My journey to understand blockchain political systems continues.
Protocols as legislation
Blockchains make an effort to remove operational discretion from the nodes running their networks. The constraints aren’t total — within the margins of the constraints there are opportunities to profit — but they are significant, as they establish what kinds of state transitions are permissible.
Protocol constraints drive the “code is law” meme, though I prefer to describe blockchains as legislative to scope the idea more tightly. Blockchain nodes follow the edicts of the protocol, therefore protocol engineers have the power to legislate the behaviors of the nodes. This simplifies the network; rather than asking how the nodes are going to behave, we can ask how the protocol is going to behave. This also provides the kinds of guarantees necessary for cooperation to occur within a low-trust network.
Much like Tesler’s Law, there’s an inherent amount of political power that can never be removed but which can be moved around. In the case of blockchains, some of that power is moved from the nodes to the protocol development. Blockchain protocols get soft-forked, and sometimes they get hard-forked, and the how of that process is your legislative process.
My initial theory was that miners drove the legislative process. While engineers may propose changes, their adoption was incumbent on some majority of miners adopting the change.
My reasoning was straight-forward: as the forward progress of a blockchain depends on the creation of new blocks, then surely the nodes in charge of forward progress would be empowered to change the protocol. It also made analysis cleaner because you can roughly measure the mining power of one group as a % of the blocks they tend to produce. This is, however, wrong.
My first discovery that the miner-legislature was wrong came from reading Lyn Alden’s excellent Proof-of-Stake and Stablecoins: A Blockchain Centralization Dilemma, in which some history of the levers of power in Bitcoin are explained. Some further conversations illuminated further that miners are in fact in a very weak position to drive protocol changes, as their primary concern is gaining the financial benefit of a mined block. If they were to risk advancing a protocol change which wasn’t widely accepted, then their mined block might be lost along with its reward.
Who then holds the power, here?
The consensus of validators
A Philosophy of Blockchain Validation
But how much validation do we actually need? Do we need a hundred independent validating nodes, a thousand? Do we need…
I’m just going to quote a post by Vitalik, who covers this topic exceedingly well. (Hat tip to DC Posch for sharing the post with me.) First the introduction:
One of the most powerful properties of a blockchain is the fact that every single part of the blockchain’s execution can be independently validated. Even if a great majority of a blockchain’s miners (or validators in PoS) get taken over by an attacker, if that attacker tries to push through invalid blocks, the network will simply reject them.
How does this work?
Suppose that a powerful actor tries to push through a change to the protocol (eg. changing the issuance), and has the support of the majority of miners. If no one else validates the chain, this attack can very easily succeed: everyone’s clients will, by default, accept the new chain, and by the time anyone sees what is going on, it will be up to the dissenters to try to coordinate a rejection of that chain. But if average users are validating, then the coordination problem falls on the other side: it’s now the responsibility of whoever is trying to change the protocol to convince the users to actively download the software patch to accept the protocol change.
So what’s the political significance of this?
With blockchain applications […] we are using coordination problems to our advantage. We are using the friction that coordination problems create as a bulwark against malfeasance by centralized actors. We can build systems that have property X, and we can guarantee that they will preserve property X because changing the rules from X to not-X would require a whole bunch of people to agree to update their software at the same time.
So: validators are the ones controlling the rules of the network. If they reject a block, they’re making a statement that its not “in protocol.” Miners can try to produce blocks by new rules, but if those blocks aren’t accepted then the effort is wasted.
One way to think of this is that miners have a collective action problem: if there is any miner that’s willing to produce blocks according to the validators’ rules, then the validators’ chains will continue to make progress. Miners therefore need the validators to push a protocol change.
All of Vitalik’s post is worth reading, but there’s one other observation I want to highlight:
[W]hat are we actually accomplishing by validating? To understand this, let us go back to an earlier point. If an attack happens, I would argue that we have the following preference order over how the attack goes:
default to failure > default to chaos > default to victory
The “>” here of course means “better than”. The best is if an attack outright fails; the second best is if an attack leads to confusion, with everyone disagreeing on what the correct chain is, and the worst is if an attack succeeds. Why is chaos so much better than victory? This is a matter of incentives: chaos raises costs for the attacker, and denies them the certainty that they will even win, discouraging attacks from being attempted in the first place. A default-to-chaos environment means that an attacker needs to win both the blockchain war of making a 51% attack and the “social war” of convincing the community to follow along. This is much more difficult, and much less attractive, than just launching a 51% attack and claiming victory right there.
The goal of validation is then to move away from default to victory to (ideally) default to failure or (less ideally) default to chaos. If you have a fully validating node, and an attacker tries to push through a chain with different rules, then the attack fails. If some people have a fully validating node but many others don’t, the attack leads to chaos. But now we can think: are there other ways of achieving the same effect?
To summarize, Vitalik is arguing that validators control the definition of the protocol. This makes intuitive sense: a validator is ensuring that the state transitions are valid according to the protocol. Validators won’t propagate invalid state transitions, so forward progress depends on them as much as it depends on the miners.
Lyn Alden makes the same case in their post about Bitcoin and the blocksize wars.
At one point in 2017, over 80% of miner processing power, the biggest maker of bitcoin mining equipment, prior lead developers of Bitcoin, and a large number of major custodians and exchanges including Coinbase and Grayscale, were in favor of increasing the block size with an upgrade called SegWit2x (not to be confused with the normal SegWit update). That’s an overwhelming amount of support among the corporate-level players in the industry, or as they described themselves in their New York Agreement, they were “a critical mass of the bitcoin ecosystem”.
And yet, they failed.
The existing developers and most importantly the majority of the individual node operators [the validators] were not on board with the plan, and so along with multiple other reasons, it was aborted.
So it looks like blockchains are driven by validator-legislatures… right?
We’re making progress by understanding the importance of validators, but this doesn’t answer all of the questions I have. Here’s some inevitable followups:
- What percent of validators need to accept a change for it to be considered
“active?” This question is only relevant for soft-forks, since soft-forks can co-exist among non-implementing nodes, while hard-fork blocks definitionally can’t co-exist.
- Can we even quantify a percentage of validators? How do I know that 1000 responding nodes aren’t all controlled by one entity? What does this mean for measuring political consensus?
- Are some validators more important than others? (Lyn Alden points out in their article that stablecoins and exchanges are pretty darn important.)
At best, we know that validators are involved in the process of changes being accepted. We have no idea what their involvement will mean in practice. Do some of them make a noise, but get shouted down by… some others? Who are they? Thus we can ask things like:
- How actively are validators engaging in the political process? Are they just auto-updating their clients? That would mean their power is delegated to the client developers, and the most valuable levers of power are the repos.
- When a hard-fork happens, how do we collectively agree which chain is the chain? When the DAO-hack correction fork occurred, the community seemed to agree that the new chain was Ethereum and the old chain was Ethereum Classic. How does that work? Is it dictated by control of a trademark?
These are the questions we need to answer if we’re going to understand the rules to make the rules.
Blockchain as State
Why does this matter to me? Can’t we just view blockchains as digital infrastructure that’s disrupting the more traditional services, like Bitcoin disrupting Paypal. If so, isn’t this just inside baseball about how these projects are being developed?
I might make that case if blockchains were experienced transactionally. If the full extent of using Bitcoin was sending $N over a packet, then it would simply be a protocol for sending dollarydoo packets.
But blockchains are not experienced transactionally: You purchase/receive their currency and then hold the currency in their ledger. This means their function is not just to facilitate trade but to persist the records of ownership. Factor in the decentralized operation of these ledgers and I think the closest analogy is to nation states.
Ryan Sean Adams and David Hoffman make this case really well in their podcast episode, Defining the Metaverse. They make the observation that maintaining property ledgers is one of the most core functions of a nation state, and that’s precisely the purpose of a blockchain.
They make a number of other interesting observations that makes the episode listen-worthy; the one area I disagree is that they assert blockchains lack the power/monopoly of violence, whereas I think censorship of transactions or removal of digital property are the digital form of violence, and that power does exist — and can even be legislated on a case-by-case basis.
The consent of the governed
With this framing, I think the fundamental concern of a blockchain is to establish its political legitimacy.
In this regard, the players have had mixed results. Bitcoin’s initial success might be attributed to how tightly it scoped the powers of operational governance — an appealing pitch to techno-libertarians who were raging against the 2008 financial crisis and the ensuing bailouts. The second-order effects of this philosophy then capped their success — as scammy and scummy behavior rose, the hands-off philosophy actively harmed adoption by us normies.
NFTs are likewise a glorious self-own. They demonstrate a blockchain’s capability to maintain a property ledger, but ignore any assurance of authenticity for the property claim, leading people to point to stolen jpegs and draw comparisons to star-name registries. I think it’s fair to point out that some people pay attention to provenance and will distinguish between NFTs which were original works and those which are not, and pricing is meant to reflect that knowledge, but I’m not sure that matters much. If the goal is to establish political legitimacy, then the endless anti-Web3 articles are hard to measure as a win.
The value of any state has to be regarded in its sum total. I’m not likely to move to Blockchainistan if street crime is rampant, no matter how good their GUI is for registering my house’s title. Some people regard the DAO-hack fork as a violation of the principles of Ethereum; I have to wonder if it was an act of wisdom. If you view a blockchain as a digital state, then good governance is necessary — if you want to gain any political legitimacy.
That said, we should also consider the tendency of the state to expand, as was observed in the Bankless podcast episode. If we’re going to risk giving birth to the digital leviathan, then we better be building a big digital cage too. It’s entirely possible that this digital state will be embedded in our lives someday.
Thus my obsession with the rules to make the rules.