Blockchain tokens have been around for a while, but only recently the market demand for them emerged. Before wide adoption is possible, many challenges are ahead, and technological maturity is one of them. In this article we will analyse which protocols have the capabilities to establish themselves as a standard for blockchain assets applications.
In 2009, with the release of the first Bitcoin software and the genesis block, Satoshi Nakamoto changed forever the way we can exchange monetary value. After it became evident that Bitcoin was not just an interesting experiment, but rather something that was here to stay, people started to think about ways to use the same technology to transfer generic non-monetary assets. The idea was to leverage the double-spending protections provided by Bitcoin’s proof of work to safely transfer generic tokens attaching metadata to Bitcoin transactions.
The first proposal for blockchain-based assets (at the time defined as “users’ currencies”) can be found as early as January 2012 with the so called “Second Bitcoin whitepaper”, presenting a first draft of the MasterCoin protocol. MasterCoin, later rebranded as Omni, was a first attempt to build a second layer protocol on top of Bitcoin to perform operations that the core Bitcoin protocol could not support due to the deliberate limitations of its scripting language. However, the project was not formally launched until July 2013, when the world first ICO to sell mastercoins took place. In the meantime people started to look for a cleaner way to achieve the same result without the excessive complexity of the MasterCoin proposal, and in September 2012 a first raw specification and implementation of the Colored Coin protocol, which basically aimed to track assets by “coloring” small amounts of bitcoins, was posted.
While there was a lot of interest in the concept from the very beginning, Colored Coin implementations and in general blockchain assets failed to gain significant adoption, besides a couple of successful issuances on MasterCoin and Counterparty (another protocol on top of Bitcoin). However, things changed with the launch of Ethereum. One of the main selling points of Ethereum during its ICO phase was the simplicity of issuing what at the time were defined as “sub-currencies” on top of its blockchain, and soon after its launch people started to play with it. In 2016, suddenly everybody was launching a coin on top of Ethereum, which, with the 2017 bull market, fuelled the infamous ICO mania. While there is no doubt that (almost?) all the Ethereum based ICO are either scams or terribly designed projects, their success has definitely validated the hypothesis that there is a market demand for tokens whose transaction validation can be delegated to a distributed blockchain network. For this reason, many other blockchain assets protocols, trying to replicate the success of Ethereum in attracting issuers, have been proposed. The scope of this article is to analyse a selection of those, to have an idea of what the future may look like in this field.
Why do we need blockchain assets anyway?
Before looking into some of the technological alternatives, it is necessary to ask ourselves if tokens on the blockchain really serve a legitimate purpose. So far, most of the non-native assets that have been issued on a blockchain are either utility tokens, which are terrible both for the investors and for the issuer due to a flawed incentive system, and non fungible collectibles, that, even assuming they can obtain a non null benefit from trustless transaction validation, probably have a not particularly relevant potential economic impact. Now most of the hype seems to have shifted to the so called security tokens, which are securities whose issuer decides to link to a token transacting a blockchain protocol.
You may argue that any asset whose value depends on factors external to the blockchain itself cannot benefit from the trustlessness that a blockchain is supposed to offer, losing therefore any advantage in using distributed transaction validation. A security, even if managed on a blockchain, is still centralized in nature, meaning that whether the right linked to a token will be honoured or not depends on the willingness of the issuer to do so, regardless of the events occurred on the blockchain. However, while it is true that a blockchain cannot recognise a non native agreement, neither can paper, and paper shares have been the main method to transmit equity rights for centuries.
What security tokens try to achieve is facilitating the creation of low friction secondary markets for securities, delegating the transaction validation to a distributed computing network. While the issuing and redeem phases will still be subject to KYC/AML frictions, if a secondary market takes place without any central party involved, there is nobody that can be considered accountable for enforcing privacy-harming regulation in the clearance of exchanges. Other advantages of blockchain-based security tokens can be found in the improved auditability that a blockchain could provide, and a better integration with the Bitcoin economy through atomic swaps and walleting software synergies.
It is still hard to evaluate the effective added value of the blockchain for securities, so the assumption of this article is simply that the benefits are greater than zero and therefore it makes sense to look at the technological alternatives that are coming to the market.
The problem with current solutions
Today, most economic value of tokens is managed either on Bitcoin, with the previously mentioned second layer protocol Omni layer, or on the Ethereum blockchain. The problem with the former is that it relies on old technology, and with the innovation that Bitcoin has seen in the past few years it is probably possible to build something better, while the latter, even though it managed to gain adoption and establish itself as a standard, presents some security and reliability concerns. Ethereum indeed, being a general purpose platform, does prioritise flexibility over security, a choice that caused multi-million dollars vulnerabilities in several smart contracts. Moreover, due to the enormous scaling challenges that it has to face, Ethereum is at risk of either having to further compromise the protocol security due to the increased cost of validating transactions, or jeopardize the reliability of the network due to transaction congestion (the Ethereum network has already been under severe pressure in the past during some popular ICOs).
Since Ethereum with the ICO hype managed to bring a lot of attention to blockchain tokens, nearly all competing chains are now looking for ways to steal market shares by proposing themselves as alternative asset issuance platforms. Many of such competing chains are backed by a foundation with ICO or pre-mine money, which will try to encourage projects to issue tokens on their platform. So, while I am expecting a lot of noise from almost every altcoin trying to establish itself as the new token platform, in this article we will try to focus on few more interesting alternatives.
The altcoin, the sidechain and the 2nd layer
What we are going to analyse now are not just three alternative protocols, in fact, they also represent three clusters of solutions. We are indeed going to look at a protocol running on an altcoin, a protocol running on a sidechain and a protocol running directly on top of Bitcoin as a 2nd layer.
Ravencoin: the altcoin for assets
Usually I wouldn’t even consider an altcoin to be a viable option for any production level project, as they are likely doomed to fail sooner or later, either due to lack of sufficient social scalability or due to the difficulty to preserve the network effect with a non monetary value proposition. However, in the short term altcoins could still be a viable option for assets applications because, being tokens centralised in nature anyway, in case of catastrophic failure of the chosen altcoin, unlike native coins they can technically be migrated to another network quite easily (ignoring possible legal complications of such operation) without serious consequences.
Of all the innumerable altcoins on the market, I chose to have a deeper look into Ravencoin as, compared to the others, it seemed more promising. Some of the aspects that made Ravencoin stand, compared to other alts, are (i) the lack of pre-mining or ICO (at least they didn’t scam investors right away), (ii) proof-of-work algorithm instead of proof-of-stake nonsense, (iii) forking of the Bitcoin code-base instead of developing weird new stuff, (iv) development team and community focused on asset issuance use cases (v) few notable entities (tZERO, Medici ventures) active in securities tokenisation applications heavily involved in the project and, last but not least, (vi) long time bitcoiner Bruce Fenton shilling Ravencoin on Twitter non stop for several months.
In its current state, Ravencoin basically introduced a new op_code for asset issuance and transfer called OP_RVN_ASSET which makes the user add metadata regarding an asset to a Ravencoin transaction, such as the asset name (yes, a human readable name on the blockchain, quite disappointing), amount of assets transferred, hash of an IPFS document and some other data.
This scheme has the advantage of being extremely simple, but presents a serious flaw: there is complete lack of privacy, which is something you may expect from a blockchain bootstrapped specifically for asset issuing applications. All the transactions are perfectly visible on the blockchain, it is quite easy just by looking at the blockchain to monitor asset holders activity, which may be unacceptable for many potential adopters of this technology. Since, for a blockchain observer, users transacting different assets are perfectly distinguishable from one another, the privacy set for each asset is ridiculously low. Moreover, as the human readable name is written on the blockchain, and has to be unique, they introduce the name squatting problem without any clear advantage.
Ravencoin is supposed to improve a lot in future versions and eventually maybe even fix the privacy problem, but the long term game probably won’t play in favour of Ravencoin. Given enough time, suitable solutions can be built on top of Bitcoin and reach maturity, without therefore requiring users to purchase the otherwise useless ravencoins just to issue and transfer tokens.
In general, having Ravencoin had the opportunity to redesign a blockchain from scratch for this very specific use case, it could have done better.
Liquid: a sidechain with confidentiality
A promising recently released platform to issue tokens on is the Liquid sidechain, developed by Blockstream. A sidechain is a parallel network to Bitcoin, still used to transact bitcoins (or, to be precise, tokens redeemable 1:1 for bitcoins), but with different validity rules and with the ability to move bitcoins between the sidechain and the main Bitcoin network back and forward.
In particular, Liquid is a federated sidechain, meaning that the block production to protect against double spending and the management of the pegging to Bitcoin are provided by a closed set of parties, rather than by an open Proof of Work process like in Bitcoin and most altcoins, creating therefore a security compromise. The reliability and the censorship-resistance of the network are inferior to Bitcoin, but on the other hand you get a faster transaction confirmation process and more flexibility to introduce new features.
Liquid was designed to become an alternative network to move bitcoins between exchanges, which actually makes sense because if you are a trader moving funds from an exchange to another that you both have to trust, there is no real advantage in using the completely trustless but inefficient Bitcoin blockchain to perform such transaction, and a federated sidechain is probably a good security-performance compromise.
However, the reason why Liquid is included in this article, is due to a feature later added to its design that let you issue generic assets on its sidechain. This not only is interesting because of the possibility to issue assets on a network that still uses bitcoin as monetary unit to pay for fees, avoiding therefore the need to purchase an otherwise useless altcoin, but also because Blockstream implemented a privacy protecting mechanism known as Confidential Assets, which allows to hide both the amount and the asset tag in any asset transaction. Confidential Assets is a scheme derived from Confidential Transactions, a way to hide the amount in the outputs of Bitcoin transactions while maintaining the ability to validate that the money spent actually exists, under however slightly weaker security assumptions. For assets issuance, confidentiality is particularly important as you do not wish for the entire network to know who owns which assets and when they are transferred, as it may also influence some market dynamics.
The main drawback of Liquid is that, being a federated network, it requires some trust toward the validators which, while geographically diversified, may still collude or be subject to law enforcement. However, asset issuance is already a centralised process since the issuer has to be trusted anyway to honour the rights linked to the blockchain tokens created, therefore introducing some elements of trust is less of an issue compared to monetary use cases.
RGB: committing tokens into Bitcoin UTXOs
If you want to issue some blockchain assets, but neither altcoins or sidechains are secure enough for you, and you consider old asset protocol on top of Bitcoin outdated, you may still have what you are looking for. RGB is a new protocol being developed on top of Bitcoin as a 2nd layer which, similarly to old Colored Coin protocols, uses its Proof of Work for transaction validation, but thanks to the implementation of some new technologies is much more scalable and offers better privacy than its predecessor.
RGB took inspiration from the Peter Todd’s concept of single use seals, and instead of “colouring” satoshis to represent assets, a sort of separate ledger is used to assign assets to existing or to be created Bitcoin UTXOs, whose transfers’ proofs are committed inside Bitcoin transactions for double spending protection. The proof of asset transfer is encoded in a Bitcoin transaction encrypted, and the decryption keys needed to audit all the assets transaction history are passed to the payee separately, in this way fully auditability is preserved while improving privacy and reducing validation costs (you only validate the transactions you are interested in, not the whole ledger).
To add privacy and scalability to the protocol, another interesting feature has been added to the design: the possibility of including the asset transfer proof commitment in the public key instead of using an OP_RETURN output. This is possible using a public key tweaking scheme known as pay-to-contract, which basically is a cryptographic trick that let you encode data in a public key without increasing the size of the public key itself. This not only means that less on-chain space is needed, but also that RGB transactions can be indistinguishable from normal Bitcoin transactions, improving the privacy benefits.
Thanks to the fact that the validation rules of an asset transaction are not enforced by the Bitcoin nodes (they just check Bitcoin validity rules) but by the RGB network, it is theoretically possible in the future to introduce issuing contracts that implement meta-script for complex executions or even further privacy enhancements like Bulletproof, while the most basic and popular use cases will be covered by highly standardized contract blueprints.
Moreover, the RGB protocol is technically compatible with the Lightning Network, as it is still possible to commit the asset transfer proof to a lightning transaction, leveraging its transaction replacement system to ensure that the most recent state of an off-chain “coloured” channel is the only one that can be settled on-chain. Since a single asset is unlikely to have enough liquidity to develop a functioning network of coloured payment channels, the only way RGB can really work off-chain is to have lightning nodes that will offer to exchange assets for bitcoins, making it possible to proceed on a path to the payee using bitcoin liquidity until, on the other side of the payment route, another exchange node is found and will convert bitcoins back to the desired asset. While very promising, such off-chain capabilities are still to be tested and will probably be feasible only for very popular assets with sufficient liquidity. Moreover, it is important to notice that routing among off-chain channels is possible only for fungible tokens, as non-fungible tokens cannot obviously be in more than one channel at the time.
Overall, RGB design seems to be the best alternative proposed for assets issuance, however it is still in a very early stage and the fact that it is using many technologies that are somewhat experimental themselves makes wallets integration more challenging.
Blockchain assets issuance utility still has to be validated and tested at scale, but in case the market demand for such tech truly emerges, multiple options are available. While altcoins present some serious drawbacks in insufficient network security, need to acquire an otherwise useless token and overall poor design (which is not inherent to the concept of altcoin, but still represents the current situation), federated sidechains and protocols on top of Bitcoin are a viable alternative.
In the short term, Liquid seems to be the most solid and best designed available solution, but the security trade-offs caused by the federation may be a concern for some use cases. On the other hand, RGB is still far away from maturity, but managed to design a potentially scalable protocol exploiting the best that Bitcoin has to offer at the moment, without therefore compromising the trustlessness of the transactions. It is also worth considering the Liquid, being an independent sidechain with a more centralised governance, will be able to innovate and introduce new technologies faster, while RGB is limited by the slower development of the Bitcoin base layer.
If you are looking for issuing blockchain assets, it is advisable to closely follow both protocols, and evaluate which one has the trade-offs more suitable for your needs.