Governance
Last updated
Last updated
The space witnessed unprecedented encroachment by regulatory bodies with the blacklisting of tornado cash. This event not only highlighted the need for uncensorable, decentralised collateral, but also antifragile governance structures. We’re tackling governance minimisation — hyperstructures must be uncensorable!
Since the dawn of on-chain governance it’s served many purposes. The main ones being contract deployment and upgrades. However, it is a massive attack vector for a motivated malicious actor, and most certainly one a hyperstructure like Nero wants to avoid.
The silver bullet? Governance minimisation in the form of:
Modularity: through a modular architecture, Nero's upgrades will be less risky;
Increased autonomy over time: Nero is already quite dynamic with its nonlinear adaptive controller, but as it matures, even its risk parameters will become autonomous, requiring no human input;
Ranged parameters: all risk parameters are within specific bounds such that even a concerted attack will not be able to significantly cripple Nero; some parameters’ ranges also shift autonomously! For instance, if one were to raise the debt cap for a given synthetic by 100%, the system would reject it, but if it were by, say, 20%, it would go through.
All of the undermentioned parameters are ranged, and some may be subjected to timelocks.
Controller update frequency
Oracle update frequency
Base rate function parameters
Reserve factor
Deposit limits for various collateral assets [A]
Debt limits for all synthetics [A]
Liquidation thresholds for each collateral asset [A]
Marked with [A] are good examples of risk parameters that will require no human input in the future, instead being calculated automatically based on liquidity depth, volatility, overall market sentiment, and so on.
In spite of all of these safeguards, a common attack vector remains. When a token reaches a certain liquidity depth threshold, borrowing becomes feasible, and with borrowing, governance attacks. Such attacks are conducted when a governance token is borrowed and used to vote. If a protocol’s goal is to align the incentives between long term holders and the protocol then this sort of activity must be mitigated, but how?
You wouldn’t use a token’s spot price to calculate shares, and you shouldn’t use the present balance of a token holder to calculate voting weight! Inspired by stochastic candle auctions and Uniswap’s TWAP, voting power is determined by the weighted median of one’s balance: time weighted median balance voting!
This way, Nero can mitigate against JIT governance attacks while simultaneously rewarding long term participants.