I’m a researcher at the UC Berkeley Center for Long-Term Cybersecurity where I direct the Daylight Lab. This newsletter is my work as I do it: more than half-baked, less than peer-reviewed.
Over the past few weeks, I’ve discussed why internets must be governable, and what kind of institutions we could trust to govern them. I wrote both to prime you for today’s discussion: how to build a governable internet.
I’ll warn you: this post is technical. I explain an intervention to low-level internet architecture. But I offer more than a network upgrade. I envision a new logic of global data trade, one rooted in a notion of sovereignty that emanates from the most local, most territorially determined component of a logical network: the autonomous system.
Recall: everyone connected to the internet is, in fact, connected to an autonomous system, or AS. As I’ve argued, ASs are the smallest, most atomic, and most local unit within which governance can occur.
The AS as a DAO
Let’s pick up a single AS an examine it. What would an AS look like if it were a DAO?
Assume we have some internet users (people who want to connect to the internet). Together, they want to build a self-governing AS. Assume further that this hypothetical AS could maintain a physical connection to all users—via a cable, radio signals, light pulses, etc.
The users each create a wallet. They then form an AS DAO. The AS DAO, itself represented by a wallet, holds in its treasury some address tokens. Each address token represents an IP address on some internet.
The DAO’s treasury dictates its routable address space.
The AS DAO gives address tokens out to users. It may hold a few address tokens in reserve for future members.
Whoever holds a given address token—something provable with the cryptographic primitives of wallets and ledgers and tokens—can use that address to connect to the internet.1
These address tokens, being the governance token of the AS DAO, also give the address token holders a vote in the DAO. AS users can vote over what their experience of the internet is. The AS DAO will be cryptographically bound to obey their wishes.
There’s your popular assembly. Similar to Bookchin's popular assemblies and Rojava's communes, no internet governance action should ever be necessary above the AS level—unless the AS itself cannot deal with the issue.
An internet of DAOs
What does the internet look like above the level of the single AS DAO? What would an internet of AS DAOs look like?
Like regular ASs, AS DAOs can peer together. Unlike regular ASs, their peering relationships would be subject to popular governance.
DAOs could form blocs
DAOs could form ‘blocs’ of more-or-less uniform internet experiences. These blocs could, in turn, negotiate with one another. Between-bloc connections may be more tightly governed than within-bloc connections. Within blocs, data might flow free; between blocs, there might be tighter controls and standards.
Blocs could be hierarchical or flat
The Bay Area region might be represented by several AS DAOs, which together form a bloc. (For an analogy, consider: the Metropolitan Transportation Commission (MTC) coordinates transportation across the nine Bay Area counties). An internet of stacked DAOs would be akin to a world of countries comprised of provinces.
Meanwhile, ideological differences could result in partially overlapping geographies of internet coverage. Three DAOs could co-exist in Berkeley. Like medieval march regions, geographically overlapping patterns of service availability could enable competition over jurisdiction—choice over the information regime(s) to which individual users subscribe.
I imagine an ad-hoc governance structure would cooperate on some matters and compete on others. Addressing is perhaps the fundamental common good in a global communications network: one-to-one relationships between addresses and hosts make services globally reachable, unambiguously.
A new logic of global data trade
As Mueller (2017) observes, a global communications network is a resource too valuable to do without. Yet sovereignty over data trade is itself valuable, an instrument of feedback loops of competitive (dis)advantage between data exporters and importers (Weber, 2019).
What is the global ordering principle that seeks a compromise between the benefits of connectivity and the benefits of sovereignty in global data trade? Sovereign, territorial nations manage international goods trade, a collaborative compromise between global fluidity and national sovereignty. On this internet, a similar ordering principle has yet to emerge.
An internet composed of governable ASs represents a new logic of global data trade, one rooted in a notion of sovereignty that emanates from the most local, most territorially determined component of a logical network: the AS.
Blocs of ASs are more than packet clearinghouses. They represent logical fiefdoms, whose rules, standards, formats, and laws structure that bloc’s interoperability with the outside world.
If the future will be built “bloc by bloc” (Weber, 2019), then a future in which these networks predominate will yield blocs more voluntary in their membership and more granular in their geography than nation-states allow. Radically non-geographic forms of citizenship could emerge: partially overlapping systems of identity, fragmented but global.
From blocs to states
Notice I’ve elided the governance of networks with the governance of persons. You may be wondering who the “users” of this new internet are imagined to be.
Who’s included? The whole community, or just its coding elite?
Also, do we trust the “elections” on these AS DAOs? Manipulations of democratic systems plague our political moment in the U.S. For example, what’s to prevent people from stuffing the ballot—making lots of wallets and manipulating the AS DAO’s governance?
Next week, I’ll give a shape to both of these questions. I’ll propose a solution that shifts this proposal—AS-are-DAOs—from a technical trick to a platform for popular governance. We’ll go from talking about internets amenable to governance to talking about internets that can act as governments.
Thanks for reading Nick Merrill! Subscribe for free to receive new posts and support my work.
Thanks to Zeke Medley and Jeremy Bernick for the many conversations on this topic.
On Border Gateway Protocol (BGP) security. ASs use the border gateway protocol (BGP) to announce routes. These route announcements make hosts addressable across autonomous systems; they make the internet cohere as a single, logical internetwork.
BGP is notoriously insecure. Route announcements are not authenticated. Tack-on “solutions” like RPKI have promised to help somewhat, but overall adoption is low, likely because there are no business incentives for ASs to perform these upgrades.
Now that we’ve framed ASs as DAOs, an elegant solution to BGP security emerges.
First: In our system, ASs can announce authenticated routes without BGP. Modern BFT tools like Tendermint, combined with proof of ownership over routes, obviates all attacks stemming from unauthenticated BGP announcements.
Second: A DAO of ASs can provide “carrots and “sticks” to perform network upgrades generally. Carrots: financial incentives to upgrade, providing bounties to ASs that upgrade, having them vest to reward sustained good behavior. Sticks: banishing them from the network, locking them out of upgrades, etc.
Once we view AS DAOs as governments, a trans-AS institution like an RIR may start to look more like a standards-setting body, a legislature, or even a central bank. I’ll discuss this further in a future post.