Research Summary: When is a DAO Decentralized?

TLDR

• Decentralized Autonomous Organizations (DAO) have grown rapidly in recent years. DAOs typically emerge around the management of decentralized financial applications (DeFi) and thus benefit from the rapid growth of innovation in this sector.
• Global regulators increasingly voice the intent to regulate DeFi activity. This may impose an excessive compliance burden on DAOs unless they are deemed sufficiently decentralized to be regulated. Yet, decentralization is an abstract concept with scarce legal precedence.
• We investigate dimensions of decentralization through thematic analysis, combining extant literature with a series of expert interviews. We propose a definition of “sufficient decentralization” and present a general framework for the assessment of decentralization.
• We derive five dimensions for the assessment of decentralization in DAOs: Token-weighted voting, Infrastructure, Governance, Escalation, and Reputation (TIGER).
• We present a discretionary sample application of the framework and five propositions on the future regulation and supervision of DAOs.

Citation

H. Axelsen, J. R. Jensen, and O. Ross, “When is a DAO Decentralized?” Complex Systems Informatics and Modeling Quarterly, CSIMQ, no. 31, pp. 51–75, 2022. Available: When is a DAO Decentralized? | Axelsen | Complex Systems Informatics and Modeling Quarterly

Core research question

When is a DAO (sufficiently) decentralized?

Background

• Compliance in crypto: Regulators view blockchain as transformational and imperative to innovation, growth, and global competitiveness. While crypto remains primarily unregulated, regulators across the globe are motivating and implementing crypto regulation to meet the challenge of ensuring consumer protection, innovation, and growth without stifling innovation.
• Decentralization: As the first major bloc, the EU passed the Markets in Crypto Asset regulation in June 2022 to become effective in Q1, 2023. If a DAO is sufficiently decentralized, it may be able to conduct otherwise regulated financial activity without compliance constraints such as capital, liquidity, and centralized control and reporting. Yet, no definition of decentralization is provided by regulators.
• Origins of decentralization: The concept of decentralization has been applied mainly within the government of nation-states and political science, administration, fiscal area, and environment, but also across a diverse range of disciplines, such as complex systems engineering, space safety engineering, cybernetics, management science, economics around principal agents theory, finance, law and technology, and crypto-economic systems. Within the nascent literature on crypto, the most applied definition of decentralization was proposed by Ethereum co-founder Vitalik Buterin with the introduction of the term “DAO” in 2013.
• DAO reference model: DAO tends to operate through bottom-up interaction and coordination among a set of independent and distributed rational agents, mitigating principal-agent problems through shifting power dynamics. Centralized attack vectors exist in multiple dimensions – in the protocol layer, the application layer, and the interface and user layers, through which a DAO community functions.

Summary

• As a working definition, we propose that “sufficient decentralization” is defined as a verifiable state, where (1) the design of the DAO is collusion resistant and based on long-term equilibrium; (2) its governance processes have unrestricted and transparent access.
• Given the pseudonymous nature of blockchain, it can be difficult to assess to what extent a DAO is decentralized. Through literature review and industry stakeholder and expert input, we investigate elements of decentralization across political, technological, social, and economic dimensions.
• Through analysis of how verifiably independent agents behave and interact with each other in critical DAO business systems, we develop a pragmatic framework for assessing decentralization
• The artifact was ex-ante field-tested with a DeFi expert from an EU financial regulator. Second, we applied the framework to assess the level of decentralization on Compound Finance, an algorithmic money market DAO operating on the Ethereum blockchain.

Method

• We chose thematic analysis as a method to reflect and unravel the surface of the “reality” of DAO decentralization through eight expert interviews and literature review. We analyzed the data in six phases: (1) familiarize yourself with the data, (2) generate initial codes, (3) search for themes, (4) review themes, (5) define and name themes, and (6) produce the report.
• The coding procedure comprised several rounds of analysis and refinements of the codes. The topic of decentralization is multi-dimensional and complicated. In the search for themes, we clustered initial 52 first-order concepts across 7 DAO subsystems, 4 policy dimensions, and 4 technical architectural layers, further synthesizing these into 15 second-order themes across 5 aggregate dimensions. Once we had derived the first-order concepts, second-order themes, and aggregate dimensions, we built the data structure. Example of theme coding structure as follows:
  

  Coding of data to themes1236×1255 234 KB
• Evaluation was 2-fold: (1) ex-ante field testing with a DeFi expert from a European financial services regulator as well as (2) desktop study and assessment of algorithmic money market DAO Compound Finance, which operates on the Ethereum blockchain.

Results

• To assess whether agents operate independently and if each critical dimension of a DAO meets the definition of sufficient decentralization, we define 3 types of agents (Verifiably Independent Agent (VIA), Presumably Independent Agent (PIA) and Unidentifiable Agents (UIA)
• We assess decentralization using a pragmatic framework with 15 components across 5 dimensions: Token Weighted Voting; Infrastructure; Governance, Escalation, and Reputation (“TIGER”) where we assess each component and the aggregate dimension either quantitatively (11 components) or qualitatively (4 components) assigning a score of 1-5, as exemplified below:

• We present a cursory application of the TIGER framework, utilizing a score-card methodology in which we assign a score between 1–5 for each dimension. While there are clearly identifiable areas of improvement, we assess that the Compound DAO is “sufficiently decentralized” when we factor in the protocol age. Over time, we expect a gradually increasing decentralization as the protocol matures and increasingly larger private and institutional stakeholders join the DAO.
  

  Compound decentralization radar1271×703 84.9 KB

Discussion and key takeaways

• From a regulatory perspective, an alternative approach could simply be to analyze (1) if the DAO is conducting a regulated activity, and if so, (2) if there is an accountable legal or physical person upon whom regulation can be enforced; if not, then the DAO being sufficiently decentralized must be acknowledged. In our view, such an approach is too simplistic and does not accept the fundamental premise that DLT/Blockchain is a transformative technology that will foster innovation and growth.
• We extrapolate our contributions into the following generalized propositions:
  • P1: The concept of technology-neutral regulation is challenged by DLT/Blockchain. DAOs exist and realize benefits through increasing degrees of decentralization. DAO legal design should therefore support the internal decentralization accomplished by the DAO so that a balance is achieved between external and internal decentralization, not the other way around.
  • P2: Regulators need to embrace the concept of a “grace period” for a DAO to achieve sufficient decentralization. The MiCA regulation did not include this, but it seems challenging to embrace DeFi and the concept of sufficient decentralization without it. We suggest an assessment approach where not only the point-in-time assessment is material to the decision of decentralization but also the design intent, thereby introducing a grace period from a risk-based perspective.
  • P3: In the short term, for “Institutional DeFi,” a level playing field needs to be developed by financial regulators and supervisors, including a “cut-off” strategy, with clear boundaries for acceptable centralized activity, to allow DLT/Blockchain-based businesses to develop properly, respecting the new technological feature regime. Regulators must accept that a new playing field for DAOs will develop over the coming years.
  • P4: Regulatory practices around DAO decentralization will evolve across blockchains and business models, each with its own strengths and weaknesses regarding centralized attack vectors and regulatory importance. A risk-based approach to DAO supervision, where required, will therefore need to be developed with a holistic view of decentralization across political, technological, social, and economic dimensions, as well as across underlying technology infrastructures that behave very differently from a risk perspective. We foresee regulators will designate some blockchains to have more systemic risk than others.
  • P5: DLT/Blockchain will transform how regulators supervise and enforce the regulation. The number of DAOs grew by a factor of 8x in the past year. With the increasing certainty on the regulation of crypto, the number of DAOs will likely continue to evolve, and the growth of the token economy and innovation of blockchain-based business models as well. Regulators need to adapt to this development with improved toolkits, competencies and more automated supervisory methods.

Applicability

• Our findings suggest that decentralization in DAOs is not a myth. Still, due to the technical features of blockchains, it can be complicated to investigate and assess the true level of DAO decentralization. Our contribution is a pragmatic framework that can guide aspiring DAOs, regulators, and supervisors to advance the decentralization agenda as the crypto and traditional economies increasingly overlap and integrate.

great summary @haxelax quite easy to comprehend.
I have a couple of questions though.
Incentives, the issuance of risk and conclusion rights, and the distribution of residual claims are all operationally governed by the use of both inferential and explicit agreements, which in the case of DAOs contracts are “trustless” smart contracts. The prominent, underlying issue at stake is how smart contracts vary from their counterparts written in the raw language. Smart contracts are illustrated and implemented in computer code and require no “trust,” whereas the natural language contracts that currently form the footings of modern corporations require “trusted” parties for their interpretation, monitoring, and enforcement because of the inherent subjectivity of the natural language used to write them. Therefore, smart contracts ideally do not demand interpretation, monitoring, and enforcement, and hence there should also be no need for conflict resolution, all of which are important factors in current theories of corporate governance (however some of these assumptions are challenged by the case of The DAO).
This makes solving disputes or managing unforeseen events involving smart contracts difficult since there is no central governance or legal framework available. The DAO exhibits, that this can create a serious threat to an organization’s ability to react and survive crises.

my questions are;

1. how will threats like these be addressed?
2. how will risk be allocated in a DAO?
3. how does the concept of “minority” exist in a DAO?
4. When hit by a crisis who does it affect the most?

Thanks for your excellent questions @GloriaOkoba,
To some extent I think your questions are potential future research questions that require more thought, but I do think it is critical to implement an escalation mechanism in a DAO “constitution” up front when it is designed, as it may prove impossible to implement, once decentralized. As relates the threats and risks questions (1&2), although this sounds very centralized and controlled, the way to approach it in a flexible manner in a DAO could be to implement a policy requirement up front in the DAO statutes for an escalation mechanism to always exist and a resilience testing mechanism, which must be further detailed in the DAO’s chosen operations and governance procedures and be subject to regular review and updating through the chosen democratic voting implemented. Inspired by recovery and resolution planning, digital and financial resilience requirements and dispute resolution in the traditional world, the implementation should include a requirement to regularly identify and assess critical vulnerabilities and risks, develop mitigation plans and allocate capital and other measures to deal with those risks, as is already standard in many DAOs.
In terms of the minority concept in a DAO, in this paper we refer to minority token-holders / owners, when we discuss ‘minority’, and we were obviously concerned about the ability of the majority to abuse. When we conducted our research we found from US activist shareholder experience that it is sometimes possible to launch a successful campaign with less than 2 pct of the outstanding shares in well diversified companies, the test is really very specific and should be assessed quantitatively using some of the methods we mention in the paper, where there is doubt on the composition of the token holders and delegates.
As to whom a crisis affects most is also an interesting question, we do not have an answer. I recall an interesting study from the 1980’s by Oxford University looking into the impact of catastrophes on shareholder value. Many interesting findings that have been used since for compliance and risk management more broadly; perhaps a future research paper should investigate crisis experience in DAOs, impact and lessons learned, I am sure the effects hit different stakeholders differently depending on the nature of the crisis. This would be something one would gain a better understanding of in a particular DAO through the steps mentioned above.

Since decentralization is at the center of Web 3 practices, I am happy that the decentralization of DAOs is being considered by your work @haxelax.

One of the four ethos of a DAO outlined by @danielo in their research paper and subsequent summary on the forum is decentralization. On my part, I consider that research a remarkable work as it establishes reasonable foundations upon which a DAO is built. We may, therefore, agree that DAO decentralization is crucial. The more decentralized a DAO is, the better the chance of it achieving its goals and staying secure.

Considering that the regulation of DeFi will have a ripple effect on DAOs, are you insinuating that decentralization will help DAOs “evade” regulation?

Thanks for the question @Ulysses.
Well, “insinuating” has a rather negative or manipulative connotation, I merely reflect on the (still unpublished) draft MiCA recital 12a, which was proposed by the EU Council negotiation mandate in November 2021, which, in my understanding, is still the wording that moved forward. Recital 12a clearly states that if “crypto assets have no offeror and are not traded in a trading platform which is considered to be operated by a service provider, the provisions of (this regulation, ed.) do not apply”. An offeror is defined in the MiCA draft as “a natural or legal person, or undertaking including, as the case may be, the issuer of crypto-assets, which offers crypto-assets to the public”. In my opinion an “offeror” that is sufficiently decentralized may evade regulation as there is then no longer any “person” to hold accountable. Bearn in mind though, that if the native token is traded, then a competent authority may ban it even in the case of no offeror, cfr recital 65. This effectively means the ecosystem of service providers are no longer allowed to service it. Which again suggests that to evade regulation a DAO should not only be sufficiently decentralized, but also avoid trading on a platform that is serviced by a regulated service provider (CASP).
I suggest in the paper that any aspiring DAO should understand these regulatory implications from early on.

Thanks for your quick response and for bringing to light the draft MiCA recital 12a. At least it would serve as a resource to anyone trying to create a DAO.

Since the evasion of DAO regulation was not explicitly stated, I used the seemingly offending word. I never intended your idea as being manipulative. Thanks for your understanding.

Whenever the draft MiCA recital 12a gets published please do tag to this post for easy reference. Or is there a relevant link to this that you can help share currently?

All good :-) The draft is indeed published, it is the final version that is not, sorry for that misunderstanding. The EU Council mandate is on the following link: https://www.consilium.europa.eu/media/53105/st14067-en21.pdf. DAOs were included in the parliament proposal draft that came out in the March 2022, but it is my understanding that that proposal was withdrawn during the trilogue negotiations. You can find more on that here: REPORT on the proposal for a regulation of the European Parliament and of the Council on markets in crypto-assets and amending Directive (EU) 2019/1937 | A9-0052/2022 | European Parliament

Alright, great. Thanks for the links.

Also Coindesk had a piece on steps required before the agreement becomes a regulation fyi: Here's What Still Needs to Happen Before the EU's MiCA Bill Becomes Law