It’s Too Soon for On-Chain Governance

shutterstock_153840266-e1530230263310
2 July 2018

Michael J. Casey is the chairman of CoinDesk’s advisory board and a senior advisor for blockchain research at MIT’s Digital Currency Initiative.

The following article originally appeared in CoinDesk Weekly, a custom-curated newsletter delivered every Sunday exclusively to our subscribers.


Blockchain governance is hard.

That’s the only reliable conclusion to draw from the chaotic, contentious rollout of EOS, the $4 billion project whose consensus model was touted as a way to enable smoother governance and scalability in a blockchain industry beset with conflicts and decision-making gridlock.

First, it took longer than expected for the EOS community to elect the network’s 21 block producers, which are paid $10,000 a day to validate transactions. Then, the EOS Core Arbitration Forum, a body set up to resolve disputes, sent out a memo ordering those block producers to freeze 27 supposedly sketchy-looking accounts.

Concerns immediately arose that the ECAF was arbitrarily censoring participants, inevitably raising accusations of centralized control and putting chain immutability into question right at the outset. As an ECAF representative threatened lawsuits against one block producer, and as a separate fake document purporting to be from the arbitration body appeared, one New York block producer threw up its hands and refused to participate.

Now, after Dan Larimer, CTO of founding company Block.one, called the ECAF’s order a mistake and argued that its handling of the problem did more harm to confidence in EOS than any lost funds that the suspect accounts might have stolen, his company wants to rewrite the entire EOS Constitution.

Just three weeks into the launch, the spat has provided a popcorn-worthy spectacle for commentators on Crypto Twitter. But, in reality, as a way to assess on-chain governance mechanisms such as EOS’s delegated proof-of-stake (DPOS) consensus mechanism, there’s a lot more at stake (excuse the pun) than entertainment.

Along with saga at Tezos, another very well-funded on-chain governance project, which was rocked by disputes between the founders and the first director of the foundation overseeing its $243 million war chest, the EOS disaster offers a strong reminder of how entrenched human mistrust can be difficult to overcome.

To offset the mistrust there must be a sufficient store of shared community trust in whatever mechanism or institution is in place to resolve those problems. That’s the case whether the overall system is described as “decentralized” or “centralized.”

The problem is that when large amounts of money are involved, forging that common store of trust in the dispute resolution mechanism is especially difficult.

The best laid plans…

I’m actually sympathetic to the creative efforts of the Tezos and EOS founders – as well as those of a host others, including Decred, NEO and Cardano. In exploring protocol-level solutions such as voting and staking to enable some level of internal, functional democracy, they are trying to help blockchain communities make orderly decisions on important changes and upgrades and to avoid the contentious disputes and chain splits that have rocked bitcoin, ethereum and others.

I’m not willing to say that on-chain governance won’t ever work – or that our only choice is to either live with disorder, acrimony and gridlock or turn to external legal solutions that expose user identities and require a dependence on external government bodies. But I think we are getting a very clear demonstration that it’s very difficult to design the right algorithm to overcome the toxic mix that money and mistrust create.

We should note that the ECAF, which was formed in the midst of forum discussions among EOS community members before the launch, was conceived as a solution to these problems. Its existence reflects a recognition that disputes would arise and that an off-chain mechanism was needed. But it was very poorly put together, with unclear rules and processes for arbitration.

The question is: Would it have been better designed, more capable of earning the trust of all participants, if the community wasn’t founded on a kind of utopian-like blind faith in the DPOS mechanism?

In other words, the root of the problem may be the unreasonable claims being made by on-chain governance proponents.

As it is, the reliability of the DPOS mechanism was tested by the size of the EOS money pot. The giant fundraise fueled expectations of high valuations, which in turn stoked greed and mistrust. It fed the perception, right or wrong, that those who obtain power and influence inside the EOS network might be able to game the system.

Larimer, others from Block.one and many EOS fans swear by the various checks and balances intended to protect users from overly powerful block producers: that it requires agreement among 15 of the 21 block producers to reverse transactions; that ongoing voting holds them to account; and that there’s always the option (or threat) of a fork.

And yet, despite all that, the system has clearly generated mistrust and, ultimately, dysfunction.

And that’s not for nothing. While he may have been biased against EOS, there was sound logic to ethereum founder Vitalik Buterin’s warnings in a blog post three months ago of the risk of bribes and collusion among block producers operating across different jurisdictions. Money and power breed corruption. Always.

Buterin’s main point, one that he made in support of his Ethereum developer colleague Vlad Zamfir’s critique of Coinbase co-founder Fred Ehrsham’s impassioned plea for protocol-based solutions to bitcoin’s and ethereum’s problems, was that on-chain governance won’t work.

In terms of where the technology currently stands, I think that’s true. The wellspring of trust in these mechanisms isn’t yet strong enough to overcome the problem of cross-user mistrust.

The solution, for now

So, what to do? Bitcoin’s drawn-out block-size debate and the contentious hard fork that resulted from it presented an image of dysfunction that undermined mainstream confidence in the technology.

And in ethereum, where there has a long been a clearer sense of identifiable leadership, Buterin is himself often accused of having too much CEO-like power. (The slide in ether’s price when he was rumored to have died in a car crash illustrated the problems of perceived centralization that have persisted around ethereum ever since Buterin and others supported the hard fork to rescue funds lost in The DAO attack of 2016.)

Well, for now – and this will be anathema to crypto-anarchists and some blockchain libertarians – the solution likely lies in recognizing the limits of the algorithms and  relying instead on human-led, legally defined institutions for dispute resolution and off-chain governance.

While I have been a constant critic of permissioned blockchains, especially of the risk that the consortia that run them can act as colluding gatekeepers to curtail innovation and hold users hostage, they are popular among companies precisely because they operate within a recognized legal structure that they’re comfortable with.  Legal certainty is valuable.

The failure of The DAO taught us that code is not law. By defining it as a system in which the software superseded all other legal recourse, that project’s founders created a model that allowed the thief who destroyed it to argue, quite reasonably, that he or she was not acting illegally. Yet those who lost money wanted recourse, which is how ethereum ended up with its hard fork.

The solution, for now, lies in forming well-designed, trusted mechanisms that reside within a predictable legal framework and which can resolve disputes through fluid, lightweight arbitration rather than being bogged down in courts. They carry the weight of law, but try to avoid the process of it.

Key here are the words  “well-designed, trusted.” Lightweight, off-chain arbitration might have been the intent of those who created the ECAF, but it was not well-designed and clearly hasn’t earned the trust of all actors. It’s not at clear how social consensus was formed in support of it.

Here, the internet’s governance offers a model, as father-and-son team Don and Alex Tapscott laid out in a useful assessment of the outlook for blockchain governance for The World Economic Forum.

The Internet Corporation for Assigned Names and Numbers (ICANN), the Internet Engineering Taskforce (IETF) and the Worldwide Web Consortium (W3C) have worked fairly well as trusted avenues for governance and dispute resolution. Understandably, the United States’ historical influence over ICANN has been a bone of contention. Yet, even so, the multi-stakeholder structure of these organizations has mostly assuaged concerns that any one party, government or otherwise, has excessive power of the rules by which internet real estate is managed.

Blockhains, with anti-corporatist, decentralized principles at their heart, can’t and shouldn’t try to emulate the process by which these internet bodies were formed, which relied upon the bargaining positions of different governments in international forums like the United Nations. But there’s still much that can be done by standards bodies and NGOs to forge consensus among a variety of stakeholders in this industry. (The W3C and other standards bodies are already seeking to establish authority here.)

Does this mean immutability and censorship-resistance are impossible? Yes, perhaps, if you think in absolute terms. But these were also aspirational objectives, not absolutes.

What matters is a system that works in the service of the widest possible array of users. And, as of now, on-chain governance models like that of EOS clearly don’t.

Cracked window image via Shutterstock