Skip to content

Instantly share code, notes, and snippets.

Last active March 2, 2021 22:39
Show Gist options
  • Save MicahZoltu/90484179145e3cd23da2b52343dbbd18 to your computer and use it in GitHub Desktop.
Save MicahZoltu/90484179145e3cd23da2b52343dbbd18 to your computer and use it in GitHub Desktop.
Trusted Anonymous DAO

Trusted Anonymous DAO

The goal of this process is to create a DAO that the public can weakly trust, while protecting DAO participants from wrench attacks by someone looking to takeover the DAO.


  1. A secret is given out to n publicly trusted individuals.
  2. The individual's with secrets are instructed to secretly nominate one person they trust to participate in the DAO.
  3. The nominated individuals all sign the secret and publish the signature plus the address they signed with publicly (and anonymously).
    1. Nominated individuals should accept multiple nominations if offered, and not tell anyone they were nominated multiple times.
    2. Nominated individuals are strongly encouraged to participate, but they should not inform their nominator if they fail to participate.
  4. After a pre-defined amount of time has passed, all valid signatures (verifiable by anyone who has seen the secret) are collected and the trusted individuals all assert that:
    1. They agree that the published list includes all valid addresses.
    2. Their nominee has asserted to them that "if I submitted an address, it has shown up in the valid list".
  5. m addresses are removed from the list via some random game (e.g., commit reveal).
  6. Whichever nominee had their address removed MUST anonymously publishes their private key.
  7. Everyone on the internet claims to have been nominated, but also claims they were randomly selected out.
  8. Someone who was not nominated funds all of the nominated addresses with gas money (so the addresses can remain fully detached).

If any step above fails, start the game over again.


  • The second degree trust network (nominees) gives the public a certain amount of trust that the system is being operated by people who are probably "good people", because their first degree trust connections said so.
  • Actual signers have plausible deniability as they can claim to either never have been nominated or can claim that they were nominated but selected out.
  • Trusted public figures have plausible deniability because they can claim to have nominated someone other than themselves, or can claim that they were randomly selected out.
  • By publicizing the private key of the selected out participants, anyone can prove that they joined the pool with that address, since even if compelled to "produce the private key you signed up with" they can produce a private key that was part of the pool.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment