So the algorithm is public, and the intention is for it to always be. Gaming is the main potential weak point. There has been a lot of thought put into attack vectors, and how they can be mitigated. There are a couple ex-googlers working on the project, as well as a PhD social scientist that’s put a lot of time into this as well. Here’s a podcast where he goes into details about the algorithm, gaming, etc. if anyone wants to dig deeper.
So far, the project has not seen that issue. It’s been paying people for 16 weeks now according to cred scores, to dogfood it internally before recommending to others. Here are the payouts so far. The payouts started small, then ramped up to ~$15k/week in the last couple months. My personal opinion (not speaking for the project), is that in small groups of humans that know each other, gaming will not be an issue (or will but there are good mechanisms for dealing with it). Scale it out to thousands, millions, with lots of money at stake, and yes, you’ll see major sibly attacks, bots, spam, etc. But for something like Maker Risk Teams, presumably we’re talking about small groups of highly skilled, educated people that know each other, right?
This is something SourceCred the project is grappling with right now. It wants to start recruiting developers, for instance, that can build out a deployable product. But people will expect salaries, stability. There have been a few ideas floated. For instance, a Foundation could take on the volatility risk itself. Maybe it loans the contributor DAI in the beginning, taking on risk that the contributor bails without paying off. Then the contributor pays back the DAI until they’re self sufficient. Or, (and this is my case, as I make my living working for crypto in two DAOs (SourceCred and Decred)), contributors manage the volatility themselves. Keep savings knowing some months will be up, some will be down. It may be a hard pill to swallow, but this type of employment also offers a different type of security and antigragility that traditional employers cannot. Namely, there is no “tail risk” of being fired (income going to 0 abruptly).
There are also ways to introduce stability at the algorithmic level. For instance, currently SourceCred contributors are paid via a formula (which is modify-able) that pays according to a mix of last week’s contributions and “lifetime cred” (total value of all contributions). The lifetime cred is much slower moving and stable; and could be made even slower moving and stable if desired. One can think of contributors building up a “postition” in the project, similar to how traders build large positions. If the payments from that position are stable, the income becomes relatively stable.
In the future, when all of this goes on-chain and permissionless, and the system generates reliable enough revenue, we could see something similar to the Bitcoin mining industry. Where there’s a lot of volatility, but nonetheless, organizations creatively use their own capital and organizational skills to create their own stability. Bitcoin mining pools now generate sustainable revenue (enough to IPO on public markets even). I explore this in a fun thought piece SourceCred as Community-Store-of-Value, where I substitue PoW miners in Bitcoin with PoL (Proof-of-Labor) miners in decentralized projects.
But yes, an open problem (which I have currently ). Curious to hear any ideas around this.