Reliability of a Blockchain
All my articles by topic.
Blockchains are not all the same, not all of them have the necessary characteristics to become the backbone of humanity’s future financial, social and political infrastructure. How reliable is a blockchain compared to a specific use case? The question is still open.
Recently in Italy, with the Decreto Semplificazioni 2019 (Simplification Decree 2019), the definitions of Distributed Ledger Technology (DLT) and Smart Contract have been introduced, with relative production of legal effects, however the standard has not yet defined the minimum requirements for a blockchain to be considered a legally binding immutable ledger (details here).
This task was in fact delegated to the AgID (Agency for Digital Italy), and many Italian operators in the sector are carefully observing the agency’s next moves. The AgID task is far from easy, there are many aspects to be evaluated in order to establish the minimum requirements for having an immutable and distributed ledger.
In this article I ask myself about this single question: what are the criteria that a distributed ledger (or blockchain, used interchangeably) must respect in order to be considered immutable, reliable and neutral for legal and financial activities? In short: what can we consider a blockchain? As a result I developed some considerations related to the definition of distributed ledgers, I analyzed the current limits and risks and future prospects. In particular, the blockchains to which I refer are those with greater adoption, public, permissionless and anonymous. I excluded from this analysis the private DLTs or those based on centralized consensus mechanisms such as Proof of Authority / DPoS, such as EOS and Libra.
The Question
Perhaps for the first time a state agency must declare an infrastructure, such as a blockchain network, to be reliable, secure and unalterable, not only on the base on its technological and security features, but also on the nature of the participation it receives from an unspecified (and indeterminable) number of companies, developers, enthusiasts, stating that this infrastructure is therefore relevant to be used as an immutable and authoritative archive in every legal aspect.
Why are those criteria so delicate? Because declaring an immutable distributed ledger, and therefore authoritative, something that could be used extensively and then subsequently maliciously altered, would generate incalculable legal repercussions and economic damages, that would be difficult to ascribe to specific legal entities. The very nature of public blockchains to be participated by an indeterminable number of anonymous entities, distributed globally, many of which are outside the national and EU jurisdiction, does not facilitate the task, as it makes it potentially impossible to apply any procedures.
Another very delicate aspect is the dynamism of these networks. A distributed ledger is an evolving “organism”, composed of thousands of players that change over time, new actors can emerge, old actors disappear, forces that were previously balanced can then be concentrated in the hands of a few, political events can quickly shift the assets , the protocols can evolve into more centralized versions. Those that today can be considered compliant networks, after a few years may no longer be. This is why the criteria for assessing the reliability of a network alone are not enough, an observation process is also necessary.
The Consensus
Before we go into the discussion it is better to clarify some concepts. A blockchain (at least a respectable one) is a network of equivalent (or Peer to Peer) nodes, without any centralized coordination, which maintains a distributed ledger usable in (pseudo) anonymous way, replicated among all the participants and, above all, synchronized, which means that all nodes agree on the same version of events, and they do it through an agreement process called consensus. The consensus also guarantees the immutability and neutrality of the network. The most delicate and innovative aspect of blockchains is precisely the consensus algorithm, in fact synchronizing tens of thousands of nodes without a central coordinating element was considered, until 2009, with the launch of the Bitcoin network, an irresolvable challenge.
There are several known consensus mechanisms, some still under development, others in operation in different networks, but the most common ones are based on the fact that each participating node has a voting power. The individual nodes continuously vote, exercising their power, what they believe is the next correct state of the distributed ledger. If they respect the rules established by the majority their vote is taken into consideration and they get a reward for their work, otherwise their contributions are ignored. If the consensus mechanism is well designed, it is more economically viable to look forward to the next state, rather than trying to rewrite past states, this guarantees the immutability of the network. A blockchain remains secure as long as there is not a single entity that, through one or more consensus nodes under its control, manages to exercise the majority of voting power alone, in which case it would no longer be economically inconvenient for such an entity to relax or violating the rules of the protocol.
The Consensus distribution
The robustness and reliability of a distributed ledger therefore depend on the differentiation and abundance of the entities that constitute it, let us reason for extremes: a ledger distributed on a given network, however extensive, if controlled by the same entity (legal), cannot be considered a blockchain, as immutability and neutrality cannot be insured on this network. On the other extreme, a network made up of many distinct and all competing entities, all with the same voting power, provide the premises for having an excellent blockchain. Nevertheless the aspects of the number and representativeness of these entities in the social and economic context to which the blockchain they contribute is employed remain still open.
The distribution of the consensus, ie the weight (or voting power) with which anonymous nodes reach a majority agreement on the status of the distributed ledger, is not linked to the number of controlled network nodes but depends, given the used consensus mechanism, from the power hash generated for the PoW (Proof of Work), and from the amount of tokens possessed for the PoS (Proof of Stake).
As mentioned before, a characteristic of the distributed ledger is that the nodes that exercise the consensus are anonymous, so it is not possible to know who they belong to. If the consensus of a network is exercised with a certain weight (in terms of hash power or stake), we have no guarantee that that weight is managed by independent legal entities, potentially the majority of the weight necessary to govern the consensus, could be controlled by the same entity (a private individual, a company, a state).
The verifiability of Consensus
What does it mean to have the majority of the consensus? Controlling the consensus means being able to rewrite the history of the transactions (at least the most recent), perhaps canceling some already confirmed ones. This is the worst scenario for a blockchain, a 51% attack, which enables the double spending, but it is an easily detectable scenario from the honest nodes of the network, and it is sufficient to permanently compromise the trust of the participants towards the attacked network. Controlling the consensus also means controlling most of the “access gates” of incoming transactions, potentially discriminating some of them in favor of others, forcing users to apply higher fees to be included. For what? Maybe to encourage those services on blockchain that are pleasant to those who control the consensus and discourage all others.
The exploitation of Consensus
Let us reflect now on possible exploitation strategies of an entity that manages to take over the consensus of a blockchain, which I believe depend on the temporal extension for which this entity has the majority of the consensus available and the cost incurred to reach this majority.
First hypothesis: temporary acquisition of the consensus. An entity that should somehow manage to take temporarily possession of the 51% consensus of a network, perhaps by renting mining capacity (applicable to small networks), or by exploiting the vulnerabilities of multiple mining pools at the same time (applicable also on large networks, but remote eventuality as dependent on the simultaneous success of a series of attacks), it would be incentivized to perform a double spend to subtract value, convert likely to fiat and then try to disappear.
Second hypothesis: acquisition of consensus through targeted investments. Individuals and companies could try to buy and then concentrate hash power under their control, perhaps taking advantage of bearish moments in mining farm returns (PoW scenario). This scenario is extremely viable, in fact it is not possible to verify the ownership and distribution of mining simply by observing the network. As far as we know today, 51% of the power of one of the main networks could already be under the control of a single, shrewd organization, perhaps through a network of convenient companies, this statement can only be contradicted by expensive intelligence procedures, and as long as this organization does not begin to exercise its power, the phenomenon cannot be observed on-chain. More difficult, but not impossible, to make massive purchases of tokens in the case of PoS, while still confronting the resulting price hikes of these tokens on public markets. Furthermore these token mopping activities would be clearly visible and easily detectable. The application of these strategies could yield and lead to the control of the consensus majority, but given the costs incurred to achieve the objective, the actors involved may find more cost-effective to exercise long-term partisan control rather than a permanent instantaneous damage.
Third hypothesis: acquisition through coercive means. A state that should, even with coercive means applied to the mining factories on its territory, manage to control 51% of a network consensus, (a scenario that can be more easily achieved with PoW, as it is linked to the physical presence of large mining farms) could be interested in a double spend operation, which would irreversibly compromise the reliability of the network in question irreversibly damaging it, or it could be interested in executing network manipulations, sufficiently prudent not to be demonstrable, but sufficiently effective to obtain economic results and long-term politicians such as rewarding friend services against services that are not.
Proof of Work and (totalitarian) governments are a strange short circuit that can hold bad surprises for the future. In fact, it is possible to hypothesize forms of “state mining” aimed at modifying commercial balances, without even having the possibility of detecting such interference.
We remember in fact that there is no effective way, observing only the behavior of a network, to make sure that the mining power expressed by a node of that network is actually generated by the hardware owned by that node rather than by other geographically located mining farms in countries officially not interested or neutral with respect to that network.
We can close this section with a question: how should the consensus of a distributed ledger be distributed, between how many distinct entities and with what weights, to be considered reliable from a national and international legal point of view? This is an open question, on which we can only formulate hypotheses: the network should have representation and institutional supervision, it should be participated by a number of distinct companies, which is a representative percentage of the total of a territory, the weights of the various companies should be divided equally or at least according to financial turnover.
But is this enough? To understand this, I propose an exercise: let’s think about a possible utopian future where there is a single blockchain able to represent an entire population equitably and democratically, let’s see how it could work.
The Utopia Blockchain
To construct a quality metric of a blockchain, we begin to hypothesize the definition of “ideal blockchain”. Although it is not technologically possible (at least to date) to realize an ideal blockchain like the one described below, this exercise helps to understand the conditions of maximum fairness for the functioning of a blockchain going to provide a universal instrument of financial and legal trust for an entire community.
The ideal blockchain from the legal point of view of a territory (a nation, a continent, the world), is a network in which all citizens living in that territory (or society) participate in an equivalent way (with the same consensus power).
Imagine that, given a territory, every citizen receives at birth (or at the age of majority) a small “magic device”, perhaps configured on a bioprint of the individual, able to provide all the functionality of a full node of the blockchain: networking with all other existing nodes, mining to exercise consensus, persistence of ledger data, management of various wallets.
The mining activity of this device generates credit that can be spent by the individual owner, in exchange for the effort made by the device to participate in the network.
Each individual can have only one working device that cannot be lost or destroyed, at the time of the individual’s death the device stops working (or at least to participate in the consensus), after all it is magical!
All existing devices are able to communicate with each other with a networking capability independent of any infrastructure. These devices implement a blockchain protocol that can be evolved over time, through a modification process that passes for the approval of the majority of the individuals in the company.
Each individual uses her device for all interactions towards the state and other individuals: as a wallet and store of value for its assets, as an anonymous or explicit identification tool, as a voting tool, as a tool to sign contracts with other individuals or organizations of individuals.
The individual also organizes his own device to temporarily delegate his consensus, possibly on specific areas, to other individuals, who become his representatives.
The operating protocol of the “magic device” is freely modifiable by its owner, but as long as the protocol does not play according to the rules established by the majority, the owner does not receive any economic reward.
In fact, in this utopian world the device is the digital counterpart of the owner and ensures that all the owner’s assets are decentralized. In this world the distribution of the consensus is guaranteed by design, and it is not possible for an individual to accumulate more consensus power than the limit is temporarily not granted by his peers.
Real world blockchains
What is the real situation instead? First of all, the main existing public blockchains are not partaken by institutions but by individuals and companies, which collect or invest risk capital to buy hardware (dedicated or not) and energy to participate in mining operations. The distribution of these companies is global, but very uneven.
The Proof of Work, the most “ancient” consensus protocol and the one considered to be the most secure at the moment, is extremely energy-intensive, at least in the version used in Bitcoin, therefore PoW mining finds it more favorable to develop in emerging economies that practice an extremely competitive electricity pricing.
As a result, to date 75% of the total world hashpower of the Bitcoin network is located in China. In my opinion, the concentration of this share of consensus in the hands of companies and individuals physically located in a totalitarian country is not reassuring. In fact, from the considerations previously constructed, it is possible to hypothesize that the Chinese government could one day decide to use this strategic advantage to implement two scenarios: compromising the credibility of Bitcoin, or manipulating the Bitcoin network for the benefit of its crypto fintech services.
At present, all consensus systems are based on the principle of the short-term economic incentive, which means that they rely on human behavior and interest in pursuing a secure return in the short term. What happens, however, if the short-term economic incentive is overruled by long-term political interest?
Areas of use
An applicable criterion for constructing the reliability index of a blockchain could take into account the scope of its use. If a distributed ledger is used only for commercial purposes, for example to regulate international economic relations, through the exchange of value and verification of conditions of agreement, to be in balance and therefore be reliable for the participating countries, it should present a proportionality in the distribution in the weight of consensus, perhaps proportional to the GDP of the countries involved. After all, if states are concerned about equilibrium in trade balances, the superpowers about equilibrium of nuclear weapons, why the financial players shouldn’t worry about the “consensus balance”?
If, on the other hand, a blockchain is used for political and social purposes, such as identity management and voting, to have balance among the participating countries there should be proportionality based on demography.
To date, the institutions are far from considering and appreciating these aspects, there is no support for blockchains from the general public and even the participation of companies is extremely limited, as these technologies still lack large consumer applications and economic incentives for small operators.
Conclusions
The anonymous nature of blockchains necessarily generates an information asymmetry between those who control consensus quotas and are able to establish their own weight, and those who use a network and have no estimation of how those weights are distributed.
The most structured blockchains to date are manned by private companies, therefore their use is more compatible with the implementation of commercial and some financial services, such as the transfer of value through instruments like stablecoins, where the value reserve is guaranteed in “traditional” way.
In order to be able to massively use a blockchain network for advanced financial services such as storage and value lending, I believe it is essential to be able to analyze the composition of the consensus, in order to verify the proper balance, how to effectively perform such verification on permissionless and anonymous blockchains remains an open question.
In a future where blockchain technology will be an integral part of the social, political and economic life of a society, citizens must be the guarantor of network neutrality, and this result can be achieved only with long incremental phases that pass through the involvement of great part of society and local, national and international institutions.
Thanks!
If you’ve made it this far, you’ve probably enjoyed my article. Why don’t you leave me feedback, like a comment or applause? If you’re new to Medium, you probably won’t know that a click on the applause button is only worth 1/50 of the top grade.
