Follow The Blockchain Investments Blog on Feedspot

Continue with Google
Continue with Facebook

Decentralized governance today: A case study on AGP-1

In this post I review Aragon’s 0.6 release, as well as the results from a vote on a recent network Governance Proposal. I also discuss some factors that I believe will impact the health of decentralized organization governance in the future.

Aragon: An overview

The Aragon Project was founded in November 2016 with the goal of empowering freedom by creating tools that allow decentralized organizations to thrive. The project aims to remove the frictions that exist in setting up and running more traditional organizations. These could, for instance, take the form of the paperwork and bureaucracy that get in the way of a team spending their days building a budding startup’s core product.

The project’s most recent 0.6 release allows users to create Aragon organizations on mainnet. An Aragon organization runs entirely on Ethereum and offers basic functionality for running a decentralized organization, including the ability to create and manage an organization-specific token, vote on proposals (including, for example, whether to add a person to the organization), and coordinate finances. The organization can take one of two forms: (1) a general purpose democracy or (2) a more business-oriented multi-signature entity.

In the future, new Aragon applications offering additional functionality will become available. These including Planning, Payroll, Espresso (a collaborative data vault), and Liquid Democracy (for delegation). As of December 10th, 177 DAOs have been formed on mainnet. This includes 47 multi-sigs and 129 democracies.

A review of AGP-1 and some factors impacting healthy decentralized organization governance

Shortly following the 0.6 release, the Aragon team held a vote for Aragon Governance Proposal 1 (AGP-1). AGP-1 passed, putting in place a formal proposal and voting process for changes to the Network.

However, what is most interesting about this vote are the turnout results. For one, the proposal passed with a staggering 99.97% majority. Only 2.6% of total ANT supply participated in the vote, and 57% of participating tokens were held by one address. The Aragon team itself has admitted that there is a considerable amount of room to improve turnout, and a discussion within the Aragon Forum has developed to begin to discuss some approaches to achieve this.

The crypto community should recognize that there are a few major endogenous and exogenous factors that are likely behind these results.

A few of these endogenous factors include:

  • Lack of skin in the game. If a proposal has low stakes, as may have been the case for AGP-1, voters may not necessarily feel compelled to spend the time and effort to cast their vote. Users may not have been aware of this specific vote, or may have agreed with the proposal but assumed it would pass without their input. Ensuring high turnout will require clear communication about proposals and parameters like voting start and end dates. Building in additional incentives, like token rewards for active voters, or an Aragon Community Token (ACT) as proposed in the previously mentioned Aragon Forum discussion, could also improve participation.
  • Unsuitable voting parameters. The vote for AGP-1 lasted 48 hours, and required a quorum of 67%. Over this two-day period, ANT token-holders may have been too busy with work obligations or social events taking them away from their laptops. For important votes, 48 hours may not be enough. The 67% bar, on the other hand, was easily met. This number could be increased for AGP votes in the foreseeable future, especially if these proposals continues to see low voter turnout (and thus a higher likelihood of whales swaying the outcome). One way to improve the turnout without necessarily adjusting parameters is delegation. Liquid Democracy — an Aragon app which will allow for this — is already in the works.

The exogenous factors I see mostly revolve around the Ethereum network. These include:

  • Ethereum network congestion. Development teams may want to experiment with scalability solutions to handle functions which should remain cheap and fast, like voting.
  • Poor integration between wallet and browser. Over the past few years, my peers and I have experienced with some considerable latency and complete transaction failure when using MetaMask with some browsers. Usability here has generally improved and will continue to do so, but any outstanding infrastructural frictions could impede voter turnout.
  • Lack of Ethereum network knowledge and setup. Although less likely to be an issue today, a larger, more diverse group of ANT-token holders may not be set up to use Metamask in the future. General Ethereum education will be a foundational requirement for a healthy decentralized organization governance process.

Ultimately, the implicit requirement that voter turnout statistics be made public is one of the benefits of DAOs. Low voter participation and whale voters cannot be hidden in a transparent governance process. And, the Aragon’s team’s willingness to admit to and discuss governance issues with their broader community will help to promote positive change in the future. The next Aragon vote will take place in January 2019. I look forward to seeing whether the team makes any changes to its voting process to improve turnout, and to reviewing the results.

If DAOs are to fulfill the vision of organizing decentralized groups via fair governance processes, protocol development teams must continue to monitor usability and to build systems that encourage high voter turnout. This ability to iterate on a governance system at all — patching bugs and introducing new functionality over time — is revolutionary. Aragon has certainly led the way in showing what is possible. I will also note that there are a number of other projects in the process of building out decentralized organization and governance tools , including DAOstack and Common Interest.

I hope that Aragon and other protocol development teams continue to publish and analyze the results of Governance Proposals, and to promote discussion on ways to improve their governance processes. I am excited to watch — and participate in — the evolution of these organizations in the future.

Reviewing decentralized governance today: A case study on AGP-1 was originally published in The CoinFund Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Photo by Fabian Blank on UnsplashIntroduction

As decentralized staking networks continue to develop and proliferate, it is interesting to consider their impact on other areas of the crypto economy. One area where the vocation of staking is bound to have an impact is cryptoasset borrowing.

Today, the foremost examples of staking networks in production include Tezos, Livepeer, and even SpankChain. These networks rely on staking to provide security and governance. They also provide an antidote to high velocity, which, if such a phenomenon ever manifests in actual cryptoeconomics, is curbed by taking assets out of circulation and solves the main foil of localized digital currencies and payment tokens.

Staking networks today are being bootstrapped by early investors and funds who typically hold sizable network ownership based on investment in early project stages. But most funds find it difficult to technologically engage networks, especially large numbers of them, and look to service providers for security, custody, and domain-specific utilization of assets across systems. However, staking service providers themselves don’t hold early ownership of networks in general. They find themselves in a position where they must rely on delegation of assets (a limiting factor, since delegation is not available on-protocol in all networks) or fund and investor relationships for access.

However, as lending platforms and protocols come online, staking companies have new options for commanding larger stakes. Borrowing assets for the purpose of staking will serve two key purposes in the staking space: (1) access to the network, as most networks will require using tokens to perform work or run functional nodes; and (2) ability to create asset-neutral staking positions.

Asset-neutral portfolios

Staking networks are great — they create a new source of returns backed by real economies of decentralized network participants. But while most opportunities fall into a 5–20% return range in a token-denominated sense, the fiat-denominated returns are nevertheless much more volatile. The fiat-denominated return of a staking opportunity still depends more on sentiment and network growth than the typical rate of token return.

Borrowing tokens on decentralized protocols may in the future provide a simple way to lower fiat-denominated downside while staking operations are taking place. Suppose you wanted to earn a return on a staking network which offers a token-denominated 5% rate of return without being exposed to its fiat-denominated volatility. If you can borrow the network asset at a 1% token-denominated rate, you can stake it in the network, earn 5%, and then keep 4% for yourself. Borrowing the asset has a similar effect to shorting, neutralizing the long (fiat market) exposure to the asset.

Further opportunities are available to curb the fiat-denominated volatility of the position as well. For instance, the token-denominated return can be periodically skimmed and liquidated to lower volatility exposure.

Since being able to borrow tokens is useful in the context of staking, we might envision a market where staking opportunities are creating a lot more borrowing demand than we see now. So what is the potential relationship between borrowing rates and returns of networks?

Borrowing rates and staking returns converge

Today, borrowing rates on Compound Finance are rather low as compared to prospective staking opportunities. For instance, Livepeer’s current daily inflation rate (paid to transcoders and delegators as a bonding incentive) annualizes to over 25.8%. But the borrow APR of BAT, the most expensive asset borrowable on Compound, is 8.25%.

As demand increases for staking returns, this kind of differential is bound to bring borrowing rates higher. If a significant portion of staking begins to rely on borrowed tokens (due to stakers seeking access and asset-neutral portfolios built by funds), then lenders will push up rates accordingly.

Much of on-chain borrowing happens with collateralized smart contracts today, and underwritten or fractional-reserve systems that don’t require collateral have been proposed. Decentralized lending may carry default risk, in addition to technological and hacking risks inherent to smart contracts. Similarly, staking activities carry the risk slashing conditions (situations where staking nodes can lose tokens due to downtime or behavior that doesn’t comply with the protocol).

While the spread between borrowing rates and staking returns converges, it should still be non-zero to compensate these types of risks.

High borrowing rates

What if borrowing rates were higher than staking returns? This seems to create an incentive to withdraw stake from staking networks in order to earn a higher return through lending, creating a potential disincentive for staking activities. Whether this can or might happen is a case by case analysis of individual networks — for example, in Livepeer, the inflation rate would adjust as a function of staking participation rate (p-rate) to encourage more delegation and bonding.

Oversized demand for borrowing may also be an indicator of growing short interest in an asset, so using comparisons of borrowing rates and staking returns may be an indicator of market sentiment with respect to an asset or network.


In summary, crypto borrowing may be an important tool for stakers, crypto-focused investors, and analysts assessing the health of staking network markets. Borrowing creates new avenues of access to networks for new entrants into the generalized mining space, as well as a mechanism to build asset-neutral portfolios of staking opportunities. The spread between borrowing rates and staking returns should generally converge together, leaving some spread to compensate for technological and protocol-specific risks like slashing. Both the staking space and the decentralized lending space are important elements of the crypto economy worth following.

Crypto borrowing and staking networks was originally published in The CoinFund Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
One of the first non-currency staking networks economically favors high-engagement players

Jake Brukhman, CoinFund
Devin WalshCoinFund

“High quality participation is vital to the quality and security of the network.”
— Doug Petkanics, Inflation and participation in stake-based protocols

The Livepeer project is building a platform for video transcoding and live video streaming for the decentralized web. As a decentralized value network, Livepeer is open to several new types of third party participants beyond merely investors and customers. Today, participants can assume the role of a delegator, a transcoder operator, or a miner in Livepeer. If the network gains adoption, we might even anticipate a case for second-order services such as content monitoring and curation. That’s five ways of interacting with just this network alone that are inherently both technical and financial.

In this post, we describe how the Livepeer network rewards participants who actively engage in network functions. After describing at a high level the Livepeer cryptoeconomics, we share a quantitative argument that shows how miners, transcoders, and delegators might be able to use active participation in the network to achieve economics that are superior to that of passive participants, and even comparable to those of early investors.

In particular, we show that miners will likely own a significant percentage of the liquid LPT supply. Miners can either withhold liquid supply to increase the dilution of passive participants (and themselves) or delegate it in order to maintain active ownership and governance of the network. Based on these findings, we foresee a broader emerging need for investors to take a more active, participatory role in the decentralized networks they capitalize in order to achieve the full potential of the economics available to them.

Summary of the Livepeer cryptoeconomics

Summary: In this section, we describe the Livepeer cryptoeconomics at a high level; the Livepeer whitepaper is the precise source for protocol details.

In the Livepeer network, the founding team keeps 12.35% of the Livepeer token (LPT) supply, which is on the lower side of allocations we have seen throughout late 2016 and 2017. Early investors, in two rounds, have purchased 19% of the token supply in order to fund the early stages of the project. These early investors and the team are on an 18-month and 36-month vesting schedules, respectively.

The Livepeer token allocation structure attempts to create a wide distribution of LPT by enacting an airdrop to a large number of existing Ethereum addresses. To this end, 63.437% of the initial supply of 10 million units can be claimed by anyone with an eligible address. Furthermore, as of July 26th, LPT in these addresses can be claimed by a miner on behalf of an address in an open “MerkleMine” event open to any third party network participant. Miners receive a percentage of the LPT reward for providing this service, and this reward increases over time. This distribution mechanism uses cryptoeconomic incentives to ensure that LPT will be broadly distributed whether or not the owner of an eligible address is able to claim LPT for themselves or even knows about the Livepeer project. At the time of writing, a number of miners have distributed nearly 40% of the mineable LPT in this manner.

Finally, there are today 15 active transcoder slots in the network. LPT holders, seen as “delegators”, can bond LPT to transcoders as a form of transcoder selection and voting. Only the transcoders with the most delegated LPT are made “active”. This bonding determines their eligibility as well as the share of the LPT supply inflation they will earn for being a transcoder, which is distributed pro rata to their LPT stake. Meanwhile, the LPT supply keeps inflating. Today it has a daily inflation rate of 0.0533% and is rising by 0.0003% each day; when the LPT target participation rate is surpassed, the inflation rate can begin to decrease and will likely settle at a market equilibrium. That participation rate, or “p-rate”, is currently set to 50% of the LPT supply.

Livepeer’s reasoning for an automated inflation adjusting mechanism and its likely mechanics are covered in detail in their post on the subject.

Inflationary supply economics favors liquid holders

Summary: Participants with liquid supply of LPT can more easily bond their stake to transcoders and therefore, in the short-term, minimize their dilution more effectively than passive or vesting participants. In the short- to medium-term, miners will have the greatest access to liquid LPT supply.

The inflation rate may not seem that high, but a static 0.05% based on total supply annualizes to approximately 18.25% — a formidable token-denominated rate of inflation. Because the bonding p-rate today is only about 8.55% (see below), the daily rate keeps increasing and is in fact likely to annualize to over twice that amount.

Participants who hold LPT tokens passively and do not bond to transcoders are being economically incentivized to do so or incur dilution. Furthermore, from the perspective of dilution, participants who can maximize their liquid LPT holdings may be able to build up stakes in the network comparable to those of early investors, who are vesting and delegating LPT slowly over time.

In practice, miners have redeemed much more than one address per block, and will therefore walk away with much fewer of the 3.17 million LPT. As of the time of writing, Livepeer’s miners can theoretically redeem 418,732 LPT from the mine, and are likely to actually redeem an estimated 836,458 LPT for themselves over the next three months (as the mining reward keeps increasing over time.) This 90-day outlook can go as high as 1,254,184 LPT depending on network conditions and miner behavior.

The MerkleMine outcome affects dilution

Summary: The MerkleMine is likely to effectively burn a significant percentage of the LPT token supply, therefore increasing the levels of prospective inflation.

Starting on July 26, 2018, Livepeer miners have been generating and submitting Merkle proofs on behalf of LPT-eligible Ethereum addresses in order to obtain a fractional reward of the claimable LPT. The miner’s reward increases proportionally to the number of blocks elapsed since the start of the mine for approximately 15 months and miners can claim the entire LPT reward for themselves thereafter. This system makes for an interesting strategy game combining elements of anticipating Ethereum gas prices, the fiat-denominated price of Ether, the computational competition for Merkle proofs, and the psychology of mining competitors.

On September 9th, over a month and 266,139 blocks into the 2.5 million block mine, the mining reward was 10.65% or ~0.26 out of the ~2.44 LPT total, with the address owner receiving the remaining ~2.18 LPT. However, it is reasonable to assume that the majority of these mined Ethereum addresses are probably not in active use, are secured by lost keys, or have owners who simply will not care or be able to utilize them. We should therefore consider a large part of this mineable supply of LPT to be effectively burned.

In the absence of bonding of the mined supply, the system will continue to produce inflation until the LPT bonded (presumably by investors, team, and transcoders) hits the 50% target p-rate. In the next section, we quantify how much inflation is likely to occur given several scenarios.

Quantifying the impact of LPT bonding p-rates on inflation

Summary: Using a straightforward calculation, we can compare different bonding participation rates by calculating the theoretical inflation they will affect the LPT token supply.

Given some simple assumptions, we can derive an estimate for effective inflation in the Livepeer supply given an initial participation rate. Let us assume that inflation i, is required to hit a target p-rate t (a percentage of total LPT supply that the network wants bonded to transcoders), given the number of bonded LPT units today, b, and today’s total LPT supply s.

Variables b, s, and i are denominated in units of LPT, while t is a p-rate (a percentage of total supply). In this model, we assume for simplicity that once issued through inflation, transcoders continue to bond new LPT, and no other LPT is bonded from other areas of the supply. This is a simplifying assumption but allows us to compare different scenarios to one another by comparing their resulting projected inflation rates.

Then, at the time that the network hits the target participation rate, the relationship between b, s, i, and t is given by the following equation (1), where 0 ⩽ t ⩽ 1 and b/s ⩽ t.

Solving for the inflation rate, we obtain equation (2).

Projected absolute inflation given p-rates and total supply.

We can also obtain the effective rate of inflation, which is inflation expressed as a percentage of total token supply, by dividing equation (2) by s.

Miners control the inflation of LPT in the short term

Summary: In the short term, Livepeer miners are the biggest holders of liquid supply and therefore have the most significant impact on LPT inflation of any participant group; they can affect Livepeer’s inflation by up to a factor of 2.

We can use our calulations above to compare two extreme bonding scenarios and analyze their impact on inflation.

In the first scenario, we show that miners can dilute passive participants (and themselves) while giving 50% or more of the LPT token supply to active delegators. We assume that airdropped LPT is effectively burned and miners withhold their own supply from bonding.

At the time of writing, LPT holders were bonding 891,932 LPT of the (then) total supply of 10,432,642 LPT. This is a participation rate of 8.55% (compared to the target p-rate of 50%). We can then project the LPT-denominated inflation as shown in the calculatiom `below.

Effective projected inflation calculation at 8.55% network p-rate.

This is an effective projected inflation rate of 85.78%.

If you owned LPT today and held it over this period, its purchasing power would be cut nearly in half by the time inflation stopped.

On the other hand, we can estimate more reasonable participation behavior for miners, investors, and LPT holders. Let us assume that over the next 3 months, the team, investors, and miners invest the maximum possible liquid LPT that they hold. Suppose, additionally, that 10% of the airdropped LPT participates in bonding as well and all inflation remains bonded.

By our calculation, 419,583 LPT will be bonded by team and investors over the next 3 months, 836,458 LPT will be mined and bonded by miners, and 550,724 LPT will be bonded by users and reinvested through inflation. Under these assumptions, 2,239,408 LPT will be bonded in addition to the current bond for a total bonding p-rate of 30.01%. All else equal, this p-rate projects out to 39.97% inflation (14,602,605 LPT total supply) at the time when the target is reached.

All in all, by manipulating liquid LPT supply, miners can tweak Livepeer’s effective rate of inflation to the tune of 2x.

Miners are going to burn almost half of Livepeer’s token supply

Summary: The MerkleMine will likely complete within the next 90 days and will take nearly 50% of the LPT token supply out of effective circulation.

Under the assumptions of the URR, miners will redeem one address per block (a rate of ~2.44 LPT per block) for the entire 15-month duration of the mine. In this redemption scenario, the mineable allocation is split evenly in half between miners and users. However, in real life, miners are greedy and compete with each other for supply, increasing their mining rates above the URR in order to race other miners or to make use of cheap gas. Though this is theoretically better for users, we suspect most addresses will ignore their LPT airdrop and this supply will be effectively taken out of circulation.

Over the last 5 days or so, miners have been redeeming LPT at nearly 7x the URR, or around 14.13 LPT per block. At this rate, the mine should complete in approximately 76 days, with 5,507,242 LPT going to addresses of uncertain status. Assuming a 10% p-rate for the airdrop as before, miners would effectively take 47.51% of the LPT supply out of circulation.

That being said, we should acknowledge the motivation for choosing a distribution process that would lead to this outcome: to democratically distribute LPT. Although some large amount of token supply may effectively be burned in the mine, a percentage of addresses that receive the token will be owned by active users and future network participants. As the Livepeer platform scales, these LPT holders will be able to participate in the network without having had to invest in, purchase, or mine LPT.


In summary, Livepeer is an example of a new kind of decentralized network that offers compelling economics to active participants and third parties willing to do useful work for the network. Holders of Livepeer tokens should bond their tokens in order to protect themselves from inflation-related dilution, and those participants technologically capable should consider running a Livepeer transcoder or miner.

Overall, these network dynamics are a glimpse into a future where investors and participants will need to take more active roles in their decentralized investments, transcend the passive investor role, and engage networks directly in a highly techno-financial capacity. For more on this topic, see this post from Notation Capital and CoinFund on this podcast from Erik Torenberg and Crypto Stories.

Livepeer cryptoeconomics as a case study of active participation in decentralized networks was originally published in The CoinFund Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Cryptocurrency + an Old War Strategy Might Solve FOMO-3D, the New $12m Ponzi-esque.

Note: Do not write a commitment contract unless you really know what you’re doing. It’d be a very tricky thing to get right even if this article is correct. Click here for my previous article explaining the game theory of Fomo-3D.

In 1519, Spanish conquistador Hernan Cortes landed his ships in Mexico looking for gold. As he attempted to push inland and battle the Aztec Empire, he feared that his men would break rank and retreat, boarding the ships back to Cuba. He knew he’d win if his soldiers fought. But if they retreated… he might be dead.

Cortes was a brutal man and he devised a brutal strategy: he sank all of his own ships so nobody could retreat. He escalated the conflict to win or die. And so his men, now lacking the option to retreat, had no choice but to fight to the death. And fight they did — his commitment strategy was so successful that “Cortes the Killer” remains (in)famous to this day.¹

Fomo-3D, the popular new Ethereum Dapp, is just such a battle. But instead of Aztec gold you’re battling for 25,000 Ethereum or so. It’s a game entirely written on the blockchain and, assuming that all of the contract code gets fully verified, it might well provide the test case for a very unique feature of smart contracts. That is to say, programmable cryptocurrency seems to offer exactly the same solution to the dilemma that Cortes executed successfully.

Hernan Cortes scuttles his ships

I’m going to try to convince you of two things in this article:

  1. In theory, Fomo-3D’s $12 million jackpot can be won for $1 thanks to a unique feature of smart contracts.
  2. You should probably not try to do this unless you command a lot of wealth and have thought very hard about the risks.

If the first point is true, it would be an incredible demonstration of Crypto providing legitimately new tech in game theory. The second point is always good advice when millions of dollars are at stake, but I suspect that it’s especially true in Fomo-3D’s case. Anyway, let’s dive in.

Playing Cortes in Fomo-3D

In Fomo-3D, individuals buy “keys” to give them a chance at the jackpot. You can think of it like inexpensive bids for the jackpot — they’re “cheap” but they only win if someone else doesn’t buy a key after you. You should only buy if you think there’s a decent chance that nobody will buy a key after you — otherwise you’re sure to lose. And why would anyone buy a key after you? Only if they thought there was a good chance that nobody would buy after them.

This brings us directly to our simple solution:

Fund a smart contract that can only buy current-round F3D keys and burns the remainder unless you win the jackpot. Then tell everyone in the whole world about this contract.

That may sound crazy — it kind of is crazy — but there’s a logic to it. In effect, the way it works is by raising the price of a key for everyone else in the game. Since the contract ensures that anyone else would have to buy a huge number of totally useless keys, this raises to price of a useful key enormously. The useless keys they’d buy are the ones that our contract has guaranteed that we will beat. As a result: Actual Key Price = Useless Keys + Useful Key.

How much should a key cost?

So we found that the Cortes strategy works here by effectively *raising the price* of a key enormously for everyone else. So how expensive do these new keys have to be? They’d need to be an amount such that the cost is equal to the highest expected value that anyone has for the prize.

That’s up there in the emoji math too — by definition the actual prize must be greater than or equal to the expected prize.² And that’s playing it pretty safe — even for the most “irrationally exuberant” people, setting the new key price to be higher than the prize itself should be sufficient. I’m going to show this using emoji math (but I’ll describe it in words later):

Emoji LaTeX’ed using Mike Bostock’s https://observablehq.com/

In step one we find someone who thinks that buying a key is worth it — that is, they have an “expected value” for the prize that makes buying a key worthwhile. But then — after the “However” in the picture above— we set the price of a key high enough that nobody would find it valuable. By picking the price equal to the prize itself, it should theoretically guarantee that nobody should buy a single key.

How much would this contract cost?It only takes one? Credit: Sylvie Tittel on Unsplash

We talked about the Cortes strategy being effectively free, but weirdly enough, that’s actually under-selling it. It should guarantee the entire jackpot for the realized cost of a single key. It probably won’t in practice, but it seems like it “should”. Setting the key price equal to $1 trillion instead of $100 isn’t an additional expense because (assuming we get the price right) nobody else will bid and we’ll get the money refunded for the price of one key.

You could get more clever here, perhaps writing a bot that auto-bids in F3D at the last second, and paying for it with your large stock of funds. You could — presumably — have the contract award some portion of the remaining funds to the miner who (validly) enters your key purchase last on the registry. You could allow yourself to buy keys for the current round with the funds, and so on. But the core is just a credible, and extreme, punishment for giving up.

This is what smart contracts seem to make newly possible. It’s actually pretty hard to commit to burning money. Thinking back to the Aztecs, suppose they wanted to play a Cortes strategy, and so they threatened to destroy all of their gold if they retreated. The problem they’d face is how to credibly commit to this. The problem is, once they retreat, they’ve already retreated! Their whole plan has failed already. Why on earth would they destroy the gold at this point?

This is not a “blockchain is magic” story.

Or at least, I don’t think it is. What makes the Aztec example really fanciful is that — even if Cuauhtemoc could code in Vyper — he would have faced the good old oracle problem (that is, “what’s a ‘Retreat’”?) And even if you could define “retreat”, good luck actually destroying money because of something that already happened. I won’t take you through the shananigans that explain exactly why that’s tricky, but you can think of it as related to the credit card chargeback problem described, for instance, by Nick Szabo.

But for F3D the oracle problem is not a problem as far as I can tell: the round will publicly end and it will publicly award a single winner. And the “third party money destroyer” seems to just be code. (That said, anyone designing a serious commitment contract should seriously consider mining/validation incentives!)

The real challenge, in my opinion, is creating “common knowledge”. If people don’t know you’re committing then you are wasting your money. I should probably bold the implication here, just to be safe:

It is an incredibly bad idea to play a Cortes strategy and keep it to yourself, even for a second.

You probably shouldn’t create one anyway (and certainly not based on this article.) But as soon as someone creates one, they should tell the world, shout it from the rooftops, etc. That’s because if two people create commitment contracts in a game like this then it’s an absolute disaster for both of them.

Wrapping up

The Cortes strategy is a “Commitment Strategy”. More formally this is something like “ex post incentive compatibility” (but you can ignore that). And playing Cortes really does require commitment (in “for richer and for poorer, in sickness and in health” sense). The question of how humans commit in practice is fascinating, of course. Humans have the capacity to act so strategically and override their commitments, and yet we do commit.⁴

But the question of how smart contracts can commit is much less hard. It’s annoying that literally nobody can help you when you lose access to your crypto wallet, but that’s precisely what makes smart contracts so useful for commitment. They aren’t smart at all.

As far as I can figure (and I have been emboldened by speaking with thinkers like Cathy Barrera,) this is pretty new tech in the game theory world. If it uniquely enables someone to win a huge jackpot, that would be pretty cool demo.


I’ll now turn to answering some common questions and objections. But first let me note yet again that, even if my argument is right, anybody actually trying to *implement* this strategy needs to think very carefully.

Can you really write a smart contract like that?

The real smart contract magic should be in the ex post incentive compatible commitment itself. Apart from miner collusion worries, this is not — in my opinion — an especially technical problem. In terms of the game theory, a contract that straightforwardly imposed a huge cost on you unless you played and won F3D would be sufficient. Clearly the contract I described can be improved upon, but I won’t get into more details here.

Is there an optimal response to the commitment contract other than bowing out?

Considering only this round — and treating agents as broadly rational — then no, I don’t believe that there is. One major reason is that if someone else set a new commitment contract slightly higher than the current one, all that would do is reset the game. The result would be something like what Vitalik Buterin called “Revolution: Hamlet Edition”, where Killing the King doesn’t really let you become King (because, as he notes, the norm against killing Kings goes away so being the King wouldn’t be so great anymore.)

Similarly, if there’s one way to actually win this game (via a commitment contract), why spend enormous amounts trying to defeat it? Unless you had some special affinity for the game itself, the only advantage you’d gain is the ability to implement the same strategy anew. And it would seem that you’ve just weakened that strategy, at least in people’s perception.

But that’s kind of a “norms-based” argument, though. Well I should confess something to you, down here in the basement of this FAQ: I am pretty confident that — conditional on the commitment contract being effective in F3D — there are sound technical reasons why the first person with a large commitment contract should win. I can think of at least three reasons for this and a solid, technical team (in my opinion) will find them too. Here’s the hash of one:


What about the dividends?

Since this is a zero sum game, I can’t see how dividends add anything interesting. If someone buys a new dividend despite a commitment contract, it looks to me like they’re buying a dividend in the purchase of one key. Not too exciting. If they expect more keys to be purchased regardless then they are just buying a dividend in human irrationality. There are plenty of dividends in human irrationality already, so not sure what’d be unique here. That said, I may be missing something here. It is conceivable that if, say, two players in a war of attrition game hold equal 50% of all available dividends apiece this could complicate things. There could be something else I’m missing (remember — this is not a fully-considered academic article! I wrote this up the same week I first heard about Fomo-3D.)

What about the proportional rewards?

The fact that you can choose “teams” in F3D, and that only a portion of your rewards go the pool itself doesn’t seem to change the structure of the game. F3D is what’s called a “zero sum” game, because it doesn’t create wealth. As a result, the additional features don’t seem to affect the equilbria of the game or the “coordination game” nature of it. In terms of affecting the structure and play of the game itself, I haven’t seen a feature that makes a tangible difference. I’ve looked and asked for examples widely, and haven’t gotten any responses, but I could be wrong about this.

How does the possibility of miner collusion affect this?

I can’t say, other than noting that I can’t see a reason why it would be a special problem for this strategy.

If you were going to be proven wrong, what’s your best guess as to how?

I wish more people would answer this question at the end of their arguments! I mean, the obvious reason is that you don’t want to help anyone own you. But, ideally, we’d rather be right than win. On my best days, maybe.

Anyway though, I’ve been discussing the commitment contract idea enough by now to suspect that if I’m wrong, I’m wrong in an interesting or non-obvious way. So I’m going to go big here and guess that, if I’m wrong, it’s because something about the structure of the game (or even proof of work itself) has already created an inherent commitment contract. This would be an interesting way to be wrong, because it would seem to suggest that we lack common knowledge about a thing that someone would should really like to produce common knowledge about.

It’s also possible that I’m mischaracterizing the nature of the game itself. I don’t think this is true (and literally nobody has suggested this, including in my discussion with the F3D devs) but you never know.

[1]Shockingly, this is not an apocryphal story. I’m not sure where I first learned about it — I used it as an example when helping teach a behavioral strategy class years ago — but a likely source is Barry Nalebuff and Avinash Dixit’s Thinking Strategically.

[2] There are always larger games that this game could be embedded in (status competition, for instance). So, in the Cortes example, if you thought “what about the dishonor of retreating?” you’re right, in a sense. In the math section, if you’re thinking “What if E[Prize] is actually greater than Prize?” Well, you’re definitely wrong, but the point you’re probably making — that payoffs are actually E[Prize]+E[Pride] or something, is correct.

Those are the sorts of meta-games that we’re making explicit in our commitment contract. But, crucially, they need to be very carefully considered when constructing a commitment strategy. Especially if they’re not explicit.

[3] Or more specifically, it acts according to a game broader than what’s being formalized. This is what I took to be Vlad Zamfir’s point about addressing the end-to-end utility function in smart contracts.

[4] Technically, the price of keys rises very slightly over time. Based on my math this shouldn’t matter.

[5] If you want to pursue this further I’d recommend the work of Thomas Schelling, Elinor Ostrom, and Robert Frank.

Can a good Smart Contract beat Blockchain's new $12m Ponzi? Yes... in theory. was originally published in The Blockchain Investments Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Devin Walsh joins CoinFund as Research Analyst

CoinFund is delighted to announce that Devin Walsh has joined CoinFund as research analyst. Devin will be focusing on blockchain research, due diligence, and fund strategy.

Devin recently completed her MBA in the Entrepreneurship & Innovation track at MIT Sloan, where she studied methods for developing and scaling disruptive technologies and business models. While in school she was a Co-MD for the MIT Fintech Conference, a Teaching Assistant (TA) in the Entrepreneurship program, and a project manager for the Digital Currency Initiative (DCI) at MIT Media Lab. She also worked for uPort (a ConsenSys company) focusing on Strategy, Business Development, and Operations initiatives. Prior to Sloan, she worked at BlackRock as a project manager for firmwide technological innovation, and as a product manager on the firm’s proprietary Aladdin platform. She graduated from Princeton University with an A.B. in Economics in 2011, and is originally from New Jersey.

In her spare time Devin enjoys discovering new Italian restaurants, watching scary movies, and going on long runs along the West Side highway.

Find Devin on Twitter.

CoinFund Update: July 2018 was originally published in The Blockchain Investments Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview