On the Usefulness of Private Blockchains

Private blockchains are often compared to open or public blockchains. A lot of people do not even know the difference (yet), while open blockchains believers would say private blockchains are nothing more than a marketing tool, “snake oil”, with no real value. Is this really the case? There are already some very good materials for understanding this, but I would like to share my point of view which I haven’t read so far.
In the remaining I argue that even completely Private Blockchains have value as businesses can use them to tie their hands by committing contracts to the blockchain, effectively transferring control over some business’ rules to the blockchain. Therefore, it may become a commercial argument that some rules are now out of the company’s control, reducing uncertainty and risk for end-users.
Different types of blockchains
Let’s start by clarifying the distinction between blockchains’ type :
- Open or Public or Permissionless Blockchains : blockchains that are completely open, nobody has to do anything, and everybody can do everything. The consensus protocol needs to ensure consensus under any circumstance, and resist to any kind of attack, especially collusions.
- Permissioned Blockchains : a public blockchain with restriction access, especially around the validation process and consensus building. Consensus have to be built among a (usually) small cohort, also called members.
- Private Blockchains : Permissioned blockchain with only a single entity. Every user of this blockchain has to essentially trust the owner of the blockchain, and no consensus algorithm is needed.
A lot of people argue that the only true benefit of a blockchain is to remove trust in a system. While this is definitely a great advantage, is it really the only one?
All about trust…
If blockchains are indeed all about trust, then it rules out the need for private blockchains as there is still a trusted third-party, and permissioned blockchains could be tolerated to the extent that one believes some members of the cohort will not collude in some ways… but that is trust again ! The only completely trustless system is the open blockchain.
Regarding private blockchains, there are some advantages here and there in terms of security, absence of single point of failure, transparency, etc. However some argue that we can achieve those without a blockchain, if a trustless system is not required, and they are mostly right.
Can we still get characteristics of a trustless system with a private blockchain?
The notion of automated supervision or control is also embedded within blockchains. Using these properties and by properly designing the private blockchain characteristics it is possible to get trustless features in some cases. Let’s explore how.
A system of (absence of) control
One consequence of the consensus building algorithm attached to public blockchains is the tampered-proof property. Indeed, once the data (or block) has been accepted as part of consensus it cannot be modified. The process is actually a little more specific but we can safely say that when a block is buried deep down the blockchain, it will be almost impossible to change. This property is also somewhat present in the other kinds of blockchains to the extent that you believe the cohort (in the case of permissioned blockchains) or the owner (in the case of private blockchains) will not rewrite the chain…. because yes, they could ! Blockchain’s members or owner can tamper with data, but no one else, whereas for public blockchain no one can (actually 51% of the validation power could tamper with the blocks but it is believed to be so expensive that no one would). This is an important difference between open blockchains and the rest.
Tampered resistant blockchains (understand public blockchains) are a great way to get automated execution of contracts. Once a contract has been written on the blockchain, because the blockchain is tampered proof, the contract will never be modified and will be executed according to its terms, no matter what. This makes contract enforcers useless but also corrupted settlement impossible.
Use case : Charity donation by companies
I consider a use case that is “charity donations made by companies” to demonstrate my point. Let’s define it.
A company is willing to redistribute some of last year profits through charity donation. The company has 3 charities in mind but it wants its customers to decide which one is getting the donation. The company finds also important to be fair by giving customers an importance relative to the revenue generated, the more you buy, the more you matter in the decision process.
1st option : no blockchain
The company finds a way to collect information about each client regarding the amount spent and their charity choice. Whereas it is done through notes on a paper or an online platform, the idea is the same, that is, the company still have control on whatever charity it will make the donation (or even not making any donation at all), and all votes are private.
2nd option : public blockchain
The company could use the public blockchain in the following way. Similarly to loyalty programs, they give some tokens A (not actual value, these tokens will act as voting rights) to each client relative to the amount spent. They create a smart contract with 2 functions and they lock up some value (an valuable token like BTC or ETH for instance depending which blockchain it’s on, not tokens A) inside the contract. The input function takes 2 arguments, an amount of tokens A and the client’s choice among the 3 charities, and it modifies the contract state to record how many tokens are directed to each of the 3 charities. The output function is run at a specific time, and send the previously locked value to whichever charity has gathered the most vote, without human interference.
With this option, once the contract is part of consensus and value is locked up, the company cannot do anything but contemplate the contract making the donation to the winning charity. The rules are also transparent and can be easily checked by anyone. All votes are public, and pushing the contract to a public blockchain is a way for the company to credibly lose some control to the benefit of its clients.
3rd option: private blockchain
The company can also follow the exact same procedure but with a private blockchain. The difference is that now, the company, at any point in time, can rewrite the entire blockchain, modifying any transaction made by any client and then being able to send the money to any charity it wants (or even change the contract in a way that no money is sent at all).
So what’s the point of even using a private blockchain, right? I am about to argue that it (almost) does not matter whether the company uses a public or a private blockchain. Bear with me.
All about incentives…
With a private blockchain, the company’s manager can cheat, ok, but will she? In the blockchain space, but also in any situation, one should always ask about the incentives of someone to do something. Having the possibility to do something does not mean it will happen. Your employer can raise your salary tenfold tomorrow morning, but this will probably not happen because you employer probably do not have enough incentives to do so. You could rob a bank tomorrow but you (hopefully) wont because it might not be in your best interest.
Having the opportunity to do something does not mean it is the best strategy.
So, with a private blockchain the company can cheat, how about the incentive to cheat? To analyze the cheating incentives we need to assess : i) the benefit the company gets from cheating, ii) the probability of being caught, and iii) the punishment when being caught.
The benefit from cheating. Since no value is exchanged on this blockchain (only voting rights), the company cannot steal any value from its clients. By modifying the vote count, the company can influence the donation toward a specific charity. The company could even unlock the previously locked funds and make no donation at all. So at most, cheating saves the company the money it locked in the contract in the first place.
The probability of being caught. With a blockchain, whether it’s public, permissioned, or private, data is stored in a sequential order, cryptographically protected, with full reading permission for anyone (the writing permission is what’s controlled in the case of non-public blockchain). Since all blocks are ordered and linked together by their hash, it is fairly easy to monitor the chain for any outside party. Anyone could store a version of the chain, and keeps comparing the last hash to the one provided by the company’s servers. In case of mismatch at any point, it could go back and see which block differs, and expose the cheater by providing the old version of the chain. Monitoring cheating is not particularly hard, nor expensive. Assuming, enough people have incentives to monitor the private chain, the probability of being caught is fairly high.
The punishment when being caught. If the company is caught cheating it will destroy the confidence of their customers. The company will lose all its credibility, and it will not be able to use a private blockchain anytime soon. Being perceived as a cheater may also have bad consequences regarding revenues on its core business. The punishment when being caught is then fairly high.
Cheating incentives being low enough, it will most likely not happen in equilibrium.
In this particular case, we have the probability of being caught as well as the punishment when being caught cheating super high. If the benefit of cheating is incredibly high, the company might find it interesting to cheat, for instance if the amount lock in the private chain is high enough, or priced over the brand value and credibility (not likely though). More generally it wont be case, as the stakes are way too high. Tampering with the private blockchain does not make much sense here.
Conclusion
Through the use case, we were able to identify the pros and cons of private blockchains. More generally, this shows that the incentives play a key role when assessing the usefulness of a blockchain.
Regarding control and commitment, public blockchains are the extreme case in which no one can control what is on this kind of chain. With a private chain, the owner of the chain is able to do so, but whether he will or not depends on her incentives.
Private blockchains are useful when the incentive to cheat is low.
If the incentives to cheat is low enough it will be anticipated by the users, and the private chain will act like a public blockchain from the users point of view. Then it becomes interesting to know when this is the case.
When are incentives to cheat low enough?
The probability of catching a cheater does not really depends on any business related properties, it is embedded in the blockchains properties. The punishment when being caught cheating is related to brand values. So except a few very particular cases, like a monopoly on a market for which users really need the product (I don’t know of any good exemples for that though), the brand is a big part of the company valuation so no managers and no shareholders will ever want to decrease brand value.
The benefit of cheating depends on the content of the blockchain. The higher the benefit of cheating, the higher the incentive to cheat, the lower the usefulness of private blockchains. In the case of voting rights (like in the use case above), there are no real value attached to tokens so the benefit of cheating is quite low. By cheating the company could steal all the voting rights but not much more. In this case it is safe to assume that incentives to cheat are low. This will not quite work if someone were to run a private blockchain in which people would store value. In this case, depending on the value stored on the blockchain it might become better to cheat and steal everything even if it comes with a huge drop in brand value. Fortunately, private chains are not meant to store value.
Open blockchains work best as it removes the ability to cheat. But private blockchains through incitation mechanisms can find their use case.
Final word ! I think I made my point. Even if private blockchains can, in principle, be tampered, they can also be used as a commitment protocol for business that are willing to empower their clients. This works because the incentives can be designed so that it is way more costly to cheat than not cheat, which is exactly in the spirit of public blockchains.
Note on monitoring incentive: if private blockchains ever make it to the general public, monitoring them will become very important. I have no hard time imagining people (might they be users, competitors, or external parties) doing so. The bigger the brand, the higher the reward of exposing it. It should turn out to work well, once again for incentives reasons.
Note on permissioned blockchain: The same analysis can be made for what I defined as permissioned blockchains. The incentives in such a case will be slightly more complicated as it might be profitable for some members in the cohort to collude and try to rewrite some part of the chain. On top of incentives analysis between users and validators, one also needs to assert incentives among the blockchain’s members.
