Problem:
I realized that we have been relying on key re-use for DAO voting, which is problematic in a future that has capable quantum computers.
Background:
Elliptic curve cryptography has worked well, it allows us to verify a signed message from a DAO depositor and connect their votes to their deposit.
This is not however a viable solution if we assume there are capable quantum computers (because signing a message will reveal the public key, which can be used with a quantum computer to find the associated private key)
The first quantum-resistant solution for CKB will be SPHINCS+, which is a hash-based signature scheme. A SPHINCS+ private key can only be used once, it can only sign 1 message. This solution will work for DAO deposit/withdrawal, however for DAO voting it will require another solution.
Requirements:
We have what seems to be quite challenging requirements that we should start to get ahead on.
the on-chain treasury should be disbursed by the chain and thus decisions must made by logic running on-chain, based on on-chain information
re-usable signatures (or a scheme that facilitates key rotation) is necessary for voting, as deposits are expected to stay long term, while voting will be ongoing
On-chain voting must account for the lack of a standard lock script, thus standards are needed for the logic in 1) to identify and verify DAO deposits
The on-chain treasury may well be the most powerful feature of CKB on a long time frame, however it is quite the undertaking. I’m glad governance conversations are already ongoing in earnest, we have some exciting work to do!
When I saw that you were the creator of a post with the word ‘problem’ in the title, I immediately wanted to see what you were writing. This certainly does justice to the importance of the topic. The topic also comes up in other distributed ledger discussions. And not just governance, a vital tool for the further development and continuation of the global cryptographic CKB network. But also the importance of research and development in relation to quantum computer-based cryptography. Now that we can assume that Internet traffic is being recorded by powerful governments to be decrypted at a later date, we need to move to future-proof technology as quickly as possible.
In hindsight, I am glad that the current DAO solution has not led to widespread acceptance and euphoria. As a web-based solution, it was visually unattractive to me with a technically old-fashioned touch. If the government of CKB depends entirely on a web-based solution, a piece of the future is stuck in the past. Neuron already has a DAO tab. Could the integration of a Nostr system serve as a solution here? With a simple app for the popular mobile operating systems Android and iOS? These could also use DID and fingerprint or facial recognition for voting. CKB has this option. It should be simple and straightforward and fulfill its purpose, with highly secure and reliable technology as its foundation, as is the tradition with the basis of Nervo’s basic main layer.
the next step will be to move proposal data to the chain so that wallets can present it to users in the friendly way you’re looking for. I know this only accomplishes a portion of what you’re looking for (in comparison to what I laid out in the first post, this is quite an easy task), but it does move us toward a solution that embodies the ethos of the project.
There is a lot of underlying work required before we get here but I do think given some time and interim solutions we can get there.
