Protecting the EIP process from special interests + examples & case study

My apologies, I would have preferred not to make it personal but I don’t know how to point out that an easy to capture governance process is being exploited by a social engineering campaign without also pointing out the social engineer orchestrating it.

Regarding the attempted false equivalence, anyone who clicked on my account could see my full real name. My real name being there is no accident. That’s also my real face in the profile photo. As I told your friends a couple of years ago, I wrote the OP that you said you found offensive under the defectivealtruist pseudonym. I wrote it because I was worried by the success of the previous social engineering campaign to promote EIP 3074 when you were still working at Consensys. This is when you implied EF was endorsing the proposal, when it just provided a grant to split the cost of the dedaub report with Consensys. The OP wasn’t because some mean person had a grudge against you, it was a response to how you hijacked the legitimacy of the EF deceitfully to manufacture consensus in 2021.

That startup shut down in 2019. The product was an enterprise wallet. GSN was a small piece of missing infrastructure we decided to release as a public good. Putting time and money into a public good was probably one of the reasons the startup failed.

Some of people that worked on GSN are working on 4337 now, but I am not one of them.

No, this is a bad analogy. 2771 just standardized the meta tx encoding for embedding the msg.sender. Calling it a predecessor to 4337 is like calling Unicode a predecessor to SMTP.

4337 was designed by Yoav and Vitalik, building on Vitalik’s idea of leveraging private mempools and some of Yoav’s learnings from the GSN.

Sorry no. I didn’t get any part of the OP airdrops and I don’t expect posting my concerns on EM to warrant any future retroactive grants. FWIW, I was campaigning for the idea of retroactive grants way back, which you can also see a hint of in the OP, but I never benefited from them financially. I’m now somewhat concerned that they also pose a risk to the integrity of governance when used as retroactive bribes.

I respect my friends who have chosen to work on a public good instead of a for-profit venture, but I’m not speaking up for them. I also don’t care about Ethereum in the sense that I think it is worthwhile to declare my loyalty to it as a tribal brand. I care about the values I thought Ethereum was supposed to embody. Open source, open standards, decentralisation, permission less, censorship resistance. Work on 4337 is aligned with those values so I support it. I hope in the future to contribute more to aligning Ethereum with these values. I also care about good security design.

Given your championing of 3074 how would you rate your chances of making a life changing amount of money when Metamask tokenizes an invoker with billions of AUM? True, even if you promised publicly to burn the tokens we would still have to trust your word but that doesn’t make it worthless. You’re still publicly committing to it. If you don’t believe we should take this seriously because you are not going to be making a life changing amount of money anyway then you’re not giving up anything by committing to it. If you’re not willing to commit even to the hard to enforce honor system version of this, why should anyone dismiss as conspiratorial nonsense the possibility that you’re motivated by financial gain?

This is a straw man. You’re too eager to respond with populist anti elite rhetoric. I asked what should be sufficient criteria for identifying when proposals are contentious, not who should dictate how the protocol evolves. Given how you’ve leveraged the authority of the majority client, the dominant actor in the exclusive committee of execution client devs that are the only stakeholder with a vote on ACD, you have a much better claim of leading a shadowy dictatorial elite than Vitalik. Yet he’s not the one coordinating populist anti-elitist meme campaigns on Twitter, you are. I don’t trust Vitalik as an authority, I trust him as someone’s who’s values I respect who’s also pretty smart. You on the other hand seem to have a track record, even on this thread of attempting to exploit information assymetries to deceive and manipulate. It’s a pattern of behaviour that I find disturbing and alarming given that we don’t have strong protections around governance. It’s like seeing a fox in a hen house.

You should stop, really. At this point, you obviously have an axe to grind and EIP-3074 is giving you the perfect opportunity to do it. I hate dismissing criticisms out of hand because “the world’s greatest fool may say it’s shining, but that don’t make it sunny outside” (i.e., even the most unbelievable criticism might have some element of truth to it).

But you have simply strayed way too far into ad hominem territory that I’m wondering if you read your messages before sending them. Right now, I wouldn’t know if I was on 4chan reading spiteful comments from anonymous posters and keyboard warriors or reading posts on a forum dedicated to objective, technical discussions.

This is news to me. I didn’t engage with this post back then because it was a strange conspiracy theory by a random anon account.

If there are core devs who feel this way, feel free to post here or message me privately and we can discuss. I have not received any complaints about how I’ve handled 3074 except from you.

–

Look, your entire argument is based on accusations. I’m not going to continue debating in circles with you. I don’t know why you’re so upset about this proposal or why you feel it important to attack me personally without any evidence of wrongdoing, but in the process of doing so you are also negating all the work and discussions from other core devs who have discussed, accepted, and implemented the proposal over the past few months.

The only fox in the hen house is someone who restarts an old and dead debate just because it happens to feed on the paranoia people have around Ethereum’s governance process. Like I told the other person raising hell on Twitter and accusing core developers and Consensys of colluding to force through EIP-3074, “you’re not a saint or Luke Skywalker fighting against Darth Vader and the forces of evil”.

I’ve read the argument again, and even now, it’s clear you think you’re on a crusade to save Ethereum’s governance process from the people who’d turn it into something else. But you actually aren’t achieving that goal here. If you cares enough, maybe you’d have become more active in the ACDE process a long, long time ago. What better way to ensure folks don’t corrupt governance if you have boots on the ground?

But, your grouse isn’t with the ACD as much as it is with EIP-3074 and the people working on it. I definitely don’t have context, but the only people who keep up their conspiracy theories for years usually do it out of revenge or payback for some perceived slight. I don’t know who pissed you off, but you certainly need to take care of that separately and avoid projecting your negative feelings on the world and hurting good people in the process.

Note that you are commenting on a post titled “Protecting the EIP process from special interests”, which is in the process improvement category. I posted my technical concerns separately.

Protecting governance from special interests is a hard problem and it is going to get harder, especially the way things currently work. I agree it’s unpleasant, but so is the barking of any watchdog. I also believe that pointing out the lack of checks and balances around the ACDs committee power is dangerous. For one it risks the “core devs” closing ranks. On the other hand, it risks explaining vulnerabilities in governance to other actors with the resources to exploit it. I just happen to believe the risk of nobody barking is greater than the risk of barking. This won’t be fixed by barking alone, but if everyone keeps pretending we don’t have a problem, it’s harder to motivate the kind of energy required to make hard changes. Rainbows and unicorns won’t cut it in an adversarial environment, but the motivation to prioritize this vs everything else we could be working on relies on believing that governance is vulnerable to adversaries.

How do you get the community to take a vulnerability seriously without discussing the details of the exploit? How do you discuss the details of the exploit on a loosely defined social process without discussing the people involved and how things work in practice? Who benefits from shadowy ambiguity and subtle innuendo?

Back in the real world, lobbying is a massive multi billion dollar influence industry. As soon as there’s enough money at stake, dismissing the threat of lobbying as the stuff of 4chan conspiracies is naive.

I restarted this thread because the threat I originally highlighted materialised. Not only the general threat but also the specific example I used as a case study. But sure, feel free to dismiss this as agitation for the sake of making trouble.

Who knows, maybe, but my understanding of the governance process was that improving it would require a massive insider coordination effort like the kind Trent did with the protocol guild. The stories I heard on how hard it was to coordinate even simpler pre-protocol guild effort like the EIP-1559 NFT convinced me I wasn’t the right person for that job. I can’t stand politics. I understand they’re a necessary evil, but it takes a kind of diplomatic personality to be good at that sort of thing that I clearly don’t have. As you can see my style of communication is direct to the point of being offensive to the friends of the people I criticise.

I wish I could contribute more, and maybe I’ll figure out how in the future but in the meantime explaining the problems as I see them is what I know how to do. You can dismiss that as a valid contribution, you can argue it may be counterproductive and if you do you’ll be in the company of some of my best friends in the space. If it ends up a net positive it will be because of the efforts of others.

I’m sure they appreciated your condescension, but sure I concede everyone wants to be the hero of their own story.

If I’m just trying to get revenge for some perceived slight, why did I disengage for 3 years after posting about it once in 2021? How does this heuristic of spotting the madman who grinds his axe for years out of spite apply to someone who has been observing quietly and restraining himself from making further comments hoping that the system would defend itself?

I suspect calling someone a conspiracy theorist acts as a mental stop sign. “Move along now nothing to see here”. What are you so eager to prevent people from thinking about?

I was going to tell you in person over breakfast, and possibly add an apology for hurting your feelings but you were too busy dissing EF, infinite gardens and subtraction as obvious BS.

The whole post was a strange conspiracy theory or the case study pointing out that pretty much everyone working on EIP 3074 had conflicts of interest and stood to gain financially from Metamask’s success? You hold equity in Consensys. What other jewels are in there? Do you really need a conspiratorial mindset to believe people respond to incentives? Isn’t that economics 101?

I did later regret putting it all in one post. If the EIP 3074 campaign example was posted separately, the general point about Ethereum governance needing to defend itself against an increasingly adversarial environment may have attracted more discussion. Why would lobbying not be a problem given that the conditions here match up with public choice theory? Everywhere else the conditions match up there’s a problem.

Core Devs say the core Devs will decide, when many of us are still confused about who decides who is a core dev. Even if we assume this self coronating, self selecting committee is trustworthy today, why should we trust it to be trustworthy tomorrow? Is it impossible to buy a client team? What prevents interested parties from hiring core Devs to look out for their interests? If you can buy client teams and hire the only people who can vote, how is Ethereum governance not for sale? How does this not collapse into plutocracy?

Is it possible for someone who’s not a client dev to explain why we should be ok with handing over Ethereum governance to a tiny group of backend developers? Why should we just trust them to make the right calls, not merely on obscure matters of client optimization but even on strategic matters such as the UX roadmap and a sweeping change to the EOA security model?

1. Who counts as a core dev?
2. Can you understand why speaking for the majority client makes people less likely to tell you what they really think to your face? Good thing I’m not planning on proposing any EIPs soon

I don’t think this is an optimal governance process, but I want to point out that it’s not a matter of “handing over” the governance… the clients have that power by default. Hard forks are implemented by the clients, and if a client doesn’t implement an EIP then any validators who use that client would therefore also not implement the EIP.

It’s high friction for Proof of Stake validators to change clients - for the large, custodial operations it usually involves an expensive audit process and the alteration of service level agreements with their top stakers / depositors… thus, the client teams are de facto voting proxies for the validators.

It’s also important to note that due to the nature of hard forks, client teams can’t effectively compete over EIP support in order to “win over” validators from other client teams. While a scenario in which validators choose clients based on EIP support is theoretically possible, it’s fundamentally unsustainable in the long term because the losing client would become irrelevant by being on the wrong side of the next fork… plus, that competition would lead to decreased client diversity and significantly decreased safety for validators during forks… and that’s not even bringing USDC, tether, or other asset-backed actors into the equation.

If we were to campaign to take the EIP-annointing power away from the client teams, the alternative solution would have to be holistic, transparent, and probably by the client teams via the social layer… because, to be blunt, if all the client teams want to do a hard fork then there’s not really anything that anyone else can do about it.

There are many improvements we can make to the governance process, but the priority right now should be to resist the attempted overthrow of emergent consensus as Ethereum’s de facto governance model. A new authority has asserted itself and it needs to be challenged.

Up until the recent EIP 3074 inclusion vote, it was widely understood that improvements to the Ethereum network require reaching broad agreement on changes to the protocol. This “emergent consensus” process was similar in principle to how consensus emerges amongst mathematicians on the validity of new proofs, or scientists on the validity of new theories. It was fail-close.

EIP 3074 was the first time client devs voted on ACD to dismiss the concerns of a broad range of other stakeholders. They did this using the lowest form of legitimacy:

• Legitimacy by brute force: someone convinces everyone that they are powerful enough to impose their will and resisting them will be very hard. This drives most people to submit because each person expects that everyone else will be too scared to resist as well.

They dismissed the objections of Vitalik, the EF’s account abstraction team, and many other ecosystem participants who disagree that EIP 3074 is a good idea on a technical level or that it should be prioritized over features Ethereum needs for censorship resistance such as inclusion lists, which had to be excluded because it is incompatible with EIP 3074. They also dismissed the stakeholders protesting that it is unfair for the client devs to tilt the playing field in the favor of the largest EOA wallet at the expense of developers of other wallets, intent networks, parallel EVMs, etc. Critics that pointed out that almost everyone pushing for EIP 3074 had conflicts of interests were dismissed as conspiracy theorists. The campaigners didn’t disclose their conflict of interests until they were called out and asked directly. They also didn’t abstain from voting on ACD.

The governance process we had 3 years ago rejected a well coordinated campaign to lobby for EIP 3074’s inclusion. Since then we’ve gotten a lot closer to full account abstraction. If it wasn’t a good idea back then, how is it a good idea now? What changed? The ideas didn’t change. There’s still no path from EIP 3074 to account abstraction. It’s still a kludgy insecure mess that puts user funds at risk, gives Metamask an unfair advantage and risks breaking the network. If you’ve seen how the sausage is made, it is hard to escape the impression that what changed was the governance process got more politicized after EIP 3074 campaigners weaponized their influence over an overly centralized client development process.

Also note, that though Ethereum made a lot of progress towards full account abstraction we would have made more progress if not for the active obstruction efforts that started shortly after the EIP 3074 champion moved from Consensys to the contractor maintaining the Geth client.

Client devs don’t have control over governance by default, otherwise they’d be able to rewrite the ledger at will, fork the EF treasury into a DAO under their control, introduce block rewards to fund themselves, etc. There have been previous attempts by duplicitous “core devs” to appeal to the prejudices of client devs to do just that. Nothing prevented them from updating the repos. They failed because those changes were contentious, and it was hard for contentious changes to get the critical mass of legitimacy needed to support a network upgrade.

If client development is overly centralized, it only takes one contractor to prevent the network from changing in ways the contractor doesn’t like (e.g EOF, AA roadmap) by refusing to implement them or just dragging their feet. Centralized development gives a handful of devs the power to essentially veto EIPs, even if there’s a wide base of agreement amongst all the other stakeholders. If they have to sign off on changes, they can stall arbitrary developments, which gives them a lot more power than other participants, including other minority client teams.

Let’s say we we’re not worried about them using this power to negotiate for an ever larger share of public goods funding. Let’s say we are ok with assuming they would be perfectly benevolent, perfectly trustworthy forever. That they could never be bought. Wouldn’t we still be worried about them making honest mistakes and nobody being in a position to check them?

“That which we are permitted to administer we mistakenly believe we own.”