I think this is a good point, there is a difference between participation and power. We want a decentralized infrastructure and we want participation from as many people as possible but that doesn’t mean participation equal power
I’m not sure I understand your examples, can you make a practical example about how this applies to governance?
I do admit that the security of a sybil-resilience foundation for QV may be affected by the overall set of benefits which owning a proof-of-personhood brings. This is especially complex because we can’t prevent undesired use cases from overloading a provable personhood system in an transparent and unpermissioned network.
If you say “it’s too easy to pay people”, you’re certainly not wrong, but that is mostly independent of QV. The question should rather be how well a vote-buying attack would scale in any of the voting systems.
In today’s OpenGov, a single whale can change the outcome of referenda. Buying votes may even be more of a concern, because it takes just one corrupt whale to accept a “dividend” on a treasury proposal they approve.
The question is, therefore, if we can add enough friction to scaling a vote-buying attack in QV. I believe we should seriously look into vote privacy and receipt-freeness. What’s the point in paying someone for their vote if they can only prove that they voted, but can’t prove to you how they voted? That would certainly make vote-buying much harder to scale. There is plenty of research on this topic in eVoting in general and the topic would better be discussed separately IMO:
I think we should distinguish the problem of sybil-resilience (making sure every human can vote once) from vote-buying (making sure every voter votes according to their honest opinion). The latter is very blurry anyway, because “free will” isn’t “free from manipulation or external influence”. Even perfect universal suffering is affected by money: The party with more money to spend on their campaign does have an advantage over the less funded party. While that certainly isn’t “corruption”, it still is a plutocratic force but has nothing to do with sybil-resilience AFAIU.
I agree that we should not promote a “UBI for the criminally minded”. Still, I can’t overlook the balancing effect it would have globally. It would diffuse capital into underdeveloped regions where many votes could be bought for relatively little money. This is certainly not the vision I’m advocating, but at least there’s a small upside - in contrast to OpenGov of today where potential corruption of whales would enrich them even more without any redistribution effect.
Agreed. But I would say you’ll never get participation without at least a perception of power. I believe we see very low levels of OpenGov participation today because many people are resignated facing the excessive power of very few voters.
1 Like
Sorry to be very direct but it just seems to me like an unsubstantiated narrative with the only purpose to get your project funded as your project is related to Sybil resistance. If people don’t participate in governance it’s because they don’t care. They could not care because they just don’t care or they could not care because they have too few dots to make a difference. Does that mean that we now have to give them a disproportionate amount of power so that they start caring (for the wrong reason)? Shouldn’t we focus on the people that actually care because they put a lot of money and own a lot of tokens?
Direct is fine. Of course I have stakes here. However, this bounty would be no guarantee for funding of Encointer. That would be up to the curators (yet to be defined). And even if encointer wouldn’t get anything from this bounty, I’d still be in favor of it.
To your latter argument I had responded before.
1 Like
I’m definitely in favor of funding encointer to provide Sybil resistance, for usage by parachain projects. It’s super cool if a small project can gain strong-ish Sybil resistance with minimal effort.
Yet, I’m also confidant that relying upon encointer or similar for anything so dramatic as quandratic voting in polkadot treasury spending would break whatever Sybil resistance they provide.
Also, if a parachain project gets so important that they risk breaking encointer, then they should do their own harm reduction mitigations similar to what I’m discussing above. Importantly, projects need not do this when they’re small & poor, only once their big & rich.
This argument should not carry weight for Polkadot. We want the Sybil resistance for other things, which matter more from our perspective, and would probably not survive quadratic voting being used in governance.
We do care about this somewhat of course, which is why K1V has an affirmative action layer, and why we occasionally discuss if all staking rewards should have an affirmative action overall.
1 Like
Thank you @sodazone , for the insightful article. While it presents compelling arguments, I believe drawing a generalized conclusion from a single component might not be entirely accurate. A visit to The original proposal of the WWW, HTMLized shows the clear intent behind constructing a system where “Non-Centralisation” was a key requirement.
Debating the original decentralization intent of the Internet won’t move us forward. What will, is recognizing and supporting institutions like our own foundation that actively push for a decentralized web.
“We fund research and development teams who are building the foundation of the decentralized web. Join us.”
“Our mission is to nurture cutting-edge applications for decentralized web software protocols.
Our passion is delivering Web 3.0, a decentralized and fair internet where users control their own data, identity and destiny.”
https://web3.foundation/about/
1 Like
There are arguments for the optimality of an exponent of 0.5:
And you seem to misunderstand me: As the OP says, I’m not suggesting an exponent of 0 for the case of OpenGov. I’m suggesting 0.5 for the reasons explained in the OP
1 Like
What do you think about these countermeasures to vote-buying @burdges @giotto ?
We introduce a model for electronic election schemes that involves a more powerful adversary than in previous
work. In particular, we allow the adversary to demand of coerced voters that they vote in a particular manner, abstain from
voting, or even disclose their secret keys. We define a scheme to be coercion-resistant if it is infeasible for the adversary
to determine whether a coerced voter complies with the demands.
They would imply significant changes to the OpenGov voting process for sure and we’d need to investigate trust assumptions on the registrars they propose and how that protocol can be decentralized
1 Like
I do think coercion-resistance sounds interesting. It’s a fairly active research area, and I know folks who work on voting, but not sure current situation. It’s anyways subtle how properties like coercion-resistance translate between theory and practice.
Issue 1. In polkadot, we’ve aimed towards advanced features in voting, like conviction, proxies, and delegation, which make coercion-resistance much harder.
A typical voting adversary must handle credentials distributed by a much more powerful governmental entity, but the votes count like one-person one-vote.
Issue 2. Coercion-resistance becomes harder against adversaries who intervene in an online credential maintenance ceremony, like encointer envisions and which provide advantages for on-line communities. I suppose real proof-of-personhood parties hold up better.
Issue 3. A quadratic voting adversary need not coerce strangers, but merely secretly delegate their whale stake to their supporters. In particular, an exchange could pay their employees a bonus for participation, most employees remain pretty loyal, dislike breaking their contract regardless, and care about BTC & ETH but not DOT. An exchange then votes with say x=2 to double their coercion effectiveness.
Anyways…
We’ve another way quadratic voting ideas maybe useful in Polkadot. Is conviction a sensible voting property? If so, how should conviction work? It’s plausible conviction should be quadratic, meaning if you’ve x dots and lock them for time y^2 then you vote like x y.
I don’t think there is any possibility for this to work even in a theoretical way and the reason is very simple this has nothing to do with the keys:
Imagine the following example, I have a large amount of dots, I split it into 10 address, I ask 10 of my friends to do KYC to be identified as unique users and then to associate their identity to one of my addresses (easy to do because I can always sign since I have the private key). Then I can even vote myself with the address after they connected their KYC to my address, they don’t even need to have the private key, and if you create some system which requires to sign whatever then I will just sign whatever and publish on chain rendering the whole process completely useless.
very good point indeed. Delegation needs special attention here and we don’t want to remove this nice feature just to get QV I guess. Needs more thought for sure.
1 Like
We’d need to make sure:
- The process for KYC/whatever-sybil-resilience-process requires the individual to have the private key to get a PoP. (That is usually already the case for the protocols discussed).
- if the above is the case and voting can happen privately, over anonymous channels and receipt-free, then the individual could always change the vote last minute without the attacker noticing, so the attack wouldn’t work.
1 Like
How can you prove that the user has the private key? Someone else could have the private key and just sign anything the user requests as long as it’s not a transfer of the funds.
The private voting thing does not really matter because most likely the voter has absolutely no opinion and doesn’t care about the vote he just cares about the fee that he’s getting to do the KYC. You are wrongly assuming that the person who is paid to do the KYC cares about the outcome of the vote
Hello everyone, this is the first time I’ve intervened, I’ll try to explain some ideas after reading the thread. There are good ideas even if they sometimes diverge, based on what I have read, I make my small humble contribution. Quadratic voting is a collective choice mechanism based on market criteria, for which, instead of assigning a vote to each individual, each voter has at his disposal a budget of credits (votes) which he can assign to different extents, depending on his preferences regarding a specific issue on which he is called to vote.
Let’s start by saying that the attribution of voting tokens could be assigned in proportion to the quantity of tokens held on a certain date.
The validity date (expiry time) within which to consume these tokens would then have to be defined, this would also imply blocking the funds until they are completely used.
It could be a good voting system for referendums.
It could also be a good voting system for economic issues and decisions that affect the ecosystem.
It excludes no one, and would work regardless of the unique heads and addresses held.
This system could work well if the motions to be voted on were known in advance (all those before the tokens expire), which would lead to a slowdown in decisions.
Sybill attacks incur a linear increase in transaction fees as each account would have to vote. Also wouldn’t DOTs between multiple accounts would also be a challenge for validator nomination in most cases.