Amazing, amazing post.
I tend to be slightly less confidant then you that distributions remains good over time.
A realistic scenario:
10% of all the funds in the world put a 1% allocation in hive and stake it. They all have different AUM (Assets Under Management) sizes, however, in aggregate, the total amount staked by hedge funds represents 20% of all hive governance.
They can now vote for witnesses who buy their votes, as they don't really have skin in the game (only 1% invested in hive) and like the extra return.
This is where we need innovative solutions to keep governance voting based on skin in the game, some were proposed by Vitalik at the end of his article but they sounded complicated to implement in practice.
Also, I am slighlty less confidant with the lockup argument.
Long locks ups solve this on DPoS because validators are not paid nearly enough to bribe any large stakeholder who is locked in. Sure they can sell the keys to their account, but it still becomes a hot potato that someone has to end up with. The moment a vote buying witness enters the ranks of consensus validator, the chain's value would plummet, and whoever got left with the long lock up bag would suffer many great losses compared to the pennies they earned trying to sell their votes.
This is true, but you are counting on people who stake and sell their votes to be rational about that. Sometimes humans are stupid, especially when incentivized by greed. They'll just see the short term incentives (money for vote-selling) and not consider they might not be able to get out in time. They will think, "I will just sell my keys before everyone else and get out quickly after getting nice interests for a while".
Again, it's a reason we need another way to incentivize skin in the game voting, in addition to lockups.
The larger the stakeholder the more aware they become. We can point to that when the hostile takeover happened. As soon as a sock puppet fitness penetrated the top ranks it was like a battle alarm went off and everyone woke the fuck up.
For the loan attack to work you would need 51% of all voting power to be lazy and stupid enough to rent it out to a malicious attacker. As soon as that attacker got into the top ranks the witnesses would have to still do nothing. That is highly unlikely as all it would take is a few stakeholders pulling their loans off the market. Combine that with Vitaliks idea of a time lock on gov changes and the attacker would be sitting there in board daylight with their pants undone.
This attack would be impossible on Hive as combining social and dpos makes for a really tough competition and such malarkey would be spotted early on and called out. Keep in mind your actions have consequences on stake based systems, if you're caught loaning your vote to an attacker that tries to take over the network you can get your funds forked out or frozen. Large stakeholders need to be aware of this.
I am absolutely with you concerning attacks. I am definitely not worried about hive being attacked.
But my criticism (inspired by Vitalik) is that you could get worse governance decisions. For instance, a bad proposal gets voted in, where something is being built that is not worth the spending, because some random hedge funds with no skin in the game approved that proposal.
Now, I understand, this is not catastrophic. But still something that could be improved if we somehow manage to incentivize stakeholders to only make good votes.
Good votes as in votes that inherently have skin in the game. Hedge funds with small allocations and stakeholders who believe they can avoid lockups quickly do not have enough skin in the game to make good decisions.
But yes, I agree that we are safe from attacks.
The DAO pays out only so much per day, so the bad proposal needs sustained funding. This could happen on a smaller scale with the DAO, as there is far less HP needed to sway votes. It would make for some ruckus, that's for sure, and whoever was lending that HP could kiss their reps goodbye. However, to those that wouldn't care about their reps, just the returns, it would be an interesting attack vector. The defense would be everyone voting on the returned proposal; thus, the attacker would have to pay rent on HP they couldn't utilize in the way they wanted. Would be an interesting attack for sure.
I didnt realize I wrote this 6k word post twice lol. My other one was talking about BTC and how even if you have 51% of the hashrate you could not take over the BTC name with hashrate alone. This is purely a social construct as no one would accept a BTC hardfork, it was forked only once in the early days (the BTC name being retained) but now that is seen as an attack. I'll need to release that as another blog tho its pretty wordy as well.
Well my point is Hive has the same kinda social construct, not with forking we are very fork friendly, but with consensus ranking. If youre a "stranger" and shoot into the top ranks with few votes, that is seen as an attack and if many pop up its a hostile takeover attempt. So you can see even naturally we are resistant to takeover by our built in reputation system, IE you need to have a good rep to be voted into high ranks of consensus witnesses. By adding Vitaliks idea of the lock up for gov changes you get a very powerful failsafe. Someone shoots into consensus, cant change anything right away, heavily scrutinized and can be frozen or booted out if its proven its an attack.