Reducing VePassport Validity to 1 Week

Proposal for VeBetterDAO:

Reducing VePassport Validity to 1 Week with Weekly Action Requirement

Objective: Decrease the VePassport validity period from 12 weeks to 1 week, requiring users to complete 3 actions each week to maintain their verified status.

Proposal Details:

•	Weekly Expiration: The VePassport will expire weekly, instead of every 12 weeks, necessitating renewal to validate wallet authenticity.
•	3 Weekly Actions: Users must complete at least 3 “Better” actions per week to sustain the VePassport.

Expected Benefits:

•	Enhanced Engagement: Encourages weekly interactions within the ecosystem.
•	Flexibility for New Members: Allows for faster onboarding and frequent verification of active wallets.

This proposal aims to boost interactivity and flexibility, strengthening VeBetterDAO’s engagement and security.

Community, please comment on this proposal, I think that the VePassport expiration time of 12 weeks is too long, I think that by lowering the VePassport expiration time to one week, we can significantly reduce the possibility of having a single person manage multiple wallets.

@elcaliffo I believe one week is too short. I would struggle to have three actions per week that do not feel forced, even if apps provide rewards at the time I use time.

I believe 4 to 6 weeks are better with having on average one action per week. It feels more relaxed for someone who wants to be active, without making this feel like “work”.

What is the real goal behind your suggestion?

You make it sound like you want to force activity of the users using the gov. mechanism? I believe its more like lowering the probability of sybil-users?

Thanks Mario for dedicating some of your thoughts.

Basically, the opening of this topic of mine has two purposes:

1. Educate the Italian community on how to solve the problems related to the DAO by showing them the right steps to take, (create a discussion above, discuss it and arrive at the final proposal to be inserted on the DAO).
2. To fiercely fight Sybil attacks, I think that the Vepassport released in these conditions (basic level) with a 12-week expiry is a little too little restrictive, I think it could allow farmers to create a good number of verified wallets with 3 actions and benefit from quadric rewards for a good number of rounds.
   Maybe the 1-week expiry is too restrictive, but could 2/3 weeks be a good compromise?

I think it could allow farmers to create a good number of verified wallets with 3 actions and benefit from quadric rewards for a good number of rounds.

First: I agree

I believe forcing more human interaction is not the solution, a better way would be to reduce scripting interactions.

In my opinion manual and small number of sybils is something that can not be prevented. Someone will always be able to create and manage a dozen accounts.
Automation and the scale that comes with it is the real risk factor.

I believe the new contracts support a configuration to configure certain dApps to not count towards the required action threshold.

I think it would be better to define those DAO apps that can be fully automated to provide less (if they generate costs) or no (if they are free) value towards that threshold. This would remove the risk for scaling large scale farms.

I also believe this is a “battle” that does not simply end, its a continuous effort that will always require adjustments.

Regarding the VePass, I share a similar view to Favo. I also rarely use a dApp currently—I’m not retired yet and have a job!

However, to address the currently emerging Sybil attack more thoroughly, it might be worth considering the introduction of a weekly activation requirement that cannot be automated, for example, through a script.

The address I shared today is currently generating around 1,800 wallets, and since the VePass has a validity period of twelve weeks, the creator of these wallets could gain access in a few days. The flaw in the current implementation seems to be based on the assumption that this would not be feasible for large-scale farmers. However, there are likely teams dedicated solely to such activities, so this outcome was almost predictable.

As early as last week, it was noticeable on the B3TR Rich List that someone split 1.2 million B3TR into wallets, each holding 6,020 B3TR. So far, no conversion to VOT3 has taken place, but the reactivation of farmers is already apparent.

As I mentioned in the Telegram chat, it would have been advisable to set up the VePass as a dApp for initial activation. Additionally, it would be wise to implement a weekly activation—either by logging into VeBetterDAO, where the VePass can be activated in the profile, or by claiming rewards through the portal, which would activate it. Such a rule could also be introduced for Vedelegate, with a weekly activation requirement. This would be feasible for smaller farmers, while for those managing large wallets, it would present a significant time challenge, if not make it impossible.

Whether such a measure is feasible depends on VeChain. However, the current approach doesn’t inspire much optimism, especially since the blacklist doesn’t seem to be functioning as intended—or is it not active yet?

Unfortunately, this is a critical issue that is affecting our DAO and undermining the integrity of the project and the enthusiasm of its users. The fact that we’re in this situation on the mainnet today stems from the quadratic rewards not being tested on the testnet, but there’s no point in crying over spilled milk at this stage.

We have several options that we can implement, but it depends on what we truly want.

If we want to maintain quadratic rewards, then we should see the Sybil attack as an opportunity for VeChain. You may be wondering in what way, right? I mean that Sybil artificially boosts the number of new wallets opened on the blockchain, and this data (even if fake) could help VeChain gain exposure by generating traffic on the chain. However, as suggested by Mister X on Telegram, we need to activate mechanisms where the “house” (the entire VeChain ecosystem) ultimately wins. What do I mean by this? Farmers might activate thousands of VePassports, but in the end, they still won’t be able to vote, losing all their efforts. In fact, they would unknowingly contribute to funding sustainable activities (for example, see PAUSEYOURCARBON).

We could also consider having a VePassport based on credibility scoring. For example, each action performed on a specific dApp has a different score compared to another. Just as an example, actions on Greencart and Mugshot should give a higher score than simpler actions performed on other dApps.

We should also not overlook the fact that some people do not intend to participate in VeBetter’s dApps but are simply investors who may only want to take part in the weekly DAO votes. We cannot exclude this group of users either but must instead include them, so it would be necessary to introduce the possibility of receiving a VePassport through actions taken directly on the DAO.

To be clear, I don’t believe we’ll ever completely get rid of Sybil, but we can live with it, even using it to our advantage.

Otherwise, we need to propose a hybrid system with quadratic voting and linear rewards, but we must be aware that this system could create whales in VeBetter.

I believe there’s little to be done against “family farmers.” The focus should be on the large actors, perhaps by encouraging them to spend their VET on Carboneers. In this way, they could continue their activities and vote, only to find their efforts nullified in the end by a blacklist and their rewards withheld.

Every decision follows an economic rationale: is it worthwhile or not? If a large farmer cannot be certain that they will avoid penalties after investing and voting, they may reconsider their efforts.

If the large players are strategically kept in check, smaller farmers could largely be left to operate freely, as they – as mentioned above – naturally generate some degree of marketing.

This has been my stance since the first Sybil attack: addresses operating around ten wallets were not my primary concern. However, at 50 wallets or more, I felt the scale had reached a point where honest users were clearly at a disadvantage.

In this context, it could also be worth considering the removal of the delegation restriction, allowing a user to participate in both VeBetterDAO and Vedelegate – an approach that could offer greater fairness.

There’s undoubtedly no system that completely solves the issue. However, this approach could serve as a test run; if large players are thus restrained, this might also allow for maintaining quadratic rewards. The only question remaining is at what wallet count the blacklist should be activated.

This point is a big dilemma
And what if we thought of activating the blacklist based on a generic global estimate of how many members exist in a single family?
More or less it is about 4/5 members, but given that in countries like Africa this number could be slightly higher we could think of activating the blacklist after the 7th/8th wallet, mine is just an idea but really it is a big question mark this part.

In Germany, the “immediate family” typically includes one’s own children (two to three), the spouse, parents and in-laws. In some cases, pets such as guinea pigs, bird, dogs, or cats might also be included!

In my view, it would be sensible to activate the blacklist once there is evidence that 20 wallets have been funded from a single wallet. According to the documentation, whitelisting is possible. The retained rewards could initially be parked for four weeks before being returned to the pool and evenly distributed with the current round.

One thing is clear: ultimately, it’s all about psychology. If VeChain once again lets this opportunity slip by without taking decisive action, calls for linear rewards will grow louder, and negative sentiment may dominate once more.

However, if VeChain promptly activates the security systems as documented and demonstrates to the community that lessons from past mistakes have been learned, it would create a positive psychological effect that would also reflect well from a marketing perspective. Honest supporters and VeBetterDAO believers would feel reinforced in their commitment.

The psychological impact of standing up to large-scale farmers will achieve far more than merely considering whether weekly actions are necessary. Additionally, it would be wise to provide an option to report addresses showing irregularities. VeChain should have the necessary tools to identify potential farming addresses readily available.

Certain dapps are easy to use every week like commuter and greencart. I would lower the period of a quarter to one month with 3 actions.

What about giving the x nodes that will trigger endorsement of the dapp the option to choose which dApp can count against the sustainability action threshold?

I don’t really believe in reducing the validity of the VePassport to fewer weeks. In these conditions, I think only reducing it to 1 week might be effective, but unfortunately, this solution also has limitations and would exclude some users from participating in the DAO. These are users who are currently “inactive” for various reasons, such as not having found a dApp that aligns with their interests. For this reason, they don’t interact with the available dApps, but they are investors and would still like to participate in weekly votes.

You mention that some dApps are easier to use than others, and that’s true. However, the ease of using a dApp doesn’t necessarily mean it’s less secure than another. For example, GreenCart is easy to use, but I believe that actions performed on GreenCart should have a higher score towards obtaining the VePassport because GreenCart requires you to bind the account to the device you’re using, then take a photo of a receipt, and only after approval can you claim your reward. Therefore, a Sybil attack through GreenCart seems more difficult compared to the “Pause Your Carbon” dApp.

If we want to pursue quadratic rewards, we need to rethink the concept of the VePassport, moving its activation from static to dynamic by collecting on-chain data. Perhaps activating the VePassport based on a specific score could work.

Here’s an example:
To activate the VePassport, you need to reach a score of 600 points, which can be determined based on various factors:

1.	If a wallet holds more than 30k VET, it gains 300 points, and if it falls below that threshold, the score automatically decreases.
2.	Actions on GreenCart are worth 200 points due to higher security measures compared to other dApps.
3.	Each action on Pause Your Carbon is worth 20 points since it has minimal security against Sybil attacks.
4.	If a wallet holds an X-node, it already has the VePassport activated.
5.	If a wallet connects to the DAO and links a social profile with an age of more than 3 months, it gains 500 points.

This is an issue that should concern not only the X-Nodes but the entire community. If the goal is to pursue quadratic rewards, then we need an effective shield against these attacks to maintain the credibility of the DAO.

I reiterate that perhaps a dynamic VePassport could be an excellent solution. These are my ideas, but it’s essential to understand from a development perspective if this type of implementation is possible.

I believe we need to divide the problem into two areas initially. The first concerns the current issue, for which a quick solution or response must be found. Otherwise, those who gave the project another chance back then may become completely disillusioned and might ultimately turn their backs on it.

Furthermore, I question why Carboneers should be rated lower than Mugshot, Greencart, or Cleanify.

Not only in my opinion but also according to everyone I’ve spoken with, there are currently exactly two to three truly good dApps: Solarwise, Carboneers, and GAC. Both Solarwise and Carboneers have effective, sustainable systems behind them. Carboneers uses the funds it receives for its projects in Africa, etc., while Solarwise builds solar farms that provide green energy. This aspect alone should warrant a higher score than projects that, through the technology used, indirectly generate CO₂.

Uploading images and sending them over numerous backbones consumes CO₂; the AI systems used also require large amounts of energy. The images are stored in large data centers that mirror their data redundantly across the globe, which also causes CO₂ emissions. Additionally, the storage media need to be replaced regularly. This observation came from a conversation partner from “Fridays for Future” with whom I discussed VeBetterDAO.

Therefore, scores should actually be calculated based on the real direct and indirect sustainable footprints.

But to avoid digressing too much: It is often overlooked that not everyone has a smartphone or stores their seed phrase on one. Very few apps work on a PC. So, for example, only Carboneers, Solarwise and GAC are available that work without issues. All these points must be considered in the calculation.

However, a definitive possibility would be to generate a score as follows: How old is the wallet? Are the tokens held in the wallet, regardless of whether B3TR or VOT3? Do I open VeBetterDAO or Vedelegate at least once a week? And that would be my suggestion: users should be required to access at least three dApps via VeBetterDAO or Vedelegate. This access generates a high score and serves primarily as marketing, as some users might have to interact with the dApps for the first time.

Hey Mister X, I apologize if I expressed myself poorly. It was absolutely not my intention to penalize one dApp over another in terms of scoring. What I meant is that, with the current VePassport, you only need to complete a certain number of actions to receive it. However, if an action on a dApp is easier to perform, then the score required for obtaining the VePassport should be lower for that dApp. This approach could create a win-win mechanism for everyone. For example, if you want to use “Pause Your Carbon,” you would need to buy more “carbon years” to get a good score. This way, it strikes a balance where everyone benefits: the dApp gains because more activities are funded to offset CO2, and indirectly, anyone trying to create multiple VePassports through simple actions would need to “spend” more tokens to buy carbon years to reach their goal. I hope I’ve been clearer now.

Why does this need to be implemented via a dApp?

From an administrative standpoint, using the portal would entail significant effort for cheaters. For honest users, however, this poses no problem since they already use the portal to claim their rewards. The tech-savvy cheaters will attempt to retrieve rewards via scripts. However, if they were required to have an active VePass, they would need to log into VeBetterDAO each week, which would be extremely cumbersome with, say, 1,800 wallets. Additionally, if users had to solve a random task during their first weekly login (such as “What is the name of the dApp where you photograph coffee?” or a captcha), it would further complicate script-based automation.

The fundamental issue is that honest users are being significantly restricted.

Therefore, my primary approach is to intensify the use of the blacklist from the outset. If it is already active, the foundation should be prepared to set a precedent and block all major farmers. If these individuals receive their payouts in the current round, they will have not only recouped the costs spent on Carboneers but also made a substantial profit.

Moreover, we should revisit a question I posed earlier: Why can VeBetterDAO be accessed via scripts? The user base consists of simply users. I understand the concept of decentralization, but fraud is technically facilitated precisely because of this. Since every normal user has to use VeBetterDAO, the question arises as to why this is not considered in the case of VePass.

If we apply your score system, the logic could be formulated as follows:

# Point system for activating the VePass

# Initialize variables
score = 0
vepass = "Not Activated"

# Number of actions performed
number_of_actions = ...  # Replace '...' with the actual number of actions

# Check if at least 3 actions have been performed
if number_of_actions >= 3:
    # Points for actions (each action gives 50 points)
    score += number_of_actions * 50

    # Age of the wallet in months
    wallet_age_months = ...  # Replace '...' with the actual age of the wallet

    # Points based on the wallet's age
    if wallet_age_months >= 3:
        score += 150  # Wallet is older than 3 months
    else:
        score -= 150  # Wallet is younger than 3 months

    # Voting method
    voting_method = ...  # Possible values: "Portal", "VeDelegate", "Script"

    if voting_method in ["Portal", "VeDelegate"]:
        score += 350  # Positive points for voting via Portal or VeDelegate
    elif voting_method == "Script":
        score -= 175  # Negative points for voting via script

    # Claiming method
    claiming_method = ...  # Possible values: "Portal", "VeDelegate", "Script"

    if claiming_method in ["Portal", "VeDelegate"]:
        score += 350  # Positive points for claiming via Portal or VeDelegate
    elif claiming_method == "Script":
        score -= 175  # Negative points for claiming via script

    # Login method
    login_method = ...  # Possible values: "Portal_Captcha", "VeDelegate_Captcha", "Script"

    if login_method in ["Portal_Captcha", "VeDelegate_Captcha"]:
        score += 150  # Positive points for login with captcha
    elif login_method == "Script":
        score -= 175  # Negative points for login via script

    # Check if tokens were withdrawn after claiming
    tokens_withdrawn_after_claiming = ...  # True or False

    if tokens_withdrawn_after_claiming:
        score -= 1000  # High penalty for withdrawing tokens
    else:
        score += 150  # Bonus for keeping tokens in the wallet

    # Check if VOT3 was received from another wallet
    vot3_received_from_other_wallet = ...  # True or False

    if vot3_received_from_other_wallet:
        score -= 500  # Penalty for receiving VOT3 from another wallet

    # Check if B3TR was received from another wallet
    b3tr_received_from_other_wallet = ...  # True or False

    if b3tr_received_from_other_wallet:
        score -= 150  # Penalty for receiving B3TR from another wallet

    # Check if tokens were accumulated through rewards and dApps
    tokens_accumulated_through_rewards_or_dapps = ...  # True or False

    if tokens_accumulated_through_rewards_or_dapps:
        score += 50  # Bonus for accumulating tokens

    # Check if the score threshold is reached
    if score >= 1000:
        vepass = "Activated"
    else:
        vepass = "Not Activated"
else:
    # Fewer than 3 actions performed
    vepass = "Not Activated"

On this basis, honest users could be protected through simple means. A farmer would have to perform a significant number of actions or make purchases to achieve the required score.

Furthermore, they could not simply withdraw their funds, as they would immediately receive a substantial negative score.

Dear community members,

I wanted to take a moment to summarize the ongoing discussion around potential improvements to the VePassport, with a focus on making it more robust and better equipped to counter Sybil attacks. The ideas brought forward have touched on key points, which I’ve gathered here to provide a cohesive view.

Main Objectives of the Discussion

1. Limit Sybil Attacks: Implement strategies to reduce the number of wallets managed by the same individual and mitigate large-scale “farming” activities.

2. Encourage Genuine Interaction and Engagement: Design a system that fosters meaningful participation without forcing “mechanical” actions that could penalize regular users.

3. Increase Flexibility and Adaptability of the VePassport: Propose flexible solutions that don’t restrict participation but can quickly adapt if new threats or undesired behaviors emerge.

Key Proposals and Ideas

1. Flexible Algorithm and Dynamic Scoring
   One of the central ideas is to implement a flexible algorithm to assign the scores needed to maintain the VePassport. This algorithm would allow scores to be dynamic, with bonuses and penalties not set as fixed numbers but determined based on real-time data on detected Sybil activity.

• The algorithm should allow developers to adjust parameters immediately, without requiring a new DAO proposal, ensuring a fast and targeted response.

• Scores could reflect the security level and complexity of certain dApps. For example, dApps like GreenCart, which require more authentication, could provide higher scores than simpler dApps, discouraging Sybil farmers.

2. Non-Automatable Weekly Requirements
   Many community members agreed on requiring at least 3 weekly actions to keep the VePassport active. To prevent these actions from being automated through scripts, some have suggested using CAPTCHA or random verification questions, making it harder for anyone trying to bypass the system.

3. Dynamic Blacklist for Suspicious Wallets
   The idea of a blacklist was well-received, with flexibility on the maximum number of wallets a single user can manage. The activation threshold could be dynamically adjusted based on data, automatically penalizing wallets involved in suspicious token transfers or other Sybil-like activities.

4. DAO Participation and Social Profile for Passive Investors
   Not all community members are interested in the DAO dApps but still want to vote weekly. The idea emerged to give a score bonus to anyone accessing the DAO or linking an active social profile. This would allow passive investors to obtain the VePassport without requiring them to engage in irrelevant interactions.

5. Considerations on a Dynamic Scoring System
   Lastly, there was discussion around the idea of a dynamic activation system based on scores assigned according to objective criteria, such as the number of tokens held in the wallet, the wallet’s age, the method of access (avoiding scripts), etc. The algorithm could factor in all these variables to generate an overall score that reflects the behavior and reliability of the wallet.

Conclusion
This discussion has generated many interesting ideas and possible directions to improve the VePassport and protect the DAO. The community’s proposals are now summarized here, and we hope the DAO developers will review this post to draw insights and build a more robust and adaptable version of the VePassport.
Thank you all for your active participation and dedication to strengthening our community.