Balancing Governance and Privacy with the HOPR DAO

Good governance design has returned to prominence in the crypto discourse as projects struggle to find effective ways to conduct decentralized decision-making.

While most projects are focused on reaching consensus on technical matters, HOPR is taking a different track — building a DAO which can operate legally in the real world without exposing its members to liability.

HOPR is translating the structure of Swiss Associations to the world of DAOs: a three-tiered system with board members at the top, association members in the middle, and token holders at the base. By calling on different combinations of these for different forms of governance, they hope to build a system that is:

• Nimble enough to act quickly when needed.
• Robust enough to be able to operate both off-chain and on-chain.
• Decentralized enough to ensure the ultimate power always lies with the token holders.

Also, they need to ensure that the HOPR token holders can retain full privacy. This is a big task, so the developers are building the system step-by-step, starting with a first governance experiment reaching its conclusion this week.

What is HOPR?

HOPR is a layer-zero privacy protocol that provides users with complete data and metadata privacy for any kind of transfer and exchange. An incentivized mixnet routes packets via multiple “hops”, so no one can tell who is sending or receiving data, not even the nodes along the route. Furthermore, nodes are paid for their efforts in HOPR tokens after the data has been transferred, thanks to HOPR’s proof-of-relay mechanism.

The HOPR team is outspoken in its belief - data and metadata privacy is essential for safe and fair internet. But where does governance come in?

The Pressure Between Anonymity and Governance

HOPR argues that fundamental layer-0 digital infrastructure like HOPR should be seen as a public good, no different than water or electricity. Public goods need public governance because giving control of essential goods and services to centralized entities leads to mismatched incentives and disenfranchised users. Transparency and accountability are key.

But how do you ensure transparency of governance for a service whose goal is to obscure activity? HOPR is designed to provide its users with a private unlinkable online gateway. It would be completely counterproductive for HOPR’s governance to break that.

However, fully private decision-making and voting don’t work either. If everyone’s identity is private, how do you know who is implementing decisions? How do you know that the votes are fair?

Governance and anonymity are not comfortable bedfellows. Privacy isn’t the same as secrecy, and being transparent and accountable doesn’t mean that everything has to be done in public, but there are still obvious competing pressures here. 

HOPR’s Solution

At a structural level, HOPR’s plan is to balance these pressures by building a trade-off between privacy and power into the system.

At the very top, there are founders and board members. They have a lot of day-to-day power, so it makes sense to know who they are and where they’re based. Beneath this are Association Members.

They don’t need to expose their name or location, but it is essential to know that each member is a unique individual. Then, there are the token holders. They have the least direct power, but in exchange, they never need to disclose any information about themselves.

HOPR is building out this structure over the coming months, in time for the first annual meeting of the HOPR Association later in 2022. For now, though, they’re focused on how to reflect this trade-off at the individual vote level. They’re running a series of incentivized monthly DAO experiments to see if it’s possible to implement good governance while requiring token holders to give up the minimum of privacy.

HOPR DAO Experiment

HOPR is a Swiss project, and they’ve turned to Switzerland’s semi-direct democracy as inspiration for our own voting procedures. Switzerland has elected representatives in charge of most day-to-day governance, but referendums are often brought by citizens and put to the entire electorate. To prevent spamming, a proposal needs to garner a certain number of signatures before being put to the vote.

HOPR hopes that a version of this system can balance their privacy and governance needs. Users first discuss and make proposals on our forum. Users need to give up a small amount of privacy here, in the sense that each user needs a single pseudonymous forum account.

To prevent Sybil attacks (where a single user pretends to be multiple people), HOPR is experimenting with various forms of proof of personhood here — ways to prove that you’re a unique person without exposing any further information about yourself.

This discussion period feeds into a referendum phase, a one-person/one-vote system where users “sign” any proposals they support. Only proposals that gather enough signatures can make it through to the final stage: the vote.

The vote is tokenized and fully anonymous. In the future HOPR plans to experiment with more complex vote allocation methods like quadratic voting and ranked-choice voting. However, for this vote, they’ve focused on making sure that as many token holders as possible can vote, no matter which chain they hold their tokens on or whether they’re locked in liquidity pools. Many crypto projects exclude these tokens from governance, which is completely counterproductive. Users should have to choose between staking, providing liquidity, and voting.

The vote is currently running, and we’re excited to find out what happens and how many token holders participate. 

Engagement: The Key to an Effective DAO

These are just the first steps, but so far, the results seem promising. Crypto governance is often plagued by centralization issues where major token holders control so much voting power that regular users feel disenfranchised.

Decision times are sluggish, and participation rates are low. Even coins with billion-dollar market caps and thousands of active users see just a handful of people actively engaged in governance.

So far, HOPR’s flirtations with governance haven’t run into these issues. The HOPR token was launched via the HOPR Genesis DAO, which decided on the launch mechanism without any input from the HOPR team, which received none of the funds raised during launch.

The HOPR Genesis DAO had around 3,000 participants, and the launch vote saw almost 50% of them participate. Chain analysis performed after the vote showed minimal evidence of collusion or Sybils, so this strategy seems to succeed.

But this is a hard problem to solve. HOPR’s first successful governance experiment was a token launch, probably the most monumental and exciting time for any token. Will they be able to replicate this enthusiasm when it comes to the day-to-day running of the HOPR token?

Only time will tell.

However, HOPR’s efforts to build an engaged and informed community seem to be paying off so far.