Why a DAO for Berty? (Part I)
- The Berty protocol will never depend on a Blockchain.
- We plan to set up a DAO to secure governance of its development team.
Berty’s mission is to create a protocol and applications enabling secure p2p communication between people. More simply put, it means that Berty’s applications will protect confidential conversations between individuals, including in adverse political situations that might compromise the security or the availability of the internet itself.
The provision of such tools contravenes the interests and policies of entities wishing to control communication between people for any reason: to fight against crime and terrorism, to control or eradicate political opposition, a policy of mass surveillance, monetization of personal data, etc.
Consequently, it is to be expected that some of these entities will attempt to destroy, censor, or take control of the tools offered by Berty. Recent examples include the removal by Github of the Democratic Tsunami application, following the request of the Spanish government, and Uniswap blocking a dozen countries’ ability to access its application as a result of pressure from the US government.
As open-source code, the protocol itself and the applications provide a base level of resilience, since anyone can check the code and fork it. But effective protection must extend not only to the code but to the means of producing and disseminating it, as well as to the key people who make it available to the public.
Enter DAOs. DAO stands for “Decentralized Autonomous Organization”, a new instrument for coordinating collective actions that is based on blockchain technology. We believe that a DAO might help us to protect Berty as a project and as a team. Let’s see how.
What Is a DAO?
But first, we need to clarify what we mean by DAO. The term has been used a lot since the launch and quick demise of a project called “The DAO”, in 2016. The DAO was a decentralized investment fund powered by code running on the Ethereum blockchain. “Powered by code” means that the custody of the funds (in crypto-currency), as well all the operations related to the funds such as the issuance of The DAO’s ownership title (DAO tokens), the process of funding projects, or the withdrawal of one’s investment was handed over to a special form of software called “smart contract”.
The DAO was deemed “unstoppable”, in the sense that once deployed on the Ethereum public blockchain, nobody could turn it off nor change the way it was working. Unfortunately, an attacker used a flaw in the smart contract code to drain a large part of the $160 million raised by The DAO. This event brought about the end of The DAO as a project, but the idea of coordinating people and funds through code kept inspiring many people in the Ethereum community and beyond.
DAOs are autonomous in the sense that their code runs on a public blockchain that can hardly be turned off or tampered with by anyone, not even a cloud infrastructure provider nor a state actor. This remarkable level of security results from the fact that a public blockchain like Bitcoin or Ethereum is run by thousands of independent parties, that rely on cryptographic proofs to establish a consensus on the state of information, rather than on any social protocol.
DAOs run on a decentralized infrastructure called a public blockchain. But DAOs are also themselves decentralized in a way that is different from the infrastructure layer. For instance, in the case of The DAO, the power to decide which project the fund should invest in was shared among the investors, in proportion to the amount they invested in the fund themselves. Subsequent DAO funds, like Moloch or MetaCartel applied the same logic in order to distribute voting power to a large group of participants.
It is not always a good thing to have a large number of people involved in decisions, especially when there are a lot of complex decisions to make. This is why traditional organizations use hierarchies and mandate experts. Over the years, DAOs became more sophisticated in order to balance efficiency and decentralization, using a combination of technical, economic, and social innovations.
For instance, using tools like Colony, DAOstack, or SourceCred, some DAOs assign a quantifiable reputation to people who contribute their work or their ideas to the organization, so that they also get a voice in the system in proportion to their expertise. Others – like PocketDAO or MelonDAO – use political structures akin to the ones used in modern democracies, in order to keep named representatives under the strict control of the rules decided by the network as a whole.
Software has become a key factor in productivity for firms and administrations, which wouldn’t be able to function without the communication, collaboration, and data processing capabilities that it provides. Similarly, blockchain-based software may give a significant boost to organizations that are inherently averse to hierarchies: ecosystems, federations, consortiums, and collectives.
How DAOs Can Help Software Projects?
One particular type of such a loosely coordinated organization is open source communities, especially the ones in which the code is developed over the Internet where anyone can view it. While a benevolent dictator might play an instrumental role in the success of an open-source project, there are checks and balances – ultimately, the ability to fork. The actual success of a project is proportional to the activity of the underlying community of contributors, who are not necessarily subordinated to the project leaders in the traditional way of employees following the directions of their employer.
Up to the advent of blockchains and DAOs, the main guarantee against capture was the ability to fork, powered by a legal apparatus of free and open-source licenses. This is the keystone of any open source community, protection made out of transparency and free access, powered by the law.
But while open source licenses protect the code itself, there’s more to expect from technologies and governance mechanisms. The community creating and maintaining a project also needs to be nurtured and protected. The individuals contributing to a project have to feel confident about the fact that their contributions will be recognized, valued, (financially) rewarded, and that their person is protected (which might imply some level of anonymity).
Up to now, the use of blockchain for open source projects has been mostly focused on fundraising and treasury management. Tokens can be used to crowdfund a project, for instance, as exemplified by the initial Ethereum token sale. Task allocation apps running on blockchains, like Gitcoin, Aragon Open Enterprise or Colony, are being used to reward contributors wherever they are. DAOs introduced collective decision-making mechanisms to allocate budgets, grants, or shares of a project.
In other words, DAOs can help open source projects to raise funds, manage them in a responsible and fair manner under the scrutiny and the control of each community member, and attract contributors with open boards and tangible rewards.
But what about the other side of DAOs, the autonomous dimension? Is it valuable to run decisions and fund management on an infrastructure impervious to censorship and malevolent attacks? In other words, can DAOs provide security to a community? Bitcoin might give us some clues.
The Bitcoin Case
Bitcoin itself has often been compared to a DAO. It might be seen as a “proto-DAO”, an earlier form of what we call a DAO today. There is no voting mechanism, no formalized nor coded process to make decisions on matters that are of interest to the Bitcoin network. The network offers no other coordination instruments besides the Bitcoin software itself, used by its nodes to establish a consensus on each new block.
Hence, when there is a disagreement between members about the evolution of the network, the only way to have a voice is to run a node and to decide which version of the Bitcoin protocol to run. When an extreme tension cannot be resolved, then the network may fork, with a portion of the nodes running a protocol version that was rejected by the others. Other public blockchains, such as Tezos, have thus introduced voting mechanisms in order to reduce the risk of a fork and to shift the power over the network to the token holders.
Even without a formal governance system, Bitcoin is a DAO in the sense that it is decentralized and autonomous. After more than 10 years in production and with over $150 billion valuation, the security model of the Bitcoin network has proven to be resistant to any possible attack. Since there is no centralized instance controlling it, there is no single point of failure that can be leveraged.
The very purpose of decentralization for Bitcoin is to ensure that no one has the power to censor or tamper with transactions. This can only be achieved by making it impossible or immensely difficult for an attacker to alter the state of the information stored in the blockchain. One would have to gather as many computing resources as all of the rest of the network participants (51% attack). Should one manage to dominate the network and effectively control what goes into the blockchain, then other members would always have the ability to fork and create an alternative network, thus ruining the costly efforts of the attacker.
The beauty of the security model of Bitcoin is that everything is in the open. Instead of relying on secrecy and tight control over a select number of authorized people, the code of the Bitcoin software is public, all the transactions in bitcoins are viewable on the Bitcoin blockchain, and anyone can participate in the network without asking permission.
While cryptography plays an essential role in Bitcoin security, it is a means towards the goal of security by transparency and open participation. The security of the system as a whole is based on the ability offered to anyone to review the software, to check the validity of the transaction history, and to participate by running a node.
One could argue that as the mother of all crypto-networks, Bitcoin displays some aspects of guerilla warfare, an asymmetric form of warfare between opponents of unequal strength. States and large corporations are centrally controlled, heavily armored, and weaponized entities. Crypto-networks seem liquid in comparison. There is no “head” that can be cut in order to stop their ability to run. The power of the network relies on a multitude of loosely coupled agents, coordinated through distributed software.
What better way to protect a project like Berty?
A DAO for Berty
Should the Berty project have to face direct or indirect attacks from state actors in the future, we believe that it would be better protected by relying on decentralization and transparency, rather than hiding and secrecy.
As a non-profit, open-source project, our goal has always been to create a public good. Berty is rent-free, accessible by any individual, and forkable by any developer. It’s nothing but logical to hand over the control of the public good to the community, once it has been released.
We are seeing DAOs as an additional instrument to that end. As mentioned above with respect to open-source projects, a DAO might contribute to the sustainability of the Berty project through transparent crowdfunding and rewards. But our main interest is to leverage a DAO as a defense mechanism. The idea is to deter attempts to harm core developers by making it obvious that any incapacitation of a developer – or even of a whole team of developers – would have little to no effect on the availability of Berty applications.
Like the Hydra of Lerna, which regrows two heads each time one is chopped off, a Berty DAO might enable new developers to be vetted and selected as core devs, authorized to build and publish official updates of our protocol and apps. The release process is indeed the most sensitive set of operations since it bridges the gap between open-source collaboration and the actual delivery of apps to users. This is why we are considering building Berty DAO around this process.
Since the release process is made of a collection of technical operations, there is a need for an automated layer that would ensure that community decisions are automatically enforced, rather than depending on trusted persons acting as representatives of the community.
The DAO would serve as the coordination mechanism that connects community decisions with decentralized infrastructure components, such as storage services (for example, the source code of the protocol) and computing services (for example, the build of a mobile application). We use the term technical decentralization to cover this automation and coordination layer. In our next blog post in the series, we will go through the technical solutions we are considering in order to implement the technical decentralization of Berty.
The social layer of a DAO is also essential. Crypto-networks have shown that independent parties can be efficiently coordinated through technology and economic incentives. Ultimately, the success of a decentralized project depends on the culture shared by its members and on the institutions that reflect this culture and govern the community. The ability to deter attackers relies on the belief that, indeed, new heads will regrow each time one is cut off.
Creating a DAO for Berty will also be a way to signal that the project is truly a commons, to materialize the community governance mechanisms so that maintenance and release activities are effectively under the control of a large, open group of participants. We use the term political decentralization to refer to this endeavor of designing and implementing organizational mechanics to that end, and we will dedicate the last post of the series to it.