Blockchain technology offers decentralization but faces challenges when modifying the software codebase. Code modification decisions can be controversial, disruptive, and lead to events like hard forks, as seen with Bitcoin and Ethereum. These events emphasize the importance of blockchain governance — the decision-making processes used to evolve the system.
There is currently no standard set of methods or practices for blockchain governance. Different systems adopt varying levels of sophistication and integration.
This article explores various properties of sound governance systems from academic sources, election systems, and blockchain white papers, and categorizes them into seven groups: suffrage, Pareto efficiency, confidentiality, verifiability, accountability, sustainability, and liveness.
An examination of ten blockchain systems with well-documented governance processes reveals that no single system satisfies most of the properties.
However, all properties are met, at least partially, by at least one system. This analysis provides a foundation for evaluating blockchain governance and could help improve these processes to achieve the best possible trade-offs, essential for the long-term effectiveness of blockchain platforms.
Introduction
Since Bitcoin’s inception in 2009, cryptocurrencies and blockchain platforms have gained popularity due to their decentralized nature. However, decentralization also introduces challenges in adapting to stakeholders’ needs and preferences, resulting in governance problems and potential community divisions.
Different governing mechanisms exist, such as off-chain governance, relying on core developers or trusted contributors to make decisions, and on-chain governance, using on-chain voting mechanisms for more transparency and inclusivity. Regardless of the mechanism, community divisions can occur when updates are proposed, leading to hard forks, as seen with Ethereum and Bitcoin. These divisions can reduce the platform’s overall value and security, making them vulnerable to attacks like 51% attacks.
Sound blockchain governance is crucial to ensure effective decision-making regarding a platform’s future evolution and resource utilization. This article aims to identify and evaluate the fundamental properties of proper blockchain governance, derived from general governance principles, election theory, and blockchain-specific sources.
The seven fundamental properties for blockchain governance are:
- Suffrage: Participation eligibility and inclusivity in decision-making.
- Confidentiality: Ensuring decision-makers’ inputs are private and free from external influences.
- Verifiability: Allowing decision-makers to verify their inputs and the correctness of the output.
- Accountability: Holding decision-makers responsible for their input.
- Sustainability: Providing incentives for the system to evolve constructively and for decision-makers to provide meaningful input.
- Pareto Efficiency: Ensuring the governance process outcome cannot be strictly improved based on decision-makers’ preferences.
- Liveness: The system’s ability to produce outputs expediently.
Various popular blockchain platforms are evaluated based on these properties. While each property is considered in at least one system, no platform satisfies most of the properties.
Suffrage
Suffrage, the right to participate in decision-making procedures, is a crucial aspect of any governance system. In blockchain systems, suffrage can be more complex, as the ‘one person, one vote’ rule is often not applicable. Instead, voting rights are commonly based on factors like stake or hashing power. This section outlines various types of suffrage in blockchain governance and the challenges they present.
Identity-Based Suffrage guarantees decision-making rights to participants who can prove their identities, ensuring votes correspond to unique individuals. However, identity alone is not robust enough to connect users to blockchains, and alternative approaches are needed.
Token-Based Suffrage grants decision-making rights to participants owning certain tokens or a minimum amount of tokens on the platform.
Mining-Based Suffrage guarantees decision-making rights to participants with a certain amount of hashing power (or other relevant physical resources). Both types can lead to undesirable situations, such as participants more invested in the platform having less voting weight than those less invested.
Governance Tokens are sometimes used to determine suffrage, but special care is needed to ensure that their supply, distribution, and price accurately represent community members who are more invested in the project.
Meritocratic Suffrage grants decision-making rights only to participants who have positively contributed to the platform.
Universal Suffrage guarantees decision-making rights to participants with mining power or tokens, as well as those with positive contributions to the platform. It is important that all forms of investment and contributions are considered when formulating voting weight.
Quadratic voting is a mechanism that has gained traction in the blockchain context, as it could achieve a better balance between token-based and identity-based suffrage. This method provides a more flexible way of expressing voter preferences and signals a more accurate representation of voter support for proposals.
In summary, suffrage is a complex aspect of blockchain governance, and various approaches have been proposed to ensure fair participation in decision-making processes.
Efficient Decision-making in Blockchain Governance
Blockchain governance systems rely on various decision-making procedures to gather and combine individual preferences into specific actions. In this section, we explore how effectively blockchain tools help decision-makers reach the best possible outcome. It’s important to note that we’re only focusing on the translation of decision-makers’ intentions into actions, not the alignment of these intentions with the community members’ desires.
Social Choice Theory is a field of study that investigates decision-making processes. Arrow’s Impossibility Theorem, a significant early achievement in this field, demonstrates that certain natural properties cannot be satisfied simultaneously in voting systems where participants rank candidates. This theorem has been adapted to various voting settings, including those where the voting process only needs to select the best candidate, or where voters assign numerical preference values to each candidate.
To address these limitations, voting procedures used in practice aim to satisfy weaker properties depending on the context. One such property is Pareto efficiency, which is tested under the assumption that voters truthfully report their preferences. A Pareto efficient governance system would never lead to an outcome that’s worse than another possible outcome.
Assessing whether a governance system is Pareto efficient can be challenging due to its many interacting components. Approval voting, the most common voting mechanism used by blockchains, has its own challenges in achieving Pareto efficiency. In this method, each voter can approve as many candidates as they want, and the winner is the candidate approved by the most voters, often combined with a threshold requirement.
In some cases, approval voting may not be Pareto efficient, especially when the winner is tied with the Pareto optimal candidate. Having more information on voters’ preferences and a group of perfectly rational, informed voters would help produce a Pareto efficient outcome. Strategic voting, on the other hand, could lead to deadlocks but is unlikely to result in a fork.
Instant-runoff (IRV) voting is an alternative system that uses complete ordinal preference profiles. Although not Pareto efficient, IRV is resistant to strategic voting and has some properties that approval voting lacks. However, it may force voters to inadvertently submit misleading information due to its assumptions about preference rankings.
To address these issues, other voting mechanisms such as majority judgment or a combination of approval voting with token locking can be used. By allowing voters who feel strongly about a candidate to lock their vote tokens for a longer time, these systems indicate the importance of an election to the voters.
Privacy in Blockchain Governance
Privacy is a crucial consideration in blockchain governance systems, particularly with regard to voting processes. There are distinctions between secrecy, pseudonymity, and coercion-resistance in these systems.
Type 1: Secrecy — A blockchain governance system maintains secrecy if an adversary cannot guess a participant’s input better than an adversarial algorithm, which only has access to the overall tally and the adversary’s input. This is the strongest form of privacy and is typically expected in offline voting systems, such as traditional elections.
Type 2: Pseudonymity — A blockchain governance system offers pseudonymity if no participant needs to reveal their real-life identity to participate in decision-making processes. This is often a good enough alternative to true secrecy, as it keeps the real-life identity of participants safe while tying their public discourse with their actual vote.
Coercion-Resistance — A blockchain governance system is coercion-resistant if a participant can deceive an adversary into believing they have behaved as instructed when, in fact, they have made an input according to their own intentions. This concept goes beyond privacy and requires at least one anonymous channel of communication.
In practice, pseudonymity is often satisfied as long as the cryptographic information used to create an online identity cannot be traced back to any real-life information. However, coercion-resistance is typically too demanding to be fully achieved in blockchain settings for most applications. It can be partially satisfied in certain cases, but it still presents challenges due to the potential for device leaks and the communication requirements for tallying.
Overall, confidentiality in blockchain governance systems involves striking a balance between secrecy, pseudonymity, and coercion-resistance, depending on the specific application and desired level of privacy.
Verifiability
Verifiability is an essential property of any voting system since it legitimizes election results. The highest standard of verifiability is end-to-end verifiability, which allows participants to verify that their inputs were correctly counted, and independent observers can confirm the same for all eligible participants.
Verifiability can be divided into two categories:
- Individual Verifiability: This allows voters to audit that their vote has been properly created, stored, and counted.
- Universal Verifiability: This enables everyone to audit that only votes from eligible voters are stored and that all stored votes are correctly counted.
A system that meets both categories is called end-to-end verifiable. However, defining this concept formally has its nuances.
It might seem that achieving privacy and coercion-resistance would make verifiability more challenging since they limit the information available to third parties observing the blockchain. Despite this, it is possible to reach an adequate level for both properties.
Accountability
Accountability in governance has been recognized since ancient times. It can take two general forms: vertical (accountable to higher parties in a hierarchy) and horizontal (accountable to parties at the same level in a hierarchy). In coin-based voting, collective accountability is often implied, but individual accountability is not. “Skin in the game” is one form of individual accountability, where participants have a personal investment affected by their actions.
Accountability should consider the potential harm to community members as well, aligning the incentives of decision-makers and other participants. This is especially important when these two groups could be separate (e.g., when voting rights are based on a governance token unrelated to any on-chain activity).
A blockchain governance system satisfies accountability if participants are held individually responsible for their changes in a clearly defined way. Examples outside blockchain include Sacco et al.’s work, where participants review publications and have more “skin in the game” when evaluating their own work. In the blockchain space, an example is Polkadot’s governance system, where voters supporting a proposal have their stake locked until the proposal is enacted or deployed.
Sustainability
Blockchain governance relies on developers who propose changes and decision-makers who adopt them. Both groups should be rewarded to sustain development and participation. Sustainable development means incentivizing those who create successful improvement proposals, while sustainable participation means incentivizing participants in the decision-making process.
Sustainability differs from accountability, as it rewards development or participation without considering outcomes. Accountability, on the other hand, involves penalties applied after the effects of a change become apparent. Incentives for participation and development help justify engagement costs, leading to higher voter participation and more contributions. However, carelessly applied incentives could decrease participation or result in disinterested voting.
Liveness
Blockchain governance systems must be able to process regular and urgent changes. A system satisfies liveness if it can incorporate urgency input from stakeholders and act on it within a reasonable amount of time. This includes protection against denial of service attacks.
The DAO hack highlighted the need for blockchain governance systems to accommodate urgent inputs and act quickly. Polkadot, for example, allows emergency referenda to be initiated by a technical committee. MakerDAO, on Ethereum, implements an emergency shutdown function that can suspend normal operation and return invested assets to their owners in case of emergency.
Let’s now examine ten different blockchain projects and evaluate how each of them incorporates or falls short of the above-mentioned governance properties.
1 Bitcoin
Bitcoin’s governance is primarily based on the off-chain Bitcoin Improvement Proposal (BIP) process. Individuals or groups submit proposals and gather community feedback before submitting them to the Bitcoin mailing list for review. BIP editors and repository maintainers play essential roles in the process. The decision-making mechanism is informal, and miners can signal their approval or disapproval of soft-fork upgrades. While Bitcoin’s governance satisfies pseudonymity and mining-based suffrage, it lacks a clearly defined structure or voting rules, leading to potential issues with Pareto Efficiency, Sustainability, and Accountability.
2 Ethereum
Ethereum’s governance is off-chain and relies on the Ethereum Improvement Proposal (EIP) process, which is similar to Bitcoin’s BIP process. The EIP process involves community feedback, discussions, and reviews before proposals are integrated into the Ethereum platform. Ethereum’s governance does not include on-chain signaling by miners, making it different from Bitcoin. Due to the off-chain and informal nature of Ethereum’s governance, it shares similar limitations with Bitcoin’s governance in terms of Pareto Efficiency, Sustainability, and Accountability.
3 Tezos
Tezos employs an on-chain governance model based on stake, which means participants with more significant stakes have more influence on the decision-making process. The platform has bakers, or delegates, who require a minimum of 8,000 XTZ and the infrastructure to run a Tezos node to gain block-producing and voting privileges. The voting process consists of five governance periods: Proposal, Testing-vote, Testing, Promotion-vote, and Adoption. Tezos satisfies pseudonymity and is completely verifiable, but it struggles with aspects of Pareto Efficiency due to its on-chain governance model’s rigidity. The platform does not satisfy Accountability, Sustainability, and lacks the flexibility to handle urgent inputs.
4 Polkadot
Polkadot is a proof-of-stake, mostly-on-chain governed blockchain platform with interesting additions like an elected council and a technical council. Voters require at least 5 DOT to participate in governance and their voting power is based on stake. The council consists of 13 members with 7-day tenures, elected using the weighted Phragmén election algorithm. During a referendum election, an adaptive quorum is used, requiring different majorities and turnouts based on how the referendum was created. A successful referendum enters a 28-day waiting period before enactment. Voters can increase their voting power by locking their votes for longer. The treasury is controlled by the council, which decides on fund allocation to proposals based on current supply.
Evaluation: Polkadot satisfies pseudonymity and verifiability. Council elections and referenda voting functions are Pareto efficient. Voters can signal the strength of their preferences by locking their votes, but the platform struggles with sustainability and accountability. Token-based suffrage is satisfied, but meritocratic suffrage is only partially satisfied due to council members selecting the technical committee.
5 Decred
Decred is a hybrid proof-of-work and proof-of-stake system with mostly on-chain governance. Voters can participate by locking enough DCR, which provides them with tickets for voting. High-level issues requiring funds from the Decred Treasury are handled off-chain, in Politeia. The on-chain component is the Decred Change Proposal (DCP), which updates the consensus mechanism. DCP requires a 10% quorum and 75% majority approval.
Evaluation: Decred satisfies pseudonymity and verifiability but struggles with Pareto efficiency and accountability. Sustainable development is somewhat informally satisfied, but there are no specific rewards for participating in governance.
6 Compound
Compound is a protocol running on Ethereum that establishes money markets. Governance is fueled by the ERC-20 compatible token called COMP. Holding COMP allows users to vote, delegate, and create proposals. Proposals enter a two-day review period, followed by a three-day election. A proposal is successful if a majority is in favor and a quorum is reached. The proposal is then locked for two days before implementation.
Evaluation: Compound satisfies pseudonymity and verifiability, but struggles with availability and sustainability. Pareto efficiency is somewhat satisfied, but the voting process could be biased. Liveness is satisfied, and token-based suffrage is satisfied. Meritocratic suffrage is slightly satisfied, as some COMP tokens are reserved for members of the Compound team.
7 Uniswap
Uniswap governance combines off and on-chain components, with the on-chain part being almost identical to Compound’s governance system, using the UNI token. UNI can also empower off-chain processes, with discourse taking place on the Uniswap governance forum. Two types of posts have particular significance: Temperature Check and Consensus Check. Off-chain polls allow users to vote according to the amount of UNI they hold on-chain, and if successful, an on-chain Governance Proposal is created and handled similarly to Compound.
Evaluation: Uniswap satisfies pseudonymity and verifiability. While the platform enables token-based suffrage, it faces challenges in achieving full Pareto efficiency, accountability, and sustainability. The off-chain discourse and on-chain governance combination helps address some of these concerns, but limitations persist.
8 Maker DAO
Maker DAO, a decentralized organization running on Ethereum, uses a two-token system with DAI (a stablecoin pegged to the U.S. dollar) and MKR (the governance token). Its governance system consists of both on-chain and off-chain elements, with on-chain Governance Polls employing instant-runoff voting weighted by MKR. Executive Votes follow a continuous approval vote system. In terms of evaluation, Maker DAO satisfies pseudonymity, verifiability, and an improved version of Pareto Efficiency and suffrage.
9 Project Catalyst
Project Catalyst is Cardano’s on-chain treasury governance system. Governance takes place in twelve-week periods called funds. The process involves community-generated proposals, Community Advisors, and approval voting mechanisms. It satisfies pseudonymity and verifiability but only somewhat satisfies Pareto Efficiency. Accountability is mostly not satisfied, while liveness is not satisfied.
10 Dash
Dash uses proof-of-work for consensus but includes an additional layer of functionality enabled by masternodes for governance and treasury fund allocation. Masternodes, users who have locked at least 1,000 DASH and operate a server, participate in governance. In terms of evaluation, Dash satisfies pseudonymity and verifiability. However, it faces issues with sustainable participation and suffrage, as only token holders with a certain amount of DASH who are willing to run a server can participate.
In conclusion, sound governance is crucial for the long-term effectiveness of blockchain platforms. It ensures effective decision-making regarding a platform’s future evolution and resource utilization, while also minimizing community divisions and vulnerabilities to attacks.
As blockchain technology continues to evolve, it is essential to evaluate and improve governance processes continually to achieve the best possible trade-offs.
The analysis of various blockchain systems provides a foundation for evaluating blockchain governance and highlights the importance of implementing the fundamental properties of proper blockchain governance.
Acknowledgments
The majority of the information presented in this article is based on the research paper “SoK: Blockchain Governance” by Aggelos Kiayias and Philip Lazos. The paper is a comprehensive analysis of blockchain governance and covers a wide range of topics, which I have attempted to summarize in a more concise manner for readers. However, due to the complexity and depth of the subject, some aspects may have been omitted or simplified. Therefore, I highly recommend interested readers to refer to the original paper for a more detailed understanding of the topic.
