Staked Poll on Zcash Dev Fund Debate

The last 3 months nobody talked/mentioned/considered/announced/fine tuned/fixed the staked poll since than. So yes, i’am totally surpised that none of the problematic issues has been fixed, none of the concerns fine tuned, no regulations and/or conditions are set.

And yes, i’am surprised that this staked polling netherless get pushed a sudden out of nowhere on twitter by foundation members, by zooko and the ECC.

But the clarity call you posted here and on twitter is a good one, at least these people are now aware that they are not participating in an official vote and that it has not any impact.

1 Like

The current poll is a nice PoC and a great converstation starter. We now know a lot more about the risks and constraints.

At our leisure, let’s have a technical discussion of how to do the best staked/coinholder we can!

In fact, there are two different discussions to be had:

  1. What’s the best short term polling system that can be improvised using existing (or straightforward) software in a few weeks/months’ timescale?
  2. What’s the best long-term polling system we can build by pulling out all stops, including doing a network upgrade if needed? To serve us, say, a couple of years from now?

Is there a need for 1, or should be jump straight to 2?

What are the requirements from the polling system?

For a general discussion of blockchain-based voting, see the “Blockchains” section (p. 103-105) of the Securing the Vote study. See also this discussion of a grant proposal for a Zcash-based voting system.


I personally think the staked poll is a very good addition to other polling mechanisms once tweaked.

Maybe bevor going tech only it makes some sense to render the conditions and/or requirements in detail and than go to the pure tech?

My reasoning for this appraoch is that some things should be known, just some examples:

  • should the staking poll be a stand alone mechanism or should it be combined with other poll results?
  • should there be restrictions on who, how, when with what can participate?
  • should it as well eliminate double voting, in case other poll mechanisms are used as well?
  • should ECC and ZF (or other?) stakes be included or excluded from voting?
  • should it be a pure stake weight polling mechanism or something more softened with a hardcap for example to limit the influence from big stake holders?
  • should the stake polling be used for all kind of voting and polling or only higher important ones?
  • would it be an option to combine stake holder polling with a switch to some choosen POS design? In such a case i could imagine that an implentation could be easier and more promising.
  • what other known conditions should/must/could a staked polling have to make it a promising and valid option?

Just some thoughts …


I really hope people play with this way of polling (note the careful use of words, polling not voting) - its an important signal & although the method needs improvement its going to be interesting whatever happens.

Just accept it for what it is - an indication, not an absolute measurement - with a completely fungible thing that’s all you can really achieve.


I’m against the concept of the amount of money you have equaling the amount of say you have but I believe that a trustless polling measure (that’s how we would all like) is possible however difficult it may seem


Yeah, me too - but it’ll be possible to see the number of votes and the weight each vote carries. Opinions of ‘whales versus minnows’, that kinda thing, each part of the ecosystem will have its own bias - although not expecting miners to do anything, we’ll see.

Ultimately, the project is for the benefit of those that use Zcash which to me includes those that hold it - really don’t care for the opinions of those with nothing more than a loud voice & criticism.


Some of the above calls for the impossible, so let’s recognize inherent constraints.

Your voting/polling scheme can be coin-weighted, permissionless, or whale-resistant: choose two.

(Here, “whale” means someone who holds a very large amounts of coins, or assets they are willing to covert to coins. “Coin-weighted” may be by coin holding at a given time, or over a given duration, weighted by amount and holding period. “Permissionless” means participation is not subject to someone’s approval. The trilemma doesn’t seem to depend on the nuances.)

  • You can’t achieve all three, because if it’s coin-weighted and permissionless, then it cannot be whale-resistant, i.e., whales’ voting power cannot be capped to any less than their proportional coin weight. This is due to possibility of Sybil attacks: whatever is supposed to be done by a thousand small coin holders, a whale with the same total amount of coins can technically do the same thing by splitting its coins across a thousand wallets. The observable effects are indistinguishable.

But you can achieve any two:

  • Whale-resistant (but not permissionless): do a permissioned poll tied to people’s persistent identities, such as legal names or reputable forum accounts. Then you can make it one-person-one-vote, or coin-weighted-but-capped (in which case you need to use a proper cryptographic scheme to avoid linking weights to identities).

  • Coin-weighted and permissionless (but not whale-resistant): can be achieved in a privacy-preserving way by simple variants of the Zerocash or Zcash protocols (may require a network upgrade). Also, approximated by the protocol in this thread, with some privacy caveats.

  • Anonymous and whale-resistant (but not coin-weighted): do a permissionless straw-poll where anyone can cast unlimited votes.

So please find a loophole, or choose two.

(See also my general objections to coin-holding-time-weighted voting.)


There’s an even broader dilemma here: any governance mechanism that is identity-free (ie. only relies on anonymous things like PoW or coin holdings to assign weight to participants and avoid sybils) is invariably vulnerable to bribes and plutocracy.

I go into this in details here:

Personally I am increasingly thinking the cypherpunk movement should bite the bullet and start working on reasonable non-centralized identity systems (“reasonable” including stuff like privacy, lack of dependence on specific issuers, ability to have multiple pseudonyms at some cost, lack of easy backdoorability by state actors…). They don’t need to be baked into base-layer blockchain protocols but can exist on top and inform occasional governance decisions.

The approach in is one place to start; is another, etc etc. I know there are many people working on this.


[Don’t see the edit button so making a follow-up post]

Obviously throw in censorship resistance, as in the ability to get an ID despite being disfavored by centralized authorities or even the majority of a community, as a desideratum.


Welcome to the forum!
Yeah I didn’t say it was coming anytime soon, I’ve thought about it a lot and haven’t drawn much but blanks

1 Like


If you are who we think you are the mods will prob bump your account to allow edits :slight_smile:


Pre-emptive answer to security question: I most recently saw Zooko at a dinner in SF (Presidio) at the end of October, and there was a slightly awkward moment where he popped by beside me at exactly the time I was finishing the sentence (roughly) “meals with zero vegetable content literally make my stomach sick”. We were later all asked for a book that had an influence on us, and I replied The Elephant In The Brain.



What a an excellent post! I agree, and for the simple special case of coin-weighted voting, I recently likewise pointed out that it degenerates to pay-to-vote in the presence of lending markets. (Appended this link above, now.)

With Zcash governance, we’ve painted ourselves into a particularly difficult corner:

  1. The ethos of privacy/anonymity makes identity-based and permissioned approaches unsavory to this community.
  2. A big goal of the current Dev Fund discussion is to transcend the dependence on the established governance players (ECC and Zfnd). We can’t do governance by permissionless voting, for all of the above reasons, and we can’t use permissioned voting, because (by definition) the existing governance is not supposed to make the requisite discretionary calls. So there are many proposals that instead prescribe the creation of independent new governance committees to preside on or along the existing ones. But how shall those be populated? Well, you guessed it, election by coin-weighted voting is a popular suggestion…

Thus far, things have gravitated towards non-binding “sentiment collection”, which is interpreted by human beings (the Zcash Foundation and ECC) at their best discretion and under the watchful eyes of the community.


Welcome to the forums Vitalik

I have bumped your trust level to Member so you can edit your posts :wink:

Hey, V! Welcome to our forum!

Moderators: I can confirm that his story about the most recent time we saw each other checks out. (Also that this post is totally his style.)

Vitalik, you can vote in Community sentiment collection: Poll on NU4 dev fund ZIPs!, and I hope you do — just to increase the signal available to the community — even though only the votes of people who had an account more than six months ago are going to be counted by the Foundation (as an effective Sybil-resistance technique).

As to your post, I agree with Tromer that it is excellent, and I agree with you that there are promising ideas under development for identity systems that are “open” in some sense and censorship-resistant, but I also think that identity is overrated. We can do a lot of things just using public keys/addresses and local names—in which case we don’t need global names—and we can avoid a lot of the collective action problems that your post is about by minimizing the need for collective action.

Not that I think you yourself are mistakenly overrating the need for collective action, and therefore the need for identity, but I think most people are.

Anyway, there is a collective decision process going on here and now which, despite the daunting theoretical impossibilities is going very well. :slight_smile: So go vote (in a non-binding signaling-only vote since you are too new to the forum to be automatically identified as a probable non-Sybil) if you want.

Oh, also you can vote in the coin-holders poll, which is also theoretically impossible to secure, but which I also expect is going to work fine in practice. :slight_smile:

1 Like

Random thought… (just throwing this out there for smarter minds than mine to play with)

How about combining signing an account/balance with a captcha?

Could a captcha validate you’re a ‘random human’ and not a ‘random human its already validated’, then produce a code to include in a signed message. Klunky, but interesting, depends on some central infrastructure run by someone so there’s that…


What is your definition of “collective action” here?

1 Like

That is interesting, perhaps could be tied to the device more safely but even then it’s different versions of the same issues, hmmm :thinking:

1 Like

Heres a thought on incentivizing minimum stake, the whats and hows idk its late im going to bed soon
The stake for a vote is
A. timelocked a long time
B. has a high liklihood of not being returned in its entirety
C. in jeopardy of being lost entirely
D. by the collective actions of the voting body and not just the individual voter

For example let’s say there’s a hundred voters and they all have to stake at least one zcash for 4 years in an address perhaps to defined in the protocol that no one person really controls ya know
Let’s say one of your fellow voters gets antsy and the best they can do is request a reduction in the time lock which also reduces the amount of stake returned to everybody in the end including yourself
It introduces accountability and commitment, if you’re serious about it then you’re serious about it and what’s the difference if you don’t get any of it back, however if you’re not then it really doesn’t make any sense at all to participate
( I don’t like the idea of this, it seems like a pay to vote thing but thinking about the future, outside the box :grimacing:)
Perhaps in the spirit of things each request for timelock reduction halves the pot
Without identity its almost gotta be like seriously play-for-keeps, its all so flawed!

Returning to the utility of zcash as a way and not just coins, I’ll say my suggestion: Create a website on which registration takes place through a wallet, with a certain number of coins per voice blocked for a specified period. Next, we make a vote either open or closed with its advantages and disadvantages, I am for closed and blocking coins by default. How to get rid of the situation when one user has several wallets and therefore he can vote several times, but no way, more votes, more coins in the block.Yes, whales can vote for so many users, but how to put it into practice is by no means very difficult, well, no one will create 100 copies of wallets for voting, it’s difficult just technically, so if the community has many members, this method will have a small general error, ideally this method can be implemented through a wallet, without registering on the site, but then it is difficult to convey information on the vote.