Discover more from TIKI
Mitigating Risk of a Potential DAO 51% Attack
An approach to the prevention of a 51% attack in a DAO
A 51% attack, also known as a majority attack, occurs when a single person or group gains control of over 50% of a blockchain’s hashing power. That was achieved by renting mining hash power from a third party. However, a 51% attack is theoretically limited in the disruption it can cause. While the attacker could trigger a double-spending problem, they cannot reverse transactions on the network or prevent users from broadcasting their transactions to the network. Additionally, a 51% attack is incapable of creating new assets, stealing assets from unrelated parties or altering the functionality of block rewards. But, with the growth in Decentralized Autonomous Organisation (DAO) launches, things have become a bit more complex.
Historically, if somebody could buy or acquire 51% of the shares in a company, they would assume control. Today if somebody acquires a percentage in the region of ten to fifteen percent, they must notify the relevant exchange. This gives the target company some notice of a significant holding. In the blockchain world, this doesn’t happen, and you don't get a notification from a regulator or exchange.
In the early days of a protocol, a bad actor could acquire 51% of the tokens in a network or protocol with little economic value. When the utility grew on the network, and its economic value grew, it would not be economically viable to acquire 51% of the tokens. For example, it would cost $175 billion to acquire 51% of Bitcoin at today's prices.
With the emergence of DAOs, this threat is not economic but can be in voting power. The person who controls 51% of the voting power in a DAO has effective control. For example, if I were to offer all the members of a DAO $10 to vote for a proposal that I was promoting if I get enough of the members to vote, I can assume effective control.
There is a challenge to a DAO with a concept called the “tyranny of the majority”. This is where the minority becomes disinterested because they have little say, and the majority dictates with little opposition. This requires measures to protect against this occurring and ensure that voting is fair and unbiased.
One approach is to deploy Quadratic voting. This means that each participant receives, for example, a number of voting tokens, and then they can "buy" as many votes as they want on different options with tokens. The cost of buying multiple votes increases quadratically: 1 vote costs one token, two votes four tokens and ten votes 100 tokens. The method has proven successful in repeated empirical experiments, such as the Colorado Senate elections in 2019 and various voting trials in Brazil, Taiwan and Germany. It encourages participants to be honest and make balanced choices between multiple options. One of the most significant weaknesses of quadratic voting is the lack of moderation when dealing with cheating. The specific term used for cheating with quadratic voting is Sybil attacks. These attacks use sybils, or fake or duplicate identities, to influence community-oriented decisions to push them in their favour.
A second approach is to deploy the Banzhaf power index. If there are numerous dominant token holders, the control can be shared between them. Determining who has the most influence is often a difficult task. To measure this influence, game theory allows the modelling of voting games and computing the Banzhaf index. The Banzhaf index is the probability that a particular voter (or token holder) will be a key member in a winning coalition (when all coalitions are assumed equally probable). The index becomes more applicable in weighted voting situations, where members or parties have different numbers of votes. The weakness in the Banzhaf index is in the number and engagement of voters. If the people with opinions don’t actually vote, the index cannot protect their opinions.
We at TIKI are looking at deploying one or both of these approaches with the TIKI DAO. We are acutely aware that in the early stages of the DAOs growth, there is a vulnerability to a 51% attack due to the imbalance of voting power. Either of these methods can be deployed to ensure that a DAO reaches a stable state where there is parity and equilibrium in the voting influence of the parties.
If you would like to see how we approach the challenge of DAO governance, look at our previous post on Crowdsourced Governance.
Do you have any comments on this topic? I would love to hear your thoughts or opinions: firstname.lastname@example.org