- Most DAOs lack voting privacy, enabling peer pressure and outright bribery.
- Hiding individual votes and adding "noise" to a final tally can provide big privacy improvements, researchers say.
- But only if voting power isn't too concentrated in the wallets of a few major players.
Whales are a problem for DAOs, the digital cooperatives running decentralised finance.
That’s according to a new study that examined how decentralised autonomous organisations can enable private voting. Most DAOs today lack the feature, which creates opportunities to influence votes, whether through peer pressure or outright bribery.
This week, researchers at Cornell University published a paper detailing a partial solution to DAOs’ lack of privacy — but the “extreme” concentration of voting power among a few wealthy players, or whales, limits the effectiveness of their proposed solution, they wrote.
“Our work injects new urgency into the question of how DAOs can protect against whale dominance — a popular topic of study and community action,” the researchers wrote.
DAOs were envisioned as a more democratic and resilient alternative to banks’ traditional corporate structures. Typically, anyone who holds a protocol’s governance token can propose and vote on changes, such as adopting technical upgrades or tweaking financial parameters like interest rates.
As of Friday, most of the top 15 protocols in decentralised finance were run entirely or in part by tokenholders. Those protocols account for more than half of the $225 billion DeFi ecosystem, according to DefiLlama data.
Crypto bribery
While DAOs are, in theory, decentralised alternatives to legacy financial institutions, they are largely controlled by a select few. Worse yet, those whales are relatively easy to bribe.
So-called secret ballots are critical in free and fair elections: they allow people to vote their conscience, without fear of reprisal.
In most DAOs, however, votes are public: Anyone can see how a particular wallet voted for a proposal. That makes it possible to reward wallets for casting certain votes.
While such bribes are an accepted tool in some DeFi protocols, such as Curve, in other instances they can undermine a DAO’s supposedly democratic process.
In a 2023 paper, Cornell University Professor Ari Juels — a contributor to the most recent study — and his colleagues demonstrated how so-called Dark DAOs could be used to coordinate bribes and influence votes in existing DAOs.
In 2021, Ethereum co-founder Vitalik Buterin wrote that “outright attacks through various forms of … vote buying” was one of two main issues facing DAOs’ token-based voting.
Some developers are working on technology that can hide how individual wallets vote on DAO proposals. But that isn’t enough, according to the Cornell researchers — the final tally can, in many instances, “leak” how large tokenholders voted.
To address this, the researchers proposed adding “noise” to final tallies. This would artificially tweak the ultimate vote count in order to limit observers’ ability to deduce how certain wallets voted.
The problem? Voting power in DAOs is so concentrated, it limits how much noise can be added before the final tally becomes meaningless.
B-privacy
While political elections almost universally abide by the simple rule of “one person, one vote,” DAOs typically employ weighted voting, in which voting power is determined by the number of so-called governance tokens a person holds.
This limits the utility of secret ballots, according to the researchers.
Analysing 3,844 yes/no votes across 31 DAOs, they were largely able to determine how members voted even when ballots were kept secret.
Using two “attacks” on ballot secrecy, they were able to identify at least one voter’s choice 81% of the time, and all voter’s choices almost 30% of the time.
Small DAOs fared the worst: in votes with fewer than 45 participants, the researchers were able to ID every voter 90% of the time. While they struggled to unmask most individual voters in larger DAOs, the researchers were often able to unmask the largest voters, who often accounted for the overwhelming majority of votes cast.
To be sure, the researchers are identifying crypto wallets, rather than the real-world identities of the wallets’ owners. But a wallet address is all an attacker needs to undermine DAO governance.
To implement ballot secrecy in DAOs, the researchers proposed using a new metric they call “bribery-privacy,” the minimum bribe an attacker must pay to achieve a certain outcome.
Determining B-privacy can, in turn, determine the amount of “noise” to add to a published final vote tally.
The amount of added noise would be determined by an algorithm, according to the researchers. Meanwhile, the outcome, as determined by the actual tally, would always be revealed in order to prevent the added noise from unintentionally flipping the results.
This method can dramatically raise the cost of bribing voters — in ideal circumstances, the researchers say.
“Adding more noise improves B-Privacy … but degrades the fidelity of the raw tally, limiting its usefulness for understanding margins and community consensus,” they wrote.
“Extreme voting weight concentration fundamentally limits B-privacy improvements in most real-world cases.”
Across all the proposals they analysed, adding a certain amount of noise increased the bribery cost one-and-a-half-fold. When more than five wallets were required to determine the outcome of a vote, however, the same amount of noise increased bribery costs more than fourfold.
Ultimately, the research suggests a couple ways to improve DAO governance, according to the paper’s authors: First, add noise to vote tallies, with greater noise for more contentious proposals in which voters could face greater pressure from peers or would-be attackers.
Second, DAOs should seek to curb the influence of whales. And finally, where that isn’t possible, DAOs should “ prioritise monitoring and protecting whale voters.”
Aleks Gilbert is DL News’ New York-based DeFi correspondent. You can reach him at aleks@dlnews.com.
