run by Code The ideal of a perfectly trustless technology is nothing more than an ideal”, Jul 11 2016, retrieved from: https://vice.com/en_us/article/qkjz4x/thedao
- De Filippi, Primavera; Mcmullen, Greg: “Governance of blockchain systems: Governance of and by Distributed Infrastructure” Blockchain Research Institute and COALA, [Research Report]. 2018. Ffhal02046787: https://hal.archives-ouvertes.fr/hal-02046787/document
- Daian, Phil: “Analysis of TheDAO”, June 18, 2016: https://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
- Ehrsam, Fred: “Blockchain Governance: Programming Our Future”, Nov 27, 2017: https://medium.com/@FEhrsam/blockchain-governance-programming-our-future-c3bfe30f2d74
- Hacker,Philip; Lianos, Ioannis; Dimitropoulos, Georgios; Eich Stefan, “Corporate Governance for Complex Cryptocurrencies? A Framework for Stability and Decision Making in Blockchain-Based Organizations”, Regulating Blockchain. Techno-Social and Legal Challenges, Oxford University Press, 2019
- N.N.: “Difference Between On-Chain and Off-Chain Governance”, BLMP Medium Blog, Jun 5, 2018: https://medium.com/@BLMPNetwork/difference-between-on-chain-and-off-chain-governance-c881cd3e6374
- N.N.: “Revisiting the on-chain governance vs. off-chain governance discussion,” Pool Of Stake, Medium Blog, May 22, 2018, retrieved from: https://medium.com/@poolofstake/revisiting-the-on-chain-governance-vs-off-chain-governance-discussion-f68d8c5c606
- Van Wirdum, Aaron: “Who Funds Bitcoin Core Development? How the Industry Supports Bitcoin‘s ‚ Reference Client’”, Apr 6, 2016: https://bitcoinmagazine.com/articles/who-funds-bitcoin-core-development-how-the-industry-supports-bitcoin-s-reference-client-1459967859/
- Voshmgir, Shermin: “To Fork of Not to Fork?”, Jul 4, 2016: https://medium.com/blockchain-hub/to-fork-of-not-to-fork-a9b077718fe3
- Voshmgir, Shermin: “Blockchain’s Problem with Unknown Unknowns”, Mar 12, 2017: https://medium.com/blockchain-hub/blockchains-problem-with-unknown-unknowns-6837e09ec495
- Voshmgir, Shermin: “Disrupting governance with blockchains and smart contracts”, Journal for Strategic Change, Special Issue: The Future of Money and Further Applications of the Blockchain, Volume26, Issue5, September 2017, Pages 499–509.
- Zamfir, Vlad: “Against on-chain governance Refuting (and rebuking) Fred Ehrsam’s governance blog”, Dec 1, 2017: https://medium.com/@Vlad_Zamfir/against-on-chain-governance-a4ceacd040ca