Building a better Blockchain — Untangling the Myths — Myth 2
In our second post in this series, we address the idea that a blockchain must be a permanent ledger. This is close to a truism in the blockchain community, but, it is not actually true. This post discusses two arguments for the necessity of chain permanence.
Assumption #1: the Genesis Hash provides security
Starting with a genesis hash allows a bitcoin node to build on sound foundations validating each block in turn till reaching consensus with the rest of the network. Without a genesis block nodes cannot be certain their chain is genuine. Even worse, no one can confidently identify the genuine chain.
A great way to test this in real-life is to ask people which bitcoin wallet they use and if they checked it uses the proper genesis hash. After several months of going through this exercise with some of the most prominent members of the bitcoin community, we’ve yet to have a single respondent ever answer in the affirmative. But even if they did, what would that prove? Beyond checking the hash itself, if someone really wanted to be secure they would also need to audit their source code to confirm that it was using the hash properly. And if they did that, did they audit their OS and their CPU?
Taken seriously, this thought experiment leads to the conclusion that the “genesis hash” is a security mirage. What provides security is not the genesis hash itself, but the integrity of the entire software package which includes the genesis hash and determines how it is used. Take the thought experiment a step further and ask whether one should prefer a wallet where one can trust the genesis hash but not the code, or a wallet that is guaranteed to work however one wishes, but that cannot include a genesis hash. Which would be more secure?
For any serious bitcoiner, the choice is obvious when framed this way. If you trust the hash but not the software, you have no guarantee of security. Your wallet could be doing anything. In contrast, if you trust your software you are guaranteed to end up on the proper chain even if your genesis hash is wrong or missing. A chain of hashes can be validated in multiple directions, after all, and different strategies can be used to confirm you are up-to-date, such as checking with multiple nodes to confirm you are properly synced. In a worst case scenario, a user missing a genesis hash could even brute-force their way through all candidate chains until they stumble across the one with the most accumulated proof-of-work.
Once we recognize that eliminating the genesis hash is possible assuming we trust our software (and we are forced to do that anyway!) it is a short leap to the realization that there is no additional security in having an embedded hash. There are minor economic benefits from distributing the download of blocks across the network, but these benefits only apply for a permanent ledger that will become too heavy for any single server to distribute: they do not ipso facto justify the existence of the permanent ledger in the first place.
Assumption #2: a blockchain needs “sound money” which requires a permanent ledger
If a blockchain does not have a permanent ledger, money on it can disappear. And then who will buy it? If no-one wants to buy it, who will use the network? If no-one is using the network how can it possibly pay for security. So it may be possible to create a blockchain with a transient ledger, but this blockchain will be useless. A blockchain requires a permanent asset and that means a permanent ledger.
This example may seem silly, but it was actually given to us by an engineer at Bitmain (apologetically, as if embarrassed at having to point out something simple). There is a subtle but interesting critique in the idea that unless tokens are permanent blockchains will not have the ability to survive.
To see what is wrong with this approach, start with a simple thought experiment: imagine a blockchain that does not charge fees to send messages. This blockchain could have any number of rules to determine what constitutes a valid transaction (i.e. only one transaction per block, and only a certain number of transactions per day, for instance) and it could still use proof-of-work to determine who has the right to produce blocks. We could even use it to send and receive money if we wanted: we just won’t pay any fees to the network. What exactly is the problem with this approach?
The problem is that without a way to earn fees for running the network, the computers doing all of the work will eventually drop out as the costs of supporting the network grows. In a fee-paying network like bitcoin, the fees guarantee the persistence of the network, but ensuring that as any one miner drops out it becomes more profitable for the ones that remain: the network remains decentralized because it is supported by economic forces that motivate people to run servers. And this is why our friend from Bitmain was not totally crazy. A blockchain needs a token that works like money, because the existence of fees are what support the persistence of a decentralized, and thus censorship-resistant network.
But now that we’ve clarified the point of fees — take another step back. Tokens given to server operators need to have value, but how long does this value need to exist? Would no-one buy bitcoin if its tokens were discarded after fifty years if left unspent? What if tokens only had probabilistic value? What if the network was not really a form of money in the first place?
This myth persists partly because people do not really understand the point of tokens in a blockchain network. They think that the point of the blockchain is to *be* money. The point of a blockchain is only to be a blockchain, and whether we want the tokens to be money depends on how we design the blockchain and the decisions we make. Put more simply, whether we adopt a permanent ledger (and/or how long a transient ledger persists) depends on what degree of asset permanence is desired in the network. As long as the network is useful (and people desire to use it to exchange messages) there will be demand for tokens and server operators will be able to liquidate their tokens in exchange for the resources to support the network.
So why is the World Wrong?
One of the most frustrating things about developing the Saito project is having to explain these basic concepts over-and-over again to people who consider themselves well-informed on blockchain. The worst candidates are usually VCs or other people in finance who are not ‘technical’. Technical people are usually quicker, and only need a nudge to get on the right direction. But it’s worth asking: why is so much convention wisdom wrong on this point?
We believe that the first reason is the unfortunate fact that most blockchain projects are motivated by a design to sell virtual tokens. It is easier to sell a token if it is designed to be accessible in perpetuity, and make no ambitious design decisions.
The second cause is the prevalence of Austrian economic concepts among blockchain supporters. The desire for “sound money” and suspicion of state-created currencies, them to believe that blockchains must be permanent because their preferred form of asset is permanent. This is a kind of backwards analogizing, but it is seductive because it flies the right ideological banners.
In future posts we will explain why the entire linkage between the length of a ledger and the permanence of its token is specious. A transient ledger can manage a permanent token just as easily as a permanent blockchain can manage a transient token. There are significant differences in design that make these competing systems useful for different purposes, not all of which necessarily involve exchanging money. We believe that this will be common knowledge within two or three years.