Proposal: Host the SNS at an alternative domain to avoid existential risk to existing NNS stakes.
The following thread is meant to discuss a possible proposal for how to host the SNS user interface due to possible existential threats. I had a very nice dinner with some of the engineers and I discussed my concerns about the upcoming SNS integrations. There was no violent disagreement with my concerns, so I figured I’d throw this out for broader discussions. I’m happy to be talked out of my concerns or to find an explanation as to why these concerns are not as significant as I think they are, but I think we should talk through them before we find ourselves with a Luna Protocol running on the SNS facing serious regulatory or legal issues.
Schedule:
July 2nd - Dissuasion on the forums
July 6th - Edited Proposal and proposal funding.
July X - Proposal
Reason for the proposal:
The NNS uses internet identity to identify a user’s principal. That principal is tied to the domain name. If the NNS.ic0.app domain name was to be blocked by regulatory authorities or forced to be blocked by boundary nodes via legal threat, users would lose access to their funds. Adding access to SNS tokens to the NNS site exposes existing users to the actions taken by SNS daos which are unpredictable and of much higher volatility than decisions on the NNS due to the potentially smaller focus, distribution, and niche of the individual daos.
Current proposal text(pending discussion) - The SNS interface should be hosted at an alternative URL than NNS.ic0.app due to
Existential threat. The SNS UI should be hosted at SNS.ic0.app.
Justification:
The SNS can bring a powerful new model of dao and app financing to the IC. For all the good that will likely be generated, the platform is not without risks. Once an SNS protocol is approved it will be joined at the hip with the NNS and the entire system will be affected by unpredictable moves inside those daos.
Apologies to the named platforms here, but I felt concrete examples worked better. The following is just fantasy and should not be considered any kind of criticism of the amazing work these platforms are doing.
Scenario 1: Openchat is added to the SNS via a public vote. The code and contracts are verified. There is great rejoicing. An unknown group in Russia creates a lottery bot on openchat and begins running lotteries and marketing to Swiss citizens. The open chat SNS opens a vote to censor the bot and it fails due to anti-censorship bias in the token holders. The Swiss government votes to block the openchat domain name. Because openchat tile holders are profiting from the activities of open chat they also decide to block the access of token holders’ funds. The most direct way of doing so is to block NNS.ic0.app. Swiss citizens can no longer access the NNS(without a VPN).
Scenario 2: Dscvr issues a governance token in the SNS. A user created a channel devoted to helping assist women in need of proper medical care get to states in the US or nations that provide that care. Some procedures are made illegal in the US and a conservative activist government begins enforcing and shutting down sites that help provide access. The dscvr dao votes to leave the portal up due to the will of the token holders. The US government targets both dscvr itself and its funding mechanism tied to the NNS. US citizens lose access to NNS.ic0.app and can no longer get their principle validated(even if the app pops up at an alternative URL your principal would be different due to how the II works).
These are just two possible examples of how SNS daos will begin to make decisions, both on moral and financial grounds, that will affect other systems in the ecosystem and many of these effects are in the governance not in the code, so they can not be reviewed or predicted before adding the token.
Reason for this solution: hosting at an alternative URL gives existing users a choice as to the exposure they would like. Possibly a negative black swan will not appear, but it is difficult to say that the risk exposure doesn’t drastically change when more tokens are added to the NNS. The NNS “feels” like an official DFINITY site and even if it is managed as a dao, blowback against the NNS could be perceived by an uninformed press as negative ICP news.
Negative: Current accounts at NNS.ic0.app would need to send ICP to accounts at SNS.ic0.app to interact with SNS tokens. May affect useability.
Alternative proposals:
- Delegate SNS hosting to a 3rd party and host it at an alternative domain via icx proxy. Reason: this further insulates the ic0.app domain name from regulatory and legal threats. It also limits exposure. Perhaps host the SNS ui at supernova.com now that the hackathon is over. Possibly found a 3rd party shell company in the bvi to own/run the icx proxy to complicate regulation.
- Punt a while down the road and require all NNS-connected SNS connected tokens to run in application mode for several months. Pro: safer Con: less usable