Oasis 101: Confidential DAO Voting
In the digital age, we need schemes where people can signal their preference for something without fearing any repercussions.
Decentralized autonomous organizations (DAOs) are collective organizations that put decision-making in the hands of an automated system (smart contracts) and a crowdsourced process (voting). DAOs have gone through multiple boom and bust cycles, but in 2024, they’re alive and well with close to 20,000 active entities.
There’s just one catch. DAOs don’t really work without confidentiality. In particular, they don’t work without voting systems that protect user privacy. Before we dig into this, let’s review a few basics of DAO governance.
DAO governance overview
Governance is the structure or set of processes through which decisions are made within a DAO. In most cases, a DAO relies on two primary smart contracts: the governor contract, which maintains vote proposals and voting processes, and a token contract, which manages a registry of token holders. Members vote on proposals impacting everything from funding allocations to protocol upgrades.
Depending on the flavor of DAO, the setup can be democratic or delegate-style voting, or hybrid models blending several mechanisms, such as quorum voting, quadratic voting or a good old-fashioned multisig. Regardless of the approach, being a token holder is required to participate, and, at present, this often means something like 100% transparency.
DAOs need better privacy
Full transparency is problematic in a DAO. The basic issue is that when everything is public there’s no guardrail against vote buying, coercion, and other forms of bias. For example, big token holders can easily sway the vote by publicly going one way or another.
While DAOs are currently small-scale, considering broader implications, privacy and, more specifically, private voting is important. In the digital age, we need schemes where people can signal their preference for something without fearing any repercussions.
To solve this problem, it’s necessary to rethink how visibility works within these decentralized systems. At the core of this rethinking is smart contracts that have the flexibility to keep private state.
With privacy-enabled contracts, a DAO can shield voter identities, conceal proposal or survey results, and selectively apply confidentiality where it makes sense. This not only protects individuals but the sanctity of an organization.
Private voting solutions
The need for private voting is not a new problem and numerous methods and protocols have been devised to address it. Fully homomorphic encryption (FHE) is one popular solution. Others include Minimal Anti-collusion Infrastructure (MACI), Semaphore, and Plume, each of which has tradeoffs in terms of features, complexity, ease of use, hardware requirements, etc. If you’re interested in exploring these, here’s a good resource.
Some real-world examples of confidential voting include projects like the Aragon, Snapshot, and MolochDAO, which have explored privacy-preserving techniques. As one of the pioneers in this space, we’ve also built a range of solutions that support confidential DAO voting. Our approach is based on a modular L1 scalability architecture that’s unique in its ability to provide trusted execution environments (TEEs) to smart contracts. By using TEEs and advanced cryptographic techniques, Oasis extends privacy to both the code and state in your contract.
Confidential DAO voting with TEEs
In practice, confidential runtimes like Oasis Sapphire rely on TEEs to protect data. Sapphire supports unencrypted and encrypted calls, with the TEE acting as a locked box for computation. Encrypted data and a smart contract go in, and encrypted results come out, which means a DAO that deploys via Sapphire can solve most if not all the problems mentioned above.
If you’ve already launched on another chain, no problem. Most functional DAOs are not running on Oasis, and migrating is inconvenient. This is why we built a cross-chain messaging layer that brings privacy to where your users are. The Oasis Privacy Layer (OPL) allows a developer to access the benefits of the Sapphire runtime without switching chains.
Together, Sapphire and the OPL make it simple to transition a contract from an unencrypted state to an encrypted one. For confidential voting, here’s an example. If you have any questions, feel free to hop into our discord!