At Ease, we believe tokenomics are important in providing utility to holders and increasing the security of a DAO through the cost of attacks. However, they must be architected in a way that is sustainable, does not impede the utility of the product, and does not hamper security in other ways.
When devising our new tokenomics we could not find an existing model that fully satisfied all of our requirements, so we created one ourselves: growing vote tokens (gvTokens)
veTokens, but better and safer
We took inspiration from veTokens in a couple of ways:
- they are governance tokens that cannot be traded
- their power changes over time
- they encourage competition by users and protocols to stake the most $EASE.
But we deviated from their strategy in other ways:
- their value grows over time rather than decays
- locking is not necessary
- rewards are now discounts, making it completely sustainable.
How do gvTokens work?
gvTokens work exactly as they sound:
- A user may deposit an amount of $EASE (for example 100), and they’ll receive the same amount of $gvEASE (also 100)
- Over the course of a year, this voting/staking power will linearly increase to a maximum of 2x the original amount (to 200 $gvEASE in this example).
- This $gvEASE is used for two things:
- voting on governance proposals
- staking to a vault to lower the maximum fees for a single hack.
Benefits of the gvToken system are:
- increases in the security of governance by making it much more expensive to attack
- getting rid of the need for participants to lock-up tokens for years
- getting rid of the incentive for external protocols to control a large percentage of the token supply
- allowing participants to be rewarded in a manner that doesn’t involve giving out free tokens.
Staking on a vault is similar to voting for extra rewards to be given to a certain Curve vault, except, instead of raising profits, it lowers costs.
The more tokens that are staked to a vault, the lower the maximum fee of that vault is for any particular hack. Although the normal maximum fee for any single hack is 33%, it can be lowered through this system to 0%.
You can think about it as the share of staked tokens on a particular vault representing a share of the “discount” on that 33% maximum fee. This “discount” will make the maximum fee average out to ~20% throughout the system for any single hack. So, the other ~13% of the TVL discount will be split between vaults with stakers.
Keep in mind this is the maximum fee that can occur. So maximum fees will not affect the vast majority of hacks–only the biggest black swan events. A future metric called Risk Rating will affect the amount taken from each vault on every hack.
The equation to determine the maximum fee is as follows:
The maximum fee is hardcoded into the system as 33%. That’s the maximum amount that can be reserved after a hack. The average discount is determined by the difference between the max fee and the maximum exposure we allow the system to have to a single protocol (20%), so 13%.
For someone with a lot of value in the Uninsurance system and for protocols that want to do good for their users by lowering their risk, staking tokens for safety and surety can be an extremely valuable prospect. And as more is staked, more needs to be staked by others for the same benefits, creating a similar flywheel effect as the veToken model.
What if someone with $EASE tokens doesn’t use the Uninsurance system and therefore wouldn’t benefit from a low maximum fee? They can rent out their tokens for bribes.
This is exactly what it sounds like: users with $gvEASE may “lease” their stake to buyers in exchange for $EASE rewards.
Bribing can only be done to influence the maximum fee of a protocol; $gvEASE tokens cannot be bribed to vote on governance proposals.
Upon deposit of their $EASE tokens, a user can choose to put the $gvEASE they receive up to be bribed. They will then receive a weekly $EASE payment, depending on how many $gvEASE tokens they have put up for bribes and how much people and/or protocols are currently paying for bribes.
The math is simple here.
There’s a venal pot of $gvEASE tokens and a bribe pot of $EASE tokens. Each percentage share of the weekly bribe pot gets the same percentage share of the venal pot that is staked. Each share of the venal pot gets the same share of the bribe pot in rewards.
The opposite is true for the other side of the system. The percentage share of all $gvEASE in the venal pot that a user is awarded is equal to the percentage share of the user’s $EASE bribe compared to all bribes.
For example, let’s say there are current “subscriptions” of 100 $EASE tokens being paid for bribes each week, and there are 10,000 $gvEASE available for bribes. That means that each week a briber can pay 1 $EASE for 100 $gvEASE staking power. A seller can profit 1 $EASE for every 100 $gvEASE they put up for bribes.
If the next week more people want to purchase bribes. The bribe pot may raise to 200 $EASE weekly, therefore making it twice as expensive to bribe and twice as profitable to sell stakes for bribes.
This system allows the cost of bribes to constantly adjust to their perceived value because cost changes based on supply and demand.
Security was a top priority when creating the gvToken system. We have many checks and balances within the Uninsurance ecosystem to prevent the loss of user funds. But our governance is a very important layer of our security and it being compromised could hurt users.
The veToken systems were not nearly secure enough for our liking. They did little to protect against attacks and encouraged the consolidation of governance power in multiple ways.
The most obvious improvement to security is that attacking a growing vote system either requires an attacker to:
- have twice as many tokens as would otherwise be needed (so that they can outvote others that have already grown their vote), or
- to be invested in the system for a year before attacking (a very unlikely prospect for a malicious actor).
The next improvement in security is the removal of long, explicit locks. We still have locks on withdrawing tokens for short periods of time. It is nothing like the required locks in veToken systems though. Those locks span up to years.
Instead, gvTokens provide implicit locks. If a user withdraws they’ll lose all the progress they’ve made in growing those tokens. These implicit locks result in a system that’s psychologically easy to get into but difficult to get out of.
Removing required locks also means there’s less incentive for a third party to create a protocol on top of ours that allows users more liquidity of their staked tokens.
We believe that voting power being concentrated in third-party protocols is a recipe for disaster in a decentralized ecosystem.
Along with this same thought is the implementation of bribes in gvTokens. By implementing bribes ourselves for staking and not implementing bribes for voting, there’s much less incentive for a third party to create a voting bribe system which could potentially be used by malicious actors.
It’s still possible, of course. But it’s unlikely anyone will see much benefit in creating a system like that. The most valuable part of it is natively implemented!
We’ve created gvTokens to be more secure, more approachable, and more sustainable than previous governance, staking and bribing models. They inherit similar incentives as other flywheel models but do so without inflating token supply or sacrificing security. We believe gvTokens are truly the next step forward in decentralized governance.