search

ethereum-funding / blockrewardsfunding

Project Management is happening in this repo, see the Issues! This is a fork of ethereum/eips.
18 stars 3 forks source link

Minimum viable governance #45

Open lrettig opened 5 years ago

lrettig commented 5 years ago

This is a complete, top-to-bottom proposal for a better, more explicit governance structure that aims to be as flexible as possible, to preserve as many of the nice things about Ethereum as possible, but also to improve upon transparency, accountability, and inclusivity via signaling. While this proposal targets Ethereum, it could equally be used for another blockchain or similar platform.

1. Base layer

At the bottom we have a real-world legal entity such as a foundation. It should be as "thin" as possible, in the sense that it holds little or no funds or assets, has the simplest possible governance (e.g., a proper board with at least seven directors, a minimal set of bylaws), and acts 100% transparently (something it legally commits to in its charter).

In the early days of bootstrapping a project this entity may fulfill a hodgepodge of functions: legal, recruiting, handling payments, marketing communications, etc. However, over time, it should be reduced to exactly one function: to provide real-world legal protection to the core developers. For this reason it will probably have some legal staff, and may require a contract with each core developer in order to extend legal protection to them.

(A Swiss-style Stiftung may or may not be the right jurisdiction and entity type, but that's beyond the scope of this proposal.)

2. Core developers

At the next layer come the core developers. This is a small, trusted group of individuals who maintain Ethereum clients and other core infrastructure, do research, and participate in rough consensus on protocol upgrades.

We must explicitly recognize that this group exists and that ultimate authority for protocol changes rests in its hands. This is a social layer of governance and is outside of the protocol itself. In order to prevent corruption, capture, and ossification, this group should rotate or new members should be able to join continuously, but this social process is beyond the scope of this proposal.

We may optionally choose to make the membership of this group explicit through an on-chain mechanism: see "core devs DAO", below. However, even in this case, we must remember that the core devs ultimately sits outside of the protocol.

3. The Core DAO

At the next layer, in protocol, exists a "Core DAO" that receives incoming funding, whether via block rewards or donations, and passes it down to a set of member DAOs, which may themselves contain a set of member DAOs, and so on. The Core DAO serves three purposes: it curates its own membership, passes funding down to a set of sub DAOs, and it facilitates and aggregates signals.

Membership

The Core DAO has one or more members, each of which is a sub DAO and each of which has a stake. In all votes, each member's voting power is directly proportional to their stake. A member DAO may be as simple as a multisig wallet or may be far more complex, and implements its own governance and management of funds.

Any member may challenge any other member's membership at any time by staking an amount at least as great as that member's stake. Other members may then vote on this challenge. The loser's stake is burned, and if the challenge succeeds, the challenged member's membership is terminated.

In order to add a new member, an existing member must make a proposal and stake a fixed amount of ETH (e.g. 100 or 1000 ETH). The proposal contains: [proposed new member, proposed membership stake]. If there are no challenges to this proposal, then after a set challenge period it passes, and the new member is added with their stake. The proposer's stake is returned.

Any existing member may challenge this proposal with a stake at least as large as the proposer's stake. Other members vote on this challenge as described above, and the loser's stake is burned. If the challenge fails, the new member is added.

A member may withdraw a portion of their stake, or may exit and withdraw their full stake, at any time. A member may only increase their stake via a proposal-and-challenge-period (effectively the same process as adding a new member).

Funding

The Core DAO holds no funds (other than membership stakes, which are not spent). All incoming funds (other than membership and proposal stakes) are immediately distributed to the member DAOs proportional to the size of their stake.

Signaling

Any member may propose a referendum, and during a fixed voting period each member gets a single vote. Referenda are separate from the membership curation process described above, and are non-binding.

These referenda provide valuable aggregate signaling to the core developers and to the community. The core devs may optionally commit to respecting the will of the community as expressed via the signaling mechanism. (However, there is no way to enforce this on chain, and the core devs must anyway be free to change the protocol in case of emergency.)

Bootstrapping

The Core DAO may launch with one or more member DAOs. It may launch with a single member DAO controlled by the core developers, which may reduce its relative stake over time as other member DAOs join. Having such a "core dev DAO" would make the ultimate stewardship of the network by the core devs more explicit and visible. This "core dev DAO" may choose to use incoming funds to fund themselves, their work, and shared infrastructure, and a portion or all of the incoming funds may be burned.

If only a single other viable DAO exists at launch, that DAO may be given a 10% stake and the "core dev DAO" may hold a 90% stake (as one example).

An ideal set of member DAOs of the Core DAO would be individual DAOs representing different groups of stakeholders, e.g., miners, investors, app developers, exchanges, etc.

Comparison to MolochDAO

This design is quite similar to and informed by MolochDAO, with the following key differences:

Goals

Standards

Several ERCs might be born out of this schema which could be used by many sub-DAOs, e.g.:

lkngtn commented 5 years ago

At a high level I think this structure makes sense.

I agree there is a need for a foundation if only to maintain things like the Ethereum trademark. It would be great if it also provided some legal/liability protection for core devs (though as an aside, I think independent devs might be better served by shifting their online presence to that of a company and incorporating as an LLC, rather than trying to rely on an umbrella relationship to a central foundation), I think over time the less dependency the ecosystem has on a single legal entity the better, however, I think its both reasonable and practical to include it as a layer of the overall governance process.

I think the "Core Dev" layer could be reasonably described as the existing EIP + rough consensus process for making protocol changes today. I think, at-least for purely technical changes, the process works reasonably well. However, for non-technical issues or technical issues that have significant non-technical implications the process breaks down.

For that reason I suggest being explicit about the existence and legitimacy of the wider non-dev social consensus layer between core devs and the "Core DAO". This could be completely informal and without structure as it is currently or it could be linked to the foundation and trademark governance, but by recognizing its existence it frames and limits the authority of the Core DAO. Essentially it is saying that while the Core DAO may exist, it can just as easily be made not to exist in the future because the social consensus layer will always super-cede the authority of the Core DAO.

For the Core DAO itself, I found the process reasonable enough though maybe a bit convoluted. Im not entirely sure what benefit there is in having funds flow through the organization versus having funds sit in the organization and then be allocated from there. However, regardless, I think the exact details of how the Core DAO is structured are actually not nearly as important relative to the social expectation set around the role of the DAO and the scope of its authority. I think it would be totally reasonable to have an initial set of members, and have members be responsible for adding or removing members over time. And then have members vote to allocate funds from a shared treasury (either to other DAOs or foundations or companies). The core concern people seem to have is that the Core DAO will concentrate power and the responsibility of allocating funds will make that incredibly likely to happen--but its ultimately the social consensus layer that grants that authority and can revoke it at any point through a hard fork. There is probably also no reason for the fund transfers from the Core DAO to be instant, they could all be subject to a delay of say a month, which would give the social layer sufficient time to coordinate a fork to veto any funding decision.

Anyways, to summarize, I think this is good and I think so long as we set the correct expectations about the authority of the Core DAO relative to the authority of the existing social consensus layer, the organization will be able to help coordinate resources more effectively over the long term (because funds are being sourced from protocol inflation and not from a fixed pool), and more transparently because proposals and decisions will ultimately be made publicly on-chain.

owocki commented 5 years ago

this is quite good; thanks for typing it up @lrettig

Comparison to MolochDAO

cc @ameensol on this

alexvandesande commented 5 years ago

First I'd question the need for a legal entity and a "core developer" layer. The whole point of this governance discussion is to make an on-chain distribution of funds. Of course, it's important to remove legal liabilities and IANAL but I imagine it's easier to do that by having multiple entities being responsible for themselves. Current "mining rewards" do not depend on a Mining legal entity to be disbursed, but of course mining pools and individual miners need to cope with their local jurisdictions.

Second, I would try to simplify the Core DAO much more and remove most of the staking and referendum parts, that should be put in the secondary layer of DAOs.

Remember a DAO is a set of self enforceable power limits so I would start with the basic of what powers we want to limit, so I would start with these set of rules:

In that sense I would simply do this:

1) Each member has a fixed number of non-transferable "electoral votes" which they can use to support or oppose any vote 2) If any proposal gains X votes, it is scheduled to be activated in N days 3) During that period, if a proposal gets Y veto votes, it is cancelled. 4) Proposals are of these types: change funding, change membership, change voting settings (the X,Y and N variables) and statements (to be used for general statements)

(It's accidentally similar to the US constitution, in which the states have their own electors and their rules for deciding how these are alloted, as well as a number of states needed to make general amendments.)

lrettig commented 5 years ago

First I'd question the need for a legal entity and a "core developer" layer. The whole point of this governance discussion is to make an on-chain distribution of funds. Of course, it's important to remove legal liabilities and IANAL but I imagine it's easier to do that by having multiple entities being responsible for themselves.

As is being discussed in the Telegram group today, I just want to highlight this because I think it will be one of the hardest parts. I'd love to do this purely as a DAO, without any "real world" legal entity, but I'm not convinced that's possible because of questions of legal liability. Re: this part:

I imagine it's easier to do that by having multiple entities being responsible for themselves

Yes, this is ideal since it would be more decentralized, but speaking personally I wouldn't even know where or how to start figuring this out, and it would be costly and time-consuming, probably enough that it would discourage me from participating in something like this. Being able to outsource this to a trusted, known entity with real lawyers would be a huge advantage to me.

Current "mining rewards" do not depend on a Mining legal entity to be disbursed

I'm not convinced this is an apples-to-apples comparison since miners are much less likely to be sued, IMHO, than core devs or funds administrators. Also, I suspect mining pools are able to provide legal liability protection to individual miners - I'm only suggesting that we "pool" ourselves and do the same thing.

jpitts commented 5 years ago

I like the governance system goals, this list should be stated first!

As for the main "layers":

First off, it is dangerous to assume layering. It channels the mind and causes one to forget alternative structures. Still, I won't quibble. It has to be comprehensible.

  1. Users

Layer 0 includes the people using the blockchain, probably the dapp developers and service operators of all types who depend on the blockchain. They feed back into the governance process as well.

  1. Base layer

I think the base layer has to be the network itself, not any legal entity. Implementations of the Ethereum protocol collectively generate a network which governs itself! This is potentially a jurisdiction too IMO, we will see how things play out. Its governance involves active participants running nodes: miners, full nodes, light nodes, etc.

As @alexvandesande points out, any legal entities are at the Core Devs and Core DAO levels, definitely at the Sub-DAO level.

  1. Core Developers and Stakeholder Groups

I would add Stakeholder Groups from the community here, but perhaps this happens over a very long period of time. It needs to be gradually established that groups' interests, ranging from economics to ethics, are factored into decisions.

The Core Devs may have a legal entity, but I definitely would not consider this to be a part of Layer 1, it is not special. Many stakeholders here need legal protection.

  1. The Core DAO

This part I cannot fully comment on, I need to understand the proposal better.

Two things I do see:

  1. The Core DAO decides on priorities! Who else would?

  2. The Core DAO decides on selection and allocations to the "Sub-DAOs", which I have re-named to "Community-Supported DAOs". These are DAOs of all kinds which perform the distributions to individual teams in tranches, ensure accountability, etc.

  1. Community-Supported DAOs

It must be clearly stated what the duties of these Sub-DAOs are, and how they vs. the Core DAO act on the Goals of this governance system.

kronosapiens commented 5 years ago

Thanks for the proposal Lane. I have some thoughts on the Core DAO idea (which IMO is the most important link in the chain here, everything else is pretty secondary):

  1. Why have the loser's stake be totally burnt? A mechanism by which stake is burnt proportional to the closeness of the vote seems more fair (i.e. if a vote against you passes 100/0, your stake is wholly burnt, but if it passes against you 60/40, your stake is perhaps 30% burnt). An outcome where I challenge another member and have their allocation reduced by 70% seems like a reasonable outcome, especially if the member being challenged still enjoyed minority support. Perhaps a rule of (supportPercent - 50) * 2, which would map victories to (0-100) and losses to (-100-0), kind of like we'd expect.

  2. Why have proposals pass by default? In this type of high-stakes situation, I could see every new member requiring a vote of approval (vs. requiring a stake to protest). IIRC Moloch has a membership proposal queuing system which seemed design to minimize the potential for spam attacks, so maybe that's where this is coming from. Another direction this could go would be to incorporate a type of "quiet ending" mechanism à la DAOStack, in which a vote continues until the outcome stabilizes (i.e. every day the vote switches from "pass" to "fail" the voting is extended by another day). That's one of my favorite of their mechanics.

  3. If only existing members can propose new members, why require an additional stake? It seems like you could just as easily have the member's existing stake be the "stake" for a new member; if the proposal fails drastically then that member loses some their existing stake. I see the logic behind requiring an existing member to propose a new member (as otherwise someone could "stake themselves in" a huge amount), but part of me wonders if it would be desirable to come up with a way for new DAOs to propose themselves.

Here are some suggestions (for discussion):

ghost commented 5 years ago 
* By "self-determining" I mean that "reputation begets future reputation", i.e. one cannot acquire reputation from without

If the stake is in Eth, then this isn't true, which I think forms the main problem with the Core DAO. @lrettig touched on it in the "Bootstrapping" section - essentially, I think we can agree that a number of early adopters of Eth have a balance of Eth that would be quite expensive to acquire now. Therefore, if the initial membership stakes are set too high, then these early adopters will find it relatively easy to form a group that control new membership and can't be voted out. unless a high dollar value is paid to purchase enough Eth to have an equally large stake (although, obviously, that won't necessarily succeed, as those existing members would just not allow them in).

kronosapiens commented 5 years ago

Sure, but we prevent that by appropriate bootstrapping.

kronosapiens commented 5 years ago

I also feel strongly that we should separate the questions of "where should the ecosystem funding go" from "general decision-making on arbitrary things". The former is a specific problem on which I think we can make good progress, the latter is a thornier question which requires different treatment. For example, the Core DAO idea pertains to ecosystem funding in particular and addresses that problem nicely. The other things pertain to general governance and are more debatable. Forcing the Core DAO to play double duty as a general body voting on general issues is IMO a baaaaad idea.

lirazsiri commented 5 years ago

Lane's suggestion for "minimum viable governance" is a glorified beauty pageant. It is neither minimal nor viable.

What's critically missing is criteria for how performance is measured in terms of the impacts generated with the funding received. Without this the "Core DAO" is little more than a self selected club where members get funding to the degree that they stay popular with other club members and the rest of the community.

A system governed by popularity would reward the squeaky wheels and shameless self promoters of the Ethereum community. Those who talk more than those who do. Instead of funding projects based on merit we would fund them based on marketing.

We’ll end up with more fake “core devs” who aren’t actually contributing meaningfully to development, but instead spend all their time tweeting, promoting unsound proposals that only sound good superficially and traveling around the world playing Ethereum politics at the community’s expense.

The quiet contributors who are actually focused on getting shit done would be at the mercy of this new generation of fork tongued blockchain politicians.

The basic rule of economics is you should reward what you want to get more of and penalize what you want to get less of. What the community should be rewarding with funding is good engineering and relentless execution towards measurable deliverables, not political theater and Twitter circus.

Talking about governance in terms of hierarchies and voting mechanisms misses the point. Those are just mechanisms. A means to an ends. The critical thing to solve is how we measure impacts. With strong measures of impact, we could have a dozen variations of grant-giving DAOs all competing ferociously to get funded by an inflation treasury (or donations).

Any DAO that wants to compete could raise funding from private investors and develop public goods at its own expense. To the degree that it is successful in generating measurable impacts it would receive a return on investment from the public treasury. Or nothing.

With each proposed project, DAOs that deliver will get stronger, and DAOs that don’t will get weaker. Do or die.

Generating and testing variations in a way that increases the influence of those that perform the best while decreasing the influence of those that perform the worst is the basic algorithm for evolution in all its forms. The key is finding the performance function.

Also, we should be mindful that the best way to win the battle is never to have to fight it in the first place. Just because we can fund something from donations or an inflation treasury doesn’t mean we should.

If you’re building a machine that cleans the public air supply you either need to fund that machine from donations or with a tax on everyone that breathes air. If you’re building a toll road, that doesn’t need to be funded with donations or taxes. Private investors can and should fund it. The appeal to public funding should be viewed with suspicion. It should be the last not the first resort. With a bit of creative thinking many problems such as wallet development that seem unsustainable without public funding can be made to be sustainably funded from private investment: https://twitter.com/yoavw/status/1104889949969661953

For Ethereum, we should use inflation treasury only to fund “clean air” projects such as Layer 1 development. Any problem that can be solved as a Layer 2 “toll road” can and should be funded privately.

jpitts commented 5 years ago

@lirazsiri said:

What's critically missing is criteria for how performance is measured in terms of the impacts generated with the funding received. Without this the "Core DAO" is little more than a self selected club where members get funding to the degree that they stay popular with other club members and the rest of the community.

... and ...

The critical thing to solve is how we measure impacts. With strong measures of impact, we could have a dozen variations of grant-giving DAOs all competing ferociously to get funded by an inflation treasury (or donations).

Can't agree with this more.

Here is where accountability/measurement fits in (this aspect is being separately researched @lirazsiri ). Our governance scheme needs to show where it fits into other parts of the greater Block Rewards Funding proposal.

jpitts commented 5 years ago

@lirazsiri said:

If you’re building a toll road, that doesn’t need to be funded with donations or taxes. Private investors can and should fund it.

We should consider how this initiative could be a profit-oriented (with investors), however it was decided early on that the source of funds is to be block rewards... "taxes", "inflation", or whatever term we will end up using. This is one of those facets for which there is strong consensus.

Still, could this initiative be more profit-oriented? We should not deny ourselves the opportunity to explore this. Incentives can create good leadership selection, if shaped properly. Incentives will already be at play to manipulate the membership of the Core DAO.

One difficulty for profitability I see is capture of value from the resulting funded projects (often the projects are open source, not going to be fee-based service, and not of the orientation to charge anything for the result). We discussed this a lot at EthCC at EthMagicians Business Models. This is more of a commons.

I had earlier suggested that this project could take on loans repayable on success of the initiative, but even this was objected to by some. Ethereum itself is secured by a profitable activity, bootstrapped by a risky token sale. Forking or creating new blockchains/sidechains does not have to be the only way to have a "liquidity event" at the end of a development cycle.

As an example, Simon de la Rouviere has some very interesting thinking toward maintaining the commons using a combo of TCRs and bonding curves.

Saving The Planet: Making It Profitable To Protect The Commons by Simon de la Rouviere

This competitional behaviour ensure that the fittest reputational label wins, further increasing the likelihood that a protection of the commons occur.

If I am understanding it correctly, he proposes running a game in which people are either exploiting the commons vs. protecting the commons. There is a TCR for managing the resource with reputation value and a market price to join. Then there is a way to leave the TCR with a profit, because one was early to identify a need to fund the development of a commons.

Even if informed by the work of Elinor Ostrom, I would not risk this proposed game on the commons that is technical governance over the blockchain or governance over funding. But if we are afraid of a straight-up beauty pageant we should consider incentive-based guide rails.

Leader committee selection (for lack of a better term) is one of those key questions we will need to answer. Like the establishment by our consensus of "Block Rewards" as the source of funding, we will need to come to consensus about the principles and mechanism of selecting leadership in the Core DAO.

lirazsiri commented 5 years ago

Still, could this initiative be more profit-oriented? We should not deny ourselves the opportunity to explore this. Incentives can create good leadership selection, if shaped properly. Incentives will already be at play to manipulate the membership of the Core DAO.

Agreed! Profit shouldn't be a dirty word. Profit works. We'll be more successful if instead of trying to reinvent the wheel we take the best of what has proven to work in the past and apply it within this new domain we are trying to build.

Appealing to the profit motive seems like a no brainer. If we want teams to compete on execution and innovation we need to reward those who successfully take risks with something. For small enough contributions that something could be social capital. Kudos from the community ("and the crypto oscars go to...").

For larger contributions teams will need to put real money on the line and it is in our best interests to reward the successful risk takers with something that makes their efforts financially sustainable and encourages others to come in and try their hand at competing.

One difficulty for profitability I see is capture of value from the resulting funded projects (often the projects are open source, not going to be fee-based service, and not of the orientation to charge anything for the result). We discussed this a lot at EthCC at EthMagicians Business Models. This is more of a commons.

In that case they may be "clean air" projects that won't be developed any other way than with an inflation treasury, but before we commit to that, we should be thinking really hard about whether it's possible to create sustainable models for those funded projects.

There is a cultural challenge to overcome. "Business" is considered a dirty word by many. Investing a significant amount of energy in coming up with new creative "Business Model" is not something that is currently being encouraged or rewarded by the community. You could spend a year coming up with a new revolutionary model, carefully document the mechanism design, create open source agent model simulations to vet it and receive very little in any of the community's scarce resources (e.g., attention, recognition, funding) in reward. I should know. It has been an uphill battle engagingthe community on CREDO, the decentralized "equity" model for L2/dapps my team has been working on for over a year:

https://github.com/tabookey/credo

ameensol commented 5 years ago

What's critically missing is criteria for how performance is measured in terms of the impacts generated with the funding received. Without this the "Core DAO" is little more than a self selected club where members get funding to the degree that they stay popular with other club members and the rest of the community.

I don't know of any objective measure of impact. Any metric I can think of is subjective. Am I missing something? Do you have any concrete recommendations @lirazsiri ?

kronosapiens commented 5 years ago

I'm inclined to agree with Ameen here. It's turtles as far down as I can see 🐢. An algo trading firm, internally to itself, has great metrics: profit and loss. But these metrics hide externalities, namely the consequences of the flash crashes their algorithms create. I would say it is almost self-evident at this point that the search for better metrics (such as the "triple bottom line" of "people, planet, profit") is seen as both valuable but very difficult. The value (or perhaps, the inevitability) of politics is that it lets us make these value choices explicitly and acknowledges them as such; if the choice is between explicit political choices and a sort of "implicit politics" via a fight over metrics, I am not sold on the latter. We cannot avoid a measurement problem of some sort, but we can choose which ones we want: the measurement problem of assessing the quality of "candidates" based on their words and past actions (politics) or the measurement problem of assessing the impact of the work of various organizations (oversight). In the extreme case they reduce down to the same thing: you either "elect" funders to determine funding to projects, or you "elect" evaluators responsible for assessing the impact of projects to determine funding after the fact. You mention "using what works" -- something that has worked historically has been periodically selecting leadership via elections. It's noisy as hell but it (often) works. A sunset condition on this block funding and the requirement to "re-up" it via another hard fork in the future seems as though it would align incentives around making impact -- people "stay popular with the community" by delivering things the community wants.

All that said, there's aren't many people who feel more strongly than I do about representation and measurement, and so I'm 100% on board for developing better measurements of all things. But at this point it seems more a matter of choosing where to put the subjectivity than actually making things more objective.

Somewhat related, but your discussion of the "talkers vs. the doers" in politics reminds me of a passage from Federalist #35 discussing the composition of government and specifically the representation of artisans and craftspeople, which I'll include here for (mostly) historical interest:

The idea of an actual representation of all classes of the people, by persons of each class, is altogether visionary. Unless it were expressly provided in the Constitution, that each different occupation should send one or more members, the thing would never take place in practice. Mechanics and manufacturers will always be inclined, with few exceptions, to give their votes to merchants, in preference to persons of their own professions or trades. Those discerning citizens are well aware that the mechanic and manufacturing arts furnish the materials of mercantile enterprise and industry. Many of them, indeed, are immediately connected with the operations of commerce. They know that the merchant is their natural patron and friend; and they are aware, that however great the confidence they may justly feel in their own good sense, their interests can be more effectually promoted by the merchant than by themselves. They are sensible that their habits in life have not been such as to give them those acquired endowments, without which, in a deliberative assembly, the greatest natural abilities are for the most part useless; and that the influence and weight, and superior acquirements of the merchants render them more equal to a contest with any spirit which might happen to infuse itself into the public councils, unfriendly to the manufacturing and trading interests. These considerations, and many others that might be mentioned prove, and experience confirms it, that artisans and manufacturers will commonly be disposed to bestow their votes upon merchants and those whom they recommend. We must therefore consider merchants as the natural representatives of all these classes of the community.

jpitts commented 5 years ago

The stated "Goals" in the proposal here is actually a list of "Principles" or "Design Principles".

The goals here, or perhaps a better word is "Requirements", are represented by each layer's role in the system:

What other additional requirements should we state?

ghost commented 5 years ago

Sure, but we prevent that by appropriate bootstrapping.

I think this is the crux of the problem, and will require the most effort to solve. The bootstrapping will have an enormous impact on the future operation of the system.

cyber-hokie commented 5 years ago

“We must explicitly recognize that this group exists and that ultimate authority for protocol changes rests in its hands. ” Good luck backtracking this in a court of law. I thought the idea was to limit developer liability, not create more? It’s also untrue IMO, and inflates the amount of direct control developers have on the rules enforced by the network of nodes.