Opinion: Is a Permissioned Blockchain an Oxymoron?
An exploration of permissioned (or private) blockchains and their value
“A permissioned blockchain is an oxymoron. The whole reason that the blockchain was invented is to make Bitcoin a decentralized and anonymous system in which everyone can come to the same arbitrary consensus about the history of Bitcoin.”
— Bitcoin researcher and Director of Research at Satoshi Nakamoto Institute, Daniel Krawisz
- In December 2015, Krawisz raised the argument, as stated above, in an interview.
- In October this year, we reached the 10th anniversary of Satoshi’s Bitcoin whitepaper (what we call the beginnings). In the last decade, we have seen growing interest from the enterprise world in permissioned blockchains.
- Deloitte’s 2018 Global Blockchain Survey of 1,053 global executives from 7 countries and 9 industries showed that 74% of all respondents report that their organizations see a “compelling business case” for the use of blockchain — and many of these companies are moving forward with the technology.
- An overwhelming percentage of these efforts are focused on permissioned blockchains: 52% of respondents said that their organizations are focusing on permissioned blockchains, 44% on private intra-company blockchains (also permissioned), 36% on consortium-type blockchains (also permissioned). See Figure 1 below.
So where do we stand?
Are permissioned blockchains really an oxymoron, and with it the ensuing argument that public chains are “better”?
Is there a role for permissioned blockchains, and under what circumstances?
Below are some of my thoughts penned on this topic, drawing from my experience working with companies to implement blockchain in their businesses (in complex supply chains & financial services); the active conversations of many luminaries in the active blockchain community whom I follow ever so closely and learn so much from (acknowledged at the end); and of course, the gentle but invaluable guidance from Professor Kevin Werbach at the Wharton School, and Professor David Crosbie from the Penn Engineering School.
Let us first define a few concepts for the sake of our discussion:
- Blockchain vs Bitcoin
The “blockchain” was first described in the Satoshi Nakamoto Bitcoin whitepaper in late 2008. The system combined individual cryptography, game theory and mathematical concepts in a novel and elegant way, even if these separate concepts already existed. The three main concepts were: distributed ledgers, consensus and smart contracts. Bitcoin was the name given to the digital currency/ token that ran within this system, functioning as a bearer instrument like cash.
Accordingly, we can understand Blockchain as the underlying technology of Bitcoin.
Blockchain described in the Bitcoin whitepaper was one that we came to classify as a “public blockchain”, in that there were no restrictions on who could participate, read/write/audit. The key proposal of Bitcoin was the creation of a system for electronic peer-to-peer payments without relying on trust in the conventional way, but based on cryptographic proof. It can be said that Bitcoin was created to circumvent traditional financial institutions, governments, or formal third parties involved in the payment rails, to be a new kind of money.
- Public Blockchains vs Permissioned Blockchains
Subsequently, two distinct kinds of blockchains emerged: Public Blockchains and Permissioned Blockchains (or Private Blockchains — I will use these two terms interchangeably).
In public blockchains, there are no restrictions on participation. All transactions are recorded and transparent to all. The software is freely available and open to all. The consensus mechanism of Proof-of-Work ensures the validity of transactions and keeps it secure. A token (like Bitcoin) serves as an economic incentive for miners. Without a cryptocurrency, there is no way to secure the public blockchain against Sybil attacks. Notable examples of public blockchains are Bitcoin, Ethereum.
In private or permissioned blockchains, an access control layer is built into the protocol — the network has control over who is permissioned to join the network and participate. It is crucial to recognize that private blockchains are still a class of distributed ledgers, has its own consensus mechanism and can house smart contracts. Private blockchains can have tokens, or not. Even if Proof-of-Work is not used in permissioned blockchains, there are other consensus algorithms utilized to validate blocks of transactions that may be Byzantine Fault Tolerant, such as Raft or Juno that work on a leader-follower model. Notable examples of private blockchains are R3’s Corda, IBM’s Hyperledger.
From this basis of understanding, we can analyze the topic at hand.
Krawisz argues,
“The whole reason that the blockchain was invented is to make Bitcoin a decentralized and anonymous system… The very concept of a permissioned blockchain invalidates the need for a blockchain. You could probably just use a MySQL database”.
His argument is thus two-fold:
1) That blockchain was invented to make Bitcoin decentralized — by extension, a private chain completely contradicts this, since it always still has a degree of centralization as the owner controls who may access and participate in the network;
2) The purposes and usage of the permissioned blockchain are simply like that of a central database, so why even bother using a blockchain?
Let us address the first issue.
We acknowledge the fact that blockchain was invented to support Bitcoin to become a decentralized and anonymous way to transact, bypassing existing centralized payment infrastructure. This is true as evidenced by what we lay out above within the Satoshi white paper. However, the world was captivated not only by Bitcoin, but also by the idea of Blockchain as a foundational technology that had applications yet to be explored, but were potentially larger than a singular purpose of decentralized peer to peer payment. (At least, I knew I was.) Even if we were to be accept that Bitcoin is the best and the original application of blockchain, the possibility of there being other applications of blockchain in various shapes and forms still cannot be denied.
Furthermore, tracing the development of public blockchains and private blockchains helps us realize that each were designed for different purposes altogether, so it’s not entirely fair that private blockchains are deemed as an oxymoron and not allowed to co-exist with public blockchains.
In fact, as Tim Swanson points out and rightly so, “the diminutive usefulness of permissionless systems for participants in the permissioned traditional financial system, on the part of Bitcoin, was not some kind of unanticipated shortcoming or design flaw, but a result of intentional choices by these systems’ designers who were quite clearly reacting to aspects of permissioned systems that they disliked… It is thus not so surprising that systems designed to circumvent the role of traditional financial institutions would not be as useful to traditional financial institutions.”
The second issue centers around the argument that a permissioned blockchain is no better than a centralized database.
Such a view has also been put forth and cited repeatedly by people in the community like Arvind Narayanan who argues that while it is true that adding signatures and hash pointers increase the security of a shared database, it is still very different from the level of security, irreversibility and censorship-resistance that is achieved by the public blockchain — so why not just use a regular replicated database? Narayanan’s conclusion is that the main thing blockchain has achieved for the financial industry is that, more than anything, it has created a “focal point for standardization” — banks are finally coming together on the same table to develop and deploy industry-wide standards, while not entirely justifying the use of blockchain. These are all valid viewpoints, though I do not necessarily agree.
Private blockchains actually enable a new kind of shared database, that under certain conditions can prove tremendously useful, and its results cannot be achieved by traditional shared databases.
If two or more parties wish to share a database which:
- no one controls,
- can be written by any party,
- can be relied upon by everyone,
- not broadcast to the whole world, and
- the parties do not trust each other ;
— currently, the only way to do so is to introduce a trusted central intermediary into the equation. As a result, in the financial industry, it is typical for each player to maintain their own copies of the data (for example, index data, trade data) and spend significant resources on reconciliation and reporting with the intermediaries and each other. These numbers are huge:
- Accenture estimates that blockchain-enabled technologies could save financial institutions up to 70% in reporting costs, 50% in compliance and onboarding costs, and 30% in infrastructure costs, thereby conservatively reducing operational expense for the world’s ten largest investment banks by $8 — $12 billion.
- Goldman Sachs sees $20 billion of cost savings accruing to US financial services if the technology were to be implemented to cash equities, leveraged loans, and KYC/compliance.
The reason why banks and other players like complex supply chains with need for provenance looked to permissioned blockchains with full seriousness was that there is currently no alternative for a cost-effective, elegant shared database in a low-trust environment.
As Gideon Greenspan from MultiChain puts forth, private blockchains are better than the best versions of a shared database on two features: Disintermediation (replacing the “trusted” intermediary) and Robustness (no single point of failure — no need for expensive infrastructure or disaster recovery); while shared databases are better at True Confidentiality and Performance (speed etc.). In business scenarios where disintermediation and robustness are more crucial than confidentiality and performance, private blockchains have a justified need. As I had mentioned earlier, examples like complex supply chains where there are no trusted parties and no possible trusted intermediaries to step-in could be applicable scenarios. One example could be the diamond industry, where even the “trusted intermediary” — the Kimberly Process and certification for diamond provenance is fraught with fraud and manipulation; and parties along the complex chain do not trust each other. (DeBeers has launched a project called Tracr that has taken off very well with AlRosa joining in recently).
Finally, let us be real.
Permissioned blockchains are essentially only feasible form of blockchains that can be used in a regulated industry like the financial industry that we see today — where data privacy (transaction details, trade information, parties) is paramount to the effective running of the industry. Banks also need to know identities of transacting parties so that compliance standards can be met in line with regulations. The truth is that permissioned blockchains are potentially useful in the regulated world we work in today, whereas, at least for now, public blockchains are simply not feasible.
Ultimately, private blockchains are only an oxymoron when blockchain technology is seen to be synonymous with Bitcoin. Indeed, this was the original proposition for the technology. On the first level, when seen in the light of a larger, multi-purpose foundational technology, a “private blockchain” ceases to be a true oxymoron in our minds. A blockchain can be private — why not? It would just achieve different purposes and function differently from public chains, but the two are technically similar in their key concepts. On the second level, private blockchains achieve some advantages of disintermediation and robustness simply not matched by the current state of technology for shared databases. Thus, they bring value to certain business contexts.
Thank you to the following resources!
1: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2844409 (Kevin Werbach, Trust by Verify)
2: http://www.ofnumbers.com/wp-content/uploads/2015/04/Permissioned-distributed-ledgers.pdf
4: https://www.accenture.com/gb-en/insight-banking-on-blockchain
5: James Schneider et al, Blockchain: Putting Theory into Practice, GOLDMAN SACHS EQUITY RESEARCH REPORT (May 24, 2016)
6: https://www.multichain.com/blog/2016/03/blockchains-vs-centralized-databases/
7: Deloitte, 2018 Global Blockchain Survey
