Blockchain and cryptocurrency technologies are stimulating investment, business activity, and media attention, as well as passionate visions of industry disruption and societal transformation. As with the internet, this excitement creates dangerous blind spots. In my recent paper ‘The Siren Song: Algorithmic Governance by Blockchain,’ I explain that, to succeed at scale, blockchain-based networks and services must address the problem of governance. This work will appear as a chapter in ‘After the Digital Tornado: Networks, Algorithms, Humanity’ (Cambridge University Press, forthcoming September 2020).
The distinctive attribute of blockchains is to expand trust in a system as a whole by minimizing trust in specific authorities or intermediaries that may prove fallible. Blockchain networks execute transactions through smart contracts, which are securely self-executing software code. Contracts are a powerful means of generating trust because they backstop voluntary human commitments with formalized legal enforcement embodying the power of the state. Smart contracts are designed to offer a similar kind of confidence, backed by the cryptographic integrity of the blockchain ledger. Which is to say, blockchain is a legal or regulatory technology. It is a method of governance.
In The Odyssey, the hero Odysseus (or Ulysses) orders his men to lash him to the mast of his ship, and to fill their own ears with wax, to protect against the enchanting songs of the Sirens. Odysseus thus empowers himself to hear the music that would otherwise cause him to steer into deadly rocks. He does so, ironically, by radically disempowering himself and his sailors at that critical moment. At the heart of blockchain’s capability to decentralize trust is a similar strategy, known as ‘immutability’. ‘Immutability’ means that once a transaction has been incorporated into a validated block and added to the ledger, it cannot be altered.
This kind of guarantee is quite difficult to achieve in digital systems, whose records are naturally ephemeral and encoded in the universal language of binary ones and zeros. Blockchain systems enforce immutability by making every piece of information reflect the consensus agreement of a network of computers. Changing even the smallest fact means convincing a large percentage of the network to reconsider its settled transaction history. The algorithms of the consensus system are designed to make that exceedingly difficult. Blockchain applications invite users to trust the commitments they receive because no one retains the power to break them.
Immutability poses a novel set of legal and regulatory challenges. The illegitimacy or harm of certain actions may be well-established, but no one may have the ability to do anything about it. Moreover, serious problems emerge when the imperfect rationality implicit in credible commitments is implemented through the perfectly rational vehicle of computers executing smart contracts on a blockchain. The dark side to immutability is that valid transactions cannot easily be reversed on a blockchain, not that invalid or illegitimate ones cannot be. Immutability creates the potential for catastrophic failures with no clear means of remediation.
Three examples illustrate the problems with blockchain immutability. In the DAO hack, an attacker used a bug in the smart contracts of a decentralized crowdfunding application, potentially stealing $60 million of cryptocurrency. The only way to return the money to its rightful owners was to execute a hard fork that broke the immutability of the entire underlying Ethereum blockchain. The Parity wallet bug resulted in $150 million of cryptocurrency becoming permanently inaccessible when one user deleted a smart contract required to access it, allegedly to prevent exploitation of a security vulnerability. The abortive Segwit2x fork was an agreement to increase the capacity of the Bitcoin network, which partially failed when the human consensus around it collapsed. In each case, there was no workable governance process created ahead of time to coordinate actions of the relevant communities.
Such problems are inevitable in blockchain systems. Smart contracts cannot necessarily distinguish the scenarios for which immutability was designed from those where it causes harm. Contracts of any consequence are generally incomplete; that is to say, they do not precisely specify outcomes for every possible scenario. Smart contracts magnify this incompleteness. They can only express their terms in sharp-edged software code, eliminating the interpretive discretion of human judges and juries.
The best way forward is to incorporate governance systematically into the development and oversight of blockchain-based systems. Call it ‘governance by design,’ in homage to the increasingly prominent concept of ‘privacy by design.’ Given the structure of blockchains, governance cannot be an afterthought. Nor can it be limited to formalized voting on changes to network algorithms, as voting structures insufficiently address the diversity of governance challenges that can arise, as highlighted by the three examples provided earlier. Governance by design means recognizing that perfect immutability creates systems with unacceptable fragility. They work well until they don’t, and then they have no good means to recover.
Blockchain is a governance technology that balances on the knife edge of freedom and constraints. That challenge is as old as civilization. In working to overcome this challenge, we can learn from the ways that blockchain networks try—or don’t—to resolve the implicit tensions of immutability. Both theory and practice must play a role. There is no shortcut to designing governance mechanisms, watching how they operate in practice, and iterating based on their shortcomings.
Appropriately, that is also the lesson of Odysseus’ encounter. The Siren’s song that Odysseus hears is a shortcut to knowledge: ‘For lo, we know all things, all the travail that in wide Troy-land the Argives and Trojans bare by the gods’ designs, yea, and we know all that shall hereafter be upon the fruitful earth.’ The seductive appeal of the Sirens is the promise of wisdom without experience, just as the seductive appeal of the blockchain is trust through cryptography and economic incentives without human governance. Believing too strongly in either leads to disaster. Finding the proper balance is the road to valuable insight.
Kevin Werbach is Professor of Legal Studies & Business Ethics at the Wharton School, University of Pennsylvania.