An Analysis of The Tally Protocol written by Kaleb Rasmussen (@kaleb0x) with additional contributions from @RikaGoldberg, @0xTraub, and @404_cole

                                                       _____________________

Key Insights

• Fewer than 30% of participants in DAOs, with between 1,000 and 10,000 members, engage in the governance process regularly. Low voting participation combined with a high supply of tokens on markets exposes DAOs to governance attacks, where bad actors can easily buy tokens to push malicious proposals.

• Limited token value accrual and misaligned delegate incentives can prevent strong project fundamentals from translating into higher token prices. Lower prices, in turn, cause community members and delegates to stop caring, which makes DAOs more susceptible to governance attacks.

• When token prices are high, token holders tend to lock their assets in DeFi to earn yield rather than to vote on proposals. Restaked governance tokens have grown 978.2% YTD and pose an existential threat to DAO security.

• The Tally Protocol offers a solution to the conflict between governance and token utility. By introducing Liquid Staking Tokens (LSTs), the protocol allows token holders to earn yield while maintaining or delegating their voting power, improving DAO security.

Introduction

On July 28th, 2024, after two failed attempts, an unknown group going by Humpy, also known as the “Golden Boys,” narrowly pushed through Proposal 289 to the Compound DAO. The proposal, which appeared harmless at first, proposed to transfer 5% of Compound’s treasury, or 499,000 COMP tokens, to goldCOMP, a yield-bearing vault. The catch, however, was that the funds would be stored in a vault controlled by the Golden Boys instead of the DAO, leading many to accuse the group of engineering a governance attack against Compound DAO.

Governance attacks can occur when an entity amasses sufficient voting power in a DAO with low voter participation in order to push through proposals that favor their own interests over those of the DAO. In the case of Compound DAO, the passage of Proposal 289, with over 682,191 votes in favor and 633,636 against, led the Compound Delegates and the Alpha Growth team (Compound DAO’s outsourced BD team) to step in. The Alpha Growth team published a governance post to implement a similar staking instrument, created and managed by Compound DAO, as opposed to the Golden Boys, in return for the Golden Boys to cancel proposal 289. Additionally, if the Golden Boys didn’t cancel their proposal, Compound Delegates threatened to move forward with Proposal 290, which, if passed, would allow for voting power to be removed from the wallet that authorized Proposal 289.

Fortunately for Compound DAO, the Golden Boys decided to cancel Proposal 289 and accept Alpha Growth’s staking idea. However, governance attacks are not going away. In fact, the current dynamics of governance tokens worsen the problem, weaken DAO security and make DAOs more susceptible to these types of attacks.

Why Do Governance Attacks Happen?

To prevent governance attacks, DAOs must first understand the key contributing factors. These attacks are possible because many projects have:

1. A high supply of tokens on exchanges and DeFi markets

2. Low participation & low concentration of voting power among active delegates

High Supply of Tokens on the Market

In today’s most popular DAOs - such as Arbitrum, Optimism, and Uniswap - creating and voting on proposals requires that token holders either delegate to themselves (self-delegate) or delegate to another member of the DAO. When a token holder sells their tokens or locks their tokens in a DeFi application (e.g., DEXs) their delegation is automatically undelegated, which results in a reduction of voting power for the protocol.

For Arbitrum, Optimism, and Uniswap, the percentage of total token supply listed on CEXs and DeFi is 10.9%, 7.7%, and 10.2%, respectively, as shown in the graphic below. These tokens are not currently being used in governance, but because they are readily available for purchase, they can be acquired by bad actors to be used in governance.

For these same DAOs, the quorum threshold for a proposal to pass is only 1.8%(1)$,$ 0.6%, and 4.0% of the total token supply, respectively. For Arbitrum, Optimism, and Uniswap, the tokens available for a bad actor to buy on CEXs and DeFi are 6.2 times, 13.6 times, and 2.5 times the needed quorum to pass a proposal, as shown in the graphic below.

1: Quorum for Constitutional AIPs; Quorum increases as the number of tokens delegated to the “exclude address” decreases. The largest holder delegating to the “exclude address” is the Arbitrum DAO treasury.

In the case of Compound DAO, over 36.9% of the total token supply was locked on CEXs (22.0%) and DeFi markets (15.0%) while only 3.99% of the total token supply was required to meet quorum, a 9.3 times difference.

Low Participation

Low quorum requirements wouldn’t be an issue if DAOs had many active community members who could easily block governance attacks. However, this is not true today. According to a study by two academics at the University of Complutense of Madrid, fewer than 30% of participants in DAOs, between 1,000 and 10,000 members, engage in the governance process regularly. To pass proposal 289, Humpy had acquired around 680K COMP tokens (~$32 million) to meet the 400K COMP (~$19 million) quorum requirement and overcome dissent from other delegates.

Low quorum requirements are often indicative of the average participation needed for normal, good-faith delegates to successfully pass legitimate proposals. For Arbitrum, Optimism, and Uniswap, over the past 10 proposals as of October 25th, 2024, the total votes on those proposals on average were 149.8%, 164.4%, and 118.8% of the quorum requirement. This poses a major security risk as bad actors could acquire tokens from large CEX and DeFi markets to easily meet low quorum requirements and overcome low voting participation to push through malicious proposals.

For example, the Arbitrum DAO has accumulated ~$29.4 million worth of ETH in surplus fees from Arbitrum One and Nova. While the number of total votes has remained relatively constant, the ratio of votes to circulating supply has decreased by 40.6%. If voter participation does not keep up with the increased circulating supply, and the treasury accumulates more ETH, its growing value could attract malicious actors. This may make it profitable for them to acquire a significant amount of ARB tokens from open markets and enable an attack on the DAO.

Even for well-established DAOs with strong fundamental growth in TVL, users, and partnerships, reaching low quorum requirements still remains a struggle. One would expect strong project fundamentals would drive up the governance token's price, which in turn would lead to greater enthusiasm and member participation, making the DAO more secure and resistant to governance attacks. However, these expected links between project fundamentals and token price, and token price and participation do not hold true in reality.

Why Fundamentals Don’t Always Raise Prices

Though the crypto market is highly narrative-driven, one would expect strong project fundamentals should eventually lead to higher token prices, as seen in TradFi. However, several factors can disrupt this alignment, with one of the most obvious being supply unlocks. These unlocks create consistent sell pressure, which can stifle price growth despite positive fundamentals.

However, the disconnect can still persist for governance tokens that are fully diluted because of two reasons:

1. Limited Token Value Accrual

2. Misaligned Delegate Incentives

Limited Token Value Accrual

Governance power by itself has generally been a poor way to accrue value to tokens. On February 23, 2024, the price of UNI spiked 53.8% from $7.4 to $11.3 over speculation from a Uniswap Foundation proposal that the fee switch would be turned on, showcasing the market’s demand for token value accrual through protocol revenue generation and revenue-sharing.

When governance tokens have little control over even turning on protocol revenue (and as such accrue little value from the underlying protocol), holders tend to stop caring and token prices are predestined to fall even if project fundamentals are strong. The average token holder no longer has an incentive to delegate and keep their tokens delegated to an active delegate. This discount for lack of control (DLOC) is a common downward price adjustment in TradFi, applied to valuations of minority stakes in businesses.

Misaligned Delegate Incentives

Today's DAO environment has evolved into a complex web of providers working together to service DAO operations. The role of researching and voting on tens to hundreds of proposals has become a full-time job, and is generally not feasible for the average token holder. As such, professional delegates such as L2Beat, GFX Labs, and StableLab are among a few organizations that have emerged to take on the full-time role.

While discussions around professional delegate incentives have become more common, many DAOs including Compound DAO have no delegate rewards program. Unpredictable incentives lead delegates to feel apathetic about investing resources into the DAO, causing many delegates with large delegations to become inactive in forums and voting. For Compound DAO, 13 of the top 30 delegates by voting power had not voted over the last 10 proposals as of October 25th, 2024.

Many other DAOs such as Uniswap or Arbitrum have delegate incentives but it is often tied to metrics such as voting record or forum activity as opposed to project fundamentals like DAO revenue. While this incentive structure increases DAO participation and delegate transparency, it creates misaligned incentives where delegate rewards are not tied to the performance of the protocol.

The lack of incentive to drive high ROI proposals may lead to excessive spending, where delegates might approve significant DAO treasury allocations for activities with low upside. While DAO spending is relatively minuscule compared to unlocks for many young DAOs, the lack of austerity and unchecked spending can still be damaging to the token price. When communities see large amounts of DAO spending, it can add gas to a burning fire and put further sell pressure on the token as DAO service providers and grant recipients sell their allocated tokens.

If a DAO has good fundamentals, it should have an increased ability to use its revenue to provide sustained incentives to professional delegates. This would keep professional delegates aligned with the success of the DAO and a higher token price. Consistent incentives would provide delegates with the funds to consistently research and support proposals that provide good returns to the DAO and therefore to themselves.

Why Higher Prices Don’t Always Enhance DAO Security

The Dichotomy of Governance Tokens

Even when token prices increase, low participation and weak DAO security can still be present. This is due to governance tokens serving as both:

• Voting Rights: Use your governance tokens to vote on proposals, protocol changes, or funding decisions without any expectation of rewards.

• Assets: Earn yield on one’s tokens by locking them in DeFi but forgo participation in governance.

When token prices increase, more users will opt to use their governance tokens as an asset within the DeFi ecosystem and compound their yield as opposed to voting.

Historically, yield could be earned on governance tokens in two ways: providing liquidity on DEXs or lending (which is limited to very few tokens). However, restaking has recently emerged as an alternative to earn yield on governance tokens. Restaking enables users to secure multiple networks or services by staking a single set of tokens, earning yield across each service secured. However, as more governance tokens are locked into restaking protocols to secure other networks, they become unavailable for securing their underlying DAO, threatening its security.

What is Restaking?

Restaking allows users to use their tokens to secure the main network (e.g., stake ETH, securing the Ethereum network), and additionally reuse those tokens to secure other networks/protocols (e.g., restake ETH to secure a data availability service such as EigenDA). The protocols and networks that rely on restaked security will pay out rewards for that security service allowing restakers to earn extra yield on their assets. However, stakers that re-delegate their tokens to protocol, and fail to perform services for the network or misbehave, such as providing incorrect price data to an oracle service, could be slashed.

Restaking protocols have accumulated ~$15.0 billion in TVL as of writing and grew over 978.2% YTD (till September 30, 2024). Currently, ETH and ETH Liquid Staking Tokens (LSTs) or Liquid Restaked Tokens (LRTs) dominate this TVL, making up over 93.7% of the total.

Eigenlayer, one of the first restaking protocols, launched in June 2023 holds about 80.8% of the TVL. However, during Q3 2024, Symbiotic, which allows for a broader variety of ERC-20 assets to be restaked (including governance tokens), compared to Eigenlayer (which primarily supported ETH), grew from 1.7% to 11.2% of restaked TVL quarter-over-quarter (QoQ).

The Growth of Governance Token Restaking

While restaked governance token TVL only makes up 0.8% of all restaked TVL, the number of governance tokens and dollar value of those governance tokens restaked has grown significantly. QoQ, TVL of governance tokens restaked has increased 40.1%, rising from $82.0 million to $114.9 million. This stands in contrast to the broader restaking market, which saw a decline in TVL of approximately 20.0% QoQ, dropping from $18.8 billion to $15.0 billion, largely due to a decrease in ETH price.

Of the $114.9 million of restaked governance tokens, 92.8% of all restaked governance token TVL was made up by:

• Filecoin’s FIL had $58.5 million restaked (50.9% share)

• Ethena’s ENA had $24.6 million restaked (21.39% share)

• Etherfi’s ETHFI had $23.6 million restaked (20.5% share)

At the beginning of Q3, only two tokens made up the entire TVL:

• Filecoin’s FIL had $61.1 million restaked (74.5% share)

• Ethena’s ENA had $20.9 million restaked (25.48% share)

As restaking protocols seek more capital, and governance token holders look for additional yield, restaked governance token TVL is expected to grow. DAOs that see an increasing governance token price are threatened by restaking protocols which will always offer users a higher yield than the underlying DAO. While DAOs provide inflationary rewards or revenue sharing, restaking protocols offer these returns plus additional yield from the networks they secure. As more governance tokens are locked in restaking, fewer remain available for DAO voting, increasing the risk of governance attacks and therefore reducing DAO security.

These challenges have undermined confidence in the effectiveness of current governance structures. The Tally Protocol plans to address these challenges.

The Tally Protocol

Background

While the Tally Protocol was announced in June 2024, Tally was founded in 2019 by Dennison Bertram and Rafael Solari and has since gained strong traction among DAOs. Tally (not the Tally Protocol) is a comprehensive frontend for running and operating onchain DAOs on Ethereum and other EVM chains. Over 500+ DAOs, including Arbitrum, Uniswap, AAVE and more use Tally to create and vote on onchain proposals, elect members to Security Councils, and in some cases, execute the movement of treasury funds. The governance tokens on Tally collectively have a market cap of over $30 billion. As a key player in DAO governance, the Tally team is well-suited to solve these aforementioned problems.

Tally Protocol Introduction

The Tally Protocol is a smart contract layer for creating Liquid Staked Tokens (LSTs) for governance tokens. Governance token holders can deposit their tokens into the Tally Protocol in exchange for the equivalent stLST (e.g., ARB to stARB). stLSTs holders are able to vote on underlying DAO proposals as they normally would through the Tally interface.

The protocol aims to fix the links between project fundamentals and DAO security by solving the following problems:

• Limited Token Value Accrual -> Staking Rewards: By staking a governance token, one accrues a portion of DAO revenues in the form of auto-compounding yield.

• Misaligned Delegate Incentives -> Built-in Delegate Rewards: Active delegates receive a portion of staking rewards giving them a predictable income stream tied to project fundamentals.

• Governance Token Dichotomy -> Undelegated Voting Power Redistribution: stLST voting power that is not delegated (such as where stLST tokens are locked on a CEX or in DeFi to earn extra yield) is redistributed back to active delegates.

When a project’s fundamentals increase, its token price should increase as a result of increased Staking Rewards and increased Delegate Rewards. This increase in price will drive users to compound their yield. To do this, users will stake their governance tokens (stLSTs) for rewards and use their stLSTs in DeFi. stLSTs will then Redistribute Undelegated Voting Power locked in DeFi to active delegates, further securing the DAO against governance attacks, as shown below.

Tally Protocol for Arbitrum DAO

On August 20, 2024, Frisson from the Tally team posted the proposal: “ARB Staking: Unlock ARB Utility and Align Governance”. The proposal outlined a plan for implementing ARB staking through the Tally Protocol, to increase the token’s utility and the DAO’s security. The proposal passed with overwhelming support (134.5 million ARB in favor and 4.51 million against) and funds for smart contract development were distributed to the Tally team.

Features of stLSTs & stARB

Staking Rewards

stLSTs are liquid, auto-compounding ERC-20 tokens that accrue value in the underlying governance token, with the stLST to governance token ratio increasing over time as rewards compound. The claiming of underlying DAO rewards/revenue and compounding of those rewards/revenue into the staked position is called “Rebalancing”. The Tally DAO sets a fee to cover the gas cost of rebalancing. The Tally Protocol is also compatible with future staking designs. Additionally, there may be a withdrawal period to prevent users from immediately staking before a reward, claiming a part of the reward, and immediately unstaking.

stARB follows many of these same properties. It is a liquid, auto-compounding ERC-20 token. However, to receive rewards, stARB holders must delegate their voting power to an “Active Delegate” as defined by their Karma Score (a measure of a delegate’s offchain voting record, onchain voting record, and forum activity) or choose not to delegate their tokens to anyone (undelegated) where the DAO will allocate their voting power to “Active Delegates”. By incentivizing delegation to active delegates, voting power can stay concentrated among active delegates who will more quickly respond to governance attacks. It should be noted that Arbitrum has not turned on any staking rewards as of the time of this writing. However, new working groups around staking and delegation implementation have formed.

Built-In Delegate Rewards

The Tally Protocol can take a percent of DAO rewards/revenue distributed for each stLST as a “fee”. This fee could be distributed among active delegates in the underlying DAO proportional to the underlying governance tokens delegated to them. The percent of total DAO rewards/revenue paid to delegates is determined by the Tally DAO, but is capped by the Tally Protocol to ensure the majority of rewards/revenue goes to stLST holders. The underlying DAO can also add additional incentives to reward good delegates. This will allow professional delegates to build businesses with a consistent income stream that is linked to their performance (DAO rewards/revenue and voting power delegated to them).

The delegate incentives component for ARB Staking has yet to be determined.

Undelegated Voting Power Redistribution

If a stLST holder decides not to delegate their voting power to anyone (undelegated), that voting power goes back to the underlying DAO for redistribution to active delegates. Tokens that are locked on CEXs, DeFi, or restaking protocols that do not implement a Flexible Voting Client will have their voting power returned to the DAO. The Tally Protocol can provide a default strategy to redistribute voting power to trusted delegates but this can always be overridden by the underlying DAO. This enables DeFi / restaking protocols to be compatible with DAO security. As more stLSTs are locked in restaking protocols, more voting power will be redistributed to active delegates.

Arbitrum will establish its own default redistribution strategy for undelegated stARB to active delegates. If stARB tokens locked DeFi / restaking protocols are undelegated, users could still earn the underlying DAO rewards/revenue because their voting power will be redistributed to active delegates by the DAO.

Closing Thoughts

Overall, the Tally Protocol offers a promising solution to the ongoing security challenges faced by DAOs. By creating stLSTs, such as stARB for Arbitrum, the Tally Protocol can implement three key features that solve the problems associated with low DAO security:

• Staking Rewards: stLSTs return value to token holders by receiving and compounding yield from DAO rewards/revenue.

• Built-in Delegate Rewards: Active delegates are awarded a share of DAO rewards/revenue paid out, providing them with a consistent income stream tied to performance.

• Undelegated Voting Power Redistribution: stLST voting power that remains undelegated, such as when stLST tokens are locked on CEXs or in DeFi, is redistributed to active delegates.

All these solutions together help to increase the voting power delegated to active delegates and better align the incentives of those actors who contribute to the DAO. This, in turn, creates more robust security for the DAO and decreases the chance of a successful governance attack.