51% attack: Difference between revisions
(Created page with "Given the weighted democratic nature of a DAO, once an attacker has 51% of the REP tokens, they have majority power and can pass any legislation desired. Regardless of safeguards, eventually a patient adversary of the DAO can create new standards and strip the DAO of value. For 51% of the value of a DAO, a wealthy and patient adversary can gain 100% of the value of the DAO. This is an everpresent arbitrage opportu...") |
mNo edit summary |
||
| Line 1: | Line 1: | ||
Given the [[DAO#Weighted Democracy|weighted democratic nature]] of a [[DAO]], | Given the [[DAO#Weighted Democracy|weighted democratic nature]] of a [[DAO]], an attacker with 51% of existing REP tokens can destroy the group. Regardless of safeguards, eventually a patient adversary of the DAO with majority power can pass any [[Legislative governance|legislation]] desired, creating new standards and stripping the organization of all value. With 51% of the value of a DAO, a wealthy, powerful, and patient adversary can gain 100% of the value of the DAO. | ||
This arbitrage opportunity creates an everpresent threat in any [[DAO#Primary DAOs|primary DAO]]. So governance design must be continually vigilant against the possibility. | |||
== Inhibiting the attack == | == Inhibiting the attack == | ||
Revision as of 22:13, 29 May 2023
Given the weighted democratic nature of a DAO, an attacker with 51% of existing REP tokens can destroy the group. Regardless of safeguards, eventually a patient adversary of the DAO with majority power can pass any legislation desired, creating new standards and stripping the organization of all value. With 51% of the value of a DAO, a wealthy, powerful, and patient adversary can gain 100% of the value of the DAO.
This arbitrage opportunity creates an everpresent threat in any primary DAO. So governance design must be continually vigilant against the possibility.
Inhibiting the attack
DGF's REP tokens are designed to inhibit the 51% attack, since REP is only minted in proportion to fees that enter the system and the fees are shared with the existing members first. A calculation[1] shows that without any other safeguards in place, an attacker who uses the minting mechanism to accumulate 51% must pay the DAO an absolute minimum of twice its estimated value to gain 51% of the tokens. With minimal natural assumptions, this figure is closer to six times the value of existing REP tokens.
Other safeguards can further inhibit this attack.
Veto power
Giving veto power to members inhibits the 51% attack, since it prevents the attacker from passing legislation at will. However, veto power does not scale well. With enough members, every proposal will be vetoed, deadlocking governance. To ameliorate this effect, veto power may be scaled by setting a minimum threshold (such as 33%) for veto.
Graceful Exit BOND market
With the Graceful Exit BOND market in place, the 51% attack is inhibited since REP cannot be purchased. In that case, the only way to aquire 51% of the power in the DAO is to outcompete the rest of the DAO by working. Using the availability smart contract's random selection of workers according to existing REP, a probability argument shows this is only possible when more than 50% of the DAO is not using their REP to capacity. Even then it will take a significant period of time to achieve, and at the same time the attacker would enrich existing REP holders by an absolute minimum of twice their existing value.
- ↑ See pp 15-18 in Craig Calcaterra, Wulf Kaal, & Vlad Andrei (2018) Blockchain Infrastructure for Measuring Domain Specific Reputation in Autonomous Decentralized and Anonymous Systems , U of St. Thomas (Minnesota) Legal Studies Research Paper No. 18-11, Available at SSRN: https://ssrn.com/abstract=3125822 or http://dx.doi.org/10.2139/ssrn.3125822