Staked Poll on Zcash Dev Fund Debate

Some of the above calls for the impossible, so let’s recognize inherent constraints.

Your voting/polling scheme can be coin-weighted, permissionless, or whale-resistant: choose two.

(Here, “whale” means someone who holds a very large amounts of coins, or assets they are willing to covert to coins. “Coin-weighted” may be by coin holding at a given time, or over a given duration, weighted by amount and holding period. “Permissionless” means participation is not subject to someone’s approval. The trilemma doesn’t seem to depend on the nuances.)

  • You can’t achieve all three, because if it’s coin-weighted and permissionless, then it cannot be whale-resistant, i.e., whales’ voting power cannot be capped to any less than their proportional coin weight. This is due to possibility of Sybil attacks: whatever is supposed to be done by a thousand small coin holders, a whale with the same total amount of coins can technically do the same thing by splitting its coins across a thousand wallets. The observable effects are indistinguishable.

But you can achieve any two:

  • Whale-resistant (but not permissionless): do a permissioned poll tied to people’s persistent identities, such as legal names or reputable forum accounts. Then you can make it one-person-one-vote, or coin-weighted-but-capped (in which case you need to use a proper cryptographic scheme to avoid linking weights to identities).

  • Coin-weighted and permissionless (but not whale-resistant): can be achieved in a privacy-preserving way by simple variants of the Zerocash or Zcash protocols (may require a network upgrade). Also, approximated by the protocol in this thread, with some privacy caveats.

  • Anonymous and whale-resistant (but not coin-weighted): do a permissionless straw-poll where anyone can cast unlimited votes.

So please find a loophole, or choose two.

(See also my general objections to coin-holding-time-weighted voting.)

7 Likes