3.governance.md

Governance

---

Governance in the blockchain space could mean many different things, but in this case, it refers specifically to how the platform's community can shape the evolution of the blockchain system.

One way we can assess the "value" of a particular governance model is to use the more recently devised Blockchain Governance framework from IOHK: Blockchain Governance. This should help us analyse the quality of any Blockchain Governance framework through a specific set of desirable properties. Here, there are 7 properties we can base our evaluation on:

1. Suffrage
2. Pareto Efficiency
3. Confidentiality
4. Verifiability
5. Accountability
6. Sustainability
7. Liveness

Before we analyse Cardano's Governance system let us define why we need a governance system to begin with.

Purpose

For any ecosystem to have a sustainable future, it is necessary to govern the system's evolution. Yet the key point is to figure out in which direction the ecosystem is evolving (to something better, or worse?). Because Cardano is software, a core component of Cardano's governance model is to ensure that the platform, and its related tools and projects evolve sustainably. However, Blockchain systems push software governance to the limit since their ecosystems are more like communities with financial incentives, very much like our everyday economy. Hence, one may also argue that sustainable governance of the Cardano ecosystem is somewhat tied to the sustainable growth of its financial system.

Governance problems arise whenever it becomes rational for an individual actor to game / play the system for his/her own benefit at the expense of the common good of the community. Hence, we could say that a particular governance system is good only as far as it makes it rational for system participants to act in the interest of the common good. A well-designed governance mechanism would also be capable of incentivizing agents, or at least indirectly making them act in the interest of the common good, even when it may initially appear rational not to, or when they may attempt to deviate from the common good. Furthermore, all system participants may have ideas about how a system should evolve, but not all of them may know what is in the ecosystem's best interest. Additionally, not all proposals may be made in the best interest of the community.

The most obvious incentive for community members to participate in the Cardano ecosystem is to make the Cardano ecosystem better. What this "better" implies, however, is not very clear, as highlighted by the function $\lambda$ above, which could potentially leave room for obfuscating malintent. As we learned from the collective decision making games, even if on the average it is rational to contribute to the common good when you participate in the community for a long period of time, it is not necessarily the case that all participants want to participate forever. Also, as in any collective society, selfish interests may lead to conflicting interest between community members, which could lead to inefficient outcomes. Therefore, one may argue that any good governance system has to make sure that the collective good provides enough utility for each individual on the average to be incentivized to participate in order to satisfy the sustainability of participation criteria.

In general, however, we can say that a governance system is focused on maximizing the utility of its community members by guaranteeing that the 7 definitions are satisfied as much as possible, so we may generally state that there could be an optimal function $\lambda$ that maximizes the utility of the community $U_{C}$, given some definition $x_{i}$ for $i \in [1,...,7]$. Indeed, this function would be somewhat similar to the Pareto efficiency maximization function, and would require us to know how to maximize each individual definition. As will be clear, this is not necessarily that straightforward since these definitions are somewhat interrelated (i.e. changing one in a positive direction, may influence another negatively). As such, we avoid too much quantitative analysis here, and stick with a qualitative discussion.

Blockchain Governance Definitions

1. Suffrage

"The right to participate in decision making procedures."

Rights may be provided in various ways:

• mining based (hashing power)
• token based (token ownership)
• identity based (identity verification)

2. Pareto Efficiency

"A blockchain governance system is Pareto efficient if whenever a decision-making process is held, alternative X cannot win if there exists another alternative Y that is preferred by at least one participant, and no participant prefers X over Y."

Think of this as the outcome of a voting process being the "best" possible outcome of the set of outcomes that could occur, where best is defined by the voting process.

3. Confidentiality

• Type 1: "Secrecy":

"A blockchain governance system satisfies secrecy if whenever a decision-making process is held, an adversary cannot guess the input of any participant better than an adversarial algorithm whose only inputs are the overall tally and, if the adversary is a participant, the adversary’s input."

• Type 2: "Pseudonymity":

"A blockchain governance system satisfies pseudonymity if no participant is required to reveal their real-life identity to participate in the decision-making processes"

Where Type 1 is stronger than Type 2.

4. (End-to-End) Verifiability

"A blockchain governance system is verifiable if whenever a decision-making process takes place, participants are able to verify their inputs were properly tallied and independent observers are able to verify that inputs from eligible participants were properly tallied."

Usually, split between:

• individual (voter can verify their vote was created, stored and tallied correctly)
• global (everyone can verify that only valid votes are in the ballot box, and that all stored votes are properly tallied)

5. Accountability

"A blockchain governance system satisfies the property of accountability if whenever participants bring in a change, they are held individually responsible for it in a clearly defined way by the platform."

Think of this as "Skin-in-the-Game". Parties participating in the governance system are incentivized to do good because they themselves are accountable for their own profits/rewards.

6. Sustainability

• Type 1: "Development": "A blockchain governance system sustains development if it incentivizes, via monetary rewards or otherwise, participants who develop successful improvement proposals for the platform"

• Type 2: "Participation": "A blockchain governance system sustains participation if it incentivizes, via monetary rewards or otherwise, participants who participate in the decision-making process of the platform"

7. Liveness

"A blockchain governance system satisfies liveness if it is capable of incorporating an input of urgency from the stakeholders and then being capable of acting on it in the sense that if an issue is deemed to be urgent according to some function, then the decision making procedure is capable of terminating within a reasonable amount of time, as a function of the urgency of the matter."

More broadly stated, liveness implies two things:

• the governance system continues to operate indefinitely,
• in case of an emergency, there are procedures in place that can bring it back to life

Exploring Cardano's Governance system

To understand the governance terminology in Cardano better, let us break down some important concepts.

Funding Proposals vs Cardano Improvement Proposals

Cardano's governance system is centred on a treasury system where collective decision algorithms are used to solve which future projects to fund. This treasury system ought to be a sidechain as far as we have understood.

Currently, there two different governing bodies:

• The Cardano community (decentralized)
• The Cardano Foundation (more centralized)

Each of these governing bodies focus on different types of proposals in the Cardano ecosystem:

• Cardano Improvement Proposals (CIPs), and
• Funding Proposals (FP)

The CIPs are entirely managed by the Cardano Foundation, whereas solely FPs are eligible for the community to decide upon. This indicates that there is to some degree an aspect of centralization remaining in Cardano's governance system. Indeed, there seems to be little suffrage for participating in CIP decisions at the moment.

Because most of the documentation related to Cardano's governance framework targets FPs, we focus our analysis on FPs accordingly.

Funding Proposals

To contribute to the sustainable evolution of the Cardano ecosystem, community members are eligible to submit funding proposals. These proposals represents projects to be built on top of the Cardano blockchain, and generally to be funded by the collective treasury, or some donation (more on this below).

According to the Treasury system paper, Cardano's Voltaire release will contain an implementation of the treasury system. Currently, however, there exists a publicly available governance interface, namely Project Catalyst. This is an online platform where community members can learn about how to come up with their own proposals, vote, and assess proposals accordingly. This looks very similar to the ideas discussed in the academic paper, but there appeared to be a few discrepancies. As such, we decided to base our analysis on the paper rather than Project Catalyst, but to use Project Catalyst as representative of practical matters related to governance. For example, it was important for us to see how easy it was to sign up to and participate in the Cardano Community to assess the extent to which suffrage is solved for. To do this, we had to use Catalyst.

Signing up was easy, but unfortunately, we were unable to propose a new project because the deadline had passed. That being said, there was a well-defined interface for doing so, and we quickly found out the different stages/rounds from project ideation to funding a particular "governance round" (as Catalyst calls it) consists of. The rounds defined on Catalyst's platform were:

• Proposal
• Review
• Finalize
• Assessment
• Assess QA
• Governance

Catalyst periods

Proposal period:

• A fixed period of time where project proposals are welcome

Proposal review period

• A fixed period of time where proposals are reviewed

Proposal finalization period

• A fixed period of time where proposals are finalized and prepared for assessment

Proposal assessment period

• A fixed period of time where proposals are assessed by project assessors (you have to register to become a project assessor)

Assessment Quality Assurance period

• A fixed period of time where the quality assurance of the assessment period is established

Governance period

• A fixed period of time, divided into three epochs:
  • Pre-voting,
  • Voting,
  • Post-voting,

Inactive proposals are eventually archived. The definition of inactive is unclear, but implies any proposal which did not make it through the funding round.

Voltaire

As mentioned, Voltaire is the target governance system the Cardano ecosystem is developing towards. Voltaire is pretty much centred on the governance period of Catalyst and consists of three main phases:

• Pre-voting,
• Voting,
• Post-voting,

It should be clarified to what degree there are differences between Catalyst and Voltaire. It seems like additional focus has been placed on proposal review and QA in Catalyst, potentially due to the fact that its voting system is not as secure as Voltaire would be, which naturally means the Proposals themselves must be carefully selected within a particular voting round. Indeed, Voltaire consists of the following rounds:

• proposal submission,
• registration of voters, experts, voting committee members and their corresponding deposit lock,
• randomized selection of the voting committee members among voters,
• distributed key generation,
• ballots casting,
• joint decryption with recovery in case of faulty committee members,
• randomness generation for the next treasury period,
• reward payments,
• deposit paybacks, and finally
• penalties for faulty actors

it is very noticeable how the cryptographic aspects of Voltaire ought to increase the level of guarantees and privacy concerns of an e-voting system relative to what Catalyst does.

Pre-voting

During the pre-voting stage, two things happen:

• projects are proposed as described above, and
• voters and experts register by submitting special transactions on the blockchain including their security deposit

As a special transaction is required, a wallet with support for the special ADA transaction must be used. Because this is a practical issue, we used Catalyst again to see how we would do so in practice, and noticed that a voting guide was released on the Catalyst page (note that the details outlined in the voting guide will change with time). Details can be found here: "Catalyst Registration and Voting Guide". They highlight the following wallets as being supportive of voting participation in various ways:

• Daedalus Mainnet (desktop, Ledger Nano S and X, Trezor T)
• Yoroi mobile (iOS and Android, Ledger Nano S)
• Yoroi browser extension (desktop, Ledger Nano S and X)
• AdaLite-Ledger (desktop, hardware wallet, no mobile support)
• AdaLite-Trezor (desktop, hardware wallet, no mobile support)
• Adalite-Mnemonics (desktop, software wallet)
• Typhon Wallet
• CCVault
• Hardware wallet via CLI interface + Guide
• VotingTools CLI

As noticeable, these options have various security properties (hardware wallet, and non-hardware wallet for example), providing community members flexibility, and minimally impacting suffrage accordingly.

Security deposit threshold and suffrage

It is worthwhile mentioning that voters need at least 500 ADA as a security deposit to join a funding round. This is not mentioned in the paper, but is nevertheless highlighted in the voting guide for Catalyst.

Having a deposit threshold influences suffrage negatively since not everyone can afford the 500 ADA fee. Nevertheless, the threshold also serves as a security property to make the cost of disrupting the outcome of a funding round significant. For example, if you could vote with just 1 ADA as a security deposit and the price of 1 ADA is $1, malicious voters can execute a sybil attack and create 500 votes with $500. This is significantly more expensive with a barrier of entry at $500, since it would cost $250,000 accordingly. As should be clear, raising the threshold also raises the cost of executing a sybil attack.

However, as several community members may not necessarily hold enough ADA to vote with this threshold, the system is somewhat protected from sybil attacks. You don't necessarily want everyone to vote either, so arguably it helps improve Pareto efficiency as well since only people with considerable interest in the collective good for the Cardano ecosystem will participate.

Voting

During the voting epoch there are three main things for the participants to do:

• committee selection stage (details provided below),
• distributed key generation stage for committee members,
• ballot casting stage for voters and experts,

Post-voting

The post-voting stage consists of a:

• tally stage (when votes are counted by the committee)
• execution stage

To tally votes, committee members need to decrypt the votes. Hence, secrecy / privacy is not satisfied at a global level.

The treasury system

As mentioned, Cardano uses a treasury-model for collective decision making purposes. This means that the community collectively decides how to use the funds in the treasury to fund project proposals.

Currently, even if Voltaire is still WIP, the treasury is live. According to Catalyst, Cardano's treasury system is on Funding round 9 (usually listed as FUND9). The data surrounding the treasury, and its overall funding history, is relatively transparent. The data is generally shared through a shared Google Doc, which is publicly readable, but terminology is defined across various information sources making it not that straightforward to understand what the numbers mean. See for example: "Some Catalyst announcement".

As mentioned, Cardano uses a treasury system to govern the evolution of the protocol, however Cardano was not the first platform to do so (the Dash governance system invented the treasury model in the blockchain space apparently). In a treasury system, the collective decides upon where funding is allocated. That being said, the funds must arrive from somewhere, hence there exists a set of funding mechanisms to make the governance system sustainable.

Funding mechanisms

The treasury is funded in three different ways:

1. when new blocks are minted, a proportion of the rewards goes to the treasury,
2. miners' rewards are taxed, and the tax is collected by the treasury,
3. donations, or charity are also possible venues of funding proposals.

It has been shown that the treasury appears to be growing in value. See for example: Twitter Post as indicative.

This could be interpreted in various ways, but one clear way would be to state that the current funding mechanisms are overestimating the funding requirements, which seems to imply that there are few good development proposals on Cardano. Alternatively, one may say that the fact that money is created out of thin air through a minting process is particularly interesting. In some cases, one would argue that the purpose behind blockchain platforms is to not create value out of thin air, but because the rewards are directly translatable to the value of the ADA token, the lower the ADA token, the weaker the incentives are to participate in the system. That being said, the value of this token is not directly linked to the treasury system itself, but in stead mostly on various external exchanges.

Governance phase details

For this analysis we will focus on the design outlined in this paper: "A Treasury System for Cryptocurrencies: Enabling Better Collaborative Intelligence".

First and foremost Voltaire uses a fuzzy threshold voting system. In such a system there is a ranking of proposals based on the number of votes for each proposal, minus the number of votes against, whilst checking that the remainder is at least 10% of all votes recorded to make sure that it isn't arbitrary which proposal is favoured. Therefore, there is a threshold number of votes which must surpass to actually win a funding round relative to how many people voted against it*. This is to make sure that only those proposals which win by a certain degree of certainty are funded.

Since fuzzy voting systems uses a set of metrics (usually a distance measure, consensus measure, proximity measure) to estimate the outcomes of a voting round, it also uses these metrics to provide feedback to voters. This feedback loop gives voters the ability to sense the extent to which they may need to adjust their preferences to align with the community to a greater degree. Arguably this can push the outcome towards a Pareto efficient outcome, under the assumptions that all voters are acting honestly and that the voting system otherwise is verifiable (in the sense that it satisfies the verifiability definition).

Voters

Voters are community members who decide to enter a particular funding round to vote on the projects proposed. They first become voters in a funding round by depositing an amount of ADA as a security deposit during the pre-voting phase. The more they deposit, the more voting power they have (in other words, their voting power is proportional to their stake).

Once the voting phase starts, voters can vote either:

$$ Yes, No, Abstain $$

on a particular project. An $Abstain$ is weighted as a vote for the winning proposal. Hence, by simply abstaining, a voter will be aligned with the community.

Voter rewards

At the post-voting phase, voters receive returns based upon the amount staked. This raises an issue since rewards are given based upon whether you voted for a winning project, or not. As such, it would make sense to abstain since this counts your vote as aligned with the community. However, if everyone abstains the outcome of a particular voting round would be unclear, and it is uncertain whether there are liveness guarantees provided in such a situation.

Experts

As mentioned, Cardano uses a liquid democracy for their collective decision making process. Experts are voters who also receive "delegated stake" from other voters, or experts. Delegated stake mechanics lets people hand over their voting power, as described in the liquid democracy model above. To register as an expert, an expert has to send an expert transaction to the blockchain.

Expert rewards

Similarly to how voters are rewarded proportionally to their stake, experts are rewarded proportionally to the sum of their delegated stake. This means that to truly benefit as an expert in the Cardano ecosystem, experts need to be trusted by voters. Naturally, this creates an incentive to become knowledgeable about the ecosystem since the likelihood of reaping participation rewards are higher as an expert than as a voter. That being said, there exists some threshold $\beta$ which experts must deposit to be considered an expert, and experts can only receive rewards up to that level. As such, this $\beta$ parameter puts a threshold so as to not delegate to many votes to a particular expert.

Still, an expert could socially engineer a large set of voters to trust him/her, and decide to accumulate a large degree of voting power, regardless of whether this increases his rewards. Such tactic may not work in the long run however, as the likelihood of being caught is large. Indeed, it would be more rational to maintain a dominant position as a "more than average" knowledgeable person and reap consistent rewards, than to potentially reap high rewards once. This is especially true since there are checks in place in Voltaire to prevent this from happening as experts can be punished to the degree where they lose their entire security deposit / stake.

Experts and sustainability

An interesting feature of the expert is that it also facilitates greater participation in the governance system, since anyone who can participate as a voter, can simply delegate their votes to an expert if they are unsure about a topic. As such, it seems like a reasonable approach to improve Pareto efficient outcomes as it lowers the knowledge barrier requirement for meaningful participation, and hence indirectly also causes participation.

Committee

The committee is crucial for the Cardano governance system. In the Cardano governance system, there are up to $k$ randomly chosen committee members, where this probability is proportional to your stake. This is where centralisation becomes paramount since any Cardano community member with a large proportion of stake could desire to be a committee member in multiple rounds. Consequently, they are crucial for maintaining Cardano's governance system's "verifiability" and "sustainability" concerns.

That being said, the steps taken to securely verify the tally amongst the $k$ committee members differs from that of agreeing on a particular block, and is actually rather involved, hence why we must describe it, albeit at a relatively high level here.

Discussion around incentives

It is important to note that because voting power is proportional to stake, a voter with a large degree of stake, but little ecosystem knowledge can, whilst being completely rational (given rationality is defined as making decision based on the information set available to a particular voter), end up behaving in a Byzantine manner with regards to how the voting system is setup. With limited information it is perfectly possible to vote on a Pareto inefficient proposal. Hence, the more knowledge he, or she gains, the more embedded in the ecosystem a voter would be, and consequently, the more likely it is that his/her vote would yield a favorable return. It could therefore also be that people with relatively little information about the Cardano ecosystem are disincentivized to vote, even if they happen to own large amount of ADA. The liquid democracy model is therefore particularly valuable to give unknowledegable and potentially Byzantine voters (due to fault primarily) the ability to create Pareto optimality with limited information.

Note that the above assumption only holds whilst experts are acting honestly, which is why there is a punishment scheme in place for misbehaving experts.

Discussing the risks of centralisation

As mentioned, voters are rewarded proportional to the amount they deposit. As in traditional governance systems, this will naturally lead to a stronger degree of centralization with time since voters who deposit larger values are also rewarded to a greater extent if they act with good-intent. Generally, there is no clear logical connection between centralization and a lack of ecosystem sustainability. Many systems which are relatively centralized could exhibit sustainable behavior. Indeed, if the system's sustainability is harmed by centralization, it is generally a consequence of corruption rather than centralization per se. In other words, inefficiency could be an indirect consequence of centralization, and would generally be more easily noticeable in centralized systems, but it is not always a direct one.

Additionally, the exact cause of corruption is not always clear. Generally, we can see it as similar to deviating from the common good to pursue a selfish interest. Therefore, as stated above, for there to be an incentive to facilitate corrupt behavior in a centralised system, that incentive must be large enough to deviate away from the returns earned from acting honestly. Arguably, spreading rewards to a more decentralized authority set reduces the potential benefits to such an extent that there is less of an incentive to be corrupt. Therefore, it is important that a governance system satisfies the suffrage definition, and makes participating in the protocol easy. This will therefore be a fine balance between the parameter $k$ (number of committee members elected), and the deposit threshold.

Taking this analysis further, suffrage per se is not representative enough as a measure of decentralization in the Cardano governance system since voting power is based on the amount of ADA a particular voter deposits. That being said, a single voter would need to have a significant amount of ADA to skew the votes such that the result is in their favour the higher the number of voters and their associated deposits. The probability of a malicious set of voters owning enough stake is hence quite small. Recent figures indicate more than 250,000, which implies at least 1,250,000 ADA (total value of roughly $2,000,000 with 1 ADA priced at $1.60) voters in the last funding round. Therefore we argue that it is difficult, to convince a significant enough number of participants to deviate from the collective good of Cardano's ecosystem once they have signed up to it.

Detailed explanation of committee members

As mentioned, the treasury system is largely dependent upon the committee members' protocol.

Pre-voting

To become a committee member, it is necessary to register as a voter. Therefore, this is what a "to-be" committee member does during this phase since they are not yet elected. As mentioned before, to register, a voter has to submit a security deposit to the funding round.

Voting

There are two major tasks to do during this phase:

1. committee members must be elected, and
2. voters and experts has to vote on the proposals in the funding round

To make sure committee members are randomly elected in every funding round to avoid centralization of power, a probabilistic approach is used where the probability of being selected to the committee is set to equal the amount of stake a voter committed. More specifically, however, committee members must satisfy the following inequality to be elected:

$$ hash(vk_{i}, sign_{sk′ {i}} (seed)) \leq st{i} * T $$

where:

• $vk_{i}$ is the address/public key of a voter,
• $sign_{sk′ {i}}$ is the corresponding signing key for $vk{i}$
• $seed$ is a randomly generated seed, created by the committee members in the previous funding round,
• $st_{i}$ is the claimed stake for voter $i$, and
• $T$ is adjusted to determine the number of committee members per funding round

As should be clear, this places the security of committee election process on to the security properties of the cryptographic hash function used. If a pre-image attack exists for the above inequality, there would be an opportunity for adversarial voters to join the committee by exploiting it. Once on the committee, they could subsequently distort the voting process which would be detrimental for the governance system, as it would disincentivize participation.

To make sure committee members are mostly honest, a Distributed Key Generation (with threshold) protocol with an embedded Common Reference String (CRS) "commit-reveal" scheme / zero knowledge proof is used. A key generated from a threshold DKG protocol can only be used when the threshold $m$ of $n$ shares are combined to reconstruct it. Hence, any threshold DKG assumes that at least $m$ of $n$, where $m < n$ and $n$ represents the number of committee members, are honest. Therefore, it is paramount to guarantee that there is a majority of honest committee members participating in the committee.

The CRS commitment scheme, which is a form of a non-interactive zero knowledge proof (NIZK) is leveraged to verify if committee members are behaving honestly by making them privately execute some computation given the CRS, commit their result to the blockchain (sidechain in this case), and thereafter prove that computation was executed correctly to other committee members. Since a committee member $C_{i}$ can complain about committee member $C_{j}$ if the revealed commitment from $C_{j}$ is found to be incorrect, and since if as little as one complaint is found to be valid by another committee member, say $C_{h}$, then $C_{j}$ would be immediately expelled from the committee as a consequence. Whenever a cheating committee member is detected and expelled, they would immediately lose their committed stake.

Interestingly enough, if there is a way to coordinate the proving process so that two adversarial committee members together target other honest committee members, they could influence the share of honest committee members quite significantly. Nevertheless, it appears the commit-reveal scheme is used to protect against the risk of adversarial committee members (as could be possible due to there existing a pre-image attack on the inequality above).

Once the DKG protocol is completed, committee members can use the reconstructed key to reward/punish voters and experts from the treasury accounts during the execution phase.

Post-voting

This phase consists of three major events, which primarily the committee members perform:

• the tallying of votes by committee,
• the reward/punishment of voters and experts,
• the funding of successful proposals, and finally,
• the generation of a new random seed for the next funding round

First, the voting committee members jointly calculate and announce the tally result on the blockchain using the fuzzy voting approach discussed above. As mentioned, only proposals that received at least 10% of the net positive votes are shortlisted, and all the remaining project proposals are discarded. The proposals are then ranked, and each is project is funded until the treasury is depleted.

Committee rewards

Because the committee members have to decrypt the random seed from the post-voting phase in the next funding round, they are not rewarded until after they have completed this task so as to benefit the liveness criteria.

Cryptographic Primitives

The primitives used in governance are highlighted here.

Summary

Cardano's treasury system is complex, and difficult to evaluate as there is a lack of easily-accessible documentation about its current state.

Although information is possible to find in the academic paper, and more generally, on the Project Catalyst page, most of the implementation is aimed to reach Voltaire - the final iteration of Cardano, which is yet to be released.

That being said, there is a lot of research which has gone into designing the Cardano governance model, such as:

• Secure liquid democracy model,
• Treasury system,
• Delegated stake,
• Fuzzy voting,
• Secure distributed key generation protocol, and
• Non-interactive zero knowledge proofs (NIZK)

When put together, these paradigms leads to a powerful ecosystem where there are incentives to participate under the expectations that a vote is verifiable through a suite of game-theoretic and cryptographic guarntees, that community members are held accountable for their decision making through skin in the game, and that there are clear incentives to participate.

That being said, even if the theoretical framework for the governance system is at the cutting-edge the actual state of affairs seems to be lagging quite far behind the theory, as is noticeable from Project Catalyst. As such, it is questionable the degree to which the implementation is feasible in the near future.