Perils of current DAO governance Aida Manzano Kharman1,3[0000−0002−5342−3037] and Ben Smyth2,3[0000−0001−5889−7541] 1 Imperial College London, UK 2 University of Birmingham, UK 3 VoteTech Ltd, UK amm3117@ic.ac.uk io@bensmyth.com Abstract. DAO Governance is currently broken. We survey the state of the art and find worrying conclusions. Vote buying, vote selling and coercion are easy. The wealthy rule, decentralisation is a myth. Hostile take-overs are incentivised. Ballot secrecy is non-existent or short lived, despite being a human right. Verifiablity is achieved at the expense of privacy.Theseprivacyconcernsarehighlightedwithcasestudyanalyses ofVocdoni’sgovernanceprotocol.Thisworkpresentstwocontributions: firstly a review of current DAO governance protocols, and secondly, an illustration of their vulnerabilities, showcasing the privacy and security threats these entail. Keywords: DecentralisedAutonomousOrganisations·Voting·Gover- nance · Distributed Ledgers · Blockchain · Privacy · Ballot Secrecy. 1 Introduction Welcome to Web3: The era of quick riches [39,9]. Everyone wants a slice, espe- cially since they realised they are the pie [48,25,3]. Gone are the days where the users provide value and the services reap the reward [49,11,41,62]. Users want a voiceandashareofthereward[51].Asaresult,anonlinerevolutionisunfolding. Web3’s paradigm shift is not new. For centuries collectives have organised to redistribute centralised power and create a democracy [61,14]. They sought control, a say in their future, lives and income. A DAO4 enables shared decision making amongst netizens [36]. Users actively control services in which they par- ticipate [52,10]. But do they? We uncover the truth: Wealthy minorities amass voting power, vote buying is legal, vote selling is incentivised, coercion is easy. We dig into the hows and the whys and illustrate these weaknesses with a case study on Vocdoni’s governance platform. 4 Decentralised Autonomous Organisations 4202 nuJ 21 ]YC.sc[ 1v50680.6042:viXra 2 Manzano Kharman and Smyth. 2 DAO Governance: Fact or Fiction? It’s 2016: DAOs are in their infancy, The DAO5 has garnered attention having raised $150 million of Ethereum tokens. Three months after launch, The DAO is hacked, a smart contract bug exploited, [20] $50 million siphoned off their funds [35]. The aftermath raising questions over blockchain philosophy and the technology’s future. Were funds obtained legally? ‘Code is law’ is regulation enforced by tech- nology [27]. It underpins the functioning of DAOs and blockchain. If software is exploitable,nolawisbroken.Victimslosttheirfundsunfairly.Ethereumfounder Vitalik Buterin proposed a soft-fork (a software update in the blockchain pro- posal) to right the ‘wrong’. The solution was promptly abandoned; it too con- tained a bug, making it vulnerable to further attacks. The tokens amassed by the attacker gave them enough legislative power to enact decisions in The DAO. The alleged attacker responded by threatening to bribe miners to not comply with the soft-fork. They argued no smart contract rules were broken when obtaining the funds. TheDAO’svalueexceededthecostofacquiringenoughvotestotakecontrol, incentivising ‘the heist.’ There is no need to break the laws established by the DAO to succeed. Fast-forward to 2018: History repeats, another DAO is victim to poor gov- ernance. This time no bug was exploited, the attacker simply acquired enough tokens, bought the vote, approved their own proposal. The coup drained nearly $500,000 tokens from the Build Finance DAO.6 The attacker covered their tracks using Tornado Cash, anonymising stolen funds. Token-based voting le- galises coups—anyone can legitimately buy their way to power. Incentive makes takeovers inevitable if the cost is cheaper than the reward. Democracies embrace one-person one vote. Acquiring multiple votes under- mines fairness, equality. Token-based voting is incompatible with equality and fairness.Tokensarenotaproxyforidentity,theirownershipiseasilytransferred. Wealth amasses tokens, buys legislative power, corrupts decision making [43]. A voting system that allows voters to buy more votes converges to plutocracy, the unwanted symptoms of centralisation, low representation of the electorate [8] and game theoretic incentives to attack the DAO [13]. Sidebar1: Public Votes and Vote Selling Game theory allows for a better understanding of vote selling. Wealthy agents buy voting power. When it comes to voting, small to mid-sized token holder’s votes are not as powerful. In an election, there is no incentive for them to vote againstthewealthyagents,becausetocastavoteon-chain,votersmustalsopay a transaction fee. Voter’s are economically incentivised to abstain [34]! Worse— 5 Confusingly, The DAO is the name of a DAO. 6 DAO Coup, Vice Perils of current DAO governance 3 voters are economically incentivised to sell their vote for financial reward. The latter is always a winning strategy. A terrifyingly simple proposition: Rationale vote buyers can confirm their purchases. Votes are typically revealed during or after an election, compliance can be verified. Secondly, the ownership transfer of a vote is remarkably easy. The voting ability and power is linked strictly to tokens, not to an identity. Crypto-currencies enable fast and simple transfer of said tokens. Vote-buying cartelscanemerge:Fromsimplesmartcontractstopayoutvotersautomatically upon proving compliance, to cartels buying trusted hardware executing vote buying code[7]. Particularly, the latter is an attack vector that is essentially undetectable [22]. Theinsightsgatheredin[38]confirmtheincentivetoabstain,thedangersof publicvotingandthecentralisationofpower.DAOgovernancewasstudiedwith afocusonDashDAOasacasestudy.Researchersaccessedthevotinghistoryof DashDAO’smasternodes,giventhatthesearepublic.Worryingly,IPidentifiers, software version and wallet addresses were public too. Voting patterns of 4987 masternodes who participated in voting across 577 proposals were analysed. Researchersfoundthat:‘Somemasternodesarenotonlyabstainingfromvoting, buthavedisengagedfromthevotingprocesscompletely.’[38].Theyalsofounda numberofvoterswithalmostidenticalIPPorts,stronglyindicatingthattheyare mounting sybil attacks to gain voting power. Further to this, they analysed the votingpatternsoftheDAOparticipants.Resultsshowthattherearesmall-sized, denseclustersofmasternodeswithidenticalvotingpatterns.Althoughsmallerin numbercomparedtotherestofvoters,iftheseminorityclustersweretocollude, ‘theywouldhavemorevotingpowerthantheentiredecentralisedmajority’[38]. Vote buying, public votes and paying to vote are the harsh reality of DAO governance.Theconsequences:lowturnout,centralisation,preclusionoffreewill, coups and coercion. A preliminary study found less than 1% of token holders control 90% of the vote [15].7 Are DAOs decentralised when controlled by a wealthy minority? Clearly not—the wealthy do not represent the masses. 3 My Vote: My Business Historically, “Americans [voted] with their voices – viva voce – or with their hands or with their feet. Yea or nay. Raise your hand. All in favor of Jones, stand on this side of the town common; if you support Smith, line up over there" [32]. Everyone present could verify that only voters voted and that the count was correct. But free will must be ensured, as dictated by the United Nations [58], the Organisation for Security & Cooperation in Europe [45], and the Organization of American States [46]. Yet public votes forgo freedom, “The unfortunate voter is in the power of some opulent man; the opulent man in- forms him how he must vote. Conscience, virtue, moral obligation, religion, all 7 Chainalysis only studied ten DAOs, further study would establish general trends. 4 Manzano Kharman and Smyth. cry to him, that he ought to consult his own judgement, and faithfully follow its dictates. The consequences of pleasing, or offending the opulent man, stare him in the face...the moral obligation is disregarded, a faithless, ..., pernicious vote is given” [56]. The need for voting privately became evident. In-person vot- ing ensures this by providing identical ballots that are completed in a private booth, a concept first introduced successfully in Australian voting in 1856 [42]. Sidebar2: Ballot Secrecy in e-voting In e-voting, the concept of secret ballots emerged parallel to the development of such voting schemes, originating with David Chaum’s first proposal of an end- to-endverifiablevotingschemein1981.Init,voter’sballotswereprivate,andall participantscouldcheckthatthetallyingoperationwascorrectlyperformed[18]. Forgoing ballot secrecy is to regress centuries of progress, violate human rights and returning coercion and inequality as norms. With that in mind, we warn: DAOs are in dire straits... 4 DAO Voting: Survival of the Richest DAO members vote remotely, online. One of the methods is on-chain voting, wherethepublicnatureofdistributedledgersisleveraged,usingthemasashared andverifiabledatabase.Proposalsareencodedintosmartcontractsandsubmit- ted to the ledger as a transaction. A vote in favour or against new proposals is cast as a transaction on the ledger. Winning proposals are automatically exe- cuted. Votes, proposals and election outcomes are all publicly verifiable [40,31]. On-chainvotingmakeselectionsoutcomesbinding,withoutrelyingonatrusted intermediary or a board to implement results. Guarantees of immutability are provided by the ledger: Once the results are announced, these cannot be tam- pered with. Mounting an attack to re-write the blocks requires practically in- feasible computational power. On-chain governance uses distributed ledgers as a public (or permissioned, depending on the protocol) bulletin board. Despite its desirable properties, it has been subject to criticism [30,55]. Its detractors argue that blockchain voting not only fails to mitigate security risks present in e-voting, but also introduces additional risks [47]. We agree. Worryingly,thevastmajorityofon-chain,smartcontractvotesdonotsatisfy ballotsecrecy.Atworst,votesarerevealedascast,andatbest,thesearepublicly decrypted after the voting period ends. Values of a token can be artificially inflated or devalued, ‘pump and dumps’ become simple. Whales (entities or individuals with large amounts of tokens) can manipulate the value of a token with their behaviour. They can express intention with public votes, swaying token values to their favour. Just before the election closes, they change their intention, make a profit and cash out. Perils of current DAO governance 5 Informationonhowawalletaddressvoted,when,andhowmanytokensthey staked to that vote is available for anyone in the ledger to see. Wallet addresses arepseudonymous,notanonymous[5],anditispossibletolinkwalletaddresses to individuals from information such as their transaction history [12]. Tornado Cash hides this, but has also been maliciously used to launder millions—the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) re- centlysanctionedthecrypto-currencymixer8 andthedeveloperswerearrested.9 On-chain transaction fees means voters pay to vote. Fees soar unpredictably, unfairly discriminating between voters. They can be victims of miners refusing to cast their votes, and only the wealthiest will survive the financial hurdles. Payingtovoteorincreasingtheweightoftheirvoteproportionaltotheirwealth discriminates against those who cannot do so from the decision making process. What if a coup happens? Forking the chain brings little solace: election records can be reverted, actual events cannot, history cannot be changed; assets may have already been cashed out. 4.1 Off-Chain Voting and Hybrid Alternatives Alternatives exist that don’t use blockchain to cast votes. The most popular example is Snapshot, which many DAOs use solely or in combination with on- chain voting to enable governance. Snapshot is decentralised, using IPFS as its main storage layer [28]. It offers the advantage of no fees to cast a vote whilst still being decentralised thanks to their storage system. The election outcome however, is not automatically binding. It has to be bought on-chain. Because of this, Snapshot is often used for polling. AragonDAO, Uniswap and MakerDAO are examples of DAOs using a hybrid governance solution [21,2,33]. 5 A New Hope? Despite the dire situation of DAO governance, we observe that a shy but steady shift is occurring in the space. A number of projects are emerging to address some of the aforementioned issues, although they are still in their infancy. SnapshotispairingwithOrangeProtocoltodevelopareputationbasedvot- ingmechanism[44].Respondingtoinequality,communitiessuchasAlgorand[4] and Dream DAO [24] are transitioning towards a merit based voting system to activelyencourageparticipationanddevelopmentofthenetwork,anddistribute voting power amongst the developers, not the wealthy. Moving away from vote purchasing governance models is necessary to avoid plutocracies and centralisa- tion and ‘legal’ fund siphoning. To address ballot secrecy, VoteCoin presents an on-chain voting solution of- feringencryptedballotsduringtheelectionprocess[50].Snapshotarealsodevel- oping a similar feature, offering ‘shielded voting’ whereby votes are private only until the end of the election.10 Privacy in this case, is short lived. A number 8 Tornado Cash Sanctioned, CNBC 9 Torndado Cash Developers Arrested, The Hacker News 10 Snapshot shielded voting 6 Manzano Kharman and Smyth. of issues remain: verifiability is achieved at the expense of privacy by naively decryptingvotespublicly.Anoptionexiststoallowanauditortodecryptvotes, but this introduces a trust assumption of honesty of the auditor. VoteCoin also requires voters to pay to cast their ballot. A promising on-chain voting pro- tocol is MACI [?]. In it, voters encrypt their votes and a trusted coordinator is tasked with decrypting the ballots and returning an election outcome. This scheme introduces a strong trust assumption: the coordinator must indeed be trustworthy, as they have the power to decrypt individual ballots and therefore know how each voter voted. This protocol does not satisfy formal notions of ballot secrecy as defined in [54]. Another relevant case study is Aragon DAO’s new governance solution: Vocdoni. They provide an on-chain voting solution that uses two blockchains: the Ethereum blockchain for the election process cre- ation or status update, and the Vochain blockchain (Vochain), where votes are cast [60]. Vochain uses the Proof of Authority Tendermint blockchain, so only trusted nodes can relay transactions. Due to the use of two blockchains, there is a need for an oracle to relay information from the Ethereum blockchain to Vochain, to signal new voting processes. At time of writing, the oracle nodes are run as trusted nodes, however, Vocdoni proposes a roadmap to substitute them with Zero-Knowledge Rollups11 to allegedly make them trustless. Accord- ingtoVocdoni’sdocumentation:“Onesolutiontothisproblemistomakeuseof Zero-Knowledge Rollups as a vote aggregation and mixing mechanism between voters and the blockchain. This would make it impossible for any third party to verifythatavoterchoseaspecificoption” [60].Thisclaimisincorrect.Asshown in Figure 1, the node computing the Zero-Knowledge Rollup receives the vote unencrypted, so they must be a trusted node. If this is not the case, the node computing the Zero-Knowledge Rollup can very easily reveal how a user voted. While the voter ID remains private, the prover computing the Zero-Knowledge Rollupwillstillknowhowavotervoted,giventhatitisthemwhosendthevote totheproverinthefirstplace.Eveniftheidentitythatavoterprovidesisawal- let address, these are pseudonymous. Indeed, the only obfuscated information is the ID of the voter within the census. Instead, the voter sends a zero-knowledge proof12 of inclusion demonstrating that their ID belongs to the set of accepted voters. To understand the implications of this, we illustrate a parallel example for the reader: On the day of voting, anyone wishing to vote must cast their vote publicly, but what is hidden is their ID card, replaced instead by a proof that you hold a valid ID card and thus should be allowed to vote. Nonetheless, the votermusthandtheirpublicvotestotheadministrators,whocaneasilyseehow they voted, and could identify them, because indeed you were the one to hand them your vote. This implies that first, a great deal of trust must be placed 11 A Zero-Knowledge Rollup is a proof system used to compress a number of trans- actions into a batch, with cryptographic assurance that these are correct. A more detailed overview is presented in [6]. 12 Azero-knowledgeproofisawaytoprovethatsomeoneknowsapieceofinformation without having to reveal it [26] Perils of current DAO governance 7 Fig.1. Vocdoni’s Zero Knowledge Rollup Proposal. Source: Vocdoni 8 Manzano Kharman and Smyth. on the administrators to not reveal your vote to malicious agents, and second, that no one else except the administrators will be able to observe your ballot as you cast it. Vocdoni addresses the second assumption by mentioning that a private transport channel would be used to send the votes to the prover. This assumption introduces a weaker notion of security, and the fact that the votes remain public in this channel means that this system cannot provide notions of ballotsecrecywhereintheadversaryisassumedtohavethepowerofintercepting ballotsduringtheircollection.Wewouldliketohighlightthatballotsecrecydoes notequatetopublicvoteswithanonymousidentities.Furthermore,theidentities are not anonymous in Vocdoni, they are at best pseudonymous to the Zero- Knowledge Rollup prover, if the private transport channel is not compromised, and even making this assumption, voters would not be equal: later voters have more information with public votes. This is because Vocdoni does not support encrypted ballots with anonymous voting. We outline another vulnerability related to the ‘self-sovereign’ identity man- agement of Vocdoni. In their protocol every user creates their own key pair [60]. What is preventing users from selling their private key? In the anonymous vot- ing, what is being hidden is the identity of the voter, and not their vote, so giving the voter the ability to generate their own identity would be parallel to allowing voters to create their own ID cards at an election. Instead of selling their vote, voters can sell their proof of census inclusion, that is directly gen- erated from their identity. In fact, anyone can verify if this proof is invalid, so maliciousagentsattemptingtocoercevoterscouldeasilycheckiftheyarebeing deceived. Similar to the Dark DAO vote buying cartels outlined by [22], iden- tity buying cartels could emerge operating in the same manner. Indeed, black markets selling various types of identities already exist [59,19]. Vocdoni does provide the option of having encrypted votes, but the voter identity remains known. They do not currently support both anonymous and encrypted voting at the same time. Similar to VoteCoin and Snapshot’s pro- posals, verifiability is once again achieved at the cost of privacy by publicly decrypting the results. With Vocdoni’s anonymous voting, the ballots are pub- lic, as shown in Figure 2. We again reiterate that anonymous voting with public votes does not achieve Ballot Secrecy. We summarise the state-of-the-art solutions in Table 1. The most used solu- tion is on-chain smart contracts. It is a convenient option thanks to the existing integration platforms such as Tally and Boardroom providing a user-friendly platform to castvotes, tallythem and summarise election outcomes. No options provide long term Ballot Secrecy. Voter’s identities are rarely kept private and verifiability comes at the expense of privacy in most. 6 Conclusion Since their birth in 2016, the emergence of DAOs has only but increased. This increase does not show any signs of slowing down. According to the data pro- vided by DeepDAO [23], where in 2018 there were 10 DAOs, by 2020 there were Perils of current DAO governance 9 Fig.2. Vocdoni’s Anonymous Voting Schema. Source: Vocdoni Table 1. Current DAO governance solutions. Voting Solution Ballot SecrecyPrivate VoterNaive Verifiability Fee to cast satisfied? ID? Vote? Snapshot No No Yes No Vocdoni No Sometimes Yes Yes VoteCoin Temporarily No Yes Yes On-chain votes No No Yes Yes MACI No Yes No Yes 10 Manzano Kharman and Smyth. approximately 200 [57]. The influence and assets that DAOs hold has also in- creased. In 2021, the total Assets Under Management held by DAOs was $520.7 million. Currently it has exploded to $29.5 billion as of January 2024 [23]. Of particular importance is the value that these DAOs hold in their treasuries, which according to [53] had allegedly skyrocketed in 2021, from $400 million to $16 billion. Likewise, the number of DAO participants increased by 130 times from 13,000 to 1.6 million. We are witnessing a paradigm shift. With this explosion, a number of DAO projects have catastrophically crashed [37]. Hacks, scams, pump and dumps are rife [17]. The amount of value that has irreparably been lost as a consequence is humbling. We call for DAO practitioners to understand the risk that poor governance models entail. These are responsible for a number of DAO crashes. Flawed models put a target on the treasuries of vulnerable DAOs. Rationale actors will follow incentives: if the incentive to heist exists, DAOs cannot rely onthemoralvirtuousnessofactors.Especiallyifmanyoftheseprojectspurport the narrative that ‘code is law’. The instances wherein an attacker acquires sufficient voting power to siphon treasury funds are not anecdotal13, 14, 15. Mounting these heists are enabled by two core components, aside from poor governance models: flash loans and cryp- tocurrency mixers. Flash loans are defined as: ‘loans written in smart contracts that enable participants to quickly borrow funds without the need for collateral. These loans must be repaid in full within the same transaction, or else the en- tire transaction, including the loan itself, will be reversed.’ [16]. In the case of the Beanstalk DAO hack, the attacker emptied the DAO treasury using a flash loan, completing their attack in 13 seconds. They made an $80 million profit. Subsequently,theyanonymisedthetaintedtransactionsusingTornadoCash,an infamous cryptocurrency mixer. Funds were irreparably lost. Although as men- tioned earlier, Tornado Cash has been sanctioned by the OFAC, this does not bodetheendforallcrypto-currencymixers.Indeed,oneofthearchitectsofTor- nado Cash is already working on an alternative: Privacy Pools [29]. Flash loans are enabled by many platforms, examples include Aave [1], and will continue to exist. The same can be said about crypto-currency mixers. Their underlying technology is open source. To prevent heist attacks, DAOs must ensure that their governance system is not exploitable. Asidefromtheincentivetowardoffhostiletake-overs,goodgovernancemust be forefront in DAO agendas for the following reasons: 1. It ensures the ‘Decentralised’ adjective in the DAOs name actually holds true. 2. It lays the cornerstone to have a flexible, democratic and updateable organ- isation. 13 Build DAO’s hostile governance takeover attack, Feb 2022 14 Beanstalkcryptocurrencyprojectrobbedafterhackervotestosendthemselves$182 million 15 Sanctioned Tornado Cash DAO governance heisted by hacker Perils of current DAO governance 11 3. Itprovidesprovablesecurityproperties:withtrulyprivatevotes,votebuying is prevented. Decisions are fair and free. DAOs failing to provide these properties run the inevitable risk that sooner or later, an individual will follow incentives and empty their funds. Is that the fate DAOs are willing to accept? Acknowledgements AidaManzanoKharmanacknowledgesandthanksIOTA Foundation for the funding of her PhD studies. References 1. AAVE: AAVE Documentation (2023), https://docs.aave.com/faq/ 2. Adams,H.,Zinsmeister,N.,Salem,M.,Keefer,R.,Robinson,D.:Uniswapv3core. Tech. rep., Uniswap, Tech. Rep. (2021) 3. Al-Khouri,A.M.,etal.:Dataownership:whoowns“mydata”.InternationalJournal of Management & Information Technology 2(1), 1–8 (2012) 4. Algorand Foundation: Update on next governance voting session (2022), https: //www.algorand.foundation/news/governance-voting-update-g3 5. Androulaki,E.,Karame,G.O.,Roeschlin,M.,Scherer,T.,Capkun,S.:Evaluating userprivacyinbitcoin.In:Internationalconferenceonfinancialcryptographyand data security. pp. 34–51. Springer (2013) 6. Augot, D., Bordage, S., El Housni, Y., Fedak, G., Simonet, A.: Zero-knowledge: trust and privacy on an industrial scale (2022) 7. Austgen, J., Fábrega, A., Allen, S., Babel, K., Kelkar, M., Juels, A.: Dao decentralization: Voting-bloc entropy, bribery, and dark daos. arXiv preprint arXiv:2311.03530 (2023) 8. Barbereau, T., Smethurst, R., Papageorgiou, O., Sedlmeir, J., Fridgen, G.: De- centralised Finance’s Unregulated Governance: Minority Rule in the Digital Wild West. Available at SSRN (2022) 9. Belk, R., Humayun, M., Brouard, M.: Money, possessions, and ownership in the Metaverse: NFTs, cryptocurrencies, Web3 and Wild Markets. Jour- nal of Business Research 153, 198–205 (2022). https://doi.org/https://doi.org/ 10.1016/j.jbusres.2022.08.031,https://www.sciencedirect.com/science/article/pii/ S0148296322007147 10. Bellavitis, C., Fisch, C., Momtaz, P.P.: The rise of decentralized autonomous or- ganizations (DAOs): a first empirical glimpse. Available at SSRN (2022) 11. Berghel, H.: Malice domestic: The Cambridge Analytica dystopia. Computer 51(05), 84–89 (2018) 12. Biryukov, A., Pustogarov, I.: Bitcoin over Tor isn’t a good idea. In: 2015 IEEE Symposium on Security and Privacy. pp. 122–134. IEEE (2015) 13. Buterin, V.: Notes on Blockchain Governance (2017), https://vitalik.ca/general/ 2017/12/17/voting.html 14. Carlyle, T.: The French Revolution. Oxford University Press (2019) 15. Chainalysis:TheChainalysisStateofWeb3Report(2022),https://go.chainalysis. com/rs/503-FAP-074/images/state-of-web3.pdf 16. Chainalysis: $197 Million Stolen: Euler Finance Flash Loan Attack Explained (2023), https://www.chainalysis.com/blog/euler-finance-flash-loan-attack/ 12 Manzano Kharman and Smyth. 17. Chainalysis: The 2023 Crypto Crime Report (2023) 18. Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–90 (1981) 19. Collins, K.: Here’s what your stolen identity goes for on the internet’s black market. Quartz (2015), https://qz.com/460482/ heres-what-your-stolen-identity-goes-for-on-the-internets-black-market/ 20. Cryptopedia: What Was The DAO? Gemini (2021), https://www.gemini.com/ cryptopedia/the-dao-hack-makerdao 21. Cuende, L., Izquierdo, J.: Aragon Network A Decentralized Infrastructure for Value Exchange (2017), https://cryptorating.eu/whitepapers/Aragon/Aragon% 20Whitepaper.pdf 22. Daian,P.,Kell,T.,Miers,I.,Juels,A.:On-chainvotebuyingandtheriseofDark DAOs. Hacking, Distributed (2018) 23. DeepDAO: DAO Organizations (2023), https://deepdao.io/organizations 24. DreamDAO: The Dream DAO Merit System (2022), https://cucrew.notion.site/ Civics-Unplugged-s-Dream-DAO-A-Deeper-Dive-5142d24477064342b71267242f15749b? p=d0625913c50d442b83c182ded4c94e24&pm=s 25. Gilder, G.: Life after Google: The fall of big data and the rise of the blockchain economy. Simon and Schuster (2018) 26. Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof sys- tems. Journal of Cryptology 7(1), 1–32 (1994) 27. Hassan, S., De Filippi, P.: The expansion of algorithmic governance: from code is law to law is code. Field Actions Science Reports. The journal of field actions (Special Issue 17), 88–90 (2017) 28. IPFS: Snapshot IPFS Documentation (2022), https://docs.ipfs.tech/concepts/ case-study-snapshot/#the-story 29. Khalili, J.: $197 Million Stolen: Euler Finance Flash Loan Attack Explained (2023), https://www.wired.co.uk/article/ new-crypto-mixer-tornado-cash-without-the-crime 30. Kshetri, N., Voas, J.: Blockchain-Enabled E-voting. IEEE Software 35(4), 95–99 (2018). https://doi.org/10.1109/MS.2018.2801546 31. Lee,K.,James,J.I.,Ejeta,T.G.,Kim,H.J.:Electronicvotingserviceusingblock- chain. Journal of Digital Forensics, Security and Law 11(2), 8 (2016) 32. Lepore, J.: Rock, Paper, Scissors: How we used to vote. The New Yorker (2008) 33. MakerTeam:TheMakerProtocol:MakerDAO’sMulti-CollateralDai(MCD)Sys- tem (2017), https://makerdao.com/en/whitepaper 34. Mark, D., Zamfir, V., Sirer, E.G.: A Call for a Temporary Moratorium on the DAO. Hacking, Distributed (2016) 35. Mehar, M.I., Shier, C.L., Giambattista, A., Gong, E., Fletcher, G., Sanayhie, R., Kim,H.M.,Laskowski,M.:Understandingarevolutionaryandflawedgrandexper- imentinblockchain:theDAOattack.JournalofCasesonInformationTechnology (JCIT) 21(1), 19–32 (2019) 36. Merkle, R.: DAOs, democracy and governance. Cryonics Magazine 37(4), 28–40 (2016) 37. Morrison, R., Mazey, N.C., Wingreen, S.C.: The dao controversy: the case for a new species of corporate governance? Frontiers in Blockchain 3, 25 (2020) 38. Mosley, L., Pham, H., Guo, X., Bansal, Y., Hare, E., Antony, N.: Towards a sys- tematic understanding of blockchain governance in proposal voting: A Dash case study. Blockchain: Research and Applications p. 100085 (2022) 39. Murray,J.A.:Sellyourcardstowho:Non-fungibletokensanddigitaltradingcard games. AoIR Selected Papers of Internet Research (2021)

Perils of current DAO governance 13 40. Muth, R., Tschorsch, F.: Empirical analysis of on-chain voting with smart con- tracts.In:InternationalConferenceonFinancialCryptographyandDataSecurity. pp. 397–412. Springer (2021) 41. Nabben, K.: Decentralised Autonomous Organisations (DAOs) as Data Trusts: A general-purpose data governance framework for decentralised data ownership, storage, and utilisation. Available at SSRN (2021) 42. Newman, T.: Tasmania and the secret ballot. Australian Journal of Politics & History 49(1), 93–101 (2003) 43. Ongweso, E.J.: Democratic DAO Suffers Coup, New Leader Steals Everything. Vice (2022), https://www.vice.com/en/article/xgd5wq/ democratic-dao-suffers-coup-new-leader-steals-everything 44. Orange: Orange Protocol Documentation (2022), https://docs.orangeprotocol.io/ overview 45. Organization for Security and Cooperation in Europe: Document of the Copen- hagen Meeting of the Conference on the Human Dimension of the CSCE (1990), https://www.osce.org/files/f/documents/9/c/14304.pdf 46. OrganizationofAmericanStates:Americanconventiononhumanrights,"Pactof San Jose", Costa Rica (1969), https://www.refworld.org/docid/3ae6b36510.html 47. Park, S., Specter, M., Narula, N., Rivest, R.L.: Going from bad to worse: from internetvotingtoblockchainvoting.JournalofCybersecurity7(1),tyaa025(2021) 48. Potts,J.,Rennie,E.:Web3andthecreativeindustries:Howblockchainsarereshap- ing business models. In: A Research Agenda for Creative Industries, pp. 93–111. Edward Elgar Publishing (2019) 49. Schneble, C.O., Elger, B.S., Shaw, D.M.: Google’s Project Nightingale highlights the necessity of data science ethics review. EMBO molecular medicine 12(3), e12053 (2020) 50. Scholtz, L.: VoteCoin (2022), https://www.vote-coin.com 51. Serada, A., Grym, J., Sihvonen, T.: The Economy of Attention on Blockchain in the Brave Browser. In: Futures of Journalism, pp. 49–62. Springer (2022) 52. Sims, A.: Blockchain and decentralised autonomous organisations (DAOs): the evolution of companies? (2019) 53. Slavin, A., Werbach, K.: Decentralized autonomous organizations: Beyond the hype. In: World Eco-nomic Forum (2022) 54. Smyth,B.:Ballotsecrecy:Securitydefinition,sufficientconditions,andanalysisof Helios. Journal of Computer Security (Preprint), 1–61 (2021) 55. Taş, R., Tanrıöver, Ö.Ö.: A systematic review of challenges and opportunities of blockchain for E-voting. Symmetry 12(8), 1328 (2020) 56. Thompson, T.P.: An abridgement of the article on the ballot which appeared in theWestminsterReview,No.XXV,forJuly,1830,earnestlyrecommendedtothe serious consideration of every elector in the United Kingdom. At the office of the National Political Union (1832), https://jstor.org/stable/60209037 57. Toppin, J.: DAOs Aren’t A Fad — They’re A Platform (2022), https://www. forbes.com/sites/jeffkauflin/2022/02/03/daos-arent-a-fad-theyre-a-platform/ 58. UNGeneralAssembly:Universaldeclarationofhumanrights.UNGeneralAssem- bly 302(2), 14–25 (1948) 59. US Department of Justice: SSNDOB Marketplace, A Series Of Websites That Listed More Than 20 Million Social Se- curity Numbers For Sale, Seized And Dismantled In Interna- tional Operation (2022), https://www.justice.gov/usao-mdfl/pr/ ssndob-marketplace-series-websites-listed-more-20-million-social-security-numbers-sale 14 Manzano Kharman and Smyth. 60. Vocdoni: Vocdoni Documentation (2021), https://docs.vocdoni.io/architecture/ general.html 61. Wade, R.A.: The Russian Revolution, 1917, vol. 53. Cambridge University Press (2017) 62. Wilhelm, A.: Datacy raises $2.4m to help consumers monetize their own damn data. Tech Crunch (2021), https://techcrunch.com/2021/05/26/ datacy-raises-2-4m-to-help-consumers-monetize-their-own-damn-data/