Ken Thompson, the co-creator of the Unix computer operating system, received the Association for Computing Machinery’s prestigious Turing Award in 1984. In his acceptance speech, he did something odd. He chose not to talk about Unix at all; instead, he spoke about trust. Computer security can never be proven indisputably, Thompson pointed out, because those who write the software can embed malicious code that is invisible to outside observers. “You can’t trust code that you did not totally create yourself,” he concluded. Instead, you must trust the people who wrote the code. Humans are always in the loop.
Three decades later, that principle remains true. With Bitcoin, Satoshi Nakamoto created a new decentralized trust architecture. He did not overcome the need for trust. Just as a map is not the same as the territory it covers, a computer system implemented in the real world never matches its idealized description. Many ideas that sound great on paper wither in the face of real-world complications. Most people do not change their behavior overnight. Building technology platforms that work at scale and integrate with existing systems takes time and often involves false starts. Sometimes the true problems are not ones that the blockchain can solve. Sometimes the adoption incentives are not as strong as it seems within the bubble of blockchain enthusiasts. Incumbents have significant advantages and do not necessarily stand still in the face of innovation. Success is far from guaranteed.
Several much-hyped examples of revolutionary blockchain opportunities have failed to meet expectations. A pioneering initiative to register land titles on a blockchain in Honduras, thereby empowering individuals, failed amid disputes with local officials. A company that observers said could “transform the music industry” with blockchain technology offered singer/songwriter Imogen Heap’s song “Tiny Human” on Ethereum with great fanfare … and generated sales of $133, as reported by blockchain critic David Gerard. A prominent, well-funded blockchain start-up promising to cut the cost of remittances between immigrants and their families took two years to launch in its first country, and had less than seventy-five users per day a year later. None of these examples mean that the companies involved, or the use-cases they promoted, are doomed to failure. Perhaps they were simply too early. But they should be cautionary notes for those who view the triumph of the blockchain as inevitable.
Furthermore, the Internet experience should give pause to those making confident predictions about the blockchain’s social impacts. The Internet is an extraordinary tool for free speech around the world but also is the mechanism that repressive governments now use to control their populations. Social media brought people together but also nurtured communities of hate and state-sponsored disinformation campaigns. Uber provides people around the world with efficient access to transportation but also gives one company tremendous power that it has repeatedly abused. The blockchain has similar potential to be used for good and ill. The same corrosive forces that gave rise to the modern trust crisis could undermine or corrupt its solutions.
Just because the blockchain provides a better mousetrap does not mean that it will restructure the world. Major established systems are typically more resilient than they appear. For example, longitudinal research by New York University (NYU) professor Thomas Philippon concluded that “the unit cost of financial intermediation appears to be as high today as it was around 1900.” Despite the introduction of the telephone, the computer, the Internet, the cloud, and all the other technological innovations of the past century, it costs about the same in real terms to transact in financial markets as it used to. The volume and sophistication of activity have grown dramatically, but so have the transaction costs represented in the financial services sector. Philippon speculates that as basic services commoditize, new, more expensive products emerge, such as asset management, in a continual effort to beat the market.
One interpretation of this result, from fellow NYU professor David Yermack, is “that there really is a desperate need for technology to come, reduce the cost of financial intermediation, probably by orders of magnitude. He posits this as the opportunity for financial technology (fintech) innovations including distributed ledger technology. The question, though, is why these innovations would be any more likely to change these dynamics. Recording financial transactions on a distributed ledger could be much cheaper than doing so through a collection of reconciled databases and could give rise to many new services. But the same was true of moving from paper to computerized records, and from room-sized mainframes to Internet cloud storage. Today’s financial services colossus JPMorgan Chase is light years more sophisticated than the firm that John Pierpont Morgan created in 1895. Yet it occupies a similar role in the interstices of finance.
What would really change the economics of financial services—and other sectors—is a fundamental change in industry structure. The tokenization model, in which value resides in the network rather than its controlling operator, offers just that potential. If big players in the middle no longer gained comparative advantage from their bigness, it might actually produce the dramatic power shifts that blockchain boosters describe. Entrepreneurs with great ideas would no longer be at the mercy of venture capitalists and other financial gatekeepers. Musicians and authors would not have to give over control, and most of the profits, to music labels and publishers. Developers of innovative technologies would overcome the inertia of less-efficient incumbent approaches. Economic opportunity would be open to more individuals around the world, especially in low-income regions. Governments would be more effective in serving their citizens, while at the same time intruding less in their lives. Incumbent firms could benefit as well, but they would need to become more transparent and more dedicated to serving their users.
All these potential transformations are tremendously exciting. But they are not inevitable. And as the finance industry illustrates, even technological transformations that preserve market structures can produce massive innovation. The proper response to the blockchain, therefore, is not to get out of the way of inexorable disruption, but to engage. What matters are not the industries that the technology might conceivably transform, but the markets and practices that it will actually change. The way to separate the two is to dive below the surface commotion of press releases, funding announcements, and cryptocurrency prices.
Even when distributed ledger technology is applied in contexts where it can add significant value, there are substantial uncertainties and dangers. Satoshi Nakamoto came up with a novel and valuable approach to distributed trust, but it is far from a perfect solution. Certain challenges cannot be overcome by any technology. The same wave of hype that produced the Whoppercoin leads many to think that blockchains cannot fail. In reality, even if the foundational security of a distributed consensus remains intact, many things can go wrong. And there are many reasons why pilot projects or start-ups announced with great fanfare do not achieve their stated goals.
To reach their potential, systems built around blockchain technology will need robust trust. The blockchain vision treats trust as a public good rather than a source of private advantage. Participants on public blockchains will need to trust in a decentralized model in which no one—seemingly—is in charge. Companies on permissioned distributed ledger networks will need to trust that they can share control. And across the board, governments will need to trust that their citizens will be protected, taxes will be paid, and abuses can be policed. This means that blockchain-based solutions will need to engage with the mechanisms of governance and law.
The Limits of Decentralization
Blockchain decentralization has limits. This is true even for Bitcoin, perhaps the purest decentralized cryptocurrency. Bitcoin users trust the code issued by the core developers, and that code incorporates hard-coded elements such as “checkpoints,” beyond which the blockchain cannot be forked. And bitcoin holdings are actually quite concentrated. According to an analysis in late 2017, just 1,000 accounts held 40 percent of the currency, and 100 held over 17 percent. The concentration of some initial coin offering (ICO) tokens is even more extreme. Brave raised $35 million, but two-thirds of the tokens went to just twenty holders.
The biggest points of residual centralization for public blockchains, however, are the miners and the core developers. Bitcoin works because Nakamoto Consensus aligns the economic interests of miners and network users. The vision of the Bitcoin whitepaper was that mining would be a relatively low-intensity activity that ordinary users could engage in. There would be millions of miners around the world, all putting processing power to work for the hope of earning rewards. Indeed, for the first few years of Bitcoin’s existence, this was a relatively accurate description.
However, as the price of bitcoin—and the corresponding rewards from mining—increased, competition among miners revved up. Dedicated mining companies began creating specialized hardware that was optimized for Bitcoin’s hashing puzzles. Ultimately, they moved to designing their own custom chips, called application-specific integrated circuits (ASICs), to power massive racks of mining computers. The performance of these ASICs was so much greater than the alternatives that for all intents and purposes, mining became a scale game. Operators such as Bitmain and Bitfury gained a sustained advantage through their mastery of ASIC design.
Mining pools accelerated this trend. Each Bitcoin miner was supposed to compete with others to earn block rewards, but groups of mining operators realized that they could achieve better results by pooling their earnings. Instead of each miner receiving nothing most of the time and a windfall when it successfully solved a block, pools split their payouts in proportion to the hashing power contributed. This made payouts steadier and more predictable, further accelerating the commercialization of mining. The fact that ASIC developers could outsource some of their hardware obsolescence risk to small-scale miners was another incentive.
The final step toward mining consolidation was the shift in mining economics as processing power increased. Hardware costs and bandwidth became a smaller percentage of total expenses than electricity to power the intensive computing and to keep the machines from overheating. So those with access to cheap or free electricity, especially in locales that made it easy to operate and cool massive server farms, had an advantage. Relationships with local or national authorities who control electricity supplies became a competitive differentiator for miners.
Fewer than ten groups dominated Bitcoin mining by 2017. Most were Chinese mining pools. (Bitfury, which operates its own data centers and sells hardware only to large purchasers, is the primary exception.) Ethereum mining is also highly concentrated, even though its consensus algorithm is designed to be ASIC-resistant. The concentration of mining calls into question the basic premise that public blockchains are decentralized. Collusive miners could, like the Japanese keiretsu networks of major corporate groups, create an outwardly competitive market that actually serves a small coalition of private and government interests. As the price of cryptocurrencies increases, the money to be made through proof of work goes up as well. The mining operations for Bitcoin and Ethereum now generate several million dollars per day in revenue from their block rewards. And with the scaling challenges Bitcoin has faced, transaction fees have ramped up as well. Mining pool operators can be expected to maximize their profits. There is no reason for them to promote decentralization of the Bitcoin network if doing so conflicts with their economic interests.
Ethereum and other networks hope to limit the power of miners by switching the consensus algorithm to proof of stake. Proof of stake replaces computationally intensive mining with the staking of tokens. Even if it succeeds, though, proof of stake could promote centralization of a different kind by giving large holders of the cryptocurrency—who have more available to stake—greater power over its development.
The miners are not the only concentrated blockchain interest group. The developers working on the core software also tend to be small groups wielding a great deal of power. Satoshi Nakamoto and a few colleagues created the original Bitcoin implementation in 2009, but it has been significantly revised and extended since then. Implementing a scalable, reliable, bug-free network takes ongoing efforts. Hyperledger and R3 follow a more established model for open-source software projects of interest to major companies. They have corporate members who contribute funding and code, along with established governance structures for those members.
Coinbase cofounder Fred Ehrsam estimated in mid-2017 that there were only about fifteen primary developers each for the Bitcoin and Ethereum platforms. Important infrastructure projects such as Lightning Network, which hopes to create a new application layer that greatly improves the performance of the Bitcoin network, run on shoestring budgets. For projects managing cryptocurrencies with asset values in the tens of billions of dollars, on which companies around the world have staked their futures, those are tiny numbers. The small number of core developers keeps these projects nimble, but it raises the question of whether they can handle the load. Both projects have much larger communities of engaged developers, but they depend on the work of the core group.
On the Bitcoin side, although there is a Bitcoin Foundation with the mission of promoting the protocol, most of the key developers are paid by third parties such as the MIT Digital Currency Initiative, the venture-backed startup Blockstream, and the self-funded ChainCode Labs. The Bitcoin Core developers are actually a very loosely connected group, who often disagree. Only a handful of them have “commit” access to update the official Bitcoin Core software repository, and there is no formalized process for granting that power.
The Ethereum Foundation has a stronger position in the Ethereum ecosystem. Thanks to its 2014 crowdsale, it has resources to fund core developers. It also has a “benevolent dictator” who shepherds the project, in Vitalik Buterin. Finally, Ethereum’s community norms tend to be more collaborative than Bitcoin’s. This model parallels that of other successful open-source projects, most notably the Linux Foundation led by Linus Torvalds, but it creates some tension with the notion of Ethereum as a truly decentralized system.
The distributed trust model of blockchain systems is based on power being concentrated in the network itself. Validators are incentivized to participate but not guaranteed any control over transactions. Dapps engaging in token sales replicate this structure on the next higher layer. The value of the network resides in the currency, which is distributed among users and other token holders. It is not centralized in the network operator, in contrast to centralized information and social media platforms. The network is the infrastructure, which creates value for all. Yet no one is automatically responsible for funding that infrastructure.
This creates the potential for a tragedy of the commons. Developers, users, and token holders of applications benefit from good engineering of the blockchain platforms, but they do not necessarily contribute to it. Networks that held lucrative token sales during the ICO boom were able to monetize to support development prior to launch. Then again, they face expectations commensurate with the scale of their crowdsales.
The fact that miners and core developers can exert influence over the direction of a blockchain system does not invalidate the basic claim of decentralization. There is no one entity that can throw a magic switch and alter the network. Power to alter the protocol, such as changing the block size, is different from power to change the information recorded on the ledger. Immutability holds up so long as the network collectively is more powerful than an attacker.
What the limits of blockchain decentralization mean is that questions of governance and regulation cannot be dismissed. These systems depend on trust, and trust depends on the collective decisions of those who shape the platform.
Centralization has benefits. In 2013, an update to the Bitcoin Core software accidentally triggered a potentially catastrophic hard fork. The Bitcoin community quickly recognized that the best course of action was to downgrade to the earlier version, destroying the fork. The core developers were able to reach consensus in less than an hour through online chatroom conversations. The fix was quickly implemented because the mining pool BTC Guild, which then controlled 20 to 30 percent of Bitcoin mining power, threw its weight behind the change. A more decentralized community might not have been able to respond in time to stave off a crisis.
On the other hand, if a country wants to crack down on blockchain-based activity, it has ways to gain purchase. It could not completely shut down the network if enough nodes were outside its borders. It could, however, effectively threaten local users, miners, and the exchanges converting cryptocurrencies into and out of fiat currencies. China did just that in mid2017. It banned Bitcoin exchanges and token offerings, out of concerns about financial fraud and capital flight. Yet shortly thereafter, Yao Qian, the head of the People’s Bank of China’s Digital Currency Research Institute, called for the Chinese central bank to issue its own cryptocurrency.
From all indications, Chinese leaders understand very well how economic soft power, embodied in mechanisms such as the Marshall Plan after World War II and Treasury Bills as the global reserve currency, helped make the U.S. the world’s lone superpower. Tokenizing the Chinese renminbi before other major fiat currencies is one potential path toward similar soft power in the twenty-first century. Russia appears to have similar designs. Cryptocurrency mining could even become a strategic technology for major nations, like atomic physics during World War II or supercomputing during the Cold War.
These are speculative scenarios today. Whatever happens, the bedrock assumption that public blockchain networks are inimical to centralized private or public control needs to be qualified. If cryptocurrencies become more significant in either financial or political terms, those in charge today will not be powerless to shape them.
# # #
Adapted from The Blockchain and the New Architecture of Trust by Kevin Werbach. Copyright 2018. Used with permission from The MIT Press.
Shares