Editing DAO (section)

=== Security ===
Security is a constant concern in the design of an open-source protocol. Especially when the network is open to pseudonymous members. [[wikipedia:Byzantine_fault|Byzantine]] behavior in a decentralized network, is defined as actions which violate the majority agreed protocols. When there is no dictator ruling your platform, and you accept asynchronous distributed transactions entering from any node, it is impossible to achieve perfect intelligence about the state of the network, since Byzantine nodes can pass false messages in the gossip network. There are several theorems in computer science that govern what is possible when designing a protocol for distributing digital token rewards in a DAO. A famous example is the 66% non-Byzantine limit for the pBFT algorithm. In general, no decentralized system can survive forever in the face of [[51% attack|51% Byzantine actors]]. Therefore some restrictions to openness are necessary.

Another major security risk to a decentralized platform is a sock puppet attack. [[wikipedia:Sock_puppet_account|Sock puppets]] are multiple pseudonymous accounts that a single member creates and controls with separate passwords to hold digital tokens. The purpose of sock puppet accounts is to trick the network into believing the different pseudonymous identities represent multiple people. This eliminates any chance that a DAO without KYC protocols can achieve honest governance under simple one-person-one-vote democracy. Since anyone on the planet has equal opportunity to participate under a fabricated identity, a single actor can create countless sock puppet accounts to overwhelm the voices of honest members. Therefore, any DAO work model or governance design must account for this eventuality. The solution to fighting sock puppet attacks, is a weighted democracy which assign rewards and power based on carefully audited measures of positive contributions to the group.