Skip to content

Keeping Track of the Tokens: Bitcoin, Blockchain, & Other Distributed Ledgers

Shermin Voshmgir edited this page May 11, 2021 · 6 revisions

Blockchain networks build on the idea of P2P networks, providing a universal data set that every actor can trust, even though they might not know or trust each other. Immutable copies of that data are stored and managed on every node in the network. Economic incentives in the form of native network tokens are applied to make the network fault tolerant, attack resistant, and collusion resistant.

The concept of a “chain-of-blocks” was introduced in the Bitcoin white paper in October 2008, with the aim to create “P2P money without banks.” The paper, published under the pseudonym Satoshi Nakamoto, proposed a system where all computers in the network hold an identical copy of a ledger of transactions, which acts as a single point of reference for everyone in the network. All network nodes collectively update and manage this ledger, which represents a universal data set that every actor can trust, even though they might not know or trust each other. People and institutions who do not know or trust each other, reside in different countries, are subject to different jurisdictions, and who have no legally binding agreements with each other can now interact over the Internet without the need for trusted third parties like banks, Internet platforms, or other types of clearing institutions.

Double-Spending Problem: This new form of distributed data management resolved the double-spending problem over the Internet. The way the Internet is designed today, one can spend the same value—issued as a digital file—multiple times, because digital information can be copied, and copies of that same digital file can be sent from one computer to multiple other computers at the same time. Before the emergence of Bitcoin, ideas around cryptographically secured P2P networks had been discussed in different evolutionary stages, mostly in theoretical papers, since the 1980s (read more: Annex - Origins of Bitcoin). However, there had never been a practical implementation of a P2P network that managed to avoid the double-spending problem, without the need for trusted intermediaries guaranteeing value exchange. The Bitcoin protocol introduced a mechanism of making it expensive to copy digital values.

Chain of Blocks: In a blockchain network, token transactions are recorded in batches of data called “blocks” that are “hashed.” This cryptographic hash creates a digital fingerprint of the block (read more: Part 1 - Token Security: Cryptography.) Each block includes the hash of the prior block, thereby linking one block with another into a chain of blocks. This process guarantees the historic integrity of all the blocks back to the first block, also referred to as the genesis block. If data in one block is altered, the hash value of the block and all subsequent blocks will change, and every node in the network will know that the data has been tampered with. This growing list of chained blocks is also referred to as the ledger.

The ledger is a file that maintains a growing list of transaction records, chained in blocks that are cryptographically secured from tampering and revision. If manipulation attempts were made, the hash value of the manipulated ledger would not coincide with the hash value recorded on the copies of the ledger on all other nodes. The hash value of a block therefore serves as a counterfeit protection that can be used to check the authenticity of a transaction on a ledger.

Distributed Ledger: A copy of the ledger is stored on multiple nodes of a cryptographically secured P2P network. In order to change the ledger data on all copies of the ledger throughout the whole network, the network nodes need to reach a mutual agreement about such a change. A distributed ledger is a shared, trusted, public ledger of transactions that everyone can inspect, but which no single user controls. Each independent node has the latest version of the ledger, which contains all transactions that have ever been made, and can verify transactions. This process is referred to as “consensus.” This is particularly useful in inter-organizational setups where no institution wants to trust another institution with the management of their data.

Tokens: The term “token” is simply a metaphor. Contrary to what the metaphor might suggest, a token does not represent a digital file that is sent from one device to the other. Instead, it manifests as an entry in the ledger that belongs to a blockchain address. Only the person who has the private key for that address can access the respective tokens, using a wallet software, which acts as a blockchain client (read more: Part 1 - Token Security: Cryptography, Wallets.)


Why is it called Blockchain


Unlike distributed databases, where data is distributed but managed and controlled by one single entity, blockchain networks allow for distributed control. Different people and institutions that do not trust each other share information without requiring a central administrator.

Like a spreadsheet in the cloud: The ledger could also be described as a spreadsheet in the cloud. Think of cloud applications like “Google Sheets,” where everyone can access and edit a file simultaneously. But, as opposed to Google Sheets, where that file is centrally stored on the Google servers, the ledger of a blockchain network is a document that is not centrally stored. Instead, each node of the network keeps an identical copy of the same file at all times (with temporary exceptions every time a new block is created).

Universal State: Every computer in the network manages its own identical copy of the ledger, which acts as a universal data set across the whole network, guaranteeing that each token is transferred only once. The ledger therefore represents the universal state of the network, that all nodes in the network agree upon. It serves as a digital notary and a publicly verifiable timestamp.

Bitcoin Transactions: When using the Bitcoin network, instead of a bank validating financial transactions, all computers in the network check their copies of the ledger for validity of the transaction, and collectively confirm transactions by majority consensus. No user is trusted more than any other. Instead of a single trusted third party validating transactions through their servers with authority (single vote), a P2P network of computers running the blockchain protocol validates transactions by consensus (majority vote).


Like Spreadsheet Cloud & Behind The Blockchain Protocol


The protocol is a set of rules and processes that define how all the (anonymous) nodes in the network can reach an agreement on the true state of the network. The protocol defines how the participants in the network interact with each other: (i) under which conditions sending tokens from A to B is valid; (ii) the economic rewards for validating transactions with a cryptographic token; (iii) how to reference identities and sign transactions; and (iv) who decides over network upgrades.

Cryptoeconomics: Cryptography secures the network and provides full transparency for all participants, while maintaining the privacy of each individual actor. It also makes sure that past transactions are true. Game theory is applied to make sure that future transactions will be conducted in a truthful manner by majority consensus of all network actors, assuming that all network actors could potentially be corrupt. The consensus mechanism is designed to make it difficult to manipulate the ledger.

Consensus: Proof-of-Work is the “consensus mechanism” used by the Bitcoin network that steers collective action of an unknown set of anonymous network actors. It builds on cryptoeconomic principles. Reverse game theory is used to reward network actors with a native network token. In the case of the Bitcoin network, this would be the Bitcoin token. This reward mechanism is designed to make it economically infeasible to cheat the network, due to the prohibitively large amount of computing power that would be required to do so, and taking into account extreme attack scenarios. The consensus rules are designed in a way that make the network attack resistant, in spite of the lack of centralized parties to govern the truthfulness of network activities.

Identities: A blockchain address, which is derived from the private key, represents a pseudonymous digital identity of the token owner. Tokens are noted to belong to a certain address in the public ledger. Only the owner of that address can request to send these tokens somewhere else. In order to prove their ownership to other participants of the network, token holders need to sign transactions with their private key. This form of identity management is purely based on mathematical functions, allowing other computers in the network to confirm the validity of a transaction without needing to know the actual person or his secret private key (read more: Part 1 - Cryptography & User-Centric Identities).

Accounting & Governance Machine: Blockchain networks can also be described as distributed accounting machines, or supranational governance machines that are public and transparent. They provide a governance layer for the Internet. All network participants have equal access to the same data in (almost) real time. Transactions are collectively managed. They are transparent to all actors and can be traced back to their origin.

Decentralized & Autonomous Organization (DAO): The ledger is collectively managed by autonomous network nodes, which is why it is also heralded a new form of organizational infrastructure often referred to as Decentralized Autonomous Organization (read more: Part 2 - Institutional Economics & Governance of DAO; Part 4: Purpose-Driven Tokens.)

Block-explorer: Due to the public nature of the blockchain networks, everyone can run big data on the ledger, like tracking all token transactions, total network hash rate, token supply, and transaction growth, etc. However, while all the data on the ledger is public, few people have the skills to run advanced data analytics on the blockchain. Block-explorers are third-party applications that allow anyone to publicly explore all transactions of a particular network, like Bitcoin and other public blockchain networks. Block-explorers are like a dedicated search engine for blockchain-related data. However, this level of transparency also raises privacy-related issues. These privacy-related issues are being addressed with newer blockchain protocols that use more privacy-preserving cryptographic methods (read more: Part 3 - Privacy Tokens.)

Cryptoeconomics, Consensus & Proof-of-Work

The underlying challenge of a P2P network with a set of anonymous network nodes is how to deal with malicious network nodes in the absence of centralized parties securing the system. One must always assume that there will be bad actors trying to disrupt any open and public network. How can such a distributed network reach consensus about which data is correct or which is not correct, or which process is true or false in such an untrusted setup? This is referred to as the “Byzantine Generals Problem.” A malicious node, also called a byzantine node, can intentionally send wrong information to all other nodes involved in the consensus process. Byzantine failures are considered the most difficult class of failures in distributed networks. Reliable consensus mechanisms must be resilient against DDoS (Distributed Denial of Service) attacks, sybil attacks,[^1] and other cyber attacks. Before the emergence of Bitcoin, it was believed to be impossible to achieve fault-tolerant and attack-resistant consensus among untrusted nodes in a P2P network.


Why is it expensive to manipulate blockchain network transactions


For the first time in the history of distributed computing, the Bitcoin protocol introduced a mathematical solution to this problem with the introduction of “Proof-of-Work,” which made the economic cost of attacking the system disproportionate to the benefit of doing so. It sparked a new field of science around economic coordination games using cryptographic tools, also referred to as “Cryptoeconomics.” Cryptoeconomics can be defined as the study of economic interaction in untrusted environments, where every actor could potentially be corrupt. It is interdisciplinary, and requires a deep understanding of cryptography, economics, and P2P networks, and what motivates network actors. Public-private key infrastructure guarantees attack-resistant access control of one’s tokens. Hashing functions allow nodes to verify transactions that are done over the network. Both hashing functions and public-private key cryptography are also required for the economic coordination game called Proof-of-Work to reward miners for adding truthful transaction blocks to the ledger. Cryptoeconomic mechanisms can provide a security equilibrium to make the network fault tolerant, and attack and collusion resistant. This allows anonymous network nodes to reach consensus about the state of all network interactions. The Bitcoin network is the first practical instance of cryptoeconomics. It produces “trust by math” rather than “trust by legal contract.”

However, security depends on the resilience of the assumptions made on how network actors will react to economic incentives. How people react to incentives has long been a field of study in economics. Cryptoeconomics therefore has much in common with mechanism design, a field of economics related to game theory. Game theory analyzes strategic interactions, which are referred to as games. It tries to understand the best strategies for each player if both players maximize the best outcome for themselves. Mechanism design defines desirable outcomes and works backward to create a game that incentivizes players toward that desired outcome. While cryptoeconomics is interdisciplinary, it is a discipline that was predominantly developed in the computer science community. It seems that there is still much room to incorporate methods from various economic disciplines, and other disciplines (more in the next chapter and in Part 4 - Purpose-Driven Tokens).


Why is the ledger tamper resistant?


“Proof-of-Work” (PoW) is the consensus mechanism used in the Bitcoin network and similar blockchain networks to guarantee that a token transaction sent over the network is valid. The mechanism builds on the assumption that all network nodes could potentially be corrupt, and that the least common denominator is money. Proof-of-Work is designed in a way that (i) if you spend money and play by the rules, you can earn network tokens; (ii) it doesn’t pay to cheat because mining requires special-purpose computer hardware and consumes large amounts of power.

When tokens are sent over the network, each node in the network can propose new entries to be added to the ledger. These nodes validate transactions and compete with each other to solve a complex computational puzzle. In this process, they have to collect all recent network transactions, including some additional metadata, verify the transactions, guess a pseudo-random number (“nonce”), and run all the data through a cryptographic algorithm (SHA-256) to find the hash of the new block. This means that they have to perform computational work, which is the reason why this process is referred to as “Proof-of-Work.”

If a node is the first one in the network to find that hash value, it can add the block to its ledger and broadcast the hash value of the new block, including all block data, to the rest of the network. The other nodes can now verify the validity of the hash. If they accept this newly added block of transactions as valid, they add the new block to their copy of the ledger. Proof-of-Work is designed in a way that the hash is difficult to find, whereas the solutions can be easily verified as true. By participating in this race of finding the hash value, mining nodes collectively make sure that all transactions included in a block are valid. The winning node is rewarded with the “block reward” in the form of newly minted network tokens (plus potential transaction fees). This is why the process is referred to as “mining.” The hash of a validated block therefore represents the work done by the miner. At the time of publishing this book, the reward for successful block creation in the Bitcoin network is 6.25 BTC per block. The block reward gets reduced by 50 percent every 210,000 blocks, around every four years. The next “halving” of block rewards is in 2024.

Finding the correct hash value requires some work, in the form of the processing time of a computer, which is also referred to as “CPU cost function.” If a cheating miner were the fastest computer to find the hash, the rest of the network would not accept their block of transactions. The cheating miner would, therefore, not get the block reward, even though they invested computational power and energy. This is an economic measure to deter network attacks. A rational economic actor would, therefore, refrain from cheating the system, as this would result in sunk costs of energy and infrastructure investment. Through the backdoor of infrastructure and electricity costs, network attacks are made prohibitively expensive. A successful attack would require a lot of computational power, energy consumption, and time. Because of its computational intensity, the Bitcoin network is also very energy consuming.

The “difficulty” of finding that hash value, and therefore creating a block, adjusts over time in order to keep the interblock-time of 10 minutes[^2] relatively constant. It is adjusted periodically as a function of how much hashing power has been deployed by the network of miners. If blocks are created in less time than 10 minutes, difficulty increases. Likewise, if blocks take longer than 10 minutes to be created, difficulty decreases. Difficulty also increases with the level of competition—the number of other computers competing to validate a block.


How Blocks Of Transactions Are Chained


Network Nodes

The Bitcoin network is (i) open source, (ii) public, and (iii) permissionless. The open-source nature refers to the fact that anyone with adequate skills can contribute to the protocol in a public manner. Furthermore, anyone can take the code, modify it, and create their own version of a P2P payment network. “Public” refers to the fact that anyone can use the network as a payment system (user), and that anyone can download the protocol and the ledger and verify transactions (full nodes). “Permissionless” refers to the fact that anyone can download the protocol and the ledger and write transactions to the ledger (miners). In the Bitcoin Network, there are four types of nodes: full nodes, mining nodes, mining pools, and light nodes.

Full nodes manage the entire history of the Bitcoin network (the ledger) and validate new transactions as they are being added to the ledger. Anyone running such a full node can send and receive Bitcoin tokens, and verify the integrity of the transactions, without having to rely on any third party. Verifying transactions is a complementary function to Bitcoin mining. While Bitcoin mining is done almost exclusively on special-purpose hardware, a full node that only validates transactions can run on a regular home PC with standard processing hardware. In the early days of the Bitcoin network, everyone had to download the full ledger in order to be able to send transactions. Today, wallet software developers also offer the option of light nodes (see below).

Mining nodes (miners) compete for the right to create new blocks and add transactions to the ledger. They can “solo mine” or “pool mine.” If they mine alone, they need to maintain their own full copy of the ledger. The winning miners are rewarded with Bitcoin tokens for creating new blocks (block reward). The exact reward mechanism is specified in the protocol. In addition to the block reward, miners can also earn transaction costs. However, these transaction costs are not mandated by the protocol but can be demanded by a miner on the free market. Transaction fees usually increase when network traffic is high and the network becomes congested.

Mining Pools: Over the years, individual miners have begun to collaborate and form cartels of mining nodes. In a mining pool scenario, individual miners collaborate with other miners to write to the ledger and receive the block reward. The mining pool operator maintains a full node and the individual miners contribute their CPU (also referred to as hash-power). Using the cumulative hash-power of all individual miners, they can boost their chances to be the fastest computer to solve the puzzle and write a block of transactions to the ledger. However, the original Bitcoin white paper did not account for this form of collaboration amongst miners. The economic assumptions build on “simple game theory,” not “collaborative game theory.” As a result, the Bitcoin network has become a much more centralized system than originally intended. Some people therefore argue that the reality of Bitcoin’s consensus mechanism can be described as a “delegated Proof-of-Work,” and has become an oligopoly of a handful of mining pools, which might not reflect the original intentions of Bitcoin’s creator, Satoshi Nakamoto.

Light nodes were created for simplified payment verification (SPV) of smart-phone wallet applications. This is why they are also referred to as SPV-nodes or SPV-clients. As opposed to full nodes, they do not maintain the whole ledger, and only store copies of all the headers of all the transaction blocks. They cannot verify transactions autonomously, as they don’t have access to all information stored on the ledger. Light nodes rely on the information given out by other peers in the network who have access to all ledger data.

As opposed to mining nodes, full nodes don’t have a direct economic incentive to validate transactions. However, there are indirect incentives to run a full node instead of a light node. In the possible event of a protocol upgrade, running a full node is the only way to vote on how the network should upgrade. Another reason to run a full node is the higher degree of privacy since full nodes maintain the full ledger and all transaction data on their own device. This is quite different from how light nodes work. Light nodes rely on third-party servers to broadcast transactions to the network, which means that the servers of those third-party services know the transaction history of the light node.

Network Attacks

All entries on the ledger are read-only. Once a block of transactions is accepted by the network, it cannot be easily changed or removed. All blocks would have to be recomputed for that to happen, which would require the majority of the network participants to agree over such changes. An attacker would need to redo the computational work of all successor blocks, on the majority of the network nodes. This would require control over, or bribing of, the majority of the network nodes. Even if it would be possible to perform these computations within the block-creation period, the cost would be much higher than the rewards for attacking the network. While manipulation is possible, the mechanism is designed to make it infeasible.

These websites provide real-time information about how much it currently costs to attack different blockchain networks in a so-called “51% attack.” A Proof-of-Work network is safe as long as more than 50 percent of the work is being put in by miners who are honest. A “51% attack” happens when a single person or institution is able to control the majority of the hash rate or computing power to manipulate the network. In the ten-year history of Bitcoin, no manipulation by outside attackers has been successful.

A successful 51 percent attack could have the following impact: It would allow you to (i) change blocks by adding or removing transactions, which requires additional PoW (the older a transaction is, the harder an attack gets); (ii) censor participants and therefore transactions of these participants; (iii) send transactions and then reverse them; and (iv) change protocol rules.

What a 51 percent attack cannot do is change existing transactions or fake transactions, like: (i) changing the amount sent in an existing transaction; (ii) changing the recipient of an existing transaction; or (iii) sending someone’s tokens without their approval. This is because all transactions need to be signed with the private key of the token owner, which cannot be revealed by majority agreement of the network. Changing a detail in an existing transaction would render the ledger “illegitimate,” as a transaction without a valid signature would be in it. These types of manipulations can only be achieved by brute-forcing the private-keys of a network actor. Alternatively, one could also break the cryptographic algorithm (SHA) to attack the network, which is why it is essential to use cryptographic algorithms that have been properly stress-tested (read more: Part 1 - Token Security: Cryptography).


Blockchain Concept


Protocol Forks & Network Splits

In software engineering, “software forks” refer to the fact that any free and open-source software may be copied and modified without prior permission of the original development team and without violating copyright law. The term sometimes also refers to a split in the developer community of an existing project, rather than only the code. The open-source nature of public blockchain networks allows anyone to download the code, modify it, and start creating a separate network based on a distinct piece of code.

This way, one can either (i) create a new network from scratch by simply copying the existing codebase and modifying it to build a new network (“Zcash” and “Litecoin,” for example, are based on Bitcoin codebase), or (ii) fork an existing network, including the existing ledger and the community, into a different continuation for the sake of a protocol update. These protocol updates can cause a split of the network as a result of protocol upgrade disputes (as was the case with “Bitcoin Cash” and “Ethereum Classic”) or deliberate secession for economic reasons, which are often designed to extract economic value above any philosophical protocol discussions (as was the case with “Bitcoin Gold, “Bitcoin Diamond,” and “Bitcoin Platinum”). The types and rules of software forks depend on the formal and informal protocols of each network. The Bitcoin network and similar networks distinguish between “hard forks” and “soft forks:”

A “hard fork” is a type of protocol change that is not backward-compatible. Nodes that don’t update to the new version of the protocol won’t be able to process transactions. All nodes that validate transactions according to the old protocol will treat the blocks produced according to the new protocol as invalid. Nodes that want to adopt the new protocol will therefore need to upgrade their software.

A “soft fork is a type of protocol change that is backward-compatible. Nodes that didn’t update the protocol are still able to process transactions if they don’t break the new protocol rules. Blocks produced by miners running the upgraded protocol are accepted by all nodes in the network. Blocks produced by miners running the old version are rejected by the nodes running the new version of the protocol. If old-version miners get their blocks rejected by part of the network, they might be inclined to upgrade too. Soft forks are, therefore, a bit more gradual in their voting process than hard forks and take several weeks. If a majority of miners upgrade to the new protocol, it is referred to as a miner-activated soft forks (MASF). If full nodes coordinate, without support from the miners, it is referred to as a user-activated soft fork (UASF).

A split can occur when some nodes in the network continue to use the old protocol while all others use the new protocol. Technical protocol updates happen quite frequently, and don’t usually create too much controversy, especially when they involve minor technical upgrades. The shorter chain dies and the token has no market value. However, the short history of blockchain networks has shown that more politicized decisions on protocol upgrades can lead to a split in the network, where the minority chain has enough followers or political narrative to maintain an economy of its own. A key aspect of this is a split in brainpower of the developers that support one network or the other. As the community splits, developers often have to take a stance for one network or the other, which can result in a lack of necessary developer power. Miners also have to choose which network they continue supporting (read more: Part 2 - Institutional Economics & Governance of DAOs.).

In the case of a hard fork, anyone who owned tokens in the old network will also own an equivalent amount of tokens in the new minority network, which they can then sell or hold on to. This, however, requires at least one token exchange to list the new token of the minority network; otherwise, there is no market for the token of that network, and as a result, the network fades into oblivion. A politicized hard fork is a black swan event and could have a serious effect on the value of one’s tokens, depending on which network will gain traction in the long run. Examples of politicised hard forks that split the network are “Ethereum Classic” (ETC)[^3] and “Bitcoin Cash” (BCH)[^4]. As a result of these prominent forks of the Bitcoin network and Ethereum network, the question of governance has sparked an ongoing debate in the community, and seems to be one of the more prominent research questions for the years to come (read more: Part 2 - Institutional Economics of DAOs & On-Chain vs. Off-Chain Governance).

Furthermore, temporal splits in the network can happen accidentally, due to network latencies. If two miners find different solutions for the same block at the same time, which are both valid, it is possible for the network to temporarily split. When this happens, the nodes in the network have two alternative versions of the ledger on different parts of the network. This creates two parallel blockchain networks. The Bitcoin protocol has a provision to resolve these temporal splits so that only one branch of the network survives. In a Proof-of-Work network like Bitcoin, the network with the most "cumulative Proof-of-Work,” also referred to as “hashing power” or “network power,” is always considered the valid one by the network nodes. In this process, the winning ledger version gets determined by a majority “vote” of the network. Nodes vote for a version by upgrading the protocol (or not). The “length of the blockchain” refers to the network branch with the most cumulative Proof-of-Work, not the one with the most blocks.

Alternative Distributed Ledger Systems

The above mentioned forks are a result of protocol upgrades of an existing blockchain network, which all led to a split of the existing network nodes into two groups. Such a split can influence the market price of the network token, as both networks are smaller than the original network. Another form of fork would be a simple software fork typical for open-source projects. As Bitcoin’s codebase is open source, anyone can use this codebase as a template and create an alternative blockchain network by adapting some variables, parameters, or functions.

Over the years, the Bitcoin protocol has been modified hundreds of times to create alternative versions of Bitcoin that are either faster or more anonymous, such as “Litecoin” or “Zcash.” At some point, it became clear that a blockchain protocol provides an operating system that allows a group of people who do not know or trust each other to organize themselves around specific objectives, not only “money without banks.” Many projects, therefore, tried to modify the Bitcoin codebase to facilitate other types of P2P value transfers, like decentralized file storage without Amazon Web Services, as in the case of “Sia,” or social networks without Facebook, Twitter, and the like, as in the case of “Steemit.” The idea emerged to move away from single-purpose networks that only have one smart contract[^5], and instead create a protocol where you can perform any type of P2P value transaction over the same network. Some of the most interesting early projects were “Colored Coins” and “Mastercoin.” They used the Bitcoin token as a piggyback vehicle for any kind of value transfer or legal contract. Vitalik Buterin, who was involved in those projects for a short while, realized that these adaptations of the Bitcoin protocol were possible but not efficient or flexible enough. Subsequently, he introduced the idea of decoupling the smart contract functionalities from the processing functionalities of the network and started the Ethereum project. This allowed for a more flexible development environment than the Bitcoin network and other special-purpose blockchain networks. The Ethereum network, for the first time, introduced a decentralized network that allowed for the processing of any type of value transfer using smart contracts. These smart contracts can be easily created with a few lines of code, and are processed by the Ethereum network, without the necessity of creating your own special-purpose blockchain infrastructure. Unlike the Bitcoin network, which is designed for a single smart contract that settles P2P remittances, the Ethereum network is designed as a decentralized computer network on which any kind of smart contract can be processed using the Ethereum Virtual Machine (EVM) and any type of tokenized value can be transferred (read more: Part 2 - Smart Contracts, Part 3 - Tokens).

The emergence of Ethereum inspired many newer blockchain projects to develop similar smart contract networks. Examples of such projects include: “Cardano,” “Neo,” “EOS,” “Hyperledger Fabric,” “Ontology,” and many more. There are various factors that will be relevant for the assessment of their feasibility, such as technical, economic, and legal factors. It is still unclear which alternative solutions to the Ethereum network could become popular, and whether there will be a “winner takes all” scenario or a co-existence of multiple networks. For now, the Ethereum community seems to have the biggest traction, and the first-mover advantage with many developers, but this can change.

Furthermore, alternative distributed ledger systems have emerged with completely different types of consensus mechanisms, such as directed acyclic graphs (DAGs) that do not require the creation of a chain of blocks anymore, and instead use alternative cryptoeconomic mechanisms to reach consensus. Examples of networks that use DAGs as a consensus mechanism are “IOTA,” “Byteball,” or “Nano.”

On the other hand, private institutions like banks, insurance companies, and many supplychain-heavy industries realized that the concept of collective data management by a distributed ledger system could be a useful industry collaboration tool. As opposed to public and permissionless blockchain networks, the industry started to design “permissioned ledgers,” where all validators are members of an industry consortium, or at least separate legal entities of the same organization. However, the term “blockchain” in the context of permissioned and private networks is highly controversial and disputed. Critics question whether a permissioned ledger, where you have “trust by authority,” can be considered a blockchain network at all. Proponents of permissioned ledgers argue that the term “blockchain” applies to any distributed data structure where transactions are hashed as linked blocks, and therefore also to permission networks that batch transactions to a chain of blocks.

Public networks use cryptoeconomic mechanisms (trust by math) to keep the network safe with a consensus mechanism that incentivizes individual behavior (computation efforts) to achieve a collective goal. The incentive mechanism is tied to the network token. It is essential to make this network of untrusted actors safe from attacks and manipulation. Permissioned networks, on the other hand, are collectively managed by a set of network actors who know and trust each other and don’t need computationally intense consensus mechanisms like Proof-of-Work, and don’t need a token. Trust relies on the legal system and the reputation of known network actors (trust by legal contract). The least common denominator of these networks is the existence of a distributed ledger. This is why the term “distributed ledger” has emerged as a more general term to describe technologies that have derived from the Bitcoin network. They might be permissioned or permissionless, bundle transactions in chains of blocks or, as in the case of IOTA, not use a chain of blocks at all.

Blockchain protocols and similar distributed ledgers operate on top of the Internet and can be conceptualized in several components: (i) physical network: represented by a P2P network of computers that run the same protocol; (ii) protocol: defines the network rules and enforces them by consensus[^6] of all network nodes. This includes economic incentives tied to the native token; (iii) ledger: managing all assets in the form of a shared and public ledger of all transactions from the genesis block until today; (iv) identification & addressing: Assets belong to identities which need to be addressed so we can transfer values from one to another. These identities can be more or less anonymous, depending on the types of cryptographic algorithms used; in the case of the smart contract networks like Ethereum the (v) smart contracts manage the relationships of the involved actors, and represent the business or governance logic.

Alternative Consensus Mechanisms to PoW

Bitcoin’s Proof-of-Work is groundbreaking, but it comes at a cost. While it guarantees security in an untrusted network, it is slow, energy intense, and favors those who have more economic resources to spend. This is why many researchers and developers started to explore alternative consensus mechanisms to try to tackle some of Bitcoin’s major challenges. The research questions that need to be resolved are:

  • How do we reach consensus on one version of history that the majority accepts as true?
  • How can one align scarce natural resources (like electricity and CPU) with network resources to prevent malicious actors from spamming the system with bad behavior?
  • What are security risks and attack vectors?

Even though many different consensus algorithms are being experimented with, Proof-of-Work and Proof-of-Stake (PoS) are currently the most widely spread. However, it is important to note that blockchain networks using the same general consensus mechanism might have different specifications.[^7] The Bitcoin and Ethereum networks use different variations of Proof-of-Work.

The same is true for Proof-of-Stake, a consensus mechanism where only network actors who have a financial stake in the network can add the blocks to the ledger. As opposed to Proof-of-Work, validators don’t compete with each other to create a block of transactions. Instead of sacrificing energy to validate a block, users must prove they own a certain amount of the network tokens to generate a block. The tokens in your wallet represent your stake. There are many variations of Proof-of-Stake implementations.

Early Proof-of-Stake proposals assumed that those who have more stake in the system have a natural incentive to act in a truthful manner when validating transactions and writing blocks. It was assumed that token holders would have a natural interest in the long-term success of the network; otherwise, their stake in the system would devalue if they were to contribute in an untruthful manner. It was furthermore assumed that the more tokens one owns, the more one has at stake if the network is attacked. Voting rights were therefore designed proportional to the amount of network tokens held. However, there is a problem in the original Proof-of-Stake mechanism: as opposed to Proof-of-Work, where mining is costly, and it is therefore not smart to waste your energy on a fork that won’t earn you any money, Proof-of-Stake does not require computationally intensive work to create a block. It is assumed that the validator has nothing to lose but a lot to win.

The “Peercoin” network was the first project to introduce Proof-of-Stake. Other networks followed with their own variations of Proof-of-Stake, such as “Tendermint” (“Cosmos”), “Ouroboros” (“Cardano”), “Tezos,” “Dfinity,” “Nxt,” “BlackCoin,” “NuShares/NuBits,” and “Qora,” each of which have different properties. Some, like “Decred,” combine elements of both Proof-of-Work and Proof-of-Stake. The Ethereum project is planning to transition from Proof-of-Work to Proof-of-Stake with a hard fork (Casper). Ethereum developers have developed different proposals of how this should be done.

Delegated Proof-of-Stake (DPoS) is a variation of Proof-of-Stake, first implemented by “BitShares”. It is a more radical variation, a kind of representative democracy where token owners can transfer their vote to delegates to validate on their behalf. There are generally between 21 and 101 elected delegates that might be shuffled periodically or given an order to deliver their blocks in. These delegates can create blocks and prevent non-trusted parties from creating blocks. They cannot change transactions, but they can veto specific transactions from being included in the next network block. Different networks have adopted their own variation of DPoS, examples of which are “Steemit,” “EOS,” and “Lisk.” Instead of competing on validating blocks, each delegate has a time slot to publish their block. Token holders can withdraw their vote for a delegate, if delegates continually miss their blocks or publish invalid transactions. This partial centralization of block creation results in better transaction throughput (also referred to as “scalability”) than most other consensus mechanisms.

There are even more variations of Proof-of-Stake, most of which are only conceptual or have been implemented by one network only: “Leased Proof-of-Stake,” “Transactions as Proof-of-Stake,” “Proof-of-Importance,” “Proof-of-Capacity,” “Proof-of-Weight,” “Proof-of-Authority,” and “Proof-of-Elapsed-Time.”

Byzantine Fault Tolerance (BFT): Another group of consensus mechanisms are variations of Byzantine Fault Tolerance (BFT) like Federated Byzantine Agreements (FBA) as implemented by “Ripple” or “Stellar”, Practical Byzantine Fault Tolerance (pBFT) as implemented by “Hyperledger Fabric”, and Delegated Byzantine Fault Tolerance (dBFT) as used in “NEO.” Yet another group of protocols uses a combination of mechanisms, such as “Hashgraph” that combines asynchronous Byzantine Fault Tolerance with “gossip protocols” and “virtual voting” mechanisms.

Directed Acyclic Graphs: Furthermore, there is a whole series of protocols that use Directed Acyclic Graphs, such as “IoT Chain,” “Byteball,” “Nano” (Block Lattice), and IOTA (Tangle). The consensus mechanism of DAGs is fundamentally different from blockchains. Instead of bundling data together into blocks that are then confirmed one after another, Directed Acyclic Graphs require newly added data to reference and validate past data. Usually, each new transaction would have to reference and validate two transactions that came before. In doing so, the network comes to form a graph of converging and confirmed transactions. If a node incorrectly validates a past transaction, that node’s transaction would fail to be confirmed by other participants.

Explaining each of the consensus mechanisms listed above in detail is beyond the scope of this book and would require one or several dedicated publications. Literature on these protocols in the context of distributed ledgers is still scarce but growing. However, many of these protocols are still in a conceptual stage, without proper documentation. In many cases they are implemented by one project only, sometimes without being properly researched, or without having undergone the academic peer-review process.

With or without a Token?

With the advent of derived technologies using modified governance rules to the original Bitcoin protocol, it seems necessary to classify different distributed ledger systems. The main distinction is designed around the question of who is allowed to (i) validate transactions, (ii) write transactions to the ledger, and (iii) read transactions, and (iv) use the network. Depending on the type of ledger, the answer will vary. To keep things simple, we can say that in public networks, anyone can read, write, and validate transactions and use the network. Whereas in private networks, only invited members can read, write, and validate transactions and use the network. Hybrid variations are also possible. An example would be that validating and writing transactions is invite only, but reading (certain) transactions is public. In public and permissionless networks, all nodes participating in the consensus protocol are untrusted, as they are not known beforehand. Without the permission of a centralized entity, anyone can download the protocol and the current version of the ledger to:

  • Run a full node on their local device, validating transactions in the network.

  • Mine a block of transactions, adding data to the ledger, thus participating in the consensus process (Proof-of-Work) and earning network tokens in the process.

  • Send tokens through the network and expect to see them included in the ledger if the transaction is valid.

  • Use public block-explorer software to real all transactions-related data in the network, or conduct chain analysis (big data) on all blockchain-related data stored on a full node.

The consensus mechanism for such a setup has to account for maliciousness. The token is an essential component to make this network of untrusted actors attack resistant. While tokenized incentives make the untrusted networks safe, they also make them very slow. Public and permissionless networks can only handle a few transactions per second, which makes them unfeasible for large-scale applications with high transaction volumes. However, various technological solutions are currently being proposed and implemented to resolve these scalability issues (read more: Annex - Scalability Solutions).

Private and permissioned ledgers, on the other hand, have a federated setup with bilateral contractual agreements. It’s an invite-only members club. The network is not accessible to arbitrary participants. Members trust each other because they have bilateral contractual agreements with each other, and if anything goes wrong, they know who to sue. Permissioned ledgers, therefore, do not need a token to incentivize coordinated action, whereas it is integral to permissionless networks. The fact that the identities of all participating nodes are known beforehand provides a natural protection against “sybil attacks.” Private and permissioned ledgers can therefore settle many more transactions per second, as they don’t have to deal with an unknown amount of anonymous nodes. They also provide more privacy than current state-of-the-art public blockchain networks, since the ledger data is not publicly accessible. Permissioned ledgers are mostly being developed by industry consortia. Transaction verification is conducted by a pre-selected set of participants, for example, sixty financial institutions, each of which operates a node, and where forty must sign each block in order for the block to be valid. Depending on the industry and use case, the right to read data of the ledger may be public, partially public, or restricted to the participants.

While most blockchain literature makes a binary distinction between permissioned and permissionless ledgers, I would like to argue that there is no such thing as “100 percent permissionless.” Every consensus mechanism requires a minimum threshold of investment that one needs to make in order to be able to validate transactions or write to the ledger. However, most of the world population does not have the economic means to purchase a specialized hardware powerful enough to mine Bitcoin tokens. Even for a full node that only validates transactions in a public blockchain network, and does not require the same level of hardware investment as a mining node, one would need to invest in a regular PC. At the time of writing this book, buying a PC means that one would have to spend at least a few hundred EUR[^8] to validate transactions. While 500 EUR is not much money for an average European household, it surpasses the monthly income of a considerable part of the world’s population. Not to mention the costs needed for a mining computer.

Also, while for example a “Proof-of-Stake”–based consensus is public, it is not entirely permissionless. The consensus mechanism requires you to own a minimum amount of network tokens to be eligible to validate transactions. “Permissionless” is therefore a relative term that we cannot use in a binary way but rather as a gradient, ranging from “less permissioned” to “fully permissioned.” In such an early stage of distributed ledger systems, permissioned solutions can be useful in highly regulated industries that want to build on a distributed ledger but are subject to government regulation. Industry advocates claim that federated solutions can provide higher levels of efficiency and security and lessen fraud problems of traditional financial institutions. It is not very likely that private blockchains will revolutionize the financial system, but they can replace legacy systems, making the industry more efficient. Permissioned ledgers might also be one step toward a wider adoption of public and permissionless networks, once the underlying technology becomes more scalable and mature, and better understood by regulators.

It is unclear how the technology will pan out in the medium-to-long run. Some predict that permissioned ledgers might suffer the same fate as “Intranets” in the early 1990s, when private companies built their own private networks, because they were afraid to connect with the public Internet. Over time, this fear disappeared. Today, Intranets are used in very limited cases where high levels of security are required.


Public Ledgers vs. Private Ledgers


Use Cases & Applications

Blockchain networks and derived distributed ledger systems provide an infrastructure for rights management. Every process, task, and payment would have a digital record and signature that could be identified, validated, stored, and shared. Many tasks of intermediaries like lawyers, brokers, bankers, and public administrators might be replaced by distributed ledger systems. Individuals, organizations, machines, and algorithms can now interact with one another with little friction and a fraction of current transaction costs. This new infrastructure allows for many new applications, the most important of which are:

Transparency & control: Blockchain networks and other distributed ledgers allow more transparency and control along the supply chain of goods and services, including financial services that have been tokenized, which would resolve many questions around supply chain transparency, reduction of corruption, and more control over what happens to our private data.

Reduction of bureaucracy: Smart contracts and similar rights management solutions have the potential to reduce bureaucracy and the coordination costs of business transactions (read more: Part 2 - Smart Contracts).

Resolve principal-agent dilemma of organizations: Distributed ledgers also provide a global coordination tool for new types of decentralized and sometimes also autonomous organizations (read more: Part 2 - Institutional Economics & Governance of DAOs).

Tokens as the killer-app: Cryptographic tokens as an application of blockchain networks and derived ledgers might be as revolutionary as the emergence of the WWW, which allowed the creation of visually appealing web pages with just a few lines of code, and surfing the Internet by following links instead of using command-line interfaces. It has become just as easy to create a token with a few lines of smart contract code (read more: Part 3 & Part 4).

One of the biggest use cases of distributed ledgers is transparency and provenance along the supply chain of goods and services. Supply chains represent a complex network of geographically distant and legally independent entities that exchange goods, payments, and documents across a dynamic network. Their architecture is quite similar to blockchain networks, but as opposed to blockchain networks, all documents are managed in data silos. As a result, document handling systems along these supply-chain networks are often inefficient, have complex interfaces, and are cost intense. Sustainable behavior of companies and individuals alike is hard to track and not well rewarded. Buyers and sellers have little or no information about the provenance of the products they buy, including potential fraud, pollution, or human rights abuses.

Distributed ledgers allow a disparate group of network actors along a supply chain to exchange data seamlessly. Documents and transactions can be processed in almost real time, since auditing and enforcement can be automated, mitigating challenges such as multiple document copies and data inconsistencies. Tracking the provenance of goods and services along global supply chains can become much more feasible than today. Web3-based solutions can provide (i) more transparency of environmental impacts and (ii) origins, production type, and ingredients of the food we eat, and conditions under which the plants are grown or how animals are treated. Many companies and industry initiatives, such as “Provenance,” “Ambrosus,” “Modum,” “OriginTrail,” “Vechain,” “Wabi,” or “Wantonchain,” have started to implement Web3-based infrastructures to optimize their value chains, improve inefficiencies, free up working capital, and make goods and services more accessible. Such solutions, however, always need a combination of a set of technologies, including machine learning algorithms and data from the physical Web, the Internet of Things (read more: Part 2 - Smart Contract Oracles). Distributed ledger applications can also provide better accountability regarding human rights, such as general working conditions, child labor, or fair wages. Projects working on such solutions: “bext360,” “fairfood,” and “Namahe.” They can further be used to provide more control over our private data (read more: Part 1 - User-Centric Identities - Data Protection) and create P2P data markets (Ocean Protocol). While in theory this level of transparency of what happened to one’s private data could also be provided with current solutions, we would have to trust a centralized institution.

Chapter Summary

Blockchain networks are public infrastructures that collectively maintain a shared and distributed ledger, where immutable and encrypted copies of the information are stored on every computer in the network.

The ledger contains all transactions ever made. Transactions are stored in a tamper-proof fashion: alteration in a block will change the subsequent blocks. The ledger, stored on all the computers of the network, guarantees that each token is transferred only once. It acts as a digital notary, and a publicly verifiable timestamp.

All network participants have equal access to the same data in real time. Transactions processed by the network are transparent to all actors and can be traced back to their origin.

Unlike distributed databases, blockchains allow for distributed control, where different parties that do not trust each other can share information without requiring a central administrator. Algorithmic administration of business logic and governance rules, with consensus protocols and smart contracts provide for the next level of automation of our socio-economic activities.

The blockchain concept builds on the idea of P2P networks and provides a universal data set that every actor can trust, even though they might not know or trust each other. People and institutions who do not know or trust each other and reside in different countries, being subject to different jurisdictions, and who have no legally binding agreements with each other can now interact over the Internet without the need for trusted third parties like banks, Internet platforms, or other types of clearing institutions.

Ideas around cryptographically secured P2P networks have been discussed in the academic environment in different evolutionary stages since the 1980s. However, before the emergence of Bitcoin, there had never been a practical implementation of a P2P network that managed to avoid the double-spending problem, without the need for trusted intermediaries guaranteeing value exchange. The “double-spending problem” refers to the fact that in the current Internet, digital money, in the form of a file, can be copied, and copies of that same digital file can be sent from one computer to multiple other computers at the same time.

Consensus mechanisms, such as Proof-of-Work, allow for distributed control. They are based on the combination of economic incentives and cryptography. Applied game theory is used to reward network actors with a native network token. This reward mechanism is designed in a way that it is economically infeasible to cheat the network. It makes it exceedingly difficult to falsify the blockchain, due to the immense amount of computing power that would be required to do so.

As opposed to public and permissionless networks, permissioned networks are invite only, which means that all validators are members of a consortium.

“Distributed ledger” has emerged as an umbrella term used to describe technologies which distribute records or information among all those using it, whether permissioned or permissionless, and independent of their consensus mechanisms or data structures

Chapter References & Further Reading

Footnotes

[^1]: In an anonymous network, a so-called sybil attack is an attack where a single user could generate multiple entities (under pseudonyms) to influence the consensus process.

[^2]: The Bitcoin network, as a worldwide network of computers, has network latencies (delays in the processing of network data). To account for latencies, the Bitcoin protocol specifies that a block should be created every 10 minutes on average.

[^3]: The Ethereum hard fork resulted from “TheDAO” incident, where around 50 million USD was drained as a result of a vulnerability in the code. The hard fork, which retroactively censored the transaction that led to the drain, was highly politicized. Opponents of the hard fork insisted on the immutability of the ledger. As a result, the token of the minority network opposing the hard fork - Ethereum Classic - made history for being the first minority network token to be listed on an exchange.

[^4]: Increasing transaction fees on the Bitcoin network due to network congestion was the motivation for a proposal by some developers in the community to increase the block size in a protocol update that required a hard fork. The proposal faced considerable opposition by other network developers. After a two-year debate, the controversial hard fork was conducted in July 2017, and led to the formation of a new community with a different proposal, called Bitcoin Cash. On 1 August 2017, Bitcoin Cash began trading at about 240 USD, while Bitcoin traded at about 2700 USD.

[^5]: Smart contracts are computer programs that regulate, audit, and execute arbitrary rules of token transfer that have been written in the code. These rules are self-enforced by consensus of all computers in the network, the blockchain network (read more: Part 2 - Smart Contracts).

[^6]: “Consensus” is a term used in computer science that refers to how a distributed network of computers can agree on a specific that is needed during a distributed computation process, whereby a specified majority of network nodes must agree upon the same value that was proposed by at least one other node.

[^7]: Proof-of-Work in Bitcoin and Ethereum differ. Examples of such differences are: varying in type of hashing algorithms (SHA-256 vs. Ethash), varying average block time target (10 minutes vs. ~15 seconds), and varying payout schemes (only actual block producer vs. some non-accepted blocks are rewarded, e.g. Uncles).

[^8]: It is possible to run a full node on a Raspberry PI (an affordable mini computer) and an SD card, which would be less than 100 EUR. However, you still need a regular PC to download the full blockchain (at least BTC and ETH). Once the full ledger is downloaded, one can run a full node on a Raspberry PI.