Henrik Axelsen, Johannes Rude Jensen, and Omri Ross*
When is a DAO Decentralized?
Regulators see blockchain technology as imperative to innovation, growth, and global competitiveness. While crypto remains primarily unregulated, the associated token economy around Decentralized Autonomous Organizations (DAO)sometimes constitutes what is otherwise considered regulated financial activity. Hence, global regulators are motivating and implementing crypto regulation to meet the challenge of ensuring consumer protection, innovation, and growth without stifling innovation.1
While there are multiple working definitions of the concept of a DAO in industry, most form fluid organizations or loosely organized communities, self-directed and governed through smart contracts without central authority or a managerial hierarchy.2 Some observers compare DAOs to nation-states rather than traditional organizations.3 In this analogy, the formal (on-chain) smart contracts are comparable to a »computational constitution.« At the same time, cultures are nurtured through communication emerging around the design, development, and maintenance of the products governed by the DAO. Some scholars propose that a DAO, like autonomy classification for land and maritime environments,4 be considered autonomous to the extent that it can legally acceptliability.5 In practice, the level of autonomy and anonymity can vary, but a DAO is normally self-directed through voting on- and off-chain; it can be financial or non-financial in purpose, but the traditional legal system seems secondary to its existence and purpose.6
As the first major region attempting to regulate crypto assets at the supranational level, the EU bloc emerged in 2020 with a digital finance package. The EU draft regulation included DAOs in the negotiation phase with legal identity and limited liability for the community members. However, it was omitted in the final version of the regulation, called the Markets in Crypto Asset (MiCA) regulation, approved on June 30, 2022.Following a round of additional negotiations, the final MiCA text was published on October 5, 2002 and the regulation’s recital 12a7 appears to treat decentralized activity in a manner similar to the US,8 where it appears possible to conduct regulated activity if one is »sufficiently decentralized.« But the question of the extent of decentralization required remains to be solved and will likely develop over the coming years through regulatory technical standards. As follows, designing a decentralized crypto-based business model based on »smart contracts« is complicated: In addition to the usual challenges in finding product market fit, product leadership, sales, recruitment, development, and scaling, founders must seek to operate their projected business in a decentralized manner or risk regulatory implications.9
II. Arriving at a Working Definition for Decentralization
The notion of »decentralization« has its origins in political science and, in the present time, generally refers to the dispersion or distribution of functions and powers. Without an understanding of the powers of different stakeholders, where and how they exercise their powers, and to whom and how they are accountable, it is difficult to understand whether decentralization is taking place.10
The concept of decentralization has been applied mainly withinthe government of nation-states and political science,11 administration,12 fiscal area,13 and environment,14 but also across a diverse range of disciplines, such as complex systems engineering,15 space safety engineering,16 cybernetics,17 management science,18 economics around principal agents theory,19 finance,20 law andtechnology,21 crypto-economic systems and more.
Within the nascent literature on crypto, the most applied definition of decentralization was proposed by Ethereum cofounder Vitalik Buterin with the introduction of the term »DAO« in 2013. Here, decentralization is presented as a response to the latent issues of centralized systems, to which decentralized systems can introduce fault tolerance and deter attacks or collusion. In a later publication,22 Buterin suggested that decentralization be viewed across several dimensions: (1) An architectural dimension as in how many computers the system is made up of; (2) a political dimension as in how many control those computers; and (3) a logical dimensionas in how the interface and data structures add up.
It follows that measuring decentralization is complicated; »A true assessment of the degree of decentralization in (a country)can be made only if a comprehensive approach is adopted, and rather than trying to simplify the syndrome of characteristics into the single dimension of autonomy, interrelationships of various dimensions of decentralization are taken into account.«23
III. Introducing the »TIGER« Assessment Framework
The proposed framework comprises a generalized DAO scorecard evaluation framework to facilitate a directional analysis of critical DAO components from a systems perspective, where compromising one subsystem may compromise the entire system.24 The central assessment approach is to which extent, on each dimension and its characteristics, we observe evidence of independent groups of agents operating undermandates without any centralized element of control. To assess this, we introduce the concept of a Verifiably Independent Agent (VIA), a publicly identifiable token holder with along and repeated history of participation in governance and a public presence in the associated communities.
The assessment is designed for point-in-time. We have, however, aimed to integrate strategic intent to allow a »grace period« to impact the scores by taking a view of the DAO’s longterm equilibrium. The actual application of scores requiressome calibration and further consultations across DAOs and jurisdictions to evolve into a regulatory technical standard.
We assess decentralization using a pragmatic framework with 15 components across five dimensions: Token Weighted Voting; Infrastructure; Governance; Escalation; and Reputation (»TIGER«), exemplified here with the token weighted voting section:
1. Token-weighted Voting and Incentives
The assessment of this dimension includes (1) an analysis ofwhether the tokens are fairly distributed among the community, founders, and collaborators while also locking token liquidity for the future funding of the DAO’s activities.(2) When assessing whether the DAO incentivizes multilateral participation by allocating tokens to clearly differentiated stakeholder groups, it is important to notice that some collaboration and common focus are to be expected. In addition to quantifying units allocated to independent groups, the assessor could also look for signals: Is there any tangible evidence of cartels? Is it reasonable to assume that token holders are colluding unfairly? Are big investors talking to the foundersand asking them what to vote for, or the other way around?(3) The concentration of voting power would include a Nakamoto-coefficient analysis of on-chain and off-chain voting history. The Nakamoto coefficient is a simple, quantitative measure of a system’s decentralization.25
The assessment includes (1) an analysis of how the DAO limits large token holders (so-called whales) from having outsized influence. Some DAOs introduce the notion of time-locked voting. This allows token holders to increase the weight of their vote by locking their shares for a certain amount oftime after voting has ended, trading the opportunity costfor increased voting power. (2) Analysis of centralization of control that is not automated in a sufficiently decentralized manner, which includes an assessment of the degree of autonomy in software vs. human centrality but also a view of any single point(s) of failure or single point(s) of control concerns.(3) Access is assessed both to quorum and timing, assessing how many VIAs it takes to produce a positive voting outcome for a »general« Improvement Proposal, which we could label as the Nakamoto co-efficient for governance, and second, whether the voting process allows proper time and access for token holders to vote on any topic or if (unfair) restrictions apply.
Assessment of governance processes is critical to determine whether there are possible centralized attack vectors in a DAO: (1) Voting delegation, sometimes referred to as liquid democracy, shares the core principles of political democracy. In this case, a DAO assigns specialists to participate in an electorate with the power to make decisions on behalf of DAO members. This increases centralization; on the other hand, it may improve the quality of decision-making as in the traditional world’s representative democracies. In some cases, voting delegation may constitute manipulative and/or regulatory arbitrage through conditional delegation, so the assessment should review delegation mandates to ensure the delegated mandate is not an attempt to arbitrage. (2) From a narrow perspective, the assessment of voting participation analyses voter turnout participation in collective decision-making, which is a dynamic metric that may affect the security of any plutocratic governance system. Simple token-weighted voting may risk the undue influence of »whales« (large tokenholders). Balanced techniques adopted by DAOs include sociocracy, where decisions are made by consent, not by consensus. Quadratic voting and other alternative voting mechanisms,such as holographic consensus or multi-signature wallet (multi-Sig), are also gaining traction across DAOs.(3) Sometimes, DAOs establish a foundation to own rights that cannot easily be decentralized. Although this implies a centrally controlled activity, it should be viewed in context and be considered acceptable if the purpose of the centralized effort is only to bootstrap the journey towards decentralization. Outsourcing also includes software deployment strategy and hosting policy, where, according to statista.com,26 more than 64 % of the world’s cloud market is currently controlled by three dominant vendors (AWS, Google, and MSFT), who therefore likely host most of the blockchain/Web3 infrastructure that exists, including full nodes, validator nodes, and middleware. This is potentially a significant attack vector for censorship and centralized control.
Considering the following issues helps assess escalation: (1) A DAO is only as decentralized as its crisis mode allows. Hence, the assessment should investigate how control measures can be centralized in any crisis. A crisis should be defined through stress testing of the DAO business system and financial and technical resilience. Crisis mitigation and contingency measures should preferably be specified in the DAO constitution or policies for events that can impact the long-term sustainability of the DAO. Some centralization is expected to deal effectively with crisis containment, where fluid democracy may not always be the most efficient. (2) An inflationary token model adds new tokens to the market over time, often through a schedule or as mining rewards, or for specific contributions. For the determination of decentralization, the critical assessment point is that any value associated with inflation or deflation benefits all token holders fairly, not for the benefit of non-collaborative agents for any strategic or other participation. (3) Availability and access should be equal to all, so any restrictions in access to the DAO, including its decision-making process, may suggest a level of centralized control.
For reputation assessment, the following considerations are suggested: (1) Soft power through co-optation or informalmanipulation is an everyday phenomenon in politics. In DAO communities that allow actors to engage pseudo- or anonymously, it is critical to assess that these features arenot used manipulatively. (2) DAOs cannot act outside their rules, but because their smart contracts may contain errors or unforeseen events may occur, rule change mechanisms are necessary for resilience purposes. On the other hand, fully decentralized DAOs must also acknowledge their delegated mandates, with accountability following delegated responsibility.(3) Increasingly, DAOs implement dispute resolution mechanisms or use dispute resolution services from emerging online third-party decentralized dispute resolution service providers. Other measures, such as implementing tools like Sourcecred27 to create community trust or »slashing« to penalize unwanted behavior or dishonest validation, are similar mechanisms of democratic control designed to incentivize network participation.
We field-tested the general concept with a DeFi expert from an EU-based supervisory authority, who emphasized a pragmatic approach favoring comprehensive coverage of topics of regulatory concern rather than the collection of quantitative data. The introduction of partial compromisation having a full impact on the overall assessment result was deemed justifiable but raised several questions, including (1) how to deal with the lack of a grace period in the current implementation of the recently released MiCA package and (2) how to create a level-playing field for »institutional DeFi« (where traditional, currently regulated financial institutions offer decentralized financial products operated by DAOs).
We also tested the framework on Compound Finance, an algorithmic money market DAO operating on the Ethereum blockchain. Although there were significant areas for improvement, our assessment suggests that Compound DAO is sufficiently decentralized.
In analyzing whether a DAO is sufficiently decentralized, we might expect some quantified evidence of chaos, swarm, and/ or a self-organized, distributed, decentralized community, as opposed to an ordered, strong organization with centralized command and control that characterizes the traditional orga¬nization. Hence, the critical focus of analysis is whether the DAO stakeholders or »actors« are empowered with delegated authority and whether they operate sufficiently independently of each other and in their own self-interest in an uncoordinated and voluntary manner. We propose that »sufficient decentralization« is defined as a verifiable state where the design of the DAO is collusion resistant and based on long-term equilibrium. Its gover¬nance processes have unrestricted and transparent access. From a regulatory perspective, an alternative approach could simply be to analyze (1) if the DAO is conducting a regulated activity, and if so, (2) if there is an accountable legal or physical person upon whom regulation can be enforced; if not, then DAO being sufficiently decentralized must be acknowledged. In our view, such an approach is too simplistic and does not accept the fundamental premise that DLT/Blockchain is a transformative technology that will foster innovation and growth.
From a practical and theoretical perspective, it seems evident that no DAO can start decentralized, as any project must be initiated by a small core team, bootstrapping de¬velopment until the project matures and attracts open-source contributors. However, as discussed, the European regulators did not play any particular emphasis on this cri¬tical point when agreeing on the final text of the MiCA regulation. In our proposed assessment framework, we acknowledge this commonsense element by assessing not just the point-in-time view but also a view of the mature DAO design. We extrapolate our contributions into the following generalized propositions:
P1: The concept of technology-neutral regulation is challenged by DLT/Blockchain. DAOs exist and realize benefits through increasing degrees of decentralization. DAO legal design should therefore support the internal decentralization accomplished by the DAO so that a balance is achieved between external and internal decentralization, not the other way around. When regulators in the coming years design technical requirements for the supervision of DAOs, they need to acknowledge this underlying premise and embrace that DLT/blockchain is a transformative technology that requires unique regulatory approaches.
P2: Regulators need to embrace the concept of a »grace period« for a DAO to achieve sufficient decentralization. The MiCA regulation did not include this, but it seems challenging to embrace DeFi and the concept of sufficient decentralization without it. We suggest an assessment approach where not only the point-in-time assessment is material to the decision of decentralization but also the design intent, thereby introducing a grace period from a risk-based perspective, allowing the EU to practically align crypto regulatory compliance to the safe harbor proposals from the US and common sense.
P3: In the short term, for »Institutional DeFi,« a level playing field needs to be developed by financial regulators and supervisors, including a »cut-off« strategy, with clear boundaries for an acceptable centralized activity to allow DLT/Blockchain-based businesses to develop properly, respecting the new technological feature regime. From a regulatory perspective, and in the words of MiCA, complete decentralization seems to require full automation. Still, when elements of human governance are introduced, it is difficult to think of complete decentralization as outlined in MiCA. Some automated features also become centralized through front-end website hosting or other elements. Global policy setters still consider entity-specific compliance the most relevant dimension of control and oversight,28 but MiCA appears to introduce broader activity-based or – in blockchain terms – technical accountability. We foresee that a new playing field for decentralized and traditional finance will develop over the coming years, as blockchain enables a decentralized economy and decentralized and traditional finance increasingly overlap and integrate.
P4: A risk-based approach to DAO supervision, where required, will need to be developed with a holistic view of decentralization across political, technological, social, and economic dimensions, as well as across underlying technology infrastructures that behave very differently from a risk perspective. We foresee regulators will designate some blockchains to have more systemic risk than others.
P5: DLT/Blockchain will transform how regulators supervise and enforce the regulation. The number of DAOs grew by 8x in the past year,29 and the acceleration will pressure regulators to keep pace with developments in two dimensions: (1) Supervisors with a traditional finance focus will be challenged as their supervisory toolkits and skillsets become disconnected and obsolete. Regulators and supervisors must embrace the available and emerging investigative techniques to analyze DAO structures and processes in real-time, on- and off-chain; (2) A focus on automated and embedded supervision should be prioritized.30
We investigate the topic of decentralization as it relates to DAOs, using a thematic analysis method to identify relevant patterns to assess whether sufficient decentralization is presented. Through the framework’s design, we demonstrate the feasibility of implementing a structured method for the assessment. We propose a definition of »sufficient decentralization« and incorporate the notion of a representative democracy via delegated mandate in the assessment framework. Still, it remains to be concluded what level of delegation and decentralization is acceptable under different regulatory regimes.
Some regulators seem to suggest complete decentralization as the only acceptable level. However, complete decentralization in DAOs is challenging to grasp, as they are socio-technical constructs. We design a generalized assessment framework with suggested quantifiers. Still, applying all characteristics and levels of quantified assessment will likely vary, depending on the need for regulatory monitoring by jurisdiction. Hence, the framework design is flexible to accommodate change as regulatory practices evolve and regulatory technical standards become defined.
Our findings suggest that decentralization in DAOs is not a myth. Still, due to the technical features of blockchains, it can be complicated to investigate and assess the true level of DAO decentralization.
* Henrik Axelsen, the corresponding author, is Ph.D. Fellow at the University of Copenhagen, Department of Computer Science. Johannes Rude Jensen is Crypto Solutions Team Lead at eToro Research Lab and Research Coordinator at the Financial Transparency Group at the University of Copenhagen, Department of Computer Science. Omri Ross is Chief Blockchain Officer at eToro and Associate Professor at the University of Copenhagen, Department of Computer Science. This abstract is based on the authors’ research paper »When is a DAO decentralized,« published in Complex Systems Informatics and Modeling Quarterly (CSIMQ). Published online by RTU Press, https:// csimq-journ als.rtu.lv [accessed Oct. 14, 2022]. Article 176, Issue 31, June/ July 2022, pp. 51–75. https://doi.org/10.7250/csimq.2022-31.04.
1 Lummis-Gillibrand, »Responsible Financial Innovation Act,« vol. 2022, pp. 1–69, 2022; European Parliament, »EU parliament report on MiCA,« 2022, [Online]. Available: https://www.europ arl.eur opa.eu/doceo/docum ent/A-9-2022-0052 EN.html [accessed Oct. 14, 2022].
2 S. Hassan and P. de Filippi, »Decentralized autonomous organization,« Internet Policy Rev., vol. 10, no. 2, pp. 1–10, 2021, doi: 10.14763/2021.2.1556; N.-B. Schirrmacher, J. R. Jensen, and M. Avital, »Token-Centric Work Practices in Fluid Organizations: The Cases of Yearn and MakerDAO,« 42nd Int. Conf. Inf. Syst. ICIS 2021 Build. Sustain. Resil. with IS: A Call for Action, no. December, 2021, [Online]. Available: https://aisel.ais net. org/icis2 021 [accessed Oct. 14, 2022].
3 S. Voshmgir and M. Zargham, »Foundations of Cryptoeconomic Systems,« 2020, [Online]. Available: https://epub.wu.ac.at/7782/1/Foun dati ons of Cryptoeconomic Systems.pdf [accessed Oct. 14, 2022].
4 B. Myhre, A. Hellandsvik, and S. Petersen, »A responsibility-centered approach to defining levels of automation,« 2019, doi: 10.1088/1742– 6596/1357/1/012027.
5 S. A. Wright, »Measuring DAO Autonomy: Lessons From Other Autonomous Systems,« IEEE Trans. Technol. Soc., vol. 2, no. 1, pp. 43–53, 2021, doi: 10.1109/tts.2021.3054974.
6 V. Buterin, »DAOs, DACs, DAs and More: An Incomplete Terminology Guide | Ethereum Foundation Blog,« Ethereum Found. Blog, pp. 1–13, 2014, [Online]. Available: https://blog.ether eum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-terminology-guide/ [accessed Oct. 14, 2022].
7 Council of the European Union, »Proposal for a Regulation of the European Parliament and of the Council on Markets in Crypto-assets, and amending Directive (EU) 2019/1937,« vol. 2021, no. November, pp. 1–405, 2021.
8 W. Hinman, »Digital Asset Transactions: When Howey Met Gary (Plastic). Remarks at the Yahoo Finance All Markets Summit: Crypto,« pp. 1–6, 2018, [Online]. Available: https://www.sec.gov/news/speech/speech-hin man-061 418 [accessed Oct. 14, 2022].
9 J. Walden, »Progressive Decentralization: A Playbook for Building Crypto Applications,« pp. 1–9, 2020, [Online]. Available: https://a16z. com/2020/01/09/progressive-decentralization-crypto-product-management/ [accessed Oct. 14, 2022].
10 A. Agrawal and J. C. Ribot, »Analyzing Decentralization: A Framework with South Asian and West African Environmental Cases,« J. Dev. Areas, vol. 33, No. 4 (Summer), pp. 473–502, 1999.
11 D. Treisman, »The Architecture of Government,« Archit. Gov., 2007, doi: 10.1017/cbo9780511619151.
12 P. D. Hutchcroft, »Centralization and decentralization in administration and politics: Assessing territorial dimensions of authority and power,« Governance, vol. 14, no. 1, pp. 23–53, 2001, doi: 10.1111/0952–1895.00150.
13 C. Blackorby and C. Brett, »Fiscal Federalism Revisited,« J. Econ. Theory, vol. 92, no. 2, pp. 300–317, 2000, doi: 10.1006/jeth.2000.2643.
14 A. M. Larson and J. C. Ribot, »Democratic decentralisation through a natural resource lens: An introduction,« Eur. J. Dev. Res., vol. 16, no. 1, pp. 1–25, 2004, doi: 10.1080/09578810410001688707.
15 D. D. Siljak, Decentralized control of complex systems, vol. 1. 1991.
16 N. Levenson, Engineering a Safer World. 2011.
17 M. Zargham, »Aligning ›Decentralized Autonomous Organization‹ to Precedents in Cybernetics,« 2022.
18 H. A. Richardson, R. J. Vandenberg, T. C. Blum, and P. M. Roman, »Does Decentralization Make a Difference for the Organization? An Examination of the Boundary Conditions Circumscribing Decentralized Decision-Making and Organizational Financial Performance,« vol. 28, no. 2, pp. 217–244, 2002.
19 M. Bergman and J.-E. Lane, »Public Policy in a Principal-Agent Framework,« Journal of Theoretical Politics 2, 1990.
20 Nakamoto, »Bitcoin: A Peer-to-Peer Electronic Cash System,« Transform. Gov. People, Process Policy, vol. 15, no. 4, pp. 580–596, 2009, doi: 10.1108/ TG-06–2020-0114.
21 A. Wright and P. de Filippi, »Decentralized Blockchain Technology and the Rise of Lex Cryptographia,« SSRN Electron. J., 2015, doi: 10.2139/ ssrn.2580664.
22 V. Buterin, »The Meaning of Decentralization,« 2017, doi: 10.2307/805411.
23 C. K. Sharma, »Decentralization Dilemma: Measuring the Degree and Evaluating the Outcomes,« vol. 67, no. 1, pp. 49–64, 2006, [Online]. Available: https://www.jstor.org/sta ble/41856 192?seq=1 [accessed Oct. 14, 2022]; OECD, OECD/Korea Institute of Public Finance (2013), Measuring Fiscal Decentralisation: Concepts and Policies, OECD Fiscal Federalism Studies, OECD Publishing. 2013.24 S. Voshmgir, » ›Decentralisation‹ is a misleading term,« vol. Pre-print, pp. 4–7, 2022, [Online]. Available: https://med ium.com/token-kitc hen/decentralisation-is-a-misleading-term-5ff73 0555 916 [accessed Oct. 14, 2022].
25 J. R. Jensen, V. von Wachter, and O. Ross, »How Decentralized is the Governance of Blockchain-based Finance? Empirical Evidence from four Governance Token Distributions,« 2020; B. S. Srinivasan, »Quantifying Decentralization,« News.Earn.Com, pp. 1–16, 2017, [Online]. Available: https://news.earn.com/quan tify ing-decen tral izat ion-e39db 233c 28e [accessed Oct. 14, 2022].
26 »Global cloud infrastructure market share 2021 | Statista.« https://www. stati sta.com/statistics/967 365/worldwide-cloud-infrastructure-services-market-share-vendor/ [accessed Jul. 24, 2022].
27 »SourceCred | SourceCred.« https://sourcecred.io/ [accessed Jul. 24, 2022].
28 F. Restoy, »Fintech regulation: how to achieve a level playing field,« Occas. Pap., vol. 17, no. 17, pp. 1–27, 2021, [Online]. Available: www.bis.org/ emailalerts.htm.
29 »Emre on Twitter: 10+ key insights from @SnapshotLabs data on DAO governance https://t.co/45K AOeE R5y’/Twit ter.« https://twit ter.com/n4mo tto/sta tus/1534 6425 6922 0706 304 [accessed Jul. 24, 2022].
30 R. Auer, »Embedded Supervision: How to Build Regulation into Blockchain Finance,« Fed. Reserv. Bank Dallas, Glob. Inst. Work. Pap., vol. 2019, no. 371, 2019, doi: 10.24149/gwp371.