Vote Buying as a Service, LobbyFi and DarkDAOs
Vote buying as a service in a trustless & transparent manner has finally arrived....
There is an interesting line of work in cryptocurrencies focused on how blockchains can enforce, in a trust-free manner, the ability to bribe others to perform a certain action.
Several years ago, I studied how smart contracts can enable bribery of miners to undermine Nakamoto Consensus. More recently, researchers have proposed DarkDAOs (alongside proof of concept implementations) that allow tokenholders to sell their votes to the highest bidder in a privacy preserving and trustless manner.
I assumed that vote-buying-as-a-service was still within the realm of academic interest and it was not likely to emerge any time soon.
I was wrong.
Crypto is funny sometimes. If something is technically possible, regardless of its morality, then sooner or later, a team will raise VC funds and deploy it at scale.
Let’s take this opportunity to cover some background on DAOs which includes voters, the voting system, and delegation before diving into the main topic.
Decentralised Autonomous Organisation (DAO)
The primary aim of a DAO is to bring together a group of stakeholders who are united by a common objective and empower them to work as a collective to tackle it.
The core function of a DAO is decision making — empowering the community to collaboratively make choices they believe will achieve their long-term objectives.
DAOs tend to have an open forum for communication amongst the community. Stakeholders include token holders, contributors, full-time employees, vendors, and anyone interested in joining the collective effort.
A large focus for a DAO is the passage of proposals. Anyone can propose a proposal, there is a feedback loop to revise the proposal, and eventually the proposal can be voted on by the DAO to decide whether to approve or reject it. If a proposal passes, then the community should execute on it, carrying out the necessary and agreed actions.
Any community with actionable decisions that require collective voting can form a DAO to coordinate the decision making process. Several examples include venture initiatives (buying the US constitution), ecosystem growth (ArbitrumDAO) and social (football fans).
Voters & Voting Weight
Collective decision making in DAOs relies on a voting protocol and voters who will cast their vote.
Voters are identified through their possession of tokens which confirms their eligibility to vote and their voting power.
There are several variants, but the most popular include:
Token-weighted. Voters must hold specific tokens and it is typical that 1 token represents 1 vote.
The ARB token represents voting power in the ArbitrumDAO.
Proof of personhood. A voter’s identity is verified by a third party identity service and they are linked to a token (like an NFT) that represents their voting rights.
Citizen’s house in Optimism. Citizens must prove their personhood to the OP Foundation before they are permitted to join.
This article is focused on token-weighted voting, but the principles discussed are applicable to any system that ultimately authenticates voters and determines voting power via possession of tokens.
Voting System
A voting smart contract can be implemented to enable collective decision making. If a proposal is passed by the DAO, then the smart contracts should have direct access to an on-chain treasury or the authority to upgrade the system. This ensures all actions authorised by the DAO are performed transparently and autonomously without the need for centralised control.
Voting privacy. All votes and the running tally are public. To date, it has proven difficult to implement private voting without the introduction of an off-chain tallying authority.
Proposals fall into a few key categories:
Funding request. Request funds from the on-chain treasury to run an initiative on behalf of the DAO.
Software upgrade. Proposals with bytecode that will update the on-chain smart contracts for the project.
Informational. Seek consensus on specific pieces of information relevant to the DAO. Agreements are important for governance and operation of the DAO, but they may not always result in a meaningful on-chain action.
Of course, all DAOs are not the same and the final implementation of the voting protocol may significantly differ to what is described above. The main premise is that on-chain smart contracts can enforce the voting protocol and ultimately govern the treasury and project’s code.
Popular implementations include the OpenZeppelin contracts and Aragon voting suite. As well, two popular user interfaces include Tally and Agora.
Delegation & Delegates
Voter apathy is common in all voting systems, stemming from various reasons such as a lack of time to review proposals, prioritising other tasks, or simply lack of interest to participate.
Delegation is one solution to combat this issue. It allows a token holder to assign their voting power to a voter who can vote on their behalf. The practice is widespread. For example, in the ArbitrumDAO, about ~9,311 accounts have delegated their voting power to L2Beat who have amassed over ~18 million votes.
We call voters like L2Beat, delegates, as their voting power is largely derived from other tokenholders.
The current system, in many DAOs, only allow a token holder to delegate to a single delegate. However, a potential future enhancement could enable token holders to delegate to multiple delegates based on their expertise and the specific nature of the proposal. For example, a voter may delegate to L2Beat for technical matters and Coinflip for decisions concerning the ecosystem.
Stepping back — DAOs implement a form of liquid democracy — as token holders can decide to cast their vote (direct democracy) or delegate their voting power to others (representative democracy) while retaining the right to reclaim their voting power at any time.
Note, delegation was apparently implemented because of high gas fees on Ethereum, and not necessarily due to voter apathy.
Voter & Delegate Incentives
This brings us to financial incentives for token holders and delegates.
Why should a token holder participate as a voter?
The motivation for a token holder to participate hinges on the nature of the DAO. Generally, the financial incentives of the token holder should align with the DAO’s long-term goals. If the DAO is successful, then so are the token holders, as their success is mutually dependent.
Is it advisable for a token holder to delegate their vote?
For token holders, who lack the time or expertise to participate in governance, then it should be in their interest to delegate their vote to someone, who in their view, possesses the necessary skills and knowledge to assess proposals and vote with the DAO’s long-term prosperity in mind.
Why do delegates participate, especially if they are not token holders?
Delegates might participate for several reasons: gain influence and power within the DAO, curiosity and interest to participate in such an open governance forum, and potential financial benefits such as receiving a monthly stipend or rewards from successful proposals.
In the answers above I deliberately used “should be” because these assertions are not definitively proven; they rely on conventional wisdom, empirical observations and a little bit of wishful thinking.
Looking ahead, we will discuss how vote-buying-as-a-service can disrupt the existing incentive structures for participants.
Additionally, I believe there is a fundamental issue with delegates who lack skin in the game, i.e., delegates with no token holdings, as there is no direct consequences for their voting decisions and I’d argue this results in a laissez-faire attitude for financial aspects of a proposal. This is a blog for another day 😊
An in-depth study of incentives for participation using empirical evidence from DAOs would be very interesting.
LobbyFi - Vote Buying as a Service
Vote buying as a service has emerged in the world of DAOs.
LobbyFi, a venture funded startup, has deployed a suite of smart contracts designed to facilitate vote buying for any DAO proposal.
It is straight forward to use too.
Any token holder can delegate their coins to the smart contract and the votes will be sold to the highest bidder for any DAO proposal.
Lobbyfi has acquired ~20 million votes from a single large token holder to explore the idea of democratising lobbying within the ArbitrumDAO.
Types of Vote Buying
We use LobbyFi as the example since they have a live service, but generally speaking, any vote-buying-as-a-service will likely offer the ability to participate in an auction or to instantly buy the votes.
Auctions. The vote buying smart contract can run an auction to allow anyone to bid and purchase the votes. In the case of LobbyFi, vote buyers can place a bid for options like FOR or AGAINST. Multiple vote buyers can work together as all bids are accumulative. For example, 3 people may bid ‘FOR’ and 2 people bid ‘AGAINST’.
The auction will remain live until a predetermined deadline and after this point the smart contract will cast a vote for the option that has attracted the highest total bids. Funds from the winning bid are distributed among the token holders (who sold their vote) while losing bids are returned to the bidders.
Additionally, a reserve price can be set to establish a minimum bid, ensuring there is a financial cost to win the auction.
Instant Buy. A fixed price can be set to purchase the votes. If the buyer pays the price, then the smart contract will instantly cast the intended vote. Unlike the auction mechanism, price discovery relies on a third party like LobbyFi to decide what the price should be.
To date, LobbyFi has published the rationale behind the fixed price for an instant buy option. There are several potential methodologies for computing the fixed price depending on the proposal at hand.
Keep in mind, a proposal may have multiple possible options beyond simply ‘for’ or ‘against’, which is reflected in LobbyFi’s implementation too.
Quick Look at LobbyFi Data
LobbyFi has been operational in the ArbitrumDAO since July 2024 and votes could be purchased for ~75 proposals including when voting power dropped from ~800k to ~92k ARB for 2 proposals.
First 7 months (July to January):
~800k votes for sale in ~67 proposals,
17 successful auctions,
Highest winning bid of 0.003 ETH (~$8),
Majority winning bids at 0.001 ETH (~$3),
21 successful instant buys,
Largest buy at 0.1 ETH ($300) for Questbook Domain Elections [1,2].
Vote for “New Protocols and Ideas allocator” failed as LobbyFi did not encrypt the vote in line with Snapshot’s shielded voting.
Vote for “Dev Tooling on One and Stylus allocator” succeeded and it was cast for andreiv.
All other instant buys purchased at 0.001 ETH ($3) or below.
Past month (February):
~21m votes for sale in ~6 proposals,
3 successful auctions
Winning bids of 0.002 ETH, 0.005 ETH, 0.0064 ETH (~$15),
More competitive with ~9 bids in latest auction.
No successful instant buys
Reason: Significantly higher purchase price at 18.85 ETH, 1.7 ETH, 7.5 ETH, 2.5 ETH, 0.5 ETH.
There are other notable observations.
Instant Buy Pricing Experiments. LobbyFi has experimented with setting the instant buy price as consistently 0.1 ETH, then a mixture of values from 0.00001 ETH to 0.1 ETH, and then more recently with significantly larger values like 18.85 ETH.
No Reserve Price Until Recently. Nearly all auctions have had a negligible reserve price, although since receiving a 20m delegation, the reserve price is now being set. For example, a recent auction, with several bids, failed as the reserve price was set at 1.35 ETH.
Inconsistent Instant Buy Pricing. The DAO ran an election for each ARDC member (at the same time) and the instant buy option was different for one election.
Supervisory Council - 0.001 ETH,
Risk Member - 0.001 ETH,
Security Member - 0.00001 ETH,
Research Election - 0.001 ETH,
One Lucky Buyer. 1 person was consistently buying ~800k votes between October and December for 0.001 ETH ($3) for each proposal.
0xf568a8DeDe42a85372bD3adfC450022Eb40C094E
No Impact (Yet). LobbyFi has not swung the final result for any DAO proposal.
LobbyFi appears to still be in its infancy.
It is experimenting with different parameters around Instant Buy and the Auction’s reserve price. They are still fixing bugs that prevented votes from being cast properly which has happened on several occasions for shielded voting on Snapshot.
Vote buying is not yet competitive and nearly all proposals (except two) failed to garner more than $20 from buyers per proposal.
Over the coming months, I’d expect to see a change in participation on LobbyFi. They have acquired ~20 million votes and they are the largest delegate in the ArbitrumDAO. This voting power can potentially swing the result of a proposal and we should not be surprised to see this happen soon.
I took time to scrape the LobbyFi data to glean the above information. There may be mistakes and it may also be incomplete. If you find any missing or incorrect data, please do let me know!
Evaluating Payoffs for Vote Buying
Although implementing vote-buying-as-a-service is indeed feasible, it is still worth assessing whether there is a positive payoff for parties to engage in the activity with non-trivial funds.
We will make the following assumption:
Swing vote only. A party will only participate and buy votes via the service if it will swing the outcome of the vote in the buyer’s favour and achieve the desired result.
The motivation for the assumption is simple. If buying the vote does not impact the final tally, then there is no financial incentive for any party to purchase the vote as the end-result will be the same. This is the case in DAOs as the running tally is public and the buyer can objectively evaluate whether the purchase will make a meaningful impact.
If the vote is private (like shielded voting), then the swing vote only assumption does not necessarily hold. The buyer will need to determine whether it is worth ‘taking the risk’ to purchase the vote.
With the above in mind, we’ll will use this opportunity to assess who benefits from a proposal and which parties are likely to participate in vote buying.
Case 1: Proposal with no financial benefit to any party.
For example, the proposal may focus on a software upgrade to the wider project and there is no movement of funds from the treasury.
There is no risk-free or positive payoff for a party to purchase the vote.
There may still be reasons for a party to buy a vote for other indirect benefits, but generally, it will cost them financially to purchase the votes and the funds will not be recouped from the proposal.
Case 2: Proposal only financially benefits a single party.
For example, the proposal will pay a single party $$ to run a service for the DAO.
It is “risk-free” for the single party to purchase votes, swing the vote, and guarantee the proposal passes. The reason is that they can recoup the cost of purchasing the vote from the payment received through the proposal.If the party stands to receive X from the proposal, then may be willing to spend up to Y (where Y < X) to ensure it passes, resulting in a net profit of (X-Y).
Conversely, others have no financial incentive to buy the votes and take the opposite position against the proposal as there is no positive payoff. If someone were to spend Y and reject it, they would incur a strict loss of Y, as there is no way to recoup the cost.This suggests that auctions are ineffective for proposals that primarily benefit a single party as there is no natural counterparty to bid against them. An instant buy option can be priced strategically to attract the only party with a financial incentive to purchase it.
Case 3: Proposal benefits at least 1 out of N parties.
For example, the proposal may offer a grant to a single service provider, but the DAO can only pick 1 out of 5 service providers to receive the funds and carry out the work.
There is a financial incentive for all five service providers to purchase votes and sway the final decision in their favour. For example, if there is an auction to purchase the votes, then all five parties might be willing to pay up to X, where X represents the total payout the winner will receive.
In the case of LobbyFi, only the winner of the auction will pay, meaning there is no negative financial outcome for any participant assuming they only vote for themselves.
We oversimplify the statement that a buyer may be willing to pay up to X assuming they receive X from the proposal. There will be a cost ε that party may need to pay to execute the proposal and as such they may only be willing to pay up to X - ε.
Why Will Token Holders Delegate to the Service?
Conventional wisdom for DAOs is that a token holder’s financial interest should be tied to the DAO’s success and they should be inclined to support delegates who will actively vote and make good decisions on their behalf.
Vote-buying-as-a-service challenges conventional wisdom. There is now an “opportunity” for token holders to earn “yield” by selling their votes to the highest bidder.
There are a few cases when it might make sense for a token holder to earn a yield by selling their vote:
Short-term holder. Impact of a decision made by the DAO may not be felt for months or even years later. By that time, the party may no longer hold the tokens.
Apathetic holder. Token holder does not believe that decisions by the DAO will have an impact on the long term and they can make a short-term profit by renting their votes.
Mutually beneficial. Token holder has no interest in the proposal, but buyer has a strong financial interest, so buying the token holder’s vote can financially benefit both parties.
Better decision making. The token holder may not be convinced the delegates are good at making decisions and the act of selling their votes may lead to better decision making.
Additionally, there is a concept known as quadratic voting, where a voter can purchase votes and the price of every vote goes up quadratically in cost. It allows a voter to demonstrate the intensity of their preference and potentially leads to more requitable outcomes for minorities.
However, the model of vote-buying-as-a-service does not align with this framework, as it allows votes to be purchased at much lower costs.
With the above in mind, vote buying seems like a Tragedy of the Commons, where token holders pursue their own self-interest for short term gains over working as a collective — particularly if they believe their voting power has minimum impact and isn’t crucial in determining the outcome of a vote.
Is Vote Buying an Attack on Governance?
The immediate reaction from many people will be that vote-buying-as-a-service is an attack on governance and must be stopped at all costs.
However, before labelling it an “attack”, we must first define how the voting system is intended to work and whether vote buying undermines or violates it.
In traditional voting systems (e.g., government elections), the principle is “one person one vote.” Vote buying is considered an attack because it allows individuals to purchase additional votes and cast more than their single allocated vote.
In token-weighted voting, the key principle is “one token one vote”. Since each token has financial value, voting power is tied to capital. For instance, if a token is priced at $1 and a person buys 100 tokens, then they acquire $100 in voting power.
A DAO’s voting integrity should reflect the capital cost of all votable tokens at the time of the vote. This principle ensures the security of a DAO can be quantified financially.
ArbitrumDAO Case Study. Around ~210m votes were cast for the BoLD proposal and it remains the proposal with the most voting activity to date. To dominate the voting protocol and ensure victory in every vote, an attacker will need to secure more than 50% of all active votes, which amounts to just over ~210m votes. With the token priced at ~40 cents, an attack needs to spend more than $84m to acquire the necessary votes.
Vote-buying-as-a-service, along with other methods of renting voting power, alters the intended security model.
If an attacker can temporarily rent the same amount of voting power for lower cost, say $1 for every $100 worth of votes, the perceived financial security of the DAO is undermined.
Instead of governance security being tied to the capital cost to acquire votes, it becomes dependent on the cost and availability of renting votes.
This is not indifferent to proof of work blockchains whose security can also be undermined by renting hash-rate. Many networks like Bitcoin are secure against rental attacks simply because it is infeasible to rent the quantity of hash rate to attack the network. Others, like Ethereum Classic, were not as lucky.
Returning to the question: Is vote-buying an attack on the voting system?
Yes, it is.
Yet, following our discussion, one could also argue that delegation itself is an attack — since delegates receive voting power for free from token holders.
For a voting system that includes delegation, we must recognise a third security attribute:
One token, one vote (Measurable)
Voting power represents the capital cost of tokens (Measurable)
Intentionality of delegation (Subjective)
The first two attributes are objective and measurable, while intention of delegation is subjective.
We may argue that a secure system relies on token holders delegating to voters who are likely to make wise decisions, but this cannot be enforced by the smart contracts without substantial changes like creating a curated and centrally approved list of delegates who are the only parties allowed to vote.
Security will ultimately rely on choices made by token holders in regards to delegations, but it can only be influenced via the social layer of a DAO.
At this point, we must acknowledge that token holders will sell their voting power to others. This can be facilitated through vote-buying-as-a-service, lending markets, DarkDAOs, or even ‘kick-backs’ to delegators based on earnings from the DAO.
Even if smart contracts disabled delegation, it can be implemented using TEEs via DarkDAOs, which is even more problematic as it removes transparency and makes it more difficult to detect vote buying.
Let me be clear — renting voting power poses a real threat to DAO governance and voting — it undermines the financial cost to acquire votes and, in my view, does not lead to the collective making better decisions.
If this practice becomes widespread, we may need to treat it like Miner Extractable Value (MEV) with a deliberate strategy to minimise any advantage of vote buying and to increase the cost of renting voting power to swing a vote’s outcome.
Of course, we may get lucky, as Bitcoin did, where the amount of rentable voting power remains negligible. So the threat always exists in theory, but it practically unexploitable. However, we should not assume we will be as fortunate.
Can DAOs Defend Against Vote Buying?
We have concluded that vote buying, in general, should be considered an attack as it lowers the capital cost required to swing the outcome of a vote and potentially overwhelm a DAO’s voting system.
There are a few approaches on how we may defend against it, but honestly, none of them are that satisfactory.
Social approach. All funds are sent to a trusted third party (TTP) in the DAO for every proposal.
The motivation is to allow the trusted third party to review the votes, and if vote renting is detected and it was sufficient to swing the vote, then the funds should be returned to the DAO.
Governance committee. A committee is installed in the governance smart contracts with the authority to delay the passage of a proposal and, if necessary, veto it.
The power to delay the passage of a proposal can permit time to investigate the voting results and detect if a vote rental service was used to swing the votes. Enabling the committee to veto the proposal and effectively cancel it can protect the DAO while acting as a deterrent against the use of vote buying. Membership can begin small (~3 members) and eventually evolve into a collection of parties who act as a ‘check’ on the results of token-weighted voting.
Negate approach. A smart contract, with the same voting power as the rental service, will wait until the rental service casts its vote and then automatically vote against it.
This is probably the most decentralised approach and does not rely on any changes to the voting system.
However, it requires matching the voting power of the attack and introduces timing challenges between the attacker and defender (i.e., latency games). For example, if the attacker sends their vote transaction for inclusion in the same block in which the voting period ends, then the defender may not see the transaction and thus react in time.
Additionally, it may increase Quorum for a vote and inadvertently facilitate the approval of less popular proposals that garnered more “for” than “against” votes but lack sufficient overall votes and participation from the DAO.
The primary issue is that attacks only get better.
If a defence is put in place to detect and counteract transparent vote buying, it could accelerate the development of DarkDAOs — enabling the selling of votes in a privacy preserving and trustless manner. We should assume that DarkDAOs will eventually emerge if vote-buying as an activity really takes off.
Final Thoughts
Vote-buying-as-a-service, along with other forms of renting votes, is likely here to stay.
Current data suggests that renting voting power has not yet had a detrimental impact in the ArbitrumDAO nor has it decisively influenced the outcome of any votes.
I remain hopeful that vote buying will not gain popularity and it will gradually fade into irrelevance.
However, as is often the case in the crypto world, we cannot simply hope for something to disappear, especially when the financial incentives for buying votes favor the attacker over the defender. It is profitable for attackers to buy votes, and when there is profit, there is action.
We, the DAO community as a whole, need to start discussing how governance should evolve beyond token-weighted voting with more robust checks and balances. This may require introducing some level of centralisation with gatekeepers, but I believe this could be a more effective approach than passively allowing governance attacks to happen.
Additionally, the ArbitrumDAO’s Code of Conduct clearly states that severe cases of self-voting or failure to disclose conflicts of interests can lead to remove of DAO positions:
“However, as explained further below, a delegate that repeatedly fails to disclose a conflict of interest before self-voting or if a single instance is deemed to be severe, they risk being removed from the Delegate Incentive Program or a DAO-elected position.”
It should also be socially unacceptable to purchase votes and we should treat vote buying as severe misconduct. In fact, we should go further than what the code of conduct requires, and outright ban individuals from the DAO who are discovered to be buying votes for their own personal gain.
Of course, these are only my thoughts.
I remain open minded and convincible that allowing folks to sell their votes to the highest bidder or for people to rent votes from others, in general, can lead to overall better decision making. Lobbying does exist and it is very real in any governance system.
Should we actually embrace it? Or fight against it? I’m leaning on the latter, but open to the former.