The idea that we need crypto policies hinges on two big assumptions. First, that DAOs will own stakes in other DAOs. Second, that if DAOs own other DAOs, then DAOs are at greater risk of being raided. Are both of these assumptions true?

DAOs will own stakes in their vendors’ DAOs because not doing so would prevent them from becoming an "automated" company.

If a DAO owns voting rights in their vendored DAO, they can write purchasing agreements into code, which prevents every transaction from being voted upon. If the vendor DAO does not give stakes, then the on-chain program that runs the purchaser DAO cannot trust the vendor.

In other words, the purchaser DAO can't create a public sellUsYourProduct function, because that function would become an exploit for another program to lie to the DAO about delivering goods and steal money.

Instead, the DAO would have to pick a particular vendor and stick with them, effectively limiting competition and ensuring that the DAO is over-paying. In this system, the DAO is paying extra to "trust" the vendor; which makes sense in the old economy. But, owning DAO tokens makes it possible to not need to trust the vendor (because you have control over it), which allows a marketplace to spin up for that vendored product, reducing the prices you would be otherwise paying, plus not forcing votes all the time.

Are crypto policies DAOs themselves, where actions are taken according to votes? Or are they fully code-based? Are they run automatically or are they invoked ad-hoc?

Cryptopolicies are not DAOs. They are just a category of a smart contract, they don't have to be controlled by anyone.

But you could imagine a "Lawfirm DAO" that creates cryptopolicies (such as ones that remove bad actors in a supply chain) in exchange for the tokens of that supply chain.

For example, imagine you and I run coffee shop DAOs. We've discovered that our coffee roasters are both getting their beans from poor working conditions. You and I can collectively pool our CoffeeRoaster DAO tokens in a cryptopolicy which votes to boycott the PoorWorkingCondition DAO, or to fork the PoorWorkingCondition's DAO tokens, fire the management and rehire someone else.

Some cryptopolicies could be automatic, and you could have smart contracts that create cryptopolicies.

Have I understood correctly the virtues of a crypto policy? What am I missing?

A cryptopolicy isn't inherently good; but it does offer a solution to multiple potential problems in Daonomics.

Unlike old-world policies; cryptopolicies allow for immediate and reservable action on previously difficult collective action problems, such as climate change. (Though, my assumption is that climate change will be solved in the existing market by falling clean energy prices and pre-existing government pressure).

In a collective action problem, each individual actor can't act alone. But in a cryptopolicy, you don't need to trust that other actors will operate in good faith; because blockchains allow you to pool your votes together without trusting a third party. All actors can act instantly only when the pool of people is large enough.

The idea that we need crypto policies hinges on two big assumptions. First, that DAOs will own stakes in other DAOs. Second, that if DAOs own other DAOs, then DAOs are at greater risk of being raided. Are both of these assumptions true?

DAOs will own stakes in their vendors’ DAOs because not doing so would prevent them from becoming an "automated" company.

If a DAO owns voting rights in their vendored DAO, they can write purchasing agreements into code, which prevents every transaction from being voted upon. If the vendor DAO does not give stakes, then the on-chain program that runs the purchaser DAO cannot trust the vendor.

In other words, the purchaser DAO can't create a public sellUsYourProduct function, because that function would become an exploit for another program to lie to the DAO about delivering goods and steal money.

Instead, the DAO would have to pick a particular vendor and stick with them, effectively limiting competition and ensuring that the DAO is over-paying. In this system, the DAO is paying extra to "trust" the vendor; which makes sense in the old economy. But, owning DAO tokens makes it possible to not need to trust the vendor (because you have control over it), which allows a marketplace to spin up for that vendored product, reducing the prices you would be otherwise paying, plus not forcing votes all the time.

Are crypto policies DAOs themselves, where actions are taken according to votes? Or are they fully code-based? Are they run automatically or are they invoked ad-hoc?

Cryptopolicies are not DAOs. They are just a category of a smart contract, they don't have to be controlled by anyone.

But you could imagine a "Lawfirm DAO" that creates cryptopolicies (such as ones that remove bad actors in a supply chain) in exchange for the tokens of that supply chain.

For example, imagine you and I run coffee shop DAOs. We've discovered that our coffee roasters are both getting their beans from poor working conditions. You and I can collectively pool our CoffeeRoaster DAO tokens in a cryptopolicy which votes to boycott the PoorWorkingCondition DAO, or to fork the PoorWorkingCondition's DAO tokens, fire the management and rehire someone else.

Some cryptopolicies could be automatic, and you could have smart contracts that create cryptopolicies.

Have I understood correctly the virtues of a crypto policy? What am I missing?

A cryptopolicy isn't inherently good; but it does offer a solution to multiple potential problems in Daonomics.

Unlike old-world policies; cryptopolicies allow for immediate and reservable action on previously difficult collective action problems, such as climate change. (Though, my assumption is that climate change will be solved in the existing market by falling clean energy prices and pre-existing government pressure).

In a collective action problem, each individual actor can't act alone. But in a cryptopolicy, you don't need to trust that other actors will operate in good faith; because blockchains allow you to pool your votes together without trusting a third party. All actors can act instantly only when the pool of people is large enough.