BIP12: Gasless Voting via Snapshot
- Participating in the BancorDAO governance should be open for all. The current system is expensive - voting in recent proposals has averaged around $50 in gas.
- The Snapshot system is an off-chain solution that can achieve effectively gas-free voting.
- This proposal asks that the DAO consider moving its decision making process to Snapshot to alleviate the financial burden of voting, and support a more inclusive governance environment.
- Snapshot would be a delegate of the DAOs authority for fixed 1 year terms, and can be renewed any number of times.
- The on-chain system remains the supreme authority of the DAO, and the Snapshot system must relinquish its power at any time, pending an on-chain vote with 66.7% supermajority and 40% quorum requirements.
Vote FOR to adopt Snapshot for BancorDAO governance, and allow gas-free participation.
Vote AGAINST to keep the voting system unchanged.
Gasless voting and governance participation incentives may be necessary for maintaining the health of the BancorDAO. Community participation in governance decisions has been a little discouraging, as small bag holders are effectively priced out of exercising their agency through exorbitant gas fees on Ethereum. This is a serious security issue; frequent voting and high participation rates is critical to protecting the protocol against nefarious influences. Moreover, the current setup inadvertently creates an oligarchy of elites that are effectively over-represented in DAO decisions. The ability to vote should not be dependent on deep pockets - a problem that only worsens during periodic spikes in gas prices. It is clear from recent discussions in our channels that community members are mindful of the developing power imbalance and want a more fruitful and supportive method for their voice to be rightfully heard.
Increased voter participation is inherently beneficial. Important proposals are less likely to fail due to lack of quorum. We are not the first DAO to have struggled with voting problems on Ethereum, and Snapshot is quickly becoming an industry standard. Therefore, the existing precedent helps to alleviate doubts about the system performance, and substantiates its utility in serving token communities and their DAOs.
Increased voter participation is equivalent to decentralized decision making. Low participation rates expose the protocol to potential nefarious influences. There is no evidence that any abuse has occured to date; however, the threat is there, and it is worth addressing. Most importantly, improving accessibility to voting is crucial to ensure everyone’s right to a voice in government is observed.
This proposal specifically seeks to implement snapshot (or ‘signature-only’) voting, which is not settled on-chain (Soft-voting). Messages are signed using ‘eth_sign’ and stored on IPFS, then made available for users through an application interface. Servers can be created to upload user signed messages to IPFS, as well as store an index of IPFS hashes for all the proposals per token and voters per proposal on a database. It would be unprecedented to decentralise these servers so that anybody could run them. Therefore, to begin, it may be necessary for Bancor or a trusted third party to operate them. The advantages of Snapshot voting are:
- Cost efficiency.
- Increased voter participation.
- Increased security from oligarchic DAO elitism.
- Improved government legitimacy and trust.
Snapshot is currently a completely centralized solution, designed to serve DAO operations. The risk of highly centralized systems is well-understood in our community. The threat is that the system could be corrupted by an antagonist, effectively giving over control of the DAO to a nefarious influence. Therefore, reasonable precautions need to be in place to ensure that the BNT holders can seize back control at any time. Therefore, the on-chain system will be treated as the supreme authority, which delegates authority to Snapshot for defined periods. Moreover, the on-chain system can be used to withdraw the authority of Snapshot at any time.
To achieve this, the following delegation scheme is proposed:
- The DAO can delegate voting to Snapshot for a period of 1 year.
- At the conclusion of the 1 year term, the DAO may renew the delegation.
- At any time, an on-chain vote to withdraw authority from Snapshot can be executed, with a 66.7% supermajority and 40% quorum requirement. This contingency plan is intended for an emergency situation only; the supermajority and quorum requirements are set high to avoid spam disruptions to DAO operations.
- Unless Snapshot is deposed, all DAO decisions are handled on Snapshot. The only on-chain decision that can be made while the Snapshot term is active is to depose it.
One of the security measures in place at present is a mandatory lock-up of vBNT after voting. This is important, as there is an unacceptable double-voting exploit that can be performed if vBNT remains freely tradable after it has been used to vote with. The exploit can be performed as follows:
Alice has 100 vBNT staked in the governance contract. She is trying to get her proposal to activate liquidity mining on her pool passed, and so has an incentive to vote as many times as possible. She casts her vote via Snapshot, then withdraws the staked vBNT, and sends the tokens to another ethereum wallet. Alice is then able to re-stake the vBNT, and vote a second time. She can do this as many times as she wants, and can drive the DAO decision in her favor.
vBNT lock-up prevents this, but it is not the only effective method. Snapshot only counts votes at a specified block. For example, the vote counting could take place only at the conclusion of the voting period. If the signatures are used to read the staked vBNT only at the end of the voting period, then Alice’s early votes will count for 0, and nullifies the exploit. At first glance, it would appear that this setup would create a black-box ballot, where the quorum and majority status of the vote is hidden until the conclusion. However, this can be avoided. The real-time status can be created by reading the vBNT stakes associated with each signature in regular intervals. This would allow for quorum and majority estimates to updated regularly.