#Bittensor #Governance Proposal:
Constitutional OpenGov n Safety Track (aka.
#CONST)
It has 5 layers:
1. A Constitution (hard constraints),
2. Separation of powers (legislative / executive / judicial),
3. A ladder of interventions (watchlist → quarantine → suppression → deregistration),
4. Stakeholder-representative democracy that is NOT hijacked by yield-chasing delegation,
5. Economic incentives and penalties (bonding/slashing) so truth wins.
-----------------------------------------
Layer 1 : The Constitution: what governance is allowed to do (and not do)
Constitutional invariants (hard-coded or extremely high-bar):
1. Dynamic TAO (TAOFlow) is the default allocator. Governance cannot override it for “quality” or “competition.”
2. Governance may only intervene under a narrow set of Safety Violations, such as:
+ proven theft/rugpull mechanics,
+ protocol exploit / critical security risk,
+ systematic manipulation (e.g., bribery to fake flows),
+ malware / illegal content distribution,
+ repeatable fraud claims with cryptographic evidence.
3. Any “turn emissions to 0” action must be:
+ time-limited, and
+ renewable only by re-vote (no permanent censorship switch).
4. Every intervention must include:
+ an on-chain reason code + evidence hash,
+ a time-lock (except emergency pause),
+ a guaranteed appeal path.
This is the “civilization” part: rule of law.
-------------------------
Layer 2 : Separation of powers: prevent validator oligarchy
Today’s bicameral system (Triumvirate + Senate) is a step toward decentralization but still transitional.
CONST upgrades it into a 3-branch model:
A) Legislative: make/modify rules
+ Protocol upgrades, parameter changes, governance rules.
+ Should evolve toward OpenGov-style referenda tracks (anyone can propose with deposit; multiple tracks with different thresholds/time-locks).
B) Executive: fast operations
Emergency response capability (pause/quarantine) but cannot finalize long-term punishments.
C) Judicial: decide disputed facts
+ Determines whether a subnet committed a Safety Violation.
+ This is crucial: validators should not be judge + jury + executioner.
-----------------------
Layer 3 : The Intervention Ladder (graded responses, not binary kill switch)
Instead of PR #2420’s “emissions → 0” hammer, CONST uses a 4-step ladder:
Step 0: Watchlist (no penalty)
Trigger: credible report + deposit
Effect: flag subnet as “under review”; publish evidence hash.
Step 1: Quarantine (soft brake)
Effect (7–14 days):
+ reduce TAO emissions multiplier (e.g., 100% → 20%)
+ optionally restrict certain admin actions (e.g., registration toggles)
+ force extra transparency requirements
Why: Most “scam signals” are uncertain at first. A quarantine limits damage without full censorship.
Step 2: Suppression (hard brake)
Effect (≤ 30 days, auto-expire):
+ TAO emissions multiplier can go to 0
+ but it must auto revert unless renewed by a new vote.
This directly addresses the PR #2420 intent while preventing permanent capture.
Step 3: Deregistration/Dissolution (nuclear option)
Use the chain’s subnet deregistration mechanics when appropriate:
+ alpha tokens are converted back to TAO and distributed to alpha holders,
+ owner refund is computed as max (0, lock_cost - owner_received_emission_in_tao) (i.e., owner cannot profit infinitely if the subnet is removed).
Why this matters for anti-rugpull:
It gives a clean unwind path that returns capital to token holders as best as possible under protocol rules.
-----------------------
Layer 4 : Voting that’s democratic and resistant to “0% take-rate validator capture”
A core problem you highlighted earlier (and that the PR discussion implies) is:
delegators are often yield-driven; they delegate to the best APY operator; who then accumulates political power.
So CONST introduces a very important separation:
4.1. Separate “staking delegation” from “governance representation”
+ You can stake with validator A for yield/infrastructure.
+ But your governance voting power can be represented by delegate B (or by yourself).
This is liquid democracy done correctly:
+ It breaks the “0% take-rate → political monopoly” loop.
+ It makes “ethics/governance competence” a competitive market separate from “staking yield.”
4.2. Governance voting bodies for Safety actions
For Quarantine/Suppression, you need multi-chamber approval:
Chamber 1 : Root security electorate (stake-weighted, but with quorum-by-count)
Require:
+ ≥ 67% stake-weight approval AND
+ minimum N distinct root voters (e.g., 20–30)
This prevents “top 5 validators decide everything” even if stake is concentrated.
Chamber 2 : Network stakeholders (all TAO-at-risk across root + subnets)
+ Weight by total TAO-at-risk (root stake + TAO-equivalent value of alpha stake positions).
+ This fixes the “subnet investors have no voice” criticism.
Chamber 3 : Judicial jury (randomized from long-term stakers)
+ Randomly sampled jury of stakers with locked conviction (time-locked stake).
+ They vote on “did a Safety Violation occur?” not on “do I like this subnet?”
=
✅ Action passes only if:
(Chamber 3 confirms violation) AND (either Chamber 1 or Chamber 2 approves the sanction).
That’s checks & balances.
---------------------------
Layer 5 : Incentives that make the truthful outcome the profitable outcome
Governance without economic incentives becomes theater.
CONST adds bonding & slashing to punish scammers and also punish false accusers.
5.1) Subnet Owner Integrity Bond (skin-in-the-game)
Subnet owners already earn a meaningful slice of emissions (e.g., ~18% of daily TAO emissions).
CONST requires an additional Integrity Bond (locked TAO) that can be slashed if the subnet is convicted of a Safety Violation.
This is the cleanest “anti-rugpull” mechanic: if you want to run a subnet and earn emissions, you post collateral.
5.2) Challenger Bond (anti-griefing)
Anyone can open a case, but must post a bond:
+ If the case is frivolous/bad-faith → bond slashed.
+ If the case is validated → bond returned + reward.
5.3) Voter accountability (anti-extractor governance)
For Safety Track votes, require a small voter bond that can be slashed if the voter is proven to have participated in bribery/collusion (adjudicated by the judicial process).
This makes governance bribery expensive.
----------------------------------------------
Built-in anti-extractor mechanics: treat weight-copying & manipulation as punishable “exploitation”
Bittensor already recognizes validator free-riding (weight copying) as a serious integrity issue and provides mitigations like Commit-Reveal (time-lock encryption) and Liquid Alpha; but also notes an important caveat: commit-reveal only works if miner performance changes; if rankings are static, stale weights can still be profitable.
CONST governance formalizes this:
+ “Extractive validator behavior” (e.g., systematic weight-copying, bribery rings) becomes a Safety Violation category if it’s provable.
+ Subnets that fail to implement dynamic scoring / anti-copy mechanisms can be downgraded by the market and can be investigated if they enable systematic extraction.
This protects “natural selection”:
+ market chooses winners,
+ governance punishes cheaters.
--------------------------------------
Why this is better than PR #2420 as written (but still solves the problem)
PR #2420’s intent is understandable: market-only can’t judge scams.
But the mechanism “50% root stake can force emissions to zero” is too close to a “committee allocation model” again.
CONST keeps the tool but makes it safe:
Key upgrades to PR #2420
+ Supermajority + voter count quorum (not just stake threshold)
+ Time-limited suppression with automatic expiry
+ Judicial confirmation of rule violation
+ Stakeholder chamber includes subnet investors
+ Emergency pause exists, but is short and must be ratified
+ Bonds/slashing turn scams into negative EV
-------------------------------
Threat model
+ Root cartel (top delegates / validators coordinating)
+ Competitor sabotage (suppress rival subnet to steal inflows and mindshare)
+ Bribery market (buy votes off-chain)
+ Governance griefers (spam cases, overload process)
+ Scammers/extractors (optimize around rules)
+ Inattentive delegators (follow yield, not ethics)
-------
Attack analysis (how CONST resists gaming)
Attack A: “Top-5 cartel suppression”
Mechanism in PR #2420:
Suppression activates when vote-weighted root stake YES > 50%.
Failure mode:
+ If top 5 effectively coordinate, they can suppress emissions of any subnet.
+ Even if delegators can redelegate, inertia + yield chasing makes it slow.
Mitigation
+ Raise threshold to ≥ 67%
+ Add distinct-voter minimum
+ Use quadratic weighting for suppression votes only
Attack B: “Weaponize Recycle mode to crush a token”
PR #2420 introduces modes for how root alpha behaves on suppressed subnets:
+ Disable: recycle root alpha back to subnet validators
+ Enable: root still accumulates alpha
+ Recycle (default in current code): swap alpha→TAO via AMM and burn TAO
Failure mode
+ If a cartel can (i) suppress a subnet and (ii) keep “Recycle” mode on, the protocol will continuously sell alpha on the AMM (swap alpha→TAO), pushing down alpha price and potentially harming the subnet’s ability to recover.
+ Even though TAO is burned (not paid to root), the subnet token still gets hit.
Mitigation
+ Default mode should be Disable, not Recycle, for suppressed subnets (least weaponizable).
+ Recycle should require separate, higher-legitimacy approval (e.g., 2-chamber vote).
+ Add a per-subnet cap: max % of daily alpha that can be swapped/burned.
Attack C: “Bribe-to-suppress”
Failure mode
Vote buying is always possible off-chain; stake-weighted votes are economically purchasable.
Mitigation
+ Time delays + response windows reduce profitable quick hits
+ Juror bonds + slashing for provably abusive suppression (if overturned on appeal)
+ Public, attributable vote records create reputational costs
Attack D: “Spam cases / governance DoS”
Mitigation
+ Reporter bond + escalating bond for repeat reporters
+ Case rate limits per coldkey
Attack E: “Scammers route around by manufacturing inflows”
Since Taoflow is driven by staking inflows, a scam subnet can attract emissions by attracting speculative staking inflows.
Implication
+ A pure market-driven allocator can still fund unethical designs.
+ That’s precisely why a circuit breaker has value; but it must be legitimacy-protected.
-----------
Other e.g.
Attack: “Top validators censor a competitor subnet”
Blocked by: distinct voter quorum + stakeholder chamber + judicial confirmation + auto-expiry.
Attack: “Scam subnet buys votes (bribes)”
Bribery becomes slashable; jurors have locked stake; bonds raise cost.
Attack: “False accusations to grief a subnet”
Challenger bond + judicial burden of proof.
Attack: “Scammer blocks suppression by self-staking alpha”
Stakeholder vote weights TAO-at-risk, making self-defense expensive in real capital.
Attack: “Slow governance = scam runs for months”
Emergency pause (short-lived) stops bleeding immediately, then due process finishes.
------------------------------------------
Implementation roadmap
Phase 1 (immediate, minimal change)
Modify/replace PR #2420 directionally:
+ raise threshold to ≥ 67%
+ add distinct-voter quorum
+ add auto-expiry (e.g., 30 days)
+ remove or strictly time-box the sudo_set_emission_suppression_override to an emergency-only 24-72h pause requiring subsequent ratification
+ require on-chain reason codes + evidence hashes
Phase 2 (3–6 months)
+ implement governance delegation separate from staking delegation
+ implement Safety Track judicial process + challenger bonds
Phase 3 (6–18 months)
+ migrate to OpenGov-style multi-track governance (parameter changes vs safety vs upgrades)
+ Triumvirate transitions to a narrow “technical emergency council” role only
--------------------------------
📌 Bottom line
A “nearly perfect” governance system for Bittensor must:
✅ preserve TAOFlow market selection as the allocator (natural selection)
✅ add a rule-of-law safety system for scams/extraction
✅ prevent censorship capture via multi-chamber voting + judicial confirmation + expiry
✅ enforce honesty with bonding/slashing and transparent evidence
✅ decouple staking yield from political power
------------------------------
Core Goals of the proposalCore Goals of the proposal:
Decentralization:
+ No single actor (or top-5 cartel) should be able to suppress emissions.
+ Decisions must be stake-representative but not purely plutocratic.
Anti-scammers / anti-rugpull / anti-extractors
+ Ability to stop ongoing extraction quickly.
+ But also avoid “governance-as-a-weapon” (censorship of competitors).
Fairness / equality / democracy / justice / civilization
+ Explicit due process: claims → evidence → time to respond → appeal.
+ Transparent reasoning and auditability (on-chain commitments to evidence).
Evolving + incentive + natural selection
+ Preserve Taoflow as the default allocator (market-based / behavior-based).
+ Use discretionary intervention only as a bounded “circuit breaker,” then revert to market selection unless renewed.
That combination is what gives you decentralization and anti-scam enforcement without reverting to a small committee controlling emissions.
$TAO
