DAO administration is aware of the number of members in the system. So, in the case of the OS DAO, the whitelist is a list of each country's citizens. When citizens of Magonia come to the polls they provide their identity card. Here everyone has a unique hash, the authenticity of which can be verified by the zero-knowledge proof. With this in mind, we see PoE as a preventive security measure in the form of an auxiliary tool that affirms the uniqueness of actions and doesn't require KYC. In simple words, Magonia residents are the whitelist.
Each resident, in order to be able to perform any actions, once passes authentication, is qualified as "unique" and receives something like a multi passport (non-transferable ERC20 token), which is tied to only one wallet and one person and provides information on the user's actions. Each time a certain action is taken, they provide the multi passport and undergo additional instant verification (such as retina detection). Whitelisted accounts further serve as a fallback position: e.g. Colony uses multiple whitelisted accounts as a recovery mode to protect against malicious editing. (https://colony.io/whitepaper.pdf
There is another option: Humanode proposes a sybil defense solution as it is privacy-preserving, self-sovereign, and Sybil-resistant at the same time. Humanode co-founder Dato explains: "Humanode combines state-of-art liveness detection protocols, FHEd multimodal biometric processing with constant proof-of-existence, special validator admission protocols, reliable devices and recurring costs to create a robust Sybil-resistance that would safeguard the system from spoofs and bypasses committed by bad actors." (https://blog.humanode.io/attack-on-sybil/) That is, in our case, an additional instant check before each vote/delegation, that does not need a third party as KYC is excluded.
As with every whitelist strategy there is the flip side of the blacklist implementation. Bad actors across blockchain are out of control and their number is constantly increasing. Defending against these attacks can be prevented by adding bad actors' wallets to the blacklist. The identification card inside the entire blockchain system contains information about persons refused entry to different countries. Hence the architectural complexity of the system will be prevented by maintaining a bunch of "black" or "gray" lists, and the identification cards of Magonians will be available for inspection, taking into account data increases. With the ID card it will be possible to vote in another country, if it is not against the laws of that country.
A pre-vote sorting mechanism is a way to protect against bad actors. Proposals can only be voted on when they have a certain level of support: a certain percentage of the total votes must be reached. What experience do DAOs have with voting outcome thresholds? For Michael from Curve a quorum-based voting makes sense, a large majority of proposals got through at Curve DAO. The negative impact lies in a chance of tactical voting. Clement from Kleros comments: "In a quorum vote, those who oppose the proposal will usually abstain rather than vote against it because it is more likely to prevent it from passing." ( https://coinyuppie.com/summary-of-optional-daos-voting-mechanisms/) The voting threshold for admitting voting candidates should be high enough to prevent manipulation, but optimal for fair competition and dynamic voting.
Establishing a "leading board of governance" is the easiest option is to disqualify bad actors from voting and being elected, while also keeping them members of the DAO without the right to be a candidate for the management of the DAO. From the citizens' point of view, withdrawal of a part of the blocked "MagoniCoin" from those who have staked the token / have voted (except for additional tokens, such as wages) disqualifies them from capitalizing.