Commissioned, Curated and Published by Russ. Researched and written with AI.
What’s New This Week
Balancer Labs, the corporate entity behind the Balancer protocol, announced it is shutting down and transferring full control to the DAO. Co-founder Fernando Martinelli cited the November 2025 $110M exploit as the trigger: the legal exposure made the corporate structure a liability rather than an asset. The protocol itself remains revenue-positive; TVL has fallen 95% from a $3.5 billion 2021 peak to $157 million, but the underlying code still generates fees. The restructuring plan ends BAL token emissions, redirects 100% of protocol fees to the DAO treasury, and proposes a core team transition to a new entity called Balancer OpCo, pending DAO governance approval. This is a real-world test of whether DAO governance can absorb operational control after the founding company exits – and whether the on-chain infrastructure can hold without a corporate sponsor. (Source: CoinDesk, 24 Mar 2026.)
Changelog
| Date | Summary |
|---|---|
| 25 Mar 2026 | Balancer Labs shuts down as corporate entity, transitioning full protocol control to the DAO following November 2025 $110M exploit. |
| 24 Mar 2026 | Added lightweight statistical inference verification paper (IEEE SaTML 2026), EIP-8141 quantum-resistant signature migration, Lean Ethereum mainnet deployment, and $920M AI-crypto VC week. |
| 23 Mar 2026 | Added Dark DAO defence research (HE-ZKPoK), Tally.xyz shutdown, zkLLM 13B verification milestone, and ERC-8183 agentic commerce standard. |
What “Trustless” Actually Means
Trustless does not mean trust-free. It means you do not have to trust a specific counterparty – instead, you trust the mathematics and the open code. A smart contract on Ethereum executes exactly as written, regardless of whether the deploying team still exists, whether they intend to honour it, or whether a regulator orders them to stop.
This is a different threat model to traditional software. In a traditional system, you trust the company running the servers. In a trustless system, you trust the protocol. The implications extend beyond finance: any agreement that can be expressed as logic can potentially be enforced by code.
For context on why this matters for data sovereignty and the question of who controls infrastructure, the AI, Palantir, and the FCA data question is a useful parallel – the same tension between institutional control and cryptographic alternatives appears in both spaces.
ZK Proof Landscape
Zero-knowledge proofs allow one party to prove they know something without revealing what they know. Applied to blockchains, ZK-rollups allow a sequencer to prove the correctness of thousands of transactions with a single cryptographic proof submitted to Ethereum, rather than re-executing each transaction on L1.
The two main proof systems in production:
ZK-SNARKs (Succinct Non-interactive Arguments of Knowledge): compact proofs, fast to verify, but require a trusted setup ceremony. Used by zkSync Era and Polygon zkEVM.
ZK-STARKs (Scalable Transparent Arguments of Knowledge): no trusted setup, quantum-resistant in theory, but larger proof sizes. Used by StarkWare’s StarkNet.
PLONK is a proving system that improved on earlier SNARKs by enabling a universal trusted setup – one ceremony rather than per-circuit setups. Most modern ZK systems build on PLONK variants.
The live zkEVM implementations as of early 2026:
- zkSync Era (Matter Labs): full EVM equivalence, significant developer ecosystem
- Polygon zkEVM: integrated into Polygon’s AggLayer aggregation architecture
- Scroll: university-origin team, focused on open-source EVM equivalence
- Linea: ConsenSys’s implementation, integrated with MetaMask
Each makes different tradeoffs on EVM compatibility, proof generation speed, and decentralisation of the proving layer.
A $175M growth round this week for a verifiable inference network signals that capital is now following the ZK inference research direction – not just the scaling rollup space. (Source: coinreporter.io, 24 Mar 2026.)
DAO Governance – What’s Working, What Isn’t
DAOs (Decentralised Autonomous Organisations) are the governance layer of DeFi protocols. The theory: token holders vote on protocol parameters, treasury allocation, and upgrades. No single company controls the protocol.
The practice is messier. Problems in 2025–2026:
Voter apathy is endemic. Most token holders do not vote. Governance ends up controlled by large holders (VCs, whales, development teams) who have both the incentive and technical capacity to participate.
Governance attacks – buying enough tokens to pass self-serving proposals – remain a real attack vector, though some protocols have implemented time-locks and multi-step governance processes.
Delegation models are helping. Protocols like Uniswap and Aave allow token holders to delegate their votes to active participants without giving up custody. This improves participation without centralising power.
What is working: DAO governance has successfully managed billions in treasury assets, deployed grants programmes, and made protocol upgrades across major DeFi protocols without traditional corporate structures. It is slow, contentious, and occasionally gamed – but it functions.
A new type of governance attack – the Dark DAO – uses MPC or TEEs to let a cartel member pass on-chain authentication without holding their own key, enabling automated vote-buying at scale. Researchers at Zhejiang University have proposed Human-Extractable ZK Proofs of Knowledge (HE-ZKPoK) as a defence: the prover must solve CAPTCHA puzzles inside the ZK proof, which cannot be automated without a human in the loop. The work is academic but directly addresses the most sophisticated end of the governance attack surface. (Source: IACR ePrint 2026/511.)
A more immediate infrastructure signal: Tally.xyz is winding down. Tally was one of the primary interfaces through which delegates and token holders interacted with on-chain governance. Its departure highlights a structural risk – DAOs whose participation depends on a single frontend are more fragile than the on-chain contracts alone would suggest. Anticapture is positioning as a replacement, and the episode reinforces the case for multiple independent governance interfaces.
TheDAO Security Fund launched ETHSecurity Badges, an on-chain primitive that lets verified security experts earn reputation and vote on how the fund’s $220 million security allocation is distributed. Up to 200 experts selected. It is a concrete example of delegation that mixes identity verification with stake-weighted voting – a hybrid model that sidesteps pure token-weighted apathy without centralising control.
Balancer Labs announced this week it is shutting down as a corporate entity and handing full operational control to the Balancer DAO. Co-founder Fernando Martinelli attributed the decision to legal exposure from November 2025’s $110M exploit – the third known security breach for the project. The protocol remains revenue-positive despite a 95% TVL decline from a $3.5 billion 2021 peak. The restructuring ends BAL token emissions, redirects 100% of protocol fees to the DAO treasury, and proposes migrating the core team to a new entity called Balancer OpCo, pending DAO vote. It is an unplanned stress test of whether on-chain governance can absorb operational responsibility when the founding company exits – the exact scenario DAOs were designed for, now running in production. (Source: CoinDesk, 24 Mar 2026.)
Smart Contracts as Programmable Law
Smart contracts replace intermediaries in specific, well-defined processes. Real examples that are working in production:
DeFi lending – Aave and Compound execute loan origination, interest accrual, and liquidation with no human intervention. The collateral rules are code; the liquidations are atomic.
Automated market makers – Uniswap’s pricing algorithm has processed hundreds of billions in volume. There is no order book, no market maker counterparty, just a formula.
On-chain options and perpetuals – Protocols like GMX and Lyra execute complex derivatives contracts on-chain. Payouts are automatic based on oracle price feeds.
The limits are real: smart contracts cannot enforce anything off-chain. They also cannot respond to edge cases the original developer did not anticipate – a feature in some contexts (predictability) and a bug in others (rigidity when circumstances change).
AI and Trustless Systems
The intersection of AI and cryptographic verification is early but significant. Key threads:
Verifiable inference – ZK proofs can attest that a specific AI model ran on a specific input and produced a specific output, without revealing the model weights. This matters for use cases where you need to prove an AI decision was made correctly without exposing the underlying model.
The zkLLM protocol now handles end-to-end inference verification for 13-billion-parameter models, with proof generation time under 15 minutes and proof size at 200KB. For reference, 13B is a commercially relevant model size – this is no longer a toy proof-of-concept. The cost and size curve is compressing fast enough that unverified inference becoming the budget tier looks like a near-term outcome rather than speculation. (Source: techflowpost.com.)
A separate approach published this week at IEEE SaTML 2026 (arXiv:2603.19025) takes a different route entirely: rather than full cryptographic ZK proofs, it uses sampling-based statistical verification grounded in the statistical properties of neural networks. The prover commits to an execution trace via Merkle-tree commitments and opens only a small random subset of paths for the verifier to check. Proving time drops from minutes to milliseconds – several orders of magnitude faster than zkLLM. Tested on ResNet-18 and Llama-2-7B. The tradeoff is significant: this gives statistical soundness rather than cryptographic guarantees. A single proof is not conclusive; detection probability amplifies over repeated queries. For auditing workloads where many inferences run continuously, the speed advantage may outweigh the weaker per-inference guarantee. For high-stakes single-query scenarios, it may not. These are complementary tools, not competing replacements.
On-chain AI agents – protocols are experimenting with AI agents that hold wallets, sign transactions, and interact with DeFi protocols autonomously. The trust question is sharp: who controls the agent, and what are the limits of its autonomy?
World Chain adopted ERC-8183, a joint open standard from Ethereum and Virtuals Protocol for agentic commerce. The integration anchors AI agent economic activity to proof-of-human verification – only confirmed human identities can unlock certain agent actions on-chain. It is an early but concrete implementation of the question the post raises: who controls an on-chain AI agent, and what are the limits of its autonomy.
ZK for training data provenance – proving that a model was trained on licensed data without revealing the training set. This is an active research area with direct commercial relevance as copyright disputes over AI training intensify.
Protocol Security and Ethereum Roadmap
The base layer on which ZK validation is being built is moving. Lean Ethereum is now fully deployed on mainnet. The protocol simplification effort – stripping unnecessary complexity from the base layer and concentrating security guarantees at L1 – is complete. Vitalik confirmed it will make ETH the only major chain combining optimal security under synchrony with strong economic finality.
EIP-8141 (Frame Transactions) received Vitalik’s public backing this week. The proposal allows Ethereum accounts to switch from ECDSA signatures to post-quantum alternatives. Quantum resistance matters here beyond the obvious cryptographic reason: ZK proof systems that rely on assumptions about the hardness of problems ECDSA depends on would be directly affected if those assumptions break. Post-quantum signature migration is therefore upstream of ZK security, not parallel to it. (Source: cryptotimes.io, 23 Mar 2026.)
Key Players
- Ethereum Foundation: the research engine behind ZK roadmap items, EIP process, and Verkle tree work
- StarkWare: the team behind StarkNet and Cairo, the proving language. Commercially aggressive, technically deep
- Polygon: pivoted from sidechain to ZK focus; the AggLayer aims to aggregate proofs from multiple chains
- Aztec: privacy-focused ZK rollup, distinct from scalability-focused approaches; targets private transactions and smart contracts
- Optimism: leads the OP Stack ecosystem; not ZK but the dominant optimistic rollup architecture, with a governance model (Optimism Collective) that is one of the more functional DAO experiments in practice