Information Polity 24 (2019) 397–417 397
Governance challenges of blockchain and
decentralized autonomous organizations
Olivier Rikken∗, Marijn Janssen and Zenlin Kwee
Faculty of Technology, Policy and Management, Delft University of Technology, Delft, The Netherlands
Abstract. The rise of blockchain has resulted in discussions on (new) governance models with multiple actors collaborating.
Incidents and problems occurred due to ﬂaws in blockchain protocols, smart contracts and Decentralized Autonomous Organi-
zations (DAOs). Often it is unclear how decisions are made concerning evolvement of blockchain applications. In this paper,
we identify and analyze potential challenges regarding governance of blockchain initiatives in various types of decentralized
networks using literature and case study research. The governance challenges are classiﬁed based on a framework consisting
of different layers (infrastructure, application, company and institution/country) and stages (design, operate, evolve/crisis). The
results show that in various stages and layers, different challenges occur. Furthermore, blockchain applications governance and
blockchain infrastructure governance were found to be entangled adding to the challenge. Our research shows a speciﬁc need
for further research into governance models for DAO applications on permissionless blockchains, linked to the products and
services offered whereas in permissioned blockchains and other type of applications, existing governance models might often
be feasible. For developing new governance models, we recommend learning from the lessons from the open source community.
Keywords: Blockchain, Decentralized Autonomous Organization (DAO), governance, IT-governance, permissionless, smart
Key points for practitioners
–Using a framework consisting of different layers (infrastructure, application, company and institution/country) and stages
(design, operate, evolve/crisis) is useful to analyze potential governance challenges in blockchain implementations.
–Unlike in non-blockchain applications, in blockchain applications there exists a high entanglement of application and
infrastructure, where the application can be dependent on the governance of the infrastructure, which can complicate
–In permissionless blockchains, especially for DAO applications, further research is needed towards new governance mod-
–In permissioned blockchains, although not always easy, existing governance models can be applied.
A decade ago, the idea for a decentralized, peer-to-peer system, was published by Satoshi Nakamoto
in the Bitcoin white paper (Nakamoto, 2008). Although initially designed for a peer-to-peer cash sys-
tem, the new system offers the possibility of transacting in which the information integrity and security
is safeguarded by the system. Such systems are expected to result in a major organization change, as
the role of a trusted third party (TTP) would be embedded in the system design instead of an organiza-
tion or person. This is possible due to a combination of decentralized storage, consensus mechanisms
∗Corresponding author: Olivier Rikken, Lieven de Keylaan 3, 2101 VD Heemstede, The Netherlands. Tel.: +31 6 113 94
292; E-mail: firstname.lastname@example.org.
2019 – IOS Press and the authors. All rights reserved
398 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
and cryptography, leading to characteristics like (semi-)irreversibility and persistent storage (Nakamoto,
2008; Swan, 2015; Wright & De Filippi, 2015). These characteristics make it extremely hard to single
handedly reverse or delete a datapoint or transaction.
Yet, trust also dependent on the network participants. As various of these networks are open and
anybody is able to join without any entrance barriers, many of the participants in the network are often
unknown (Matilla, 2016). Although it is argued that this openness and unknown network participants
results to a shift to a trustless environment (Bahga & Madisetti, 2016; Swan, 2015), the trust of correct
execution is embedded in the technological solution. The elimination of TTP organization poses various
key governance questions: Who is responsible for what? Who decides on changes in the blockchain
application and organization? Who can be held accountability for which failures? And who takes risk
mitigation measures when incidents happen?
In particular, various of these accidents resulted in the need for arranging crisis governance. Three
most debated incidents with regards to governance are the DAO incident (Falkon, 2017), Parity multisig
wallet hack (Palladino, 2017) and Parity II or token and cryptocurrency freezing incident (Akentiev,
2017), leading to a loss of several $100 million. Due to entanglement of application and infrastructure
the solving of these issues was dependent on governance of the infrastructure. However, only in the
DAO incident, governance action was indeed taken by the infrastructure community. In the other cases,
no action was taken by the infrastructure community and the value was lost due to a lack of effective
governance possibilities in the application itself. Due to the decentralized character, there is no single
owner of the infrastructure which complicates governance. As there was no TTP anymore to (un)do
actions or could stop ongoing actions, it triggered discussions around various regulatory and governance
questions. It led to the ﬁrst formal investigation by an American regulator, the Security and Exchange
Commission (SEC) (Commission, 2017).
The networked nature of blockchain and DAOs makes governance not straightforward. Governance
represents the framework for decision rights, incentives and accountabilities to encourage desirable be-
havior in the use of resources (Weill, 2004). Governance mechanisms determine how communication,
responsibilities and decision-making structures are formalized (Weill & Ross, 2005). Governance should
deﬁne decision-making authorities and accountabilities in a decentralized network consisting of several
parties. Often blockchain is associated with automated self-governance, i.e. the governance is embed-
ded in the system, through consensus mechanisms. However, this concerns only the governance of the
exploitation or “block-to-block” operation (governance by blockchain) and does not contain the gov-
ernance about development, updates or dealing with failures (governance of blockchain) (Ølnes et al.,
2017). This signiﬁes that other and even new kinds governance models and mechanisms might be re-
quired, however, there is limited insight into the governance challenges that should be addressed by these
models. The need for new governance models are even presented as one of the main barriers to adoption
of the technology (Batubara et al., 2018).
The aim of this paper is to identify governance challenges in blockchain applications. Gover-
nance is challenging as the need for governance and the governance challenges are dependent on the
many variations of blockchain implementations. The underlying premise of our research is that each
variant might encounter different challenges. The main variants are either private or public-closed
blockchains (private/public permissioned blockchain) versus public-open blockchains (public permis-
sionless blockchain) (Mainelli & Smith, 2015; Walport, 2015). This paper has three main contributions.
First, we elicit governance challenges in the different forms of blockchain variants. Second, we dis-
tinguish various decentralized applications types and their speciﬁc governance challenges. Third, we
classify challenges using various layers and stages of governance in blockchain projects. This paper is
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 399
structured as follows. In the next section the research method is presented followed by a literature review
in Section 3. From the literature review we derive the type of applications which will be used to develop
a blockchain governance framework in Section 4. Section 5 describes the governance challenges using
the governance framework and ﬁnally, we draw conclusions and outline further research needs.
2. Research method
To identify the governance challenges literature review was conducted and interviews were con-
ducted. Structured literature review was performed based on the systematic literature review approach by
Kitchenham (Kitchenham et al., 2010). Based on this approach, 51 articles, papers, blogs and transcripts,
with total pages of over 850, were analyzed. The initial search was initiated via scholar.google.com based
on the keywords “blockchain” AND “governance” in the period of December 2018–February 2019.
In addition to the literature, we conducted interviews with four experts to gain a deep insight into the
typical governance challenges and approaches of how to tackle the challenges. The interviewees were
selected based on their practical experiences in governance of blockchain projects. The number of people
meeting this main criterion is limited due to the limited focus on practical governance of blockchain
so far. Interviews were conducted with an industry expert in decentralized Application development
from Swarm City, an industry expert in decentralized consensus mechanisms and two researchers (an
academic scholar as well as a researcher from a not-for-proﬁt organization) who are researching and
teaching various blockchain topics, including blockchain and smart contract governance. Finally, the
development of the number of DAOs in time are shown.
Basic research data
Type of data Amount/number of pages (last date searched)
Papers/blogposts 850+ pages (27 March 2019)
Blockchain protocols analyzed 18 (30 January 2019)
DAO count 516 (21 February 2019)
Although many articles touch upon the subjects of blockchain and governance, the most cited articles
are either describing the application of blockchain to discuss new possibilities of state governance or
to which extent blockchain and decentralized platforms can be considered as hyper-political tools. For
example the work of Atzori (Atzori, 2017) explores if blockchain is capable in managing social interac-
tions on large scale and dismiss traditional central authorities while Jian and Zhang (Jia & Zhang, 2017),
argue that blockchain as a technology should be governed by law by a state. Hsieh and colleagues (Hsieh
et al., 2018) focus primarily on governance lessons from cryptocurrencies instead of application build
on top of a blockchain whereas Casinoa and colleagues (Casinoa et al., 2019) focus on applications
that can support governance like identity management, Voshmgir (Voshmgir, 2017) discusses disrupting
governance in itself by using blockchain, and Yermack (Yermack, 2017) the potential corporate gover-
nance implications of blockchain technology. Although these provide some insights, they do not target
governance of blockchain and blockchain applications and projects as main research area.
We found 51 publications to be relevant. Figure 1 shows the detailed breakdown of the literature. The
number of peer-reviewed papers that speciﬁcally go into the governance of blockchain in itself and or
the governance of blockchain applications is very low. Of the 51 articles, papers and blogs found to be
relevant only four were peer reviewed articles in which blockchain governance in itself was the main
400 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
Fig. 1. Literature breakdown.
topic. Two papers were published in 2016, one publication in 2018 and a draft document in 2019. None
of these address the entanglement of infrastructure and application speciﬁcally. Although we see a clear
rise of articles and blogs addressing the topic of blockchain governance, the amount of peer-reviewed
literature that speciﬁcally addressing blockchain (application) governance lags behind. Some of the most
up to date and interesting insights and discussions on this topic can be found in various blogposts on
Medium by blockchain core developers like Vlad Zamﬁr (Zamﬁr, 2018a, 2018b) and Hareeb Qureshi
3. Literature review
3.1. Forms of blockchain: There is no one blockchain
The initial problem with the blockchain governance discussion is that the term blockchain is a generic
technology referring to various implementations of blockchain. Blockchain protocols can have crucial
differences. The most important distinction made in the literature is the categorizations of public versus
private and permissionless versus permissioned blockchains (Beck et al., 2018; Peters & Panayi, 2015).
Permissionless versus permissioned refers to if the protocol is free to anyone to enter as validating or
full node, sometimes also referred to as miners. In permissionless networks, everybody is able to submit
transactions and validate them (permissionless), or one needs to be accepted by the standing nodes or
organization(s) to become a validating or full node (permissioned). Public versus private refers to the
distinction if all information is visible for everybody (public) or not (private).
This distinction between these types is important as governance, risk, compliance and privacy aspects
varies per quadrant. Besides, the choice of blockchain is also relevant in the “make or buy” decision (van
Deventer et al., 2017). This decision refers to if one agrees to use an existing, open and free infrastructure,
permissionless blockchain, where all nodes are not in ownership, or closed infrastructure, permissioned
blockchain, where one builds and runs their own blockchain. This is a crucial decision in the design of
product or service one want to offer.
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 401
Overview of blockchain types-description-example infrastructures
Type Description Examples (Daniels, 2018; Voshmgir,
Public Permissionless No entry boundaries for reading, writing and validat-
ing. Everyone can become user, node and can develop
applications on top. Sometimes referred to as “true
Public Permissioned Open for reading, boundaries in becoming a valida-
tor/node. Open for use, but network control remains
with selected validating nodes. Sometimes open for
building external applications on top.
Private Permissioned Boundaries for reading, boundaries in becoming a val-
idator/node. Access granted through owners, network
control with selected validating nodes.
Hyperledger, Corda (both can support
Public Permissioned as well), consor-
tia blockchain initiatives like R3 and
Private Permissionless Boundaries for reading, open for validating. Non-
existent, although some argue to have set up a model
like this. (Daniels, 2018)
When questions arise with regards to responsibilities, accountabilities and governance in permissioned
environments, it is relatively easy to pinpoint the companies and institutions that run the infrastructure
and are in control of the protocol, including elements like access right management as this is with the
validating/master nodes (Peters & Panayi, 2015). As these are known it is relatively easy to adopt exist-
ing governance models. When governance actions need to be executed, changes can relatively easy be
implemented when needed due to limited amount and veriﬁed nodes that need to update. Their devel-
opers’ community is often equally transparent. Traditional approaches of governance of IT can directly
be applied as a result and stakeholders can be held responsible (Post & Kas, 2019). Ripple is a clear ex-
ample of a permissioned blockchain and while it is decentralized across approved nodes, like any other
centralized company, it has top managers who make decisions on resource allocation and control the
direction for code development (.. . ) reﬂects a more centralized form of governance (Hsieh et al., 2018).
In the permissionless environment actors, nodes, miners, users and developers are less known and
reaching consensus over change becomes much harder. In itself not necessarily a negative feature. It
is stated that Bitcoin’s sustainability can largely be attributed to its recognition of the need for a slow
evolution (Curran, 2018). A clear example of how difﬁcult this process can be and can lead to deep
division amongst actors, is the Segregated Witness (SegWit) scaling discussion in the Bitcoin network.
It took several years to reach consensus and eventually, by lack of full consensus, resulted in a split (hard
fork) of the network (van Wirdum, 2017). The reason this process is so difﬁcult is due to the fact that
the issue is often political and not so much technical. Bitcoin’s block size debate is perhaps the most
prominent example of a blockchain community facing complex governance problems that goes beyond
the technical (Sclavounis, 2017). The base of this political discussion over a seemingly technical update
was that the actors (miners, exchanges, nodes, users and developers), had conﬂicts of interest of the
Although both permissioned protocols and permissionless protocols are blockchain, in the permis-
sioned protocols, there is still a clear group of nodes and or owners where in the permissionless envi-
ronment this group becomes fuzzy, which makes traditional governance methods in permissioned envi-
ronments still valid. This calls for research into governance models on public permissionless blockchain
402 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
Fig. 2. Permissioned and permissionless vs traditional IT situations.
3.2. Types of applications
Applications build on blockchain are called decentralized Applications (dApps) (Raval, 2016). Many
of these applications are not directly embedded in the core software of the blockchain itself but use
core elements of that particular blockchain, like cryptocurrencies. They are solutions build on top of
existing blockchains, through external applications, like wallets, but also often by implementation and
deployment of smart contracts. Although smart contracts are developed on top of a blockchain, they are
very much entangled with the infrastructure as the infrastructure in a blockchain is also the data layer.
Once smart contract application code is deployed, it cannot be taken off-line as it stored in the data layer
(blocks) of the blockchain. The name smart contracts is deceiving as they are neither contracts in most
cases nor smart, but in basic deterministic computer code or programs that are deployed on a blockchain
(Rikken et al., 2018).
Fig. 3. Types of dApps.
We distinguish four types of dApps that run on and or make use of blockchain, visualized in Fig. 3:
types of dApps. The direct transactional applications and under the conditional transactional applica-
tions, the single Smart Contract applications, the Multi Smart Contract applications and Decentralized
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 403
Autonomous Organizations. Description of the applications and examples are in Table 3: Application
types – descriptions – examples. This distinction in types of blockchains and types of applications is
important in the analysis of the governance of blockchain projects.
Application types – descriptions – examples
Applications are largely run outside the blockchain on traditional webservers;
make use of core applications or characteristics of blockchains as cryptocurrency trans-
actions between 2 parties or;
store description in transactions to timestamp and immutably store description as means
of evidence; transaction hash or address is stored as pointer off chain to trace the transac-
tion or account;
simpler form is search engine like application that allows users to browse transactions,
accounts, etc. on blockchain
Applications representing relatively simple smart contract products and services;
can be offered by various companies;
can be any product or service that companies can think of where blockchain infrastructure
have an added value;
always one-off solutions, meaning that per set up, product, or agreement, 1 smart contract
is created and discarded after use;
whole application is programmed in one smart contract deployed on a blockchain;
the smart contract can be replicated;
once programmed the deployment can be triggered manually, by sending the code to
blockchain in a transaction via e.g. an online browser/compiler or via a pre-coded func-
tion of a website, creating new smart contract account or automatically through “create”
functionality in an already existing smart contract;
dApp can be triggered through transactions or messages via interaction through e.g. wal-
lets and smart contract addresses.
These applications are closely related to single smart contract ones;
often more complex;
multi smart contract set up is an architectural design choice comparable to modular or
monolith IT design;
for security reasons, one could prefer multiple contracts interacting to reduce surface of
the individual smart contracts. Smaller surfaces are easier to understand and test, posting
smaller risk (Everts & Muller, 2018);
downside can be that this modular set up leads to smart contract interaction, which could
impose the risk of reentrancy .(Atzei, Bartoletti, & Cimoli, 2016), one of the most used
hack methods at the moment.
DAOs ﬁrst described as Decentralized Autonomous Companies (DAC) in 2013;
a cryptocurrency as shares in a DAC where source code deﬁnes bylaws. Goal of DAC
is to earn proﬁt for shareholders by performing valuable services for the free market.
DAOs at the moment mostly in start-up phase;
the exact line between conditional transaction applications and DAO is fuzzy;
biggest distinctions are:
1) DAOs in principle don’t represent a single application, but company without a tradi-
tional physical company structure. Idea is that it operates fully autonomously where
humans might have, as users, voting power in parts of the processes. Where con-
ditional transactional applications are developed and maintained by companies with
earning models, DAOs don’t as they are “owned” by the users.
2) Decision making and execution thereof done by business rules of the DAO, based on
objective input, votes of the users or use of oracles, being a source (technical, like
a database, or person who has been issued this role) that takes up role of “source of
truth” for a smart contract (Rikken et al., 2018) or DAOs.
404 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
4. Towards a blockchain governance framework
Governance is a concept that is not easily understood as there are many players involved. Momentarily
there is no standard framework for understanding blockchain governance. In general governance con-
tains the decision-making authorities, incentives and accountabilities to encourage desirable behavior in
the use of scarce resources (Weill, 2004). Contrary to popular belief blockchain governance is often not
fully technological enforced, nor autonomously self-governed, as stated by one interviewee: “Now we
see mostly off-chain governance. With regards to on-chain governance, not all theoretical models are
possible because agreement is often best reached off-line”. At best ﬁrst forms of on-chain governance,
where updates are automatically pushed after reaching a quorum in online voting, are just implemented
and experimented with at the moment and only in part of governance processes.
Governance of blockchain applications go beyond solely governance of the infrastructure. We de-
compose various governance layers, namely the infrastructure layer, the application layer, the company
and or individual level and the institutional layer. Others deﬁne various layers as well. De Filippi and
McMullen identify layers like the internet layer, the blockchain layer and the application layer (De Fil-
ippi & McMullen, 2018). The Williamson (1998) framework for economics of institutions distinguished
between multiple layers attaching timelines and occurrence frequency per layer.
Here, lower layers have a shorter timeline than the layers on top. Furthermore, governance is not static
and typically evolves over time as the situation changes new governance mechanisms might be needed
and old ones might not be needed anymore. Therefore, we will distinguish between various stages to
show the different nature of governance in time. In the various stages and layers, different actors will
have different levels of involvement. The majority of interviewees acknowledges the stages and layers as
well, stating “Most deﬁnitely multiple levels”, “It makes sense to make a grid with regards to the levels
and stages” and “recognizing various layers and stages”. These layers and stages result in the model
shown in Fig. 4 and will be elaborated on in following (sub)chapters.
Fig. 4. Blockchain governance framework.
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 405
Governance evolves over time and in blockchain governance we can identify various stages requiring
different actions, decision-making processes and often even models. Different stages likely represent the
need for different coordination mechanisms. Besides two described stages of governance, operational
governance (governance by the infrastructure) and update governance (governance of the infrastructure)
(De Filippi, 2016), design or creation is seen as third phase in the governance-cycle. Governance is how
actors cooperate in order to create, run or evolve inputs that make up a blockchain (Sclavounis, 2017).
The stages that are distinguished in our model are design, operate and evolve/crisis. The stages should be
seen as a continuum instead of a linear, the evolve/crisis will go into a new design stage or immediately
into the operate stage as shown below. The evolve/crisis stage is sometimes referred to as transition
(ITIL), maintenance (A2 Data Governance) or control (COBIT) stage.
Explanation of the stages
Stage name Purpose of the stage Time Stakeholders roles/decisions
Design Design of the solution – com-
pany – project
Non time critical – except in busi-
Process/cooperation of an indi-
vidual or group
Operation Daily operation – decisions and
actions – going concern
Time constraint restricted to rules,
protocol and/or business rules of the
Executed by the nodes through
the consensus mechanism
Update process Time criticality depends on kind of
Crisis implicates high time pressure
Through (hard/soft) fork soft-
ware updates of the infrastruc-
ture or code of applications
through various mechanisms
In general, consensus mechanism is what people have in mind when referring to automated blockchain
self-governance. “On paper, blockchain technology seems to be ironclad” (Reiff, 2018). But this just
covers the operate stage, the most interesting stage of governance is the evolve or crisis stage as here
quick decisions and updates are needed. So far, little formally structured mechanisms where put in place
speciﬁcally to deal with this. Blockchain governance is still nascent (Zamﬁr, 2018a).
Although proper design governance can prevent issues, one can never foresee everything upfront.
The most important questions lie within evolve/crisis stage instead of design or operate stage. While
initial design is important, over long enough timelines, the mechanisms for change are most important
(Ehrsam, 2017). As Mario Laul states during the Aracon1 panel discussion, “you need rules to change
the rules, . . ., Can’t take humans completely out in this, .. . , Need to have a clear process to change the
rules” (Choi et al., 2019).
4.2. Governance layers of blockchain projects
As shown, there are governance differences in the blockchain infrastructure types. In addition, there
are differences in the governance stages in blockchain projects. Finally, one can make a distinction
between various governance at various layers. By making use of layers the governance complexity can be
easier decomposed and described. Our framework distinguishes four layers of governance in blockchain
projects; infrastructure, application, company and institutional.
4.2.1. Infrastructure layer
Embedded in the blockchain protocol. What makes the blockchain infrastructure unique is that it
406 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
withholds both the protocol (rules) and the (immutable) data layer and is decentralized. Although what
decentralization means is often debated and open to misinterpretation (Walch, 2019). In infrastructure
governance a distinction of the governance by and governance of the infrastructure can be made. Gover-
nance in the operate stage, governance by the infrastructure, is arranged through the consensus mecha-
nisms. Here the execution of the protocol itself is arranged fully autonomous. The execution is performed
by the infrastructure, the nodes, using the speciﬁc consensus mechanism for that blockchain. Once a pro-
cess is set in motion, the infrastructure will execute this process without the possibility of interference
by an individual, for example, disconnecting it to stop execution. The blockchain also contains the data
layer. The data is stored in the blockchain. Once submitted, the data is extremely hard to alter, undo or
delete, only by consensus of the nodes. In the most common used blockchains alone we can identify 10
different consensus mechanisms, some further literature and use case study lets us identify even more
than 15 main categories, multiple even having various sub categories (Cachin & Vukolic, 2017).
With regards to the governance of the infrastructure (evolvement governance), there are two main
categories, off and on chain governance. Although we can distinguish two main categories, there is ba-
sically a unique mechanism per blockchain protocol for upgrade of the protocol with sometimes even
possibilities for various governance mechanisms per protocol in itself. In practice, in public permis-
sionless blockchains, no single person or instance can make a decision or determine the evolvement
of the infrastructure. There needs to be consensus in the community on updates. Depending on the
kind of blockchain the governance of this layer is in-directly (permissionless) or only partially inﬂu-
enceable (permissioned). The level of inﬂuence is often determined by the combination of number of
full/validating nodes in combination with elements like CPU power contributed in the network or stake
reserved in the network depending on the consensus mechanism.
4.2.2. Application layer
This can be a mix between traditional applications (centralized websites and apps) and embedded
characteristics like native cryptocurrencies of a blockchain, or decentralized applications (dApps) where
the majority of the application is built on a blockchain, by making use of smart contracts. In its most
extreme form these are named DAOs. “The general concept of a DAO is that of a virtual entity that has a
certain set of members or shareholders which, . . ., have the right to spend the entity’s funds and modify
its code” (Buterin et al., 2014, p. 22). There are 4 types of blockchain applications, all with different
1. Direct transactional – governance of these applications can be either off-chain, in traditional IT
environments using traditional governance methods or dependent on governance of the infrastruc-
2. Conditional transaction, single smart contract – execution or operate stage of the smart contract
business rules are performed by the infrastructure protocol in combination with external triggers.
Regarding evolve governance, in the permissionless blockchains, once deployed, contract code is
ﬁxed and cannot be updated. Intervening actions only possible through governance of the infras-
tructure. To update non-parameterized elements, structures or the business rules in the code, one
needs to de-active the smart contract, e.g. through self-destruct commands (if integrated in the de-
sign of the smart contract) and deploy a new one. A way to arrange governance responsibilities and
process is by employing smart contracts where parameters in the code set up as variables that can
be updated. Of utmost importance is that access to functions is properly arranged, e.g. in Ethereum
possible through “modiﬁers”, arranging access on function level. Upcoming solutions are “proxy
functions” referencing to future deployable smart contracts adding functionality.
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 407
3. Conditional transaction, multi smart contract – Governance possibilities of these type of applica-
tions largely overlap with governance of single smart contract. A difference is that one can replace
modules, in this case individual smart contracts, without replacing the whole application. All ap-
plications described are likely to be implemented by traditional company or supplier types and
governance of these applications can be tied and often integrated to governance structures as ar-
ranged in the company layer. Here is where Decentralized Autonomous Organizations differ.
4. DAO – DAOs are technically and governance wise much like conditional transaction applications,
build in single or series of smart contracts, operating, once deployed, exactly as programmed in the
business rules of the smart contracts. Possibilities for interference by humans in theory little to non
and no formal company structure is behind it.
The amount of direct transactional applications is hard to estimate. With regards to conditional trans-
actional applications and DAOs there are exits estimates. In March 2019, the amount of dApps was
around 2650 (Stateofthedapps, 2019). The amount of DAOs have been very low, as DAOs needed to be
coded manually. This changed as of October 30st 2018. When Aragon launched, it became possible to
deploy a conﬁgurable DAO without the need of manual coding. This led to a Cumbrian explosion of
DAOs as is shown in Fig. 5.
Fig. 5. Accumulated amount of DAOs. 2018 and 2019 count can have a slight double count. Colony makes use of Aragon and
it remains unclear if the DAO list of Aragon contains these DAOs.
The governance on the application layer are closely entangled with the governance on the infrastruc-
ture level and cannot be separated any more. As in all types of applications, governance possibilities with
regards to data, smart contract code and or speciﬁc blockchain products/services and or characteristics
are dependent on the infrastructure governance actions.
4.2.3. Company layer
Behind most blockchain applications are individuals using the applications and formal organizations
or independent projects building/running the application. With regards to individual responsibilities, a
408 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
crucial responsibility within blockchain, private key management, is back at the individual due to lack
of a TTP in the network. Once lost, the individual cannot perform actions with the account related to
that private key anymore. Although this responsibility is back at the individuals, projects or companies
will have to take responsibility to inform the users on that.
Governance in projects or companies should in the majority of cases not be different for blockchain
related initiatives than other IT applications and have to be embedded in roles, responsibilities and
processes of the projects or organization. Responsibilities and accountabilities should be clear. There
are a few, not speciﬁc for blockchain though, situations where governance structures are hard(er) to
–open source projects without a formal organization or structure behind it, e.g. a group of (deﬁn-
able) individuals, although not formally organized, working together on a project through sites like
–open source developments where people work together via e.g. GitHub without any formal orga-
nization behind it, but also not identiﬁable to (a group of) individual(s). Most public permissioned
blockchains are, in theory, developed in this way as anyone can anonymously propose software
Governance is complicated when the application being developed is a DAO, where no legally formal
organization is set up, and here is no prior determined set of owners. If users can be seen as the owners,
as is the case for various DAOs, the owner base can be extremely ﬂuid and due to the pseudonymity
4.2.4. Institutional level
Country, industry or overarching countries. Blockchain poses some interesting challenges due to its
decentralized nature and as blockchain is developed by people globally, sometimes completely anony-
mous. Combined with elimination of central controlling parties, the element of jurisdiction is much
harder to determine than before (West, 2018), especially in permissionless blockchains. As the network
runs independently on servers globally, jurisdiction cannot, in various cases, be determined on presence.
Additionally, regulatory views differ per country about products and services on blockchain and even
within countries (Directorate, 2019).
There is no logical overarching jurisdiction for blockchain related projects, products and services.
Other than the ERC20 standard, developed by the industry itself, there are hardly any global standards.
Besides that, power to execute enforcement of regulation is extremely hard. Controlling power of in-
stitutionalized organizations are no longer automatically part of the governance ecosystem (Meijer &
Ubacht, 2018). Draghi stated even that the ECB has no power to regulate cryptocurrencies (Union,
2017). It poses the same enforcement problems as with websites as “thepiratebay”. Although banned in
various countries, a practical ban turned out to be difﬁcult. Only due to new business models like Netﬂix
and Spotify, customers changed behavior. Some countries have high regulatory concerns, other less so.
On the other hand, some countries need large regulatory reforms, others are need less so. This currently
results in four regulatory approaches.
This regulatory quadrant example reﬂects Initial Coin Offering (ICO) regulation, seen as one of the
straighter forward products and services. Regulations becomes even more complex and much less de-
bated with more complex structures like new ecosystem set ups especially in the case of DAOs.
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 409
Fig. 6. Global regulatory approaches ICO’s (Source: presentation by John Salmon – Hogan Lovells 2018).
5. Governance challenges
As blockchain projects and implementations consist of various stages and in various layers, the chal-
lenges can be categorized accordingly. We will discuss the governance challenges hereafter.
5.1. Governance challenges per stage
We identiﬁed several governance challenges per stage. In the design stage a main challenge is the
“make or buy” choice of the infrastructure (van Deventer et al., 2017). This will inﬂuence the governance
on all other layers. The amount of control needed on infrastructure is dependent on the product or
service, which also could directly connect to choices on institutional level (jurisdiction). Another design
challenge is lack of peer review in the design phase. The Cardano protocol is born on this challenge.
They want to change how cryptocurrencies are designed and developed. The Cardano protocol embraces
a collection of design principles, engineering best practices and avenues for exploration, small groups of
academics and developers competing with peer reviewed research (Foundation, 2019).
In the operation stage, on infrastructure, application and company level, the challenge is if it requires
a combination of automated and manual decisions. In voting on any topic other than block consensus
needed for daily operations, this post practical problems like unresponsiveness of the participants (Bu-
terin, 2017; Vessenes, 2016). When decisions are needed, we should not overestimate the willingness
to vote, as Mario Laul quotes: “People don’t always want to be involved” (Choi et al., 2019). This
was clearly shown in the DAO incident where in the majority of cases, the voting quorum as not met
(DAOStats, 2016; Vessenes, 2016).
With regards to the evolvement stage, the biggest challenges are unknown unknowns. There is little
known in practice in blockchain project governance. there is a clear need to experiment and research
(Ehrsam, 2017; Qureshi, 2018). As some blockchain protocols require agreement by network majority,
speed of decision making could be a potential challenge. Evolve and crisis governance can have similar
challenges on elements like voting majority as the operational stage or peer review challenges as the
design phase. Especially time pressure in crisis situations demands quick responses.
410 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
5.2. Governance challenges per layer
5.2.1. Infrastructure layer
There are many infrastructure layer governance challenges, especially in permissionless public
blockchains. How to govern permissionless blockchains that are not dominated by single organizations
is the area where most work need to be done and research is needed as these show signiﬁcant governance
problems (Hacker, 2019). In permissioned protocols, level of decentralization is limited and participants
are known thus traditional approaches to governance can be applied to Permissioned Public and Permis-
sioned Private blockchains (Kadiyala, 2018), although it can still be challenging (Oskar van Deventer et
al., 2018). It is appropriate to think about blockchain-based corporate governance forms in terms of their
degrees of decentralization (Hsieh et al., 2018).
Permissionless blockchains have not one infrastructure. Due to the many protocols, challenges can dif-
fer enormously. With regards to operate challenges or governance by the infrastructure this is related the
consensus mechanism. Per consensus mechanism, speciﬁc governance challenges occur, like “whales”
(large token holders) in proof of stake or geographically concentrated mining power in proof of work.
The speciﬁc challenges should be analyzed in more detail to describe the various pros and cons of these
The most common challenge for consensus mechanisms is changing the user or node bases. The most
common challenge is immutability being breached by 51% attacks (a (group of) miner(s) obtaining
CPU power majority in the network and that can then continuously build the longest chain creating the
possibility of transaction alteration), due to changes in or lack of sufﬁcient large base of voters. Long
seen as theoretical problem, recent events show that this has become reality in Ethereum Classic (Moos,
2019), leading to changes in transaction history and double spending of cryptocurrencies.
Another challenge is mob democracy/justice (Chinyem, 2018; Qureshi, 2018). Decisions are not made
on rationale, but on herd-majority-voting. Voting systems struggle with voting power balancing. The
“one man one vote” challenge was found in 5 articles (Berreman, 2018; Choi et al., 2019; Ehrsam, 2017;
Qureshi, 2018; Steis, 2018). The unstoppable execution of transactions and code itself is also another
challenge. Although a powerful characteristic of blockchain, it renders obsolete the commonly known
governance act; take application ofﬂine – stop underlying infrastructure from executing – altering or
deleting wrong data.
This challenge is an important consideration if blockchain is needed for a solution in the ﬁrst place,
especially in combination with the purpose of the application. Blockchain has been referred to as “most
hostile environment for applications” (Everts & Muller, 2018) due to immutability, transparency and
The governance of the infrastructure has various challenges as well. As with governance by the infras-
tructure, the evolve/crisis governance mechanisms differ much per blockchain and needs to be researched
in more detail.
There are some general challenges that can be identiﬁed. In off-chain governance, more traditional
processes on voting and stakeholder management are set up in decision making of protocol updates
or data changes, through traditional voting mechanisms. The transparency lies in minutes regarding
update-meetings are published and in theory any can join the meetings. The challenge is that these are
very technical discussions. Few persons can participate in practice (Curran, 2018). This could lead to
unbalanced power of developers. Countervailing power is that nodes need to adopt the changes and can
choose not to. This could lead though to a hard fork, often seen as undesirable due to potential economic
loss of various actors.
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 411
In on-chain governance, through smart contracts or DAOs votes are open to all users of that particular
blockchain. After a threshold is met, the update is pushed through (Curran, 2018; Qureshi, 2018). The
challenge here is that people without proper knowledge regarding the impact can vote as well (Qureshi,
A popular believe is that a DAO fully autonomous decides for an update, but their governors are
inevitably humans (Qureshi, 2018) that cast votes through voting systems, representing democratic like
systems. Here the challenge is that often users are not known, acting under pseudonyms and can easily
create additional pseudonyms (Qureshi, 2018), breaching the one person one vote principle and do not
necessarily represents a real democratic system. Similar challenges of inequality in voting power can be
found in other on and off chain governance systems. As there many different systems, this should be
5.2.2. Application layer
With regards to challenges in the application layer we can identify various challenges per type of
Direct transactional applications – this type of applications doesn’t build additional integrated logic
in the blockchain. The challenges are not speciﬁc for blockchain but are, as these applications run on
traditional infrastructure, similar to traditional applications, except speciﬁc blockchain data storage, be-
ing transaction and transaction related data that is stored immutable and permanent (in permissionless
blockchains) on the blockchain. Here governance challenges are one-on-one to infrastructure layer chal-
Conditional transaction application – (Single smart contract) – Challenges in these applications are
challenges directly related to the infrastructure and transaction applications as well. Any change in un-
derlying data structure or transactional data can inﬂuence input and outcome of smart contracts. A spe-
ciﬁc challenge is in evolvement of these applications. Once deployed, the code of smart contracts cannot
be altered on most permissionless blockchains. Besides governance challenges if something goes wrong
with the underlying data in the infrastructure, the challenge is the impossibility of altering hard coded
logic of smart contracts (Everts & Muller, 2018). Another challenge could be the length of smart con-
tracts. Long smart contracts increase risk of surface attack (Everts & Muller, 2018).
Conditional transactional application – (Multi smart contracts) – Challenges in these applications are
related to challenges on the infrastructure layer, the transaction applications and single smart contract
applications. Additional challenges are that these applications often represent more complex products
and services with multi actor environments. Examples are initiatives like Augur and Swarm City. Large
part of operational governance is done by pre-deﬁned business rules, executed by the infrastructure,
but part of the decisions can be made off chain, as these applications are not fully autonomous. With
evolve governance, in principle, applications like Swarm City are developed and deployed by teams
with centralized governance (Beck et al., 2018). Responsibilities towards these applications pinpoint to
these teams. Additional challenge is the risk of reentrancy attack as result of the modular setup.
DAO – For DAOs same challenges can be identiﬁed as with other applications and the infrastructure
layer. Besides those challenges, one major additional challenge compared to other application types, is
lack of traditional company structure, especially after the design stage as teams/owners become fuzzy.
This might not result in governance challenges in operate stage of applications due to predeﬁned business
rules and automated execution but lies predominately in the evolve stage. As no governance for evolve or
crisis management is arranged on a company level, it must be designed and embedded in the application
layer. Speciﬁcally on DAOs in the evolve stage, “we need rules to change the rules” (Choi et al., 2019).
412 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
Another challenge is how to deal with unethical behavior or mis-use of code. There is only one real
example in this regard, “the DAO”. Eventually governance actions were taken on infrastructure level
clearly showing the entanglement of application and infrastructure. But also other DAO like cases, like
“Swarm City”, clearly demonstrate that the emergence of the blockchain economy demands rethinking
of governance (Beck et al., 2018).
A challenge for governance of all blockchain applications is transparency of code base of smart con-
tracts. This can lead to voting behavior for updates in these applications with malicious intends. This
was witnessed in “the DAO” incident with “proposal 59” where the hacker voted in favor of an update
proposal that contained ﬂaws that he would later exploit (Slacknation, 2016). There is limited knowl-
edge about the governance challenges in the evolvement phase. Most DAOs are not live yet but are in the
design/test phase. As they all differ in basic design the, implemented or designed, governance models
should be researched in more detail.
The high entanglement of infrastructure and application governance in blockchain also leads to an
entanglement of the challenges. Some of these governance challenges might be new due to the hostile
development and deployment infrastructure blockchain, but most of the challenges are not different from
traditional IT application challenges. Most of the time, a clear (IT)-organization is related to the appli-
cation and traditional governance actions can be taken. Only in case of DAOs, especially in evolve/crisis
stage, governance challenges can differ signiﬁcantly from traditional applications. Here traditional pro-
cesses, roles and responsibilities appointed to identiﬁable human lack as result of no formal traditional
Fig. 7. Applicability Traditional Governance models: Color coding refers to suitability of traditional governance models.
5.2.3. Company layer
If a clear company or project organization is set up for the creation of a dApp, the governance chal-
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 413
lenges on the company layer don’t differ to traditional companies and or projects. Only if there is no
traditional company anymore, but a true open source development of a DAO, could post new challenges.
Interesting is that almost per deﬁnition a DAO is set up as global entity which is not tied to countries.
This could lead to cultural differences, including different governance insight (Choi et al., 2019) which
can be a complicating factor from the start. Also, DAOs might be subject to different legislation.
If companies have become obsolete due to implementation of DAOs this poses a challenge in account-
ability in crisis situations. This complicates even further if the DAO was developed in an open source
development, where it is virtually undetermined who the developers are.
5.2.4. Institutional layer
A challenge for any blockchain project in this layer is the choice of jurisdiction or accountability over
multiple jurisdictions (West, 2018) in combination with the product or service offered, especially if the
application is one of the ﬁrst three types, implying that a company owns the application. If applications
run for example ﬁnancial or data services, choice of jurisdiction is crucial. The challenge is predomi-
nately that, in this early stage of the technology, laws and regulations towards products and services like
Initial Coin Offerings, can alter much in time (Salmon, 2018) and even in hindsight be enforced.
A complicating factor arises with DAOs. The challenge again is that a DAO cannot be governed as a
company. As it is decentralized, no logical jurisdiction can be derived based on location. Additional to
this challenge is that, because of open source development, no developer can be pointed as responsible.
Deriving jurisdiction based on location or nationalities of employees becomes extremely hard. So far,
no clear legislation is known around DAOs.
5.3. Concluding on governance
Many claim that, as we are creating new ecosystems and initiatives on blockchain technology, gover-
nance structures need to redesigned or traditional structures are obsolete (Reiff, 2018; Sedgwick, 2018;
Zamﬁr, 2018b). In many cases this might not or only partially be true when taking various levels of
governance into account and effectively deploying them. Where blockchain technology can lead to irre-
versible problems, as in the QuadrilaCX case in December 2018, where due to the death of the owner,
access to funds was lost as no one had the password or private key (De & Baydakova, 2019). One could
easily argue that this needs new governance structures on infrastructure or application level. But this
could easily be arranged on company level, by decent, non-technical, processes and backups in tradi-
tional governance manners.
The real challenge is in the governance models in the public permissionless environment. Permis-
sioned blockchains are easier to ﬁt on existing governance models as validating nodes are known and
identiﬁable. Design, operate and evolvement actions are relatively easy to manage. Including updates
and roll back actions. Even within public permissionless environments, in various situations like direct
transaction application and conditional transactional applications other than DAOs, existing governance
models like ITIL and COBIT can be feasible. The fact that an application is built on a public permis-
sionless blockchain by an identiﬁable person, group of persons or company does not discharge them
from the responsibility and accountability of the application they offer. Here governance parts, that can-
not easily be enforced by the blockchain, should be covered on company or application level. The only
situation where discharge of responsibility might be feasible is a crisis situation where the underlying
infrastructure fails, the blockchain breaks down. Or maybe in case the code of the application build can
be misused in an unforeseeable way, like the Parity 1 incident. This could give ideas for new crisis man-
agement structures, e.g. through ethical hackers. (Rikken & Vroegh, 2018), but does not change initial
responsibility, especially if these applications were offered against a premium.
414 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
The new questions come forward if these initiatives, on public permissionless blockchains, are created
and operated, in an open, decentralized way. Future blockchain applications like DAOs will show an
increasing form of autonomy (Angelis & Ribeiro da Silva, 2018). Human interference might fade to the
background. If DAOs are developed open source, without identiﬁable developers, where no humans are
needed anymore to run it raises the question of who is accountable and how the evolvement and potential
crises can be governed.
A complicating factor is entanglement of infrastructure layer with the application structure. Once
deployed, the application code and transacted data cannot be changed nor deleted. In companies lack
of technical enforceable operation and evolve governance can be compensated by governance processes
and or clear regulation. But what about organizational forms that only exist in code? Regulation might
be unclear, nobody might feel responsible and there is a lack of standards, what leads to a range of
potentially new governance challenges.
The multitude of challenge like the entanglement, immutability of data, lack of organizational or
company structures and ﬂuid and unknown actors clearly show the need for further research towards
blockchain governance models. But our overview of challenges also shows that in the majority of
blockchain cases, governance models from companies and or IT are still valid. Especially in permis-
sioned blockchains and in the design stage in permissionless blockchains. Also, in the majority of
blockchain applications, effective governance can be arranged in other layers than infrastructure or ap-
6. Conclusions and further research
Blockchain incidents, due to decentralization and lack of controlling trusted third party, raised a new
debate around how the governance of blockchain should be arranged. Governance is not easy due to
the decentralized nature, immutability, lack of organizational or company structures, ﬂuid and unknown
actors in permissionless blockchains and the entanglement of application and infrastructure elements.
Governance of applications was found to be dependent on the governance of the infrastructure due
to this entanglement. The governance of the infrastructure is often controlled by different groups of
stakeholders. This often results in a lack of effective governance actions as a whole.
When analyzing governance challenges of different blockchain types, governance stages (design, op-
erate, evolve/crisis) and governance layers (infrastructure, applications, company, institution/country),
our framework proved to be useful for classifying the governance challenges. Furthermore, we expect
that this governance framework can be used as a support for developing blockchain governance.
As shown, predominantly applications on permissionless blockchain protocols post potentially new
governance challenges. In all other blockchain types existing governance models could be suitable as po-
tential accountable actors are known and directly in control. Furthermore, in permissioned blockchains,
updates and data roll backs are relatively easy compared to permissionless environments. As shown in
Fig. 8, when zooming in further, potential new challenges are predominately in DAO applications in the
operate and evolve/crisis stage.
This because distinction between users, developers and infrastructure running base becomes fuzzy and
as there isn’t necessarily an organization anymore. Once deployed, the users, whom can be highly ﬂuid,
and code govern DAOs. The ﬂuid and unknown user base might not be problematic in the operation
stage, but might pose real problems in evolve state, especially in crisis. It can even become impossible
to pinpoint natural persons or companies resulting in unclear accountabilities. This lack of responsibil-
ity and accountability can be very problematic in swift decision making and execution of governance
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 415
Fig. 8. Area where possible true new governance questions arise.
actions. If DAOs are designed and built open source, traditional roles and responsibilities and account-
ability might shift completely.
As blockchain is growing as infrastructure and applications develop more towards autonomous ap-
plications like DAOs further research must be conducted toward effective governance structures in this
area. These governance structures should be put into a model where the link can be made between pur-
pose and regulatory regime of the DAO and the best ﬁt for governance models, taking entanglement with
the infrastructure it is built on into account.
Akentiev, A. (2017). Parity Multisig Hacked. Again. Retrieved from https://medium.com/chain-cloud-company-blog/parity-
Angelis, J., & Ribeiro da Silva, E. (2018). Blockchain adoption: A value driver perspective. Business Horizons. doi:
Atzei, A., Bartoletti, M., & Cimoli, T. (2016). A survey of attacks on Ethereum smart contracts. Retrieved from Universit‘a
degli Studi di Cagliari, Cagliari, Italy.
Atzori, M. (2017). Blockchain Technology and Decentralized Governance: Is the State Still Necessary? Journal of Governance
and Regulation,6(1), 45-62. doi: 10.22495/jgr_v6_i1_p5
Bahga, A., & Madisetti, V. K. (2016). Blockchain Platform for Industrial Internet of Things. Journal of Software Engineering
and Applications,9, 533-546. doi: 10.4236/jsea.2016.910036
Batubara, F., Ubacht, J., & Janssen, M. (2018). Challenges of blockchain technology adoption for e-government: a systematic
literature review. Proceedings of the 19th Annual International Conference on Digital Government Research: Governance
in the Data Age.
Beck, R., Muller-Bloch, C., & King, J. L. (2018). Governance in the blockchain economy: A Framework and Research Agenda.
Journal of the Association for Information Systems,19(10). doi: 10.17705/1jais.00518
Berreman, A. (2018). Asking the Right Questions: On-Chain Governance at San Fransico Blockchain Week. Panel Discussion at
San Fransisco Blockchain Week 2018. https://www.ethnews.com/asking-the-right-questions-on-chain-governance-at-san-
416 O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations
Buterin, V. (17 December 2017). Notes on Blockchain Governance. Retrieved from https://vitalik.ca/general/2017/12/17/
Buterin, V., et al., (2014). A Next-Generation Smart Contract and Decentralized Application Platform. Retrieved from https://
Cachin, C., & Vukolic, M. (2017). Blockchain Consensus Protocols in the Wild. IBM Research – Zurich. IBM. Retrieved from
Casinoa, F., Dasaklisb, T. K., & Patsakisa, C. (2019). A systematic literature review of blockchain-based applications: Current
status, classiﬁcation and open issues. Telematics and Informatics,36, 55-81.
Chinyem, V. (2018). Blockchain Governance. Retrieved from https://coinnewspress.com/blockchain-governance/.
Choi, C., Row, K., & Laul, M. (2019). Governing Decentralized Organizations. Retrieved 30 January 2019 https://www.
Commission, T. (2017). Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO
(Release No. 81207). Retrieved from https://www.sec.gov/litigation/investreport/34-81207.pdf.
Curran, B. (2018). What is Blockchain Governance? Complete Beginner’s Guide. blockonomi.com.
Daniels, A. (2018). The rise of private permissionless blockchains – Part 1. Retrieved from https://medium.com/ltonetwork/the-
DAOStats. (2016). DAO Stats – Proposals. Retrieved from https://daostats.github.io/proposals.html#.
De Filippi, P., & McMullen, G. (2018). Governance of blockchain systems: Governance of and by Distributed Infrastructure
(hal-02046787). Retrieved from https://hal.archives-ouvertes.fr/hal-02046787/document
De Filippi, P. L., B. (2016). The invisible politics of Bitcoin: governance crisis of a decentralised infrastructure. Internet Policy
De, N., & Baydakova, A. (2019). The Collapse of QuadrigaCX: What We Know (And What We Don’t). Retrieved from https://
Directorate, S. o. G. L. R. (2019). Regulation of Cryptocurrency Around the World. The Law Library of Congress Retrieved
Ehrsam, F. (2017). Blockchain Governance: Programming Our Future. Retrieved from https://medium.com/@FEhrsam/
Everts, M., & Muller, F. (2018). Will that Smart Contract really do what you expect it to do? Retrieved from https://blockchain.
Falkon, S. (24 December 2017). The Story of the DAO – Its History and Consequences. Retrieved from https://medium.
Foundation, C. (2019). Philosophy. Retrieved from https://www.cardano.org/en/philosophy/.
Hacker, P. (2019). Corporate Governance for Complex Cryptocurrencies? A Framework for Stability and Decision Making in
Blockchain-Based Organizations. In Philipp Hacker, Ioannis Lianos, Georgios Dimitropoulos, & S. Eich (Eds.), Regulating
Blockchain. Techno-Social and Legal Challenges (pp. 140-166): Oxford University Press.
Hsieh, Y.-Y., Vergne, J. P., & Wang, S. (2018). The internal and external governance of blockchain-based organizations. In M.
Campbell-Verduyn (Ed.), Bitcoin and Beyond: Routledge.
Jia, K., & Zhang, F. (2017). Between liberalization and prohibition: Prudent enthusiasm and the governance of Bit-
coin/blockchain technology. In M. Campbell-Verduyn (Ed.), Bitcoin and Beyond (Open Access) (pp. 88-108): Routledge.
Kadiyala, A. (2018). Nuances Between Permissionless and Permissioned Blockchains. Retrieved from https://medium.com/
Kitchenham, B., Pretorius, R., Budgen, D., Brereton, O. P., Turner, M., Niazi, M., & Linkman, S. (2010). Systematic literature
reviews in software engineering – A tertiary study. Information and Software Technology,52.
Larimer, D. (2013). Overpaying For Security. Retrieved from https://letstalkbitcoin.com/is-bitcoin-overpaying-for-false-
Mainelli, M., & Smith, M. (2015). Sharing ledgers for sharing economies: an exploration of mutual distributed ledgers (aka
blockchain technology). The Journal of Financial Perspectives,3(3), 38-69.
Matilla, J. (2016). THE BLOCKCHAIN PHENOMENON – The Disruptive Potential of Distributed Consensus Architectures.
BRIE Working Paper 2016-1. Berkeley Roundtable On The International Economy (BRIE). University of California, Berke-
ley. Retrieved from https://brie.berkeley.edu/sites/default/ﬁles/juri-mattila-.pdf.
Meijer, D., & Ubacht, J. (2018). The governance of blockchain systems from an institutional perspective, a matter of trust or
control? Proceedings of the 19th Annual International Conference on Digital Government Research: Governance in the
Data Age (Article No. 90). doi: 10.1145/3209281.3209321
Moos, M. (7 January 2019). https://cryptoslate.com/ethereum-classic-experiencing-51-percent-attack-immutability-violated/.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system [White paper].
Ølnes, S., Ubacht, J., & Janssen, M. (2017). Blockchain in government: Beneﬁts and implications of distributed ledger technol-
ogy for information sharing. Government Information Quarterly,34(3), 355-364.
O. Rikken et al. / Governance challenges of blockchain and decentralized autonomous organizations 417
Palladino, S. (2017). The Parity Wallet Hack Explained. Retrieved from https://blog.zeppelin.solutions/on-the-parity-wallet-
Peters, G. W., & Panayi, E. (2015). Understanding Modern Banking Ledgers through Blockchain Technologies: Future of
Transaction Processing and Smart Contracts on the Internet of Money. SSRN Electronic Journal. https://arxiv.org/pdf/1511.
Post, R., & Kas, S. (2019). The role of modeling in the conceptualization phase of blockchain processes. (BSc), HU University
of Applied Sciences Utrecht,
Qureshi, H. (2018). Blockchains should not be democracies. Retrieved from https://hackernoon.com/blockchains-should-not-
Raval, S. (2016). Decentralized Applications, Harnessing Bitcoin’s Blockchain Technology, T. McGovern Ed. First Edition ed.).
Sebastopol, CA, USA: O’Reilly Media, Inc.
Reiff, N. (2018). Governance: Blockchain Tech’s Greatest Problem. investopedia.com.
Rikken, O., Naves, J., et al., (2018). The Legal Aspect of Blockchain: UNOPS.
Rikken, O., van Heukelom-Verhage, S., Naves, J., Terpoorten, H., et al. (2018). Smart Contracts as Speciﬁc Application of
Blockchain Technology. Retrieved from https://dutchdigitaldelta.nl/uploads/pdf/Smart-Contracts-ENG-report.pdf.
Rikken, O., & Vroegh, E. (2018). Crisis governance in a decentralized world. Retrieved from https://www.linkedin.com/pulse/
Salmon, J. (11 December 2018). Building the cryptocurrency ecosystem. International Financial Law Review. Retrieved from
Sclavounis, O. (17 November 2017). Understanding Public Blockchain Governance. Retrieved from https://www.oii.ox.ac.
Sedgwick. (2018). Why governance is the greatest problem for blockchains to solve. Retrieved from https://news.bitcoin.
Slacknation. (2016). DAO hack timeline. Retrieved from https://medium.com/@slacknation/dao-hack-timeline-823e5a18e894.
Stateofthedapps. (2019). Explore Decentralized Applications. Retrieved from https://www.stateofthedapps.com/.
Steis, M. (2018). Governance Models of Blockchain Protocols. Retrieved from https://medium.com/rockaway-blockchain/
Swan, M. (2015). Blockchain – Blueprint for a new economy, T. McGovern Ed., United States of America: O’Reilly Media Inc.
Union, E. (2017). LIVE EP Committee on Economic and Monetary Affairs Monetary Dialogue with Mario DRAGHI, President
of the European Central Bank. audiovisual.ec.europa.eu.
van Deventer, O., Berkers, F., & Vos, M. (8–9 May 2018). Techruption Consortium Blockchain – what it takes to run a
blockchain together. Paper presented at the Proceedings of 1st ERCIM Blockchain Workshop 2018.
van Deventer, O., Brewster, C., & Everts, M. (2017). Governance and Business Models of Blockchain Technologies and Net-
works. Retrieved from the Hague, the Netherlands: https://blockchain.tno.nl.
van Wirdum, A. (2017). The Long Road to SegWit: How Bitcoin’s Biggest Protocol Upgrade Became Reality. bitcoin-
Vessenes, P. (2016). The DAO Is Almost Totally Apathetic: It Should Stay That Way. Retrieved from https://vessenes.com/the-
Voshmgir, S. (2017). Disrupting governance with blockchains and smart contracts. Strategic Change. doi: 10.1002/jsc.2150
Voshmgir, S. (2019). Token Economy – How Blockchains and Smart Contracts Revolutionize the Economy (2nd amended
Printing ed.). Luxembourg: BlockchainHub Berlin.
Walch, A. (2019). Deconstructing ‘Decentralization’: Exploring the Core Claim of Crypto Systems. Centre for Blockchain
Technologies. University College London.
Walport, M. (2015). Distributed ledger technology: Beyond block chain. Retrieved from
Weill, P. (2004). Don’t Just Lead, Govern: How best Performing Organisations Govern IT. MIS Quarterly Executive,3(1), 1-17.
Weill, P., & Ross, J. W. (2005). A matrixed approach to designing IT governance. MIT Sloan Management Review,46(2),
West, K. (2018). Where is Blockchain? Jurisdictional Issues That May Affect Distributed Ledgers. Retrieved from
Williamson, O. (1998). Transaction Cost Economics: How It Works; Where It is Headed. De Economist,146(1), 23-58.
Wright, A., & De Filippi, P. (2015). Decentralized Blockchain Technology and the Rise of Lex Cryptographia. Yeshiva Univer-
sity – Benjamin N. Cardozo School of Law – Université Paris II – Pantéon-Assas.
Yermack, D. (2017). Corporate governance and blockchains. Review of Finance,21(1), 7-31.
Zamﬁr, V. (2018a). Blockchain Governance 101. Retrieved from https://blog.goodaudience.com/blockchain-governance-101-
Zamﬁr, V. (2018b). My intentions for blockchain governance. Retrieved from https://medium.com/@Vlad_Zamﬁr/my-