Video AMA #3 with @adam on March 26th discussing ong-term dev roadmap, security audit, reputation currency, Arc upgradeability, off-chain computations, and more.
A transcript is presented bellow for convenience.
Video AMA #3 with @adam on March 26th discussing ong-term dev roadmap, security audit, reputation currency, Arc upgradeability, off-chain computations, and more.
A transcript is presented bellow for convenience.
I. ON AGENCIES & SMART COMPANIES
Josh: Okay it looks like we’re live for a hangout and ask me anything with DAOstack CEO, Adam Levi. I’m Josh. I work on the community team, and I will be feeding the questions today to Adam. Some of the questions have come in ahead of time, and we may get a few more on our Telegram chat. If you would like to interact with us during this call, Telegram is the place to do that. If you are already on Telegram, our handle is DAOstack Community. And if you are not on Telegram, you can use the link t.me/DAOstackcommunity to download Telegram and join our community chat, which I recommend anyway to stay in touch with the DAOstack Community.
So turning out, it’s some questions for Adam Levi. Hello Adam.
Adam: Hello. What’s up?
Josh: Let’s talk about the DAO ecosystem and this question from David, I think probably pronouncing your name as Llop, but I’m not entirely sure. Do you make any distinction between DAOs and agencies on the technical level, and sometimes we say agencies or smart companies. So do you make any distinctions between DAOs and smart companies on the technical level, or are they just concepts used to explain the DAO eco-system?
Adam: So first of all, question, David what was his name?
Josh? His last name is spelled L-L-O-P, which I imagine might be Yop or Lop.
Adam: So thank you very much for the question. This question is actually a very good on as I have this discussion with Matan very often. Like, what’s the problem, I don’t - I have this discussion with him. And basically, at the moment in the architectural, in the technical level, I can tell you that there is no difference.
And this concept of smart company, agencies, and DAOs are the same technically. However, when you think of how we intend the system to be used and the scaling of the system, then basically yes, there is a reason to give different names for these different concepts. But I can tell you, from my perspective in this discussion with Matan I usually take the side that says that we need less terms, and we may need to give up at least one of these terms. But at the moment we have all of them. Technically, they’re all the same. It’s a very good question, actually.
But basically, to explain more deeply, then basically we see a small company as more of an atomic unit, and a DAO is something like a mesh of smart companies. Which is itself kind of a large smart company but it has other meaning. Basically if you think of a smart company where almost all of its agents are smart companies, and then you can think of it as a DAO, as a scale-up thing. But technically it is the same.
II. ON REPUTATION ACROSS DAOS
Josh: So then a good follow-up question might be how reputation or perhaps even token might be transferrable across agencies and DAOs. Flordiano asks a questions on the forum that is in this area. Assuming there is global value in harnessing local DAO reputation points in wider use cases like other DAOs, I wonder how the interoperability or standardization of reputation takes place?
Adam: So the idea is basically that reputation … I am not sure I totally understand the question, but maybe you can direct me if I’m wrong when I’m taking this, but I think the idea is very much related to the last question.
So if we see DAOs as an organism, which is made up of a lot of smart companies, and that’s how we see the scaling of the system, then basically having reputation in a small agency or smart company will allow you to make decisions to vote in a larger DAO. So this is how you can see basically the bubbling-up of decision making and this floating. So this is how the reputation, you could say, interfere with each other. Furthermore, you could actually use it in a more direct way. So a DAO can decide on some sort of decisions, it gives the power to a specific reputation system and not to its global reputation system.
So let’s say you want to have the decision or something, which is very specific, say, I don’t know, software development, so you could pick up a sub-reputation system of some sort, and develop the system, and then just give the power on this specific issue to this group of … this reputation system or agent.
Josh: But it’s not the case then that the DAO and the smart company or agency would have different or distinct reputation currencies in that case?
Adam: So here, no … I’m considering here two different … so think of two different smart companies unless it’s a big one, it’s kind of a DAO, it’s a very bit mesh …
It has its own reputation system and you have this small DAO or small smart company that probably has some reputation in the larger DAO. But the DAO can basically delegate some of its decisions to this small reputation system. This is a manual way to make things more efficient, basically kind of delegation, but other than that, of course, you can flow decision upwards just by the small DAO making a decision to vote in the larger DAO.
Josh: Understood. Okay, great. Thank you, Adam.
III. ON THE FLEXIBILITY OF ARC
Josh: So let’s move to a question from [Moskulik] on Telegram. And this is about the flexibility of Arc. Where can the DAOstack framework be flexed for different governance systems? We’ve talked about Arc … this is me paraphrasing … we’ve talked about Arc being a kind of sandbox or a Lego building block set in which users can mix and match the modules to build their own governance template for their organization. Can you explain how that works technically?
Adam: Yes. So basically, first of all, you can think of Arc as a kind of “if this, then that” scheme. I’m not sure if everyone are familiar with this system, which is … I highly recommend. This is not a blocked-in system, “if then, then that”, but it’s a very nice one. So basically the Arc framework is built in some kind of the same way. You have the schemes, which are building blocks of what you can do. Basically all the schemes that the organization is registered to, or registered in this organization, there are logic schemes that you can use, and each scheme, it can have some kind of a “how do you make decisions on this scheme”.
And here basically you take out all the decision-making, so you make it very modular, and you have governance modules, so you have complete separate models of how decisions are made. And basically you can build - so there is an API, some kind of an interface, and you can build whatever governance module that you like and basically plug it in, and the same is for schemes. You can build any scheme that you think of and plug it in. But of course, it is very non-trivial to come up with governance modules that can actually scale and be resilient to attacks.
This is actually a big part of the research that we’re doing in DAOstack, coming up with these templates, and I think we have some or a lot of answers on this issue, and we will be building these templates, but I’m hoping and I’m sure other people will as well. And in this sense, the system is working.
Josh: So in that sense, is it also upgradable? We say that Arc is upgradable. Can you explain in layperson’s term how that is the case?
Adam: Okay, so upgradeability - when you say upgradeability in the blocks, it can mean few different things. We are not going into the technical issues, and basically when you have something which is modular, then by definition, it is also upgradable, right? Because if you can put the pieces together, then you can just take out the piece and bring a new one, so it is kind of an upgrade. And the whole system is built on this fashion, so you can basically upgrade everything.
Now there are other concepts of upgradeability, which are not architectural concepts, but actually contracts … Basically there is a whole notion in the blockchain space of you really use code. And so there are few options. So one option you can do is the option of libraries. Basically you have … I don’t want to go into the details, but you have a contract, which is some kind of library of code and then you have your contract, and it delegates code to all the logic that sits here. This is quite dangerous, I must say.
As people have seen in the case of the Parity wallet. So the parity wallet had the library, and this library had a bug, and someone was able to kind of kill the library, and a lot of money was just gone. I’m not sure how many millions, but it was quite a bit.
And now basically there are a bit more sophisticated concepts of upgrade of contracts, which are something like proxy. This is a bit newer concept. Basically you have the delegate and you have the storage sitting in a third contract, and of course you can have something which is more similar to what we are doing, basically having contracts as a service, and then you can just basically register to a contract or leave it, and then you can just switch between them. So these are three different concepts that you can think of as you think of upgradeability in the blockchain or in smart contracts.
Now we, basically our concept or the main issue of Arc, because it’s very modular, is that you get the third one for free. Now, whether or not you use the second one of proxies, this is something that we’re experimenting with and we are actually developing, but this is … you have to understand that these concepts are very new, and very dangerous, actually, and as we see security as top priority, we’re trying to be very careful. And, you know, if Gav Would gets it wrong, I’m guessing we have to be a bit modest and take things step by step.
IV. ON CODE AUDITS
Josh: Right. Yeah, good. Okay, thank you. By the way, that last question from Info_Crypto on Twitter on upgradeability of Arc. Natalie asks, along a similar vein, about the security of Arc, understanding that you’re going … we’re undergoing security audits, what can you tell us about the status of third-party security audits and testing for Arc?
Adam: Okay, so I can tell you that the security audit is basically really only last day or two, and we are actually just … the report is being prepared as we speak, and we had the very good period of audit, and I want to thank our auditors, as I get a chance. So Chain Security are our auditors, and they are actually very good, and they were able to learn system very quickly, and we had very good, even academic, discussions about what you can and cannot do on … in smart contracts. Very enlightening to see how fast and how people can go into the code base, which is quite big, I must say, and really slowly get it, and then talk to you about it, and really you can see that they understand the whole architecture and the little things behind it, and so I can give two sentences about security, or my two cents, or five cents about security.
So basically, I think security is only by fire. So the only test you can do is by fire. Nothing else works, and this is how I see the system launching. So yes, we had an internal audit, yes, we have … we’re doing and we’re finishing an external audit, with a group which is very good; you can look at their team, they are very impressive. But more than that, I think the best security scheme is just get it out there and put some money in it, not a lot, not like The DAO, don’t put 50 million… or 150 million, sorry. But start dripping money into it and just get hacked. I think this is the best security option. Just get hacked. We will get hacked, it’s okay. It’s really okay, as long as you do it bit by bit, and you know there is a chance it will happen, and you are preparing for it, it’s okay. And I think this way, you can really get high-quality security if you do it step by step and you take it easy, and you know … and you really understand the risks, and I think blockchain is a new world, and most people do not … tend to not assess the risks correctly.
A contract is an entity, you building it, you have no control over it, you have no special privileges. This is something that we have to digest, and even if you say it’s upgradeable, well, no, there is some code in it that you think should allow you to upgrade it in the future, this code might bring even more complications that you cannot anticipate, and it might actually harm you in the future. So we have to be very careful with these things, and we have to take it easy, and we have to be modest. I think this is the most important way to play it.
V. ON ON-CHAIN VS OFF-CHAIN EXECUTION
Josh: Alright, thank you. This question now from Element One. Does all execution currently take place on-chain? If so, are there any plans to migrate functionality off-chain?
Adam: Very good questions today, I must say. So actually, yes, the answer is … well, the answer is yes for both of the questions. So yes, the system is currently on-chain, yes, there are plans to go off-chain. Basically as we speak, we are planning the next two architectural versions of the system. So we have the one that I see launching in a few months, and the one that I see launching in, let’s say, a bit less than a year, or ten months. So those are the timescales that we’re planning to, and yes, the answer is yes.
I think that if I may put here my five cents again, which is not related to DAOstack, all blockchain will go off-chain. That’s my … that’s how I see things as someone who’s doing blockchain full-time and professionally, I think everything will go off-chain. If you’re not using Lightning networks, please use Lightning networks, and understand the power, and you can see it very nice in Bitcoin. Basically Bitcoin today can go entirely off-chain, and you can do one Satoshi transactions, which is amazing with this speed.
So I think this will happen also in smart contracts. It’s much more complicated, much more complicated, payments, without going into the technical details again, payments is just a single number that you have to keep, the balances, and the state, when regarding to contracts, is a much more complicated thing. It’s harder to settle peer-to-peer, but I think in the future we’ll see it. If you haven’t read the plasma paper by Vitalik and Joseph Poon, then I recommend it.
But it’s not as near, in my opinion, as we might think, so you could say that there are two options to go off-chain. One option is to build your own off-chain contracts, just custom-made to your own system, and another is to wait for the entire blockchain to go off-chain in some sense, the entire blockchain will go off-chain as the plasma paper describes it, and currently, I’m planning the first one. So basically to custom-made our own system to off-chain. But I think because the timescales to do a generic off-chain is quite long, but, you know, if it will happen faster, then we’ll be there.
VI. ON UNDERLYING BLOCKCHAIN, CRYPTOKITTIES, AND THE DAO HACK
Josh: Yeah, great. So maybe a related question might be, this one also from Element One, is DAOstack agnostic in principle with regard to its underlying blockchain? Would you like to build Arc on networks other than Ethereum, if so which?
Adam: So the answer is, of course, yes, because what we do, basically, the things we’re good at is architectural and protocol, so yes, we can, you know, coding is not that hard. Well, let me take that back. Coding in a blockchain environment is hard, and building smart contracts is hard, but it’s not as hard as planning protocols, and I’m sure that if you have other smart contracts, blockchains, then DAOstack might be there, and of course we can have ways to connect them, something like atomic swaps or similar to that.
But I must say that at the moment, I don’t see these blockchains emerging very fast, right? I don’t see a big competitor to Ethereum at the moment, I must say. My apologies to all the competitors. And there are a lot, quite a few, but Ethereum’s really quite ahead, and I’m not sure we’ll see a new smart contract option.
Josh: So if that’s the case, then this question from Ezra is quite applicable. How much is DAOstack, then, depending on infrastructure upgrades to Ethereum in the short term?
Well, I think the whole … so this relates to the off-chain question. So at the moment, basically, the Ethereum blockchain in itself doesn’t scale very much, right? I think we saw it very well in CryptoKitties’s case. The first killer app that actually worked on Ethereum. By the way, great app, I must give it to the developers here, okay, really a great app, really magnificent work.
Really, really, because … and just because the use case was such a dumb one, and it was so great, because all the execution was very high-quality. I liked it very much. And it got adopted very, very fast, and you could see that I was unable to send almost anything on the network for two days, so it was quite great to see it. I enjoyed it very much.
Josh: You’re also known, by the way, for in some way applauding the DAO hack. The original DAO hack.
Adam: Oh, well, I’m not sure if “applauding” is the correct …
Josh: No, acknowledging, maybe, the …
Adam: I’m very … I was very much, let’s say, I can appreciate good work when I see it. And the DAO hack was very good. If you read the contract of the hack here, you can see it was very … it was done very professionally, and I can appreciate these things. Yeah. So anyway, so Cryptokitties and upgrades within Ethereum.
So basically yes, DAOstack currently sits on Ethereum, yes, it’s on-chain, so at the moment, yes, the answer is yes, we are limited to the bandwidth and the scalability of Ethereum. But I must say that when we started DAOstack, so decision-making has a lot of use cases, and you could think of it basically as both governance and curation, and we had a few days of discussion which of these directions to tackle more.
This was a year ago or something, and … or a bit more than a year. And the reason we didn’t take curation is because we understood that curation is very high-frequency, and governance is much lower frequency. We understood that the network was just not close to the scalability it takes for doing curation. And I think it is scalable to do governance, even today, but we are improving, so, you know, I was getting these questions about bitcoin for years, so bitcoin is not scalable, so yeah, bitcoin had or has a bandwidth of four transactions per second. It’s true. But we’re scaling.
It’s a new world. The smartest guys in Earth are working on it. Well, I’m not sure, there’s also a few smart guys in physics and math and things like that, but really smart guys in the blockchain space, I must say. And you can see the great work that they’re doing and bitcoin is scaling these days. It is working. It life. It’s on the main net. And Ethereum will scale, and smart contracts will scale. We are working on it. We’re doing that. It will take a year, it will take two, it will take three. But it will happen, and even if it will not happen for the entire network, then yes, if you build your own off-chain protocol and basically custom-made to your own app, then it will work, as we see in lightning networks.
So yes, DAOstack will go there, if we … well, we are going there anyway, and this is the direction we’ll keep, if there will not be a more, let’s say, whole solution of the space, which I’m sure there will be, but, well, we can’t tell when.
VII. ON DAOS IDENTITY
Josh: Right. Okay, alright. Let’s shift gears for a couple more questions only. So @CryptoDany asks a question about identity. Would it be possible to find and transact with a DAO using its name rather than HEX address? Similarly, I might ask something about individual identity. Will the members within a DAO be known primarily by their wallet addresses, or also by their names and real-life identities? This is a question I get a lot. Presumably the latter, but would that require some kind of identity verification system? So what can you say about identity for DAOs and also individuals?
Adam: Okay. Hi @CryptoDany, I met him in France. So it was quite fun. So again, it’s a good question, and I think the answer is that it’s not as complicated as … I like the scaling, and this is not a really complicated question.
So you could see … so I don’t know how many of our audience are familiar with the ENS, so the Ethereum Name Spacing. So this is just … now, it is called “ENS” like it is some unique thing on Ethereum, but it’s just a contract. And people built the contract similar to ENS of name-spacing and you can already … I own the DAOstack ENS and DAOstack.eth, and basically, I will give this ENS to our DAO when we launch it, so our DAO, you can track within using DAOstack. So this is already solvable.
Now, we are building our own name-spacing specifically for DAOstack, something called the ArcHives, like a level of registries to help with identities and around the system, but I think this is really something which is solvable and probably already solved, and it’s better, even, to cooperate with other systems and not try to reinvent, you know, something which is … people worked on and it’s really not that hard of a question. You have to have some … so basically any app that you will build that will work with Arc, you can make it … use the name-spacing of different identities apps. So it’s really easy. You could do it yourself. You don’t even need us.
VIII. ON INTEGRATION WITH OTHER DAO PLATFORMS
Josh: Sorry, I was muted cause I was doing some typing with our moderation team. We have our community team also helping to feed questions and so forth. And, okay, so let’s broaden to talk about the landscape of other DAO platforms with this, another question from David Llop or “yop”. How might DAOstack integrate with other DAO platforms, such as Aragon, Colony, Harper Project, any ideas there?
Adam: So I think there is a few levels to this question. So first of all, because DAOstack is so modular, then you can build your own scheme or contract that will make the bridge and, you know, it will work, and so it’s, yes, it is adaptable, it is … you could link them. More than that, I think there is … so I can tell you, there is some discussion between ourselves and Aragon and a few other teams about trying to make some kind of … I’ll call it an APR or some kind of a generic way to build governance modules so that they can be interchangeable between the systems, and maybe have an EIP about this. But at the moment, this is just discussions, so… not more than that.
You can imagine various types of integrations in the future. Yes, I think … well, I think this space is really … we really … okay, so, again, not regarding DAOstack, blockchain is the internet in 93. There is a lot of room for cooperation, for competitors, for integrations, we have time. We’re gonna build a lot more things and nothing is ending here, okay. Be modest.
Josh: Okay. Alright, great, well, I feel as though we’ve had a good session here. Covered a good bunch of territory. Is there anything else that you’d like to share or check in on before we wrap?
Adam: No, I want to thank basically all the people that asked questions and also all the community. I must say that it is really great, even … I was at EthCC just now and got, really, replies on, actually, the code, so people actually reading the contracts.
This is … you have no idea how great it is, and I have a … I can tell you a short story when I was in my PhD. So I once told a very distinguished professor which I liked very much that I got some critique about one of my papers. I said wow, it’s great, someone actually reads your papers. Most of the papers are not even read by anyone. So if people are reading you, that’s already a big deal.
So yeah, we see … we are getting comments and we see that people are actually reading what we are writing and programming and the white paper and we are getting comments and this is so great to know that people are actually getting involved. This is, after all, this is an open-source product. Not a product, an open-source project.
And I think this is one of our strengths, so unlike, not to … so Colony, for example, just now opened a code and I think this is … they’ve done it two years late, you know? This is the open-source territory, you know, and the more support and the more community you have, the better. And the more eyes on the codes, the better. Just find bugs. Attack us. Please do. Just open issues on github. That’s the best we can have, you know.
IX. ON BUILDING DAAPS ON TOP OF THE STACK
Josh: So on Twitter, #Emergir asks how easy will it be to build the first Daaps on top of Arc? Will it be as easy as launching a website on WordPress? ___
So yeah, it will be easy very soon. Already it’s quite easy, and will be easier, yeah.
Josh: Okay, we’ll leave it there for now. Thank you, Adam.
Adam: Thank you very much.
Josh: Okay, have a great one. Talk to you soon. See you, everybody in the community, and thank you so much for your questions and your participation. Bye now.