A note on Electric Coin Company process


#1

Folks:

This note is about the Electric Coin Company’s process for deciding what features it will implement and support in its zcashd software. This is not about what the Zcash community will or won’t do with that software. That’s outside of my purview. The purpose of this note is to clarify some things about our current process within the company.

The main focus of the current process is the Network Upgrade Pipeline: https://z.cash/blog/the-zcash-network-upgrade-pipeline/

One really neat thing about this system (designed by Nathan Wilcox with help from Mary Moore Simmons and others) is that there are now “entry points” where external third parties could supply Zcash Improvement Proposals, implementations, etc., and we know where those could “plug in” to this pipeline. The next deadline for that is the end of February to submit Zcash Improvement Proposals which we could consider for inclusion in NU3. The Feature Selection step for Network Upgrade 3 (which will activate in the spring of 2020) is at the end of May of this year. It’s the green “Upgrade A” bar on the diagram.

Now about the Feature Selection process: What we currently do in the Electric Coin Company is that we have one person who is the decision-maker for the next network upgrade. That’s typically Nathan Wilcox, the company’s Chief Technology Officer, and he approved all of candidate features that we were considering before he left for vacation (including Harmony Mining, and the time-locked-Alg-B-rewards part of Harmony Mining). Since he left for a long winter vacation, he left me in charge of that role, and the rest of the engineering team and me subsequently dug into a lot of details about the various proposals that he had approved and decided to exclude the vast majority of them because we wouldn’t have time to do more than a couple of them right. We wound up with Harmony Mining, Faster Blocks, Split Founders Reward, and “keep tx v4 working through ‘Blossom’ Network Upgrade 2” Blossom Upgrade Goals.

Now we could have a process in which there were multiple decision makers who had to collectively agree on the contents of such decisions, effectively giving multiple decision makers a veto, or having a panel or board or group which voted and having some threshold of votes, or something, but I think that would be a bad idea. I think for safety/security, coherence, and speed of execution it is better to have a single decision-maker.

Now you might disagree! That’s fine. Maybe you think it would be better if the Electric Coin Company used a different process than this one, or had a different person than me serving as the final decision-maker. I encourage you to make up your own mind about such things. The purpose of this note is to let everyone know what the current process is, so that you can have accurate expectations what the Electric Coin Company will do in the future, and you can decide how you want to deal with that expected behavior.

So, our current process means that with regard to the dual-PoW component of Harmony Mining, as well as with regard to the time-locked-mining-rewards portion, as well as with regard to the Faster Blocks part, anyone else, such as Daira, has until tomorrow (Monday the 7th) to convince me that it is such a bad idea that we have to throw out our entire plan and ship the Blossom software with a radically reduced set of changes. If they don’t, then we (the company) will commit to vetting and implementing the chosen set of changes. We’ll then have about 9 months to verify that there aren’t design or implementation flaws which could threaten the safety of users — that’s the biggest part of why the Network Upgrade Pipeline takes so long — before it activates on mainnet.

In particular, note that the process does not require persuading Daira that a particular feature is a good idea. We can go ahead with this process as designed even while Daira thinks that some elements of it are terrible ideas. That’s a healthy and normal expected part of this process.

I’ve seen that Daira recently posted some simulation results on the github thread showing security trade-offs of dual-PoW mining. That’s great! That’s exactly the sort of precise, critical analysis that we need. I intend to spend much of the rest of today studying that. The results are currently quite preliminary and I expect it will take several weeks — at least — of refined analysis and discussion to understand the precise impact, if any, on user safety. We could lean to the side of caution by removing Harmony Mining from the NU2 Goals now, allowing us to focus on just Faster Blocks, Split Founders Reward, and Keep-Txv4-Working for NU2, or we could lean to the side of ambition by keeping Harmony Mining in the Goals, at the risk that it would subsequently turn out that it wasn’t safe to deploy, and we would have spent time and effort on it which we could have spent on other projects. I’ll be making that call tomorrow.

By the way, I think the new “Grin” coin, which is due to launch soon, is doing a dual-PoW system, too. This is very good for us, because it means we can learn from what happens to Grin in practice, as well as learning from their design decisions and analysis. Going the other direction, if there are any Grin people reading this, you might want to check out the analysis we’re doing on the Harmony Mining github thread! It’s a lot more urgent for Grin than for Zcash since Grin is going live with it quite soon if I understand correctly.


January 11, 2019 - Weekly Update (Community + Comms)
#2

One really neat thing about this system (designed by Nathan Wilcox with help from Mary Moore Simmons and others) is that there are now “entry points” where external third parties could supply Zcash Improvement Proposals, implementations, etc., and we know where those could “plug in” to this pipeline. The next deadline for that is the end of February to submit Zcash Improvement Proposals which we could consider for inclusion in NU3. The Feature Selection step for Network Upgrade 3 (which will activate in the spring of 2020) is at the end of May of this year. It’s the green “Upgrade A” bar on the diagram.

From the Foundation perspective, I think it would be great to foster more public discussion (and proposals for inclusion) into NU3, and the ZIP process is a great match for that. Additionally, it would be great for the Company to submit its own ideas through such a process, so the public would have an opportunity to discuss them with a fair amount of leeway before a network upgrade; would help a great deal with transparency and help transition to more input from more stakeholders prior to a network upgrade.

Speaking of the ZIP process, I’ve been working on a draft of a new iteration of the process that I hope the Foundation can take the lead on—still waiting on some feedback but hope to share it soon and that it might encourage more submission and discussion as above.


#3

Josh: this sounds like a great idea! I’d definitely be into having the new proposals put forward by the company go through this pre-specification process before Feature Selection. Also I’d strongly encourage others to submit proposals. Topics that I’d love to see proposals for include:

  • Toxic-waste-free proving systems (Bulletproofs!) or other cryptographic techniques to further prevent and mitigate cryptographic breakthroughs, bugs, etc
  • Vitalik Buterin’s min-fee proposal: https://github.com/zcash/zcash/issues/3473 I guess the github issue he opened doesn’t count as a proposal for this new process, though, and instead he or someone needs to reformat it as a ZIP and submit it? I’d like to know precisely what the difference is between a github issue like that one and a Draft ZIP.
  • Rental fees for old UTXOs and spends from old shielded pools: https://github.com/zcash/zcash/issues/3693 (This is probably the best, most immediate step in the project of “deprecate taddrs”.)
  • Switch from Dual-PoW to Triple-PoW/PoW/Proof-of-Stake
  • Payments to Sprout (Zcash 1.0) zaddrs are consensus-invalid
  • Reserve space in each block for fully shielded transactions: https://github.com/zcash/zcash/issues/1133 (This could now be updated to say reserve space for Sapling-only transactions.)
  • https://github.com/zcash/zcash/issues/829 / https://github.com/zcash/zcash/issues/3667
  • “Slow Money Spell”, “I-Got-Burgled Button”, shielded time-locks

In addition I’d love to see what other ideas people have that they are willing to write up a Draft ZIP for.

Remember, the deadline for Draft ZIPs to be considered in the Electric Coin Company’s NU3 Feature-Selection process is end of March, so that there are two months between submission of the Draft ZIPs and the final Feature Selection. https://z.cash/blog/the-zcash-network-upgrade-pipeline/ If a Draft ZIP misses that deadline, the deadline for inclusion in the NU4 Feature Selection process is end of September.


#4

For clarity on ZIPS https://zcash.readthedocs.io/en/latest/rtd_pages/index_zips.html


#5

I agree with this ONLY if them voices will matter. Having open disucussion is great and all, but if the end result is they have zero effect on the “vote” why even have a discussion than?

There was TONS of discussion on ASIC when they were announced, the “majority” of people on the fourms were totally against them. But they were a “minority” of the people that used Zcash I guess, so they were not heard it seems. How can we prevent this in the future, and make everyones voice count.


#6

Decisions about the trajectory of Zcash are not democratic and I doubt that they ever will be. Feedback is taken into account — by ZcashCo (I have observed) and the Zcash Foundation (I know), in our respective decisions — but neither entity is bound to do what the loudest voices want.


#7

Thank you for making this clear, I will point this out next time there is a voting panel and people think the vote counted.

EDIT: Im saying this because there was confusion with members saying the reason we are ASIC now is because the panel voted for it.


#8

See the reply Andrew left in the other thread: Zcash Foundations Voting and Governance Panel


#9

FWIW @Lisfin the governance panel did have effects on Foundation policy. It determined the makeup of two Board seats and set priorities for the Foundation. The Foundation was not beholden to the vote, it was advisory—but it still mattered to us, because community involvement and influence is very much central to our Mission.

We (the Foundation) are not in control of the Zcash Co, nor should we be. They can and should do whatever they think is in their best interest (which no doubt includes factoring in community feedback).

I expect that as Foundation influence grows on the network (particularly with things like the Parity node work we’re funding, and all the wallet work we’ve been funding as well) Foundation influence will more directly affect the trajectory of the network. But I wouldn’t expect the Foundation to be purely a democratic projection of power on the network; there are many decisions that need to be made technocratically, and the main difficulty for the Zcash ecosystem at large is deciding which is which and how to weigh feedback accordingly. It’s also the fundamental governance challenge of any group of people, TBQH, and it’s a tough one.

EDIT: @sonya’s link above to Andrew’s reply is also worth reading and echoes my sentiments


#10

See this is the part that is making me confused.

The Foundation says we can vote, and we have a choice as a community. Ok understood.
Than the foundation turns around and than says “we are not in control of the Zcash Co”. Ok understood.

Well, ZcashCo seems to be the one with the final call, so how does voting for anything the foundation proposes have any effect if ZcashCo just says no even tho you have a mountain of evidence and the votes to support it.

This makes it sound like it has no effect, a mod has come out and said the panel had no effect on the outcome of ASICs. This does not sound like the voting counted. Sure you guys hear us and can see how the community feels. But it seems it doesnt matter, ZcashCo will do what they want anyway.

Im not sure how much influence the foundation has, but from what I have gathered you can only “propose” ideas to ZcashCo? I could be completely wrong on this.

This is disingenuous voting then. People would expect since look 90/100 people voted for this, it will pass. and ZcashCo can just be like nope. Does the votes really count than?

I am very thankful you guys have a voting panel, but from what I understood at the time(incorrectly), it was the “community” voting for it, not just a suggestion.


#11

#12

Here’s another one I’d love to see a Draft-ZIP for for NU3!


#13

There are a few different and difficult issues at play here, @listfin, and in this topic you’ve brought up two different ones:

Here, it seems to sound like you are concerned that the voting system didn’t represent the members of the forum adequately. If the goal with voting is to make everyone’s voice count, how would you achieve that?

As it stands, the Foundation made a best effort to set up an advisory voting scheme. But then my impression is that when some people didn’t like the outcome of the vote, they shift the goal posts by saying the voting scheme wasn’t good enough. How do you know all voices weren’t accounted for in the voting scheme?

If you propose a way to do that that is convincing to everyone, we should definitely consider doing that. I definitely would like to know all voices are heard in a way that’s proportionate to their authentic involvement in Zcash. (I say authentic to rule out the possibility of trolls who just intend to disrupt the community.)

Now this sounds like a separate issue which is that the voting is non-binding. So would you feel better if ZcashCo or the Foundation was somehow bound by 2018 Q2 Zcash Foundation Community Governance Panel, especially question 2?

I think it’s totally reasonable to say there should be a binding vote scheme and it should address everyone’s voices perfectly. Figuring out how to do that is quite another matter though, so we should think about what happens in a bunch of likely scenarios:

  • the voting scheme is binding but captured by special interests and/or doesn’t represent the right constituents sufficiently,
  • the voting scheme is non-binding, but ZcashCo is captured by special interests,
  • the voting scheme is binding and is a pretty good approximation of “the right balance” of Zcash community, but then voting process and outcomes become dominated by political maneuvering in a way that’s bad for Zcash. (For example, two competing parties form then they do political deal making where party A will let party B do bad thing X if party B agrees to let Party A do bad thing Y, and now Zcash has two bad developments X and Y.)

Finally, this might not satisfy you, @listfin, yet I believe there’s one very important value of a non-binding voting process, which is that it becomes very clear to the community and the world if ZcashCo and/or the Foundation make a decision contrary to a vote.

Finally, I agree with you in the very general sense that we should continue to improve governance. I’m just not convinced it’s easy and there are failure risks we should guard against. (Not improving sufficiently is also a failure risk!)


#14

The problem is the voting didnt matter. You guys would not of forked if 90% voted for it. Team members and moderators said this… Sapling was the important thing. I dont know why you are responding to this over a month and a half later…

If you propose a way to do that that is convincing to everyone, we should definitely consider doing that. I definitely would like to know all voices are heard in a way that’s proportionate to their authentic involvement in Zcash. (I say authentic to rule out the possibility of trolls who just intend to disrupt the community.)

When you ask people to vote, a community of thousands, and only 60 some people show up, that is not a good representation.

When you read the come to vote, it asked for people who have contributed to the community, what does that even mean? I didnt think I was eligible just for having a forum account. When you have such little percentage of the community showing up to a vote, does that not raise any red flags, that maybe the message didnt get out, that you wanted the COMMUNITY to vote, not just people who “contributed” to the Zcash community…

Now this sounds like a separate issue which is that the voting is non-binding. So would you feel better if ZcashCo or the Foundation was somehow bound by 2018 Q2 Zcash Foundation Community Governance Panel, especially question 2?

" The Zcash community wishes to preserve ASIC resistance, discouraging the use of ASIC mining equipment in favor of GPU mining equipment. The Zcash Foundation should therefore adopt this as a priority."

What a rigged question, It should of said,
Does the Zcash community wish to preserve ASIC resistance?
PERIOD END DONE.

Dont tack this part on “The Zcash Foundation should therefore adopt this as a priority”.
NO it should not be the priority, but now, 6 months later, here we are…still with ASICs…guess this is what the community wanted, so who am I to say.

No other question was presented this way. “adopt this as a priority” seems like that would be pushing off important upgrades no? Can you not see how this is a rigged question?

And once again, you guys are acting like, look we had a voting panel and they voted for ASICs, when every other poll else where (with many more people) showed majority against them, but them polls dont count, they dont “represent the community” you guys said…

I have already discussed this in depth in other threads, I got multiple warnings about going off topic so I created my own, people redicule me about my concerns and I tell them to attack my arguments and not me, and I got suspened for trolling for 2 weeks…

You can act like you dont understand the problems with the last voting, but I hope you learned something from it. Im sick of hearing “the community voted for ASICs”, that is why ZcashCo decided to do it. The vote had nothing to do with it, if you didnt want to risk the Sapling upgrade…just say that…

I mean really, why even respond to this a month and a half later? What are you trying to point out or prove? If you think the last vote was a good representation of the entire Zcash community, I dont know what to tell you…

This is why I was vocal about any new “vote”, and how it will not count again…so whats the point.


#15

@Lisfin the voting did matter, but it matter to the Foundation, not necessarily the Zcash Co I’m sure they payed attention (Zcash Co) and took it under advisement of what the community felt was “right”, but they have their own plans, their own agenda, and at no point did they ever agree to be bound by the vote outcome. I’ve pointed this out before. At the end of the day, the company owned the coin logo, trade mark, and the Devs work for them. They can do whatever they want, and there is virtually nothing you, I, or the guy down the street with 2 ZEC in a wallet can say/do about it. Zcash wasn’t a community created coin sadly, it was spawned by a bunch of smart guys who formed a company and got some investors to help get it built and launched. Which means their duty is to the company and the investors, not to the community per se. That’s not a slight against Zcash Co. , that is just reality. However, go back through the ASIC threads folks, one of the criteria for that voting panel (not that it really mattered in the end) as that prospective members were being “vetted” to ensure they were contributing and invested considerably into Zcash. A lot of folks took that to mean you had to have considerable holdings to get on the panel. Don’t believe that was ever clarified to be the actual case, or just a unclear choice of words. It did however cause quite a commotion at one point.

I don’t agree with the path they chose to go down, and I was “very” vocal about it, and why. I made it clear what I felt the end result was going to be…and it’s already happened. We fought an uphill battle being challenged to “prove” why ASIC would not be a “good” thing for anyone in the end. The sad part was the only way to “prove” it was after the fact. Show me one small miner who can break even with this difficulty level now? Don’t bother trotting out the “When the market recovers…” line. When the market recovers, and it will, difficulty will go parabolic with price, that is expected and a known outcome demonstrable across any crypto coin whether ASIC or GPU. The reality is mining will be watered down further, and then the arguments for POS will start being trotted out as the “solution” to the problem created by the destabilizing effect of ASIC on the network. Yes, yes, network hash has never been higher, that’s all the matters…until you stop turning a blind eye and pay attention where all that hash power is coming from, and how concentrated it is and where those concentrations are. What happens when “Big Brother” in those “places” decides Zcash is not welcome anymore? Do you truly believe these “places” haven’t done things in the past? But that’s not a problem…until it becomes a problem right? I still strongly believe the project was better off without ASIC, Time will either prove me right or wrong. I guess we will have to wait and see.


#16

You keep repeating this statement, who exactly is saying this besides you? I don’t recall anyone from the Foundation or Company saying this.

Links please.


#17

Hey, it’s clear you’re very frustrated about this, and the reason I responded to you was to figure out how to improve (either company (sidenote), Foundation, or community in general).

(sidenote) The company has changed our name to “Electric Coin Company”, blog post, so I’ll just call it ECC here.

The reason I’m commenting on this now is because the future of Zcash, at ECC we’re trying to figure out, with the Foundation and community, how to make future upgrade process better. So I want to understand your concerns and figure out how we can do better.

I’m still confused, however, how to reconcile your concerns about voting expressed in this thread. It seems like you have three concerns: voting is non-binding on ECC or the Foundation, the voting that occurred wasn’t representative, and finally the outcome of that process wasn’t satisfactory.

So let me ask again, what would you propose as an improvement? How could Zcash be better?

Some ways to explore this are to imagine how things could go wrong with the different pieces.

For example, if the voting was the same (non-binding, same group of people voting) but then ECC decided counter to that vote to push forward on an ASIC resistance proposal, would you be more or less satisfied?

Or, what if the vote was binding on ECC, so we were forced to deprioritize ASIC resistance? Would that be better than the current situation?

How could we make a voting system that was more accurately representative in the first place?

So I hope you see I’m not saying I disagree with you at all, I’m just trying to figure out how to improve.


#18

Tough question. I personally was thinking several times about this question.

The best and nearest voting system that came into my mind is through the wallet itself as seen allready on some projects. For example it could be like:

  • 1 ZEC = 1 Vote
  • only balances/wallets that hold the private key are allowed
  • exchange wallets are not allowed to vote
  • voting funds on the wallet for the time of voting, for example 7 days are frozen for this period.
  • points for voting could be made by zcash co, the foundation and by community members after these get a given liked status.

that’s the voting system that in my opinion could be the most representative and is not focused just on a given group, like miners, holders, traders, forum members, but intregrates them all (if interested) in the voting process and voting taking.

Can’t think about something better. What’s the zcash co and foundations stance on how to improve voting?


#19

Random thoughts…

We have this wonderful memo field on zaddr transactions that could be used to cast a vote. The memo could contain a ‘voting token’.

A ‘voting token’ could be applied for from the foundation, ie: prove you hold ZEC, perhaps issued to investors, stakeholders, forum regulars, devs etc, whatever is needed to exclude trolls/bots/etc. There’s a privacy tradeoff but I think its fair for the foundation to know who you are if you’re going to vote.

Voting would be a tx for a nominal amount to an address with your token in the memo - seperate address for each vote, viewing key made public so anyone can check/count the results. (Oops! Memo field would need to be hidden from public view).Votes cast could be validated by checking the memo.

As for binding/non-binding - I would suggest a vote becomes more binding based on how many votes are cast. 90% in favour means nothing it only 10 people vote, but 10000 votes is different. Targets/thresholds need careful thought.

Just my two zats worth.

(Edit: see ‘oops!’ comment)


#20

Voting based on ownership of ZEC will give large holders the biggest voice, which is probably people associated with ECC or big whales. IMO, that wouldn’t materially change from the status quo of “ECC does whatever it plans without being bound by votes”.

Worse yet, it might give the facade of legitimacy. There’s one thing I think is very valuable about the status quo, which is that at least no one is tricked into thinking ECC doesn’t wield substantial power here.

IMO, if you look at other on-chain voting schemes, or “truly decentralized governance” you can’t assume that community is better or worse off without learning a bunch of potentially confidential information.

So while I agree we definitely need governance improvements in Zcash, at the very least, we’re not tricking anyone.