Addison Cameron-Huff, Cryptocurrency Lawyer

What would it take for DAOs to overtake traditional corporations as the main way that Internet-based businesses are organized?

It's easy to take shots at DAOs but this blog post looks at what it would take for this transformation to actually happen. We're certainly not even close to a world where most tech is built and delivered by DAOs, but there are hints that DAOs can be used for quite a bit of what's currently done by traditional companies. They're starting to be used for funding scientific research or creating digital dollar equivalents. In another sense of the term, some major blockchain networks (e.g. Bitcoin, the first and still largest) might themselves be considered DAOs, and if they're not quite within the definition, they show a bit of the path forward. This article sidesteps definitions, and instead looks forward to what's required to make DAOs mainstream.

A Problem In 2016 And In 2024: The Personal Liability Problem

The people who participant in a business, if there's no corporation, may be legally responsible for the business activities. This is a long-standing problem in the DAO space. I first wrote about this problem in 2016 when the The DAO was launched on Ethereum as the first DAO. That project was hacked and the subject of a significant document by the SEC (which was not positive). Little has changed since 2016 on the legal liability side, because personal liability can generally only be avoided by availing oneself of limited liability that's granted by law. In plain English: unless there's a corporate statute, and the rules of that statute are followed to create a corporation, then there's personal liability for the founders. The reason for this is that the default is unlimited personal liability, and the special laws for corporations change that default. If you don't follow the steps, you're no different than someone who claims to be operating as XYZ Corporation but never followed the rules, so you're actually operating as a sole proprietorship or partnership.

Solution #1, Anonymity: It's become more common in recent years for people to return to writing software anonymously. In a way, this sidesteps the personal liability problem because from a practical perspective, if someone can't be found then they can't be held responsible. This isn't exactly a legal solution though, any more than someone who's very fast might be able to run away from the police if they rob a bank - but the bank robbery is itself still wrong.

Solution #2, Special New Laws: Some jurisdictions in the world are creating statutes that better accommodate digital organizations (DAOs). It may be possible for people to organize themselves under extremely flexible, lightweight laws that give limited liability to a corporation. This organizational system would probably be respected by local courts in foreign jurisdictions.

Solution #3, Diffuse Accountability: Diffuse organizations might be created that act in ways that make it difficult to ascribe liability to any particular person's actions. This is the theory behind DAO voting, in which people often believe that just by voting on a proposal they're not acting in a way that makes them personally responsible. This solution is a lot like Solution #1, and it's a questionable idea that courts won't simply look to all of the participants, or litigants won't just name the largest token participants as the defendants.

Solution #4, Embrace Partnerships: A return to the style of business pursued throughout most of human history might be a solution. Partnerships have unlimited personal liability, but they exist and are thriving businesses all around the world. Lawyers aren't allowed to have limited liability in Ontario, and accountants frequently operate through partnerships too. This is a bit of a mindset shift for people, and it's higher risk, but maybe less high risk than people think. And the reality of life is that all businesses have risk. Perhaps some of the risk can be answered by new forms of insurance or mutual aid that turns low probability high impact events into a cost centre, rather than existential threat to participants.

Another option for mitigating the personal liability problem is to use a corporation as a part of the DAO, but I'm most interested in pure DAOs for the purpose of this article. In my actual legal practice, this is often a recommendation I provide to clients because some of the above solutions aren't particularly practical today, and because many participants in DAOs care less about the purity of the concept and more about the results of the organization. Although that's a fair point, and it may be a good idea to make a corporation, I wouldn't say that's quite what the term DAO should mean.

Payment For Work: A Solved Problem Due To Cryptocurrency

The problem of how to pay people for their participation is effectively solved already by cryptocurrency, which works in every country. Software makes timetracking simple, and managerial roles can help ensure that payments are only made when they ought to be. Although it's difficult to do this in a purely automated way, there's no particular reason why a DAO has to be completely automated. Humans and computers are synergistic in DAOs.

Voters can provide funds to projects, or even people, which can assign money from a bigger pool to tasks that need to get done. Or they could delegate to managers, who then spend the money from special types of cryptocurrency wallets, and this would look a lot like the delegation from shareholders to directors to officers to employees.

I'd say this is a solved problem already. The tooling will improve over time.

Organizational Articles: Rules Of The DAO

Most companies have a number of rules that are a part of the constitution of the company. The exact term for this varies by jurisdiction but it's the rules set out by the shareholders for how they want their delegates to run the business. These kinds of constraints are often easy to translate into computer code that can constrain the company's actions. But today, most DAOs are structured with free-flowing votes, or votes that are purely decisions to send crypto to some place. More fine-grained controls are probably needed.

Solution #1, Better Software: Smart contracts offer a lot of possibilities for designing better DAO systems. This is hard work, and it's often not core to any DAOs operations, but it's possible to envision better analogues of corporate rules in the form of smart contracts that control DAOs. This would let people make more fine-grained decisions that are enforced by code.

Solution #2, Human Oversight: People can translate rules into decisions about whether a particular proposal is permissible or not. The 2016 organization known as The DAO (linked above) did this through a list of people who had special access. This guardianship role for a DAO could be a good intermediate between fully-automated and not-at-all-automated (like most DAOs). It's tough to come up with accountability systems that make sure the guardianship role doesn't get abused, but this can be a problem in regular corporations too.

Solution #3, Transparency: Sometimes the right answer isn't greater control but rather greater sunlight. Transparecny lets people judge for themselves whether an organization is good or bad, and they can vote with their feet by leaving a DAO that isn't going according to its charter. If the DAOs ownership is token-based, they can vote with their wallets by selling the tokens and moving on. This might provide enough discipline for many kinds of rules that traditional corporations use.

The above solutions might actually work out better than most corporate constitutions (called Articles of Incorporation in Canada) because in some cases these systems are self-executing, whereas in regular corporations someone has to read a rule and then decide if they want to follow it, or decide whether they want to do something about the breach. Many people in companies don't bother to read the Articles of Incorporation, so DAO systems might ultimately have better governance when it comes to the enforcement of the rules of the organization.

Outliving The Participants

One of the most important part of corporations is that they can continue to live long after the founders and employees who once made up the company. It's a durable entity that continues over time. DAOs already have this property through smart contracts (some of which can't be altered). Code-wise, there's various platforms emerging that permit long-lasting computer operations that make up the business's core logic. By that I mean, there are online compute platforms that exist either within blockchains (e.g. Ethereum) or are adjacent to blockchains (e.g. funded by crypto). Networks like IPFS and censorship-resistance systems like the US-government developed Tor, can enhance the resiliency of DAO systems.

For most DAOs, outliving the participants probably isn't much of a concern even with today's tooling. Although some are organized with keyholders who might have a critical role, it's rare that people haven't already considered ways of recovering keys in the event of the death/disability of a keyholder, or issuing new keys to new people. I'd say this is a solved problem, even if the best practices aren't well-developed.

Ostensible vs. Actual Authority: Lack Of Traditional Documentation

All unregistered associations of people lack the documents that some parties expect for an organization, such as a director's resolution approving opening a bank account. But this isn't necessarily a barrier, because banks do offer accounts to unregistered associations of people. These are actually rather common in Canada, being the major form for riding associations for political campaigns, some unions, little league sports teams, etc. Banks in Canada sometimes call these "community groups". But it's still the case that many organizations expect to see a corporate form (either for-profit or not-for-profit corporation, incorporated under a specific law).

Although it's possible to deal with banks as an unincorporated association of people, there are questions about how authority is determined. Businesses benefit from a rule in many jurisdictions that presumes authority when someone seems like they have a job that ought to be able to sign a contract. Actual authority may differ, but it's not required to check usually.

With a DAO, how can anyone check who has authority? They could have a constitution like many unincorporated associations do, but there may still be questions about who's the right person.

Solution #1: DAOs could explicitly list online who has authority to bind them. This could be a list of addresses on a blockchain, or maybe actual real-world identities. Perhaps it could be a list of email addresses. Today, this is an uncommon practice. But it might be a good idea to adopt this practice to prevent people from being scammed by ostensible representatives of a DAO who actually don't have authority.

Durability

The concept of a DAO is most useful when it's an organizations that's durable. By that I mean, it exists online in a way that can outlive the members and perhaps even withstand legal pressure. This is something more than a website probably. Many DAOs have at least some smart contract functionality as part of them. How can the DAO stay online despite the actions taken by people in the real world?

Solution #1: Websites are fairly easily taken down today through legal methods. But there's a corner of the Internet that's much more resilient; a type of hosting called bulletproof hosting. This is most associated with criminals, who set up their sites on these services in order to commit crimes like frauds, counterfeit software, etc. They're often hosted in places like Russia and China, where authorities may be reluctant to take action against crimes that they don't perceive to be priorities according to their local policing mandate. This is to the great frustration of people who are the victims of these criminals, but it's also a tool that more DAOs could use to ensure that their web presence is durable.

Solution #2: Obviously smart contracts on blockchains are a great example of resiliency. It's virtually impossible to stop a smart contract that's launched on Ethereum, if the creators of the smart contract didn't build in an off switch. Code once deployed can't be undeployed, because this is at the core of the immutable property of blockchains. If external actors could change the code, they could also change transactions and undo transfers on-chain. Today, the key means of doing this is to launch legal attacks against the developers of the blockchain software in order to try to get them to change the code to censor or remove transactions. This is the approach that was taken by Craig Wright in his legal efforts to assert ownership over billions of dollars of bitcoin as part of UK litigation that he launched. So far, this approach hasn't borne fruit for anyone. It remains very difficult or impossible to remove something from the Ethereum blockchain (and competing networks). This is even more durable than bulletproof hosting.

Send Me Your Thoughts!

Let me know what you think of this blog post and these ideas: addison@cameronhuff.com. There's a lot more that can be said about these, and I'll likely explore these ideas further in blog posts to come in the following weeks. DAOs are a fascinating concept and this blog post touches on just some of the issues.