Thanks, Wisconsin. 
Jesse…would there be some reason those neurons couldn’t register with the whitelist system? The goal here would be the ability to monitor and ensure that these neurons weren’t masquerading as a market in disguise. I’d imagine generally the canister won’t be changing the controller very often which is what we’d want to monitor.
If the whitelist system has a way for neurons to register programmatically and permissionlessly from within a canister, then it wouldn’t be an issue.
otherwise, if each Personal DAO (or worse, each Neuron of each Personal DAO) has to be recognized by the registry system after some sort of registration process that requires a persons to interactively undergo said process, it would make it virtually impossible for me to carry out the Personal DAO business model since each DAO would have to have someone to undergo that process before its DAO-controlled neurons can exist.
It seems to be a long list of arguments, not just because of that. It could be de-risked further by slashing only canisters’ neurons. Also, the NNS is not Coinbase. I think there are a few L1s with slashing that are not labeled as security (Ethereum, Polkadot?).
The NNS wouldn’t be subject to any regulatory enforcement actions, but any services built on top of the NNS that offer staking without being sufficiently decentralized would be.
I certainly would prefer some kind of programmatic and optimistic set up for this.
I think my point is that there is always a “slashing” version that’s lighter than the original proposal. Perhaps lazy restriction is a better name.
Some options that can be combined:
So, for instance, staking services could always vote in safe mode. However, there are always more choices at the canister/individual level to maximize voting power and achieve the highest degree of safety.
Thanks @bjoernek. We support to start with the straightforward first step and evaluate the need for more complexity as the ecosystem evolves.
Hi all,
Thank you for all the additional feedback! It seems we are largely in agreement, as per the summary above. We could decide the specific actions to be taken if the proportion of canister-controlled neurons becomes too high at a later time, using the ideas shared in this thread.
Following up on the materiality aspect, we could define a materiality threshold upfront. For instance, we could suggest to implement mitigation measures for neuron control if the percentage of canister-controlled neurons exceeds 10% or 20%.
I will aim to share a draft of the motion proposal by next week.
Hi all,
wrapping up the discussion on neuron control restrictions, here is the suggested text for the motion proposal, which I intend to submit next week
The Internet Computer Protocol prevents canisters from directly controlling neurons, a measure intended to block neuron sales and ensure long-term thinking in voting behavior. However, these restrictions can be circumvented by a canister using threshold ECDSA (tECDSA) and HTTP outcalls. This suggests a need to reconsider the restrictions and their effectiveness.
This proposal recommends lifting restrictions on canister neuron control in the NNS and monitoring their materiality through newly developed metrics. A threshold is set to initiate mitigation measures if canister-controlled neurons exceed 10% of total voting power , except for those controlled by DAOs. Additional measures to disincentive neuron transfers will be considered and implemented if this threshold is reached, balancing security enhancements with user complexity and implementation effort.
Restrictions on Neuron Control
In the ICP network, neurons are decision-making entities created through the staking of ICP tokens. These neurons participate in governance by voting on proposals. To promote long-term decision-making, users are incentivized to stake their tokens for several years. Additionally, control over neurons is deliberately restricted: Currently only so-called self-authenticating principals can be set as the controller of a neuron. A self-authenticating principal is an entity that utilizes its own cryptographic key pair (consisting of a private and a public key) to authenticate itself; the idea being that control over the underlying private key cannot be transferred without full trust. For example, a user relying on Internet Identity, Quill or a Ledger hardware wallet is of this kind. Canisters, which do not possess self-authenticating principals, are therefore excluded from directly controlling neurons.
Reason for the Restrictions on Neuron Control
The restriction is based on the requirement that neurons should not be sold - when canisters can control neurons directly, one can sell a neuron by selling the canister that controls it. It is considered important for neurons to be non-transferable/no-sellable because
Circumventing Restrictions on Neuron Control
Despite these safeguards, there are a few ways to bypass the restrictions on neuron control:
Furthermore, it is also possible to control a neuron via an Internet Identity (II) and sell the II.
Given that the restriction for canisters to not control neurons can be circumvented relatively easily, it should be considered to drop that restriction. This was suggested by several ICP community members already. Lifting that restriction would bring the following benefits
A key point discussed in the forum is the issue of materiality: As long as only a small number of neurons are controlled by canisters or through II, this does not significantly impact long-term voting behavior of the NNS overall.
Acknowledging the potential for circumvention of the current mechanism, it is recommended to lift the restrictions on canister neuron control while monitoring the materiality of canister-controlled neurons, via the following steps:
Hi @bjoernek thank you for the update. I think it’s great that DF is moving forward with this proposal.
I do have a couple questions about this part:
When you write it in the proposal this way it sounds like, by adopting this proposal, we are agreeing to go ahead and implement some mitigation measure when the threshold is exceeded. Was that the intent? If so, it seems like we’re writing a blank check to implement whatever mitigations you choose.
What qualifies as a DAO in this context? Is is strictly NNS approved SNS’? Seems like something that needs clarification.
Thank you!
Thank you for the questions @LightningLad91! Let me try to clarify:
The intention of this sentence is: Mitigation will be triggered, but the precise kind of mitigation measure will be defined later on. I think we can build on the ideas in this thread, but this will require a separate syndication and also a motion proposal. Let me add a sentence to make this point more clear. In the next bullet I have enhanced the sentence “The specifics of these mitigation measures can be determined as the situation evolves” by “and will be subject to a separate motion proposal.”
Good question. These could be SNS DAOs but also other DAOs on ICP. Important is that these DAOs are truly decentralized and not controlled by a single entity.
Thanks @bjoernek I appreciate the quick response!
I’m still confused what happens in this case if there are no mitigations approved. Would the triggered event result in no action being taken until an approved mitigation is implemented?
I’m going to be “that guy” for a second and ask what DF considers to be “truly decentralized”. I think that is very subjective. Would it be better to say that a canister can request an exemption that is subject to NNS approval? This way, we just leave it up to stakeholders to use their best judgement.
Edit: Thinking about this a bit more; I do like the idea of having this exemption be something that can be granted and revoked by the NNS on a case by case basis. We really don’t know how the IC is going to evolve and specifying a DAO seems way too restrictive.
Short answer: Yes, if you’re referring only to the final implementation as the action.
Long answer: The term “actions” can be interpreted broadly. In this context, it includes restarting discussions on this topic in the forum and developing concrete implementation proposals. However, actual implementation and the release of any mitigation measures, such as reducing rewards for transferable neurons, would require governance approval. Important is to note, that we already formulate the intent that something should be done once canister-controlled neurons become material.
Does this clarify things for you?
I agree that defining the exact scope of DAOs eligible for exemption is not clear-cut. However, implementing a formal NNS approval process at this stage, when we are primarily monitoring materiality without knowing how close we will get to the threshold, may be unnecessarily heavy as process.
Initially, I suggest a simpler approach: automatically include all SNS DAOs (except Dragginzs) and consider other DAOs upon request, without requiring NNS approval. This setup allows us to start broadly and refine our criteria as we approach the threshold. Would that make sense to you?
That’s fair. Here’s what I understand based on your explanation.
Please let me know if that isn’t correct.
Yes that is a fair summary!
Can you clarify, does the scope of this proposal also include the approval to create an initial list of exemptions? I was under the impression that we were discussing potential activities for the future.
What does this mean? If the request isn’t submitted to the NNS then who would be responsible for reviewing and approving the request?
I think there is a substantial implicit demand of action implicit to this. Think ‘We’re going to go with ecdsa signing until it becomes evident that quantum computers are near to cracking it.’ If you don’t act in that situation you’re ceding the security of the network to eventual oblivion. Maybe that isn’t quite the case here, but I’d say given enough time you absolutely will encounter a situation where someone attempts to manipulate governance via a canister-controlled scheme.
Copy. I agree this is implicit. I was more so concerned about the expected behavior of the NNS as a system in the event we exceed the threshold before any mitigation measures are implemented.
I would probably leave out this last sentence due to all the previous discussion, so as not to bias any future continuation of the discussion.