Decentralized autonomous corporation
This is the approved revision of this page, as well as being the most recent.
A Decentralized Autonomous Corporation (sometimes referred to as a Fully Automated Business Entity or a Distributed Autonomous Corporation, often abbreviated "FAB" or "DAC") is a decentralized (or distributed) network of narrow-AI autonomous agents which perform an output-maximizing production function and which divides its labor into computationally intractable tasks (which it incentivizes humans to do) and tasks which it performs itself. It can be thought of as a corporation run without any human involvement under the control of an incorruptible set of business rules. These rules are typically implemented as publicly auditable open-source software distributed across the computers of their stakeholders. A human becomes a stakeholder by buying stock in the company or being paid in that stock to provide services for the company. This stock may entitle its owner to a share of the profits of the DAC, participation in its growth, and/or a say in how it is run.
According to Stan Larimer, President of Invictus Innovations, Inc. (a developer of DACs), an open source DAC with its state information kept public has these characteristics:
- They are corporations – they are free and independent persons (but don’t have legal personality).
- They are autonomous – once up to speed, they no longer need (or heed) their creators.
- They are distributed – there are no central points of control or failure that can be attacked.
- They are transparent – their books and business rules are auditable by all.
- They are confidential – customer information is securely (and incorruptibly) protected.
- They are trustworthy – because no interaction with them depends on trust.
- They are fiduciaries – acting solely in their customers’ and shareholders’ interests.
- They are self-regulating – they robotically obey their own rules.
- They are incorruptible – no one can exercise seductive or coercive influence over them.
- They are sovereign – over their digital resources (but don't have legal capacity).
Criticism of terminology
Some of those interested in new models for building successful and massively scalable applications reject the term, arguing that the classification reintroduces legacy hierarchy-based structures with their regulatory and compliance issues, unnecessarily burdening those involved in their development. For example, in their white paper The Emerging Wave of Decentralized Applications, David Johnston, et al, argue that the term "Distributed Autonomous Corporations" shouldn't be used:
It is worth while to note that the authors of this paper agree with many of the concepts proposed by the Invictus authors and the spirit and ethics they [uphold] we embrace wholeheartedly. The point on which we disagree is one of property terminology, “Distributed” and “Autonomous” are great terms, we don’t believe “Corporation” in particular is a desirable term for these entities. One of our primary reservations with using the term is, “Corporation” carries a lot of historical and legal baggage that won’t necessarily best serve the community of developers and entrepreneurs seeking to describe and build these new projects. If you Google the definition of “Corporation” the result is: “a company or group of people authorized to act as a single entity (legally a person) and recognized as such in law.”
In its typical implementation as publicly auditable rules distributed across the computers of the stakeholders, the DAC can be thought of in a neoclassical sense as a production function or production possibilities set, a black box that transforms inputs into outputs. The DAC can be modeled as a single actor, facing a series of mathematical calculations, implicit in the non-self-verifying data, determined by the characteristics of the production function. The reason that the DAC can exist is because market coordination without it fails due to lack of necessary intersubjective points of orientation, that is, lack of so-called Schelling points. The emergence of behavior-coordinating Schelling points is a characteristic of the way that the DAC is coded.
The entrepreneurship of the DAC's development process can be thought of in a Schumpeterian sense as an exceptional occurrence of massive importance. The programmers who develop and launch the DAC are persons who by introducing "new combinations" shake the economy out of its previous equilibrium, starting a process Schumpeter termed creative destruction. This speaks to the tenuous relationship between the developers and the DAC they own or contract with, because Schumpeterian entrepreneurship is sui generis (independent of its environment).
Key architectural principles
- The Black Swan principle: Because of the impossibility of calculating the risks of consequential rare events and predicting their occurrence, an implementation must be based on nonpredictive decision-making under uncertainty, with more upside than downside from random events.
- The Chessmaster principle: In general, an implementation must treat people like pawns in a chess game, patiently moving them into places that often seem harmless or pointless, and getting them to do all the heavy computational lifting. The best implementations will have layers of misdirection and backup plans in case some hacker attempts to defraud them, for instance, causing the attacker to do some work for them in the attempt.
- The Finagle's Law principle: In general, an implementation of a DAC must assume that if there are two or more ways to do something, and one of those ways can result in a catastrophe for the DAC, then someone will choose it. The best implementations rely on low trust protocols and behavior-shaping constraints to protect themselves. (Being merely narrow AI, they cannot make nuanced trust judgments and are potentially easy to scam.)
Layers in the DAC protocol suite
The DAC protocol suite uses encapsulation to provide abstraction of protocols and services. Encapsulation is usually aligned with the division of the protocol suite into layers of general functionality. Viewing layers as providing or consuming a service is a method of abstraction to isolate Services Layer protocols from the details of generating addresses, for example, while the Memory Layer avoids having to know the details of each and every market interaction and its protocol.
This layer provides a market-wide system of interconnected computer networks (the internet). This layer supports the peer-to-peer communications infrastructure that allows the DAC to be distributed and the other layers to interact.
Technologies like Bitcoin have enabled this layer, which has the responsibility of maintaining a balance in some cryptographic money, and sending and receiving transactions. It handles non-self-verifying time data so that a transaction cannot spend money before that money was received and cannot spend money that has already been spent. Technologies like Mastercoin or Ripple provide the distributed, peer-to-peer payment system. This layer depends on the Internetworking layer.
This layer is composed of Type I and Type II decentralized applications, the payment systems being based on the cryptographic money systems with their existing blockchains, having independent protocols and tokens of their own.
This layer maintains persistent state information about the DAC. Generally, a blockchain is used to keep state information public. State information is kept private by using secure multiparty computation with the inputs split up using an algorithm called Shamir's Secret Sharing. This allows the DAC to decentrally:
- self-validate some of its own computation,
- correctly sign transactions, and
- generate addresses
This layer depends on the Internetworking layer.
Data Gathering Layer
This layer handles non-self-verifying data about the real world:
- Demand. Data about what people want.
- Supply. Data about what resources are available to obtain what people want.
This layer provides some kind of resource-democracy mechanism to vote on the correct value of some fact, and ensure that humans are incentivized to provide accurate estimates by depriving everyone whose report does not match the “mainstream view” of the monetary reward. This layer depends on the Economic layer and the Memory layer.
This layer handles allowing humans to modify the DAC so as to future-proof it, e.g. changing APIs and source code. This layer allows DACs to improve themselves by purchasing the services of humans via bilateral hostage contracts, for instance. This layer also allows the DAC to set an upper bound on the losses caused by any malicious collusion.A/B testing can be used to determine if the delivered work is really better than the old one or not, and only releasing the payment if the results of the test are positive. Alternatively, a quorum of dispute mediators can be specified, and they decide if the contract was met or not. This layer depends on the Economic layer and the Memory layer.
This layer interacts with the world using multiparty-signed API requests in a decentralized way. This may include APIs that allow for renting server capacity and then remotely controlling that server, for example, or the ability to post human-readable contracts to freelancer forums or the Mechanical Turk. DACs can expose their services to humans (or other DACs) by selecting a name and then registering it with Namecoin. Using DNS hierarchies and Namecoin together allows interested parties to monitor for new agents coming online: the act of registering a name under a particular part of the tree automatically advertises its existence. This layer depends on the Economic layer, the Memory layer, and the Data Gathering layer.
This layer is composed of Type III Decentralized Applications, having their own independent protocols and tokens.
This layer runs the artificial intelligence algorithm that the DAC relies on to detect patterns in real-world data and model it without human intervention. This allows the DAC to create sell-able value fast enough to keep up with its own resource demands in the marketplace of humans. This layer depends on the Economic layer, the Memory layer and the Data Gathering layer.
Making a fine-grained evaluation of an individual human employee is likely impossible. The best solution is likely to simply use monetary incentives to direct people’s actions on a coarse level, and then let the community self-organize to make the fine-grained adjustments. The extent to which a DAC targets a community for investment and participation, rather than discrete individuals, is the choice of its original developers. On the one hand, targeting a community can allow your human support to work together to solve problems in large groups. On the other hand, keeping everyone separate prevents collusion, and in that way reduces the likelihood of a hostile takeover.
A hostile takeover of a DAC handling money means that the attacker gains the ability to drain the DAC’s entire wallet. Countering hostile takeovers requires certain economic measures to establish consensus:
- Proof of work is used to deter denial of service attacks by requiring some work from the service requester that is moderately hard (but feasible) on the requester side but easy to check for the service provider. This is commonly referred to as "mining".
- Proof of stake is used to deter other service abuses such as a Sybil attack.
Another counter-measure might simply be to allow the decentralized corporation to have shareholders, so that shareholders get some kind of special voting privileges, along with the right to a share of the profits, in exchange for investing. (Shareholders benefit if the price goes up, so shareholders are encouraged to do things that increase the price.) This would incentivize the shareholders to protect their investment.
A hostile takeover could be accomplished by a successful Sybil attack, say through a botnet, overwhelming the resource-democracy mechanism by controlling over half of the servers in the network.
Requiring each participating node to show proof that it controls some moderately large amount of crypto-currency would prevent this kind of attack. Then implementing a hostile takeover would require more resources than all of the legitimate nodes committed together. The moderately large amount of crypto-currency could even be moved to a multisignature address partially controlled by the network as a surety bond, both discouraging nodes from cheating and giving their owners a great incentive to act and even get together to keep the corporation alive.
There are three major categories of industries where DACs will be able to survive on their own merits and provide genuine value to society: natural monopolies, illegal entities, and entities of extremely low profitability.
A natural monopoly is a monopoly in an industry in which it is most efficient (involving the lowest long-run average cost) for production to be concentrated in a single firm: software protocols, languages and to some extent social networks and currencies. A DAC can theoretically be designed so that no one involved in the price-setting mechanism has an incentive to fix prices over market rates. More generally, DACs can be made invulnerable to corruption in ways unimaginable in human-controlled system, although great care would certainly need to be taken not to introduce other vulnerabilities instead.
- Crop insurance
- Identity Corp, a corporation whose sole purpose is to create cryptographically secure identity documents for individuals that they could sign messages with, and are linked to individuals’ physical identities.
- Social network - Monetizable Diaspora
- StorJ, a simple drop-box style file service with pay per use via bitcoin (and perhaps with naming provided via namecoin and/or tor hidden services). StorJ isn't smart enough to judge bad proposals on its own — instead it forms agreements that make it unprofitable to cheat.
- Weather network
- Bitcoin itself and all of Bitcoin forks/Altcurrencies
- Colored Coins are working on defining themselves as a DAC
- Mastercoin, a DAC replacement for Forex, Shares, and much more. Later evolved into a ProtoShares competitor.
- Mitosys - a DAC replacement for Bit-Message
- ProtoShares, a meta DAC with the purpose of provding infrastructure for other DACs. It is composed of
- BitShares, a competitor to Mastercoin (with a much more limited feature set)
- DomainShares, a DAC replacement for Namecoin
- Keyhotee, a DAC replacement for OpenID
- The Ripple protocol
- blackbox is a Bitcoin-enabled, decentralized cloud that uses TradeNet
Because of a combination of the DAC's incorruptible nature and the explosive growth in regulations, services that violate government laws and regulations are unavoidable. But their decentralized nature makes it extremely difficult to prevent them from taking over illegal markets. As Satoshi Nakamoto said, "Governments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own".
- Decentralized file-sharing networks for copyright infringement
- A captcha-cracker, that requires CPU. People pay for the Captchas to be cracked and the DAC provides some kind of API for people to offer their CPU and hosting of the software, if they do so, they get bitcoins. Putting this up online, with some marketing, the software should survive on its own as long as there are captchas that needs to be cracked.
Entities of Extremely Low Profitability
Finally, there are those cases where a decentralized network can simply maintain itself more efficiently and provides better services than any centralized alternative.
- The peer-to-peer network used by Blizzard to distribute updates to its massively multiplayer online game World of Warcraft
Examples in literature
- In Daniel Suarez's techno-thriller, Daemon, a collection of sophisticated computer programs have been left sitting passive on machines scatted around the Internet until one of them reads the programmer's obituary, which sends triggers to other systems which activate a number of other distributed processes, awakening the DAC.