Interoperability as a critical design choice for central bank digital currencies


Working paper available at SSRN

Abstract: Interoperability is a key economic and technical consideration for payment systems. This paper explores the implications of interoperability for central bank digital currencies (CBDCs). CBDCs are digital representations of central bank money. A critical question is how those digital representations can interoperate with other CBDCs, private blockchains, and permissioned blockchains. By comparing prevailing CBDC interoperability models with interoperability in blockchain ecosystems, the paper finds that CBDC architectural choices are deeply intertwined with policy choices in a way not yet understood by the scholarly and policy literature. Widely discussed CBDC policy questions (such as whether a CBDC should be retail or wholesale, whether interest should be paid on CBDC holdings, and how privacy should be protected) are better understood as choices around interoperability. The paper concludes by connecting the CBDC policy debate to a parallel debate about fiat-backed stablecoin architecture and governance.

Why a US crypto crackdown threatens all digital commerce

Australian Financial Review, 10 August 2022

The US government’s action against the blockchain privacy protocol Tornado Cash is an epoch-defining moment, not only for cryptocurrency but for the digital economy.

On Tuesday, the US Treasury Department placed sanctions on Tornado Cash, accusing it of facilitating the laundering of cryptocurrency worth $US7 billion ($10.06 billion) since 2019. Some $455 million of that is connected to a North Korean state-sponsored hacking group.

Even before I explain what Tornado Cash does, let’s make it clear: this is an extraordinary move by the US government. Sanctions of this kind are usually put on people – dictators, drug lords, terrorists and the like – or specific things owned by those people. (The US Treasury also sanctioned a number of individual cryptocurrency accounts, in just the same way as they do with bank accounts.)

But Tornado Cash isn’t a person. It is a piece of open-source software. The US government is sanctioning a tool, an algorithm, and penalising anyone who uses it, regardless of what they are using it for.

Tornado Cash is a privacy application built on top of the ethereum blockchain. It is useful because ethereum transactions are public and transparent; any observer can trace funds through the network. Blockchain explorer websites such as Etherscan make this possible for amateur sleuths, but there are big “chain analysis” firms that work with law enforcement that can link users and transactions incredibly easily.

Tornado Cash severs these links. Users can send their cryptocurrency tokens to Tornado Cash, where they are mixed with the tokens of other Tornado Cash users and hidden behind a state-of-the-art encryption technique called “zero knowledge proofs”. The user can then withdraw their funds to a clean ethereum account that cannot be traced to their original account.

Obviously, as the US government argues, there are bad reasons that people might want to use such a service. But there are also very good reasons why cryptocurrency users might want to protect their financial privacy – commercial reasons, political reasons, personal security, or even medical reasons. One mundane reason that investment firms used Tornado Cash was to prevent observers from copying their trades. A more serious reason is personal security. Wealthy cryptocurrency users need to be able to obscure their token holdings from hackers and extortionists.

Tornado Cash is a tool that can make these otherwise transparent blockchains more secure and more usable. No permission has to be sought from anyone to use Tornado Cash. The Treasury department has accused Tornado Cash of “laundering” more than $US7 billion, but that seems to be the total amount of funds that have used the service at all, not the funds that are connected to unlawful activity. There is no reason to believe that the Tornado Cash developers or community solicited the business of money launderers or North Korean hackers.

Now American citizens are banned from interacting with this open-source software at all. It is a clear statement from the world’s biggest economy that online privacy tools – not just specific users of those tools, but the tools themselves – are the targets of the state.

We’ve been here before. Cryptography was once a state monopoly, the exclusive domain of spies, diplomats and code breakers. Governments were alarmed when academics and computer scientists started building cryptography for public use. Martin Hellman, one of those who invented public key cryptography in the 1970s (along with Whitfield Diffie and Ralph Merkle), was warned by friends in the intelligence community his life was in danger as a result of his invention. In the so-called “crypto wars” of the 1990s, the US government tried to enforce export controls on cryptographic algorithms.

One of the arguments made during those political contests was that code was speech; as software is just text and lines of code, it should be protected by the same constitutional protections as other speech.

GitHub is a global depository for open-source software owned by Microsoft. Almost immediately after the Treasury sanctions were introduced this week, GitHub closed the accounts of Tornado Cash developers. Not only did this remove the project’s source code from the internet, GitHub and Microsoft were implicitly abandoning the long-fought principle that code needs to be protected as a form of free expression.

An underappreciated fact about the crypto wars is that if the US government had been able to successfully restrict or suppress the use of high-quality encryption, then the subsequent two decades of global digital commerce could not have occurred. Internet services simply would not have been secure enough. People such as Hellman, Diffie and Merkle are now celebrated for making online shopping possible.

We cannot have secure commerce without the ability to hide information with cryptography. By treating privacy tools as if they are prohibited weapons, the US Treasury is threatening the next generation of commercial and financial digital innovation.

Reliable systems out of unreliable parts

Amsterdam Law & Technology Institute Forum, 27 July 2022. Originally published here.

How we understand where something comes from shapes where we take it, and I’m now convinced we’re thinking about the origins of blockchain wrong.

The typical introduction to blockchain and crypto for beginners – particularly non-technical beginners – gives Bitcoin a sort of immaculate conception. Satoshi Nakamoto suddenly appears with a fully formed protocol and disappears almost as suddenly. More sophisticated introductions will observe that Bitcoin is an assemblage of already-existing technologies and mechanics – peer to peer networking, public-key cryptography, the principle of database immutability, the hashcash proof of work mechanism, some hand-wavey notion of game theory – put together in a novel way. More sophisticated introductions again will walk through the excellent ‘Bitcoin’s academic pedigree’ paper by Arvind Narayanan and Jeremy Clark that guides readers through the scholarship that underpins those technologies.

This approach has many weaknesses. It makes it hard to explain proof-of-stake systems, for one. But what it really misses – what we fail to pass on to students and users of blockchain technology – is the sense of blockchain as a technology for social systems and economic coordination. Instead, it comes across much more like an example of clever engineering that gave us magic internet money. We cannot expect every new entrant or observer of the industry to be fully signed up to the vision of those that came before them. But it is our responsibility to explain that vision better.

Blockchains and crypto are the heirs of a long intellectual tradition building fault tolerant distributed systems using economic incentives. The problem this tradition seeks to solve is: how can we create reliable systems out of unreliable parts? In that simply stated form, this question serves not just as a mission statement for distributed systems engineering but for all of social science. In economics, for example, Peter Boettke and Peter Leeson have called for a ‘robust political economy’, or the creation of a political-economic system robust to the problems of information and incentives. In blockchain we see computer engineering converge with the frontiers of political economy. Each field is built on radically different assumptions but have come to the same answers.

So how can we tell an alternative origin story that takes beginners where they need to go? I see at least two historical strands, each of which take us down key moments in the history of computing.

The first starts with the design of fault tolerant systems shortly after the Second World War. Once electronic components and computers began to be deployed in environments with high needs for reliability (say, for fly-by-wire aircraft or the Apollo program) researchers turned their mind to how to ensure the failure of parts of a machine did not lead to critical failure of the whole machine. The answer was instinctively obvious: add backups (that is, multiple redundant components) and have what John von Neumann in 1956 called a ‘restoring organ’ combine their multiple outputs into a single output that can be used for decision-making.

But this creates a whole new problem: how should the restoring organ reconcile those components’ data if they start to diverge from each other? How will the restoring organ know which component failed? One solution was to have the restoring organ treat each component’s output as a ‘vote’ about the true state of the world. Here, already, we can see the social science and computer science working in parallel: Duncan Black’s classic study of voting in democracies, The Theory of Committees and Elections was published just two years after von Neumann’s presentation of the restoring organ tallying up the votes of its constituents.

The restoring organ was a single, central entity that collated the votes and produced an answer. But in the distributed systems that started to dominate the research on fault tolerance through the 1970s and 1980s there could not be a single restoring organ – the system would have come to consensus as a whole. The famous 1982 paper ‘The Byzantine Generals’ Problem’ paper by Leslie Lamport, Robert Shostak and Marshall Peace (another of the half-taught and quarter-understood parts of the origins of blockchain canon) addresses this research agenda by asking how many voting components are needed for consensus in the presence of faulty – malicious – components. One of their insights was cryptographically unforgeable signatures makes the communication of information (‘orders’) much simplifies the problem.

The generation of byzantine fault tolerant distributed consensus algorithms that were built during the 1990s – most prominently Lamport’s Paxos and the later Raft – now underpin much of global internet and commerce infrastructure.

Satoshi’s innovation was to make the distributed agreement system permissionless – more precisely, to join the network as a message-passer or validator (miner) does not require the agreement of all other validators. To use the Byzantine generals’ metaphor, now anyone can become a general.

That permissionlessness gives it a resilience against attack that the byzantine fault tolerant systems of the 1990s and 2000s were never built for. Google’s distributed system is resilient against a natural disaster, but not a state attack that targets the permissioning system that Google as a corporate entity oversees. Modern proof-of-stake systems such as Tendermint and Ethereum’s Casper are an evolutionary step that connects Bitcoin’s permissionlessness with decades of knowledge of fault tolerant distributed systems.

This is only a partial story. We still need the second strand: the introduction of economics and markets into computer science and engineering.

Returning to the history of computing’s earliest days, the institutions that hosted the large expensive machines of the 1950s and 1960s needed to manage the demand for those machines. Many institutions used sign-up sheets, some even had dedicated human dispatchers to coordinate and manage a queue. Timesharing systems tried to spread the load on the machine so multiple users could work at the same time.

It was not long before some researchers realised that sharing time on a machine was fundamentally a resource allocation problem that could be tackled by with relative prices. By the late 1960s Harvard University was using a daily auction to reserve space on their PDP-1 machine using a local funny money that was issued and reissued each day.

As the industry shifted from a many-users, one-computer structure to a many-users, many-distributed-computers structure, the computer science literature started to investigate the allocation of resources between machines. Researchers stretched for the appropriate metaphor: were distributed systems like organisations? Or were they like separate entities tied together by contracts? Or were they like markets?

In the 1988 Agoric Open Systems papers, Mark S. Miller and K. Eric Drexler argued not simply for the use of prices in computational resource allocation but to reimagine distributed systems as a full-blown Hayekian catallaxy, where computational objects have ‘property rights’ and compensate each other for access to resources. (Full disclosure: I am an advisor to Agoric, Miller’s current project.) As they noted, one missing but necessary piece for the realisation of this vision was the exchange infrastructure that would provide an accounting and currency layer without the need for a third party such as a bank. This, obviously, is what Bitcoin (and indeed its immediate predecessors) sought to provide.

We sometimes call Bitcoin the first successful fully-native, fully-digital money, but skip over why that is important. Cryptocurrencies don’t just allow for censorship-free exchange. They radically expand the number of exchange that can occur – not just between people but between machines. Every object in a distributed system, all the way up and down the technology stack, has an economic role and can form distinctly economic relationships. We see this vision in its maturity in the complex economics of resource allocation within blockchain networks.

Any origin story is necessary simplified, and the origin story I have proposed here skips over many key sources of the technology that is now blockchain: cryptography, the history and pre-history of smart contracts, and of course the cypherpunk community from which Bitcoin itself emerged. But I believe this narrative places us on a much sounder footing to talk about the long term social and economic relevance of blockchain.

As Sinclair Davidson, Jason Potts and I have argued elsewhere, blockchains are an institutional technology. They allow us to coordinate economic activity in radically different ways, taking advantage of the global-first, trust-minimised nature of this distributed system to create new types of contracts, exchanges, organisations, and communities. The scale of this vision is clearest when we compare it with what came before.

Consider, for instance, the use of prices for allocating computer time. The early uses of prices were either to recoup the cost of operation for machines, or as an alternative to queuing, allowing users to signal the highest value use of scarce resources. But prices in real-world markets do a lot more than that. By concentrating dispersed information about preferences they inspire creation – they incentivise people to bring more resources to market, and to invent new services and methods of production that might earn super-normal returns. Prices helped ration access to Harvard’s PDP-1, but could not inspire the PDP-1 to grow itself more capacity.

The Austrian economist Ludwig von Mises wrote that “the capitalist system is not a managerial system; it is an entrepreneurial system”. The market that is blockchain does not efficiently allocate resources across a distributed system but instead has propelled an explosion of entrepreneurial energy that is speculative and chaotic but above all innovative. The blockchain economy grows and contracts, shaping and reshaping just like a real economy. It is not simply a fixed network with nodes and connections. It is a market: it evolves.

We’ve of course seen evolving networks in computation before. The internet itself is a network – a web that is constantly changing. And you could argue that the ecosystem of open-source software that allows developers to layer and combine small, shared software components into complex systems looks a lot like an evolutionary system. Neither of these directly use the price system for coordination. They are poorer for it. The economic needs of internet growth has encouraged the development of a few small and concentrated firms while the economic needs of open-source are chronically under-supplied. To realise the potential of distributed computational networks we need the tools of an economy: property rights and a native means of exchange.

Networks can fail for many reasons: nodes might crash, might fail to send or receive messages correctly, their responses might be delayed longer than the network can tolerate, they might report incorrect information to the rest of the network. Human social systems can fail when information is not available where and when it is needed, or if incentive structures favour anti-social rather than pro-social behaviours.

As a 1971 survey of the domain of fault tolerant computing noted “The discipline of fault-tolerant computing would be unnecessary if computer hardware and programs would always behave in perfect agreement with the designer’s or programmer’s intentions”. Blockchains make the joint missions of economics and computer science stark: how to build reliable systems out of unreliable parts.

On Coase and COVID-19

With Darcy WE Allen, Sinclair Davidson and Jason Potts. European Journal of Law and Economics volume 54, page 107–125 (2022)

Abstract: From the epidemiological perspective, the COVID-19 pandemic is a public health crisis. From the economic perspective, it is an externality and a social cost. Strikingly, almost all economic policy to address the infection externality has been formulated within a Pigovian analysis of implicit taxes and subsidies directed by a social planner drawing on social cost-benefit analysis. In this paper, we draw on Coase (1960) to examine an alternative economic methodology of the externality, seeking to understand how an exchange-focused analysis might give us a better understanding of how to minimise social cost. Our Coasean framework allows us to then further develop a comparative institutional analysis as well as a public choice theory analysis of the pandemic response.

Published here. Working version available at SSRN or in PDF here.

Trust and Governance in Collective Blockchain Treasuries

With Darcy WE Allen and Aaron M Lane. Available at SSRN

Abstract: Blockchain treasuries are pools of digital assets earmarked for funding goods and services within a blockchain ecosystem that have some public purpose, such as protocol upgrades. Ecosystem participants face a trust problem in ensuring that the treasury is robust to opportunism, such as theft or misappropriation. Treasury governance tools, such as expert committees or stakeholder voting, can bolster trust in treasury functions. In this paper we use new comparative economics to examine how treasury governance mechanisms minimise different types of costs, thereby bolstering trust. We interpret case studies of innovative treasury governance within this framework, finding that the costs shift throughout the lifecycle of an ecosystem, and those subjective costs are revealed through crisis. These changes lead ecosystem participants to choose and innovate on treasury governance.

A better design for defi grant programs

With Darcy WE Allen

The blockchain and defi sector should understand more about how real world grant giving bodies function. Nowhere is this clearer than in the recent debate about UniSwap and its new $20 million Defi Education Fund.

In the real world, grant giving is a lot like venture finance. It is an entrepreneurial activity involving the discovery of new information, new opportunities, and new ideas. It helps realise those opportunities and ideas and is rewarded for doing so.

The fact that grants are done with a for-purpose goal while venture finance is done with a for-profit goal only makes a difference at the margin. The best grant giving bodies in the world work very hard to ensure that the custodians of funds have incentives tightly aligned to the overall objectives of the body. Some even use external independent auditors to see whether grants align to objectives, and penalise the program’s management if they do not. These rules bind the grant makers, allowing the grant seekers to innovate and discover how best to achieve the programs objectives.

Admittedly, it can be sometimes hard to see the entrepreneurial and discovery nature of grant programs. Academic research grants tend to be highly bureaucratic processes with layers of committees and appointed experts collating and judging grant proposals at arms-length from the funders.

But ultimately this bureaucracy has a purpose. Those systems of rules might seem inefficient, but they have been designed to align the dispersal of funds with the objectives of the fund. In the case of the Australian Research Council, all those committees are intended to fulfil the objectives of the Department of Education’s scientific mandate through discovery and investment. (Let’s not get hung up about how effective these government programs are.)

At the other end of the spectrum is Tyler Cowen’s Emergent Ventures grant program, where almost all decision-making is Cowen’s judgement. But this too is a structure designed to align objectives with fund dispersal. The objectives of the fund are to allow Cowen to use his knowledge to support “high-risk, high-reward ideas that advance prosperity, opportunity, and wellbeing” — and by all accounts the program is an incredible success.

Two approaches to defi grants

Right now we broadly have two models of grant giving in the defi space. The first is small centralised grant committees. These tend to be small groups of authoritative community leaders with near absolute control of large treasuries assessing and granting funds to desirable projects. These leaders may be elected or appointed, but either way they are using their authority in the community to legitimate their decisions. They may have a deep understanding of their ecosystem and its funding needs. An obvious problem with this is the risk that committee leaders opportunistically fund projects based on personal relationships, rather than ecosystem value.

The alternative model — and the most common one — is putting all grant proposals up to a vote of all relevant stakeholders, that is, holders of a governance token. Designing structures for effective collective decision-making is one of the hardest problems in political science. It is no surprise that some decision-making in the nascent blockchain governance world have been controversial.

But there’s a fundamental problem with this democratic model to grant making: it makes very little sense to believe that a full distributed democratic community can make the sort of entrepreneurial decisions that we expect from both venture finance and grant giving bodies themselves. Why would we expect a diverse, pseudonymous community of governance token holders to coordinate around extremely uncertain entrepreneurial decisions?

Throwing every proposal to a mass vote is the worst of all worlds. First, every proposal ultimately becomes a public vote about the objectives of the program itself. Should the treasury’s funds be used for marketing, or research, or to build new infrastructure? Grant recipients, and the ecosystem that relies on them, are left with inconsistency and unpredictability.

Second, there is little reason to believe that a mass vote will reveal the best investments. Highly decentralised voting may protect against opportunism, but it isn’t likely to surface information about entrepreneurial investment opportunities — exactly what is needed for successful grant-giving. This precise information-revelation problem is the motivation and intuition between mechanisms such as quadratic fundingfutarchy, and commitment voting.

A better grant program design

This is a solvable problem. Treasuries should give budgets to individual ‘philanthropists’. Those philanthropists then make entrepreneurial investments to align the compensation of those entrepreneurs with the success of their invested projects.

The full set of tokenholders sets the objective of the grant program, or an individual round. These objectives would shift as a given ecosystem and the broader industry develops — for instance from funding oracle feeds, to bridging infrastructure, to policy change. Grants are broken into funding rounds. The length of those rounds, say a year or two, must be long enough that there are observable outcomes from grant projects. Rounds could be sequential or overlap.

Each round, a set of philanthropists (say, five) are chosen (elected or appointed) and given discrete budgets. The number of philanthropists for a given round could also be decided by all tokenholders.

Once the funds are dispersed to each philanthropist, they run separate and independent grant programs. They must have credible autonomy: with their own rules, their own application processes, and their own interpretation of the objectives of the overall grant program.

At the end of the round, the full set of tokenholders rank each of the five philanthropists according to how successful (how much value was added, how closely they aligned to objectives) their grants were. The philanthropists are compensated for their work based on that ranking, with the top-ranked getting the most reward.

In this way the grants program is designed to both fund projects, and to incentivise decision-making philanthropists to do a good job.

Our proposal drives the same sort of competitive, entrepreneurial energy that we see in venture finance into defi grant distribution.

Through grant program design we can encourage effective decision-making through feedback loops, while maintaining decentralisation (the risk that philanthropists will behave badly is limited to the length of a grant round) and giving philanthropists a personal stake in the success of the grants that they have distributed (encouraging them to support and shepherd them to fruition).

Grant program design matters a lot

It might be easy to dismiss grant program design as a sideshow in the blockchain industry, marginally interesting but ultimately not a central part of the success of any particular protocol. It would be wrong to do so.

Analogies in blockchain are difficult. But if DAOs are like corporations, then grant programs are how they do internal capital allocation — and as Alfred D. Chandler Jr. has shown, internal capital allocation has determined the shape of global capitalism. Alternatively, if blockchain ecosystems are like countries with governments, then when we talk about grant programs we’re talking about public finance — they are how we pay for public goods and deploy scarce resources in a democratic context.

Ultimately, the sustainability and robustness blockchain ecosystems require effective use of resources. The success of grant programs will form a critical part of the success of blockchain and dapp protocols. They should seek to harness the same entrepreneurial energy and effort that has driven the rest of the blockchain industry.

Towards a Digital CBD

With Darcy Allen and Jason Potts

The COVID-19 pandemic is both a public health crisis, and a digital technology accelerant. Pre-pandemic, our economic and social activities were done predominantly in cities. We connected and we innovated in these centralised locations.

But then a global pandemic struck. We were forced to shop, study and socialise in a distributed way online. This shock had an immediate impact on our cities, with visceral images of closed businesses and silent streets.

Even after COVID-19 dissipates, the widespread digital adoption that the pandemic brought about means that we are not snapping back to pre-pandemic life.

The world we are entering is hybrid. It is both analogue and digital, existing in both regions and cities. Understanding the transition is critical because cities are one of our truly great inventions. They enable us to trade, to collaborate, and to innovate. In other words, cities aggregate economic activity.

The Digital CBD project is a large-scale research project that asks: what happens when that activity suddenly disaggregates? What happens to the city and its suburbs? What happens to the businesses that have clustered around the CBD? What infrastructure do we need for a hybrid digital city? What policy changes will be needed to enable firms and citizens to adapt?

Forced digital adoption

This global pandemic happened at a critical time. Many economies were already transitioning from an industrial to a digital economy. Communications technologies had touched almost every business. Digital platforms were commonly used to engage socially and commercially. But the use of these technologies was not yet at the core of our businesses, it sat on the sidelines. We were only on the cusp of a digital economy.

Then COVID-19 forced deep, coordinated, multi-sector and rapid adoption of digital technologies. The coordination failures and regulatory barriers that had previously held us back were wiped away. We swapped meeting rooms for conference calls, cash for credit cards, pens-and-paper for digital signatures. There had been a desire for these changes for a long time.

These changes make even more frontier technologies suddenly come into view. Blockchains, artificial intelligence, smart contracts, the internet of things and cybersecurity technologies are now more viable because of this base-level digital adoption.

Importantly, this suite of new technologies doesn’t just augment and improve the productivity of existing organisations, they make new organisational forms possible. It changes the structure of the economy itself.

Discovering our digital CBD

Post-pandemic, parts of our life and work will return to past practices. Some offices will reopen, requiring staff to return to rebuild morale and culture. And those people will also flood back into CBD shops, bars and restaurants. They will, as all flourishing cities encourage, meet and innovate.

But of course some businesses will relish their new-found productivity benefits – and some workers will guard the lifestyle benefits of working from home. Many firms will never fully reopen their offices and will brag about their remote-work dynamic culture.

The potential implications for cities, however, are more complex. Cities will fundamentally have different patterns of specialisation and trade than a pre-pandemic economy. Those new patterns are enabled by a suite of decentralised technologies, including blockchains and smart contracts, that were already disrupting how we organise our society.

We can now organise economic activity in new ways. CBDs have historically housed large, hierarchical industrial-era companies. As we have written elsewhere, decentralised infrastructure enables new types of organisational forms to emerge. Blockchains industrialise trust and shift economic activities towards decentralised networks.

How do these new types of industrial organisation change the way that we work, and the location of physical infrastructure? What are the policy changes necessary to enable these new organisations to flourish in particular jurisdictions?

Economies and cities are fundamentally networks of supply chains, and that infrastructure is turning digital too. The pandemic has accelerated the transition to digital trade infrastructure that provides more trusted and granulated information about goods as they move. How can we ensure that these digital supply chains are resilient to future shocks? What opportunity is there for regions to become a digital trade hub?

Another impact of digital technology is that labour markets just became more global. The acquisition of talented labour is no longer bounded by physical distance. Our collaborations are structured around timezones, rather than geography.

Labour market dynamism presents unique opportunities, but will also require secure infrastructure both to validate credentials and to facilitate ongoing productivity. How can Melbourne, a world-class cluster of universities, place itself for this new environment?

A research and a policy problem

Building a digital CBD is fundamentally an entrepreneurial problem—a problem of discovering what these new digital ways of coordinating and collaborating look like. Our Digital CBD research program contributes to this challenge with insights from economics, law, political science, finance, accounting and more. We aim to use this interdisciplinary research base to make policy recommendations that help our digital CBD to flourish.

Building a grammar of blockchain governance

With Darcy Allen, Sinclair Davidson, Trent MacDonald and Jason Potts. Originally a Medium post.

Blockchains are institutional technologies made of rules (e.g. consensus mechanisms, issuance schedules). Different rule combinations are entrepreneurially created to achieve some objectives (e.g. security, composability). But the design of blockchains, like all institutions, must occur under ongoing uncertainty. Perhaps a protocol bug is discovered, a dapp is hacked, treasury is stolen, or transaction volumes surge because of digital collectible cats. What then? Blockchain communities evolve and adapt. They must change their rules (e.g. protocol security upgrades, rolling back the chain) and make other collective decisions (e.g. changing parameters such as interest rates, voting for validators, or allocating treasury funds).

Blockchain governance mechanisms exist to aid decentralised evolution. Governance mechanisms include online forums, informal polls, formal improvement processes, and on-chain voting mechanisms. Each of these individual mechanisms — let alone their interactions — are poorly understood. They are often described through sometimes-useful but imperfect analogies to other institutional systems with deeper histories (e.g. representative democracy). This is not a robust way to design the decentralised digital economy. It is necessary to develop a shared language, and understanding, of blockchain governance. That is, a grammar of rules that can describe the entire possible scope of blockchain governance rules, and their relationships, in an analytically consistent way.

A starting point for the development of this shared language and understanding is a methodology and rule classification system developed by 2009 economics Nobel Laureate Elinor Ostrom to study other complex, nested institutional systems. We propose an empirical project that seeks conceptual clarity in blockchain governance rules and how they interact. We call this project Ostrom-Complete Governance.

The common approach to blockchain governance design has been highly experimental — relying very much on trial and error. This is a feature, not a bug. Blockchains are not only ecosystems that require governance, but the technology itself can open new ways to make group decisions. While being in need of governance, blockchain technology can also disrupt governance. Through lower costs of institutional entrepreneurship, blockchains enable rapid testing of new types of governance — such as quadratic voting, commitment voting and conviction voting — that were previously too costly to implement at scale. We aren’t just trying to govern fast-paced decentralised technology ecosystems, we are using that same technology for its own governance.

This experimental design challenge has been compounded by an ethos and commitment to decentralisation. That decentralisation suggests the need for a wide range of stakeholders with different decision rights and inputs into collective choices. The lifecycle of a blockchain exacerbates this problem: through bootstrapping a blockchain ecosystem can see a rapidly shifting stakeholder group with different incentives and desires. Different blockchain governance mechanisms are variously effective in different stages of blockchain development. Blockchains, and their governance, begin relatively centralised (with small teams of developers), but projects commonly attempt to credibly commit to rule changes towards a system of decentralised governance.

Many of these governance experiments and efforts have been developed through analogy or reference to existing organisational forms. We have sought to explain and design this curious new technology by looking at institutional forms we know well, such as representative democracy or corporate governance. Scholars have looked to existing familiar literature such as corporate governance, information technology governance, information governance, and of course political constitutional governance. But blockchains are not easily categorised as nation states, commons, clubs, or firms. They are a new institutional species that has features of each of these well-known institutional forms.

An analogising approach might be effective to design the very first experiments in blockchain governance. But as the industry matures, a new and more effective and robust approach is necessary. We now have vast empirical data of blockchain governance. We have hundreds, if not thousands, of blockchain governance mechanisms, and some evidence of their outcomes and effects. These are the empirical foundations for a deeper understanding of blockchain governance — one that embraces the institutional diversity of blockchain ecosystems, and dissects its parts using a rigorous and consistent methodology.

Embracing blockchain institutional diversity

Our understanding of blockchain governance should not flatten or obscure away from its complexity. Blockchains are polycentric systems, with many overlapping and nested centres of decision making. Even with equally-weighted one-token-one-vote blockchain systems, those systems are nested within other processes, such as a github proposal process and the subsequent execution of upgrades. It is a mistake to flatten these nested layers, or to assume some layers are static.

Economics Nobel LaureateElinorOstrom and her colleagues studied thousands of complex polycentric systems of community governance. Their focus was on understanding how groups come together to collectively manage shared resources (e.g. fisheries and irrigation systems) through systems of rules. This research program has since studied a wide range of commons including cultureknowledge and innovation. This research has been somewhat popular for blockchain entrepreneurs, in particular through using the succinct design principles (e.g. ‘clearly defined boundaries’ and ‘graduated sanctions’) of robust commons to inform blockchain design. Commons’ design principles can help us to analyse blockchain governance — including whether blockchains are “Ostrom-Compliant” or at least to find some points of reference to begin our search for better designs.

But beginning with the commons design principles has some limitations. It means we are once again beginning blockchain governance design by analogy (that blockchains are commons), rather than understanding blockchains as a novel institutional form. In some key respects blockchains resemble commons — perhaps we can understand, for instance, the security of the network as a common pool resource — but they also have features of states, firms, and clubs. We should therefore not expect that the design principles developed for common pool resources and common property regimes are directly transferable to blockchain governance.

Beginning with Ostrom’s design principles begins with the output of that research program, rather than applying the underlying methodology that led to that output. The principles were discovered as a meta-analysis of the study of thousands of different institutional rule systems. A deep blockchain-specific understanding must emerge from empirical analysis of existing systems.

We propose that while Ostrom’s design principles may not be applicable, a less-appreciated underlying methodology developed in her research is. In her empirical journey, Ostrom and colleagues at the Bloomington School developed a detailed methodological approach and rule classification system. While that system was developed to dissect the institutional complexity of the commons, it can also be used to study and achieve conceptual clarity in blockchain governance.

The Institutional Analysis and Development (IAD) framework and the corresponding rule classification system, is an effective method for deep observation and classification of blockchain governance. Utilising this approach we can understand blockchains as a series of different nested and related ‘action arenas’ (e.g. consensus process, a protocol upgrade, a DAO vote) where different actors engage, coordinate and compete under sets of rules. Each of these different action arenas have different participants (e.g. token holders), different positions (e.g. delegated node), and different incentives (e.g. to be slashed), which are constrained and enabled by rules.

Once we have identified the action arenas of a blockchain we can start to dissect the rules of that action arena. Ostrom’s 2005 book, Understanding Institutional Diversity, provides a detailed classification of rules classification that we can use for blockchain governance, including:

  • position rules on what different positions participants can hold in a given governance choice (e.g. governance token holder, core developer, founder, investor)
  • boundary rules on how participants can or cannot take part in governance (e.g. staked tokens required to vote, transaction fees, delegated rights)
  • choice rules on the different options available to different positions (e.g. proposing an upgrade, voting yes or no, delegating or selling votes)
  • aggregation rules on how inputs to governance are aggregated into a collective choice (e.g. one-token-one-vote, quadratic voting, weighting for different classes of nodes).

These rules matter because they change the way that participants interact (e.g. how or whether they vote) and therefore change the patterns that emerge from repeated governance processes (e.g. low voter turnout, voting deadlocks, wild token fluctuations). There have been somestudies that have utilised the broad IAD framework and commons research insights to blockchain governance, but there has been no deep empirical analysis of the rule systems of blockchains using the underlying classification system.

The opportunity

Today the key constraint in advancing blockchain governance is the lack of a standard language of rules with which to describe and map governance. Today in blockchain whitepapers these necessary rules are described in a vast array of different formats, with different underlying meanings. That hinders our capacity to compare and analyse blockchain governance systems, but can be remedied through applying and adopting the same foundational grammar. Developing a blockchain governance grammar is fundamentally an empirical exercise of observing and classifying blockchain ecosystems as they are, rather than imposing external design rules onto them. This approach doesn’t rely on analogy to other institutions, and is robust to new blockchain ecosystem-specific language and new experimental governance structures.

Rather than broadly describing classes of blockchain governance (e.g., proof-of-work versus proof-of-stake versus delegated-proof-of-stake) our approach begins with a common set of rules. All consensus processes have sets of boundary rules (who can propose a block? how is the block-proposer selected?), choice rules (what decisions do block-proposers make, such as the ordering of transactions?), incentives (what is the cost of proposing a bad block? what is the reward for proposing a block), and so on. For voting structures, we can also examine boundary rules (who can vote?), position rules (how can a voter get a governance token?) choice rules (can voters delegate? who can they delegate to?) and aggregation rules (are vote weights symmetrical? is there a quorum?).

We can begin to map and compare different blockchain governance systems utilising this common language. All blockchain governance has this underlying language, even if today that grammar isn’t explicitly discussed. The output of this exercise is not simply a series of detailed case studies of blockchain governance, it is detailed case studies in a consistent grammar. That grammar — an Ostrom-Complete Grammar — enables us to define and describe any possible blockchain governance structure. This can ultimately be leveraged to build new complete governance toolkits, as the basis for simulations, and to design and describe blockchain governance innovations.

Setting the reserve price for the Tracer DAO Gnosis auction

With Peyman Khezr

Introduction: Selling multiple units of a homogeneous good in an auction is one way of determining the market price. Uniform-price auctions have been used in many real-world markets because of their price discovery property: All winning bidders pay the same price (either highest losing bid or lowest winning bid). The question is how a seller could compute an optimal reserve price in a uniform price auction. First we should note that literature suggests a positive reserve price is usually better than no reserve price as it reduces the chance of underbidding by bidders. However, to compute the reserve price for a uniform price auction there are no clear criteria. In this note we follow the criteria given for the second-price auction as the best approximate of the uniform-price auction.

PDF available here

An economic theory of blockchain foundations

With Jason Potts, Darcy WE Allen, Sinclair Davidson and Trent MacDonald

Abstract: Blockchain (or crypto) foundations are nonprofit organizations that supply public goods to a crypto-economy. The standard theory of crypto foundations is that they are like governments with respect to a national or regional economy, i.e. raising a public treasury and allocating resources to blockchain specific capital works, education, R&D, etc., to benefit the community and develop the ecosystem. We propose an alternative theory of what foundations do, namely that the treasury they manage is a moat to raise the cost of exit or forking because the benefit of the fund is only available to those who stay with the chain. Furthermore, building and maintaining a large treasury is a costly signal that only a high quality chain could afford to do (Spence 1973). We review these two models of the economic function of a blockchain foundation – (1) as a private government supplying local public goods, and (2) as a moat to raise the opportunity costs of exit. We outline the empirical predictions each theory makes, and examine the implications for optimal foundation design. We conclude that foundations should be funded by a pre-mine of tokens, and work best when large, visible, transparent, rigorously managed, and with a low burn rate.

Available at SSRN.