1  Disclaimer: This document is just a collection of ideas on the possible approach for the technical implementation of a democratic system and is not intended to be an appell to overthrow an real existing government.
  2  If there is an issues in this document which might be in contradiction to that intention the feedback for improvement will be appreciated and this document will be updated as soon as possible. 
  3  
  4  "D5" stands for Digital Decentral Diverse Direct Democracy:
  5  
  6  A lot of current govermental functions require still analog bureaucracy, which decreases the speed of processing and wastes valuable resources. 
  7  A logical conclusion is to provide a webservice, which is digitally accessible either through browser and on a smartphone application.
  8  
  9  To minimize the risk of corruption by data manipulation and monopolization, data will be stored on verifiable decentralized web services.
 10  
 11  Diversity is difficult to measure and thus to represent, especially for those who are less priviledged.
 12  By giving access to people, who can have a vote, to the system, they should be able to productively contribute.
 13  
 14  Direct democracy is generally difficult to implement because it would require enourmous human resources to process all information by all citizens. If moderated by bots and other citizens and not only by the governmental bureaucrats there might be enought processing power to let all citizens contribute directly to the final decisions, thus reducing the possiblity of abuse of power by representatives. To be compatible with the current representation based democracy, the announcement of the decisions made by the D5 system will be done by volunteers, saying that if D5 has been elected as the absolute majority, that the changes will be applied as announced.
 15  
 16  Democracy by humans is necessary to avoid fatal errors through full automation.
 17  
 18  __________
 19  The D5 requires the following to operate:
 20  1. Users/Citizens with access to the system.
 21  1.1 Creative and knowledgable citizens, who come up with a solution to a problem and does research whether that solution is actually viable and discusses it with other citizens in a thread.
 22  1.2 Fast and decisive citizens: Their role is to understand the proposed solutions, compares them and decides as fast as possible which is the one which the most chance or least damage.
 23  
 24  2. Operating Personell:
 25  2.1. Administrators, who maintain the system. The core system will be open source, so anyone can review the system and improve it. There need to be enought administrators, who can be paid eventhough volunteering is desirable, so bugs can be fixed as soon as possible and the webservice is constantly kept online. Only practive will tell how many people are required, but at least 6 with an 8 hour shift to guarantee 24/7 coverage and one person can be sick.
 26  2.2. Operators to verify users and other operators.
 27  2.3. Moderators: Moderating the discussions channels
 28  2.4. Verifiers: Verifying new knowledge entries
 29  2.5. Coordinators: Who coordinates shifts and other organizational tasks
 30  
 31  3. Technical infrastructure
 32  3.1. Source code
 33  3.2. Servers (will be explained later)
 34  3.3. Client devices (ideally an voice recorder developed by onthewayto.pro, but any device with access to internet and sufficient computation power would do)
 35  3.4. Physical location (to send/receive letters, technical support, residence/bureau for personell, etc)
 36  
 37  4. Voice Of Huaminty Foundation funding the administrators, operators, moderators, coordinators and the necessary technical infrastructure.
 38  
 39  5. Local political party with representatives, who have authorized access to D5 system. So if a decision has been decided, to announce it as soon as possible in the local legislative organ.
 40  ________
 41  
 42  Workflow for a decision:
 43  1) A citizen starts a thread for a topic describing a specific problem.
 44  2) Other citizens subscribed to a topic, gets notified about that thread.
 45  3) Other ciztizens join that thread, by answering a basic question regarding that topic, which is generated by either other citizens or by a bot.
 46  4) In the thread one or many solutions elaborated.
 47  5) At some point a post will be marked by the majority of the thread as a solution.
 48  6) If so, all citizens who are responsible for decisions who is subscribed to a topic will be notified.
 49  7) They can voce until at least 80% of them has voted and the solution needs to reach 51% of the votes. Until then, those people can vote.
 50  8) The result of the voce will be published to a log.
 51  9) The representative announces in the government meeting new entries on the log.
 52  10) Once the D5-party is elected as absolute majority, the representative changes the law accordingly.
 53  
 54  ________
 55  
 56  Workflow for identifying a specific problem:
 57  1) A citizen asks a question to the knowledge base of the system.
 58  2) The system trys to give an answer using bots, searching in other threads.
 59  3) If the bot does not find an viable answer or if the citizen is not satisfied with an answer,
 60  a thread with a topic can be started.
 61  ________
 62  
 63  Failsafe mechanisms:
 64  - Human Representative.
 65  - That human representative can request a predefined volunteer of a channel as expert to be present at congress.
 66  - Decentralization of the system.
 67  - System could be accessed with ad hoc mesh network off grid (meshtastic)
 68  - Human moderators supervise AI moderators
 69  - Corrupt representative can be deelected by the authorized ballot participants swiftly.
 70  - Operators of the Voice of Humanity foundation provides trustable operators.
 71  - The Voice of Humanity foundation will fund trustable operators including the supreme administrator.
 72  
 73  ________
 74  
 75  Current tech stack:
 76  1. Client-Application:
 77  	- Internet connection with a gateway node providing access to read and request to publish a message.
 78  	- The gateway node instance can be either selected by the user from the official list hosted on the voice of humanity foundation website or self hosted.
 79  	- Self Compilable
 80  	- Request a UUID and public encrpytion key automatically.
 81  	- Sends an encrpyted message with the public key of the authentication node for privacy.
 82  	- If the publish request was denied by the authorization node, the user gets an two strings. One string contains plain text explaining the reason in human understandable way. The other string containing an encrpyted message containing the original message, UUID of the client application, the UUID of the gateway node, the UUID of the authentication node and the reason why the publish request was denied.
 83  	- The user has the freedom to send the encrpyted string to the Voice of Humanity foundation for review by human after the verification with altcha. Only messages which can be decrypted by the authorization node will be actually sent for human review.
 84  	- If then a malicious intent was detected during the human review, that client with the UUID can be black listed.
 85  	- A client can request permission to vote, after the identitiy of the client has been verified using the API for online identification of local governments.
 86  
 87  2. Gateway Node:
 88  	- Self Compilable, UUID of the gateway node is registered in authorization node
 89  	- Hosts a REST API to access to the decentralized data and request to publish messages.
 90  	- Relays encrpyted publish message request to the authorization node. 
 91  	- Can be requested for black listing, if many malicious clients activity has been detected.
 92  
 93  3. Authorization node.
 94  	- Can authenticate and blacklist a Gateway node.
 95  	- Is a encrypted Docker image, and only that image has access to the decentralized key management system.
 96  	- Regularly automatically recompiles itself from the most recent commit to radicle repo.
 97  	- All activity requires authorization by the decentral secret management system.
 98  	- Has an local RAG pipeline with a knowledge base and guard rail system to verify that a new message is not a spam.
 99  	- If the message is verified, updates the data of the forum/knowledge base.
100  	- Provides API to accept pull requests for the source code on redicle repo will be authorized by the maintenance team.
101  	- A request to black list a authorization node can be sent to the decentral secret management system by the maintainer of an authorization node.
102  	- After the request for black listing has been issued, all activities by that node is suspended until the request has been processed.
103  	- After sending one request to black list, that original authentication node is also suspended to prevent one node accusing all others.
104  
105  4. Decentral secret management system:
106  	- Is a dApp fist instantiated and funded by the voice of humanity foundation and acts as a single instance.
107  	- It's purpose is to keeps regenerating the credendencials in certain intervals to avoid being brute forced.
108  	- The credencials are encrpyted in a file on a virtual disk on a RAM and is not stored anywhere else to avoid being brute forced.
109  	- List of credentials to be stored:
110  		- All public keys, UUIDs of the client applicaiton, and whether it is blocked, and whether it has permissions to vote.
111  		- All public keys and UUIDs of the gateway node, and whether it is blocked
112  		- All public keys and UUIDs of the authorization node, and whether it is blocked
113  		- The private key private key used to encrypt the file with the credencials is also on the temporal ram on a RAM of the decentral private computing cluster and is also regulary regenerated.
114  		- The root password, after the first instantiation, the system locks out the access to the root system by changing the root password to a random password. And the system keeps changing the root password as well to avoid evil maid attack.
115  	- Manages votes regarding black listing of authentication nodes.
116  
117  5. Publically accessible decentral storage for the forum data for discussion, it's operation is funded by the voice of humanity foundation. The current laws of each country are mirrored and anyone can publish a comment or specific change for that law but only authenticated with the digital identity issued by that local government of that country can participate in the vote to accept that change.
118  ________
119  Old tech stack:
120  1. Client-Device:
121  	- Internet connection with a centralized REST server providing access to read only access to channels.
122  	- The instance of the centralizes REST server can be chosen by the user from the official list hosted on the Voice of Humanity foundation.
123  	- Optional features because it requires enough computing power for verification of data integregity. If hosted, it can work as a gateway with write access, usually exceeding the capabilities of commonly affordable smartphone:
124  		- hosting a minimal unauthorized node decentral communication Protocol with write access to channels
125  		- hosting a minimal authorized node for decentral communication Protocol with write access to ballots
126  
127  2. Server:
128  2.1 P2P authorized node as bootstrapping nodes forked custom instance of radicle and  forked custom instance of verizexe (Multiple independent instances desireable)
129  2.2 P2P authorized node with radicle like decentral repo hosting source code and also the public data (discussion channels, ballot results, knwoledge base) and private data (Blacklist, each ballot votes) with write access
130  2.3 P2P unauthorized node with radicle like decentral repo hosting source code and also the public data (discussion channels, ballot results) and private data (Blacklist, each ballot votes) with only read access
131  2.4 P2P authorized node with read only access to public data interfacing a centralized REST server for quick information access.
132  2.5 P2P authorized node with code review bot, verifying request for change and initiating a ballot of the code maintainance team
133  2.6 P2P authorized node with with moderator bots responsible for blacklisting nodes for each channels if a malitious intent was recognized, before blacklisting human moderator need to review that malitious action.
134  2.7 P2P authorized node for quiz generator, submitting quiz to human verifiers 
135  2.8 P2P authorized node for authorization (of users, operators, domains to centralized server as information source)
136  2.9 P2P authorized node for managing "main" cryptowallet managing all the Filecoin/Verizexe-coin, which address is hard coded and the private key is typed in manually by the highest administrator.
137  ________
138  MISC:
139  - Example for online identification API provided by government for voting called "eID" in germany: https://www.personalausweisportal.de/Webs/PA/DE/wirtschaft/diensteanbieter-werden/einsatzmoeglichkeiten/einsatzmoeglichkeiten-node.html
140  - Knowledge Base: Knowledge will be mainted as unstructured text from which a Neo4j with GPU acceleration will be generated for a RAG pipeline.
141  - decentralized webhosting:
142  	- Decentral Open source code base: https://radicle.xyz/
143  	- Decentral private computing:
144  		- Protocol + Computing power: https://github.com/aleph-im/aleph-vm/tree/main/runtimes/aleph-debian-12-python
145  		- Protocol: https://github.com/EspressoSystems/veri-zexe
146  	- Decentral Storage for encrypted Docker images: https://ipfs.tech/
147  	- Etherum Smart Contract for most important information, needs to be funded
148  
149  
150  Outdated reserach notes:
151  	- Decentral webhosting: https://ipfs.tech/
152  	- Decentral Database:  "proof of spacetime" -> With dedication, it cann be overrun
153  		- https://spec.filecoin.io/
154  		- https://docs.filecoin.io/builder-cookbook/dapps/decentralized-database
155  	- Decentral forum: https://join-lemmy.org/docs/introduction.html
156  
157  ____________
158  Known yet unsolved problems:
159  - Verification process of the knowledge base/quiz
160  	- Writing history through corrupt historians problem
161  	- only an expert human can verify, but it means that it will be a bottleneck
162  	- And discussing it in public channels means that it will leak the information
163  	- And discussing it in private channels is against transparency.
164  - Cheating during knowledge tests:
165  	- If the user cheats during tests (or malicious bot), then it could have sufficient knowledge to stay in the thread and propergate false information. Doing it with "trusted" people, has limitation on expertise, time and resources. For most people a test in a booth without electronics would be ideal, but it requires authorized and correct operation of that institution, which is difficult to ensure.
166  - Integration of quantum cryptography requires special hardware, which might not be available for consumers soon enough. Even if it is available, it might be too expensive to obtain or to maintain.
167  __________
168  Solved Problems:
169  - What to do, if the system is inaccessible for some reason? (Coup d'etat problem) -> Decentralation (Offline First Principle)
170  - Organized Radicalist group with bad intentions creates a fake majority (Radicalist problem) -> Black list 
171  - Black List Problem: Ethical, Practical -> If someone does not pass the test, there is a ballot from that channel whether to actually black list that instance,
172  where the users can see the answer to the question.
173  - Prioritization of Nodes Problem If filecoin is used, the each nodes needs to donate the filecoin back to the account of the "main" node or so called "bootstrap" node,
174  which address will be documented in the etherum smart contract. -> Filecoin will not be used, but verizexe
175  - Fake accounts problem (Verification of nodes can be done by main node of local government)
176  - No need for Load Balancing if the P2P instances are truely p2p (verizexe using off chaing computation)
177  - Currently there are decentrally managed domains (e.g. .onion), but there is a need for single point of entry. ("decentral domains" for wallet are not it) -> p2p nodes may offer API to interact with federated frontend servers for ease of access
178  - Verification of code integrity of nodes:
179  	1. through homomorphic cryptography and zero knowledge protocols enable decentral private computation, the source code will be hosted decentrally, hardcoding the repo adress into the source code, the code for CI/CD is also hosted there, the compilation is also zero knowledge cryption and the execution environment can also be zero knowledge even though it may be expensive to calculate. It will probably based on nexus-zkvm.
180  	 Incorporating radicle-repos into zkvm uncorruptable repo
181  	2. The procedure for RFC (Request for Change) is unchangable
182  	3. Everyone who manages to remain in the code maintenance team for at least a year can submit a pull request for code review by an bot
183  	4. The code review checks that the changes are not violating against the procedures for RFC or changes to it
184  	5. If the code review bot has check it, there is a vote  by the code maintenance team to accpet that RFC to the code base and triggers CI/CD workflow.
185  	6. Hosting bot instances are optional (Code review, moderator, quiz generator, explainer)
186  - Bot war Problm (Moderator Bot doesn't work as expected and goes rogue) -> Different bot is in charge of code review
187  - Representative problem: There might be a possibility for the representative to become prime minister or similar roles for which it is required to make own decisions based on classified information. Therefore that representative need to decline such roles. Otherwise that representative will be subject of a ballot of reelection. If that representative is reelected, it means that the system and its users has reached its limits to prevent such events. One may only hope that the decisions of the representative could be referred as benevolent.
188  - How to handle local polls? -> it is done outside of the system and thus irrelevant for the system. The polls made within this system are just for making suggestions to the local council and reelecting representatives for that local council if there are enough supporters to found a local politcal party.
189  - Authorization of nodes and users:
190  	- Since everyone is free to join, there is a problem of flooding with nodes operated by bots/humans for malicious intent.
191  	- One solution approach is authorization for instanciation
192  	- Every ballot instance needs to be authorized
193  		- 1. Every operator from the identity verification service needs access to the system for the purpose of authorization.
194  		- 2. Every operator will be verified by trusted operators of the Voice of Humanity foundation and the validity need to be updated at least annualy.
195  		- 3. A citizen of a specific country from the local legal age for voting may request a verification through the system.
196  			- There will be a simple quiz about the system to verify that they understand what they are applying for.
197  			- Then typing in all the nessary infomation (Name, Email)
198  			- The system will permanently store it together with a unique node ID, but the list is private and it is only possible to ask whether a user is already black listed or not.
199  		- 4. They will receive an email containing a link and a one time key to the specified address which will start a identity verification process with authorized third party operators.
200  		- 5. The user is authorized if the operator type it into the system. 
201  		- 6. If a operator has authorized malicious users over a certain threshold regardless of the intention, the node of that operator will be suspended and that operator will be black listed by the system.
202  		- 7. All users authorized by the corrupt operator, will be temporalily be excluded from ballots until reverification.
203  		- 8. If that reverification does not happen in time, that user will be permanently blacklisted.
204  - Trolling: Daily Rate Limit for publish requests
205  - Malicious Client attack: Anyone can create a lot of client instances and sends publish requests, which are then denied and then requests to be reviewed by human and thus overflow the capacity of human verification. Solution: Proof of Work with Altcha: https://github.com/altcha-org/altcha
206  _____________
207  Notes on implementation of the bots:
208  1. Code review bot
209  
210  
211  2. Moderator bot:
212  2.1 Principles of the moderator bot:
213    - If moderator bot removes a comment, that removed comment need to be:
214  	- publically avaiable
215  	- the author can request it to be reviewed by a member of the channel if falsely removed
216    - A comment needs to:
217  	- refer to a verified knowledge base entry
218  	- comply to the publication policy
219  2.2 Publication Policy:
220  - Be kind, speak truthfully, say useful things.
221  - If you recognizse malitious action, report that action actively to the moderators. 
222  
223  
224  3. Quiz generator bot
225  
226  
227  4. Explainer bot