Blockchain Handbook (Version 2)

Download as pdf or txt
Download as pdf or txt
You are on page 1of 542
At a glance
Powered by AI
The book cover uses elements like boats and water to symbolize concepts related to blockchain like decentralization and connectivity. The rising sun also represents the dawn of a new era brought by blockchain.

The unprecedented possibilities and vastness of the ocean symbolizes the internet. The diversity of boats with their different colours represents the diversity of people involved in blockchain. The luminous boats are the full nodes of the blockchain that are decentralized.

Some of the shortcomings discussed include high costs for merchants when processing payments, inefficiencies in the point-of-sale and e-commerce payment processes.

BLOCKCHAIN

HANDBOOK
____________
CHHAY LIN LIM
ARTHUR JANSE
Explanation of the book cover by the illustrator
The unprecedented possibilities and vastness of the ocean symbolizes the internet. The
diversity of boats with their different colours represents the diversity of people involved in
blockchain. The luminous boats are the full nodes of the blockchain that are decentralized.
These boats are connected to each other and to the other boats, the ordinary users, via
luminous ripples on the water that resemble the Wi-Fi icon. The sun rises on the horizon. In
other words, we are at the beginning of a new day, a new era ushered in by blockchain.
Cheerted Keo, (Cheertedkeo.com)

Colophon:
Publication De Boekdrukker Amsterdam
ISBN 978-90-9032191-2
NUR 781
1st edition January 2020
Cover De Boekdrukker Amsterdam
Final Editing Chhay Lin Lim

© CC BY-NC-SA 4.0 Chhay Lin Lim and Arthur Janse

Everything in this book may be used without the permission of the authors, provided that you
do not use it for commercial purposes, publish it under the same license, and correctly indicate
the source: C.L. Lim and A. Janse (2020), Blockchain Basics book, research group Blockchain
Saxion University.
Help translate the book into English
We would like to give everyone the opportunity to receive and read the Blockchain Handbook. That is why we are
collecting money for an English translation. The book can then be further translated from English into other
languages. A good translation costs € 0.06 per word, so we are trying collect a total of €7,500.

Would you like to contribute a few EUR?


You already know the most transparent, cheapest and fastest way: through Dutch crypto service providers, you
can buy cryptos with iDeal and send them to a public blockchain address. The cheapest providers where you can
also send small amounts are https://www.litebit.eu/nl/kopen and https://anycoindirect.eu/nl.

For example, if you send €3.50 here, a net €3.08 will go to the address. The difference of €0.42 is the
administration costs of the crypto service. These services will be supervised by The Dutch Bank as of January 10th,
2020.

The public blockchain addresses that we have created and where you can send your contribution to are:

Bitcoin: 1KEJZRuUjhgJtPri9tEDEk7HA2HweMbVgB

Ethereum: 0x5f570e4acb6cb0004218a0f74f334c16aa48befc

You can see how much money has been sent to the accounts via https://www.blockchain.com/explorer. If we
collect €7,500 we bring the book to a translation agency.
Thanks!

Chhay and Arthur


PART I: TECHNICAL ASPECTS OF BLOCKCHAIN AND RELEVANT INNOVATIONS - 1 -

1. A BRIEF EXPLANATION OF BLOCKCHAIN PRINCIPLES -5-

1.1 INTRODUCTION AND LEARNING OBJECTIVES -5-


1.2 BLOCKCHAIN EXPLAINED AT THE SIMPLEST LEVEL -6-
1.3 BLOCKCHAIN EXPLAINED AT A MEDIUM LEVEL -6-
INTERMEZZO: NAPSTER - 18 -
1.4 SUMMARY, TERMS AND SOURCES - 20 -

2. SHORTCOMINGS OF THE CURRENT PAYMENT PROCESS - 25 -

2.1 INTRODUCTION AND LEARNING OBJECTIVES - 25 -


2.2 POINT-OF-SALE - 26 -
2.3 E-COMMERCE - 30 -
2.4 COSTS FOR MERCHANTS - 34 -
2.5 DISADVANTAGES OF THE CURRENT PAYMENT PROCESS - 35 -
2.6 SUMMARY, TERMS AND SOURCES - 37 -

3. BITCOIN, THE INTERNET OF MONEY - 41 -

3.1 INTRODUCTION AND LEARNING OBJECTIVES - 41 -


3.2 BITCOIN AND THE BITCOIN NETWORK - 44 -
3.3 BITCOIN, THE REVOLUTIONARY DIGITAL CURRENCY - 44 -
3.4 BYZANTINE GENERALS PROBLEM - 45 -
3.5 PROOF-OF-WORK CONSENSUS IN THE BITCOIN NETWORK - 47 -
INTERMEZZO: HASH CRYPTOGRAPHY WITH REGULAR ECOMMERCE PAYMENTS - 52 -
INTERMEZZO: MERKLE TREES, HOW THEY ARE USED WITHIN THE BITCOIN BLOCKCHAIN - 56 -
3.6 DOUBLE-SPENDING PROBLEM - 67 -
3.7 BITCOIN'S MONETARY POLICY - 68 -
3.8 WHAT IS THE DIFFERENCE BETWEEN BITCOIN AND CURRENT PAYMENT SYSTEMS? - 70 -
3.9 ECONOMIC INCENTIVES TO PARTICIPATE IN THE BITCOIN NETWORK - 71 -
INTERMEZZO: HOW TO READ THE BITCOIN BLOCKCHAIN WITH A BLOCK EXPLORER - 73 -
3.10 SUMMARY, TERMS AND SOURCES - 79 -
4. MINING, NODES, BIPS AND FORKS - 85 -

4.1 INTRODUCTION AND LEARNING OBJECTIVES - 85 -


4.2 MEMORY POOL (MEMPOOL) - 86 -
4.3 HOW MINERS CHOOSE TRANSACTIONS FROM THE MEMPOOL - 88 -
INTERMEZZO: MINING FARMS, MINING EQUIPMENT AND THE ENERGY TAX OF BITCOINS MINES - 92 -
4.4 NODES - 95 -
INTERMEZZO: THE FUNCTIONS OF DASH MASTERNODES - 101 -
4.5 BITCOIN IMPROVEMENT PROPOSALS (BIPS) - 102 -
4.6 FORKS - 104 -
INTERMEZZO: BITCOIN VS BITCOIN CASH VS BITCOIN SV - 109 -
INTERMEZZO: HOW TO SET UP A BITCOIN FULL NODE YOURSELF - 111 -
4.7 SUMMARY, TERMS AND SOURCES - 112 -

5. CRYPTOGRAPHY: SYMMETRICAL, ASYMMETRICAL, AND ZERO-KNOWLEDGE PROOFS - 119 -

5.1 INTRODUCTION AND LEARNING OBJECTIVES - 119 -


5.2 SYMMETRIC CRYPTOGRAPHY - 120 -
5.3 ASYMMETRIC CRYPTOGRAPHY (PUBLIC KEY CRYPTOGRAPHY) - 123 -
INTERMEZZO: PUBLIC KEY INFRASTRUCTURE (PKI) - 130 -
5.4 HOW IS PUBLIC KEY CRYPTOGRAPHY USED WITH BITCOIN? - 132 -
INTERMEZZO: BITCOIN WALLETS - 134 -
5.5 ZERO-KNOWLEDGE PROOFS - 135 -
5.6 THE GOVERNMENT AGAINST PUBLIC ENCRYPTION - 137 -
INTERMEZZO: SECURING YOUR EMAIL MESSAGES WITH PRETTY GOOD PRIVACY (PGP) - 142 -
5.7 SUMMARY, TERMS AND SOURCES - 143 -

6. PROOF-OF-STAKE AND BLOCKCHAIN PERFORMANCE - 151 -

6.1 INTRODUCTION AND LEARNING OBJECTIVES - 151 -


6.2 ALTERNATIVE CONSENSUS PROTOCOLS - 152 -
6.3 PROOF-OF-STAKE (POS) - 153 -
6.4 DELEGATED PROOF-OF-STAKE (DPOS) - 153 -
INTERMEZZO: THE BITSHARES BLOCK EXPLORER - 158 -
6.5 LEASED PROOF-OF-STAKE (LPOS) - 159 -
6.6 PROOF-OF-STAKE VELOCITY (POSV) - 160 -
6.7 PROOF-OF-AUTHORITY (POA) - 160 -
INTERMEZZO: ALTERNATIVE CONSENSUS PROTOCOLS - 162 -
6.8 THE ADVANTAGES OF CLASSIC PROOF-OF-STAKE COMPARED TO PROOF-OF-WORK - 163 -
INTERMEZZO: STAKE COINS YOURSELF AND EARN A PASSIVE INCOME (PIVX) - 164 -
6.9 SCALABILITY - 165 -
6.10 SUMMARY, TERMS AND SOURCES - 174 -

7. 51%- ATTACKS AND DECENTRALIZATION - 181 -

7.1 INTRODUCTION AND LEARNING OBJECTIVES - 181 -


7.2 SECURITY MODEL: ACCESS CONTROLS OR OPEN - 182 -
7.3 THE BLOCKCHAIN TRILEMMA - 183 -
7.4 51%-ATTACK - 184 -
INTERMEZZO: OTHER ATTACKS - 188 -
7.5 DECENTRALIZATION - 192 -
INTERMEZZO: ANTI-FRAGILITY - 197 -
7.6 SUMMARY, TERMS AND SOURCES - 198 -

8. BLOCKCHAIN 2.0 AND SMART CONTRACTS - 203 -

8.1 INTRODUCTION AND LEARNING OBJECTIVES - 203 -


8.2 COLOURED COINS ON THE BITCOIN BLOCKCHAIN - 204 -
8.3 ETHEREUM - 205 -
8.4 ETHEREUM TRANSACTIONS AND GAS - 206 -
8.5 SMART CONTRACTS - 207 -
8.6 DECENTRALIZED APPLICATIONS - 215 -
INTERMEZZO: PROFITABLE DAPPS - 218 -
8.7 DECENTRALIZED AUTONOMOUS ORGANIZATION (DAO) - 219 -
INTERMEZZO: ARAGON - 223 -
8.8 SUMMARY, TERMS AND SOURCES - 225 -

9. BLOCKCHAIN GOVERNANCE AND WHO CAN PARTICIPATE WITH WHICH ROLE - 232 -

9.1 INTRODUCTION AND LEARNING OBJECTIVES - 232 -


9.2 GOVERNANCE - 233 -
INTERMEZZO: WHAT SEREY'S GOVERNANCE LOOKS LIKE - 235 -
9.3 WHO CAN JOIN WITH WHICH ROLE? - 237 -
9.4 PUBLIC, PRIVATE AND CONSORTIUM BLOCKCHAINS - 239 -
INTERMEZZO: FACEBOOK'S CRYPTOCURRENCY, THE LIBRA - 245 -
9.5 SUMMARY, TERMS AND SOURCES - 250 -
10. CRYPTO ECONOMICS AND THE RELEVANCE OF CRYPTOGRAPHIC TOKENS - 254 -

10.1 INTRODUCTION AND LEARNING OBJECTIVES - 254 -


10.2 CRYPTO ECONOMICS - 255 -
10.3 CLASSIFICATION OF BLOCKCHAIN TOKENS - 258 -
INTERMEZZO: PARADIGM SHIFT BY TOKENIZATION - 268 -
INTERMEZZO: CENTRAL BANK DIGITAL CURRENCIES - 269 -
10.4 FUND ACQUISITION TOKENS - 271 -
INTERMEZZO: ICO BUBBLE - 273 -
INTERMEZZO: ATOMIC SWAPS - 276 -
10.5 SUMMARY, TERMS AND SOURCES - 279 -

11. BLOCKCHAIN AND THE PROMISE OF THE INTERNET (WEB 3.0) - 288 -

11.1 INTRODUCTION AND LEARNING OBJECTIVES - 288 -


11.2 THE TECHNOLOGICAL DEVELOPMENT OF MEANS OF COMMUNICATION AND THE INTERNET - 291 -
INTERMEZZO: GARTNER HYPE CYCLE FOR BLOCKCHAIN - 299 -
11.3 BLOCKCHAIN TECHNOLOGY STACK - 301 -
11.4 THE PROMISES OF THE INTERNET - 302 -
11.5 TECHNOLOGICAL DEVELOPMENTS LEADING TO BLOCKCHAIN - 305 -
11.6 SUMMARY, TERMS AND SOURCES - 307 -

12. BLOCKCHAIN AND DE SELF-SOVEREIGN IDENTITY - 315 -

12.1 INTRODUCTION AND LEARNING OBJECTIVES - 315 -


12.2 WHAT IS A DIGITAL IDENTITY - 316 -
12.3 EVOLUTION OF DIGITAL IDENTITIES - 319 -
INTERMEZZO: THE COSTS OF KYC AND AML - 325 -
12.4 BLOCKCHAIN AND SELF-SOVEREIGN IDENTITY - 327 -
12.5 HOE HOW IDENTITY MANAGEMENT WORKS ON A BLOCKCHAIN IN PRACTICE - 331 -
INTERMEZZO: UPORT - 336 -
12.6 SUMMARY, TERMS AND SOURCES - 337 -
PART II: THE BACKGROUND AND THOUGHTS FROM WHICH BLOCKCHAIN ARISED
- 344 -

13. BITCOIN AND THE FINANCIAL SYSTEM - 346 -

13.1 INTRODUCTION AND LEARNING OBJECTIVES - 346 -


13.2 GLOBAL OVERVIEW OF ECONOMIC TRENDS - 347 -
13.3 AUSTRIAN SCHOOL OF ECONOMICS - 349 -
13.4 AUSTRIAN CRITICISM OF THE FINANCIAL SYSTEM - 350 -
INTERMEZZO: QUANTITATIVE EASING IN 7 PICTURES - 358 -
13.5 BITCOIN AND THE AUSTRIANS - 359 -
13.6 SUMMARY, TERMS AND SOURCES - 360 -

14. CRYPTOANARCHISM AND THE CYPHERPUNK MOVEMENT - 364 -

14.1 INTRODUCTION AND LEARNING OBJECTIVES - 364 -


14.2 CRYPTOANARCHISM - 365 -
14.3 CYPHERPUNK - 367 -
INTERMEZZO: INTERNET FREEDOM REPORT - 372 -
14.4 CRYPTOANARCHISM AS REALIZATION OF ANARCHO-CAPITALISM - 373 -
INTERMEZZO: THE PENCIL AS A METAPHOR FOR SPONTANEOUS ORDER - 379 -
14.5 THE RELATIONSHIP BETWEEN CRYPTOANARCHISM AND THE BITCOIN BLOCKCHAIN - 381 -
INTERMEZZO: BITCOIN, THE SEPARATION OF STATE AND MONEY - 386 -
INTERMEZZO: THE BITCOIN FOUNDATION AND ITS VALUES - 387 -
14.6 SUMMARY, TERMS AND SOURCES - 388 -
PART III: ENTERPRISE BLOCKCHAIN - 394 -

15. BUSINESS MODELS - 397 -

15.1 INTRODUCTION AND LEARNING OBJECTIVES - 397 -


15.2 BUILDING BLOCKS - 398 -
15.3 BUSINESS ECOSYSTEM - 400 -
15.4 PESTEL - 402 -
15.5 BUSINESS MODEL - 405 -
15.6 DIGITAL BUSINESS MODEL - 410 -
15.7 DECENTRALIZED BUSINESS MODEL CANVAS - 412 -
15.8 SUMMARY, TERMS AND SOURCES - 415 -

16. ENTERPRISE BLOCKCHAIN APPLICATIONS - 420 -

16.1 INTRODUCTION AND LEARNING OBJECTIVES - 420 -


16.2 BANKING AND FINANCE - 422 -
16.3 GOVERNMENT AND PUBLIC GOODS - 436 -
16.4 MANUFACTURING - 447 -
16.5 PREDICTION MARKET AUGUR - 458 -
16.5 SUMMARY, TERMS AND SOURCES - 464 -

17. CRITERIA AND APPLICATION TYPES - 475 -

17.1 INTRODUCTION AND LEARNING OBJECTIVES - 475 -


17.2 CRITERIA TO ENTER BLOCKCHAIN - 476 -
17.3 TYPES OF BLOCKCHAIN APPLICATIONS - 482 -
17.4 SUMMARY, TERMS AND SOURCES - 492 -

18. PLATFORMS AND CONSORTIA - 497 -

18.1 INTRODUCTION AND LEARNING OBJECTIVES - 497 -


18.2 ENTERPRISE BLOCKCHAIN PLATFORMS - 498 -
18.3 CONSORTIUM - 508 -
18.4 SUMMARY, TERMS AND SOURCES - 513 -

EPILOGUE - 519 -
About the writers

Chhay Lin Lim is co-founder of Serey, a blockchain-based platform with various applications.
Serey's initial goal is to stimulate creativity and expression mainly in Cambodia. For example,
you can place articles on Serey.io that are stored on the blockchain and can therefore not be
censored. Serey also has a Serey Marketplace where people can offer their goods and services.
The purpose of this is to stimulate voluntary economic association.

He is also a lecturer / researcher at Saxion University of Applied Sciences and a member of the
Saxion Blockchain Lectorate. He develops workshops related to Blockchain and teaches the
subjects Blockchain and Digital Technology (formerly Financial Technology) within the minor
Digital Business Models & Blockchain.

Previously, he worked at European Merchant Services (EMS), a FinTech company owned by


First Data and ABN Amro. There he performed technical integrations of online payment
methods (credit cards, PayPal, iDEAL, Klarna, etc.) with web shops.

He has an academic background in Economics and Philosophy. Both topics are still his passion.
He regularly writes about this on Notesonliberty.com and Chhaylinlim.wordpress.com.

He sees it as his goal to apply blockchain technology to guarantee the (financial) sovereignty of
people and hopes someday to experience the realization of seasteads - micronations on the
ocean.

Chhay Lin Lim


[email protected]

i
Arthur Janse has in addition to studying Business Administration at the University of Nijmegen,
also completed the Controller course at VU University Amsterdam. From 1997 to 2014, he
worked as a Financial Manager at multinationals AkzoNobel and Hilti. He has lived and worked
in the Middle East for over 12 years, including in Turkey, Egypt and Dubai.

After returning to the Netherlands in 2014, he passionately threw himself into the application
of digital technologies such as Big Data, Artificial Intelligence, Robotic Process Automation and
Blockchain at Saxion University of Applied Sciences.

As a quartermaster on the theme of Blockchain, he made an important contribution to the


creation of the Saxion Blockchain Lectorate. In his role as a lecturer and researcher, he
participates in the development of Masterclasses for companies and government, he organizes
workshops and the Saxion Blockchain Hackathon.

He personally invests in blockchain companies and was therefore involved in the creation of
blockchain company Blockchain Projects bv.

Arthur is convinced that decentralized thinking in the digital world is an unmissable


opportunity; a world where their own identity and data can be used to place the initiative with
the individual. If you want to delve into what this can mean for you and your (future)
organization, this basics book offers a solid introduction to the matter.

Arthur Janse
[email protected]

ii
Preface

In 2015, The Economist called blockchain the ultimate trust machine that was supposed to
replace traditional banking systems, land registers, real estate systems, public withdrawal
systems and even traditional election voting systems. Blockchain has an opportunity to tackle
the challenges of trust, transparency and bureaucracy that various (government) bodies are
facing and offers new opportunities for collaboration between different profit and non-profit
actors. Blockchain monitors real-time transactions, simplifies regulatory compliance, promises
efficiency gains through reducing intermediaries, and reduces the risk of fraud and cybercrime.
A recent investment of more than EUR 56 million by ING in the new Utility Settlement Coin
(USC) is an example of investments in a blockchain technology to facilitate the current viscous
process of settling financial transactions. In the future, trust is no longer about offices,
reputation or the deposit guarantee system, but about whether a system works. Companies
such as Amazon, Google, Apple, Uber and Airbnb offer sublime technological experiences, but
also have critical comments. In China, not everyone immediately switched to WeChat when
they came on the market. Now there is no turning back.

One of the challenges we face as a society is understanding the possibilities and impact of
blockchain and how it can change our lives. Knowledge and research into the use of blockchain
with the adage "Is the technology looking for a problem or does it actually support social
developments?" is of great importance. History has shown that new technology can lead to
revolutionary business models, affecting finance, economics and management. A big question is
how quickly blockchain will develop, as well as its applications. Stephen Hawking wrote in his
latest book Brief answers to the big questions how we can shape the future. He wrote:

“In the same way that the internet, our mobile phones, medical imaging,
satellite navigation and social network would have been
incomprehensible tot the society of only a few generations ago, our
future world beginning to conceive. Information on its own will not take
us there, but intelligent and creative use will.” (Hawking 2018: 207)

With blockchain technology, a more sustainable, safe and reliable digital infrastructure can be
built. That makes this technology potentially revolutionary. However, because blockchain
technology is also very complex and still in its infancy stage, this potential can only be realized if
it is open to collaboration. On the one hand, because the complexity requires the bundling of

iii
knowledge. On the other hand, because the decentralized nature of blockchain requires new,
decentralized forms of governance. Intensive collaboration is a requirement between various
courses, but also in the Dutch Blockchain Coalition (2018), among others. Blockchains for
money (financial gain, private property) and blockchains for control (data collection, state
control) are growing rapidly worldwide, but the development of blockchains for goods (public
interest, collective ownership) is lagging behind.

Every technological revolution brings changes. New business cases arise, and companies are
disappear. This is not a landslide in one go, but a gradual process and brings companies such as
Leica, Wehkamp and Volvo to a higher level of development. At the governance level, there
must certainly be an awareness of timely management of business development, based on
social and market developments. Not everyone comes unharmed from large-scale innovation.
The Internet has its influence on the mail, the GSM on the telephone network with 2-5G
networks and Netflix on the cable companies. History crises have shown that after such a
phase, organizations move to a higher level. The banking industry is not excluded from this. The
character of the Chinese sign for crisis, which is called "Wei Jie", also has the meaning of
opportunity and challenge.

As history has taught us, a new technology for a widely supported administrative function will
lead to a revolutionary business model: l'histoire se répète. Time will tell us. This Blockchain
Handbook would like to make a permanent contribution to this.

Jan Veuger
Lector Blockchain

iv
Introduction

Chhay Lin Lim about the book


The Blockchain Handbook in front of you has emerged from a deep desire to visualize the
philosophical, ethical, economic, technological and business relevance of blockchain in a
coherent way for students. Since the publication of the Bitcoin white paper from November
2008 by Satoshi Nakamoto, quite a lot has been published about blockchain, but there has not
yet a Dutch book with a substantiated holistic view on this subject been released.

The strength of this book is that blockchain is approached from a wide range of perspectives.
The expectation is that this will allow the reader to better analyse the relevance of blockchain
and gain a deeper understanding of the possibilities of blockchain. An additional advantage is
that the Blockchain Handbook offers the reader structure in his learning goals. It is expected to
make a significant contribution to the structural improvement of the Blockchain module within
the Saxion minor Digital Business Models & Blockchain. Although the book is written for
students, non-students interested in blockchain will also benefit from reading this book.

I myself have a deep personal reason why I became interested in blockchain. I first came into
contact with blockchain in 2011, when I read on financial-economic forums and news sites
about the promise that Bitcoin, the first application of blockchain technology, could take the
monopoly on money production from central banks. Not suspecting that Bitcoin was an
extremely coherent and revolutionary tour de force, I ignored such articles until the end of
2011. Reading Bitcoin's rationale from late 2011 - in early 2012, it slowly began to dawn that
technology could lead to enormous disruption of society. With the luggage of eight years of
blockchain, I have a wealth of experience compared to many others - although I still feel like a
child in the rapidly changing blockchain world.

I remember the enthusiasm of the first blockchain pioneers who filled forums full of geeks and
ideologues with poetic lyrics about how blockchain would make humanity freer. This was a time
without ICOs and a time when people did not step into the blockchain world for the money, but
to help introduce a technology that would move society forward.

There has hardly been a better time for me to come into contact with Bitcoin. The financial
crisis had erupted a few years earlier in 2007. The world was still struggling with the aftermath,

v
or rather the still raging storm that stirred the financial-economic landscape. This period has
shown that our financial system is very fragile.
It also looks like the policy of keeping the economy going through low interest rates, increasing
money supply and stimulus for consumption has only been a short-lived solution from central
banks and governments. Interest rates are still historically low to this day, in some cases even
negative. For those of us who have never believed that such policies would benefit our
economy and society, it is appealing to look further into an alternative solution that could
drastically change the financial system. Such a solution, Bitcoin and the underlying blockchain
technology, is central to this book.

What makes Bitcoin so interesting is that it is not only a protest against the current financial
system, but also a protest against the intellectual establishment with its many theoretical
assumptions of our economic reality. The financial crisis has opened the eyes to some people
that some classes of macroeconomic experts, for example, are not experts. In fact, these
centralized clubs of experts - central bankers, government policymakers, banks, and so on - are,
like the rest of us, ignorant of the forces that shape our macroeconomic reality. Bitcoin
recognizes this ignorance of experts and offers us an alternative where there is no central body
pretending to know how to set up our financial system. The economic-social system in which
we live is too complex for a central body to understand, which makes it impossible to organize
our society in such a way that no undesired consequences will follow. As Friedrich Hayek wrote
in The Constitution Of Liberty (1960), we should recognize the limits of our own knowledge
regarding the organization of our society:

“No human mind can comprehend all the knowledge which guides the
actions of society.”

Bitcoin capitalizes on this epistemological modesty in three ways. First, Bitcoin uses a
decentralized network, in which all individuals who wish to participate in Bitcoin's decision-
making process - each possessing their own private knowledge - participate in decision-making
together. Second, the Bitcoin code is open source. Third, the market of money production is
being opened up. Does it mean that a decentralized network in which consensus must be
reached on the direction Bitcoin should take will always lead to the right decisions? Not that.
However, the Bitcoin code is an open source so that others can easily view, copy and edit the
source code at their own discretion, so that new experiments with other, perhaps better forms
of cryptocurrency and other forms of consensus can arise. It has opened the money-making

vi
market, lowered the barrier to participating in the money-making industry, and intensified
competition within the money-making industry. With the breaking of the monopoly on money
production by governments and central banks, a historic phase has started in which each
individual can create their own currency that can potentially compete with national funds. With
this, Friedrich Hayek's vision to denationalize money and break the monopoly on money
production has become a reality.

Still, it's not just the financial system that will be affected by Bitcoin and blockchain. In
particular, the underlying technology, blockchain, offers new technological opportunities to
transform other industries as well.

Finally, I would like to mention that in the coming years there will be more and more appeals
for broad social discussions about cryptocurrencies and blockchain. When people say that we
need to involve society in discussing the ethics of cryptosystems, we have to ask why society is
suddenly paying attention to the great advances that the crypto world is making. Where does
the attention come from?

Back in 2011, society considered us strange and ill-informed. Encryption, digital money,
anonymous networks, digital pseudonyms, Zero-Knowledge, online reputations, information
markets, black markets and the decline of nation-states were openly discussed within the
crypto world and the public paid almost no attention.

6-7 years later, after Bitcoin has proven not to be just a rage, some groups in society are closely
following the developments of cryptosystems and are trying to lead the discourse "for the sake
of society." Who are they and what are their interests? Banks, central banks and national
governments. They are trying to shape the discourse around cryptosystems because (a) banks
fear that some of their operations will be made redundant by cryptosystems, (b) central banks
fear they will lose control of monetary policy and (c) national governments fear that their
national currencies will be out-competed by cryptocurrencies and they will no longer be able to
track crypto payments. Therefore, when they call for social discussions about the ethics and
consequences of cryptosystems, they are more likely to enter the discussions from a position of
fear. Can we then have really substantive discussions with these groups? Or will they, already
motivated to over-regulate cryptosystems, enter the discussions and spoil everything beautiful
about cryptosystems so that these systems do not threaten their modes of operation?

vii
The point I want to make is that we have to be careful and watch out for those who nobly call
for more social discussions about cryptocurrencies and blockchain. I hope that with the
information you will find in this book, you will be able to discern the fiction and reality of
blockchain and enter discussions in the public interest with an open mind and sociological
imagination.

You will read more about the consequences and possible disruptions that Bitcoin and
blockchain can cause in the rest of the book. However, before we are ready to cover this, let's
first discuss the basics of blockchain.

Chhay Lin Lim


Co-founder of Serey.io
Lecturer / researcher at Saxion Hogeschool

viii
Arthur Janse about the book
When I was told as a student in the early 1990s that the internet would make it possible in the
future to order and pay for a movie ticket from the couch, a world opened up to me.
"Impossible," I thought. 'A revolution'.

And it was a revolution. The internet led to a huge increase in our well-being. No more getting
lost in the car in Paris because you don't have the latest road map. No more waiting 3 months
before a movie is also released in the Netherlands. No more going into a travel agency for a
not-really-what-you-want trip but choosing what you want from behind the PC.
Fast, simple and cheap. A true digital revolution made possible and used by the generation in
their forties and fifties who can now exert so much influence in society.

So when Bitcoin and blockchain were first mentioned, I was ready. "Step 2," I thought. "We
have been waiting for this to really get the most out of the internet." Decentralized trust, direct
exchange of property, confidential exchange of ideas, a potential source of innovation for each
individual, giving power to the individual. Et cetera, et cetera.

Blockchain is one of those promising developments that I can call that. Besides artificial
intelligence, Internet of Things, biomechanics and other 4th industrial revolution
developments. Not only the technology, but the idea behind it and the social opportunities it
offers are super exciting. And they offer a nice brush with which you as a current generation of
students can start colouring the future over the next 10-20 years.

Blockchain is not a solution for everything. It is not going to make your coffee. And there is still
plenty of work to be done. But it exists, it develops, and you can help with it.
Hopefully this book offers a first handle for this. Good luck and enjoy!

Arthur Janse
Lecturer FinTech at Saxion Hogeschool
Saxion Blockchain Lectorate

ix
Reading Guide

The book is divided into the following three parts:


Part I: The technical aspects of blockchain and relevant innovations initiated or supported
by blockchain.
Part II: The history and economic-philosophical background of blockchain.
Part III: Blockchain business applications.

The chapters have a fixed division within these parts. Each chapter begins with learning
objectives and an introduction to the first paragraph. Subsequently, the content is discussed in
separate sections. In conclusion, each chapter has a paragraph with a summary, comments that
you can explain after reading the chapter, an explanatory glossary and the sources used in that
chapter.

In the chapters, interludes are used for texts that are not part of the essential text but do help
to further clarify the text.

Where the term "he" is used in this book, you can also read "she". The masculine pronoun was
chosen in the book.

x
Bitcoin and Ethereum Units

Numbers in Satoshi Numbers in Bitcoin


1 Satoshi 0,00000001 ₿
10 Satoshi 0,00000010 ₿
100 Satoshi 0,00000100 ₿
1.000 Satoshi 0,00001000 ₿
10.000 Satoshi 0,00010000 ₿
100.000 Satoshi 0,00100000 ₿
1.000.000 Satoshi 0,01000000 ₿
10.000.000 Satoshi 0,10000000 ₿
100.000.000 Satoshi 1,00000000 ₿

Numbers in Wei Name and inspirator


1 Wei Wei (Wei Dai)
10 Wei
100 Wei
1.000 Wei Babbage (Charles Babbage)
10.000 Wei
100.000 Wei
1.000.000 Wei Lovelace (Ada Lovelace)
10.000.000 Wei
100.000.000 Wei
1.000.000.000 Wei Shannon (Claude Shannon)
10.000.000.000 Wei
100.000.000.000 Wei
1.000.000.000.000 Wei Szabo (Nick Szabo)
10.000.000.000.000 Wei
100.000.000.000.000 Wei
1.000.000.000.000.000 Wei Finney (Hal Finney)
10.000.000.000.000.000 Wei
100.000.000.000.000.000 Wei
1.000.000.000.000.000.000 Wei Ether
xi
xii
PART I: TECHNICAL ASPECTS OF BLOCKCHAIN
AND RELEVANT INNOVATIONS
Part I contains a total of 12 chapters and deals with the technical aspects and relevant
innovations of blockchain. We will start by looking at how the Bitcoin blockchain works and
move on to other blockchain projects throughout the part.

In chapter 1 we start with a brief explanation of blockchain principles. Here we define what
blockchain is and we split the characteristics of blockchain into inherent and emergent
characteristics. If you have read Chapter 1, you will immediately notice that you have become a
discussion partner on blockchain.

In chapter 2 we discuss the current payment process. Bitcoin's ambition is to become a peer-to-
peer payment system. For that reason, it is relevant to understand how the current payment
process works, so that the urgency of Bitcoin and cryptocurrency can be better explained. In
the chapter we mainly look at iDEAL and credit card payments.

In Chapter 3, we make a clearer distinction between the cryptocurrency Bitcoin and the Bitcoin
network. The consensus mechanism of Bitcoin, Proof-of-Work, and the differences between the
Bitcoin payment system and regular payment systems are explicitly discussed.

In chapter 4 we discuss mining, nodes, Bitcoin updates and forks. Here we cover what miners
do, we gain more insight into why the Bitcoin network costs so much energy and we also
understand better why the Bitcoin network is so safe. In addition, we discuss other types of
nodes than miners and see how updates are implemented in a decentralized network such as
Bitcoin. We also see what happens when there are disagreements in the community and one
part does an update and the other does not.

In chapter 5 we look at symmetric, asymmetric (public key) and Zero-Knowledge cryptography.


Cryptography is an essential element of blockchain, because it allows us to capture and verify
the authenticity of data. In addition, it also outlines a context in which cryptography was
invented and how cryptographers and digital rights activists from the invention of public key
cryptography are at odds with governments that do not want citizens to have uncrackable
communication.

-1-
In chapter 6 we switch to Proof-of-Stake, a different consensus mechanism than that used with
Bitcoin. We discuss the different variants of Proof-of-Stake and compare the characteristics of
this consensus mechanism against Proof-of-Work. We also look at the performance of a
blockchain and we treat the urgency to make blockchains more scalable. We discuss a number
of potential techniques that are applied or researched to increase scalability.

In chapter 7 we look at 51% attacks and decentralization. We'll cover how a 51% attack works
at Proof-of-Work and Proof-of-Stake. We will also discuss the blockchain trilemma and take a
more nuanced look at the concept of decentralization.

In chapter 8 we discuss blockchain 2.0, smart contracts and applications that are built on a
blockchain platform. The blockchain 2.0 platform that we are examining is Ethereum. It is
relevant for us to realize what the potential impact will be on our lives as more blockchain
applications emerge that pull out trusted intermediaries. Consider, for example, a platform
such as Uber without an Uber company or a social media platform such as Facebook, but
without a Facebook company.

In chapter 9 blockchain governance is discussed. Within a decentralized network where there


are no trusted intermediaries, governance is a major challenge. How should we organize the
blockchain in such a way that people are encouraged to display good behaviour? We also
discuss decision-making rights and accountability. Governance is different for different types of
blockchains: public, private and consortium. In addition, blockchains can also be permissionless
and permissioned.

In chapter 10 we look at crypto economics, a new discipline that has emerged through the
advent of blockchain. It is engaged in production, consumption and wealth transfer through
computer networks, applied cryptography, game theory and software development. In
addition, we also look at the different types of cryptographic tokens and how they can be used
within a blockchain.

In chapter 11 we give an overview of the history of the internet. This also shows what the
promises of the internet were and how we might be able to deliver on the promises with the
arrival of blockchain.

-2-
Finally, in chapter 12 we discuss the development in digital identities. The Self-Sovereign
Identity is explicitly discussed. Blockchain makes it possible to better protect our digital identity
and to give us more ownership of our digital data.

After part I, we will continue with the larger underlying socio-economic and philosophical
thoughts that have influenced the Bitcoin blockchain.

-3-
-4-
1. A brief explanation of blockchain principles

“Sorry to be a wet blanket. Writing a description for this thing for general
audiences is bloody hard. There’s nothing to relate it to.”
- Satoshi Nakamoto (2010)

1.1 Introduction and learning objectives


In this chapter you will learn
• That blockchain is essentially a distributed ledger, in which you can store various data.
• To know blockchain at the lowest and middle level by means of the Bitcoin example, so
that you are already a discussion partner after the chapter.
• What the inherent and emergent properties of blockchain are.
• The differences between a blockchain network and a centralized network.

Introduction
On October 31, 2008, an email was sent under the name Satoshi Nakamoto to a list of
participants on the Cryptography mailing list.1 The email included a reference to a white paper
entitled Bitcoin: A Peer-to-Peer Electronic Cash System. The email states that Satoshi has been
working on a new electronic money system that is completely peer-to-peer, with no third party
involved. This system makes it possible to send online payments to another party, without the
need for a financial institution. The payment method used for this is a completely new digital
currency, called Bitcoin.

The main features of this money system, according to Satoshi Nakamoto, are:
1. Double spending is prevented with a peer-to-peer network.
2. There is no coin house or 3rd party to take on the role of coins.
3. Participants can be anonymous.
4. New coins are put into circulation through a Proof-of-Work mechanism similar to Hash
cash.
5. This Proof-of-Work mechanism also powers the network to avoid double-spending.

1 The original email can be found at : http://www.metzdowd.com/pipermail/cryptography/2008-


October/014810.html.
-5-
Key terms like double-spending, peer-to-peer network, Proof-of-Work, Hash cash, timestamps,
hashing, digital signatures that emerge in the email make it difficult for the general public to
understand blockchain. Certainly because there wasn’t anything before which was comparable
to blockchain. However, it is essential to understand these terms if we are to understand
blockchain.

This chapter starts with a short, accessible introduction to what blockchain is (section 1.2). This
is followed in paragraph 1.3 by a more detailed explanation of important properties that a
blockchain has. Finally, we round off the chapter in section 1.4 with a summary, a list of
important terms and a list of sources.

1.2 Blockchain explained at the simplest level


A blockchain can be explained at different levels. At the simplest level, a simple and
unsophisticated analogy is often made, with a database or ledger tracking all transactions. An
exact copy of this ledger is distributed among several computers that are connected to the
network. To hack the ledger, you need to hack most of these different computers at the same
time and at the same time change the same data to the same results. The chance that such a
large-scale2 hack will take place is very small. This is what makes the blockchain so reliable.

The reader of this explanation now understands that the blockchain:


1. is a database similar to a ledger,
2. is copied and distributed across different computers,
3. is reliable, because a hack can only be successful if several of these computers are
hacked at the same time.

1.3 Blockchain explained at a medium level


The aim of this book is for the reader to understand blockchain at a high level, so the above
explanation is not sufficient for us. In order to reach that high level, it is important to first
understand it at a medium level. You notice that by mastering blockchain at this level you can
already be a solid discussion partner.

2 Depending on the number of connected computers.


-6-
At the medium level, it is most convenient that we approach blockchain by taking Bitcoin as an
example. In general, a blockchain is a database in which different data can be stored. In the
case of the Bitcoin blockchain, the entire transaction history of all Bitcoins is kept and the
blockchain therefore knows exactly how much Bitcoin everyone has. What makes the Bitcoin
blockchain special is that this blockchain (or database) is maintained by a network of servers,
which at best all have the same copy of the blockchain. It is explicitly said here “at best”,
because it sometimes happens that the data within the blockchains can differ from each other.
This is possible if, for example, a server has temporarily failed and the blockchain is not fully
synchronized. It is also possible that a malicious person places false information in his local
blockchain. A server can be a computer, but in general it is a device on which data can be
stored. This can therefore also be a mobile phone or a smart TV. The servers check the
blockchain data for correctness and synchronize the content of their blockchain with the
databases of all other servers on the network. As a result, the servers that are connected to the
blockchain network, at best, always share the same copy of the blockchain. 3

Who are these servers that are connected to the network and have a copy of the blockchain?
They are with a technical term called a full node. In the case of the Bitcoin blockchain, the
Bitcoin protocol is completely open, and everyone is free to connect their computer or server
to the network. The main task of these nodes is to verify all mutations of the blockchain for
correctness and to keep the network robust. Nobody knows exactly how many Bitcoin full
nodes there are, because some nodes are behind closed gates and are therefore invisible to the
network.4 As of December 2019, there are approximately 10,000 Bitcoin full ports with open
ports spread across more than 100 different countries. About a quarter of them are located in
the United States and about 5% are in the Netherlands (Bitnodes.earn, 2019).5 Because the

3 It is important to realize that there is no clear definition of a blockchain. According to Webopedia, blockchain is a
type of data structure in which data is distributed over a network of computers. In addition, this data is easy to
identify and track, making the blockchain a trust network. However, Oxford Dictionaries sees blockchain as a digital
ledger in which transactions in Bitcoin or other crypto are chronologically publicly registered. Some researchers,
such as Sultan et al. (2018), again write that blockchain is a decentralized database with successive
cryptographically linked data blocks, which are supported by a consensus model.

4 Open port nodes are able to help spread blocks to new full nodes that do not yet have those blocks. Otherwise,
they are no different from closed-gate nodes.
5 See: www.bitnodes.earn.com for an overview of the Bitcoin full nodes distribution. These are nodes that are
behind open ports and are therefore accessible in the network. The number of full nodes varies from day to day.
Nodes can be started or closed just like computers or servers and also require maintenance.
-7-
blockchain is a database distributed across different servers, this technology is also referred to
as a form of Distributed Ledger Technology (DLT). Blockchain can therefore be seen as a DLT,
but the other way around, a DLT does not always have to be a blockchain.

1.3.1 Inherent and emergent properties of the blockchain


It is important to distinguish between the inherent and the emergent properties of the
blockchain. These two types of properties are regularly mixed up.6

If we view the blockchain as a database that records information, these are the essential
inherent properties of a blockchain:
1. Data is arranged in data blocks.
2. Data blocks are incrementally ascending.
3. Data is cryptographically verifiable.
4. Data is digital.

Data is arranged in blocks denoted by incrementally increasing block numbers. These blocks are
chained together through cryptographic hash values. This may sound a bit complicated, but for
now it is sufficient to have the following process picture in view. A more detailed explanation of

3. Miners compete to find a hash value. Once


BLOCK #4 the correct hash value is found, the block is
added to the blockchain and the miner is
Transaction rewarded
requests
Data
Data
Data

2. Transaction requests
are bundled in a block

Figure 1: A simplified representation of how a block is created in the Bitcoin blockchain.

6 See Blockchain: properties and misconceptions (2017) by De Leon, Stalick, Jillepalli and Haney regarding the
misconceptions about the properties of Blockchain.
-8-
how the data is cryptographically encrypted in blocks and how the blocks are chained together
follows in chapter 3.

The image above explains that clients, devices such as a mobile phone from which Bitcoin
transactions are initiated, first make requests to be allowed to add their transactions to a new
block. In the example, the requests are added to a block, after which miners get started to
actually produce this block. According to the Bitcoin protocol, the miner who first finds the
correct hash value is allowed to produce the block and send a message to the full nodes on the
network that the correct hash value has been found. The nodes check that the hash value is
correct. If yes, the block with the new transactions is added to the blockchain.7

BLOCK #0 BLOCK #1 BLOCK #2 BLOCK #3 BLOCK #4

Data Data Data Data Data


Data Data Data Data Data
Data Data Data Data Data

Figure 2: Block #4 has been added to the blockchain.

In the case of Bitcoin, finding the correct hash value takes an average of 10 minutes. This is
called Bitcoin's block time. However, the time to find a correct hash value can also take longer
or shorter. You can compare finding the correct hash value to finding a random number
between 0 and 1,000. For example, the miner first tries 0, then 1, then 2, then 3, and so on until
he finds the number that is correct.8 Finding the correct number is often explained as solving a
complicated mathematical puzzle. Sometimes the number is found earlier and sometimes a
little later. Trying out the different numbers takes computer power. A miner with more
computing power can try multiple numbers within a shorter period of time to find the correct
number - or hash value - faster. The reward for finding the correct hash value is currently a

7 It is important to know that a miner is not the same as a full node. A miner is one of several types of full nodes. A
miner's primary job is to create new blocks, while full nodes have a copy of the blockchain, verify new blocks and
add them to the blockchain. Later in chapter 4 we discuss the distinction between the different types of nodes
8 In reality, the miner can choose any number at random and the range of possible numbers ranges from 0 to
4,294,967,295. We will return to this in section 3.5.2.
-9-
fixed reward of 12.5 Bitcoin + the variable reward of transaction fees from the transaction
quests in the block.9 It is for this reason that a race of computing power has emerged among
Bitcoin miners. The system where miners have to use computer power to find the correct hash
value is called Proof-of-Work. Finding the correct hash value requires proof that work has been
done on the network in the form of computer power.

You may wonder if finding the right hash value doesn't happen faster as better chip technology
is developed that increases computing power. The answer to this is that the Bitcoin protocol
automatically adjusts the difficulty for finding the correct hash value so that it is found
approximately every 10 minutes and thus a new block is also produced every 10 minutes.
If we go back to blockchain from the lowest level of knowledge and take a closer look at the
analogy with a ledger, we can say that a page of the ledger is comparable to the individual
blocks of a blockchain. All transactions that fall within a period of approximately 10 minutes are
registered per page. In other words; on page 1 all transactions of the first 10 minutes are
recorded, on page 2 all transactions of the next 10 minutes, on page 3 all transactions of the
following 10 minutes etc. All these pages thus form a coherent ledger, in which all transactions
tracked from the first 10 minutes are kept.

When a blockchain is distributed and uses communication and consensus protocols, it has the
following emergent properties:
1. There is no Single Point of Failure (SPOF).
2. New data must be confirmed by other nodes.
3. Some form of consensus is required to make updates and agree on the correct state of
the blockchain.
4. A blockchain is difficult to hack.
5. It makes it more difficult to censor or change the data on the blockchain.
6. It is a peer-to-peer network, which does not require trust in a central party. (De Leon et
al., 2017, p. 292)

A well-distributed blockchain has no single point of failure


A Single Point of Failure (SPOF) is the part of a network that stops operation of the entire
network in the event of a failure. A SPOF is undesirable if you want a system with high
availability and reliability.

9 The fixed remuneration is halved every four years. You can find here when the next halving takes place:
www.bitcoinblockhalf.com
- 10 -
Centrale
Server
(SPOF)

Figure 3: A representation of a network with a Single Point of Failure.

Figure 3 shows a network with a SPOF, the central server to which other devices are connected.
A device connected to the central network can be, for example, a computer, a desktop, a
printer or a mobile phone.

When you open a browser like Safari with your laptop and go to the website Pets.nl, a
connection is established between your browser and the server of Pets.nl, where all data of
Pets.nl is stored. Part of the data is, for example, the content of the website and the login
details. If this central server with data fails - perhaps because the database has been hacked, or
because the power has failed - your browser can no longer access this data and an Error will be
displayed on your screen. This Error does not only appear on your browser, but on any device
that wants to connect to Pets.nl. In the event of a hack, your data may have been stolen or
changed. In addition, because all data of users of Pets.nl is stored on the server, the
administrator of the server has the option to change your login details, to close your account
and perhaps also to view your user details. Users of the website must trust the administrator of
the server that he handles their data carefully. The need in such systems to trust a central party
or administrator with your data and to trust that the SPOF will not fail makes the model
vulnerable.

- 11 -
It is not only small websites that suffer from a SPOF design, but also large reputable companies.
For example, in 2015 there was a power outage at a single PayPal data centre. As a result, many
users could no longer access the PayPal website, credit card transactions could no longer be
processed, people could no longer access their personal account information, or incorrect
balance sheets were displayed.10 Networks with a SPOF are also more vulnerable for DDoS
attacks. A DDoS attack is a cyber-attack where one server is overwhelmed with requests from a
multitude of sources. When the server under attack is unable to respond to the many requests,
it starts declining requests.11

Blockchain prevents the vulnerability of a SPOF, because the blockchain is distributed over a
network of nodes. Because every node has a copy of the blockchain, there are no major
consequences for the network if one fails. nodes. Because the other nodes still have a copy of
the blockchain, it is still possible to verify what the balance sheets are and what transactions
have taken place in the past. Since the release of the Bitcoin blockchain, the network has never
failed. This shows how robust distributed ledger technology can be, if it is well-designed and
maintained by sufficient nodes.

10 To learn more about the incident, see "PayPal’s recent power outage drives bitcoin adoption" (Parker, 2015).
11 DDoS is the acronym for Distributed Denial of Service.
- 12 -
Full node
1

Full node Full node


5 2

Full node Full node


4 3

Figure 4: A view of a distributed network, with the blockchain distributed over a network of full nodes.

A distributed blockchain requires confirmations of new data from other nodes


With a centralized server, it is relatively easy to include new data injections in the database. The
new data only needs be added by a single party. This is different for a distributed network such
as blockchain. If the new data is added to a blockchain by a miner, this data must still be
verified by other full nodes and then also included on the blockchains available to the nodes.
There is therefore always a risk that new data that has not yet been confirmed by full nodes will
still be refused. For this reason, Satoshi Nakamoto (2010) advises Bitcoin users to always wait
for a few confirmations before making a transaction, to ensure that the transaction is actually
properly included in the blockchain. It is also good, in the case of Bitcoin, to reissue the Bitcoin
only if you are sure that the Bitcoin you have at your disposal has already been confirmed. He
writes:

“As you figured out, the root problem is we shouldn't be counting or


spending transactions until they have at least 1 confirmation.
0/unconfirmed transactions are very much second class citizens. At

- 13 -
most, they are advice that something has been received, but counting
them is premature.”12

In general, it is indicated that it is good practice to get at least 4 confirmations of a transaction


before you can be sure that it is included in the balance sheet and you can spend it again.

A distributed blockchain requires consensus


What about new updates to the network protocol? A distributed blockchain requires consensus
to make updates and agree on the correct state of the blockchain. With a centralized server, a
single party only needs to make the update. If you want to securely update the entire
distributed network, all nodes will have to accept and implement the update. However, some
nodes may refuse to implement the update.

Generally, the first node that has done the update sends a signal to the other nodes on the
network that it has done an update. Because this node has a slightly modified version of the
blockchain, there is a temporary split of the blockchain, a soft fork. It has also been agreed that
the other nodes have an x amount of time to implement the update. The time is often
expressed in the number of blocks. For example, to update the blockchain protocol, two thirds
of the nodes must have completed the update within a period of the next 100 blocks. When
less than two thirds of the nodes have completed the update within that time, the update
expires, and the nodes automatically revert to the original blockchain.

The concept that a temporary split of the blockchain occurs during an update is an interesting
feature. We will return to this in chapter 4.6. We will also discuss what happens with an update
that is not temporary, but permanent. In other words, an update in which the blockchain splits
into two different chains that can no longer communicate with each other. This is what you call
a hard fork.

12 Satoshi Nakamoto commented on The Bitcoin Forum, September 30, 2010. See:
https://bitcointalk.org/index.php?topic=1306.msg14714#msg14714
- 14 -
A node that made an update
after Block # 5 has a parallel BLOCK BLOCK BLOCK
blockchain with black blocks. #6 #7 #8

BLOCK BLOCK BLOCK BLOCK BLOCK BLOCK BLOCK


#... #3 #4 #5 #6 #7 #8

Figure 5: Illustration of a fork.

An untruth about blockchain that often circulates is that every node exactly has the same
software version. This is not necessary as long as the software versions are compatible with
each other and the full nodes can communicate with each other. When a full node has a
software version that is not compatible, this node can no longer verify the new data on the
blockchain.

Soft forks and hard forks are discussed in more detail in section 4.6. For now it is sufficient to
realize that an update of the network must reach consensus between the full nodes.

A distributed blockchain is difficult to hack


The fact that a copy of the blockchain is kept on different nodes makes it difficult to hack,
because the targets - the blockchains - are located in so many different places. In addition, all
transactions from the past have been verified. Data is therefore unambiguously registered on
the blockchain. A change in a balance sheet that does not correspond to previous data is
immediately noticed. To control the network, you would have to hack multiple nodes and
change its blockchain. This is possible through a 51% attack where, in the case of Bitcoin, you
must own a majority of all computer power.13

13 While the 51% attack is the best known, many other attacks are also possible. Regular attacks that occur on
centralized networks, such as corruption of core developers, bugs in involuntarily incorrectly written code, or
stealing keys that give access to servers also occur with blockchains.
- 15 -
51% attacks are discussed in Chapter 7. For now it is important to know that you can spend a
Bitcoin twice through a 51% attack. Spending a Bitcoin twice is also known as double-spending.
The prevention of double-spending has been one of the main reasons why blockchain was
developed in the first place.14

A distributed blockchain complicates censorship and fraud


It is often said that the data on the blockchain is immutable. However, this is not true. It is
possible to change or delete data if there is consensus within the community to do this.
However, it is difficult to find consensus for such actions. It is therefore important that when
you research the advantages and disadvantages of a blockchain project, you also look at how
many full nodes there are and who manages them. It is possible that a single party controls the
majority of the nodes, or that there is an oligopoly in the composition of full nodes, making it
easier to hijack the blockchain. Nevertheless, if we assume that the blockchain network is well
distributed, we can say that censorship and changing data on the blockchain are difficult to
accomplish.15

It is a peer-to-peer network, which does not require trust in a central party


The previous five emergent properties mean that no trusted intermediary is required. Hence, it
creates an environment where trust is embedded into the blockchain itself. Decisions are made
through a consensus mechanism and transactions on the blockchain take place peer-to-peer
without an intermediary. A trusted intermediary is also known as a trusted third party (TTP).

A peer-to-peer network is a network of computers (nodes) that are equivalent to each other
and that can provide services to each other. Everyone has access to the Bitcoin network and is
free to manage a node on the network. Every participant within the network follows the Bitcoin
protocol at an equivalent level and every node is considered equivalent. There are no special
Bitcoin nodes that are favoured or have more rights than other nodes: a miner is equivalent to
every other miner, just as every full node is equivalent to every other full node. Peer-to-peer
transactions without an intermediary means that there is no central party that can regulate,
stop and freeze your transactions. With the elimination of intermediaries, transactions can be
more efficient and cheaper. This peer-to-peer model is in contrast to the client-server model

14 With a 51% attack, you can reject transactions or change the order of transactions among many other things.
15 We are not going into any further details on how data can be censored and changed on the blockchain. This will
be discussed later in the book. For now it is sufficient to know that transactions on the blockchain can therefore be
changed with sufficient consensus of the nodes.
- 16 -
(workstation-server model). A client-server model uses a centralized server that provides
services to clients, for example, email service users. The server often contains a database
containing login data such as usernames and passwords. Clients that are logged in will then
access the services of the server. A weakness of such a model is that there is a SPOF. In this
case, the SPOF is the server. Once disabled, the clients will no longer be able to access the
server services. In addition, sensitive information can be captured if the server is corrupted by,
for example, hackers. The server administrator can also grant certain user rights to the clients
and both grant and deny them access.16

In the next chapter, we will further discuss current payment systems with banks, Payment
Service Providers, card schemes and payment processors and compare them against
transaction systems on the blockchain.

Now that you more or less understand the basics of blockchain, we can more easily distinguish
blockchains from other projects that are also peer-to-peer, but do not use blockchain
technology. One of those projects we are discussing in more detail is the online music sharing
service, Napster.

16 In The Internet of Money (2016), the Bitcoin evangelist Andreas Antonopoulos controversially compares this
model to a master-slave relationship, where the server is the master and the client is the slave.
- 17 -
Intermezzo: Napster
In 1999, a peer-to-peer file sharing service called Napster was launched by teenagers Shawn
Fanning and Sean Parker. Napster made it possible for people to easily share and download
digital music files from others. It caused a lot of commotion, because for the first time music
was widely shared with each other for free. Napster allowed people to download and listen
to individual songs. Before, if you wanted to get a single song, you had to buy a full album.
In 2001, Napster was eventually closed after a lawsuit with the Recording Industry
Association of America, because the distribution and downloading of digital music files was
deemed to be in violation of copyright law. Nevertheless, Napster is still known as a
revolutionary service that has disrupted the music industry. In the United States, CD sales
peaked in the year 2000, after which there was a sharp decline - partly due to Napster and
subsequent services such as BitTorrent and Spotify.

Napster is known to use a peer-to-peer network. So how come authorities have been able
to shut down Napster, which is virtually impossible with Bitcoin?

With the Bitcoin network, all full nodes have an exact copy of the Bitcoin blockchain. The
Bitcoin network consists of approximately 10,000 nodes, which are spread all over the
world, making it difficult to locate and close them all. While music file sharing is peer-to-
peer with Napster, it also includes a central server element.

- 18 -
Napster uses a central index that keeps track of which computer has which files to share
with other users. If a user (computer A) wants to search for a song such as Michael Jackson -
Billie Jean, a connection is made to the index and the index searches which computers have
this song. If the index shows that computer B has this song, a direct peer-to-peer connection
is made between computers A and B, allowing A to directly download the number from B's
computer.

Napster is a mixed model of client-server and peer-to-peer. The central index element is
client-server, but the actual files are downloaded peer-to-peer. The central index server has
proven to be a serious Achilles heel for Napster because it can be closed easily, causing
Napster to stop working. Because Napster only has a central index server, which lists which
computers have which shareable music files, Napster itself does not have music files on its
server. It has only facilitated users to make peer-to-peer connections and share music with
each other.

2 Centrale
Index Server

Figure 6: Napster network. (1) Computer A performs a search in Napster's central index server for Michael Jackson-
Billy Jean. Napster's central index server searches for computers that are connected to the network and that have made
the song available on their hard drive. (2) Computer B has the number. Computer A and B establish a direct peer-to-
peer connection, after which computer A downloads the music file from computer B.

- 19 -
1.4 Summary, terms and sources
Summary
It is important to know that blockchain is basically a ledger to be able to distinguish between
the inherent and emergent properties of the blockchain.

A blockchain is basically:
1. a database similar to a ledger,
2. that is copied and distributed across different servers and
3. that is reliable, because a hack can only be successful if several of these servers are
hacked at the same time.

What makes the blockchain special is that it is maintained by a network of nodes that - at best,
but not always - all have an exact copy of the blockchain. The full nodes synchronize their
blockchain with each other. It is not important that nodes are running the latest software
version. Most importantly, they keep producing blocks in case the full node is a mine, verify
new transactions and help maintain the network.

If we view the blockchain as a database that records information, these are the essential
inherent properties of a blockchain:
1. Data is arranged in data blocks.
2. Data blocks are incrementally ascending.
3. Data is cryptographically verifiable.
4. Data is digital.

When the blockchain is distributed over a network, it has the following emergent properties:
1. There is no Single Point of Failure.
2. New data must be confirmed by other nodes.
3. Some form of consensus is required to do updates and agree on the correct state of the
blockchain.
4. A blockchain is difficult to hack.
5. It makes it more difficult to censor or change the data on the blockchain.
6. It is a peer-to-peer network, where trust is embedded into the system itself.

- 20 -
Comments you can now explain
• Blockchains differ from traditional databases.
• A blockchain is actually a ledger that is copied and distributed over a network of several
computers.
• The reason Napster failed is because it had a SPOF. A blockchain, on the other hand, has no
SPOF and is therefore more difficult to switch off.
• A blockchain has both inherent and emergent properties. It is mainly the emergent
properties that make a blockchain interesting.
• A blockchain is a peer-to-peer network.

Glossary of Terms
51% Attack: An attack on the blockchain that is accomplished by gaining more than 51% of all
the network's computing power.

Bitcoin halving: The halving of the number of new Bitcoins released when a valid block is
produced by a miner.

Block time: The average time during which a valid block is produced by a miner. With Bitcoin,
this is 10 minutes.

Client-server model: The model where clients (user) are connected to a server. The server
contains data relevant to the clients. The clients connect to the server to access this data. This
makes the clients dependent on the server.

Distributed Ledger Technology (DLT): Distributed ledger technology.

Double-spending: Spending a Bitcoin twice. For example, that you have 1 Bitcoin, but with that
you send 1 Bitcoin to person A and 1 Bitcoin to person B.

Emergent properties of blockchain: Properties of a blockchain that arise when the blockchain is
distributed over a network of computers.

Full node: A node that has a full copy of the blockchain.

Hard fork: A permanent split of a blockchain, when some of the nodes decide not to go along
with an update and separately continue with their own blockchain version. A well-known Bitcoin
hard fork is the hard fork that has led to Bitcoin and Bitcoin Cash.

Inherent properties of blockchain: Properties that are specific to a blockchain. These are
properties that all blockchains by definition have.

- 21 -
Miner: A computer that provides computing power to produce a valid block. A block is only valid
if it finds a nonce that leads to a valid hash value.

Node: Device that is connected to a computer network.

P2P: See peer-to-peer.

Peer-to-peer: A computer network where computers are equal to each other and can offer each
other services.

Proof-of-Work: A consensus mechanism that requires miners to use computer power to find the
correct hash value for a new block. By finding the correct hash value, they are allowed to add the
block to the blockchain and receive a reward.

Single Point of Failure (SPOF): The part of a network that stops the operation of the entire
network in the event of a failure.

Soft fork: A temporary split of the blockchain. When updating the blockchain, a part can go with
the update and a part cannot. That way you temporarily get two different blockchain versions.
With a soft fork, it has been agreed that nodes have an x amount of time to implement the
update. If there are not enough nodes with the update for that time, the blockchain will
automatically revert to the old version.

SPOF: See Single Point of Failure.

Trusted third party (TTP): Trusted intermediary.

TTP: See trusted third party.

White paper: A document that describes how a specific problem is solved. Satoshi Nakamoto
has written in the Bitcoin white paper how Bitcoin solves the problem of double-spending in a
distributed network.

- 22 -
Sources
Antonopoulos, A. M. (2016). The Internet of money: talks by. Merkle Bloom Llc.

Bitcoin Block Reward Halving Countdown. (2019). Consulted on December 23, 2019, from
Bitcoinblockhalf.com website: http://www.bitcoinblockhalf.com

de Leon, D.C., Stalick, A. Q., Jillepalli, A. A., Haney, M. A., & Sheldon, F. T. (2017). Blockchain:
properties and misconceptions. Asia Pacific Journal of Innovation and
Entrepreneurship, 11(3), 286–300. https://doi.org/10.1108/apjie-12-2017-034

Nakamoto, S. (2008). Bitcoin P2P e-cash paper. Consulted on December 23, 2019, from
Metzdowd.com website: http://www.metzdowd.com/pipermail/cryptography/2008-
October/014810.html

Nakamoto, S. (2010, September 30). Re: I broke my wallet, sends never confirm now. [Online
forum comment]. Message posted on
https://bitcointalk.org/index.php?topic=1306.msg14714#msg14714

Parker, L. (2015, November 1). PayPal’s recent power outage drives bitcoin adoption. Consulted
on December 23, 2019, from Bravenewcoin.com website:
https://bravenewcoin.com/insights/paypals-recent-power-outage-drives-bitcoin-
adoption

Sultan, K., Ruhi, U., & Lakhani, R. (2018). Conceptualizing Blockchains: Characteristics &
Applications. 11th IADIS International Conference Information Systems 2018, 49–57

Icons
Computer made by Prettycons from www.flaticon.com

Miner made by Srip from www.flaticon.com

- 23 -
- 24 -
2. Shortcomings of the current payment process

“Money is low bandwidth … You don’t need some sort of big


infrastructure improvement to do things with it. It’s really just an entry
in a database.”
- Elon Musk (2003)

2.1 Introduction and learning objectives


In this chapter you will learn
• What Point-of-Sale (POS) and e-commerce transactions are.
• How the payment process of regular payment methods such as credit cards and iDEAL work
and which parties are involved in such transactions.
• That the payment process consists of authentication, authorization and clearing &
settlement.
• In what ways blockchain transactions offer advantages over transactions with regular
payment methods.

Introduction
As mentioned in chapter 1, Bitcoin is the first application to use Blockchain technology,
developed as a new money system. Before going into Bitcoin in the next chapter, it is important
to first understand how current transaction processes work. With more insight into how
transaction processes proceed, it becomes clearer what the relevance of Bitcoin and blockchain
is within transaction models.

On the surface, a transaction seems simple. Surely it is just entering the card details or swiping
the card through an ATM and the payment is done, right? However, this is technically quite a
complex procedure, in which the payment goes through three processes with multiple players
in the transaction chain. If you understand how these processes work, you can also reflect on
the shortcomings of current transaction systems. In our explanation of how transactions work,
we look in particular at how the payment processes of credit cards and iDEAL work.

- 25 -
It is common in the payment industry to distinguish between Point-of-Sale (PoS) payments in
brick-and-mortar stores and the e-commerce transactions that take place online, mainly in
online shops. In section 2.2, we discuss the process of a PoS transaction with a credit card. This
is followed by a discussion of e-commerce transactions with iDEAL and credit card in section
2.3. In section 2.4, we look at the costs of these transactions and we will see that the costs are
considerably high, because many intermediaries are involved. This chapter then ends in section
2.5 with a summary, a list of important terms and a list of sources.

The most relevant to us is:


1. To understand which players are active within the transaction processes.
2. To understand that each party in the transaction chain claims a portion of the fees.
3. To understand the speed of clearing & settlement in transactions.

Clearing & settlement is the processing of a transaction, in which the money from the issuing
bank is actually exchanged and settled with the receiving bank.

2.2 Point-of-Sale
A credit card transaction in a physical store goes through the following three processes:
1. Authorization.
2. Authentication.
3. Clearing and settlement.

For these processes it is important to know that the following players are involved in the
transaction process:
1. Cardholder: the person with the credit card. In this case, it is the paying customer.
2. Merchant: the owner of the store.
3. Acquirer / Bank of the Merchant: a financial institution that is responsible for receiving
transaction requests from the Merchant and that forwards these requests to the Issuing
Bank. The latter receives and sends the message from the Issuing Bank back to the
Merchant with the answer whether the payment has been approved or not.
4. Acquiring Processor/Service Provider: a financial institution that offers the service and
therefore often also the payment terminal to the Merchant in order to be able to accept
payments. In some cases, this service is provided by the Acquirer. For convenience’s
sake, we assume that the Acquirer also offers this service. This service is also sometimes
offered by a Payment Service Provider who also establishes contact with credit card
networks to connect Merchants.

- 26 -
5. Credit card network: the network that processes credit card transactions. Examples are
Visa, MasterCard, China Union Pay and American Express.
6. Issuing Bank: financial institution that issued the credit card to the Cardholder. This is
often the Cardholder's bank.

We will describe each of the three processes in more detail.

2.2.1 Authorization
In the authorization process, the cardholder's bank is asked whether the Cardholder may
execute the transaction.

1. The Cardholder puts his credit card into a payment terminal and enters his details, such
as his pin code at the point of purchase.
2. The credit card information is sent electronically to the Acquirer, the retailer's bank.
3. The Acquirer forwards the credit card information to the credit card network such as
Visa, Mastercard, American Express or China Union Pay.
4. The credit card network reviews the payment and requests a transaction authorization
from the Cardholder's bank. The authorization checks whether the following
information is correct:
a. Credit card number
b. Credit card expiration date
c. Billing address
d. Credit card security code as the CVV on the back of the credit card
e. Payment amount

1. The Cardholder 2. Merchant 3. Acquirer 4. Credit card


pays the Merchant forwards credit forwards credit network requests
with a credit card card information to card information to authorization from
(e.g. Visa card). the Acquirer. the credit card the cardholder's
network (e,g. Visa). bank, the Issuing
Bank.
Figure 7: Authorization process of a credit card with a Point of Sale payment.

- 27 -
2.2.2 Authentication
The Cardholder's bank, the Issuing Bank, verifies in the authentication phase whether data for
authorization are correct.

1. The Issuing Bank validates the credit card number, expiry date, security code, billing
address and whether there is sufficient balance in the account. Based on this
authentication, a message is sent back through the same channels to the Merchant with
the answer whether the Issuing Bank approves or refuses the transaction.
2. Once the Merchant has received the authorization, the Issuing Bank will deduct the
transaction amount from the Cardholder's account. The Merchant also offers a receipt
to the Cardholder, which completes the purchase. The payment terminal also collects all
approved transaction authorizations that are processed in a batch at the end of the day.

2. Upon approval of the 1. The Issuing Bank checks the credit card details and sends a message back to the
authorization, the ATM will Merchant via the credit card network and the Acquirer, answering whether the
issue a receipt to the transaction has been accepted or declined.
Cardholder. The machine
also indicates if the The ATM collects all approved transaction authorizations.
transaction has been
refused.

Figure 8: Credit card authentication process with Point of Sale payment.

2.2.3 Clearing & Settlement


In the clearing & settlement process, payments are actually debited from the Cardholder's
account and credited to the Merchant's account.

1. At the end of the day, the Merchant - or rather the Merchant's payment terminal -
sends all approved authorizations to the Acquirer in a batch.
2. The Acquirer sends the batch to the credit card network for settlement.
3. The credit card network reviews the transactions in the batch and sends each approved
transaction to the appropriate Issuing Bank. In addition, the credit card network also
receives a small percentage of the payment, the assessment fee.
4. Normally, the Issuing Bank transfers the cash amount minus interchange fees to the
Acquirer. The interchange fees are fees paid to the Issuing Bank.

- 28 -
5. The credit card network pays the Acquirer (and the acquiring processor) a percentage of
the amount for their services. This is the processing fee.
6. The Acquirer deposits the amount into the Merchant's account minus the merchant
discount rate.
7. The Issuing Bank places the transaction on the Cardholder's account. The Cardholder
pays the amount.

7. The Issuing Bank places the transaction on the Cardholder's account and
the Cardholder pays.

6. The Acquirer 5. The credit card 4. The Issuing Bank


deposits the amount on network pays the transfers the amount to
the Merchant's balance Acquirer a processing the Acquirer minus the
sheet minus the fee of the remaining interchange fee.
merchant discount rate. amount.

1. The Merchant sends 2. The Acquirer sends 3. The credit card


the batch of approved the batch to the credit network sends each
transactions to the card network. approved transaction to
Acquirer. the appropriate Issuing
Bank, and receives an
assessment fee
Figure 9: Process of clearing & settlement of a credit card with a Point of Sale payment.

When looking at the cost of credit card transactions, there are three costs that a Merchant
incurs in receiving a transaction:
1. Processing fee for the Acquirer.
2. Assessment fee for the credit card network.
3. Interchange fee for the Issuing Bank

The sum of all these rates is called the merchant discount rate. This is often around 2-3% but
can also rise to 5%. Below you will find a schematic representation of how the amount of a
purchase of €100 is distributed among the players in the transaction chain.

- 29 -
Cardholder
buys a product of €100

Processing Fee Assessment Fee Interchange Fee


Acquirer receives Credit card network receives Issuing Bank receives
€0,25 €0,0925 €1,78

Merchant
The Acquirer adds
€97.87 in the Merchant's account

Figure 10: Cost allocation of a credit card with a Point of Sale transaction.

2.3 E-commerce
The same players also play a role in e-commerce transactions. The big difference is that the
transaction takes place online, often in an online store.

In the case of an iDEAL payment, there is no credit card network such as Visa and MasterCard,
but here too there is an Issuing Bank and an Acquirer or Payment Service Provider. The latter
plays the role of an Acquirer and establishes the connection for the Merchant with the iDEAL

- 30 -
payment platform. In the Netherlands, the platform is supported by banks. To date, there are
11 banks that are licensed to act as Issuing Bank for iDEAL.17

The Acquirers and Payment Service Providers ensure that the money paid from the Cardholder
reaches the Merchants accounts. In the Netherlands there are currently 8 Acquirers and dozens
of Payment Service Providers.18

2.3.1 iDEAL (e-commerce transaction)


The iDEAL transaction process is as follows:
1. The Cardholder places a purchase order on the Merchant’s online shop.
2. The Cardholder is referred from the Merchant’s online shop to the online payment
environment of the selected bank.
3. (a) The Cardholder must authenticate himself. Banks often have their own system for
authentication. In the case of Rabobank, you use the Rabo Scanner and in the case of
ABN AMRO Bank, you use an e.dentifier. The Cardholder must also authorize the
payment. During authorization, you will be asked for a pin code and often also for a
uniquely generated code using a device such as the Rabo Scanner and the e.dentifier of
ABN AMRO Bank. If you pay with the mobile phone application, you may no longer have
to enter a uniquely generated code for small amounts. The balance is also checked.
(b) The Issuing Bank will send a confirmation to the Merchant whether the payment was
successful.
(c) The Issuing Bank will also send a confirmation to the Cardholder that the payment
was successful. If the payment is successful, the Cardholder will again be referred from
the Issuing Bank payment environment to the Merchant online shop.
4. The Issuing Bank sends the amount and the payment reference to the Acquirer. The
Acquirer collects all incoming payments, processes them and deposits the amount into
the Merchant's account.

17 These banks are ABN AMRO Bank, ASN Bank, Bunq, ING Bank, Knab, Moneyou, Rabobank, RegioBank, SNS,
Triodos Bank and van Lanschot Bankers.
18 Visit https://www.ideal.nl/partners/ for an overview of Issuing banks, Acquirers and Payment Service Providers
for iDEAL.
- 31 -
The entire order, authentication and authorization process runs in real time. The settlement
itself takes a long time and lasts 1 to 3 working days. 19

4. The Acquirer deposits the amount on the Merchant's balance


sheet.

3c. The Issuing Bank sends a


confirmation to the Cardholder
whether the payment has been
successful.

3b. The Issuing Bank sends a


confirmation to the Merchant
whether the payment has been
successful.

1. The Cardholder 2. The Merchant online 3a. After authentication and


places a purchase order shop sends the authorization, the Issuing
on the Merchant's Cardholder to the Bank sends the amount to the
online shop. payment environment of Acquirer with a payment
the selected Issuing reference.
Bank.
Figure 11: iDEAL transaction process.

2.3.2 Credit card (e-commerce transaction)


As indicated earlier, the same players are present in e-commerce transactions with credit cards
as with Point-of-Sale transactions.

First of all, the Cardholder places a purchase order on the Merchant's payment page. The
Merchant may have the Cardholder enter card details such as credit card number, expiry date

19 Great strides are being made with regard to payment transactions in the Netherlands and Europe. In the
Netherlands, Instant Payments has now gradually been introduced in the spring of 2019. Seven banks are currently
participating: ABN AMRO, ING, Rabobank, SNS, ASN Bank, RegioBank and Knab. With this, money can be credited
to the recipient in seconds via mobile banking and internet banking and the recipient can also spend it
immediately again. In addition to the Netherlands, the European Union is also rolling out Instant Payments for
international payments in the Union. Instant Payments is not yet possible with iDEAL. (Payments Association,
2019).
- 32 -
and CVV / CVC code on the payment page. However, there are strict rules attached to this. The
Merchant must comply with the regulations regarding money transactions for this. This entails
additional costs.20 If the Merchant does not comply, Cardholders may not enter credit card
details on the payment page of their online shop. If the Merchant wishes to store credit card
information, it must comply with strict rules of encryption using tokens in data vaults and other
security measures. If unauthorized persons have access to the data vaults and seize the tokens,
they cannot find out from the encrypted tokens which credit card details belong to that. If you
are not certified to store credit card information in this way, it is often also possible to have the
tokens stored with the Payment Service Provider that offers the "data vault tokenization
service". The advantage of tokenization of credit card information is that when the same
customer wants to make a payment on your website again, the token belonging to the
customer can be requested and thus the credit card information is automatically filled in on the
payment page in advance. The customer no longer has to take his credit card information with
it. It is also possible to use the token to automatically make recurring payments, for example for
subscription payments. It is also possible to use the token to automatically make recurring
payments, for example for subscription payments.

Assuming that you do not use an online shop with automatically entered credit card
information, you manually enter the credit card information in the payment page; the card
number, expiry date and CVV / CVC code on the back of the card. From the payment page, the
Cardholder is still referred to a 3D-secure environment. 3D-secure is a payment protocol that
authenticates the Cardholder. There are different forms with which you can request the 3D
secure code. This can be done with a card reader such as the Rabo Scanner, a digipas or a text
sent from the Issuing Bank to your phone. After the 3D-secure code has been entered correctly,
the settlement & clearing process starts, which can take about 3-5 business days.

20 The Merchant must be compliant with the Payment Card Industry Data Security Standard (PCI DSS) for this. PCI
DSS is a self-regulation of the Payment Card Industry. The obligation is based on agreements that involved parties
such as Merchants, Payment Service Providers, Issuing Banks, etc. must sign. It was introduced to reduce credit
card fraud. There are different levels of PCI DSS compliance. Anyone who wants to accept payments must at least
meet the lowest level. To prevent certification at higher levels, it is possible for the Merchant to send Cardholders
to a payment page hosted by, for example, a Payment Service Provider that does meet the requirements.
However, the Merchant must take measures to prevent, for example, criminals from forwarding customers to a
false payment page. This happens regularly because the security of online shops is sometimes too weak. For more
information about PCI DSS, see: https://www.pcisecuritystandards.org/.
- 33 -
2.4 Costs for Merchants
Compared to Bitcoin or other blockchain transactions, traditional transactions are quite
expensive. Although the costs can vary greatly per transaction, a Visa and Mastercard
transaction often costs around 3% and also involves fixed costs. In addition, the Merchant
sometimes also pays one-off and monthly costs. Other credit cards, such as American Express,
can be even more expensive.

Payment One-off Costs Costs per Note


Service costs per transaction
Provider month
Adyen None None Visa: 1,15% + Minimum fee of € 100 per
€0,1 month
MasterCard:
1,40% + €0,1
Mollie None None € 0.25 + 1.8% for Visa and MasterCard
EU Cards
€0.25 + 2.8% for
business cards
and non-EU cards
MultiSafepay €74,95 None €0,15 + 2% - 3% Cost of an Acquirer is 2% - 3%.
costs Acquirer
CardGate €75 None 3% + € 0,25 Minimum fee of € 20 / month.
An annual connection charge
of € 98 for Mastercard and Visa
WorldPay €135 €20 3,95% Based on Business Gateway
Plus package
Table 1: Transaction costs for Visa and Mastercard with some Payment Service Providers in the Netherlands in 2019
(Overonlinebetalen.nl, 2019).

- 34 -
iDEAL transactions are often €0.29 - €0.60. The following table lists the transaction costs for
iDEAL for various Payment Service Providers. These can differ greatly from each other.

Payment One-off Costs Costs per Note


Service costs per transaction
Provider month
Mollie None None €0,29 Special promotional rate, via
OverOnlineBetalen.
ICEPAY None None €0,35 Minimum fee for 400 trxs and
that is € 140
Adyen None None €0,45 Minimum fee of € 100 per
month
CardGate €75 None €0,58 Minimum fee of € 20 per
month
WorldPay €350 €199 €0,60 iDEAL only in combination with
Corporate Gateway Account.
Table 2: Transaction costs for iDEAL with some Payment Service Providers in the Netherlands in 2019 (Overonlinebetalen.nl,
2019).

2.5 Disadvantages of the current payment process


We see that the payment process is quite cumbersome. Many intermediaries are involved, such
as the Issuing Bank, the credit card network, Acquirer and the Payment Service Provider, each
of which keep a portion of the transaction value. This means that when you pay € 100 in a
store, the owner does not actually receive € 100 in his account.

Also, the authorization and authentication process is cumbersome when conducting mainly e-
commerce transactions. In addition to entering his card details, the Cardholder must also enter
a 3D-secure code. Although the entire authorization and authentication process takes a few
seconds, the clearing & settlement process for credit cards can take three to five business days.
With iDEAL payments, settlement between the Cardholder and the Merchant often takes
between one and three days.

In addition, card data fraud is a serious problem in the payment industry. According to The
Nilson Report (November 2019), total credit, debit and pre-paid card fraud in 2016 was
approximately $ 22.80 billion USD. This increased further to $ 23.97 billion USD in 2017. In
2018, total fraud increased further to $ 27.85 billion USD. This is expected to increase to

- 35 -
approximately $ 32.39 billion USD in 2020. At the same time, the total volume of credit, debit
and pre-paid cards will also increase.21

The payment process for Bitcoin and other cryptocurrencies is completely different. And in a
way that many cryptocurrency transaction costs cost less than a cent. In the case of Bitcoin, it
costs around $ 0.30 USD in December 2019 to have your transaction included in the next block.
However, you can also choose to have your transaction withdrawn six blocks later, which costs
approximately $ 0.22 USD.22 That also means that in the case of Bitcoin - which is currently
thought of as a fairly outdated and slow crypto - settlements can take around 10 minutes or
longer depending on what transaction fees you are willing to pay. This is considerably faster
and for e-commerce transactions also a lot cheaper than, for example, PayPal, credit cards and
iDEAL.

In a world of instant messaging and video calls, the current transaction system, in which we
exchange things of value like money, is archaic and slow. In the next chapter we will take a
closer look at Bitcoin as a modern payment system, which is better suited to our current time.
Bitcoin is the first and currently, by market value, also the largest blockchain.

21 According to The Nilson Report (November 2019), of $ 100 USD in volume, approximately 6.86 cents of fraud is
committed in 2018, and this number will slowly decline in the following years after years of increases.
22 For an overview of the transaction costs on the Bitcoin network, see: https://bitcoinfees.info. However, when
Bitcoin was around its peak value in late 2017, a transaction could cost $ 10- $ 20 USD. This was because more
transactions per second were made on the Bitcoin blockchain than the network could handle. It caused Bitcoin
transactions to be put on hold. Transactions often took considerably longer than 10 minutes at the time and if you
wanted to speed up your transaction, you had to pay an extra fee. How it is that transactions with higher fees are
included earlier in the blockchain is discussed in chapter 4. Since Bitcoin, there are now more modern blockchains
with lower transaction costs. On some blockchains, a transaction costs less than a tenth of a cent.
- 36 -
2.6 Summary, terms and sources
Summary
In this chapter we looked at the current payment process. The online payment process consists
largely of Point-of-Sale (PoS) transactions and e-commerce transactions. In the current
payment system, many different parties are involved in a transaction. This leads to a
complicated payment process of authorization, authentication and clearing & settlement. These
parties are:
1. The Cardholder.
2. The Merchant.
3. The Acquirer.
4. The credit card network for credit card transactions.
5. The Issuing Bank.
6. The Payment Service Provider.

When a Cardholder makes a payment of €100, part of the amount is always shared between
the various parties. In addition, the entire process up to and including clearing & settlement for
credit card payments often takes three to five working days. With iDEAL payments, it takes
about one to three working days before the Merchant actually receives the money in his
account.

There are also strict rules on how to handle payment data in money transactions. A Merchant
must be PCI DSS compliant and may not simply store credit card information. If a Merchant
does not comply with PCI DSS at all levels, it is also possible for a Merchant to engage a
Payment Service Provider that is already compliant at higher levels and hosts the payment page
for the Merchant. However, there are costs involved.

Comments you can now explain


• Payments with regular payment methods have many intermediaries, so the costs of the
transaction can be quite high.
• Transactions in the regular payment system are not peer-to-peer. This makes it easier to
stop, refuse and reverse transactions.
• Clearing & settlement with iDEAL transactions can take one to three working days and with
credit cards three to five working days.
• There are many rules involved in regular payment methods. For example, you are not just
allowed to store credit card information.

- 37 -
Glossary of Terms
Acquirer: Financial institution that sends transaction requests from the Merchant to the Issuing
Bank, the Cardholder's card. An Acquirer is usually the bank of the Merchant.

Acquiring Processor: Financial institution that processes payment requests for the Merchant.
This service is also sometimes offered by a Payment Service Provider.

Assessment fee: The fee paid to the credit card network in a transaction for viewing and
assessing the transactions.

Clearing & settlement: The processing process whereby the money from the Issuing Bank is
actually exchanged and settled with the Acquirer.

Credit card network: The network that processes credit card transactions. Examples are Visa,
Mastercard, China Union Pay and American Express.

E-commerce: Online trading. An e-commerce transaction is an online transaction in, for


example, an online shop.

Interchange fee: The costs paid to the Issuing Bank.

Issuing Bank: Financial institution that issues the card to the Cardholder. This is often the
Cardholder's bank.

Cardholder: Person who pays with the payment card.

Merchant: The owner of a shop.

Merchant discount rate: the sum of the processing fee, assessment fee and interchange fee.

Payment Service Provider: The payment service provider. A payment service provider links the
Merchant with the payment system.

Point-of-Sale: Buying point in physical stores. A PoS transaction is a transaction in a physical


store.

Processing fee: The processing fee paid by the credit card network to the Acquirer.

- 38 -
Sources
Dutch Payments Association. (2019). Instant Payments in short. Consulted on 24 December,
2019 from the Dutch Payments Association website:
https://www.betaalvereniging.nl/betalingsverkeer/instant-payments/instant-payments-
in-het-kort/

Bitcoin Transaction Fees. (2019). Consulted on December 24, 2019, from Bitcoinfees.info
website: https://bitcoinfees.info

iDEAL. (2019). IDEAL partners. Consulted on December 24, 2019, from the iDEAL website:
https://www.ideal.nl/partners/

Over Online Betalen. (2019). Compare rates for iDEAL and credit card - for entrepreneurs.
Consulted on December 24, 2019, from Overonlinebetalen.nl website:
https://overonlinebetalen.nl/onderdelen-tarieven-ideal/

Papadimitriou, O. (2009, April 2). How Credit Card Transaction Processing Works: Steps, Fees &
Participants. Consulted on December 24, 2019, from WalletHub website:
https://wallethub.com/edu/cc/credit-card-transaction/25511/

PCI Security Standards Council. (2019). Official PCI Security Standards Council Site - Verify PCI
Compliance, Download Data Security and Credit Card Security Standards. Consulted from
Pcisecuritystandards.org website: https://www.pcisecuritystandards.org/

The Nilson Report. (2019). The Nilson Report 2019. (1164).

Icons
Cardholder, Merchant, Issuing Bank and Acquirer made by Freepik from www.flaticon.com
Visa icon created by Roundicons from www.flaticon.com

- 39 -
- 40 -
3. Bitcoin, the internet of money

“A mysterious new technology emerges, seemingly out of nowhere, but actually


the result of two decades of intense research and development by nearly
anonymous researchers. Political idealists project visions of liberation and
revolution onto it; establishment elites heap contempt and scorn on it. On the
other hand, technologists – nerds – are transfixed by it. They see within it
enormous potential and spend their nights and weekends tinkering with it.
Eventually mainstream products, companies and industries emerge to
commercialize it; its effects become profound; and later, many people wonder
why its powerful promise wasn’t more obvious from the start.

What technology am I talking about? Personal computers in 1975, the Internet


in 1993, and – I believe – Bitcoin in 2014.”
- Marc Andreessen (2014)

3.1 Introduction and learning objectives


In this chapter you will learn
• The difference between the cryptocurrency Bitcoin and the Bitcoin blockchain.
• How Bitcoin's Proof-of-Work consensus mechanism works.
• What the Byzantine Generals Problem is, and that Bitcoin solves this problem through
Proof-of-Work.
• How consensus is reached on the Bitcoin network.
• The role of hash cryptography and Merkle trees in blockchain security.
• Which data is included in a block and transaction.
• How to use a block explorer to read the data from the blockchain.
• How Bitcoin's monetary policy works.
• How the Bitcoin network encourages people to join the network so that it is kept running.

- 41 -
Introduction
What would our economic life be like if our money was not controlled by governments and
central banks? If there is no one who controls the inflation of our money and if there is no
institution that can put a limit on how much money we can transfer to another? Such a world of
financial freedom was unthinkable to many until Bitcoin, a peer-to-peer electronic money
system, was invented. Remarkably, Satoshi Nakamoto has made the code completely open
source, so that everyone can view the source code, and everyone can trust that the total
amount of Bitcoins in circulation can never exceed 21 million. This number will be reached in
2140.

The first block of the Bitcoin blockchain was mined on January 3, 2009. 23 It includes a reference
to The Times article entitled "Chancellor Alistair Darling on brink of second bailout for banks"
published the same day. The article reminds us of the uncertain times of the economic crisis, in
which governments and central banks have tried to save the financial system. The then
Chancellor of England, Alistair Darling, faced the difficult choice of buying billions of toxic assets
from banks and providing banks with cheaper government-guaranteed loans at low interest
rates.

Figure 12: The article Satoshi Nakamoto referred to in the genesis block.

23 You can view the first block via the following link:
https://www.blockchain.com/btc/block/000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce
26f.
- 42 -
Bitcoin's purpose has been clear since its beginning. It wants to disrupt the banking and money-
making industries. In addition, it wants to give people control over their own money, without
the need for approval or trust in a third party. This means that it must be immune to the seizure
of our money by governments.

On January 21, 2014, Marc Andreessen, the co-founder of Netscape, published an article in the
New York Times about why Bitcoin matters.24 He writes that the political idealists project their
freedom ideals onto Bitcoin and that the established elite look at the new digital money with
suspicion, or even contempt. In the article, he compares the technological impact of Bitcoin
with the PC of 1975 and the Internet of 1993. Despite Bitcoin's enormous potential, there is,
according to Andreessen, a major misunderstanding among the media about what Bitcoin is.
The purpose of this chapter is to present what Bitcoin is, as a new form of money for the
internet, and what fundamental problems it is trying to solve within traditional transaction
systems.

In paragraph 3.2 we first make a distinction between Bitcoin and the Bitcoin network. Then, in
section 3.3, we discuss Bitcoin and its ambition to become the money of our modern digital
age. Then in section 3.4, we discuss which fundamental network problem, the so-called
Byzantine Generals Problem in computer science, has solved Bitcoin. The solution to the
problem is a consensus mechanism called Proof-of-Work. By studying the Proof-of-Work
concept in more detail in section 3.5, you will also understand what blockchain is at a higher
level. In that respect, this chapter is a deepening of chapter 2.
In section 3.6, we explain the double-spending problem. Next, Bitcoin's monetary policy is
discussed in section 3.7 and in section 3.8 we briefly compare the payment system of Bitcoin
with the regular payment systems such as iDEAL and credit cards that were discussed in the
previous chapter. In 3.9, we discuss how Bitcoin provides people with economic incentives to
participate in the network. Then in 3.10 we close the chapter with a summary, a list of
important terms and a list of sources.

24 Netscape was the largest web browser in the 1990s with a 90% market share until the first web browser war
with Internet Explorer. The article in which Andreessen describes why Bitcoin is important is called "Why Bitcoin
Matters" (2014) and can be read in full here: https://dealbook.nytimes.com/2014/01/21/why-bitcoin-matters/.
- 43 -
3.2 Bitcoin and the Bitcoin network
When talking about Bitcoin, it is important to distinguish between the Bitcoin currency and the
Bitcoin network. Bitcoin in this case is the digital currency and the network is the underlying
infrastructure, consisting of the nodes that help keep track of all Bitcoin transactions through
the blockchain. The Bitcoin phenomenon is more than just the money. We will see that it is also
a sophisticated and revolutionary way to store data in such a way that all parties involved can
trust that this data is correct, without involving a central party.

3.3 Bitcoin, the revolutionary digital currency


Would people have believed you 50 years ago, if you said then that in the future you could
communicate directly with each other via electronic text messages, consisting of digital zeros
and ones? Yet this is the way for the modern world to communicate with each other since the
introduction of the internet. We use email, social networking, audio and video messages.

Although things like email, audio and video messages can be sent from one party to another in
no time, this turned out to be impossible for a long time with digital money. However, Milton
Friedman, Nobel laureate in economics in 1976, already saw in 1999 that the internet would
play a major role in reducing the role of government in our economic and social life. All that
was missing at the time, Friedman said, was a reliable electronic money system that allowed
people to send money to each other without necessarily knowing each other. Such a system
that would resemble cash transactions and thus enjoy anonymity would be developed in the
short term. According to some, Bitcoin has fulfilled this promise.

Figure 13: Milton Friedman explains that the internet and a reliable electronic money system will significantly reduce the role of
government in our lives and lead to greater economic freedom.

- 44 -
Basically, Bitcoin has the following three main properties
1. It has introduced scarcity in the digital domain.
2. It is a peer-to-peer network without the need for trust in a third central party.
3. It is an orderly way to record and verify all transactions so that double spending can be
avoided.

Money becomes worthless if it is not scarce and if people can copy it to spend it twice, three
times, four times, etc. In that regard, Bitcoin is regularly compared to gold. Gold is scarce like
Bitcoin, and double-spending with gold is not possible because it cannot be copied and
reissued.

3.4 Byzantine Generals Problem


As stated in Chapter 1, Bitcoin is the first application to use blockchain technology. This
technology provides the first practical solution to a problem known to computer scientists as
the Byzantine Generals Problem. Two weeks after the first Bitcoin disclosure, Satoshi Nakamoto
sends an email analogous how the Bitcoin network is a practical solution to the Byzantine
Generals Problem (BGP).25 Understanding the Byzantine Generals Problem will help you better
understand the Bitcoin network and understand how to reach consensus within the network.

In the article, "The Byzantine Generals Problem" (1982), Lamport, Shostak, and Pease first
described this problem as a situation where the Byzantine army is camping outside an enemy
city. The army, consisting of several divisions, each led by a separate general, must forge a joint
battle plan to attack the city, but can only communicate with each other through messengers. It
is possible that one or more of the generals or one of the messengers is a traitor who tries to
confuse the other generals and protect the loyal generals from making a corresponding
decision about the battle plan. In such a situation, how can these generals plan against the
enemy city with the assurance that none of them can be a traitor? Or, if betrayal is possible, at
least they cannot thwart the agreement of a good battle plan? This trustless situation can be
seen as a decentralized environment, where there is no central point to share reliable
information from a joint battle plan.

25 Satoshi Nakamoto outlines a situation where a number of Byzantine generals each have a computer and want to
attack the king's Wi-Fi by forcing the password they know to be a specific number of characters, this is called brute
force. The email is dated November 13, 2008 and can be read in its entirety here:
https://satoshi.nakamotoinstitute.org/emails/cryptography/11/.
- 45 -
General 1

“Withdraw” “Attack”

Enemy city

General 3 General 2
“Withdraw”
Figure 14: A systematic representation of the Byzantine Generals Problem. General 1's messenger tells them to
attack. However, General 2 decides to withdraw and has his messenger pass the message to withdraw to General 3.
General 3 takes over the message and forwards the same message he received to General 1. The problem here is:
how can the generals reach consensus in an environment where you have to trust multiple parties, the messengers
and each other, to deliver the right messages to each other so that a successfully coordinated battle plan can be
executed?

The problem thus is to find an algorithm that (a) primarily ensures that all loyal generals can
reach agreement. The loyal generals will do what the algorithm tells them to do, while the
traitors can do what they want. The algorithm should be designed to ensure that all loyal
generals follow it regardless of what the traitors do. These generals must also agree on a
reasonable battle plan. This means that (b) Secondly, a small group of traitors cannot force loyal
generals to adopt a bad battle plan.

Condition (a) can be ensured by having each general use the same method to reach a decision
and by having each loyal general obtain the same information. Condition (b) is difficult to
achieve, because you cannot unambiguously determine what a good or bad battle plan is. What
one person likes, the other may see as bad. What you can do is find a rule that bases the
generals' final decision on a majority vote between the generals. This ensures that traitors can
only prevent the decision of the loyal generals if they are in a majority. This is not a perfect
method, but according to Lamport et al. it is the best method we currently know.

- 46 -
We can compare the above Byzantine Generals Problem with that of a decentralized or
distributed computer network, in which all participants (nodes) of the network cannot trust
each other, but still have to come to decisions together. Reliability is based on the fact that:
1. A transaction that has been made is recorded on the blockchain and shared with all
participants. In other words, everyone should have access to the same information.
2. A transaction that has been made is authenticated so that person A cannot transfer
person B's Bitcoin. With the Byzantine Generals Problem this means that the messages
are checked for the fact that they come from the right persons - generals and
messengers.
3. A transaction is not forged. This means that if someone makes a valid transaction, no
one else can change the content of the transaction. In other words, when a general
sends a message, no one can change the content of the message.
4. A transaction cannot be executed twice. If someone has 1 BTC, this person cannot give 1
BTC to both person A and person B. So no contradictory information is possible. A
general cannot send two conflicting messages.

3.4.1 Byzantine Fault Tolerance (BFT)


To ensure the reliability of the data on the blockchain, the network needs participants who
verify messages or transactions for accuracy and neutralize other participants who are corrupt
and misleading. The similarity between these nodes is what you call consensus. A system that is
resistant to the Byzantine Generals Problem is characterized by the Byzantine Fault Tolerance
(BFT) property.

There are several ways to set up Byzantine Fault Tolerant systems. In chapter 6 we discuss more
consensus protocols that make this possible.

3.5 Proof-of-Work consensus in the Bitcoin network


On the Bitcoin network, Byzantine Fault Tolerance is achieved through the Proof-of-Work
consensus mechanism. The purpose of Proof-of-Work is to protect the network from attackers,
to avoid double-spending and to reach consensus on which chain is the true blockchain when
two competing chains emerge.

Proof-of-Work has the following properties:


1. It uses hash cryptography.
2. Miners are looking for a nonce that leads to a valid hash of a block where Bitcoin
transactions are stored.

- 47 -
3. When a valid hash is found, the block is verified for correctness by various full nodes on the
network. The speed, or block time, with which a valid hash is found is based on the mining
difficulty.
4. This new block is taken over by other nodes on the network and added to their version of
the blockchain.
5. Should two valid hashes be found by two different miners in about the same time, there
are two competing chains. In such cases, consensus is reached by adopting the longest
blockchain.
6. The above ensures that everyone on the network assumes that there is one blockchain
with the correct data. In other words, you use the same ledger, which has registered all
transactions, so that fraud such as double-spending is not possible.

What follows is a further explanation of the above properties.

3.5.1 Hash cryptography


If we look at the reporting of the messengers within the Byzantine Generals Problem, we see
that reporting takes place in everyday written language. This in itself is a major weakness,
because everyday language can easily be manipulated and falsified by the messengers.
Therefore, there must be a method within the consensus algorithm to validate messages so
that we know that the original text has not been manipulated. In the Bitcoin consensus
protocol, this is possible by using (1) hash cryptography and (2) a nonce. 26

The origin of the word cryptography can be traced from the Greek words kryptos and graphein,
which mean hidden and writing respectively. Cryptography is thus a method of concealing
written text. With the emergence of new communication options, such as telegraph, radio,
computer, mobile phone, email, instant messaging and online banking, concerns have been
added that what we communicate can be tapped, which could jeopardize our privacy. For this
reason, there is a great need to be able to conceal what we communicate from others and to
store important information, such as passwords, in a manner that cannot be revealed. Some
methods that are widely used in the digital world are hash cryptography and public key
cryptography.27

26 Nonces will be discussed in paragraph 3.5.2.


27 Public key cryptography will be discussed in paragraph 5.3.
- 48 -
Hash cryptography is a way of mathematically converting digital data into a fixed number of
characters, which at first glance seem very arbitrary and unintelligible. It is for example used to
securely save our personal data, such as passwords, and is immensely suitable to compare the
the hashed versions of plain texts.

Bitcoin uses a cryptographic hash technology called SHA-256.28 SHA stands for Secure Hash
Algorithm and 256 is the number of bits of the hash. It is always 64 characters long and consists
of hexadecimals. Each character can therefore take one of the following 16 values:

0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F.

Each value is 4 bits in size. If the hash is 64 characters long, the hash is 64 * 4 = 256 bits long.
For this reason, the algorithm is called SHA-256.

Cryptography works as follows. You take data that you run through the hash algorithm, SHA-
256 in the case of Bitcoin, and you always get a 64-character (or 256 bit) value. There are
numerous SHA-256 hash calculators online that you can use to hash data.29 In our example,
we're going to hash sonnet 18 from Shakespeare with SHA-256. The sonnet is as follows:

Shall I compare thee to a summer's day?


Thou art more lovely and more temperate:
Rough winds do shake the darling buds of May,
And summer's lease hath all too short a date:
Sometime too hot the eye of heaven shines,
And often is his gold complexion dimmed,
And every fair from fair sometime declines,
By chance, or nature's changing course untrimmed:
But thy eternal summer shall not fade,
Nor lose possession of that fair thou ow'st,

28 There are other cryptographic hash functions. Other known hash functions are MD5 and SHA-1.
29 In general, you could hash all digital data - including the source code of a computer application, outgoing email
traffic, or even a book. A website where you can generate SHA-256 hashes for example is
https://www.xorbin.com/tools/sha256-hash-calculator.
It is also useful to know that a hash is actually nothing but a number and that you can convert a hexadecimal hash
into a decimal number. A calculation tool that you can use for this is
https://www.rapidtables.com/convert/number/hex-to-decimal.html.
- 49 -
Nor shall death brag thou wander'st in his shade,
When in eternal lines to time thou grow'st,
So long as men can breathe, or eyes can see,
So long lives this, and this gives life to thee.

The output is the following hash value of 64 characters long:

efcb1eec2619c42e57eb414b3f11dd93d706f4fee8093e3617ad576ded3abe76

A reliable hash algorithm must meet the following conditions:


1. It is deterministic. This means that the same input must always lead to the same output.
Hashing sonnet 18 will always lead to the exact same output.
2. If you have the output, you cannot reverse engineer the input. This means that anyone who
knows the hash value of Shakespeare's sonnet 18 cannot find out that it is actually
Shakespeare's sonnet 18.
3. Converting data into a hash value must be fast.
4. If you change the input, the output changes completely. That means that when we change
something about Shakespeare's sonnet 18 - for example, uppercase to lowercase, change
punctuation, or add or remove a space - the output becomes completely different. For
example, if we put a single space at the beginning of the first line, the output will be as
follows:

d7d12ca4131b1bc9a0d12fc405180794f5468b8802fe126aa49ea99b3e4dae45

In that respect, a hash value is a kind of a fingerprint of data. Just like every person has a
unique biological fingerprint, every data has its own unique hash value.
5. The risk of conflicts must be minimal. Francis Galton, the fingerprint pioneer, estimated
that the probability of two people having the exact same fingerprints equals 1 in 64 million.
Although the chance of this is very minimal, it is statistically possible that two or more
people have the same fingerprint. This is also the case with hashes. Statistically, with 64
hexadecimal characters, there are 1664 possible hash-outputs. Although the number of
possible outputs is enormous, it is not infinite. On the other hand, the number of different
data inputs you can hash is infinite. For this reason, it is possible that two different inputs
lead to the same hash outputs. With a sound cryptographic algorithm, the probability that
two different inputs will lead to the same output must be minimal so that it is practically
impossible.

- 50 -
Conditions for a reliable hash algorithm
It is deterministic.
1. Reverse engineering of an output is not possible.
2. Converting data into a hash is done quickly.
3. Changing input escalates into a radical change in output.
4. Chances of conflicts are virtually impossible.
5. It is deterministic.

- 51 -
Intermezzo: Hash cryptography with regular ecommerce payments
Cryptographic hash functions like SHA-256 are not only used with blockchains. Regular bank
transactions also use this to secure the communication between the online store and the
online payment platform, the internet payment gateway. By encrypting communication,
malicious parties cannot view the transaction. We illustrate how this works by looking at
how European Merchant Services (EMS), a Dutch Payment Service Provider, requires online
shops to send transactions encrypted to their online payment gateway.

A tramsaction requires at least the following parameters:


1. Txntype: whether the transaction is a ‘sale’ or ‘void’ (cancellation)
2. Timezone: timezone of the transaction, like for example Europe/Amsterdam
3. Txndatetime: the exact time of the transaction
4. Hash algorithm: which algorithm has been used. In this case, it’s SHA-256
5. Hash: the SHA-256 hash of the following string: storename + txndatetime +
chargetotal + currency + sharedsecret. The sharedsecret is a secret code that, like
the storename, serves as a unique identifier of the webshop
6. Storename: this is a unique ID of the webshop, generated by EMS
7. Mode: whether the transaction is a ‘fullpay’, ‘payonly’ or ‘payplus’ transaction
8. Chargetotal: the total amount of the transaction
9. Currency: the currency, expressed in currency codes. For example, 826 stands for
USD

Imagine someone doing the following transaction at an online store:


1. Storename: 98765432101
2. Txndatetime: 2013:07:06-09:57:08
3. Chargetotal: 1.00
4. Currency: 978
5. Sharedsecret: TopSecret

The above parameters are first put in a string:


987654321012013:07:06-09:57:081.00978TopSecret

The string is then converted into an ASCII hexadecimal representation:


3938373635343332313031323031333a30373a31362d30393a35373a3038312e3030383236546f7053
6563726574

The above ASCII hexadecimal representation- is


52finally
- converted into a hash value with SHA-
256:
3d7e75aa0b4e0e1d4a7ac87e451e64692cced46f4358ef35a69d96721341243c
The ASCII hexadecimal representation is subsequently converted into a SHA-256 hash value:
3d7e75aa0b4e0e1d4a7ac87e451e64692cced46f4358ef35a69d96721341243c

The transaction is then sent with the previous hash from the webshop to the Internet
Payment Gateway (IPG) of EMS. EMS can recalculate the hash, based on (a) the submitted
data and (b) the sharedsecret of the webshop, which is known by EMS. By comparing the
hash of the webshop and the hash that EMS has recalculated, EMS can verify whether it was
the webshop that has submitted the transaction. Transactions of the webshop with a
divergent hash are not accepted by EMS. Below you will find a graphical representation of
the transaction process.

Transaction data with a hash IPG checks


parameter whether
Online hash and Merchant
shop transaction System
data are
equal
Transaction failed
or successful

Figure 15: A transaction, containing a hash value, is sent from the online store to the Internet Payment Gateway (IPG)
of EMS.

3.5.2 What data does a block consist of


Let's take a closer look at which key data is stored in a block. These are:
1. Version.
2. Timestamp.
3. Nonce.
4. Difficulty.
5. Root hash of the Merkle tree of all transactions.
6. Previous block header hash.
7. Block header hash.

Points 1 to 6 are part of what you call the block header. Point 7, the block header hash, is a
double SHA-256 hash of this block header. In addition, the transactions are of course also
stored in a block. The following figure provides a simplified representation of a block, including
the data it contains.

- 53 -
Version

Timestamp

Nonce

Difficulty

Root hash of the


Merkle tree of all
transactions

Previous block header


hash

Block header hash

Figure 16: Representation of the different data contained in a block.

Version
This is the version number of the Bitcoin blockchain.

Timestamp
A timestamp is a piece of data that certifies when the block was created or last modified. It
helps to verify that the data within the block has not been manipulated.30 The timestamp is
expressed in the number of seconds that have passed since January 1, 1970.31

Nonce
The nonce is a 32-bit field and is the only variable you can change to obtain a hash value of the
block that meets certain conditions, for example, that it starts with 18 consecutive zeros. The
miner who first finds a valid nonce that meets the required conditions is allowed to add the
block to the blockchain. A valid nonce is also called a golden nonce.

30 If you would like to read more about how timestamps work, Haber & Stornetta's "How to Time-Stamp a Digital
Document" (1991) is recommended. It explains why timestamps are important and how they contribute to data
authentication.
31 This is also known as the unix timestamp. Visit https://www.unixtimestamp.com/ to see the current unix
timestamp.
- 54 -
Since the nonce is 32-bit field, the nonce can have a value between 0 and 4,294,967,295, or
between 0 and 232 - 1. The range of the nonce (0 to 4,294,967,295) is also called the nonce
range. It’s important to understand what a nonce is in order to know what a miner actually
does. We will come back to this soon.

Difficulty
The difficulty is the difficulty of finding a valid nonce. The difficulty ensures that, on average, a
minder adds a new block to the blockchain every 10 minutes. We will come back to this soon.

Transaction data
The transaction data includes all data related to transactions, such as at what time how much
Bitcoin was transferred from one wallet to another.

Root hash of the Merkle tree


The root hash of the Merkle tree is the hash of all hashes of all transactions that are part of a
block. This is further explained in a separate intermezzo. For now, it is important to know that
Merkle trees are an important method for storing data in an accurate and secure way. It
enables quick verification of blockchain data and quick synchronization of data on the network.

Previous block hash


The previous hash is the hash value of the previous block.

Block header hash


The block header hash is the hash value of the current block. The hash of a block is best
compared to a unique fingerprint of the block. If the data within the block is tampered with, the
block header hash changes. With Bitcoin, the block header hash is obtained by hashing the
block header twice with SHA-256.

- 55 -
Intermezzo: Merkle Trees, how they are used within the Bitcoin blockchain
Merkle trees were invented by the cryptographer Ralph Merkle in 1979. They are useful in
peer-to-peer networks such as blockchain. Merkle trees organize data in such a way that it
becomes easier to verify transaction data, for example, or to ensure that the blockchain
does not contain corrupt data. In addition, they can also be used to repel part of the
blockchain and thus save disk space. Below is an explanation of how this works exactly.

How does a Merkle tree work?


Block Header Hash
Prev Hash Nonce

Merkle Tree Root Hash

Layer 1 Hash(0,1) Hash(2,3)

Layer 2 Hash0 Hash1 Hash2 Hash3

Transactions
Tx0 Tx1 Tx2 Tx3
(leaves)

Figure 17: The Merkel tree of 4 transactions. See also the Bitcoin white paper (2009, p. 4).

In this example we have taken a Merkle tree of only four transactions, although a Bitcoin
block can contain thousands of transactions. The bottom layer of a Merkle tree consists of
the Bitcoin transactions. These are also called “leaves”. Every transaction is hashed. So Tx0
gets Hash0, Tx1 gets Hash1, Tx2 gets Hash2 and Tx3 gets Hash3. The hashes are put
together in pairs and then hashed again. Hash0 and Hash1 are therefore placed together to
take a hash, Hash (0,1). The same is done with the hash pair Hash2 and Hash3, which leads
to Hash (2,3). Then the resulting hashes, Hash (0.1) and Hash (2.3) are put together again
and hashed, leaving only a single hash. This final hash is the Merkle tree root hash. This root
hash is included in the block header hash.

- 56 -
How can transaction data be verified with Merkle trees?
Each hash within the Merkle tree depends on the data input. If one transaction within the
Merkle tree were to be changed, not only the hash of the transaction in question will
change, but also the hashes from parent layers up to the root hash of the Merkle tree and
the block header hash. If there is someone who wants to inject corrupt transactions into the
blockchain, this will escalate completely to another root hash. For the security of the
blockchain, it is important that reliable nodes note that fraudulent blocks have abnormal
root hashes and block header hashes and that they signal to the network that they have
detected invalid blocks.

In addition, when downloading a blockchain, you can also check whether every transaction
it contains is correct by comparing the root hashes resulting from the transactions with
those of reliable nodes. If a root hash does not match, you can go through the Merkle tree
until the transactions to see with which piece of data something is wrong.

You can also calculate whether that part you know is correct, provided you know part of the
data of a block. For example, suppose you only know Tx3, Hash2 and Hash (0,1). Then you
could calculate the Hash of Tx3 and merge it with Hash2 to find out Hash (2,3). Since you
already know Hash (0,1), merge it with Hash (2,3) and calculate the root hash. In other
words, you can find out in this example with only partial information whether Tx3 is a valid
transaction.

Figure 18: A node can also only have a copy of the block headers. The internal data linked to the Merkle trees is not
necessary to verify transactions as long as you have the root hashes of the Merkle trees and as long as you synchronize
them with other reliable nodes.

- 57 -
How can you use Merkle trees to make the blockchain more compact for nodes?
Since any change to a transaction ultimately leads to a change to the Merkle root, it is
sufficient to compare only Merkle roots to the Merkle roots of trusted nodes to ensure that
there are no fraudulent transactions. A node therefore does not always have to be a full
node. A full node is a node that owns the full blockchain, with all data inside. In principle, a
node of older blocks can only store the block headers and repel the interior data of the
Merkle root. Because this method is less data intensive, this node can save itself disk space.
Such a node is called a pruning node. This is a cost effective solution for people who cannot
run full nodes, but want to support the Bitcoin network. It is still possible for pruned nodes
to validate the latest Bitcoin transactions and pass them on to the other nodes on the
network.

The significance of Merkle trees


When downloading the blockchain, you often download the blockchain data from multiple
peers that you do not know personally. The risk is that one of the peers will provide you with
corrupt data. By using Merkle trees you can quickly find out if there is a transaction in your
blockchain that is not correct and because of its structure you can find out faster which
block and which part of the Merkle tree is at fault.

All in all, we can conclude that Merkle trees transactions are independently verifiable and
make the blockchain secure. They are extremely important for blockchains to create trust in
a network in which participants do not know each other.

- 58 -
3.5.3 Target hash
Below is a simplified example of the first two blocks of a blockchain. You call the first block the
genesis block. The previous hash of block 1 here is equal to 00000000000000000…, because
there has been no previous block. The previous hash of block 2 is equal to the hash value of
block 1. Since a subsequent block always has a direct reference to the hash value of the
previous block, there is always a link or chain between two consecutive blocks. Bitcoin has the
condition that the hash is only valid if it starts at least with a specific number of zeros -
currently it is 18 zeros. The number that a hash must be equal to or less to be declared valid is
called the target hash.32 For the sake of simplicity, we say that our target hash in the example
below does not start with 18, but with 4 zeros. In this case the block below is valid because it
starts with at least 4 zeros.

Block #1 Block #2

Timestamp Timestamp

Nonce: 212046 Nonce: 152618

Transaction data: Transaction data:


Jim -> 100 BTC -> Jane Jane -> 25 BTC -> John

Previous hash: Previous hash:


0000000000000000000 000058ab9df5d209cddd
0000000000000000000 bbd1d129c4d157a9b77
Block header hash: Block header hash:
000058ab9df5d209cddd 0000ffcf3ff55ee1ce507f
bbd1d129c4d157a9b77c 89cd252e678c1d3eab00
Figure 19: The hash rate on January 8, 2019, stands at 42,887,764,036 GH/s, or nearly 43 billion
GH/s. One GH/s represents 1 billion hashes per second.

32 For example, if you use the Bitcoin block explorer (www.blockexplorer.com) to search for block #557315, which
is timestamped on Jan 6, 2019, 3:26:17 PM, you will find that the hash value of this block is
000000000000000000188a1f2550c57cee9ded9e570f39f97dacc8bd3f1b58e4

As you can see, the hash value starts with 18 consecutive zeros.
- 59 -
To clarify what a target hash is, it is useful to imagine a quadrilateral in which all possible hash
values fit. In the quadrilateral, the hash values are arranged from highest possible value (top) to
lowest possible value (bottom). All values greater than the target hash are invalid hashes and all
values smaller than the target hash are valid.

Highest possible hash value:


ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff INVALID
HASHES

Target hash:
0000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff VALID HASHES
Lowest possible hash value:
000000000000000000000000000000000000000000000000000000000

Figure 20: Overview of invalid and valid hashes. All values equal to or below the target hash are valid. All values above it are
invalid.

What is the probability that a random block header hash is a valid hash?
We can calculate the total number of possibilities of hash values. Knowing that a
hash consists of 64 hex numbers, there are a total of 1664 possible hashes.

If only hashes starting with 18 consecutive zeros are valid, there are a total of 16 64 – 18
= 1646 valid hashes. The probability that a random block header hash is a valid hash is
then equal to 1646 / 1664 = 16-18 ≈ 0.000000000000000000002%.

In our example block, if we changed the value of the nonce to 1, the hash value changes to:

05edb09f49fd839e75a4adbcf1ae8197df70b9e6347f35f7ab3a9961900f3bca

- 60 -
Because it is higher than the target hash - it does not meet the condition of at least 4 starting
zeros - this hash is invalid and therefore the block is too. The block with such a hash will not be
accepted by other nodes on the network and will therefore not be included in the blockchain.

Blok #1

Timestamp
Nonce: 1

Transaction
data:
Jim -> 100 BTC -> Jane

Previous hash:
0000000000000000000
0000000000000000000
Block header hash:
05edb09f49fd839e75a4
adbcf1ae8197df70b9e6
Figure 21: Simplified representation of an invalid genesis block.

3.5.4 Mining
Now that we know what data is stored in a block and that the nonce is the only parameter you
can change to generate a valid hash, it also becomes clearer what a miner actually does.

When new transactions are accumulated in a block, the miner searches for a nonce that, when
he hashes it together with the rest of the data in the block, yields a valid block header hash
value. You can think of finding the right nonce as a process of trying a random value of a nonce
until a value under the target hash is reached.

- 61 -
Hash a Add the
Is the block
Create a new block to
block header hash ≤
new block the
header the target Yes
hash? blockchain

No
Change
the
nonce
Figure 22: A schematic process of what a miner does.

Finding a nonce that leads to a valid hash requires computer power. More computing power
leads to more hashing power. When a miner finds the correct nonce and the block is included
in the blockchain, the miner is rewarded with the transaction fee from the transactions in the
block and with a block reward of currently 12.5 BTC. That means that the supply of Bitcoin is
currently increasing by 12.5 BTC per valid hash found.

The miner in this case has provided evidence that he has provided work or computing power to
the network to find a valid hash. In other words, the miner has delivered Proof-of-Work and is
therefore allowed to produce a new block.

In the next chapter a further deepening of the mining process is given.

3.5.5 Mining difficulty and block time


The higher the target hash, the easier it will be to find a valid hash. The same applies the other
way around: the lower the target hash, the more difficult it is to find a valid hash. The role of a
target hash is thus to determine the mining difficulty. The mining difficulty is the difficulty for a
miner to find a valid hash. At a higher mining difficulty, the target hash is lowered.

The number of hashes per second that is calculated in the network is also known as the hash
rate.33 The more computing power used to find valid hashes, the greater the hash rate. Satoshi
Nakamoto does not want too many valid hashes to be found, because that means more Bitcoin

33 The hash rate on January 8, 2019, stands at 42,887,764,036 GH/s, or nearly 43 billion GH/s. One GH/s represents
1 billion hashes per second.
- 62 -
is circulating. For this reason, mining difficulty is variable and adapts every 2,016 blocks
(approximately 2 weeks) to the total amount of computing power miners make available to the
network. If the mining difficulty were not variable and did not adjust to the hash rate, Bitcoin's
offering would increase linearly with the increase in the hash rate. There is a direct relationship
between the hash rate and the speed at which a valid hash is found.

The following image is a good representation of the relationship between the hash rate and the
mining difficulty.

Figure 23: The Bitcoin hash rate compared to the mining difficulty from March 2018 to March 2019 (Bitcoinwisdom.com, 2019).

How the mining difficulty is calculated


The difficulty is coded within the blockchain protocol, so no third party is needed to determine
the difficulty. This has been determined by the following formula:

𝑐𝑢𝑟𝑟𝑒𝑛𝑡 𝑡𝑎𝑟𝑔𝑒𝑡
Difficulty = 𝑚𝑎𝑥 𝑡𝑎𝑟𝑔𝑒𝑡

The current target is the number that a hash must be equal to or less to be declared valid.

The max target is the difficulty value of the first block of the Bitcoin blockchain. In hexadecimal
values this is:

00000000FFFF0000000000000000000000000000000000000000000000000000

In other words, the difficulty tells us how much harder it is now to find a hash that is less than
or equal to the current target, than to find a hash that is less than or equal to the max target.
- 63 -
The difficulty of block # 576.081 is 6,702,169,884,349.14. 34 This indicates that it is
approximately 6.7 trillion times more difficult to find a valid hash at block # 576.081 than at
block # 1, the genesis block.

As mentioned before, the difficulty has to adjust every 2.016 blocks, so that a new valid hash is
found on average every 10 minutes. This brings us to the block time.

The block time


The block time is the period of time during which a valid hash is generated, and the block can
be added to the blockchain. With Bitcoin, the block time is 10 minutes. However, this time is
not absolute. Sometimes a miner finds a valid hash in more or less time. To ensure that the
block time stays around 10 minutes, the mining difficulty adjusts. With a higher hash rate, the
Bitcoin difficulty also increases, so that there is no deviation from the 10-minute block time.

3.5.6 The longest chain in competing chains is the true blockchain


It may happen that several miners have found a valid hash around the same time and added a
new block to their blockchain around the same time. So one node has learned too late that
another node has already found a valid hash. This is because in a network there is always some
delay in information transfer between different nodes.

Imagine that mine A has found a valid hash. In our example, the miner is also a full node that
verifies the block and adds it to its blockchain. Mine A communicates to other miners - miners
B, C and D who are also full nodes - in its immediate vicinity that it has created a new valid
block. Miners B, C and D verify that the new block has a valid hash, inherit it and add it to their
own blockchain. In the following image you can see what full nodes check new blocks on.

34 You can find the difficulty of block # 576081 here: https://www.blockchain.com/btc/block-height/576081.


- 64 -
Figure 24: Rules of the Bitcoin protocol that full nodes must adhere to. New transactions and blocks are checked for this, among
other things. A more complete list of protocol rules and checks can be found at: https://en.bitcoin.it/wiki/protocol_rules.

However, miner E also found a valid hash before receiving information that a valid block has
already been verified and added by miner A. Then miner E also produces a valid block and adds
it to his blockchain. Network latency always occurs within a network in which different devices
communicate with each other. Network latency is a delay in data communication over a
network. In the case of blockchain, this can create two different or competing chains and the
question is which of the two chains is the right one. This is similar to two groups of competing
generals in the Byzantine Generals Problem, with one group saying to attack and the other
group saying to withdraw. A schematic representation of the previous situation can be found in
the following image.

- 65 -
Figure 25: A network of five miners, four of which have added a new block (green) to their blockchain. Their
blockchain is different from the miners blockchain that added another block (red) to its blockchain around the
same time.

Miner A, B, C and D have now all added a new block (green) to their blockchain. Miner E has
added another new block (red) to its blockchain. In this case, it is checked which blockchain is
the longest and is taken over by the other participants on the network. Since they all have the
same number of blocks, it remains to be seen which blockchain will be the longest.

As explained earlier, the probability of a miner finding a valid hash for a new block is based on
the miner's hashing rate. In our example, imagine that the hashing rate of each of the miners
equals 1 mega hash per second (MH/s), or 1 million hashes per second. This means that there is
a total hash rate of 4 MH/s for miners with the green block. In contrast, there is only 1 MH/s in
total for the mine with the red block. The chance that a new valid hash is found the fastest by a
miner with a green block is therefore four times greater. The blockchain with the green block
will therefore be longer over time than the blockchain with the red block. As a result, the block
with the red block will be declared invalid by the network and the miner with the red block will
take over the blockchain with the green block. This is how consensus on the blockchain network
comes about. The block that is not included in the true blockchain, in this case the red block, is
called an orphaned block. Orphaned blocks are legitimate blocks with valid hashes and valid
transactions. However, they are part of a blockchain that has lost of a longer blockchain that
has spent more computing power - or a blockchain with more Proof-of-Work. The disadvantage
of orphaned blocks is that they bring down the security of blockchain, because part of the
computing power that is normally spent on the true blockchain is distributed. For example, if
25% of the blocks are orphaned blocks, it means that an attacker needs 25% less computing

- 66 -
power to attack the true blockchain through a 51% attack. So if there is a miner with malicious
intentions, he would theoretically be able to convince the network of his malicious blockchain
as long as he creates blocks faster than the rest. However, this does mean that he must have a
majority in computer power - or hash rate. One such attack is called a 51% attack. More
detailed information about orphaned blocks and how 51% attacks work will be discussed later
in chapter 6.

Figure 26: The miner / full node blockchain with the orphaned block, the red block, has been declared invalid. This
miner / full node has adopted the longest blockhain, as far as the green block blockchain is concerned.

3.6 Double-spending problem


Because every full node now has an exact copy of the same blockchain, there is a "shared truth"
among all participants on the network. They all have the same information and know exactly
who has how much Bitcoin. This makes it almost impossible for a person to send 1 BTC, 1 BTC
to Alice and 1 BTC to Bob. In this way, double-spending is prevented by Proof-of-Work.

The double-spending problem has long been in the minds of digital coin developers. After all,
digitization allows you to make a digital copy of a file, for example by copying / pasting a text
file, or by emailing the same text file to several people. To prevent digital coins from being
copied and issued multiple times that way, a trusted third party was needed to keep track of
who owned how many of the coins. This party was able to stop malicious transactions and deny
malicious parties access to the system. However, there was still the risk that this party itself
could be corrupted and that the database managed by this party was a honey jar for hackers.
With the advent of blockchain, trust is no longer needed in an intermediary that prevents
double-spending.
- 67 -
3.7 Bitcoin's monetary policy
Bitcoin, like traditional currencies, also has a monetary policy. The difference with traditional
currencies is that Bitcoin's monetary policy is not managed by central banks and governments,
but by transparent software. Bitcoin's policy can be divided into two principles:
1. Bitcoin halving.
2. Block frequency.

3.7.1 Bitcoin-halving
Bitcoin has a controlled supply. After every 210,000 blocks produced - so approximately every 4
years - the number of Bitcoin that comes into circulation per valid hash found is halved. In the
first four years, 10,500,000 Bitcoins came into circulation. The next four years, that was
5,250,000 Bitcoins. The next four years, 2,625,000 Bitcoins etc. This Bitcoin halving is pre-
programmed and, by the year 2140, can have a maximum of approximately 21 million Bitcoins.
After that time, miners will only receive income from the transaction fees paid in the block they
produced. The underlying idea is that with large-scale adoption, the price of Bitcoin has risen so
much that the mining activities generate sufficient income from the transaction costs. Satoshi
Nakamoto even thinks there will be nodes that want to process transactions for free.35

3.7.2 Block frequency


The block frequency also affects Bitcoin's monetary policy. The block frequency is the number
of times a valid hash and therefore a valid block is generated within a given time. As mentioned
earlier, the frequency is about once every 10 minutes. This is what we call the block time.
However, it may be that a miner finds a valid hash in more or less time.

3.7.3 Inflation
Miners initially received 50 Bitcoins per block found. This is what we call the block reward.
Currently, a Bitcoin halving has already taken place twice, as a result of which miners now
receive 12.5 Bitcoins. The third halving is scheduled for May 2020. The pre-programmed supply
of Bitcoins contrasts sharply with how the supply of traditional currencies such as the USD and
EUR is regulated. For example, the supply of the USD and EUR is regulated by the US Federal
Reserve (Fed) and the European Central Bank (ECB), respectively. These are central institutes

35 See Satoshi Nakamoto's email to the Cryptography mailing list dated January 8, 2009:
https://www.metzdowd.com/pipermail/cryptography/2009-January/014994.html
- 68 -
that aim to achieve price stability. The ECB wants to grow the annual money supply so much
that price inflation is slightly below 2%. 36 This money growth is also known as money inflation.
Since an increase in money supply can lead to price inflation - the more expensive products in
USD and EUR terms - it is important for the economy that the money supply does not grow too
fast. This could lead to price instability and even hyperinflation, whereby the money itself
would lose value too quickly and the products would become more expensive too fast in USD
and EUR terms.

Below you will find two figures. One shows the controlled amount of Bitcoin that is put into
circulation, while the other shows the money growth of the EUR. What is remarkable about the
money growth of the EUR is that it can be changed by the ECB at any time. 37 One of the major
drawbacks to the current financial system, according to Satoshi Nakamoto (2009), is that
people in the traditional model have to trust central banks to adhere to good monetary policy,
while history has shown that confidence is regularly damaged. Satoshi Nakamoto says the
following about it:

“The root problem with conventional currency is all the trust


that’s required to make it work. The central bank must be
trusted not to debase the currency, but the history of fiat
currencies is full of breaches of that trust.”

Since the money supply of traditional currencies grows annually, these currencies are also
referred to as inflationary currencies. Bitcoin, on the other hand, is deflationary, as the number
of new Bitcoins issued is decreasing with time. In Part II of the book, we discuss the money
system more closely and discuss in more detail the disadvantages of the current system in
which central banks and governments have a monopoly on money production.

36 The theory that there must be a bit of inflation to keep the economy stable is based on the assumption that in
price deflation, the opposite of price inflation, people prefer to hoard money and delay their consumption. With
the same money they have, they can buy more goods and services.
37 The current financial system is discussed in more detail in Chapter 13.
- 69 -
27: Bitcoin's controlled offering is a function of how many blocks have been created and the block reward. The block reward was
initially 50 Bitcoins but has since halved every 210,000 blocks. Bitcoin's offering is therefore asymptotically the maximum
offering that approaches 21,000,000 Bitcoins but will never reach this exactly. We also say that Bitcoin is deflationary, because
the money growth is decreasing. (BitcoinWiki, 2019)

Figure 28: The euro area money supply (M2) has almost tripled from January 1, 2002 to March 1, 2019 (TradingEconomics.com,
2019). It is clear that this growth does not decrease with time, as is the case with Bitcoin. The EUR is therefore inflationary. It is
also important to know that there are several ways to measure the money supply: the so-called M1, M2 and M3. 38

3.8 What is the difference between Bitcoin and current payment systems?
In the previous chapter we discussed how current payment systems such as iDEAL and credit
cards work. The main difference between Bitcoin and these payment systems is that Bitcoin
does not require trust in a third party. The Bitcoin network is a self-regulatory system that
enables peer-to-peer transactions and the money that runs on it, the Bitcoin, is money that

38 You can find more information about the classification of money in M1, M2 and M3 by the European Central
Bank here: https://www.ecb.europa.eu/stats/money_credit_banking/monetary_aggregates/html/index.en.html.
- 70 -
cannot be manipulated or taken by central banks and governments. Hopefully, it has also
become clearer how Bitcoin's Proof-of-Work consensus is less susceptible to fraud and that
anti-fraud techniques such as 3D-secure are not required.

On the other hand, Bitcoin transactions are irreversible, and it is important that you do not lose
your private key or show it to third parties. The private key can be seen as a password with
which you can open your Bitcoin wallet and spend your Bitcoin. Private keys are discussed in
more detail in the chapter on public key cryptography. In addition, Proof-of-Work contrasts
sharply with the conventional model, in which a trusted central authority - such as a bank - is
required to check every transaction for double-spending. With the Bitcoin network, full nodes
on the network have a copy of the blockchain and check every transaction for fraud as double-
spending.

3.9 Economic incentives to participate in the Bitcoin network


Now that the various elements of the Bitcoin network have been explained, it is easier to
understand why Bitcoin has become quite successful. The most genius concept behind Bitcoin is
perhaps the following: it stimulates people to participate through a positive feedback loop of
economic incentives.39

This feedback loop ensures that the Bitcoin network has become an organic system, which
maintains itself without any party compelling people to participate. This feedback loop is as
follows:
1. There is greater confidence in the Bitcoin network, which increases the demand for
Bitcoin.
2. This causes the Bitcoin price to rise.
3. The higher price of Bitcoin makes it more profitable to mine Bitcoin. Because of this,
more people will try to mine Bitcoin.
4. More mining will increase the total computing power delivered to the network. More
computer power is being delivered to the network.

39 In a post on the P2PFoundation forum on February 18, 2009, Satoshi Nakamoto states that Bitcoin also
resembles precious metals, such as gold and silver. Rather than having a central institution that changes the
offering to keep the value somewhat the same, the offering is already predetermined in the Bitcoin software and
Bitcoin's value changes. The limited offer offers potential for a positive feedback loop, where the greater use of
Bitcoin leads to a higher value and this higher value again attracts more users to take advantage of an increasing
price.
- 71 -
5. This leads to the Bitcoin network becoming more secure. It is becoming more difficult to
carry out a 51% attack on the network. In Chapter 7 a 51% attack is discussed in more
detail. In addition, the difficulty of mining is also increased when more total computer
power is used to mine. Due to the higher difficulty, a block will still be created every 10
minutes on average, with an additional 12.5 Bitcoin currently in circulation. Also,
Bitcoin's inflation remains limited, as there is a Bitcoin halving every four years - so
there can't be more than about 21 million Bitcoin in total. Better security and limited
inflation lead to more confidence in the Bitcoin network.

1. There is more
confidence in the
network and
Bitcoin remains
stable. Demand is
rising.

5. Bitcoin-network
is becoming safer.
2. The Bitcoin
In addition, there
price is rising.
is also limited
Bitcoin inflation.

4. More computer 3.It becomes more


power is being profitable to mine
deliverd to the Bitcoin. More
network people will mine.

Figure 29: Bitcoin is in a positive feedback loop of economic stimulus (Ammous, 2018).

The study of blockchain protocols and how they should be organized as efficiently as possible is
the research subject of the field of crypto economics. Crypto economics is discussed in chapter
10.

- 72 -
Intermezzo: How to read the Bitcoin blockchain with a block explorer
A block explorer allows you to look up information in the blockchain. You can find out if your
transactions have arrived, how much Bitcoin a wallet has, who the miner of a block is, and
so on. In this intermezzo we will discuss how to read the data within the Bitcoin blockchain
with the explorer of www.blockchain.com/explorer.

The homepage with an overview of the most important Bitcoin data


On the homepage we immediately see an overview of the following Bitcoin data:
1. Price: the current price of the Bitcoin.
2. Hashrate: the estimate of how many tera hashes per second (th/s) the Bitcoin
network performs. One tera hash equals 1 trillion hashes.
3. Difficulty: the difficulty of producing a new valid block. The number represents how
much harder it is now to find a valid block compared to finding the first Bitcoin block.
4. Tx per day: the number of daily transactions confirmed by the network.
5. Average value: the average transaction amount that occurs on the network.
6. Average fee: the average cost of a transaction.
7. Unconfirmed: the amount of transactions waiting to be confirmed by the network.
8. Mempool: The total size in bytes of all transactions in the queue.

Figure 30: The blockchain.com/explorer home page. Consulted on 20 May 2019.

List of blocks
Below you will see a list of blocks that have been added to the blockchain.

Figure 31: List of recent blocks that have been added to the blockchain.

- 73 -
The list shows the following:
1. Height: the block number. In the previous example, you can see that the Bitcoin
blockchain currently consists of 576,984 blocks.
2. Age: how many minutes ago the block was created.
3. Transactions: the number of transactions included in the block.
4. Miner: the party that produced the block.
5. Size (bytes): the size of the block in bytes.

Data in a block
When we open one of the blocks, by clicking on its height, we see a summary of the data in
the block and see which hashes there are in the block header.

Figure 32: Data from block # 76.984.


The most important dates that will already be familiar to you are:
1. Timestamp: the time when the block was created.
2. Difficulty: the difficulty under which the block was produced.
3. Version: version of the blockchain.
4. Nonce: the number by which the miner was able to find a valid block of hash.
5. Previous block: the hash of the previous block.
6. Merkle root: the root hash of the Merkle tree of all transactions.
7. Hash: the hash of the block header. This was obtained by hashing the six parameters
above.

- 74 -
List of transactions
In addition to the list of blocks, there is also a list of transactions that you can view.

Figure 33: List of transactions.


The list shows the following:
1. Transaction hash: the hash of the relevant transaction.
2. Age: how many seconds or minutes ago the transaction was executed.
3. Amount (BTC): The amount of the transaction in Bitcoin.
4. Amount (USD): the value of the amount in USD.

Data in a transaction
You can view each of these transactions by clicking on the transaction hash.

Figure 34: A Bitcoin transaction that has not yet been added to the blockhain.
What is striking about this transaction is that it says, "Unconfirmed Transaction!". This
means that no block has yet been added to the blockchain containing the transaction. In the
image below, we see a representation of the same transaction that has now been confirmed
and added to the blockchain: “1 Confirmations”. The more confirmations there are, the
more blocks are placed on top of the block with this transaction. With more confirmations
you can be assured that the transaction can no longer be changed or deleted.

Figure 35: A Bitcoin transaction that has now been confirmed and added to the blockchain.

- 75 -
We see that in the previous transaction there were actually two transactions: one of
0.36002439 BTC and one of 0.04958473 BTC. We will take a closer look at this.

Transaction inputs and outputs

Figure 36: A summary of our sample transaction with inputs and outputs. The fees are the difference between the total
input and total output. These fees go to the miner of the block. The received time and included in blocks indicate when the
transaction was received by the network and in which block it was added.

Suppose you have 0.40982412 BTC - which is the total input - just like in the previous
example, and you want to execute a transaction from 0.36002439 BTC to address X. In a
Bitcoin transaction, the 0.36002439 BTC is not deducted from the 0.40982412 BTC and then
sent to X. What happens is that the entire amount at your address, 0.40982412 BTC, is split
into two different outputs. One output is the 0.36002439 BTC to address X and the other is
the remainder of 0.04958473 BTC to your change address. You manage the change address
yourself and it is used to send the change (total input amount that you want to transfer to X
- transaction costs). In modern wallets, change addresses are automatically created for you,
so you don't have to worry about that. From a technical perspective, this way of conducting
transactions is safer.

If we add both outputs, we get a sum of 0.36002439 + 0.04958473 = 0.40960912 BTC. That
is less than the total input of 0.40982412 BTC. The difference between the total input and
total output is the transaction costs. These costs are listed in the block explorer as “fees”. In
this case, the cost is 0.000215 BTC.

- 76 -
Unspent transaction outputs (UTXOs)

Figure 37: An overview of inputs, outputs and transaction costs.

You can see the balance of your Bitcoin address as a batch of different Bitcoin transactions
that you have received. In the previous example, the Bitcoin address contains 7 BTC in total.
An amount will be transferred from 3.7 BTC to another address. To transfer this amount,
several Bitcoin transactions that you have received are put together to serve as input for the
transaction to the other address. You cannot split a received Bitcoin transaction. That is why
inputs are added together, until the total sum thereof exceeds the amount you want to
transfer. In the example we take inputs of 1 BTC, 1.5 BTC, 0.5 BTC and 1 BTC. Of this, 3.7 BTC
goes to the other address, part of it goes to the miner of the block in the form of fees and
the other part you get refunded as a kind of change to your change address. The 3 BTC that
is in your Bitcoin address and is not used as input is called the unspent transaction output
(UTXO). It is an output that you have received and can spend.

In a Bitcoin transaction it is possible to have several input and output addresses. As


mentioned earlier, many Bitcoin wallets automate this process. They show the user one
amount that represents the sum of all UTXOs. Although the Bitcoin blockchain is
transparent, change addresses still offer a higher degree of privacy.

- 77 -
Address data

Figure 38: A summary of the address data.


You can also open the corresponding Bitcoin address of the transaction. Here you will find
the number of sent and received transactions of the address and what the balance is.

Search function for blocks, transactions and hashes

Figure 39: The search function of the block explorer.


Finally, you can also use the search function to look up such things as blocks, transactions
and hashes in the block explorer.

- 78 -
3.10 Summary, terms and sources
Summary
Bitcoin is the digital currency and the Bitcoin blockchain is the underlying infrastructure,
consisting of the nodes that help keep track of all Bitcoin transactions. Basically, Bitcoin has the
following three main properties:
1. It has introduced scarcity in the digital domain.
2. It is a peer-to-peer network without the need for trust in a third central party.
3. It is an orderly way to record and verify all transactions so that double spending can be
avoided.

Bitcoin is also a solution to the Byzantine Generals Problem. You can compare this problem
with that of a decentralized or distributed computer network, in which all participants (nodes)
of the network cannot trust each other, but still have to come to decisions together. The
similarity between these nodes is what you call consensus. A system that is resistant to the
Byzantine Generals Problem is called Byzantine Fault Tolerant. The consensus mechanism that
gives Bitcoin the Byzantine Fault Tolerance property is called Proof-of-Work.

Proof-of-Work has the following properties:


1. It uses hash cryptography.
2. Miners are looking for a nonce that leads to a valid hash of a block where Bitcoin
transactions are stored.
3. When a valid hash is found, the block is verified for correctness by various full nodes on
the network. The speed, or block time, with which a valid hash is found is based on the
mining difficulty.
4. This new block is taken over by other nodes on the network and added to their version
of the blockchain.
5. Should two valid hashes be found under two different miners within approximately the
same time, there will be two competing chains. In such cases, consensus is reached by
adopting the longest blockchain.
6. All in all, the above ensures that everyone on the network assumes that there is one
blockchain with the correct data. In other words, you use the same ledger, which has
registered all transactions, so that fraud such as double-spending is not possible.

The main difference between Bitcoin and regular payment systems is that Bitcoin does not
require trust in a third party. The Bitcoin network is a self-regulatory system that enables peer-

- 79 -
to-peer transactions and the money that runs on it, the Bitcoin, is money that cannot be
manipulated or taken by central banks and governments.

The most genius concept behind Bitcoin is perhaps the following: it stimulates people to
participate through a positive feedback loop of economic incentives.

Comments you can now explain


• The Bitcoin blockchain is the technology behind the Bitcoin cryptocurrency.
• The double-spending problem was solved with the help of the blockchain by Satoshi
Nakamoto.
• Proof-of-Work is a consensus mechanism that provides a solution to the Byzantine Generals
Problem.
• Hash cryptography is applied within the Bitcoin blockchain to find a valid hash of a new
block.
• With the nonce you can find a valid hash.
• The more computer power delivered to the network, the more secure the network
becomes and the more difficult it becomes to mine a valid block.
• The target hash decreases when more computing power is supplied to the network.
• What makes Bitcoin different from national currency is that it is deflationary.
• The Bitcoin network encourages people to participate in securing the network.

Glossary of Terms
Bitcoin Halving: The halving of the number of new Bitcoins released as a reward after a valid
block has been created by a miner.

Block explorer: An application that allows you to look up information in the blockchain.

Block Reward: The reward a miner receives for producing a valid block.

Block frequency: The number of times a valid block is generated within a given time.

Block time: average time in which a valid block is produced.

Byzantine Fault Tolerance: The ability to resist the Byzantine Generals Problem.

Byzantine Generals Problem: The problem of finding agreement within a decentralized network,
where malicious parties cannot hijack the agreement.

Change-address: The address to which the change in Bitcoin is sent during a transaction.

- 80 -
Crypto economics: The study of blockchain protocols and how they should be organized as
efficiently as possible. Also see the definition of crypto economics in chapter 10.

Double-spending: Being able to spend your Bitcoin twice. For example, if you only have 1 BTC,
that you spend one BTC on person A and on person B.

Double spending problem: The fundamental problem that you can spend your Bitcoin twice and
that Satoshi Nakamoto has solved with the blockchain.

ECB: European Central Bank.

Federal Reserve (Fed): Central Bank of America.

Genesis block: The first block of a blockchain.

Golden nonce: The nonce that leads to a valid hash.

Hash cryptography: Cryptographic method where data is converted into a hash.

Hash rate: The number of hashes per second that are calculated in a network.

Hash: A cryptographic representation of data.

Hashing power: The computer power to calculate hashes.

Hash-output: The hash you get after you put data in a hash function.

Merkle tree: The hash of all hashes of all transactions that are part of a block. For example, a
Merkle tree is used to securely transfer data between two computers and to verify that the data
arrived is undamaged. SPV nodes use the Merkle tree to quickly verify whether a transaction is
included in a block.

Mining difficulty: The difficulty of mining. The difficulty depends on the total computer power
that is present on the network.

Network latency: Delay in communication between nodes within a network.

Nonce range: The range of the nonce. This is from 0 to 4,294,967,295.

Nonce: The number that a miner can add to a block's data to generate a valid hash.

Orphaned block: A block that is mined but not added to the true block chain. It is possible that a
miner validly produces a block, but it is still not accepted by other nodes.
- 81 -
Private key: The key with which you sign your transactions and thus send Bitcoins. This is
comparable to the pin code of your account number and must be saved as well as possible.

Public key cryptography: Cryptographic technology that uses private-public key pairs.

Target hash: The number that a hash must be equal to or less to be declared valid.

Unspent transaction output (UTXO): The Bitcoin that is in your Bitcoin address but is not used as
input for a transaction. It is an output that you have previously received and can spend.

Sources
Ammous, S. (2018, June 3). Bitcoin & Economics: What would a Bitcoin standard look like?
[YouTube]. Consulted from https://youtu.be/1WBrdLQhUrg

Andreessen, M. (2014, January 22). Why Bitcoin Matters. Consulted on December 25, 2019,
from DealBook website: https://dealbook.nytimes.com/2014/01/21/why-bitcoin-
matters/

Bitcoin Wiki. (n.d.). Consulted on December 25, 2019, from Bitcoin.it website:
https://en.bitcoin.it/wiki/

BitcoinWisdom.com. (2019). Bitcoin Difficulty and Hashrate Chart. Consulted on December 25,
2019, from Bitcoinwisdom.com website: https://bitcoinwisdom.com/bitcoin/difficulty

Blockchain.com. (n.d.). Blockchain Explorer. Consulted on December 25, 2019, from


Blockchain.com website: http://www.blockchain.com/explorer

European Central Bank. (2019). Monetary aggregates. Consulted on 25 December 2019, from
European Central Bank website:
https://www.ecb.europa.eu/stats/money_credit_banking/monetary_aggregates/html/in
dex.en.html

Lamport, L., Shostak, R., & Pease, M. (1983). The Weak Byzantine Generals Problem. Journal of
the ACM, 30 (3), 668–676. https://doi.org/10.1145/2402.322398

Nakamoto, S. (2009). Bitcoin open source implementation or P2P currency. Consulted on


December 25, 2019, from P2Pfoundation.ning.com website:
https://p2pfoundation.ning.com/forum/topics/bitcoin-open-source

Rapidtables.com. (n.d.). Hexadecimal to Decimal converter. Consulted on December 25, 2019,


from Rapidtables.com website: https://www.rapidtables.com/convert/number/hex-to-
decimal.html

- 82 -
Trading Economics. (n.d.). Money Supply M2. Consulted on December 25, 2019, from
Tradingeconomics.com website: https://tradingeconomics.com/euro-area/money-supply-
m2

Xorbin.com. (n.d.). SHA-256 hash calculator. Consulted on December 25, 2019, from
Xorbin.com website: https://www.xorbin.com/tools/sha256-hash-calculator

Icons
Generally made by Nikita Golubev from www.flaticon.com
Computer made by Prettycons from www.flaticon.com

- 83 -
- 84 -
4. Mining, nodes, BIPS and forks

“I do think Bitcoin is the first [encrypted money] that has the potential to do
something like change the world.”
- Peter Thiel (n.d.)

“If you don’t believe it or don’t get it, I don’t have the time to try to convince
you, sorry.”
- Satoshi Nakamoto (2010)

4.1 Introduction and learning objectives


In this chapter you will learn
• How a transaction process works.
• How miners select transactions to add them to a block.
• What the influence is of the different types of data in a block on finding a valid hash.
• What the different types of nodes are.
• How an improvement proposal can be submitted for the Bitcoin blockchain.
• In what ways an update can take place in the blockchain.

Introduction
In the previous chapter, we mentioned that a miner in the mining process collects new
transactions in a block. The miner then searches for a nonce that, when hashed it together with
the rest of the data in the block, returns a valid hash value. When a miner is the first to find this
golden nonce, he may enter the block into the blockchain and be rewarded with the fees from
the transactions in the block and with a block reward which is currently 12.5 BTC.

In this chapter we take a closer look at the role of the miner and the mining process. In section
4.2 we first discuss what a mempool is. Subsequently, Section 4.3 explains how miners choose
transactions from the mempool to add to a block. The impact of the nonce range and the
timestamp on finding a golden nonce is also discussed here. In section 4.4, we discuss what
types of nodes there are. Here the different variants of full nodes and lightweight nodes are
discussed. This is followed by a section on how to submit an improvement proposal for the

- 85 -
Bitcoin blockchain. In section 4.6, we discuss the different types of forks. We then conclude the
chapter with a summary, a list of explanatory words and a source list in section 4.7.

4.2 Memory pool (mempool)


For the execution of a transaction on the Bitcoin network, the following steps are taken:
1. You sign a transaction digitally with your wallet with a combination of your public and
private key.
2. One or more unspent transaction outputs (UTXOs) have been chosen to execute the
transaction.40
3. You broadcast your transactions to all nodes on the network.
4. Each node collects new transactions in a block.
5. Each node tries to find a valid hash block for its block.
6. When a node finds it, the block is broadcasted to all nodes.
7. The nodes only accept the block if all transactions are valid.
8. The nodes express their acceptance of the block by working on a new block in the chain.
For the new block, they use the hash of the accepted block as the previous hash. 41

Transactions broadcast to the network are neither directly added to a block by the miner, nor
are they directly stored in a blockchain. They first end up in a memory pool (mempool) with
other transactions that have yet to be added to a block by miners and that have yet to be
confirmed by the network. 42 You can think of the mempool as a waiting area for all incoming
transactions that have yet to be confirmed by the network. Each miner has its own mempool
and it is possible that the individual mempools differ per miner. That's because there is always
network latency within a computer network: it always takes a bit of time for a transaction sent
to the network to reach all miners on the network. In addition, transactions in the mempool are
stored in the RAM of the miner.43 Because each miner connected to the network can choose
which hardware to use for mining, miners may have different RAM capacities to store the
unconfirmed transactions.

40 For more information about UTXOs, see the intermezzo "How to read the Bitcoin blockchain with a block
explorer" in chapter 3.
41 Also see section 5 of the Bitcoin white paper (2008).
42 There are several requirements for a transaction before it is added to the mempool. For example, the sum of the
input values must be greater than the sum of the output values. In other words, you must have more BTC in your
wallet than you want to spend in the transaction. For a more complete overview, see "An in-depth guide into how
the mempool works" (Deneuville, 2016).
43 RAM stands for Random-access memory.
- 86 -
3. Miners
compete for
2. Miners choose finding a
the highest fee golden nonce.
transaction
Mempool requests and add
them to a block.
1. Clients initiate BLOK BLOCK-
transaction requests in the Tx1
(1MB) CHAIN
network.
Tx2 Tx1

Tx3 Tx3
4. Block is
Tx… Tx… added to
blockchain
when golden
nonce is
found.

Figure 40: Schematic representation of how a transaction is added to the blockchain. The mempool is where unconfirmed
transactions come in and are kept. The size of a block is fixed at 1MB, so miners have to choose which of the transactions from
the mempool they want to add to the block for which they are trying to find the valid block of hash. If miners exceed the block
size by adding too many transactions, the block will not be accepted. Since miners are allowed to collect transaction costs in
addition to the block reward of currently 12.5 BTC, they are encouraged to select transactions from the mempool with the
highest transaction costs.

How many transactions are in a mempool varies from time to time. The following image shows
a graph of how many Bitcoin transactions there are in a mempool over the period from 2016.
The more activity that takes place on the blockchain, the more transactions that enter the
mempool. Ideally, you want as many transactions as possible to come out of the mempool and
thus leave it as empty as possible. However, the Bitcoin network is currently unable to process
sufficient transactions per second.

- 87 -
Figure 41: The number of transactions in a mempool from May 2016 to December 25, 2019. Because each mine maintains its
own mempool, it is possible that there are differences in the transaction numbers in the mempool. The chart shows that mid-
2017 through early 2018, the mempool had the most transactions. This was the period in which Bitcoin saw a major price surge
above $ 18,000 USD and then declined again. (Blockchain.com, 2019)

4.3 How miners choose transactions from the mempool


As we noted in an earlier chapter, miners attempt to generate a valid block header hash. The
following data is taken as input for the generation of this hash:
1. Blockchain version.
2. Timestamp.
3. Nonce.
4. Difficulty.
5. Root hash of the Merkle tree of all transactions in the block.
6. Previous block header hash.

Point 5 depends on the transactions chosen by the miner to add to the block he is working on.
Any transaction that a miner adds or removes results in a different root hash of the Merkle
tree, which further escalates into another block header hash. These transactions come from the
mempool and it is entirely up to the miner which transactions he wants to add.

Every transaction comes with transaction costs - the transaction fees. Miners are economically
encouraged to add the highest fee transactions to their block because they collect these fees
when they are the first to find a valid hash block and are allowed to produce the block. Because
transactions with higher fees are previously included by miners within their block, it is wise to
specify a higher fee in a Bitcoin transaction if you want it to be processed quickly. In times when
the network is flooded with more transactions than it can directly process, Bitcoin's average
- 88 -
transaction costs can run quite high.44 It is also possible that transactions with too low fees
remain in the mempool for too long. Since the network's update to Bitcoin Core version 0.12 in
February 2016, there has been a standard expiration time of 72 hours. If the transaction was
not picked up by a miner and added to the blockchain during that time, it will automatically
return to the wallet.

4.3.1 Why miners cannot put all transactions from the mempool in one block
At the time of writing, December 2019, the block size limit has been set to 1MB. Miners can
choose how much of the block they want to fill with transactions. 45 However, blocks will be
refused if they exceed the limit. In addition to the consequence that this slows down the
network and the transaction costs are higher, there are also advantages. The pros and cons will
be discussed in more detail in chapter 6 on scalability.

4.3.2 The chance that a miner will find a valid hash by trying the full nonce range
As mentioned earlier, the nonce field is 32-bit. This allows the nonce to take a value between 0
and 4,294,967,295.46

A hash itself consists of 64 hex numbers. This means that the number of possible hash values is
equal to 1664.

Given that the current mining difficulty requires hashes to be valid only when they start with 18
consecutive zeros, we can conclude that there are 1664 – 18 = 1646 valid hashes.

The probability that a randomly chosen hash is a valid hash is equal to 1646/1664 = 16-18. This is
approximately 0.000000000000000000002%.

However, a nonce can only take a value between 0 and 4,294,967,295. This is significantly less
than the chance that any hash is a valid hash. If a miner tries all the values of a nonce, there is
only a 232 * 16-18 chance that the miner will find a valid hash. This is calculated by multiplying
the number of possible nonce values (232) by the probability of a random valid hash (16-18). The
probability of this equals approximately 0.0000000001%. This chance is extremely low.

44 See https://bitcoinfees.info/ for current Bitcoin transaction fees.


45 See https://bitinfocharts.com/comparison/bitcoin-size.html for a historical graph of the block size.
46 4,294,967,295 is calculated by doing (232 – 1).
- 89 -
There's no point in a miner going through the same nonce range over and over again if the rest
of the data in the block remains the same. In addition to the nonce, there are two other types
of data that can change the state of the block:
1. The timestamp.
2. The list of transactions that a miner has added to the block.

4.3.3 The influence of the timestamp on finding a valid block of hash


The timestamp is the time in seconds that has elapsed since January 1, 1970. Every second, the
timestamp changes, further escalating into a change in the block of hash. This means that the
miner can go through all possible nonce values between 0 and 4,294,967,295 every second,
knowing that the resulting hashes will be different from those obtained at the times of the
previous timestamps.

This is what a miner with modest computing power would do. What would miners do that could
pass through all possible nonce values within a fraction of a second? Some miners have
bundled their computing power into mining pools and can easily generate more than
4,294,967,295 hashes in a second. Instead of waiting for a second to expire and for the
timestamp to change, they change the list of transactions they have added to the block. The
advantage of mining pools is that they provide a more stable income for the miners, because
mining pools produce more valid blocks over time and the miners receive a proportionate share
of the block rewards over multiple moments.

4.3.4 The influence of the list of transactions from the mempool on finding a block of hash
The transactions that miners add to their block come from the mempool. Initially they will add
the transactions with the highest transaction costs. However, if they have already tried all
nonces from the nonce range within a fraction of a second, they will use the remaining time of
the second to adjust the transaction list in the block so that they can try out a new nonce range
again. They will replace the transaction with the lowest fee in the block with a transaction with
the highest fee that is still in the mempool. Then they go through the nonce range again, hoping
that one of the nonces will lead to a valid hash block. If a valid hash block is not obtained again,
they will again replace the transaction with the lowest fee in the block with a transaction from
the mempool that has the third highest fee. This process repeats until the timestamp is
updated by a second.

- 90 -
Create a new block with the highest
fee transactions from the mempool

Hash the block


with a nonce

Block header Yes Block has been


hash ≤ the successfully
target hash? mined

No

Increase nonce No Tried nonce


value range?

Yes

Update the Yes Have passed at


timestamp and set least 1s since the
the nonce to the last nonce was
initial value used last time?

No

Replace the lowest fee transaction


with the next highest fee
transaction from the mempool
and set the nonce to the initial
value
Figure 42: Schematic representation of the actions a miner takes to find a valid block of hash. See also: "Mining difficulty,
Hash Power, Nonce Range and the like. An Introduction to Bitcoin Mining "(Murabito, 2019).
- 91 -
Intermezzo: mining farms, mining equipment and the energy tax of Bitcoins mines
Mining Bitcoin is all about how fast you can find a valid block of hash. The more SHA-256
hashes per second your equipment can calculate, the more likely you are to be the first to
find the hash of a Bitcoin block. The total computing power delivered to finding such hashes
has increased sharply since the early days of Bitcoin. Below is the development of the hash
rate in Tera Hashes / second. One Tera Hash equals 1 trillion hashes.

Figure 43: Total hash rate in Tera Hashes / second for the Bitcoin network (Blockchain.com, 2019).
1 Tera Hash = 1 trillion hashes.
CPU vs GPU vs ASICS
In the early days of Bitcoin, mining was done through a Central Processing Unit (CPU) on a
PC. A CPU is also often thought of as the brain of the computer. This performs calculations
and instructions for your computer programs. It is suitable to perform various tasks of a
computer. However, it is not efficient in performing large calculations - which is important if
you want to quickly calculate hashes. A more efficient way to mine Bitcoin is by using a
Graphics Processing Unit (GPU), also known as a video card. GPUs were able to calculate
hashes many times faster than a CPU. With Bitcoin's growing popularity in 2017, GPU sales
grew so quickly that GPUs like AMD and Nvidia were no longer available to gamers. As
mining with GPUs became increasingly competitive, more and more miners switched to a
Field-Programmable Gate Array (FPGA). The operation of GPUs has already been
determined by the manufacturer and is no longer programmable. FPGAs, on the other hand,
are programmable for certain purposes. For example, they were programmed by Bitcoin
miners to mine Bitcoins even faster.

- 92 -
However, the best way to mine is to use an Application-Specific Integrated Circuit (ASIC).
This is a microchip specially developed to run only hash algorithms as quickly as possible. An
ASIC can perform hash calculations 100,000 times faster than a fast CPU.

Below you can see an image of the Bitcoin difficulty over the years and how the difficulty
has increased with the introduction of improved mining equipment.

Figure 44: The Bitcoin difficulty has increased over the years with the introduction of improved mining equipment. See also
https://en.bitcoin.it/wiki/Mining_hardware_comparison for a comparison of the performance of various mining equipment.

Mining farms
The race for better mining equipment that can calculate hashes faster and faster has
intensified the competition to such an extent that true mining farms have emerged. Mining
farms are data centres, sometimes with thousands of mining computers. Since many Bitcoin
mining farms use ASICs themselves, it is virtually impossible to mine Bitcoin profitably with a
CPU, GPU or FPGA.

Energy load of Bitcoin


Bitcoin's Proof-of-Work process costs a lot of computer power and therefore also a lot of
energy. Energy consumption is regularly cited as very harmful to the environment.
According to "The Carbon Footprint of Bitcoin" (Stoll, Klaaßen & Gallersdörfer, 2019),
Bitcoin's annual energy consumption, measured in November 2018, was 45.8 TWh and
emitted between 22.0 and 22.9 MtCO2. The emissions are therefore approximately equal to
what Jordan and Sri Lanka produce.

- 93 -
BitcoinEnergyConsumption.com also tries to map the total energy consumption of Bitcoin
and estimates that Bitcoin's total energy consumption equals approximately 63.7% of the
total energy consumption in the Netherlands.

Figure 45: Bitcoin's total energy consumption is approximately equal to 63.7% of total energy consumption in the
Netherlands. The data was consulted on December 25, 2019.
However, it is also important to ask ourselves which energy sources are used. If most of the
Bitcoin consumption happens in places where cheap electricity is plentiful and produced
with energy that cannot be easily stored and transported, then Bitcoin's energy
consumption is not as frightening as some say. In addition, it is also important to view
Bitcoin's energy consumption in relation to the energy consumption of industries that
Bitcoin is trying to disrupt. What is the total energy consumption of the financial system?
We must take into account the management of the physical buildings of financial
institutions, the number of workers working in industry, the means of transport they use to
get to work, the raw materials used to make physical money and the shipment of it. Finally,
Bitcoin technology is constantly evolving, and it is not impossible that the technology will
eventually become more energy efficient. It is important to include these factors for a
balanced discussion of energy consumption.

Satoshi (2010) himself believes that Bitcoin energy consumption is permitted and makes the
comparison with gold mining. He argues that the marginal costs of gold mining tend towards
the gold price. Although gold mining is a waste, the waste is less than the use of having gold
available as a trading resource:

- 94 -
“It’s the same situation as gold, and gold mining. The marginal cost
of gold mining tends to stay near the price of gold. Gold mining is a
waste, but that waste is far less than the utility of having gold
available as a medium of exchange. I think the case will be the same
for Bitcoin. The utility of the exchanges made possible by Bitcoin will
far exceed the cost of electricity used. Therefore, not having Bitcoin
would be the net waste.”

4.4 Nodes
A node is a device that is linked and participates in the blockchain network. This can be a
computer, a telephone, a television or even a printer, as long as it is connected to the network
via the internet. Nodes can perform a variety of tasks, such as distributing data across the
network, validating and confirming transactions, and helping to secure the network. So far,
we've mainly looked at one type of node, the miner. However, there are other nodes besides
miners.

In this session we discuss the typology of different types of nodes. 47 First of all, a distinction is
made between full nodes and lightweight nodes. You can divide full nodes into archival nodes
and pruned nodes. Archival nodes can be divided into mining nodes, authority nodes, strike
nodes and masternodes

47 We use the same typology as www.nodes.com.


- 95 -
Keep a copy of blockchain Do not keep a copy of blockchain
Nodes

Lightweight
Full Nodes
Nodes

Archival Nodes Pruned Nodes


(complete (not comlplete
blockchain) blockchain)

Mining Nodes
Maken geen
blokken aan
Master-
nodes
Staking Nodes

Authority
Nodes

Figure 46: Typology in nodes.

4.4.1 Full nodes


Full nodes download every block from the blockchain and also verify transactions. Their main
task is to ensure consensus on the blockchain and to ensure that the blockchain remains
secured. Full nodes also send blocks and transactions to the network for others to download. In
addition, they make decisions about the future of the network. They do this by voting for
improvement proposals for the network, such as the Bitcoin Improvement Proposals (BIPs).
How this works is discussed later on in the chapter.

Full nodes can be further divided into pruned full nodes and archival full nodes.

4.4.2 Lightweight nodes


Lightweight nodes are all devices that are connected to the network, but do not keep a copy of
the blockchain. They link to a full node to retrieve the current state of the network and also
send transactions to be processed. The interaction with the blockchain is done through
Simplified Payment Verification (SPV). SPV makes it possible to verify transactions, without
- 96 -
needing the entire blockchain. 48 This only downloads the block headers. To know if a
transaction is contained in a block, the lightweight node checks whether its block header hash
matches the block header hash that full nodes have. If this is correct, the lightweight node can
assume that the transaction is actually included in the relevant block.49 Because lightweight
nodes do not contain a full blockchain and are always dependent on full nodes to see the latest
status of the blockchain, they do not contribute as much to the security of the network as full
nodes do. On the other hand, they do not use a lot of resources and are easy to use. Bitcoin
mobile wallets are an example of lightweight nodes. Given the lower storage memory of mobile
phones, it is important for mobile wallets to be able to request the latest status of the
blockchain and to send transactions via the wallet to the network, without having to store a
complete history of the blockchain.

4.4.3 Archival nodes


Archival nodes are full nodes that have a full blockchain. When people mention in a simplified
explanation of blockchain that it is a distributed ledger over a network of computers, all of
which have a full copy of the blockchain, they are actually referring to archival nodes. Their
main tasks are to validate blocks and reach consensus on the state of the blockchain. Miners
are examples of archival nodes.

48 The lightweight node that uses SPV is also called an SPV node.
49 Two days after Satoshi Nakamoto announced his Bitcoin white paper on the Cryptography mailing list, James A.
Donald replied that the system would not be scalable if everyone had to run a full node. In response, Satoshi
Nakamoto (2008) wrote:

“… it would be safe for users to use Simplified Payment Verification (section 8) to


check for double spending, which only requires having the chain of block headers, or
about 12KB per day. Only people trying to create new coins would need to run
network nodes. At first, most users would run network nodes, but as the network
grows beyond a certain point, it would be left more and more to specialists with server
farms of specialized hardware.”

See the Merkle trees intermezzo in Chapter 4 on how to verify transactions using only block headers.
For further information on Simplified Payment Verification, also see section 8 of the Bitcoin white
paper (2018).

- 97 -
4.4.4 Pruned nodes
Pruned nodes have a limit on storage that they have made available for the blockchain. Instead
of keeping the entire history of the blockchain, they only keep a portion of the blockchain. They
can set the degree to which they prune in their blockchain themselves. For example, they can
set a storage limit of 500MB. All new data of the new blocks that fit within the limit will be
saved. Of the older blocks, only part of the data will be saved - for example, only the block
headers. The root hash of the Merkle tree is stored within the block header. This refers to all
transactions within the block. Should there be an invalid transaction, the root hash would be
different from the block header of an honest node, allowing the network to declare the block
invalid. That way pruned nodes can still verify transactions and be involved in ensuring
consensus.50 They also pass on new transactions to the rest of the network.

Pruned nodes thus still contribute to the security of the network, without having to use too
many storage capacities.

4.4.5 Mining nodes


Mining nodes add transactions to a block and search for a valid hash block so they can add the
block to the blockchain. The first miner who was able to find the valid hash block forwards the
result of his work to the network, so that the other full nodes can verify whether the block with
the transactions it contains is actually valid. For finding the right hash block, miners earn a block
reward and transaction fee.

4.4.6 Staking nodes


Staking nodes play an important role in the consensus mechanism called Proof-of-Stake. So far
we have focused mainly on Proof-of-Work, the consensus mechanism that Bitcoin uses and in
which miners play an important role when creating a valid block. At Proof-of-Stake, those who
create new blocks are not called miners, but forgers. To participate in the Proof-of-Stake
process as a forger, you must hold a certain number of coins in your wallet. The probability that
you may produce a new block depends on the number of coins you are holding. Suppose you
have 1% of all coins, then you have a 1% chance of producing the next block. Certain
blockchains may also have other factors that influence your chance, such as the length of time

50 See section 7 of the Bitcoin white paper (2008) for Satoshi Nakamoto's explanation of how pruned nodes save
disk space. It explains how Merkle trees work and how you can technically repel transactions from a block from the
blockchain, without jeopardizing the transaction verification process. See also the Intermezzo about Merkle trees
from chapter 3.
- 98 -
you held your coins. The advantage here is that there is no competition in computing power by
block producers. An average computer should in theory be sufficient to produce a block.

We discuss Proof-of-Stake in more detail in chapter 6.

4.4.7 Authority nodes


When establishing a consensus mechanism, there must always be a trade-off between
decentralization and scalability. A network that is very decentralized and consists of many
nodes, such as the Bitcoin blockchain, can process fewer transactions per second than a
network consisting of few nodes. A solution to the scalability problem is to impose conditions
on who can create and validate blocks. This select group of nodes are called authority nodes.
This is in contrast to, for example, the Bitcoin blockchain where everyone can set up a full node.

The consensus mechanism that uses authority nodes is Proof-of-Authority. The conditions that
you must meet to be an authority node and the number of authority nodes within a network
can differ per blockchain. The tasks of authority nodes are the same as those of other full
nodes. The disadvantage of using authority nodes is that they can be more sensitive to
manipulation, because you have to trust that a select group of nodes perform their tasks
responsibly.

In chapter 6 we discuss Proof-of-Stake and Proof-of-Authority, among others. We will also


discuss the advantages and disadvantages of a network that uses authority nodes.

4.4.8 Masternodes
Masternodes, like other full nodes, also have a copy of the blockchain and also help verify
transactions. What distinguishes masternodes from other full nodes is that they have specialist
functions within the blockchain. In the Dash blockchain, for example, they make it possible to
execute transactions with more privacy (PrivateSend) and at higher speeds (InstantSend).51 In
exchange for their specialist services, they often receive more pay than other full nodes. In
addition, Dash's master nodes also participate in governance and can therefore vote on
proposals. Finally, the Dash masternodes can also vote on which projects are financed.
However, to be a masternode you must have coins as collateral in your wallet. It differs per

51 Dash, a combination of “digital cash”, is a cryptocurrency and, like Bitcoin, has the ambition to be used as a
digital currency.
- 99 -
blockchain how much collateral a masternode must deposit. At Dash, for example, you must
have at least 1,000 Dash coins.

4.4.9 Lightning nodes


Finally, we also discuss lightning nodes. They are mentioned here briefly, because their
implementation within the Bitcoin community has led to many discussions. Lightning nodes are
neither full nodes nor lightweight nodes. They were introduced within the Bitcoin network to
handle transactions outside of the blockchain so that the network would be relieved. The idea
behind lightning nodes is that they would speed up transactions at a lower cost. The network of
lightning nodes is called the lightning network. In chapter 6 you will find a further explanation
of how lightning nodes and the lightning network work.

- 100 -
Intermezzo: The functions of Dash Masternodes
A Dash masternode is a server with a full copy of the Dash blockchain. Like other full nodes,
the Dash masternode also validates blocks. However, the masternode also has specialist
functions such as PrivateSend, InstaSend. In addition, they can also vote for improvement
proposals from the network and vote for budget proposals.

PrivateSend
Private end is a way to mix transactions before sending them to their final destinations.
Mixing them first makes it more difficult to trace the transactions back to the origin. This
offers more privacy for transactions.

InstantSend
InstantSend is a way to confirm transactions almost instantly through the masternode
network. A Dash transaction normally takes about 2.5 minutes, but InstantSend confirms
and verifies transactions in seconds.

Block reward
At Dash, the block reward is distributed as follows: 45% of the reward goes to the miner,
45% goes to a master node using a protocol called Proof-of-Service, and the other 10% is
only created at the end of the month. Anyone can submit a budget proposal during the
month. If the proposal receives approval of at least 10% of the master nodes, the proposal
will be funded with the Dash that is paid out at the end of the month. With this, the network
actually finances its own projects.

For each block produced, a masternode is rewarded from a deterministic masternode list.
The masternode that has been rewarded is then placed at the back of the list. That means
that when there are more masternodes, there is on average more time between the
rewards that a masternode receives. In addition, the masternode is removed from the list if
it has issued the collateral, or if it has not provided masternode services for more than one
hour. This way, masternodes are stimulated to provide good services.

- 101 -
4.5 Bitcoin Improvement Proposals (BIPs)
Within a central network it is easy to update the network. The administrator of the central
server decides whether to introduce an update. However, Bitcoin does not have a central
board. However, there is also a need for improvements within the Bitcoin network. How is
agreement reached with regard to updates in a decentralized environment such as Bitcoin?

Because Bitcoin is open source, the source code is public and anyone within the Bitcoin
network can submit an improvement proposal, a so-called Bitcoin Improvement Proposal
(BIP).52 It is mainly developers who submit these proposals. A significant portion of Bitcoin
developers are volunteers or have started out as volunteers. The developers who make more
prominent contributions to Bitcoin and also spend more time on the project are sometimes
financially sponsored by a person or by companies such as crypto exchanges. It is then up to the
network's full nodes to vote for these improvement proposals. The first BIP, BIP-0001 was
submitted by Amir Taaki on August 19, 2011.53 This stipulated what the conditions of BIPs
should be.

4.5.1 Three types of BIPs


Three types of BIPs can be distinguished. These are:
1. Standards Track BIP.
2. Informational BIP.
3. Process BIP.

52 You can follow a list of all BIPs and their statuses on https://github.com/bitcoin/bips.
53 The BIP-0001 can be found in full at https://github.com/bitcoin/bips/blob/master/bip-0001.mediawiki. This
contains the conditions of a BIP.

Amir Taaki is a British-Iranian hacktivist and software developer strongly driven by his anarchist philosophy. He has
been one of the leading Bitcoin developers and has written, among others, "The Libbitcoin Manifesto" (2013).
Describing Bitcoin's revolutionary nature, he warns against a degeneration of Satoshi Nakamoto's original Bitcoin
philosophy:

"Bitcoin is the future. Act like you believe it. Act to prevent corruption of the system.
Act to prevent Bitcoin becoming co-opted in any way. We must preserve the
principles of Satoshi Nakamoto.”
- 102 -
Standards Track BIP
A Standards Track BIP describes a change that affects almost all Bitcoin implementations, such
as changes to the network protocol.

Informational BIP
An Informational BIP describes a Bitcoin design issue or provides general guidelines or
information for the community but does not propose a new feature itself.

Process BIP
A Process BIP describes the process regarding Bitcoin or proposes a change to the process. It
resembles a Standards Track BIP but is only applied to matters that are not related to the
Bitcoin protocol.

4.5.2 BIP Workflow


The BIP process starts with a new idea for Bitcoin. It is recommended to first discuss the idea
with the Bitcoin community in forums, for example, before actually submitting it, so that the
community can discuss it and shed light on the applicability of the idea. Then you need to share
the idea with the bitcoin-dev email list and the BIP editor. The BIP editor monitors the format of
the BIP and checks whether the BIP meets all the required conditions. Upon approval, he will
provide the BIP with a label indicating whether it concerns a Standards Track, Informational or
Process BIP. In addition, the editor also provides the BIP with the “Sketch” status.

It is possible for the writer of the BIP to withdraw, update or postpone it. In the image below
you will find the different statuses that a BIP can have and the different ways that a BIP can
walk.

- 103 -
Sketch Accepted Definite

Denied

Replaced

Withdrawn

Postponed Active

Figure 47: BIP workflow

The democratization process whereby full nodes can vote or accept submitted community
proposals can also lead to blockchain splits. Generally, a distinction is made between the
following splits:
1. Temporarily forks.
2. Soft forks.
3. Hard forks.

4.6 Forks
In the previous chapter we have briefly discussed forks that temporarily arise when a valid
block is found by more than one miner around the same time.

4.6.1 Temporarily forks


According to the Proof-of-Work consensus protocol, the correct state of the blockchain is
always the chain with the most consensus, with the most Proof-of-Work. This is the chain that
is supported by the most computer power and is therefore the longest.54 In the image below,
Mine A and Mine B have created a valid block around the same time. If all nodes with the same
blockchain version as mine B collectively have more computing power than nodes with the
blockchain version of mine A, new blocks will be added to the blockchain version of mine B
quicker, resulting in this blockchain becoming longer and blocks 6 'and 7 'of miner A becoming
orphaned blocks.

54 An overview of orphaned blocks with the Bitcoin blockchain can be found here:
https://www.blockchain.com/btc/orphaned-blocks.
- 104 -
BLOCK BLOCK
Chain of
#6’ #7’ miner A

BLOCK BLOCK BLOCK


#... #4 #5

BLOCK BLOCK BLOCK Chain of


#6 #7 #8 miner B

Figure 48: Miner A and B create a valid block around the same time. The chain with the most Proof-of-Work, or the longest
chain, is seen as the true blockchain. This true blockchain is adopted by the rest of the network.

Since orphaned blocks are not seen as part of the true blockchain, the transactions approved in
the orphaned blocks will not be part of the true blockchain. If you look at the true blockchain, it
seems as if the transactions in the orphaned blocks never took place. However, it is possible
that these mempool transactions are included in miner A's chain as well as miner B. It does not
matter to the sender of the transaction that the new blocks of miner A have become orphaned
blocks, since his transaction has been included and approved in the true blockchain. However,
there may also be transactions within an orphaned block that do not exist in the "true block".
These transactions automatically return to the mempool over time, after which they can be
picked up in the next block.

As mentioned earlier, people can submit improvement proposals for the Bitcoin blockchain.
Because blockchains are decentralized networks, the participants in the network must jointly
reach a consensus on what the rules of the network are. If the update concerns a change to the
software, you can choose between a soft fork and a hard fork.

- 105 -
4.6.2 Soft forks
With a soft fork there is a change to the software that is backward compatible. That means
nodes that haven't made an update can still process and add transactions to the blockchain as
long as they adhere to the new protocol rules. That also means that all blocks on the new
blockchain follow the set of rules of both the old and the new blockchain.

An example of a soft fork is a new rule to reduce the block size from 1MB to 300kb.55 Older
nodes will still be able to process transactions and share blocks 300kb or smaller with other
nodes. However, if this older node has approved a 1MB block and then tries to push to the rest
of the network, the updated nodes will reject this block as they only accept blocks of 300kb or
smaller. This stimulates the older nodes to update to the new protocol.

A soft fork is always implemented at a specific block, for example at block #20,000. As a rule, it
is written that within a certain number of blocks, for example 1,000 blocks, a certain number of
% consensus must have been reached for the new protocol to take effect. If sufficient
consensus has not been reached for a particular block, the update will not proceed, and the
new software version will automatically revert to the old version. The following image provides
a graphical representation of how this works. The black blocks are blocks that break the new
rules. The blue blocks comply with the new rules.

Updated Block Block Block


nodes
22 23 24

Not- Block Block Block Block Block Block Block


updated 20 21 22 23 24 25 26
nodes Soft fork Soft fork
implemented consensus
reached
Figure 49: View of a soft fork. The soft fork is implemented in block 21 and the intended consensus has been reached at
block 25.

55 Luke Dashjr (2019), one of the core developers of Bitcoin, proposes this to make it easier to run a full node. If
more people run a full node themselves, the blockchain is also more decentralized
- 106 -
4.6.3 Hard forks
With a hard fork there is also a change in the protocol. However, this change is not compatible
with the previous versions, so the nodes that did not update to the new version cannot process
transactions. They also cannot push new blocks to the blockchain.

An example of a hard fork is a new line where the block size is increased from 1MB to 2MB. If
an updated node wants to push a 2MB block to the blockchain, the nodes that have not been
updated will reject these blocks.

Hard forks can be both planned and controversial.

Planned hard forks


With a planned hard fork, the nodes have decided to voluntarily update their software and
follow the new protocol. Those who haven't made the update will still be running the old
blockchain version, which few people will take advantage of. Because this old blockchain is run
by a small number of nodes, it is not as decentralized as the new blockchain and is also less
secure due to the small amount of computer power behind it.

Controversial hard forks


In a controversial hard fork there is such a big disagreement within the community about the
upgrade that a significant part of the community decides to implement the update and another
part does not. This creates two blockchains that are not compatible with each other. The
currency on one blockchain also works so differently from the currency on the other blockchain
that they cannot be sent back and forth from one blockchain to another. So actually two
different coins are created. Since a fork is always based on the original blockchain, the new
blockchain also includes all transactions from the original blockchain. That means that if you
had 10 coins on the original blockchain, you also get 10 coins on the new blockchain. This
makes it look like you are getting new coins for free.

The following image shows a graphical representation of such a hard fork. At block 21, the hard
fork is implemented. The green chain is the new forked chain and the blue chain is the original
one. As you can see they have a shared transaction history up to block 21.

- 107 -
Updated Blok Blok Blok Blok Blok
nodes
22 23 24 25 26

Blok Blok Blok Blok Blok Blok Blok


Not-
updated 20 21 22 23 24 25 26
nodes Hard fork
implemented

Figure 50: View of a hard fork. The hard fork is implemented in block 22. The green chain is the forked blockchain and the
blue chain is the original blockchain. They have a shared history up to and including block 21. Both blockchains are no
longer equal and the coins of the green blockchain have become substantially different from the coins of the blue
blockchain, so that they can no longer be sent to each other cross-blockchain.

A well-known example of such a situation was the controversial hard fork of the Bitcoin
blockchain, which led to a new type of Bitcoin currency, the Bitcoin Cash. This hard fork took
place on August 1, 2017. The communities of both blockchains have been at odds with each
other ever since. See the following intermezzo for more information on the controversial split.

With a fork, the question remains how many of the nodes stand behind the new software
update. With a hard fork it is possible that there are hardly any nodes that support the one
blockchain version, so that this version quickly dies out. It is also possible that both blockchains
are accepted, but that there is one that is clearly more dominant and receives considerably
more support from the nodes. The classic Bitcoin is currently still more dominant than its
derivative, the Bitcoin Cash. In addition to Bitcoin Cash, there have been several other Bitcoin
hard forks, such as Bitcoin Private and Bitcoin Gold.

- 108 -
Intermezzo: Bitcoin vs Bitcoin Cash vs Bitcoin SV
From its inception, Bitcoin has been the cryptocurrency with the largest market
capitalization. For a long time it was also the most used blockchain. With the increasing
popularity of blockchains, it took more and more time to credit a transaction and the rates
on the Bitcoin network increased. This sparked a heated debate in 2017 as to whether
Bitcoin should increase block size to increase the number of transactions and lower rates.
At the time, the block size was 1MB, which limited the number of transactions to 7 per
second. Among other things, the well-known Bitcoin protagonist Roger Ver spoke out on
behalf of this and insinuated that opponents, such as larger Bitcoin miners, stopped the
progress of Bitcoin, because these larger miners preferred not to have lower rates and less
profitability. Roger Ver thinks that if Bitcoin does not scale up to more transactions per
second, Bitcoin cannot become an alternative electronic money that can compete with
national currencies. (Popper, 2017)

The larger Bitcoin miners were backed by the core developers of Bitcoin at the time.
As an alternative to a larger block size, the core developers suggested BIP 91. It proposed
the Segregated Witness adjustment (SegWit), whereby certain parts of a transaction were
no longer included in a block, so that more transactions would fit in the block. The group of
opponents did not agree to BIP 91 and split via a hard fork in August 2017. This resulted in
Bitcoin Cash. Bitcoin Cash used an 8MB block size and uses SecurSigs instead of SegWit. As a
hard fork, Bitcoin Cash, like Bitcoin, also has a maximum supply of 21 million tokens.

Differences between Bitcoin and Bitcoin Cash


In addition to an update in the block size, Bitcoin Cash made the mining difficulty partly
dependent on the number of miners. (CoinTelegraph, 2019) Bitcoin Cash abandoned this
method after it turned out that the difficulty was unstable and valid blocks were found on
average faster than 10 minutes. Instead, Bitcoin Cash arrived with an algorithm that
recalculates the difficulty level every 144 blocks. This is called the Emergency Difficulty
Adjustment (EDA) and is an addition to the Difficulty Adjustment Algorithm (DAA) used.
(Aggurwal & Tan, 2019, pp. 3-4)

- 109 -
At the time of writing this book (December 10, 2019), the mining difficulty at Bitcoin Cash is
approximately 2% of the mining difficulty at Bitcoin. As a result, it is more accessible to mine
Bitcoin Cash, so you expect more small miners with Bitcoin Cash. As of December 10, 2019,
the ten largest mining pools at Bitcoin Cash have just verified more than 51% of the blocks
over the past few weeks, while the ten largest mining pools at Bitcoin have verified more
than 90%. (Coin Dance, 2019)

Bitcoin SV and hash war


In November 2018, a new blockchain was also split from Bitcoin Cash via a hard fork. This
resulted in Bitcoin Satoshi Vision (Bitcoin SV). What happened was that a group around
Bitcoin Cash, consisting of Roger Ver and Jihan Wu, proposed an upgrade of the protocol to
allow for non-cash transactions and smart contracts. This could allow the network to use
oracles and atomic swaps. A group of opponents, including online gambling billionaires
Calvin Ayre and Craig Wright, saw this as unsafe and not in line with Bitcoin's original vision
as a digital money system. They therefore proposed an alternative blockchain with 128MB
block size. (Sfox, 2019) Bitcoin Cash has a block size of 32MB since May 15, 2018.

An interesting detail at this split is that given that both systems use SHA-256 and the major
miners of Bitcoin Cash support the Bitcoin SV initiative in majority, the Bitcoin SV group
could be conducting a 51% attack on Bitcoin Cash, so only the Bitcoin SV chain would
survive. Bitcoin SV instigator Craig Wright hinted at starting this so-called hash war. At the
time of writing, this war has not yet happened. (Van Wirdum, 2018)

At the time of writing, on December 10, 2019, Bitcoin SV has more transactions per week
than Bitcoin and Bitcoin Cash. For more information see https://blocktivity.info/. It is
important to realize that the number of transactions on a blockchain does not say anything
about the quality and value of the transactions.

- 110 -
Intermezzo: How to set up a Bitcoin full node yourself
A full node helps the network by validating all transactions and blocks. In addition, they also
help broadcast the blocks to other full nodes, so that the entire network has the same state
of the blockchain. Setting up a Bitcoin full node is as simple as downloading, installing and
starting an application.

Minimum requirements
To run a full node, you have to meet a number of requirements. You can run it on a recent
version of your Windows, Mac OS and Linux operating systems. In addition, you also need
free disk space of more than 200GB and 2GB of RAM.

Setting up Bitcoin full node


1. Visit the Bitcoin Core download page: https://bitcoin.org/en/download. Bitcoin Core
is the most widely used Bitcoin client.
2. Download the software for the operating system you are using.
3. Open the file and run the setup wizard.

4. You can choose to install a Bitcoin Core Graphical User Interface (GUI), a Bitcoin Core
daemon (Bitcoind) or a combination of the two. The Bitcoin GUI is the most user-
friendly option if you are not a developer.
5. Continue through all steps.
6. When you have completed all the steps, the client will synchronize the blockchain.
Given the size of the Bitcoin blockchain, this can take longer than a week.
7. If your blockchain is synchronized, you have a working full node. Congratulations,
you are contributing to the Bitcoin community. Your full node is also your wallet. You
can send and receive Bitcoins from here.

- 111 -
4.7 Summary, terms and sources
Summary
Transactions that are broadcasted to the network first end up in a memory pool (mempool)
with other transactions that have yet to be added to a block by miners. The more activity that
takes place on the blockchain, the more transactions will enter the mempool. Miners are
economically encouraged to add the highest fee transactions to their block because they collect
these fees when they are the first to find a valid hash block and are allowed to produce the
block.

There's no point in a miner going through the same nonce range over and over again if the rest
of the data in the block remains the same. Therefore, the miner who has already tried all
nonces within a certain timestamp will see if he can replace a transaction from his block with
another transaction from the mempool.

A node is a device that is linked and participates in the blockchain network. We distinguish
between full nodes and lightweight nodes. Full nodes can be divided into archival nodes and
pruned nodes. Archival nodes can be divided in mining nodes, strike nodes, authority nodes and
masternodes.

Within a central network it is easy to carry out an update, because a central party decides on
this. Within a decentralized network, however, consensus must first be reached on the update.
Because Bitcoin is open source, the source code is public and anyone within the Bitcoin
network can submit an improvement proposal, a so-called Bitcoin Improvement Proposal (BIP).
Three types of BIPs can be distinguished. These are:
1. Standards Track BIP.
2. Informational BIP.
3. Process BIP.

The democratization process whereby full nodes can vote or accept submitted community
proposals can also lead to blockchain splits. Generally, a distinction is made between the
following types of splits:
1. Temporary forks.
2. Soft forks.
3. Hard forks.

- 112 -
With a soft fork there is a change to the software that is backward compatible. That means
nodes that haven't made an update can still process and add transactions to the blockchain as
long as they adhere to the new protocol rules. That also means that all blocks on the new
blockchain follow the set of rules of both the old and the new blockchain.

With a hard fork there is also a change in the protocol. However, this change is not compatible
with the previous versions, so the nodes that did not update to the new version cannot process
transactions. They also cannot push new blocks to the blockchain.

Comments you can now explain


• Miners who can try out all nonces within a second will replace transactions in the block they
are working on with transactions from the mempool.
• The probability that a randomly chosen hash is a valid hash is equal to
0.000000000000000000002%.
• The probability of finding a valid hash within a given timestamp by trying the entire nonce
range is approximately 0.0000000001%.
• Lightweight nodes use Simplified Payment Verification (SPV). SPV uses Merkle trees.
• Forgers are sort of miners, but on a Proof-of-Stake blockchain.
• To submit a BIP (improvement proposal) for Bitcoin, you have to go through an entire
process.
• Bitcoin Cash is the result of a hard fork on the Bitcoin blockchain.
• It is possible that the blockchain temporarily splits.
• The disadvantage of a fork is that the initial chain's computing power is divided between the
initial chain and the new chain that emerges from the fork.

Glossary of Terms
Application-Specific Integrated Circuit (ASIC): Microchip specially developed to run hash only
algorithms as soon as possible.

Archival full nodes: Full nodes that store a full blockchain, help verify transactions, and send
transactions and blocks to the rest of the network.
Authority nodes: A group of nodes selected to be allowed to create blocks. Proof-of-Authority
blockchains use authority nodes. These blockchains are permissioned and are used in a private
blockchain environment.

BIP: See Bitcoin Improvement Protocol.

Bitcoin Improvement Proposal (BIP): An improvement proposal for Bitcoin.

- 113 -
Block size: The size of a block.

Central Processing Unit (CPU): A processor in a computer that performs calculations. In the early
days of Bitcoin, CPUs were used to mine.

Field-Programmable Gateway Array (FPGA): Integrated circuit of programmable logic


components.

Forger: A node on a Proof-of-Stake blockchain that produces new blocks. Forgers do that by
staking their coins. Block producers on a Proof-of-Work blockchain are mining nodes. Miners
produce new coins by providing computer power.

Full nodes: Nodes that validate each new block of the blockchain and verify transactions. They
ensure consensus on the blockchain and send blocks and transactions to the network for others
to download.

Planned hard fork: With a planned hard fork, the nodes have decided to voluntarily update
their software and follow the new protocol.

Graphics Processing Unit (GPU): A graphics processor used for video tasks. GPUs are usually
located on video cards.

Hard fork: A permanent split of the blockchain. There are two types of hard forks: a planned
hard fork and a controversial hard fork. With a planned hard fork, the nodes have decided to
voluntarily update their software and follow the new protocol. In a controversial hard fork
there is such a big disagreement within the community about the upgrade that a significant
part of the community decides to implement the update and another part does not.

Hash war: War for hash rate between, for example, two blockchains.

Informational BIP: An improvement proposal that describes a Bitcoin design issue or provides
general guidelines or information for the community but does not propose a new feature itself.

Lightning network: An off-chain scaling solution. The network is maintained by lightning nodes.

Lightning nodes: Nodes that maintain the lightning network.

Lightweight nodes: All devices that are connected to the network, but do not keep a copy of the
blockchain. They link to a full node to retrieve the current state of the network and also send
transactions to be processed.

- 114 -
Masternodes: Like other full nodes, also have a copy of the blockchain and also help verify
transactions. What distinguishes masternodes from other full nodes is that they have specialist
functions within the blockchain. At Dash, these are PrivateSend and InstantSend.

Memory pool (mempool): A waiting area for all incoming transactions yet to be confirmed by
the network. Miners choose transactions from the memory pool to add them to the block they
are working on. Each miner has its own memory pool. It is therefore possible that the individual
memory pools differ per mine.

Mempool: See memory pool.

Mining pool: A group of miners who combine computer power to find a valid block.

Mining nodes: Full nodes that add transactions to a block and search for a valid block of hash to
add the block to the blockchain. They will receive a block reward for finding a valid block.

Controversial hard fork: With this hard fork there is such a disagreement within the community
about the upgrade that a significant part of the community decides to implement the update
and another part does not. The result is a permanent split of the blockchain.

Process BIP: An improvement proposal that describes the Bitcoin process or proposes a change
to the process. It resembles a Standards Track BIP but is only applied to matters that are not
related to the Bitcoin protocol.

Pruned full nodes: Full nodes that store only part of the blockchain on the computer to save disk
space. They can still help verify transactions and send transactions and blocks to the rest of the
network.

Scalability: The processing capacity of a blockchain. This mainly focuses on the number of
transactions per second that a blockchain can process.

Simplified Payment Verification (SPV): A way to verify transactions without needing the entire
blockchain. Merkle trees are used for this.

Soft fork: A temporary split of the blockchain. In other words, there is a change to the software
that is backward compatible. That means nodes that haven't made an update can still process
and add transactions to the blockchain as long as they adhere to the new protocol rules. That
also means that all blocks on the new blockchain follow the set of rules of both the old and the
new blockchain.

Staking nodes: Nodes on a Proof-of-Stake blockchain that stake their coins.

Standards Track BIP: An improvement proposal that describes a change that affects almost all
Bitcoin implementations, such as changes to the network protocol.
- 115 -
Sources

Aggarwal, V., & Tan, Y. (2019). A Structural Analysis of Bitcoin Cash's Emergency Difficulty
Adjustment Algorithm. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3383739

Ammous, S. (2018, June 3). Bitcoin & Economics: What would a Bitcoin standard look like?
[YouTube]. Consulted from https://youtu.be/1WBrdLQhUrg

Blocktivity. (n.d.). Block activity. Consulted on December 26, 2019, from Blocktivity.info
website: https://blocktivity.info/

Blockchain.com. (n.d.). Hash Rate. Consulted on December 26, 2019, from Blockchain.com
website: https://www.blockchain.com/charts/hash-rate

Blockchain.com. (n.d.). Mempool Transaction Count. Consulted on December 26, 2019, from
Blockchain.com website: https://www.blockchain.com/charts/mempool-count

Bitcoin Core. (n.d.). Download - Bitcoin. Consulted on December 3, 2019, from Bitcoin.org
website: https://bitcoin.org/en/download

Bitcoin Github. (2016, January 1). Bitcoin / ass. Consulted on December 26, 2019, from GitHub
website: https://github.com/bitcoin/bips/blob/master/bip-0001.mediawiki

Bitcoin Wiki. (n.d.) Mining hardware comparison. Consulted on December 26, 2019, from
Bitcoin.it website: https://en.bitcoin.it/wiki/Mining_hardware_comparison

Bitcoinfees.info. (n.d.). Bitcoin Transaction Fees. Consulted on December 26, 2019, from
Bitcoinfees.info website: https://bitcoinfees.info/

Coin Telegraph. (n.d.). Difference Between Bitcoin and Bitcoin Cash. Consulted on December
26, 2019, from Cointelegraph website: https://cointelegraph.com/bitcoin-cash-for-
beginners/btc-bch-differences

Luke Dashjr. (2019, May 21). Briefly, Why Block Sizes shouldn't be too big. [Youtube]. Consulted
from https://youtu.be/CqNEQS80-h4

Murabito, E. (2019, n.d.). Mining difficulty, Hash Power, Nonce Range and the like. An
Introduction to Bitcoin Mining. Consulted on June 6, 2019 from
https://medium.com/bitcoin-cryptocurrencies-and-blockchain-technology/hash-power-
nonce-range-and-mining-difficulty-c4c4e58775f3

Nakamoto, S. (2008). Bitcoin P2P e-cash paper. Consulted on December 26, 2019, from
Nakamotoinstitute.org website:
https://satoshi.nakamotoinstitute.org/emails/cryptography/2/

- 116 -
Nakamoto, S. (2010). Re: Bitcoin minting is thermodynamically perverted. [Online forum
comment]. Post posted on
https://satoshi.nakamotoinstitute.org/posts/bitcointalk/327/

Nodes.com. (n.d.). Blockchain Nodes: How They Work (All Types Explained) Consulted on
December 15, 2019, from Nodes.com website: https://nodes.com/

Popper, N. (2017, July 25). Some Bitcoin Backers Are Defecting to Create a Rival Currency. The
New York Times. Consulted from
https://www.nytimes.com/2017/07/25/business/dealbook/bitcoin-cash-split.html

SFOX. (2019, June 3). Bitcoin Cash vs. Bitcoin SV: Six Months after the Hash War. Consulted on
December 26, 2019, from Medium website: https://blog.sfox.com/bitcoin-cash-vs-
bitcoin-sv-six-months-after-the-hash-war-e6d92a03b891

Stoll, C., Klaaßen, L., & Gallersdörfer, U. (2019). The Carbon Footprint of Bitcoin. Joule, 3 (7),
1647–1661. https://doi.org/10.1016/j.joule.2019.05.012

Taaki, A. (2013). The libbitcoin Manifesto. Consulted from


https://libbitcoin.dyne.org/libbitcoin-manifesto.pdf

van Wirdum, A. (2018, November 14). When the Fork Forks: What You Need to Know as Bitcoin
Cash Goes to War. Consulted on December 26, 2019, from Bitcoin Magazine website:
https://bitcoinmagazine.com/articles/when-fork-forks-what-you-need-know-bitcoin-
cash-goes-war

Icons
Computer made by Prettycons from www.flaticon.com
Mine made by Srip from www.flaticon.com

- 117 -
- 118 -
5. Cryptography: Symmetrical, Asymmetrical, and Zero-Knowledge
Proofs

“We stand today on the brink of a revolution in cryptography. The development


of cheap digital hardware has freed it from the design limitations of mechanical
computing and brought the cost of high grade cryptographic devices down to
where they can be used in such commercial applications as remote cash
dispensers and computer terminals. In turn, such applications create a need for
new types of cryptographic systems which minimize the necessity of secure key
distribution channels and supply the equivalent of a written signature.”
- Whitfield Diffie and Martin Hellman (1976)

“When privacy is outlawed, only outlaws will have privacy.”


- Philip Zimmermann (1991)

5.1 Introduction and learning objectives


In this chapter you will learn
• What symmetrical cryptography is and what its main weaknesses are.
• What asymmetric (public key) cryptography is and how it is used to sign Bitcoin
transactions.
• What the security objectives of public key cryptography are.
• What a Bitcoin wallet consists of.
• How public key cryptography is applied, for example in Public Key Infrastructure, to create
trust within a network of parties that have never met before.
• What Zero-Knowledge Proofs (ZKP) are and how they can be applied to ensure privacy on
the blockchain.
• That cryptography is essential to safeguarding our privacy in the digital world, but that it is
often at odds with the government's desire to monitor its citizens.
• How you can encrypt your own emails to ensure your privacy.

- 119 -
Introduction
In this chapter the three most common cryptographic developments are discussed.

First we will discuss symmetric cryptography in section 5.2 and then in 5.3 asymmetric or public
key cryptography. Section 5.4 discusses how public key cryptography is applied to the Bitcoin
blockchain with signing Bitcoin transactions. We then discuss Zero-Knowledge Proofs (ZKP) in
Section 5.5, as a new form of cryptography, where it is possible for a party to prove that it has a
specific truth or knowledge, without having to reveal this truth or knowledge. This form of
cryptography is ideal for safeguarding privacy. Consider, for example, being able to verify your
age or zip code, without actually having to reveal it to a verifier. In section 5.6 we present the
general history of public key cryptography and how the first and second crypto wars arose.
Finally, we conclude in section 5.7 with a summary of the chapter and a list of important terms
and sources.

5.2 Symmetric cryptography


The use of cryptography is more than 4,000 years old. In ancient Egypt, for example,
hieroglyphics were used to decorate tombs of deceased kings. These hieroglyphics told the life
story of the respective king. However, they were not meant to guard secrets, but to give extra
weight to the lyrics.

5.2.1 Classic example: Caesar rotation


Another classic example is the Caesar rotation. It was used by Julius Caesar in the first century
BC to share messages of military importance with his generals. The principle of the Caesar
rotation was simple. The recipient of the message had to replace each letter with a letter that
was a fixed number of a few positions further in the alphabet. Julius Caesar himself used a
rotation of three to the right. For example, In the encryption text A became a D, E a H, X a A,
etc. Such a rotation technique was also applied by the Roman emperor Augustus. However, he
used a rotation of one to the left, so he wrote A for B, B for C, etc.

- 120 -
X Y Z A B C D E

X Y Z A B C D E

Figure 51: Caesar rotation with a rotation of three to the left. Thus, for example, A becomes X in the encryption text and B
becomes Y.

Caesar rotation is relatively easy to break compared to modern encryption methods. To find
out whether there is a Caesar rotation, you could, for example, perform a frequency analysis of
letters. This way you can see whether the letters in the encryption text have the same
frequency pattern as a typical Dutch or English text. Furthermore, each letter in a Caesar
rotation has only 25 options. You can create a table where you write down all 25 rotation
options. A computer can work that out in no time 56

5.2.2 Disadvantages of symmetric cryptography

The same
key

Flat Encryption Encrypted Decryption Flat


text text text

Figure 52: Symmetric encryption. The sender of the message has the same key as the recipient of the message. The key is
used for both encryption and decryption.

Until the 1970s, cryptographers used only symmetric cryptography. With symmetric
cryptography you can encrypt and decrypt a message with the same key, the secret key. It is
necessary for the recipient to have the same secret key if he wants to decrypt and read the
sender's message.

56 See the following web application, which allows you to easily encrypt your own text with the Caesar rotation:
https://www.xarg.org/tools/caesar-cipher/.
- 121 -
The disadvantages of such a system are, firstly, that the secret key has to be shared in some
way - preferably over a secure channel - between the sender and recipient before messages can
be securely exchanged. A second drawback is that the secret key is located in two places. The
third drawback is that you, as the sender of a message, have to trust the recipient of the
message that they will not steal or copy the secret key. It is similar to sharing your house key, in
which you trust that the other person will not steal or copy your key. For this reason, it would
be wise to use a separate secret key for everyone you communicate with. These three aspects
considerably increase the chance that the secret key will end up in the hands of unwanted
persons. In addition, there is a scalability problem. Such a system would mean that users
communicating with many parties all need to maintain a database with a multitude of secret
keys. In order for such a system to work in a user-friendly manner, an infrastructure of
specialized distribution centres is required that generate secret keys each time before two
people want to initiate a private conversation. The fourth major drawback of symmetric
cryptography is that such infrastructure is significantly centralized, has a single point of failure,
and the distribution centres have a lot of data that will attract hackers.

Disadvantages of symmetric cryptography The Caesar rotation is also grouped


1. The secret key must be shared between the under symmetric cryptography,
sender and recipient before messages can be because you can both encrypt and
securely exchanged, preferably over a secure decrypt the message with a single
channel. secret key - for example, rotation of
2. The secret key is located in two places. one to the left. A more modern
3. The sender of the message must trust the example of symmetric encryption is
recipient not to steal or copy the secret key. the Data Encryption Standard (DES)
4. It is not scalable for large-scale e-commerce, that came on the market in 1975.
for example.
The DES was developed by IBM and
is primarily intended to protect
electronic communications between companies such as banks and other large financial
organizations. Until the arrival of DES, cryptography was primarily a government activity to
protect state communications. Initially, the DES was well received by cryptographers, until the
encryption system was further explored, and people learned that the U.S. intelligence agency,
the National Security Agency (NSA), had influenced its development and that the encryption

- 122 -
key was only 56 bits long (Levy, p. 53, 2001).57 That means that there are 256 number of possible
key combinations.58

Whitfield Diffie and Martin Hellman, two Stanford University professors who invented public
key cryptography a year later, thought the key was not long enough and believed that advanced
computers would be able to try all the different key combinations until the right one was found.
An attack by trying out all the different key combinations is also called a brute-force search.
Once the correct key is found, you can use it to decrypt and read encrypted messages. The
process or study to crack a key or message is called cryptanalysis.59

5.3 Asymmetric cryptography (public key cryptography)


Shortly after the publication of DES, asymmetric encryption - also known as public key
cryptography - was invented by Whitfield Diffie and Martin Hellman.60 This was a major
revolution in cryptography, because until then there was the paradigm that there should always
be a shared secret key for securing communications between a sender and recipient. In short,
the question Diffie and Hellman are trying to solve is how to establish secure communication
over an unsecured channel when the two communicating people have never had contact with

57 The algorithm for the DES was developed by IBM and modified in accordance with the American intelligence
service, the NSA. IBM originally used 64-bit key sizes but has consulted the NSA after reducing them to 56-bit key
sizes to weaken encryption. (Corrigan-Gibbs, 2014) Many cryptologists were sceptical of the DES. Martin Hellman,
one of the two inventors of public key cryptography, expressed his displeasure in a letter (1976) to the then
Secretary of State for Economic Affairs, Elliot Richardson:

“I am writing to you because I am very worried that the National Security Agency has
surreptitiously influenced the National Bureau of Standards in a way which seriously limited
the value of a proposed standard, and which may pose a threat to individual privacy. I refer to
the proposed Data Encryption Standard, intended for protecting confidential or private data
used by non-military federal agencies. It will also undoubtedly become a de facto standard in
the commercial world. … I am convinced that NSA in its role of helping NBS design and
evaluate possible standards has ensured that the proposed standard is breakable by NSA.”

58 One bit can be a 0 or a 1. If a key consists of 56 bits, there are 256 possibilities.
59 See also Cracking DES: Secrets of Encryption Research, Wiretap Politics & Chip Design (Electronic Frontier
Foundation, 1998) to learn more about how to crack DES and how the U.S. government has lied to the public about
the security of DES encryption.
60 Diffie and Hellman received the ACM A.M. for their contribution to modern cryptography. Turing prize (2015)
paid out. The award is the highest distinction in computer science.
- 123 -
each other before.61 Public key cryptography is the foundation of many modern encryption
techniques such as PGP, SSL and Internet Protocol Security (IPsec).62 In addition, the discovery
also gave momentum to cryptographic research outside the circles of secret intelligence
services.

Public key cryptography was introduced by Diffie and Hellman in the article "New Directions in
Cryptography" (1976). Inspired by the work of Diffie and Hellman, three young professors at the
Massachusetts Institute of Technology (MIT) named Ron Rivest, Adi Shamir and Leonard
Adleman developed the well-known RSA public key cryptography system in 1977.

61 A UC Berkeley student, Ralph Merkle, was also concerned with the question at the time. His solution involved
creating noise across the communication line. The concept works as follows: Bob and Alice want to communicate.
Bob is the sender and Alice is the recipient of a secret message. Eve is an eavesdropper who has access to
everything that is sent through the communication channel between Bob and Alice. Bob creates communication
puzzles to create noise. Each puzzle is a message, encrypted with a small key, that can be cracked in a relatively
short time by a brute-force attack. Bob creates millions of such puzzles and sends them all to Alice. Alice chooses
one puzzle, performs a brute-force attack and decrypts it with her computer. The solution is a long series of
numbers. In addition to this long series, there is also an identifier (e.g.: “I am Puzzle No. 3”) and a long digital key.
Alice sends a message back to Bob who knows exactly which puzzle is which number, and that he should look for
the key to “Puzzle No. 3 ”. They both have a shared secret key at this point. Eve, who can intercept the millions of
puzzles as an eavesdropper, can also hear that it is “Puzzle No. 3”. However, she does not know which of the
millions of puzzles are involved and it would take too much time to crack all the puzzles in search of this puzzle.
This way, two people who have not previously shared a secret key could still safely share a secret key over an
unsecured communication channel. (Levy, 2001, pp. 205-205)
Pretty Merkle is known, among other things, as the inventor of Merkle trees, a concept that has been applied in
Bitcoin and has been discussed in detail in the Bitcoin White Paper. In an interlude of chapter 3 you can read how
Merkle trees work.
62 PGP stands for Pretty Good Privacy, one of the most widely used encryption programs for email files and
classified documents. It was used, among others, by Edward Snowden and journalist Glenn Greenwald when
delivering top secret documents from the NSA in 2013.
SSL, Secure Sockets Layer, was developed by Netscape to send private documents over the internet. It creates a
secure connection between a server and a client. Most web browsers support SSL. URLs that require an SSL
connection start with Hypertext Transfer Protocol Secure, HTTPS. The user can recognize an HTTPS connection by
the closed lock icon for the Uniform Resource Locator, URL. IPsec is a security standard for the Internet protocol
(IP).
- 124 -
Figure 54: From left to right: Adi Shamir, Ron Rivest and Len
Adleman. (Photo: Dan Wright's RSA Algorithm course at
imps.mcmaster.ca)

Figure 53: From left to right: Ralph Merkle,


Martin Hellman and Whitfield Diffie. (Photo:
Chuck Painter / Stanford News Service)

While symmetric encryption uses one key, public key cryptography uses two different keys that
correspond mathematically. You can make one key publicly available and you must keep the
other private. You use a private key that you never share with another person to decrypt the
data you receive. In addition, you use a corresponding public key that may be publicly known to
encrypt the data. What makes public key cryptography so elegant is that the encryption
function is a two-way function: you can encrypt the message with the public key and decrypt it
with the private key. In addition, you cannot find out what the private key is from the public
key.63 This allows you to freely share this public key with parties with whom you want to
exchange encrypted data. These parties then use your public key to encrypt the data before
they send the data to you, so that you can decrypt it with your private key. You can compare it
somewhat with the bank that has a key for a safe that you keep inside the bank. This key is
private and will not be shared with anyone. In addition, the bank gives you a public key. If you
want to open the safe to access your valuables, you must use both the bank's private key and
your key at the same time.

63 The mathematical function where you can use a message as input and as a result get an output that you can no
longer convert to the original message, is called a one-way function. This is the case with hashing. With good
cryptographic features, with current computers, it can sometimes take millions of years or more to crack the
message.
- 125 -
In terms of Alice and Bob, our fictional characters who want to send secret messages to each
other, public key cryptography works as follows. Alice wants to be able to communicate safely
with Bob. For this she needs Bob's public key. Bob has a unique key pair: a private key and a
public key. He sends her his public key. This can be done via an unsecured communication
channel. Alice uses Bob's public key to encrypt her message and only the person with the
associated private key can decrypt that message. It does not matter whether Eve, the
eavesdroppers in the unsecured communication channel, has intercepted the public key
because she cannot have Bob's private key to decrypt the message. See how this works in the
following schematic.

Public
key
Private
key

Flat Sender uses public key Encrypted Receiver uses private key Flat
for encryption for decryption
text text text

Figure 55: Asymmetric (public key) cryptography for encrypted messages. The recipient, Bob, has a corresponding private key
and a public key. He sends his public key to the sender via an unsecured communication channel. The sender, Alice, uses the
public key to encrypt her message and sends the encrypted message to Bob. Bob then uses his private key to decrypt the
encrypted message.

5.3.1 Digital signatures


Public key cryptography goes beyond just encrypting messages and sending them securely. It
can also be used to authenticate the sender of an electronic message. If Alice would not
encrypt her message with someone else's public key, but with her own private key, the
encrypted message can be decrypted with Alice's public key. So if you receive a message from a
person, John Locke, and want to know if this message actually comes from John Locke, you can
look up his public key and use it to decrypt his message. If the result of this is plain text, then
you know that the message is from John Locke - assuming that John Locke is the only person in
the world with the only private key that can produce such a message. In other words: applying
a private key to a message is equivalent to putting a digital signature.

- 126 -
Digital signatures provide the following three main security
aspects:
1. It provides evidence of who signed the message or
document if the digital signature is linked to an
identifiable identity.
2. It provides data integrity because it can demonstrate
that the message or document has not been changed
since signing.
3. It irrefutably records that the signatory has signed the
message or document. He cannot deny that he did it.

There are two important differences between this digital signature and the signature you write
with pen and paper. Firstly, the digital signature cannot be forged unless the forger has the
private key. Secondly, if a digital signature is placed with a private key, the message is
encrypted. If someone intercepts the message and wants to change the original plain text, this
is possible if he first decrypts it with the corresponding public key. However, in order to send it
afterwards with a correct digital signature, he will also have to gain access to the private key.
The private key, however, should only be in the hands of the person who signed the original.
Since a digitally signed message can only be produced by the person who has the private key,
we can reasonably assume that the signed message actually comes from the private key owner.
Therefore, with the advent of public key cryptography, it is possible for the first time to sign
official digital money transactions or documents such as contracts and receipts over a computer
network. Without public key cryptography, the current e-commerce, a global market of
approximately € 2.500 billion in 2018, would have been impossible. 64

64 See ‘Global ecommerce sales grow 18% in 2018’ (Young, 2019).


- 127 -
Public
key
Private Public
key key

Flat Sender uses private key Digitally signed Receiver uses public key
for digital signature
Flat
text for digital authentication
text text

Figure 56: Asymmetric (public key) cryptography for digital signature. The sender, Alice, has a corresponding private key and
public key. She uses her private key to provide her message with a digital signature. In addition, Alice has made her public
key available to anyone who wants to authenticate that her messages actually come from her. The recipient, Bob, uses
Alice's public key to decrypt her message. If the result is plain text, he knows that the text can only be signed by the person
who owns the corresponding private key - in this case it is Alice.

5.3.2 purposes of public key cryptography


In short, public key cryptography has the following security objectives.

Security purposes of public key cryptography


1. Confidentiality: the data is not available to unauthorized persons or processes.
2. Integrity: the data has not changed.
3. Entity Authentication: The process of assuring a verifier of the true identity of an
entity on the Internet. An entity can be a website, an organization, a user, or even a
physical device connected to the Internet.
4. Data authenticity: the process whereby the integrity of the data is guaranteed and
whereby the source of the data can be determined. For example, banks must be able
to determine the authenticity of electronic financial transactions.
5. Irrefutability: It prevents an entity from denying that it has performed a particular
action. In many countries, electronic contracts are just as binding as paper contracts.
It must be the case that parties involved in an electronic contract are unable to deny
the contract later.

- 128 -
Public key cryptography can meet all of these security requirements. (Buchmann et al., 2013,
pp. 2-5) A Public Key Infrastructure (PKI) has been drawn up for this. More explanation can be
found in the following intermezzo.

In addition to the aforementioned security goals, you can also think of other goals, such as
anonymity and non-compliance. For example, it is imperative that people can vote for their
preferred party in elections without their identities known. In addition, it must be the case that
people cannot be forced to vote.

Difference between hashing and encryption (encryption)


Hashing is a one-way function. This means that the hashing of data leads to a hash output.
From the output it is no longer possible to retrieve the original data. This makes hashing
ideal for creating a unique fingerprint of the data.

Public key cryptography, on the other hand, is a two-way function. You can encrypt the
message with the public key and decrypt with the private key. In addition, you cannot find
out what the private key is from the public key. This makes public key cryptography ideal for
sharing secret messages over an unsecured channel.

- 129 -
Intermezzo: Public Key Infrastructure (PKI)
We have previously assumed that the person with whom Alice wants to communicate
securely, Bob, is actually Bob. How do we know for sure that there isn't someone else
pretending to be Bob and sharing his own public key with Alice, after which Alice will share
her secret communication with him? To protect our current internet communications, an
infrastructure of public keys has been set up to counter such attacks. This infrastructure is
also known as the Public Key Infrastructure (PKI). This is a set of standards, procedures and
software for authenticating users through public key cryptography and digital certificates.
Without PKI, it would be impossible to safely use things like e-commerce and eHealth.

How does PKI work?


An important task of PKI is to provide proofs of authenticity for public keys. Digital
certificates are associated with persons or companies and can be compared to an identity
card with which persons, websites or companies can identify themselves. The secure
connections between two communicating parties, for example the visitor of a website in the
website itself, is possible after the identities of both parties have been verified on the basis
of the certificates. Digital certificates play a major role in this. An example of such a
certificate is the SSL certificate. A certificate must meet a specific standard - the X.509
standard - and contain at least the following information:
1. The name of the subject, for example the person or organization.
2. The public key associated with the entity.
3. The cryptographic algorithm with which the public key is used.
4. The serial number of the certificate.
5. The period of validity of the certificate.
6. The name of the issuer of the certificate that has signed the certificate.
7. Restrictions that apply to the use of the public key in the certificate.

Within PKI, there are certificate authorities (CA) that specialize in issuing, storing and
signing these digital certificates. The certificate contains a public key that corresponds to the
users. There are more than 1,200 different CA’s worldwide. A user requests a certificate
from a registration authority (RA), often with proof that they are who they are. After the RA
verifies the user, the CA issues the certificate that the subject can identify with.

- 130 -
The subject can be a person, company or object connected to the internet. All certificates
that are requested and received by the CA and RA are stored in an encrypted database of
certificates. Certificates that have been revoked - for example because they have expired or
can no longer be trusted - are kept in a certificate revocation list (CRL).

The CA acts as a trusted third party to the owner of the certificate, the subject, and to the
relying party who wants to communicate with the subject. If a relying party, the person who
wants to use the subject's website, connects with the subject, he receives the subject's
certificate. To ensure that the subject is who he says he is, the relying party still asks the CA
if the certificate matches what the CA has registered. If this is correct, a secure connection is
established between the subject and the relying party. Below you will find a simplified
representation of the most important aspects of PKI.

Figure 57: Graphical representation of the PKI process.

The disadvantage of PKI is that it is complicated and there must be confidence that the CAs
perform their role well. CA’s can sign a certificate for any person or computer. CA’s are also
distributed worldwide and subject to national laws. What happens if a CA has been hacked
or if a government pressures a CA to give a public key from a subject, such as Google? With
this, the government could impersonate Google. See Chapter 12 on how blockchain can
make PKI more secure.

- 131 -
5.4 How is public key cryptography used with Bitcoin?
We have previously talked about how hash cryptography is used to find (a) a valid hash and
thus the right for the miner to create a next block and (b) chaining data blocks together where
the previous hash refers to the hash value of the previous block. If someone wants to
manipulate the blockchain by putting false data in a data block, the network will notice that the
hash of the relevant data block has changed. In addition to the aforementioned cryptographic
technique, the Bitcoin blockchain also uses public key cryptography when, for example, creating
a Bitcoin address and signing a transaction.

When creating a Bitcoin address, two corresponding keys are generated. 65 These keys are the
public key and the private key of the relevant Bitcoin address. The Bitcoin address is obtained
from the public key. 66 You can identify yourself with the Bitcoin address and freely share it with
others so that they can transfer Bitcoin to you. As a holder of the private key, you can identify
yourself as the owner of the Bitcoin address, and you can digitally sign your transactions. The
process is as follows:
1. The private key is used to sign the data of your transaction. An output follows from this.
2. The output is a digital signature. Good to know is that no one can retrieve your private
key if they know your digital signature.
3. Everyone can verify with your digital signature, the transaction data and your public key
that the digital signature and the public key correspond to the same private key. This
allows them to find out that you have signed the transaction with a legitimate private
key.

It is important to know that you cannot perform transactions without a digital signature. Since
the digital signature is only possible with a private key, you should handle your private key
carefully. It is also not possible to retrieve the private key from your public key.

You can best compare the Bitcoin address with an account number and the private key with the
pin code that gives you access to your account number and with which you can also carry out
transactions. If you lose your private key, you will lose access to your Bitcoins.

65 With Bitcoin, the private and public key pair is obtained through Elliptic Curve Digital Signature Algorithm
(ECDSA).
66 If you want to know more about how to generate a Bitcoin address from the public key, see:
https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses#How_to_create_Bitcoin_Addres
s.
- 132 -
The following image shows a Bitcoin wallet, consisting of a Bitcoin address and a private key.
The Bitcoin wallet in the image is called a paper wallet, because the wallet is intended to be
printed out and stored in an offline environment. Keeping your wallets offline is safer because it
cannot be stolen by online hackers and it will not be lost if your computer crashes or breaks.

Figure 58: Bitcoin paper wallet created at www.bitaddress.org. The Bitcoin address is comparable to an account
number. If someone wants to transfer Bitcoin to you, then this person has to transfer the Bitcoin to this address. With
the private key you can open your Bitcoin address, you have access to the Bitcoins on it and you can send your Bitcoins
by means of a digital signature; signing digitally. For this reason, it is important that you do not share your private key
with anyone.

5.4.1 Multi-signature
The Bitcoin network also supports multi-signature. As the word suggests, multi-signatures
require more than one digital signature from one key to complete a Bitcoin transaction. For
example, you can say that a transaction must be signed by at least 2 of the 3 private keys and
divide these private keys between different people. We call this a 2-of-3 transaction 67 This
allows the ownership of Bitcoins to be spread across multiple parties. This is useful, for
example, when a company does not want only one employee to have access to the company's
Bitcoin wallet for security reasons. A transaction then requires permission from several
employees. Many Bitcoin wallets have already implemented multi-signature.

67 M-of-N transactions require the transactions to be signed by M number of keys. For example, 4-of-5
transactions means that there are a total of 5 keys and that at least 4 of the 5 keys must have signed the
transaction. M-of-N multi-signature wallets are wallets that enable M-of-N transactions.
- 133 -
Intermezzo: Bitcoin wallets
A wallet is a digital file that contains a private key with the corresponding public key. It is
also possible that the wallet contains multiple private keys and public keys. Actually, wallets
don't really contain Bitcoins. The Bitcoins exist on the blockchain.

In addition to paper wallets, there are other types of wallets such as hardware wallets,
desktop wallets, mobile wallets and web wallets. A hardware wallet is a type of wallet in
which the private keys are stored in a secure piece of hardware. Because the private keys
never leave the hardware, this is a safe way to store your Bitcoin. Examples are Trezor and
Ledger.

Figure 59: A Trezor wallet linked to a laptop. See https://trezor.io for more information.

A desktop wallet is a wallet that you use from your computer or laptop.
A mobile wallet offers a user interface on the mobile phone and is generally the most user-
friendly. An example of this is the Bitcoin wallet Mycelium.

Figure 60: A screenshot of the Mycelium mobile wallet.

A web wallet is generally managed by a third party. They manages the private keys for you
and offer an online environment in which you can access your wallet. You must trust the
party that it handles your private keys securely, does not steal your Bitcoins and protect
them properly.

- 134 -
5.5 Zero-Knowledge Proofs
A newer form of encryption is Zero-Knowledge Proofs (ZKP). It was first introduced by Shafi
Goldwasser, Silvio Micali and Charles Rackoff, researchers at the Massachusetts Institute of
Technology (MIT), in their article, "The Knowledge Of Interactive Proof Systems" (1989). It is
essentially a method whereby one party (the prover) can prove to another party (the verifier)
that he can verify the truth of something, for example, a certain value, without revealing that
he has knowledge of this truth.

Briefly, Zero-Knowledge Proofs have the following three characteristics:


1. Completeness: If the statement is true, then the honest verifier will be convinced of this
fact by the honest evidence.
2. Reliability: If the statement is false, the chance of a misleading evidence convincing the
honest investigator that it is true is minimal.
3. Zero-Knowledge: If the statement is true, the verifier learns nothing but that the
statement is true.

To better understand the concept of Zero-Knowledge Proofs, it is useful to take the circular
corridor analogy of Jean-Jacques Quisquater et al.68 This analogy goes as follows.

Peggy (the prover) knows a secret word that can open a magical
door in a cave. The cave has the shape of a ring, with the
entrance splitting into a corridor on the left and a corridor on
the right. Both corridors come to a dead end against a magical
door that, if it were not there, would connect both corridors.

Figure 61: Structure of the cave with


the magic door closed.

68 The analogy of Quisquater et al. Is described in the fictional story, "How to Explain Zero-Knowledge Protocols to
Your Children" (1998). Another well-known analogy that is also regularly used to explain Zero-Knowledge Proofs is'
Andrew Yao's millionaires' problem '(1982), the problematic situation where two millionaires want to know who is
richer, without revealing how rich they are themselves. Yet another analogy is the analogy where two employees,
Alice and Bob, do the exact same amount of work with the same quality. However, they suspect their employer
that he is not paying them the same salaries. Now they want to know from each other whether this suspicion is
correct, without telling each other exactly how much they earn.
- 135 -
Victor (the verifier) wants to know if Peggy knows the secret word that will open the magic
door. Peggy, on the other hand, does not want to share the
secret word with Victor, but wants to show that she really
knows. This is solved by doing the following. Victor waits outside
the cave first while Peggy enters the cave. Victor is not allowed
to see if Peggy takes the left or the right corridor. After Peggy
has taken either corridor, Victor comes in and calls out which
way - the left or right corridor - he wants Peggy to get out of the
Figure 62: Structure of the cave with cave. If Peggy really knows the secret word, if necessary she will
the magic door open. open the secret door to always come out of the cave on the side
Victor wants. If Peggy doesn't know the secret word, she always
has a 50% chance of getting out of the cave through the right passage. If we repeated this
situation several times, for example 20 times, the chance that Peggy always takes the right
course based on pure luck becomes 0.520. That is almost 1 in a million. For that reason we can
say that Peggy (almost) absolutely knows the secret word of the magic door, without having to
share this secret with Victor. Since there is always a small chance that Peggy will unknowingly
leave the cave 20 or more times in a row through the correct passage without knowing the
secret word, Zero-Knowledge Proofs are probabilistic evidence and not deterministic evidence.
Good Zero-Knowledge Proofs use techniques that reduce the probability that a sheriff can
convince the verifier based on pure luck to a negligible percentage.

Why are Zero-Knowledge Proofs so relevant to blockchain? Zero-Knowledge Proofs are ideal for
exchanging information between different parties, without exchanging the data themselves. In
other words, Zero-Knowledge Proofs make it possible for blockchain application users to ensure
their privacy. With blockchain, all transactions are validated by nodes that participate in the
blockchain network. This means that these nodes can view the blockchain transactions and
therefore no privacy is possible.

With Zero-Knowledge Proofs, for example, we can perform authentications, in which no


passwords have to be exchanged and therefore no passwords can be stolen. For example, there
is no malicious person who can steal your communication or can see which files you share with
another person.

- 136 -
5.5.1 Interactive vs non-interactive Zero-Knowledge Proofs
It is important to know that Zero-Knowledge Proofs can be both interactive and non-
interactive. Interactive Zero-Knowledge Proofs show the burden of proof between two parties,
for example Peggy and Victor. If the burden of proof is to be shown to others, it must be
demonstrated once again by the evidence that it has a certain knowledge or truth. It would be
more ideal if each node could verify the burden of proof on its own after the prover shows it
once. This is possible with non-interactive Zero-Knowledge Proofs69

5.5.2 ING and Zero-Knowledge Range Proofs


For example, ING has developed a variant, Zero-Knowledge Range Proofs (ZKRP), with which
someone could prove something that falls within a specified range.70 Examples of this are:
1. Validate that someone's age is between 18 and 65 years old, without revealing the age.
2. Validate that someone lives in Europe, without revealing the exact location.
3. Validate that someone has a salary that falls within a certain range to take out a
mortgage, without revealing the exact salary.

Several variants and applications of Zero-Knowledge Proofs are possible. One important
application that we would like to emphasize is the validation of Know Your Customer (KYC)
data, such as the home address, without actually revealing it. KYC is a process to verify new and
existing customers and is sometimes required by governments. You can read more about KYC
and its costs in the intermezzo in Chapter 12.

5.6 The government against public encryption


Although Diffie, Hellman, Rivest, Shamir and Adleman had developed public key cryptography
around the same time, the remarkable story goes that this form of encryption was conceptually
developed by 1970 by James Ellis - a mathematician at the Government Communications
Headquarters (GCHQ), the British intelligence. Ellis called the concept "non-secret encryption".
However, no one within the GCHQ knew how to implement the idea practically. This situation
persisted until 1973 when Clifford Cocks, a young mathematician who had just joined the
GCHQ, came up with an algorithm that made Ellis' idea of public key cryptography applicable.
Shortly after, another mathematician at GCHQ, named Malcolm Williamson, had attempted to

69 Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (ZK-SNARKs) is a variant of non-interactive


Zero-Knowledge proofs. This technique is used by anonymous cryptocurrencies such as Zcash. See a more detailed
explanation about ZK-SNARKs: https://z.cash/technology/zksnarks.
70 ING published the Zero Knowledge Rank Proofs code on Github: https://github.com/ing-bank/zkproofs.
- 137 -
crack Cocks' algorithm. Although this was not successful, he discovered his own algorithm in his
cracking attempt, which was similar to that of Diffie and Hellman. However, these new forms of
encryption have not been used by the GCHQ for a long time because they did not fully trust
that the system could not be hacked. As a result, almost all innovation within modern
cryptography shifted to the academic world and the private sector at the time. In addition, the
work of Ellis, Cocks and Williamson was subject to state secrecy. Cocks, Ellis and Williamson
were not appreciated for their contributions to public key cryptography until this information
was declassified and Cocks publicly disclosed their inventions in 1997.

Public access to public key encryption techniques was opposed by the government at an early
stage. Until the invention of public key cryptography by Diffie and Hellman, cryptography was
primarily the domain of secret intelligence. Diffie and Hellman were convinced at the time that
the upcoming computer age needed applications that could secure the information of
computer users - even if it meant that even the government could not access the personal
communications of computer users. The NSA had a different view and feared the emergence of
unbreakable communication systems. Since 1975, the NSA has requested the National Science
Foundation, an American government agency that funds scientific research and has also
supported research by Diffie and Hellman, to stop funding cryptography research.

In 1977, researchers such as Diffie, Hellman, Merkle, Rivest, Shamir, and Adleman were told
that their publications on cryptography were in violation of International Traffic in Arms
Regulations (ITAR) legislation. The law regulates the import and export of defence items and
services. Combat vehicles, missiles and guns are war instruments and should not be exported
without specific governmental permission. Because cryptography was part of war instruments,
it was forbidden to export cryptography presentations and publications. This required an export
license. This legislation raised many questions. Could they really go to jail if they shared work
with people from outside the United States? Shamir, one of the inventors of RSA encryption, is
of Israeli descent. Should his colleagues go to jail if they sent him his own publication? 71
Despite the threats from the NSA, the cryptographers decided to distribute their work abroad.
This made public key cryptography global. This also immediately initiated the first crypto war.

71 Also see Henry Corrigan-Gibbs' "Keeping Secrets" (2014) on the battle between the NSA and scientists
researching cryptography
- 138 -
5.6.1 The first crypto war
In the 1980s, companies attempted to commercialize cryptography. Rivest, Shamir and
Adleman had successfully patented RSA and produced a product called Mailsafe, which allowed
users to securely send electronic messages to each other. Those interested in RSA technology
included AT&T, IBM, Xerox, Lotus Development Corp and Microsoft. Other companies made use
of the Diffie-Hellman patents. By the early 1990s, export controls on encryption were still in
place, and companies wishing to implement encryption in their products had to make two
versions: one with strong public key encryption for sales within the United States and a second
with weaker encryption , which was condoned by the United States government for foreign
customers. This situation became untenable when Phil Zimmerman made his PGP
cryptosystem, which the government said fell under the category of very strong cryptography,
open source in 1991 and made available for free to anyone who wanted to download it. The
program was of course also available abroad via the Internet. What made PGP special was that
it was such a light program that could be run on a PC.

In addition, AT&T came up with a plan in 1992 to market a phone, the TSD-3600-D, which could
encrypt calls using proprietary algorithms. In response, the NSA has attempted to develop a
chip for the private sector itself. The chip would become known as the Clipper chip and would
be equipped with a key escrow system. The encryption of the Clipper chip, as promised by the
government, would be strong enough to guarantee the privacy of users. The key escrow system
itself splits the private keys of users into two parts that are kept separately in government
facilities. In case the government wants to tap people's communications, the government can
still do that with the private keys. The argument used at the time is that unbreakable
encryption applications would endanger national security if they were to fall into the hands of
terrorists and other shady individuals. Therefore, according to the NSA, it was necessary that an
entry could be found to the encryption. The government allowed companies to offer their
communication devices abroad without any disturbance, as long as these devices were
equipped with the Clipper chip.72

The first device to use the chip was AT & T's TSD-3600-E if AT&T called off their plans for the
TSD-3600-D version.73 People like Diffie, Helmann, Rivest, Shamir, Adleman, Zimmerman and
other privacy advocates found this unacceptable and saw the development of the Clipper chip

72 This would also offer the NSA the opportunity to eavesdrop on foreign users.
73 The US government had made a deal with AT&T that they would be the buyers of the first productions.
- 139 -
as a danger to American citizens.74 From 1991, crypto anarchists and cypherpunks, people who
use cryptography for their political activism and have developed technologies that Bitcoin uses,
have gained an increasing following. 75 To make matters worse for the American government,
the Clipper chip was cracked in 1994. 76 The American public increasingly turned against the
chip. The chip was not embraced by consumers and companies, after which production was
stopped in 1996. In the same year, commercial encryption was removed from the ammunition
list from ITAR and the Ministry of Economic Affairs became responsible for the encryption
regulations. The Ministry decided to relax the rules regarding the export of encryption and
open source encryption software in 2000. This was a great victory for crypto activists and was
seen as the end of the first crypto war.

5.6.2 The second crypto war


With the rise of blockchain, the revelations of Edward Snowden and WikiLeaks, and other
developments such as the FBI that wanted Apple to weaken iPhone security in 2016, encryption
and privacy are back in the public debate. These developments triggered a second crypto war.
Once again enthusiasts of encryption and privacy face government officials who want more
supervision of the population.

74 Also see the article "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption" (1997), in which
a group of leading cryptographers speak out against the weaknesses of the key escrow system in, among others,
the Clipper chip.
75 Chapter 14 of Part II further discusses the philosophical background of crypto anarchists and Cypherpunks. They
have had a major influence on the development of blockchain. Their scepticism towards the government and their
ideology is still evident in the blockchain community. Concerned for our privacy, they had developed products such
as untraceable email and untraceable payments. They had already laid the foundations for blockchain and Bitcoin
before they were introduced by Satoshi Nakamoto.
76 Also see John Markoff's article, "Flaw discovered in federal plan for wiretapping" (1994), which appeared in The
New York Times.
- 140 -
Figure 63: AT & T's TSD-3600-E equipped with the
Clipper chip. (Photo: Cryptomuseum)

The history of cryptography has shown


that there is tension between those
who want to safeguard citizens' privacy Figure 64: Graphic campaign by RSA Security, the company
founded by Rivest, Shamir and Adleman, against the Clipper chip.
and those who want to be able to
(Photo: RSA Data Security, Inc)
monitor citizens. The tension is now
also very noticeable in the blockchain world. The arguments used by government officials
against encryption in the 1970s, 80s and 90s are also reflected in public discussions about
Bitcoin today. According to some, Bitcoin would only be used by criminals, just as some claimed
that encryption would only be used by criminals. According to them, Bitcoin would mainly be
used for drug trafficking, just as people claimed that the drug mafia would use encryption to
close illegal drug deals. Bitcoin would also be a threat to national security, just as encryption
would be in the 1970s, 80s and 90s. 77 It is not surprising why the government is concerned with
cryptography. After all, strong encryption is an ideal method that can be used to sideline the
government from eavesdropping on its citizens.

77 Steven Mnuchin (2019), the finance minister in Donald Trump's cabinet, calls Bitcoin and other cryptocurrencies
an issue of national security. In addition, politicians are voting within the EU to weaken encryption or create
backdoors (Stupp, 2016). For example, former Prime Minister of the United Kingdom, Theresa May, expressed in
her days as Prime Minister her desire to implement backdoors in communication systems (World Economic Forum,
2018).
- 141 -
Intermezzo: Securing your email messages with Pretty Good Privacy (PGP)
There are currently several applications that allow a user to encrypt their email or files. One
application is more user-friendly than the other.

Here we discuss how you can easily encrypt your e-mail messages using PGP. PGP is
currently one of the most widely used encryption tools, and incidentally it was also used by
Edward Snowden to share his top secret documents from the US intelligence agency, the
National Security Agency, with The Guardian.

Figure 65: Mailvelope logo. For more information about Mailvelope, see https://www.mailvelope.com/en/.

To easily encrypt your email messages based on the PGP standard, you can use the Chrome
or Firefox browser extension, Mailvelope. Mailvelope offers end-to-end encryption, which
means that even the server over which the message is sent has no insight into the data.
Your messages can therefore be sent over a potentially unsecured channel as email. Instant
messaging services like Signal also offer end-to-end encryption. By installing Mailvelope
within your browser, you can encrypt and decrypt your emails directly from your webmail.

Mailvelope works as follows. To communicate using encryption, you must encrypt your
email in such a way that only the recipient can access it. Use the public key of the recipient
to encrypt the email. This means that the recipient must also have created a private-public
key pair. This is also possible in PGP programs other than Mailvelope. This recipient also has
a private key that corresponds to the public key, with which you encrypted the email. This
private key allows the recipient to decrypt the email encrypted with their public key and
read its contents.

- 142 -
5.7 Summary, terms and sources
Summary
The use of cryptography is more than 4,000 years old. A classic example is the Caesar rotation.
It was used by Julius Caesar in the first century BC to share messages of military importance
with his generals. The recipient of the message had to replace each letter with a letter that was
a fixed number of positions further in the alphabet.

The Caesar rotation is an example of symmetric cryptography. Another example is IBM's 1975
Data Encryption Standard (DES). With symmetric cryptography you can encrypt and decrypt a
message with the same key, the secret key. It is necessary for the recipient to have the same
secret key if he wants to decrypt and read the sender's message. This entails a number of
drawbacks.

Shortly after the publication of DES, asymmetric encryption - also known as public key
cryptography - was invented by Whitfield Diffie and Martin Hellman. While symmetric
encryption uses one key, public key cryptography uses two different keys that correspond
mathematically. You can make one key publicly available and you must keep the other private.
You use a private key that you never share with another person to decrypt the data you receive.
In addition, you use a corresponding public key that may be publicly known to encrypt the data.
What makes public key cryptography so elegant is that the encryption function is a two-way
function: you can encrypt the message with the public key and decrypt it with the private key.
In addition, you cannot find out what the private key is from the public key.

Public key cryptography goes beyond just encrypting messages and sending them securely. It
can also be used to authenticate the sender of an electronic message. Applying a private key to
a message is equivalent to adding a digital signature.

When creating a Bitcoin address, two corresponding keys are generated: the public key and the
private key of the relevant Bitcoin address. The Bitcoin address is obtained from the public key.
It is important to know that you cannot perform transactions without a digital signature. Since
the digital signature is only possible with a private key, you should handle your private key with
care. The Bitcoin network also supports multi-signature. Multi-signatures require more than
one digital signature from one key to complete a Bitcoin transaction.

- 143 -
A newer form of encryption is Zero-Knowledge Proofs (ZKP). It is essentially a method whereby
one party (the prover) can prove to another party (the verifier) that he can verify the truth of
something, for example, a certain value, without revealing that he has knowledge of this truth.

In 1977, cryptographers such as Diffie, Hellman, Merkle, Rivest, Shamir and Adleman were told
that their publications on cryptography were in violation of International Traffic in Arms
Regulations (ITAR). Despite threats from the National Security Agency (NSA), the
cryptographers decided to export their work abroad. This made public key cryptography global.
This also immediately initiated the first crypto war. The history of cryptography has shown that
there is tension between those who want to safeguard citizens' privacy and those who want to
be able to monitor citizens. The tension is also noticeable in the blockchain world. The
arguments used by government officials against encryption in the 1970s, 80s and 90s are also
reflected in public discussions about Bitcoin and encryption today.

Comments you can now explain


• Symmetric cryptography has a number of weaknesses that are solved by asymmetric (public
key) cryptography.
• If you want to send a secret message to person A, you must use the public key of person A to
encrypt the message.
• Use the private key to decrypt a message.
• A Bitcoin address is not the same as a Bitcoin public key.
• With Zero-Knowledge Proofs you can prove that you are between 18 and 65 years old
without revealing your exact age.
• Cryptographers and advocates of privacy are at odds with government officials who want to
monitor the communications of citizens, for example, to track down criminals.
• We also see many arguments used in discussions about encryption and privacy in the
discussions in the 1970s, 80s and 90s.

- 144 -
Glossary of Terms
Asymmetric encryption (public key cryptography): A cryptographic method using a private-
public key pair.

Prover: The party trying to prove a statement.

Brute-force attack: An attack that is accomplished by trying out all the different key
combinations.

Brute-force search: Searching for the correct key combination by trying all the different
combinations.

Certificate Authority (CA): Institution that specializes in issuing, storing and signing digital
certificates.

Certification revocation list (CRL): List of revoked certificates.

Clipper chip: Chip with a backdoor developed by the United States government.

Cryptanalysis: The process or study to crack a key or message.

Crypto anarchists: See crypto anarchists in Chapter 14.

Cypherpunks: See Cypherpunks in Chapter 14.

Data Encryption Standard (DES): A data encryption standard developed by IBM after
consultation with the NSA. The standard emerged in 1975 and used symmetric cryptography.

Decrypting: Decrypting data.

One-way function: A mathematical function where you cannot find out the other from one
another. For example, you cannot retrieve the private key of a public key. You also cannot find
out the data that has led to the hash of a hash.

First Crypto War: The battle waged by people who advocate cryptography and privacy to fight
the U.S. government. The US government wanted export controls on cryptography and that
people use weak encryption that can be hacked by the government.

Elliptic Curve Digital Signature Algorithm (ECDSA): A cryptographic method to obtain a private-
public key pair.

Encrypting: Encrypting data.

- 145 -
International Traffic in Arms Regulations (ITAR): U.S. law that regulates the import and export
of defence items and services. Cryptography was under ITAR until the 1990s, preventing
cryptographers from exporting their cryptography presentations and publications.

ITAR: See International Traffic in Arms Regulations.

Key escrow: A system that splits the private keys of users into two parts that are stored
separately in government facilities. In case the government wants to tap people's
communications, the government can still do that with the private keys.

Know Your Customer (KYC): A process to verify new and existing customers.

KYC: See Know Your Customer.

M-of-N transaction: Transaction that requires an M number of private keys from a total of N
private keys to sign the transaction. In 2-of-3 transactions, 2 of the 3 private keys must sign the
transactions.

M-of-N wallet: A wallet that offers M-of-N transactions.

Multi-signature (multisig): Method whereby multiple private keys are required to digitally sign
a transaction. This allows you to decentralize responsibility for wallets. In addition, this also
prevents a Single Point of Failure.

National Security Agency (NSA): United States intelligence agency.

Pretty Good Privacy (PGP): An encryption program developed by Philip Zimmerman. The
program is light enough that it can be run on a consumer computer.

Private key: One of two different keys associated with asymmetric cryptography. The private
key is used to decrypt an encrypted message.

Public key: One of two different keys associated with asymmetric cryptography. The public key
is meant to be exchanged with the person you want to communicate with. This person uses
your public key to encrypt their message.

Public key cryptography: See asymmetric encryption.

Public key Infrastructure: The infrastructure of public keys for authenticating users and digital
certificates.

Registration Authority (RA): Institution that authenticates a user to allow the CA to issue a
certificate to the user.

- 146 -
Secret key: A key, such as the private key, that you must not share with anyone. With
symmetric cryptography you can encrypt and decrypt a message with the secret key.

Signature: Digital signature.

Symmetric encryption: An encryption method in which the secret key encrypts and decrypts
data.

Verifier: The party that verifies the truth of a statement.

Wallet: Digital wallet.

Zero-Knowledge Proof (ZKP): A cryptographic method whereby a party can prove to another
party that it knows value x without providing any information other than the fact that it knows
the value x.

Zero-Knowledge Succinct Non-interactive Argument of Knowledge (ZK-SNARKs): A variant of


non-interactive Zero-Knowledge proofs. This technique is used by Zcash, among others.

Zero-Knowledge: The verifier of a statement learns nothing other than that the statement is
true.

ZK-SNARKs: See Zero-Knowledge Succinct Non-Interactive Argument of Knowledge.

Sources

Abelson, H., Anderson, R., Bellovin, S. M., Benaloh, J., Blaze, M., Diffie, W.,… Schneier, B. (2010).
The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption. Academic
Commons. https://doi.org/10.7916/D8GM8F2W

Bambrough, B. (2019, July 27). The U.S. Treasury Secretary Made A Dire Warning Over The
Future Of Bitcoin. Forbes. Consulted on 26 December 2019, from
https://www.forbes.com/sites/billybambrough/2019/07/27/the-us-treasury-secretary-
made-a-dire-warning-over-the-future-of -bitcoin /

Bitcoin Wiki. (n.d.). Technical background of version 1 Bitcoin addresses. Consulted on


December 26, 2019, from Bitcoin.it website:
https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses#How_t
o_create_Bitcoin_Address

Buchmann, J. A., Wiesmaier, A., & Karatsiolis, E. (2016). Introduction to Public Key
Infrastructures. Berlin Springer.

- 147 -
Corrigan-Gibbs, H. (2014, November 7). Keeping Secrets. Consulted on December 26, 2019,
from Stanfordmag.org website: https://stanfordmag.org/contents/keeping-secrets

Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on
Information Theory, 22 (6), 644–654. https://doi.org/10.1109/tit.1976.1055638

Electronic Frontier Foundation. (1998). Cracking DES: secrets of encryption research, wiretap
politics & chip design. Sevastopol, Calif .: O'reilly.

Goldwasser, S., Micali, S., & Rackoff, C. (1989). The Knowledge Complexity of Interactive Proof
Systems. SIAM Journal on Computing, 18 (1), 186–208. https://doi.org/10.1137/0218012

ING bank. (2019, July 23). Zero Knowledge Proofs. Consulted on December 26, 2019, from
GitHub website: https://github.com/ing-bank/zkrp

Levy, S. (2001). Crypto: how the code rebels beat the government, saving privacy in the digital
age. New York: Viking.

Mailvelope. (n.d.). Communicating safely with Mailvelope. Consulted on December 26, 2019,
from Mailvelope.com website: https://www.mailvelope.com/en/

Markoff, J. (1994, June 2). Flaw discovered in federal plan for wiretapping. The New York Times.
Consulted on December 26, 2019, from
https://www.nytimes.com/1994/06/02/us/flaw-discovered-in-federal-plan-for-
wiretapping.html

May, T. (2018, January 25). Theresa May's Davos address in full. Consulted on December 26,
2019, from World Economic Forum website:
https://www.weforum.org/agenda/2018/01/theresa-may-davos-address/

Quisquater, J.-J., Quisquater, M., Quisquater, M., Quisquater, M., Guillou, L., Guillou, M. A., ...
Guillou, S. (1998). How to Explain Zero-Knowledge Protocols to Your Children. Advances in
Cryptology - CRYPTO '89 Proceedings, 628–631. https://doi.org/10.1007/0-387-34805-
0_60

Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and
public-key cryptosystems. Communications of the ACM, 21 (2), 120–126.
https://doi.org/10.1145/359340.359342

Stupp, C. (2016, March 30). EU cybersecurity agency slams calls for encryption backdoors.
Consulted on December 26, 2019, from www.euractiv.com website:
https://www.euractiv.com/section/digital/news/eu-cybersecurity-agency-slams-calls-for-
encryption-backdoors/

- 148 -
Trezor.io. (n.d.). Trezor Hardware Wallet. Consulted on December 26, 2019, from Trezor.io
website: https://trezor.io

Yao, A.C. (1982). Protocols for secure computations. IEEE Foundations of Computer Science.
23rd Annual Symposium, 160–164.

Young, J. (2019). Global ecommerce sales grow 18% in 2018. Consulted on July 26, 2019 from
Digital Commerce 360 website: https://www.digitalcommerce360.com/article/global-
ecommerce-sales/

Zcash. (2018). What are ZK SNARKs? Consulted on December 26, 2019, from Zcash website:
https://z.cash/technology/zksnarks

Zimmermann, P. (1991). Why I wrote PGP. Consulted on December 26, 2019, from
Philzimmermann.com website:
https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html

Icons
Alice, Bob, private key, public key and plain text created by Freepik from www.flaticon.com

Certificate created by Kranshastry from www.flaticon.com


Digital signature created by Wanicon from www.flaticon.com
Encrypted text created by Pixelmeetup from www.flaticon.com

- 149 -
- 150 -
6. Proof-of-Stake and blockchain performance

“Over the past few years there has been considerable research into ‘proof of
stake’ (PoS) based blockchain consensus algorithms. In a PoS system, a
blockchain appends and agrees on new blocks where anyone who holds coins
inside of the system can participate, and the influence an agent has is
proportional to the number of coins (or ‘stake’) it holds. This is a vastly more
efficient alternative to proof of work (PoW) ‘mining’ and enables blockchains to
operate without mining’s high hardware and electricity costs.”
- Vitalik Buterin & Virgil Griffith (2019)

6.1 Introduction and learning objectives


In this chapter you will learn
• That there are alternative consensus protocols such as Proof-of-Stake.
• What Proof-of-Stake is.
• Different variants of Proof-of-Stake such as Delegated Proof-of-Stake, Leased Proof-of-
Stake, Proof-of-Stake Velocity and Proof-of-Authority.
• The main differences between Proof-of-Work and Proof-of-Stake.
• That the consensus protocol of a blockchain has a major impact on the scalability of a
blockchain.
• That there are currently several initiatives to increase the scalability of blockchains.
• That it is possible to generate a passive income by placing your crypto coins on a Proof-of-
Stake blockchain.

Introduction
In this chapter, several essential elements of blockchain are discussed. We look at alternatives
to Proof-of-Work and the impact of consensus protocols on the scalability of a blockchain.

From section 6.2, we look at consensus protocols that are an alternative to the Proof-of-Work
protocol of, for example, Bitcoin. The most important of these alternatives is Proof-of-Stake
(section 6.3) and its derivatives: Delegated Proof-of-Stake (6.4), Leased Proof-of-Stake (6.5) and
Proof-of-Stake Velocity (6.6). In addition, we discuss a consensus mechanism similar to
- 151 -
Delegated Proof-of-Stake, but widely used within private blockchains: Proof-of-Authority (6.7).
These consensus protocols are more sustainable mechanisms for reaching consensus than
Proof-of-Work, because being allowed to produce a block doesn't depend on the amount of
computing power you provide to the network. Then in section 6.8 we discuss what the
advantages are of classic Proof-of-Stake compared to Proof-of-Work. In section 6.9, we discuss
the scalability of blockchains and draw a relationship between the scalability and consensus
mechanisms. Finally, we conclude with a summary, a list of important terms and a source list of
the chapter in 6.10.

6.2 Alternative consensus protocols


In chapter 4 we discussed that it is essential to create trust among the different participants
within a distributed network. There must be confidence that the participants are not corrupt
and that the data that is shared among them is not corrupt. To ensure this trust, participating
nodes must verify messages or transactions for correctness and neutralize other participants
who are corrupt and misleading: the solution to the earlier discussed Byzantine Generals
Problem. The essence of the problem is how to reach consensus on the distributed network of
nodes, some of which are potentially corrupt. How can consensus be safely reached between
the different nodes, assuming the network between the nodes is unreliable?

So far, we have discussed one solution to the Byzantine Generals Problem: the Proof-of-Work
consensus protocol, as it is set up with Bitcoin, for example. According to this protocol, a data
block may only be added to the blockchain when a valid hash of the block has been found.
Finding a valid hash is done by miners using computer power. The more computing power a
miner supplies to the network, the faster he can find a valid hash and thus the more likely he is
to be able to produce the next block and add it to the blockchain. When finding a valid hash,
the miner has allegedly "proved that he has done work" (Proof-of-Work). According to the
reward structure of Proof-of-Work protocols, miners who can first find the valid hash receive a
reward of currently 12.5 Bitcoin within the Bitcoin network. As a consequence, there has been
fierce competition in computing power among Bitcoin miners. This is why the electricity
consumption of the Bitcoin network is so huge.

Proof-of-Work, however, is the first consensus mechanism applied in blockchain. In addition to


Proof-of-Work, several consensus protocols have since been developed that attempt to solve
the Byzantine Generals Problem in a more efficient manner. The main alternative protocol that

- 152 -
also drastically reduces energy consumption is Proof-of-Stake. This protocol has now been
implemented in various blockchain projects.

6.3 Proof-of-Stake (PoS)


Proof-of-Stake was first implemented at PeerCoin and Nxt in 2012 and 2013 respectively.
Currently Ethereum, the second largest market capitalization blockchain, is in transition from
Proof-of-Work to a Proof-of-Stake protocol called Casper.

While miners at Proof-of-Work are allowed to produce new blocks when they can find a valid
hash, a block producer at Proof-of-Stake is chosen based on (a) a random selection process and
(b) a 'stake' such as the number of coins he has. This means that no expensive mining
equipment is required at Proof-of-Stake. All it takes is a standard computer, an internet
connection and having a coin. The block producer at Proof-of-Stake is therefore not called a
miner but is called a forger. Because the forger also receives a reward when producing a new
block, you can also see Proof-of-Stake as a method where you earn a passive income on your
coins. The more stake you have, the higher the chance that you may produce the next block. In
addition to producing blocks, they also validate transactions, helping to secure the network.

There are different variants within Proof-of-Stake that have their own unique properties.
Although there are several variants, we will further explain the following four:
1. Delegated Proof-of-Stake (dPoS).
2. Leased Proof-of-Stake (lPoS).
3. Proof-of-Stake Velocity (PoSV).
4. Proof-of-Authority (PoA).

We would like to make a comment that it is doubtful whether Proof-of-Authority falls under
Proof-of-Stake. It is sometimes thought of as a form of Delegated Proof-of-Stake.

6.4 Delegated Proof-of-Stake (DPoS)


Delegated Proof-of-Stake was developed by Dan Larimer, the founder of BitShares, Steemit and
EOS - blockchain projects that all use this consensus mechanism. Other well-known projects
that have implemented delegated Proof-of-Stake are Lisk and Cardano.

- 153 -
With delegated Proof-of-Stake you cannot just stake your coins to be able to produce new
blocks. A delegated Proof-of-Stake system is best compared to a continuous representative
democracy in which anyone who has a coin can vote for witnesses and delegates. The
witnesses and delegates must be eligible for this and have obtained a certain number of votes
in order to be able to perform their function as witness and delegate.

6.4.1 Witnesses
The role of witnesses is to validate transactions and produce new blocks. For this service they
receive a reward per produced block.

If we look at BitShares, an exchange built on blockchain technology (Decentralized Exchange),


as an example, we see that the top 19 witnesses can take turns producing a new block. Because
it has already been determined in advance who will be the next block producer, there is no
longer any arbitrary selection process to find a producer and, as with Proof-of-Work, there is no
need to compete for the next producer. In addition, compared to Bitcoin's Proof-of-Work
mechanism, transactions only need to be approved by a limited number of 19 witness nodes.
These properties ensure that new blocks can be added to the blockchain in a fast, efficient and
energy-efficient manner. This benefits the scalability of the blockchain. Transactions are
approved on average within about 1.5 seconds and a new block is created every 3 seconds. The
number of transactions that can be performed per second on BitShares is therefore also 3300+
transactions per second.78 This is considerably more than with the Bitcoin network which can
only process about 7 transactions per second.

As mentioned earlier, delegated Proof-of-Stake has elections all the time. In delegated Proof-of-
Stake it is important that the witnesses, just like in a representative democracy, make
themselves known to the community and conduct campaigns to get votes. They are also
expected to perform their duties to the best of their ability and minimize their nodes. Should
witnesses fail to perform their duties properly, there is always an opportunity for the
community to vote for someone else they trust more. This means that malfunctioning
witnesses risk losing their income as a block producer.

78 documents have overestimated BitShares' transaction speed by stating that the system can handle 100,000
transactions per second.
- 154 -
You can vote at BitShares at any time of the day. Every other day, all votes are added together
and the top 19 witnesses, who are allowed to take turns producing a block, are determined on
the basis of this. The weight of the votes is based on the amount of coins, for example BitShares
coins (BTS), that a person owns. This means that a vote of someone with 1,000 BTS weighs
proportionally heavier than a vote of someone with 1 BTS.

The top 19 witnesses


with the most votes W1 W2 W3 W… W19
may take turns
producing a block

Witnesses

The community votes


for witnesses

BitShares community

Figure 66: Delegated Proof-of-Stake at BitShares.

At the blockchain-based social media platform Steemit, there are 20 active witnesses. In
addition to these active witnesses, there are also spare witnesses. After the 20th witness has
produced a block, a draw takes place among the reserve witnesses to be able to produce a
block as the 21st witness. That is how it pays to be a witness at Steemit, without getting into
the top 20.

However, it may happen that a witness (a) fails while producing a block or (b) after producing a
block signals to the other witnesses too late that he has created the block.

- 155 -
A witness drops out temporarily and cannot produce a block
When a witness fails temporarily and cannot produce a block, the witness is automatically
skipped, and the next witness is next. The blockchain will therefore miss one block, but the
transactions that would be in the missing block are included in the following block.

Witnesses W1 W2 W3 W4 W5 W…

Blocks
B1 B2 B3 B4 B…

Figure 67: When a witness (W3) fails and cannot produce a block, his turn is skipped.

A witness signals the other witnesses too late that he has created a block
It can sometimes happen that a witness signals the other witnesses too late that he has created
a block. In such cases, the next witness may have already produced a new block himself,
causing a temporary split in the blockchain. How is it then determined what the true blockchain
is?

Just like Proof-of-Work, the true blockchain is always the longest blockchain. This is the
blockchain with the most consensus. Below you will find a graphical representation of the
situation.

- 156 -
Witnesses W1 W2 W3 W4 W5 W…

B3’

Blocks
B1 B2 B3 B4 B…

Figure 68: When a witness (W3) signals the other witnesses too late that he has created a block, another witness (W4) may
have started block production. In this example, W4 produced a block 3 (B3) and linked it to block 2 (B2). In this case, two chains
are created: the green and the red blockchains. The true blockchain is always the longest chain - in this example it is the green
blockchain. W3 will therefore have to synchronize its local blockchain with the network in order to get it right with the longest
blockchain.

In addition to witnesses, the community of delegated Proof-of-Stake systems also votes for
delegates.

6.4.2 Delegates
Delegates have no role in verifying transactions and validating and producing blocks. The role of
delegates is to oversee the governance structure of the blockchain protocol. For example, they
can make a proposal to change the size of the blocks or to change the reward for witnesses. If a
delegate has submitted a proposal, the community can vote for or against.

- 157 -
Intermezzo: The BitShares block explorer
BitShares has a transparent block explorer where you can find all witnesses, delegates and
transactions. You can find this explorer via https://wallet.bitshares.org.

Figure 69: You see that a block is approved every 3 seconds and how many votes, expressed in BTS, each witness received
from the community.

Figure 70: An abbreviated list of BitShares delegates in May 2019. It is also clear how many votes each delegate received.

- 158 -
6.5 Leased Proof-of-Stake (LPoS)
With the classic Proof-of-Stake model, there is a chance for anyone who 'stakes' their coins to
be able to produce a block. The probability of this is based on the amount of coins that the
person holds as an interest. Holders of a small amount of coins therefore have a smaller
chance. This can prevent people with few coins from being stimulated enough to participate. If
the many small holders do not want to participate in the stake process, the blockchain may
become too centralized. There is then only a small group of participants who have many coins,
who help maintain the network.

Figure 71: This is an example of classic Proof-of-Stake, where there are three strike nodes: A, B and C. Strike node A has 1
stack of coins, Strike node B has 3 stacks and Strike node C has 4 stacks . In total there are 8 stacks. If this is all stake within
the network, then strike node A has 1/8 chance to produce another block. Strike node B has a 3/8 chance and strike node C
has a 4/8 chance.

With leased Proof-of-Stake you could solve this issue by giving everyone the opportunity to
lease their coins to stake nodes. When these stake nodes have received more coins as a lease,
the chance that the stake nodes may produce a block is greater. The stake nodes will then
distribute the reward proportionally between themselves and everyone who has leased coins
to them. The prospect of being regularly rewarded even as a smallholder encourages people
with small amounts of coins to lease and thereby also participate in the stake process. In
addition, as a leaser you do not have to run a stake node day and night and technical
knowledge of servers is not required. It is important that you do not lose control over your
coins when you lease your coins. The stake node cannot issue or take your coins. You can
decide at any time whether you want to terminate the lease. However, you cannot trade your
coins during the lease.

- 159 -
A

B L1

C L2

Figure 72: This is an example of a leased Proof-of-Stake. There are three strike nodes: A, B and C. In addition, there are two
nodes, L1 and L2 that lease their coins to strike node A. As a result, strike node A has not 1, but 3 stacks of coins. The chance
that strike node A may produce a next block is therefore no longer 1/8, but 3/10. When strike node A is allowed to produce
a block, it will split its reward proportionally between itself and nodes L1 and L2.

The largest blockchain project that uses leased Proof-of-Stake is Waves. Waves is a platform
blockchain where you can build blockchain applications and create your own crypto tokens,
which you can trade on their own decentralized exchange (DEX). A decentralized exchange is a
trading exchange built on a blockchain. In the case of the Waves DEX, the exchange is built on
the Waves blockchain.

6.6 Proof-of-Stake Velocity (PoSV)


The name, Proof-of-Stake Velocity, comes from the term "velocity of money". 79 The Proof-of-
Stake Velocity protocol is a variant of Proof-of-Stake. The goal is to prevent people from only
hoarding their coins in the stake process. What distinguishes Proof-of-Stake Velocity from
classic Proof-of-Stake is that users are rewarded for (a) the number of coins they hold and (b)
how actively they use their coins. The community is therefore encouraged to not only keep the
coins, but to actually use them for transactions. A project that uses this protocol is Reddcoin, a
cryptocurrency for microtransactions and tips on social media networks.

6.7 Proof-of-Authority (PoA)


The concept of Proof-of-Authority was introduced by Ethereum co-founder, Gavin Wood. We
cover Proof-of-Authority in this chapter because the consensus mechanism is very similar to
that of Delegated Proof-of-Stake.

79 The velocity of money indicates how quickly money changes person.


- 160 -
Delegated Proof-of-Stake systems are often implemented in open blockchains, where anyone
can make themselves electable in a pseudo-anonymous way to become a witness. In that
respect, you could say that witness aspirants are "approved" by the community to assume their
role as witnesses by voting. However, with Proof-of-Authority, block producers (authority
nodes) are authenticated and approved based on their identity and reputation. By linking the
reputation to identity, authority nodes are extra stimulated to show good behaviour and not to
include malicious transactions in the blockchain. If they do, it will cause reputational damage.

Two implementations of Proof-of-Authority are Parity and Geth. Those are two well-known
applications for permissioned settings from Ethereum. (De Angelis et al., 2018) Permissioned
and permissionless are discussed in chapter 9. For now, it is important to know that
permissioned means that there must be approval to be a block producer or validator. This also
makes Proof-of-Authority suitable in the context of a closed blockchain, where there is a need
to ensure that only qualified parties approve transactions.

Because Proof-of-Authority already knows who validates and who can create new blocks, no
competition is needed on computer power. This benefits blockchain performance. The
disadvantage of Proof-of-Authority is that it is not so decentralized and therefore sensitive to
censorship. Another potential downside of Proof-of-Authority is that if the validators are
known, the validators can be corrupted to perform rogue activities on the blockchain. In
addition, validators can also blacklist people who are not allowed to use the blockchain. The
latter can also be seen as an advantage of Proof-of-Authority.

Companies that prefer to control who can write and read data to their blockchain prefer not to
use open public blockchains, where unknowns can be validators. Proof-of-Authority can offer a
solution for them. If the authority nodes already know the users and if mines are not used, it is
also possible not to set transaction costs.

- 161 -
Intermezzo: Alternative consensus protocols
Besides the aforementioned consensus protocols, there are various alternatives. Below you
will find an overview of some other protocols. We discuss three.

Proof of
Elapsed
Time
Practical
Proof of Byzantine
Importance Fault
Tolerance
Alternatieve
consensus-
protocollen
Simplified
Proof of Byzantine
Burn Fault
Tolerance
Delegated
Byzantine
Fault
Tolerance

Figure 73: Several alternative consensus protocols that are neither Proof-of-Stake nor Proof-of-Work.

Proof-of-Elapsed Time (PoET)


PoET is mainly used for permissioned blockchains. To determine who is allowed to produce
a block, a random wait time is set for each node. The node whose waiting time has passed
may produce the next block. The system requires that waiting times are generated fairly and
that no one can run multiple nodes.

Practical Byzantine Fault Tolerance (pBFT)


In pBFT, nodes are ordered sequentially. One node is a leader node and the rest are backup
nodes. When someone sends a transaction to the leader node, the leader sends it to other
nodes for verification. After each round when a block has been added by the leader, it is
rotated so that a backup node becomes a leader. If a leader fails, a backup node also
becomes a leader. The system requires 2/3 of the nodes not to be malicious. Hyperledger
Fabric, Tendermint and Zilliqa use pBFT

Proof of Importance (PoI)


PoI is similar to PoS, but it also looks at the activities, number of transactions, and the value
of the transactions that a node makes to determine who is allowed to produce the next
block. A project that uses PoI is New Economy Movement (NEM).

- 162 -
6.8 The advantages of classic Proof-of-Stake compared to Proof-of-Work
There are certain advantages of Proof-of-Stake over Proof-of-Work. What makes Proof-of-Stake
cheaper:
1. Energy efficiency.
2. The ease of staking allows more people to maintain the blockchain.
3. Conducting a 51% attack is less appealing.

6.8.1 Energy efficiency


As mentioned earlier, Proof-of-Stake is more energy efficient than Proof-of-Work because it
does not require mining nodes that compete on the basis of computing power to find valid
hashes and produce blocks. With Proof-of-Stake, anyone with a reasonable computer can stake
their coins and help validate transactions and compete to produce a block.

6.8.2 The ease of staking allows more people to maintain the blockchain
Proof-of-Work may require specialist knowledge and hardware if you want an opportunity to
produce a block. Staking, on the other hand, often does not require server knowledge. Staking
your coins is made so easy in some blockchain projects that you can set it up in under a minute.
In addition, you can sometimes stake with just one coin. Because the entry barrier is low, more
people can stake, making the blockchain more secure.

6.8.3 Conducting a 51% attack is less appealing


To perform a 51% attack on Proof-of-Stake, the attacker must own a majority - 51% - of the
coins. During the accumulation process of large quantities of these coins, especially when it
happens on an open market, the price of the coins is likely to rise. This makes a 51% attack at
Proof-of-Stake financially unattractive. Although such an attack is possible, this financial aspect
serves as a strong defence. Should the attacker be able to perform a 51% attack, the
community can still decide to hard fork and remove the attacker's stake from the blockchain.

In Proof-of-Work, the attacker must have a majority of the total computer power. That means
the attacker has to invest in hardware. Should the attack fail, the attacker could direct his
hardware to attack another Proof-of-Work project. Thus, there are fewer negative
consequences for the attacker if he conducts a 51% attack on Proof-of-Work. The 51% attack is
discussed in more detail in the next chapter.

- 163 -
Intermezzo: Stake coins yourself and earn a passive income (PIVX)
If you are looking for a way to get passive income on your cryptocurrency, it may pay to
discontinue your Proof-of-Stake coins. Staking such coins is in many cases straightforward.

Here we take the staking of the cryptocurrency PIVX as an example. PIVX stands for Private
Instant Verified Transaction and is an anonymous cryptocurrency that uses Zero-Knowledge
Proofs. You can stake two types of coins at PIVX: the public PIV coins and the anonymous
zPIV coins. If you stake zPIV, you will be rewarded with zPIV. This is ideal if you want to
anonymously stake your coins. You can also convert your PIV into zPIV and vice versa.

To stake, you must first download and install the PIVX desktop wallet from www.pivx.org.
1. When you open the wallet for the first time, it will synchronize with the blockchain.
Let the wallet synchronize completely.
2. You must have at least one PIV in your wallet. If your wallet is empty, make sure to
transfer at least one PIV to this wallet.
3. If you have at least one PIV, click on “Transactions”. Make sure that your wallet has
at least 101 confirmations.

4. If you hover with your mouse over the “arrow up" in the bottom right corner, you
should see "staking is not active".

5. To stake, go to “settings” and then click on “unlock wallet”.


6. Enter your “wallet passphrase”, check “for anonymization and staking only” and click
“OK”.
7. Congratulations! The “arrow up” turns green and strike is activated.

- 164 -
6.9 Scalability
What is not listed under the advantages of Proof-of-Stake compared to Proof-of-Work is the
scalability. Scalability mainly refers to the number of transactions that the blockchain network
can process. However, scalability also includes bandwidth and the size of the blockchain.

Transacties per
seconde

Scalability

Size of
Bandwidth
blockchain

Bandwidth means how much data can be transported over a given connection at the same
time. The larger the bandwidth, the faster you can receive and send the data. The blockchain
also has a certain size. For example, the Bitcoin blockchain is about 240GB in size on January 8,
2020. The more blocks are added, the bigger the blockchain becomes. If Bitcoin becomes a
common payment method, the blockchain may become so large that it is no longer possible for
regular users to store the Bitcoin blockchain on their computer. For example, they can no
longer help maintain the blockchain by helping to validate blocks. If specialized data storage
systems are to be developed for this, the blockchain can become more centralized. 80 In the
discussion that follows, we mainly focus on the number of transactions per second that a
blockchain can process.

80 One way to solve this is pruning. This was discussed in the intermezzo on Merkle trees in chapter 3 and in
section 4.4.4 on pruned nodes. Another way is to split the blockchain into partitions and hold nodes accountable
over a partition rather than the entire blockchain. Dividing a blockchain into partitions is covered when we discuss
sharding in section 6.9.4.
- 165 -
There are major differences among the various Proof-of-Stake projects and variants that have a
strong influence on scalability. This makes it difficult to unambiguously conclude whether
Proof-of-Stake is always more scalable than Proof-of-Work or not.

Blockchain and cryptocurrency are increasingly popular and if the technology is to be widely
adopted, it is important that it has a high processing speed. The following table shows a list of
several blockchains and how many transactions each can process. What is striking is that Bitcoin
can only handle 7 transactions per second. Ethereum, a blockchain platform on which smart
contracts and blockchain applications can be built, can handle about 20 transactions per
second.81 Bitcoin Cash is a derivative of Bitcoin, but has larger block sizes, which allows for
more transactions per block. It processes an average of 116 transactions per second
(Coinanalysis, 2019). According to official communications, BitShares can handle 100,000
transactions per second. While this is overrated and is actually closer to 3,300 transactions per
second, it is still considerably more than Bitcoin can handle. The reason BitShares is so much
faster is that it uses delegated Proof-of-Stake, which predetermines which witness will be the
next block producer and validates transactions by only a select group of witnesses.

Visa processes approximately 150 million transactions per day, which equates to approximately
1,700 transactions per second. However, the company has the capacity to handle over 65,000
transactions per second (Visa, 2019). 82 That is considerably more than many blockchains. Yet it
is not insurmountable for blockchains to be able to make more transactions than Visa. The
latest generation of blockchains such as EOS, which also uses delegated Proof-of-Stake, already
claims to handle more than 50,000 transactions per second. In addition, the EOS team is
confident that it will be able to process over a million transactions per second with few
adjustments.83
In general, we can say that the scalability of a blockchain depends on:
1. The block time.
2. The block size.
3. The distribution or decentralization level of the blockchain.
4. The way in which blocks are produced, transactions are sent to the blockchain and
transactions are verified.

81 Ethereum launched a hard fork in December 2019, called Istanbul, to address scalability and bring down Zero-
Knowledge Proofs prices, among other things.
82 This concerns Visa's capacity in August 2017.
83 See: The Truth Machine: The Blockhain and the Future of Everything (Vigna & Casey, p. 89).
- 166 -
Within the blockchain community, there are different ideas about what the right solution is to
achieve scalability. Several projects therefore differ in the four characteristics above that affect
scalability.

6.9.1 The block time


Block time is the average time in which a block is produced. With Bitcoin, the block time is 10
minutes. If your transaction is not included in the current block, you will have to wait 10
minutes to be included in the next block. Faster block time can be achieved within Proof-of-
Work by lowering the difficulty for miners to find valid hashes and produce blocks.

Lowering the block time would generally lead to faster transaction processing. However, it also
means that there is a greater chance that multiple miners will produce a block around the same
time, which may result in splits, forks, from the blockchain with orphaned blocks. In addition,
the network always needs time to signal that someone has already created a block. The
network latency must therefore be limited within a blockchain with a lower block time.
Otherwise this also leads to more orphaned blocks. As more orphaned blocks emerge, the
network needs more time to reach a consensus on which blockchain is the one. This is again at
the expense of scalability. In addition, computer power is spent on the blockchain with
orphaned blocks, while it can be better spent on the true blockchain. Less computer power for
the true blockchain means that the security of this is also less.

6.9.2 The block size


In addition to the block time, the block size also plays an important role in scalability. The
discussion about increasing block size has led to controversy and disagreement within the
Bitcoin community. A group of developers wanted to increase Bitcoin's block size from 1MB to
2MB in 2017 so that more transactions could be processed per block. This would mean that
twice as many transactions per 10 minutes could be processed.

Larger block size opponents, such as Luke Dashjr, believe it leads to greater network latency, as
it takes more time to spread the larger data across the network and validate the larger amount
of transactions in a timely manner (Luke Dashjr, 2019). According to them, this would lead to
more orphaned blocks. In addition, it would also become more expensive and difficult to run a
node. This is because larger blocks ensure that the blockchain will require significantly more
disk space and because the nodes require more bandwidth. The higher cost of running a node
- 167 -
could result in fewer people running their own node, centralizing the network of nodes among
a select few. Some opponents also think that there are enough alternatives to safely scale up
the blockchain, without implementing larger blocks.

As discussed earlier in Chapter 4, the disagreement over block size led to a split of the Bitcoin
blockchain in 2017. This split was accomplished by means of a hard fork. Supposedly,
disagreements about updates and the direction in which a blockchain should develop could
cause a blockchain to split into two separate chains, as was the case with Bitcoin and Bitcoin
Cash.

6.9.3 The distribution or decentralization level of the blockchain


The distribution and decentralization level of the blockchain can also play a major role in
scalability. Indeed, there is a strong correlation between the centralization and the processing
speed of the blockchain. As mentioned earlier, BitShares can handle significantly more
transactions per second than Bitcoin by using delegated Proof-of-Stake. The idea behind this is
that a blockchain with a select group of 19 witnesses, of whom it has already been determined
in advance who can produce the next block and validate transactions, is considerably more
scalable.

Some opponents, such as Vitalik Butterin, do not find this system decentralized enough (Mitra,
2019).84 They also believe that this model leads to voter apathy - a situation where the
community does not take the time and effort to vote for witnesses and delegates. Once voted,
apathetic voters will either leave their votes and will not reconsider, or they will simply not
vote. Finally, it is also possible that witnesses form alliances and decide to vote for each other,
so that they all fall under the group of active witnesses who are allowed to produce blocks.

84 Vitalik Buterin said the following at the Blockchain Connect Conference (2019):

“When a blockchain project claims ‘We can do 3,500 TPS because we have a different
algorithm,’ what we really mean is ‘We are a centralized pile of trash because we only
have 7 nodes running the entire thing.’”

- 168 -
6.9.4 The way blocks are produced, and transactions are verified
Finally, you can increase scalability by customizing the way blocks are produced and
transactions are verified. You can also adjust the transaction data, so that it becomes smaller,
for example. The Waves Next Generation (Waves-NG) protocol is an example that allows for
more transactions per second by changing the way blocks are produced. 85 In addition, it is also
possible to have transactions placed outside the blockchain network first, before its net
settlement is sent to the network and verified by miners.86 This is what the Bitcoin lightning
network does. There are also other ways such as sharding and plasma. We explain these three
scaling solutions further.

Lightning network
We discuss the lightning network, because it has already been implemented and has led to
many discussions within the Bitcoin community. The lightning network is powered by a specific
type of nodes, the lightning nodes. Lightning nodes are neither full nodes nor lightweight
nodes.

The lightning network was introduced within the Bitcoin network to manage transactions
outside the blockchain, so that the network was relieved. Transactions outside the blockchain
are also referred to as off-chain transactions. They solve the following three problems:
1. Bitcoin can only process about 7 transactions per second, leaving many transactions in
the mempool. The lightning network allows more transactions per second to be
processed, without the network being more heavily loaded.
2. The Bitcoin network can get clogged by many transactions. This leads to higher
transaction costs, as miners prefer to add higher fee transactions to their block. When
they find a valid block, they receive the fees. Users who want to see their transactions
processed as quickly as possible therefore give higher fees. The Bitcoin network is
therefore not suitable for micropayments.
3. Assuming a transaction is included in the next block, the transaction confirmation takes
an average of 10 minutes. This can be an obstacle for retailers who would like to see a
purchase approved directly in their store. There is always a small chance that the

85 The Waves-NG protocol is based on the proposal of Eyal et al. to scale Bitcoin with a new protocol called Bitcoin
Next Generation. However, this proposal was not implemented for Bitcoin. The Bitcoin-NG white paper can be
found here: https://www.usenix.org/system/files/conference/nsdi16/nsdi16-paper-eyal.pdf.
86 This is an example of an off-chain solution.
- 169 -
transaction will not be approved and included in a block. Some retailers are not willing
to take that risk.

The purpose of the lightning nodes is to make transactions off-chain at a lower cost, solving the
scalability problem. These off-chain transactions are later written to the blockchain. The
network of lightning nodes is called the lightning network. The Lightning network was designed
by Joseph Poon and Thaddeus Dryja in 2015. It is an extra network on the Bitcoin network and
is therefore also referred to as a layer 2 solution. Layer 2 solutions do not change the rules of
the underlying blockchain.

To achieve a transaction on the lightning network, person A sends a transaction to the lightning
network, with a wallet that supports lightning. Then you connect to a lightning node that
receives the transaction. We call him person B. The connection between person A and person B
is called a payment channel. Person A and person B can send off-chain transactions to each
other and only send the net settlement to the blockchain. The connection between person A
and person B does not always have to be a direct connection. There may be lightning nodes in
between. The major disadvantage of the lightning network is that the receiving party must be
online.87

Sharding
In current blockchain protocols, all nodes that have a copy of the blockchain verify and process
all transactions. This benefits the security of the blockchain, but also limits the scalability of the
blockchain. The question that sharding is trying to solve is whether it is possible for a small
subset of nodes to verify transactions within a blockchain, without compromising security.
Furthermore, it is a requirement that the nodes that fall under the subset do not have to be
supercomputers, so that not only people with high-end hardware can participate in securing
the network. By allowing each subset of nodes to focus on processing other transactions,
different subsets of nodes can process transactions in parallel, making the blockchain more
scalable.

With sharding, the blockchain is split into partitions, also known as “shards”. Each shard then
has its own transaction history, so that the nodes that maintain a shard only have to process

87 For more information about the lightning network, see: "The Bitcoin Lightning Network: Scalable Off-Chain
Instant Payments" (Poon & Dryja, 2016).
- 170 -
the transactions that are relevant to the shard. It is important that there are enough nodes
within the subset of transactions to verify that the system is safe.88

Plasma
Plasma is another scaling solution that is currently being worked on. Like the Lightning network,
it is a layer 2 solution. The concept was designed by Vitalik Buterin and Joseph Poon in August
2017 and aims to scale Ethereum to over millions of transactions per second. It is a framework
to create off-chain side chains that all communicate with Ethereum's main chain, also known as
root chain. side chains are also known as child chains or plasma chains. Each child chain can be
seen as a new blockchain that regularly sends their state to the main chain. For example, this
allows 1,000 transactions that normally take place on the main chain to take place on the side
chains and only have the resulting state of the side chains included on the main chain.

The intention is that everyone can create their own side chain for different use cases. For
example, there can be a side chain for a decentralized exchange, a private blockchain, a social
network. Plasma is therefore a network of blockchains that are all linked to the main chain.

Figure 74: A network of side chains linked to the main chain. Although the concept was developed for Ethereum, Plasma can also
be implemented for other blockchains. (Poon & Buterin, 2017)

88 For more information on sharding, see the Ethereum Github page on sharding:
https://github.com/ethereum/wiki/wiki/Sharding-FAQ.
- 171 -
6.9.5 Blockchain activity
The website www.blocktivity.info keeps track of how much activity there is on various
blockchains. Here we look at the number of operations that take place on it and not the
number of transactions. An operation can be a transaction of, for example, a coin, but can also
be other actions, such as voting on the blockchain, commenting on the blockchain and creating
an account on the blockchain.

In the image below you will find a screenshot of 10 blockchains with the most activities
according to Blocktivity.89 What's noteworthy is that Bitcoin, by far the best-known blockchain,
is only in fifth place with nearly a million operations in the past day. AVI stands for Activity
Valuation Index and is the ratio between the blockchain activity and the market capitalization
of the blockchain.

𝐵𝑙𝑜𝑐𝑘𝑐ℎ𝑎𝑖𝑛 𝑎𝑐𝑡𝑖𝑣𝑖𝑡𝑦
𝐴𝑐𝑡𝑖𝑣𝑖𝑡𝑦 𝑉𝑎𝑙𝑢𝑎𝑡𝑖𝑜𝑛 𝐼𝑛𝑑𝑒𝑥 =
𝑀𝑎𝑟𝑘𝑒𝑡 𝑐𝑎𝑝𝑖𝑡𝑎𝑙𝑖𝑧𝑎𝑡𝑖𝑜𝑛

What is important to us is the CUI, the Capacity Utilization Index. The CUI is the ratio between
daily blockchain activity and total blockchain capacity.

𝐷𝑎𝑖𝑙𝑦 𝑏𝑙𝑜𝑐𝑘𝑐ℎ𝑎𝑖𝑛 𝑎𝑐𝑡𝑖𝑣𝑖𝑡𝑦


𝐶𝑎𝑝𝑎𝑐𝑖𝑡𝑦 𝑈𝑡𝑖𝑙𝑖𝑧𝑎𝑡𝑖𝑜𝑛 𝐼𝑛𝑑𝑒𝑥 =
𝐵𝑙𝑜𝑐𝑘𝑐ℎ𝑎𝑖𝑛 𝑎𝑐𝑡𝑖𝑣𝑖𝑡𝑦

89 There are countless blockchains today. Not all blockchains are included in the analysis. In addition, the question
is to what extent you can compare blockchains with each other by just adding up the number of operations,
because not all operations are equally important. See Blocktivity's article, entitled "Operation Vs Transaction, the
Blocktivity big debate" (2018), for a further discussion on this
- 172 -
Figure 75: Top 13 blockchains with the most activities on www.blocktivity.com. Consulted on December 24, 2019. EOS has had
an average of 50 million operations per day in the past 7 days. Bitcoin, on the other hand, had nearly 450 thousand transactions
on average.

Bitcoin used about 50% of its blockchain capacity on December 24, and there are nearly 18,000
queued transactions that are not yet included in the blockchain. Ethereum has used
approximately 50% of its capabilities. If Bitcoin and Ethereum are to be widely adopted, they
need to significantly increase their capabilities. EOS, on the other hand, has used around 11% of
its capabilities, Tron (TRX) around 1% and BTS 0.1%.

- 173 -
6.10 Summary, terms and sources
Summary
So far, we have discussed one solution to the Byzantine Generals Problem: the Proof-of-Work
consensus protocol, as it is set up with Bitcoin, for example. According to this protocol, a data
block may only be added to the blockchain when a valid hash of the block has been found. With
Proof-of-Stake, being allowed to produce a block depends on (a) a random selection process
and (b) a "stake" such as the number of coins you have. This means that no expensive mining
equipment is required at Proof-of-Stake. The block producer at Proof-of-Stake is therefore not
called a miner but is called a forger.

There are many different variants within Proof-of-Stake. We have discussed the following four:
1. Delegated Proof-of-Stake (dPoS).
2. Leased Proof-of-Stake (lPoS).
3. Proof-of-Stake Velocity (PoSV).
4. Proof-of-Authority (PoA).

It must be said that it is doubtful whether Proof-of-Authority falls under Proof-of-Stake. It is


sometimes thought of as a form of Delegated Proof-of-Stake.

At Delegated Proof-of-Stake you cannot just stake your coins to be able to produce new blocks.
A Delegated Proof-of-Stake system is best compared to an ongoing representative democracy
where anyone who has a coin can vote for witnesses and delegates. The role of witnesses is to
validate transactions and produce new blocks. For this service they receive a reward per block
produced. Delegates have no role in verifying transactions and validating and producing blocks.
The role of delegates is to oversee the governance structure of the blockchain protocol.

With leased Proof-of-Stake, everyone can lease their coins at stake nodes. When these stake
nodes have received more coins as a lease, the chance that the stake nodes may produce a
block is greater. The stake nodes will then distribute the reward proportionally between
themselves and everyone who has leased coins to them.

What distinguishes Proof-of-Stake Velocity from classic Proof-of-Stake is that users are
rewarded for (a) the number of coins they hold and (b) how actively they use their coins. The
community is therefore encouraged to not only keep the coins, but to actually use them for
transactions.

- 174 -
At Proof-of-Authority, block producers (authority nodes) are authenticated and approved based
on their identity and reputation. By linking the reputation to identity, authority nodes are extra
stimulated to show good behaviour and not to include malicious transactions in the blockchain.
If they do, it will cause reputational damage.

There are certain advantages of Proof-of-Stake over Proof-of-Work. What makes Proof-of-Stake
cheaper:
1. Energy efficiency.
2. The ease of stake allows the blockchain to be better distributed.
3. Conducting a 51% attack is less appealing.

The scalability of a blockchain is partly linked to the consensus mechanism that is used. Because
there are many different variants of Proof-of-Stake, we do not draw a clear conclusion that
Proof-of-Stake blockchains are always more scalable than Proof-of-Work blockchains. In
general, we can say that the scalability of a blockchain depends on:
1. The block time.
2. The block size.
3. The distribution or decentralization level of the blockchain.
4. The way in which blocks are produced, transactions are sent to the blockchain and
transactions are verified.

Some scaling solutions that have been implemented or are currently under investigation are
the lightning network, sharding and plasma.

Finally, it is important to realize that the market capitalization of a blockchain does not always
mean that the blockchain actually processes more mutations.

- 175 -
Comments you can now explain
• Proof-of-Stake is more energy efficient than Proof-of-Work, because there is no competition
for computer power in block production.
• Delegated Proof-of-Stake can handle more transactions per second than blockchains that
are more decentralized.
• Leased Proof-of-Stake encourages people to participate in the stake process.
• It is possible to make a variant of Proof-of-Stake in which the chance of creating a new block
is not entirely dependent on the number of coins you stake.
• Proof-of-Authority is similar to Delegated Proof-of-Stake, but more commonly used in
closed, permissioned blockchains.
• You can increase scalability by having transactions take place off-chain.

Glossary of Terms
Activity Valuation Index: The ratio between the blockchain activity and the market
capitalization of the blockchain.

Bandwidth: The amount of data that can be carried over on a given connection at the same
time. The larger the bandwidth, the faster you can receive and send the data.

Capacity Utilization Index: The ratio between daily blockchain activity and total blockchain
capacity.

Child chain: See side chain.

Decentralization level: How decentralized a blockchain is. A blockchain with more nodes that
maintains a copy of the blockchain is more decentralized than a blockchain with a smaller group
of nodes.

Delegate: A delegate is chosen to oversee the governance structure of a Delegated Proof-of-


Stake blockchain protocol. For example, they can make a proposal to change the size of the
blocks or to change the reward for witnesses. If a delegate has submitted a proposal, the
community can vote for or against.

Delegated Proof-of-Stake (DPoS): A consensus mechanism in which a select group of witnesses


produce blocks. These witnesses are democratically elected by the community.

DPoS: See Delegated Proof-of-Stake.

Forger: Someone who stakes his coins at a Proof-of-Stake blockchain to produce a block. At
Proof-of-Work, it is the miner who supplies computer power to be able to produce blocks.

- 176 -
Decentralized Exchange (DEX): A trading exchange built on a blockchain. By using blockchain
technology, many security issues are resolved.

Leased Proof-of-Stake (LPoS): Leased Proof-of-Stake allows you to lease your coins to staking
nodes. When these staking nodes have received more coins as a lease, the chance that the
staking nodes may produce a block is greater. The staking nodes will then distribute the reward
proportionally between themselves and everyone who has leased coins to them.

Lightning network: A scaling solution by having transactions take place off-chain before the
settlement of the transactions is sent to the blockchain. This will relieve the blockchain
network.

LPoS: See Leased Proof-of-Stake.

Off-chain: Outside the blockchain.

Permissioned: A permissioned blockchain is a blockchain in which you must first obtain


permission to act as a validator of blocks and a block producer.

Plasma: A scaling solution in which side chains (child chains or plasma chains) are made that are
linked to the main chain (root chain). You can think of side chains as new blockchains that
regularly send their state to the main chain. Plasma is therefore a network of blockchains that
are linked to the main chain.

Plasma chain: See side chain.

PoA: See Proof-of-Authority.

POS: See Proof-of-Stake.

PoSV: See Proof-of-Stake Velocity.

Proof-of-Authority (PoA): Block manufacturers at Proof-of-Authority (authority nodes) are first


authenticated and approved based on their identity and reputation. By linking the reputation to
identity, authority nodes are extra stimulated to show good behaviour and not to include
malicious transactions in the blockchain. This consensus mechanism is mainly used in closed
and permissioned blockchains.

Proof-of-Stake: A consensus mechanism where a block producer is chosen based on a random


selection process and the stake they own.

Proof-of-Stake Velocity (PoSV): Is a variant of Proof-of-Stake that tries to prevent people from
pocketing their coins. Users are rewarded for the number of coins they hold and how actively
they use their coins.
- 177 -
Scalability: The processing capacity of a blockchain. This mainly focuses on the number of
transactions per second that a blockchain can process.

Sharding: A scaling solution in which the blockchain is split into partitions, also known as
“shards”. Each shard then has its own transaction history, so that the nodes that maintain a
shard only have to process the transactions that are relevant to the shard. It is important that
there are enough nodes within the subset of transactions to verify that the system is safe.

Side chain: A chain that is linked to the root chain. See plasma.

Stake: A share that a person owns in a blockchain, expressed in the number of coins they own.

Staking: Holding coins in a crypto wallet to support the blockchain network. The probability
that you can produce a block at Proof-of-Stake depends on the number of coins you stake.

Witness: A witness is chosen to validate transactions and produce new blocks. For this service
they receive a reward per block produced.

Sources
de Angelis, S., Aniello, L., Baldoni, R., Lombardi, F., Margheri, A., & Sassone, V. (2018). PBFT vs
proof-of-authority: applying the CAP theorem to permissioned blockchain - ePrints Soton.
Soton.Ac.Uk.
https://doi.org/https://eprints.soton.ac.uk/415083/1/bc_consensus_alg.pdf

BitShares. (n.d.). BitShares. Consulted on December 27, 2019, from Bitshares.org website:
https://wallet.bitshares.org

Blocktivity. (2018, November 29). Operation Vs Transaction, the Blocktivity big debate.
Consulted on December 27, 2019, from Busy website:
https://busy.org/@blocktivity/operation-vs-transaction-the-blocktivity-big-debate

Blocktivity. (n.d.). Block activity. Consulted on December 27, 2019, from Blocktivity.info
website: https://www.blocktivity.info/

Casey, M., & Vigna, P. (2019). The truth machine: the blockchain and the future of everything.
New York, Ny: Picador; St. Martin's Press.

Ethereum. (n.d.). , github.com/ethereum/wiki/wiki/Sharding-FAQ. Consulted Dec 29, 2019.

Evan. (2019, March 22). How many transactions per second can Bitcoin Cash handle?
Consulted on December 27, 2019, from Coinanalysis website: https://coinanalysis.io/how-
many-transactions-per-second-bitcoin-cash/

- 178 -
Eyal, I., Robbert Van Renesse, Efe, A., Emin, G., Sirer, G., Gencer, A. E., ... van Renesse, R. (2015).
Bitcoin-NG: A Scalable Blockchain Protocol. Consulted from arXiv.org website:
https://www.usenix.org/system/files/conference/nsdi16/nsdi16-paper-eyal.pdf

Luke Dashjr. (May 19, 2019). Luke Dashjr "Briefly, Why Block Sizes Shouldn't Be Too Big
[YouTube]. Consulted from https://youtu.be/CqNEQS80-h4

Mitra, R. (2019, February 8). Vitalik Buterin calls EOS, TRON, and NEO “centralized piece of
trash.” Consulted on December 27, 2019, from FXStreet website:
https://www.fxstreet.com/cryptocurrencies/news/vitalik-buterin-calls-eos-tron-and-neo-
centralized-piece-of-trash-201902080151

Payments. Consulted from https://lightning.network/lightning-network-paper.pdf

PIVX. (2019). PIVX. Consulted on December 27, 2019, from PIVX website:
http://www.pivx.org/

Poon, J., & Buterin, V. (2017). Plasma: Scalable Autonomous Smart Contracts. Consulted from
https://plasma.io/plasma.pdf

Poon, J. & Dryja, T. (2016). The Bitcoin Lightning Network: Scalable Off-Chain Instant

Visa. (2019). Visa Fact Sheet. Consulted on December 27, 2019, a VISA website:
https://usa.visa.com/dam/VCOM/download/corporate/media/visanet-
technology/aboutvisafactsheet.pdf

Icons
Community and coins created by Freepik from www.flaticon.com

- 179 -
- 180 -
7. 51%- attacks and decentralization

“As revolutionary as it sounds, Blockchain truly is a mechanism to bring


everyone to the highest degree of accountability. No more missed transactions,
human or machine errors, or even an exchange that was not done with the
consent of the parties involved. Above anything else, the most critical area
where Blockchain helps is to guarantee the validity of a transaction by recording
it not only on a main register but a connected distributed system of registers, all
of which are connected through a secure validation mechanism.”
- Ian Khan (n.d.)

7.1 Introduction and learning objectives


In this chapter you will learn
• The fundamental difference in the security model of open blockchains and traditional
networks.
• What the blockchain trilemma is.
• What a 51% attack is and how a Proof-of-Work blockchain can be attacked through such an
attack.
• How a 51% attack can take place on a Proof-of-Stake blockchain.
• That there are different levels of decentralization in the following aspects of a blockchain:
architectural, political and logical.
• What the main reasons for decentralization are.

Introduction
As discussed in Chapter 3, blockchain is a solution to the Byzantine Generals Problem. The
solution lies in reaching consensus.

In this chapter, we first discuss the fundamental difference in the security model of Proof-of-
Work and Proof-of-Stake in section 7.2 and compare it with the security model of traditional
systems, which uses access controls. Then we will discuss the blockchain trilemma in 7.3. The
trilemma shows that there are trade-offs in scalability, security and decentralization. Section
7.4 deals with 51% attacks in Proof-of-Work and Proof-of-Stake blockchains. We will cover here
- 181 -
how individuals with malicious intentions can attack the blockchain by hijacking a majority of
the consensus. We will then elaborate on the concept of decentralization in section 7.5. This
shows that decentralization is possible at different levels. The purpose of the section is to make
you more aware of the different aspects of decentralization within blockchains and
organizations. Finally, we conclude with paragraph 7.6, which contains a summary, a list of
important terms and the source list of the chapter.

7.2 Security model: access controls or open


The security model of Proof-of-Work and Proof-of-Stake is fundamentally different than that of
traditional systems. Traditional systems have user access controls so that malicious users can
be denied access. To gain access to an environment, for example, you need to be
authenticated. The fundamental difference here from blockchain systems we have discussed so
far is that these traditional networks must have confidence that those who have access to the
system are not malicious. For example, you have to trust the administrator of the database, or
even the users who write information to the database. The result of such systems is that they
are often closed and small networks.

Blockchain systems such as Bitcoin and Ethereum, for example, are open. No authentication is
required from users and anyone can try to write data to the blockchain. The trust model is
therefore not based on access controls, but on whether the miners are able to solve a difficult
hashing problem or not and whether there is consensus about the state of the blockchain.
There is no central authority or trusted third party in the consensus network. Malicious users
cannot impersonate a trusted third party, because they are not there. There is also no one who
can steal master keys to shut down the network, because these master keys do not exist. This
allows these networks to be open to everyone.90

Andreas Antonopoulos calls such systems open, limitless, neutral, resistant to censorship and
public. They are open because everyone has access to the blockchain. In addition, it is open to
developers who want to contribute to the blockchain software. They are limitless because they
are accessible to everyone in the world. This makes it so difficult for national governments and
central banks to regulate them. They are neutral because power cannot be centralized.
Everyone who participates in the ecosystem adheres to the consensus protocol. No one has
additional privileges that are not included in the protocol. They are resistant to censorship,

90 See ‘Bitcoin security model: Trust by computation’ (Antonopolous, 2014).


- 182 -
because the state of the blockchain cannot simply be changed without consensus. They are
public because the blockchain is distributed across every computer running a full node.91

Open blockchains
Open blockchains contain the following five
properties, according to Andreas Antonopoulos:
1. Open source.
2. Limitless.
3. Neutral.
4. Resistant to censorship.
5. Public.

In chapter 9 public, private and consortium blockchains are discussed. In addition, that chapter
also explains the difference between open and closed blockchains.

7.3 The blockchain trilemma


In the blockchain world, the blockchain trilemma is frequently used to indicate that there are
trade-offs in the following three properties of a blockchain:
1. Scalability.
2. Security.
3. Decentralization.

Scalibility

Security Decentralization

Figure 76: The blockchain trilemma.

91 Also see Andreas Antonopoulos' lecture on Open Blockchains vs Bullshit (Antonopoulos, 2017).
- 183 -
A highly decentralized blockchain is more secure, but at the expense of scalability. The Bitcoin
blockchain is an example of this. If it is highly scalable and centralized, it is less secure. Private
blockchains are an example of this. For this reason, blockchain projects should make a good
trade-off between these three properties. (The European Union Blockchain Observatory and
Forum, 2019, pp. 10-11)

7.4 51%-attack
Because the blockchain trust model is decentralized and based on consensus, it is possible to
attack blockchains by hijacking consensus with a 51% attack.
We discuss how a 51% attack can take place in both Proof-of-Work and pure Proof-of-Stake.
Because different blockchains also have different consensus protocols, the ways in which 51%
attacks are executed can differentiate.

7.4.1 Proof-of-Work
As explained earlier, the true blockchain is always the longest blockchain. To perform a
successful 51% attack, you must therefore create the longest blockchain. To accomplish this,
the attacker must obtain a majority of the total computing power on the network.

Why would anyone want to launch a 51% attack? An important reason for doing this is to be
able to double-spend Bitcoins. Such an attack proceeds in the following five steps. Here we
assume that a malicious miner already has a majority of the hashing power and can therefore
generate block hashes faster than the rest of the network combined.

1. Honest miners add blocks to the public Bitcoin blockchain and broadcast them over the
network. Meanwhile, the malicious miner adds blocks to the Bitcoin blockchain that he
keeps locally on his own computer. However, he does not send the blocks he adds to
the network for validation.

Public
Blok Blok Blok Blok Blok
Bitcoin
22 23 24 25 26
blockchain

Local
Blok Blok Blok
Bitcoin
23 24 25
blockchain

Figure 77: Step 1 of a 51% attack on Proof-of-Work.

- 184 -
2. The malicious miner spends his Bitcoin on the public blockchain in block 25 - for
example, for the purchase of a Lamborghini. The transaction is approved by the network
and included in block 26. The seller does not realize that he is dealing with a malicious
miner and is giving him a Lamborghini. Meanwhile, the miner is not adding this
transaction to his local Bitcoin blockchain.

3. Honest miners continue to add blocks to the public blockchain. However, new blocks are
no longer being added as quickly, because the malicious miner has taken his computer
power from the public chain. He focuses his computing power on producing new blocks
on his own local blockchain. Since he has more hashing power than all honest miners on
the public blockchain combined, he can create blocks faster. He is catching up with the
public blockchain and now has a longer blockchain.

Public
Blok Blok Blok Blok Blok
Bitcoin
22 23 24 25 26
blockchain

Local
Blok Blok Blok Blok Blok
Bitcoin
23 24 25 26 27
blockchain

Figure 78: Steps 2 and 3 of a 51% attack on Proof-of-Work.

4. Honest miners always follow the protocol and the protocol mandates that they must
follow the longest version of the blockchain. The malicious miner is broadcasting his
longer version of the blockchain to the rest of the public network. This ensures that the
honest miners automatically switch to the blockchain version of the malicious miner. All
Bitcoin balances and previous transactions will be updated in accordance with the
malicious blockchain.

- 185 -
Public
Blok Blok Blok Blok Blok
Bitcoin
22 23 24 25 26
blockchain

Local
Blok Blok Blok Blok Blok
Bitcoin
23 24 25 26 27
blockchain

Figure 79: Step 4 of a 51% attack on Proof-of-Work.

5. The old public blockchain is abandoned because it is shorter. All data within this entire
blockchain has now become irrelevant. Because the Bitcoins he spent on the public
blockchain on a Lamborghini have never been spent on his local blockchain, the
malicious miner gets access to these Bitcoins again and can spend them again. In other
words, the malicious miner can double-spend Bitcoin's.

Blockchain
that has Blok Blok Blok Blok Blok
become 22 23 24 25 26
irrelevant

Public
Blok Blok Blok Blok Blok
Bitcoin
23 24 25 26 27
blockchain

Figure 80: Step 5 of a 51% attack on Proof-of-Work.

While it is extremely difficult for a single malicious miner to get a majority of the hashing
power, it is still considerably easier for mining pool operators if they decide to conspire.

- 186 -
7.4.2 Proof-of-Stake
A 51% attack on a Proof-of-Stake blockchain works differently. To execute a 51% attack on a
Proof-of-Stake blockchain, you must have a majority of the stake. That means that you have to
get a majority of the stake coin. You can either buy or earn these coins with stake rewards.
Earning stake rewards requires that you already have tokens in the first place.

If you buy more than 50% of the available supply, there will be a shortage of liquidity on the
market with a significant price increase of the coin as a result. This makes coordinating the
attack, made possible by purchasing the coins, financially unappealing. In addition, the ease
with which you can stake coins encourages people to stake. This makes the Proof-of-Stake
blockchain more decentralized, making it more difficult for a party to obtain a majority of the
coins.

If there is a 51% attack on a blockchain, there is always the possibility to undo the malicious
transactions with a hard fork, or to restart with a new undamaged chain. It is preferable to do
this with full consensus of the network. In the case of Proof-of-Stake, the malicious miner who
coordinated the attack has lost a lot of money for coins that eventually become worthless. In
the case of Proof-of-Work, the malicious miner has purchased expensive mining equipment.
After a failed 51% attack, he can deploy the same equipment to attack another Proof-of-Work
blockchain. If an attacker of a Proof-of-Stake blockchain wants to attack another Proof-of-Stake
blockchain, he must once again obtain a majority of the coins from that other chain. This
generally makes a 51% attack on a Proof-of-Stake chain less appealing.

- 187 -
Intermezzo: Other attacks
In addition to 51% attacks, there are other countless attacks that can be carried out on a
blockchain project. As with traditional internet applications, blockchain technology remains
susceptible to various types of attacks. Here are some examples:
1. All software contains errors, including blockchain technology. These errors can be
exploited by malicious parties. This risk can be mitigated by good preliminary testing
methods and rapid recovery of errors as they become known.
2. There will always be people with extra authorizations, such as software developers.
We usually trust the developers, but malicious people may gain access to the
developers' computers and secretly make changes to the software that will be put to
use later. Good measures must be taken against this, which is more difficult if less
attention is paid to it because of a freer culture than, for example, at banks.
3. Blockchain applications can also attack infrastructure, for example to disrupt the
availability.

Where financial institutions pay a lot of money and attention to testing security, public
blockchain applications sometimes focus more on functional operation and there is less
knowledge and budget for the above aspects.

It is important to realize that blockchain is not the solution for everything and by no means
removes all the weaknesses that occur on centralized networks. Blockchain applications also
have vulnerabilities that can be exploited. Furthermore, blockchain technology will bring
new challenges and new ways to attack the network. The 51% attack is one such way.

The following table shows several attacks that are possible on a blockchain project. These
attacks are divided into five different categories in the table and can have different causes
(Mosakheil, 2018). Smart contracts are discussed in the next chapter.

- 188 -
Security Threats Attack vectors Causes
Category
Double-Spending threats Race Attack Transaction verification mechanism
Finney Attack Transaction verification mechanism
Vector76 Attack Transaction verification mechanism
Alternative History Attack Transaction verification mechanism
Nothing-at-Stake Attack Consensus Mechanism
51% Attack Consensus Mechanism
Mining/Pool threats Selfish Mining/Block-discard Consensus Mechanism
Attack
Block-Withholding Attack Consensus Mechanism
Fork-After-Withhold Attack Consensus Mechanism
Bribery Attack Consensus Mechanism
Pool Hopping Attack Consensus Mechanism
Wallet threats Vulnerable signature ECDSA weakness, weak
arbitrariness
Collision & Pre-Image Attack Weaknesses in ECDSA, SHA256 and
RIPEMD
Flawed key generation Weaknesses in ECDSA
Bugs & Malware Weaknesses in ECDSA
Network threats DDoS Attack External resources
Transaction Malleability Attack Blockchain protocol
Timejacking Attack Blockchain protocol
Partition Routing Attack Internet routing
Delay Routing Attack Internet routing
Sybil Attack Structured P2P network limitation
Eclipse Attack Blockchain protocol
Balance Attack Consensus Mechanism
Punitive and Feather forking Consensus Mechanism
Attack
Smart Contracts threats Vulnerabilities in contracts Application design
source code
Vulnerabilities in EVM Bytecode EVM design
Vulnerabilities in Blockchain Program design
Eclipse Attack on Smart contract EVM design
blockchain

We will explain some of these attacks.

- 189 -
Nothing-at-stake-attack
The nothing-at-stake attack is an attack that occurs with Proof-of-Stake. There may also be
splits (forks) in the blockchain at Proof-of-Stake. This can be done, for example, by soft forks
or hard forks, but also when orphaned blocks arise because two valid blocks are produced
around the same time. As a result, there are (temporarily) two chains. At Proof-of-Work, the
miner has a limited amount of computing power available and will aim to target the chain
that he expects to be the longest chain. The computing power he supplies to a chain that
does not become the longest chain, are basically lost electricity costs.

In Proof-of-Stake, a forger can attempt to create a subsequent block at no cost on both


chains simultaneously. The number of stake he has is the same on both chains. By trying to
create blocks on both chains, the forger doesn't care which of the chains becomes the
longest chain, because he does get his reward if he becomes the block producer of one of
the chains. So forgers don't discourage forks in the blockchain, making it easier to double-
spend. An attacker who wants to double-spend could take the following steps after a fork
has occurred:
1. The attacker tries to build blocks on both chains (fork A and fork B).
2. The attacker uses part of his coins on fork A to buy a Lamborghini.
3. After the attacker has received his Lamborghini, the attacker no longer focuses his
stake on fork A, so that fork B has a larger stake and a new block is created there
quicker.
4. Fork B becomes a longer chain.
5. Fork A dies, while the attacker still has full access to his coins on fork B. This allows
him to buy other products.

Chain that
has become Buys
fork A Dies
irrelevant Lambo

Longest All
fork B
chain staking
power

Attacker gets his


strike power from
chain A.

- 190 -
Vulnerable signature
The creation of public-private keys is done with Bitcoin and many other blockchains with
Elliptic Curve Digital Signature Algorithm (ECDSA). It is important that the chance that an
ECDSA generates the same keys is minimal. If there is a weakness, ECDSA used it, then it is
possible that someone else has created the same private key as you.

DDoS-attack
Decentralization of the blockchain makes it more difficult for an attacker to perform a
successful DDoS attack than with a conventional client-server model. In a DDoS attack, the
network is flooded with requests, so that the servers can no longer process the requests and
are turned off. Smaller or private blockchains with few nodes are more likely to have DDoS
attacks.

Sybil-attack
In a Sybil attack on a blockchain, someone creates multiple nodes on the blockchain
network. These nodes can then disrupt the network by, for example, refusing to forward
blocks they have received to the honest nodes. This allows nodes and users to be blocked on
the network.

Corrupt core developers


Other ways to attack a blockchain is by simply corrupting core developers. An attacker could
encourage developers to write malicious code. Especially when there is not enough
supervision of the written code, this is a good attack option.

It is also possible that application code has been written incorrectly. For example, if a smart
contract holds funds, but the smart contract is not properly written, it may just be that
someone can take the funds out of the smart contract. Think for example of the Genesis
DAO hack from Ethereum.

Access to servers
Finally, we would like to mention that it is also possible to steal the keys from a server
administrator. This is a major problem, especially for small blockchain projects with few
nodes. If a blockchain consists of 5 nodes and you know how to access 3 of the 5 nodes, you
could take over the network.

- 191 -
7.5 Decentralization
As mentioned before, decentralization is important to be able to ward off attacks. However,
there is no clear definition of what decentralization means. When we talk about
decentralization, we often speak in terms of power over a network's resources, or in terms of
the way information moves across the network. Decentralization helps prevent one or a small
group of parties from getting a majority of the hashing power or staking coins. This prevents
only one or a small group of parties from validating blocks, so that power over the network is
not centralized in one or a few points.

The World Wide Web Foundation describes decentralization as the process of not requiring
permission from a central authority to post anything on the web. There is no central controlling
node and therefore no Single Point of Failure. According to the Web Foundation, this is also
inherently related to individual freedom against arbitrary censorship and surveillance.92

A common image regarding decentralization and its alternatives the following one by Paul
Baran.

Figure 81: Centralized, decentralized and distributed network architecture (Baran, 1964).

The image distinguishes between (a) a centralized, (b) a decentralized and (c) a distributed
network. A centralized network architecture has a central database that is also the Single Point
of Failure. On the other hand, maintenance of the network is relatively easy. The administrator

92 See "History of the Web" at Webfoundation.com (n.d.).


- 192 -
of the central database does not need to consult with the others who are connected to the
network how, when and which update to implement. The network is also less complex to
develop.
A decentralized network has a limited number of points that can fail. Maintenance is somewhat
less easy than with a centralized network and the development of such a network is moderately
complex.

Finally, a distributed network can have an infinite number of failure points, without the
network collapsing. However, maintenance is considerably more difficult and the development
of such a network is very complicated. Indeed, more coordination needs to take place with
regard to the maintenance and development of the software.93 The three architectures are
compared in the table below.

Properties Centralized Decentralized Distributed


Failure points Single point Limited amount Infinite
Maintenance Easy Moderate Difficult
Ease of development Less complex Moderately complex Very complex
Table 3: The properties of a centralized, decentralized and distributed network architecture.

7.5.1 Three types of decentralization


According to Vitalik Buterin, one of the founders of Ethereum, Baran's classification is not very
helpful if we want to understand decentralization on a deeper level. According to Buterin,
decentralization is more than just architectural. 94 He distinguishes between the following three
different types of decentralization:
1. Architectural decentralization: how many physical computers does the network consist
of? How many of these computers can fail at any time without the network collapsing?
2. Political decentralization: how many individuals or organizations manage the
computers that make up the system?
3. Logical decentralization: do the interfaces and data structures that the system presents
and maintains look like an integrated whole or as a formless swarm? In other words, if
you divide the system in two, will both halves be able to fully operate as independent
parts?

93 The table partly reflects the distinction that Truong et al. makes between centralized, decentralized, and
distributed networks in "A Survey on Trust Computation In the Internet of Things" (2016).
94 See "The Meaning of Decentralization" (Buterin, 2017).
- 193 -
Blockchains can contain a combination of decentralized dimensions. Buterin has divided the
different combinations of dimensions into a diagram and tried to fit current organizations
there. The placements of the organizations are questionable, but they do help us to view
decentralization from multiple perspectives:
1. Traditional companies are politically centralized because they have one CEO. In addition,
they are architecturally centralized, because they have one head office from where
other offices are controlled. Finally, they are logically centralized, because you can't
really split the company in half.
2. Direct democracies are politically decentralized, because the votes are divided among a
large number of voters. In addition, they are architecturally centralized if the voting
process is done through a centralized forum. 95 Finally, they are logically centralized,
because the vote leads to a generally agreed result and unambiguous decisions. You can
also argue that there is one parliament that makes the legislation. It therefore looks like
an integrated whole.
3. Blockchains are politically decentralized, because no one has all the power over a
blockchain. In addition, they are architecturally decentralized, because there is no Single
Point of Failure. Finally, they are logically centralized because there is one generally
agreed state of the blockchain, and the system behaves like one computer.
4. The English language is politically decentralized. In addition, it is architecturally
decentralized, because no central infrastructure is required to set up a language.
Grammar rules are also not created and managed by a single person. Finally, it is
logically decentralized. You can split an English-speaking population into two and the
English language will not change - evolve at most slowly into slightly different dialects,
but the language fundamentally remains English.
5. Esperanto is initially politically centralized because Zamenhof was the only one who
managed the rules of the language. In addition, it is architecturally decentralized, as
there is no central infrastructure that further refined the language once it was released.
Finally, it is logically decentralized, because you can split Esperanto-speaking people
without the language collapsing and becoming unrecognizable.

95 You could argue that it is architecturally decentralized when the community has agreed to always move to a
different forum when the current forum owners have false intentions.
- 194 -
Logical Centralization Logical Decentralization
Political Political Political Political
centralization decentralization centralization decentralization
Architecturally

Architecturally
centralized

centralized
Traditional Direct
companies democracy ? ?

Architecturally
decentralized
Architecturally
decentralized

Esperanto English
? Blockchains
(initial) language

Figure 82: Three dimensions of decentralization, according to Vitalik Buterin (2017).

7.5.2 Three arguments for decentralization


In general, these are the three arguments for decentralization:
1. Decentralized systems are resistant to the failure of one or more parts of the network.
2. Decentralized systems do not have sensitive central points that can be manipulated or
attacked, without significant costs to coordinate the attack.
3. Decentralized systems are resistant to the collusion of participants who act in a way that
favours them at the expense of others. (Buterin, 2017)

To what extent are blockchains resistant to failure, manipulation, attack and collusion? It is true
that the chance that a multitude of nodes will fail at the same time is very small. However, it is
possible that a multiple of the nodes run on the same software version. The danger here is that
the software contains a bug, or that the development team is corrupt. In addition, there may be
a concentration of miners in certain countries. The risk here is that the government of these
countries may decide to seize or close all mining farms. It is also possible that the majority of
mining equipment is built by one or a select group of companies. These companies can be
bribed or forced to place weaknesses in the equipment. Finally, it is also possible that an

- 195 -
exchange contains a large part of the coins. With a Proof-of-Stake blockchain, the exchange
manager could launch a 51% attack.

For the above reasons, it is important that there are different, competitive software
implementations and that the participation in software development is decentralized. People
should be free to participate in discussions and criticize protocols.96 It is also important that
researchers and developers have a variety of backgrounds and are not from one or a few
companies. Mining algorithms must be designed in such a way that there is a minimal risk of
centralization. The benefits of Proof-of-Stake compared to Proof-of-Work and vice versa should
also be considered. Hybrid versions could perhaps be designed, taking over the strengths of
both consensus mechanisms. Finally, the system must be designed in such a way that the costs
of coordinating an attack outweigh the benefits. This attack / defence asymmetry discourages
potential attackers from coordinating an attack.

Although the blockchain world usually talks about removing trusted intermediaries, trust is
always needed in certain people or groups. For example, people who use Bitcoin themselves,
but cannot read the source code, have confidence that developers perform their tasks well.

96 There are examples where discussions are censored to suppress certain opinions. One example takes place on
Reddit and involves removing comments that speak positively about increasing Bitcoin block size. See "A (brief and
incomplete) history of censorship in /r/Bitcoin" by John Blocke (2016).
- 196 -
Intermezzo: Anti-fragility
Another way to look at the stress resistance of blockchains is from the perspective of anti-
fragility. The term, anti-fragile, was introduced by Nassim Nicholas Taleb in his book
Antifragile: Things That Gain From Disorder (2012). In this he contrasts anti-fragility with
fragility and robustness. A fragile system will break if there is too much resistance. A robust
system, on the other hand, is able to withstand the resistance. An anti-fragile system,
however, will break through the resistance and then recover in a state stronger than before
it breaks. Antifragile systems are highly adaptive and take advantage of the resistance. Take
a porcelain cup, for example. If we drop the cup it will break - it is fragile. If we harden it
until it no longer breaks with every fall, the cup will have become robust. However, what if
we didn't harden it, but change the structure of the cup so that the cup would grow every
time it fell? That is anti-fragility.

The iterative and decentralized nature of open blockchains makes them anti-fragile. After
every crisis or attack on the blockchain, the code is rewritten to resolve issues, so that the
next version is more resistant to new attacks. The internet was also very vulnerable to
attacks in its early days, but gradually became more stable and resistant. Like the Internet,
attacks on blockchain networks will strengthen these networks, provided developers learn
from the weaknesses. For example, today's Bitcoin network looks different than in the early
days. It has become more stable and resistant to attacks over the years.

- 197 -
7.6 Summary, terms and sources
Summary
The security model of Proof-of-Work and Proof-of-Stake is fundamentally different from that of
traditional systems. Traditional systems have user access controls so that malicious users can
be denied access. The fundamental difference here from blockchain systems we have discussed
so far is that these traditional networks must have confidence that those who have access to
the system are not malicious. Blockchain systems such as Bitcoin and Ethereum, for example,
are open. No authentication is required from users and anyone can try to write data to the
blockchain. Andreas Antonopoulos calls such systems open, limitless, neutral, resistant to
censorship and public.

In the blockchain world, the blockchain trilemma is often used to indicate that there are trade-
offs in scalability, security and decentralization.

Because the blockchain trust model is decentralized and based on consensus, it is possible to
attack blockchains by hijacking consensus with a 51% attack. With a Proof-of-Work blockchain,
the attacker must obtain a majority of the total computing power on the network. With a
Proof-of-Stake blockchain, the attacker must obtain a majority of all stake.

Decentralization is important to ward off attacks. In general, these are the three arguments for
decentralization:
1. Decentralized systems are resistant to the failure of one or more parts of the network.
2. Decentralized systems do not have sensitive central points that can be manipulated or
attacked, without significant costs to coordinate the attack.
3. Decentralized systems are resistant to the collusion of participants who act in a way that
favours them at the expense of others. However, there is no clear definition of what
decentralization means.

Vitalik Buterin distinguishes between architectural, political and logical decentralization.

- 198 -
Comments you can now explain
• Traditional database systems need access controls to deny malicious users access.
• Open blockchains are designed in such a way that everyone can write and read data from the
blockchain. Security is ensured here by consensus mechanisms.
• When setting up a blockchain, you must take into account the blockchain trilemma. It is
difficult to set up a scalable, highly secure and highly decentralized blockchain.
• In a 51% attack, try to create the longest chain and then send it out to the rest of the
network.
• Using the words decentralized and distributed can be confusing.
• Blockchains are politically and architecturally decentralized, but logically centralized.
• A blockchain must be arranged in such a way that the costs of coordinating an attack on the
blockchain outweigh the benefits.

Glossary of Terms
51% attack: One of the possible attacks on a blockchain. With a Proof-of-Work blockchain, the
attacker must obtain a majority of the total computing power on the network. With a Proof-of-
Stake blockchain, the attacker must obtain a majority of all stake.

Attack / Defence Asymmetry: The costs of coordinating an attack are greater than the benefits.

Anti-fragile: An anti-fragile system breaks through the resistance and then recovers in a state
stronger than before it broke. The Bitcoin blockchain is also sometimes referred to as an anti-
fragile system, because developers continuously update the blockchain and make it stronger
after an attack.

Architectural decentralization: How many physical computers does the network consist of?
How many of these computers can fail at any time without the network collapsing?

Blockchain trilemma: When setting up a blockchain, there are trade-offs regarding the
following three properties of a blockchain: scalability, security and decentralization.

Decentralization: The World Wide Web Foundation describes decentralization as the process of
not requiring permission from a central authority to post anything on the web. There is no
central controlling node and therefore no Single Point of Failure. According to the
WebFoundation, this is also inherently related to individual freedom against arbitrary
censorship and surveillance. According to Vitalik Buterin, there are three levels of
decentralization: architectural, political and logical.

Fragile: A fragile system breaks when there is too much resistance.

- 199 -
Distributed: See decentralization.

Logical decentralization: Do the interface and data structures that the system presents and
maintains look like as an integrated whole or as a formless swarm? In other words, if you divide
the system in two, will both halves be able to fully operate as independent parts?

Open blockchain: According to Andreas Antonopoulos, an open blockchain is open source,


limitless, neutral, resistant to censorship and public.

Political decentralization: How many individuals or organizations manage the computers that
make up the system?

Robust: A robust system is able to withstand resistance.

Access controls: Controls on access to, for example, a database.

Sources
Antonopoulos, A. (2007). Open Blockchains vs Bullshit: Thoughts on the Future of Money
[YouTube]. Consulted from https://youtu.be/SMEOKDVXlUo

Antonopoulos, A. (2014). Bitcoin security model: trust by computation. Consulted on December


27, 2019, from Oreilly.com website: http://radar.oreilly.com/2014/02/bitcoin-security-
model-trust-by-computation.html

Baran, P. (1964). On Distributed Communications Networks. IEEE Transactions on


Communications, 12 (1), 1–9. https://doi.org/10.1109/tcom.1964.1088883

Blocke, J. (2016, November 14). A (brief and incomplete) history of censorship in /r/Bitcoin.
Consulted on December 27, 2019, from https://medium.com/@johnblocke/a-brief-and-
incomplete-history-of-censorship-in-r-bitcoin-c85a290fe43

Buterin, V. (2017, February 6). The Meaning of Decentralization. Consulted from


https://medium.com/@VitalikButerin/the-meaning-of-decentralization-a0c92b76a274

Lee, G.M., Jayasinghe, U., Um, T. & Truong, N. B. (2016). A Survey on Trust Computation in the
Internet of Things. Consulted on December 27, 2019, from Academia.edu website:
https://www.academia.edu/24590240/A_Survey_on_Trust_Computation_in_the_Interne
t_of_Things

Mosakheil, J.H. (2018). Security Threats Classification in Blockchains. Culminating Projects in


Information Assurance. 48.

Taleb. N.N. (2012). Antifragile: things that gain from disorder. New York: Random House.

- 200 -
The European Union Blockchain Observatory and Forum. (2019). Blockchain for Government
and Public Services. Consulted from
https://www.eublockchainforum.eu/sites/default/files/reports/report_scalaibility_06_03
_2019.pdf

World Wide Web Foundation. (n.d.). History of the Web. Consulted on December 24, 2019,
from World Wide Web Foundation website:
https://webfoundation.org/about/vision/history-of-the-web/

Icons
Broadcast made by Freepik from www.flaticon.com
Maleficent miner by Freepik Maleficent miner made by Freepik from www.flaticon.com

- 201 -
- 202 -
8. Blockchain 2.0 and Smart Contracts

“Whereas most technologies tend to automate workers on the periphery doing


menial tasks, blockchains automate away the centre. Instead of putting the taxi
driver out of a job, Blockchain puts Uber out of a job and lets the taxi drivers
work with the customer directly.”
- Vitalik Buterin (2015)

“We want a whole sequence of companies: digital title, digital media assets,
digital stocks and bonds, digital crowdfunding, digital insurance. If you have
online trust like the Blockchain provides, you can reinvent field after field after
field.”
- Marc Andreessen (2014)

8.1 Introduction and learning objectives


In this chapter you will learn
• What blockchain 1.0 is and why there is a need for blockchain 2.0.
• That Ethereum is an example of blockchain 2.0.
• How Ethereum works.
• What smart contracts are and what the difference is between deterministic and non-
deterministic smart contracts.
• What oracles are and what the oracle problem is.
• What decentralized applications (dApps) are.
• What decentralized autonomous organizations (DAOs) are.

Introduction
The previous chapters mainly discussed the Bitcoin blockchain, with the first application being
the Bitcoin cryptocurrency.

In this chapter, we will start in paragraph 8.2 with a description of what other types of
applications are possible on the Bitcoin blockchain, for example by means of coloured coins.
- 203 -
Subsequently, in section 8.3, we shift our attention to a newer generation of blockchains that
are specifically intended to develop autonomous computer applications. Such blockchains are
also sometimes compared to an operating system such as iOS, Android or Windows, on which
new decentralized applications (dApps) can be built. Here we give an introduction to the best
known of these types of blockchains, Ethereum. In December 2019, Ethereum is still the second
largest blockchain project in terms of market capitalization. In section 8.4 we describe how
Ethereum transactions work. Section 8.5 discusses smart contracts that are very relevant to
Ethereum. They enable a new generation of dApps. Section 8.6 is specifically about what dApps
are. Then in 8.7 we discuss one variant of dApps, the decentralized autonomous organization
(DAO). Finally, we conclude the chapter in section 8.8 with a summary, a list of important words
and a list of sources discussed in the chapter.

8.2 Coloured coins on the Bitcoin blockchain


The first generation of applications mainly focused on digital money. The generation of
blockchains on which these applications were built is also known as blockchain 1.0.

While Bitcoin is a currency and is mainly used as a cryptocurrency where services and goods can
be traded, it is also possible to use Bitcoin's scripting language to store small amounts of
metadata in the transactions. For example, in a Bitcoin transaction, you could enter a script that
tells you that 1,000 units of a new asset have been issued and that they have been assigned to
a specific Bitcoin address. These units can be thought of as new coins and can be assigned
certain properties, allowing them to represent various things, such as shares, bonds, property
rights, coupons and alternative cryptocurrencies. These coins can contain values independent
of the underlying face value of the Bitcoin - often this is the smallest Bitcoin unit, a Satoshi - in
which the script was assigned .97 Such coins are called coloured coins.
For example, a bank could issue coloured coins backed by cash reserves. People can then
deposit and withdraw money in coloured coins, trade them and use them to buy goods and
services. The Bitcoin blockchain therefore allows not only to make transactions in Bitcoin, but
also in other currencies. It is important that these coins can be tracked across the blockchain, so
that it can be determined who has which of these coins at which time. An important additional

97 A satoshi is 1/100,000,000th Bitcoin and is the smallest unit in Bitcoin. The original idea behind coloured coins
was to colour satoshis with certain properties. The protocol has evolved, making it no longer necessary to use
satoshis as a carrier of the properties. See https://github.com/Coloured-Coins/Coloured-Coins-Protocol-
Specification/wiki/Faq#coloring-satoshis for more information.
- 204 -
advantage of coloured coins is that they use the Bitcoin blockchain. No new infrastructure is
needed to develop them. In addition, it also directly benefits from the decentralized nature and
security of the Bitcoin blockchain. The transactions of coloured coins are seen by miners as
ordinary Bitcoin transactions but must meet additional conditions to be declared valid by nodes
that are aware of the colour of the coins.98 (Rosenfeld, 2012, pp. 2-5)

The ability to use Bitcoin blockchain technology for applications other than currency would,
according to some, lead to a generation of new applications on the Bitcoin blockchain. This was
also known as Bitcoin 2.0. Although it is possible to record new asset types and additional
terms and conditions in the coloured coins, the Bitcoin blockchain is not optimally suited for
this. For this reason, Vitalik Buterin had the idea to develop a new blockchain, Ethereum, on
which the creation of new coins with related conditions and requirements and even
decentralized applications (dApps) would run. Blockchains with such possibilities are also
known as 2nd generation blockchains: blockchain 2.0.99

8.3 Ethereum
Ethereum was first introduced by Vitalik Buterin in "Ethereum White Paper: a next generation
Smart Contract & decentralized Application Platform" (2013). In this, Buterin explains that
Bitcoin can be described as a “first-to-file system” in which the order of the transactions is
crucial. Technically, the Bitcoin blockchain can be seen as a simple state transition system
where (a) the "state" consists of the ownership status of all existing Bitcoins and (b) the "state
transition function" that the state and transaction takes to produce a new state.
It is appropriate to record a transaction from person A to person B, but not suitable for
recording more complex state transitions, which are subject to certain terms and conditions.
For example, the Bitcoin blockchain can easily record whether a UTXO100 has issued or not, but
it is difficult to execute contracts that a transaction can capture across multiple states. For
example, with Bitcoin it is hardly possible to pass on a piece of logic that says that Bob can send

98 See Meni Rosenfeld's "Overview of Coloured Coins" (2012) for more information about the pros and cons of
coloured coins and how the colour of the coins can be tracked in the blockchain.
99 Sometimes there is talk about blockchain 3.0. These are blockchains that have solved a cluster of issues that
blockchain 2.0 still has to deal with. Examples of such issues are scalability, interoperability, privacy, sustainability
and governance (Ackermann & Meier, p. 1). EOS and Cardano are examples of blockchains that rank themselves
under 3.0
100 Unspent Transaction Output. See the intermezzo in chapter 3 for more information about what a UTXO is.
- 205 -
his money to Alice, but that Alice can only claim it after she has provided something in return.
(Buterin, 2013, p. 12)

Ethereum's goal is to provide developers with the ability to develop applications with arbitrary
terms and conditions. Because they run on the Ethereum blockchain, these applications are
also based on a decentralized consensus mechanism and thus enjoy the benefits that a
blockchain offers. Such applications are possible because the Ethereum blockchain includes a
built-in Turing complete programming language that supports all types of computing and
allows developers to develop smart contracts and decentralized applications, with arbitrary
rules regarding ownership and state transition functions. (Buterin, 2013, pp. 12-13) With a
Turing complete programming language, any calculation or data operation can be programmed.
The programming language specifically developed for Ethereum is called Solidity.

8.4 Ethereum transactions and gas


There are several reasons why users send transactions to the Ethereum network. These
transactions may include (a) transferring Ether to other users or smart contracts, (b) creating
new smart contracts, or (c) summoning functions of a smart contract. The transactions are
registered on the Ethereum blockchain.
The underlying cryptocurrency of the Ethereum blockchain is Ether (ETH). Making a transaction
on the Ethereum network requires gas. Gas is expressed in the crypto currency Ether. Gas is
needed to run the Ethereum blockchain, just like a car needs gas to drive. Gas on the Ethereum
network is therefore basically the same as transaction costs that you also pay to be able to
carry out a transaction. This is calculated using standard cost per unit of computing power x the
number of units. You can specify a specific amount of gas, or transaction costs, for each
transaction you perform. The user must pay an appropriate amount of gas for the transaction.
If too little gas is paid, miners may not include the transaction in the block and thus this
transaction will not be executed. In addition to the block reward of 2 Ether, the miner also
receives all the gas, transaction costs, in the block. Miners are therefore more likely to include
transactions with more gas in the block. The crypto economic reason gas has been introduced
to the Ethereum network is that it prioritizes important transactions. A block only has room for
a limited number of transactions, which is why it is important that this scarcity is handled
properly. The gas system ensures that no energy is wasted on spam or low-value transactions.

- 206 -
8.5 Smart Contracts
A smart contract is a form of decentralized automation and can be defined as a contract with
certain terms and conditions that are laid down in code. The contract is self-executing, as it
performs appropriate corresponding actions itself when the terms and conditions are met. The
contract must, however, contain sufficient information from each party involved in the contract
to deprive parties of their ability to terminate the contract. Smart contracts define the
consequences of when someone does not comply with the contract and automatically execute
these consequences. In that regard, smart contracts contain zero tolerance. In addition, a smart
contract can also automatically initiate dispute resolutions and call in experts on the issue to
decide on the damage done and appropriate compensation. It is still useful to be able to engage
third parties, because some legal agreements are too complex to be placed in a smart contract.
(Young, 2018, pp. 7-8) Smart contracts thus provide certainty in advance what the
consequences are and thus prevent discussion afterwards. This way you can imagine that smart
contracts can also serve as a transparent alternative to current contracts.

For example, a smart contract could be an employment contract, where Alice wants to pay Bob
€ 500 to develop a website. The contract could work as follows:
1. Alice puts € 500 into the contract and the fund is locked.
2. When Bob has developed the website, Bob sends a message to the contract to release
the fund in his favour.
3. The fund is released when Alice agrees.
4. If Bob decides not to finalize the website, Bob can cancel his job by sending a message
to the contract, after which the fund is automatically returned to Alice.
5. If Bob claims that he has completed the website, but Alice disagrees, a judge could be
called in after a 7-day waiting period to express an opinion in favour of Alice or Bob.
(Buterin, 2014)

- 207 -
Advantages of smart contracts
Smart contracts offer many advantages. Chaintrade (2017) has listed eleven.
1. Accuracy: All terms and conditions must be recorded in detail in a smart contract. If
certain conditions are omitted, this can lead to undesired behaviour of the smart
contract.
2. Transparency: all terms and conditions are fully visible and accessible to all parties
involved. Once the contract has been finalized, you can no longer dispute it. This
leads to total transparency for all parties involved.
3. Clear communication: the need for meticulously defined smart contracts ensures
that the communication in the contract is clearly laid down so that there is no room
for miscommunication and misinterpretation.
4. Speed: smart contracts can automate and significantly accelerate traditional business
processes. No applications need to be submitted for approval and no documents
need to be processed or approved by individuals.
5. Security: smart contracts run on blockchain platforms and use data encryption.
6. Efficiency: Due to the accuracy and speed, smart contracts execute business
processes more efficiently or even completely eliminate them.
7. Paper-free: no paperwork is required for the execution of smart contracts. In that
respect it is better for the environment.
8. Storage and backup: smart contracts and their details are permanently stored on the
blockchain. As a result, they cannot be lost and are easy to find.
9. Cost savings: smart contracts can save a lot of costs, because there is less need for
intermediaries such as lawyers, witnesses and banks to interpret and enforce the
contracts.
10. Trust: involved parties can trust that smart contracts - if they are properly set up -
will be executed fairly, without the possibility of data manipulation and prejudices.
11. Guaranteed outcomes: by using self-executing contracts, parties will comply with the
rules of the smart contract and there will be fewer legal disputes.

- 208 -
Nowadays, smart contracts are increasingly used. You can program smart contracts to include
all the terms and conditions you want to include.
AXA insurance uses, for example, smart contracts for their insurance for flight delays and
cancellations.101 These work as follows:
1. A customer goes to https://fizzy.axa and enters their flight details.
2. He selects insurance for flight delays and cancellations and personalizes them according
to his own wishes.
3. He enters his personal details and finalizes the purchase.
4. The purchase is registered in a smart contract on the Ethereum network.
5. The smart contract is linked to databases of global air traffic.
6. The contract checks within these databases whether the customer's flight has been
delayed.
7. If the flight is delayed or cancelled by more than two hours, the smart contract will
automatically initiate a process to reimburse the customer
8. The customer automatically receives his reimbursement.

101 You can find the Fizzy smart contract with the Ethereum block explorer, etherscan.io. The contract can be
viewed here: https://etherscan.io/address/0xe083515d1541f2a9fd0ca03f189f5d321c73b872. The creation of the
contract is recorded as a transaction on the Ethereum network. Click on the “Contract” tab to read the contents of
the contract.
- 209 -
Figure 83: How the Fizzy smart contract of AXA insurance works (Fizzy, n.d.).

No person has been required to review and approve a reimbursement request throughout the
process. The smart contract determines whether the customer should be reimbursed or not. In
addition, the person who bought the insurance did not have to submit an application. The
entire process is thus automated.102

102 For a more detailed explanation of how AXA's Fizzy insurance works, see 'Fizzy by AXA: Ethereum Smart
Contract in details' (Clement, 2019).
- 210 -
Figure 84: Fizzy, AXA insurance for flight delays and cancellations on smart contracts (Fizzy, etc.).

8.5.1 Deterministic and non-deterministic smart contracts


There are two different categories of smart contracts: deterministic and non-deterministic
smart contracts.

Deterministic: does not need information from an


outside party from outside the blockchain to execute
the contract
Smart contracts
Non-deterministic: does need information from an
external party from outside the blockchain to execute
the contract

Figure 85: Two categories of smart contracts.

- 211 -
A deterministic smart contract does not require information from an outside party from
outside the blockchain to execute the contract. The smart contract can get all the information
necessary for the contract's feasibility within the blockchain network itself (Alharby & Moorsel,
2017, p. 128).103 An example of a deterministic smart contract is a peer-to-peer lottery where:
1. You have a certain time to choose a number between 0 and 99.
2. You can bet a certain amount of Ether on the chosen number, after which the Ether is
stored in a smart contract on the Ethereum network.
3. The lottery closes after a specified time has elapsed and a random winning number is
announced.
4. The participants who have chosen the winning number will automatically be paid their
reward at their Ethereum addresses by means of a smart contract.

It is important in such a lottery that the winning number is chosen at random. Most preferably,
the winning number is generated by an independent party. One way to ensure arbitrariness and
independence is to look at the hash block. For example, you could say that the lottery closes at
block #1,000 and that the last two decimal numbers of the hash of that block determine the
winning number. Suppose the hash is as follows:

0x4ff4a38b278ab49f7739d3a4ed4e12714386a9fdf72192f2e8f7da7822f10b4d

If the winning number is the last two decimal numbers, the winning number is 04. The number
is verifiable for everyone and the smart contract automatically pays the reward to anyone who
has chosen this number. Because this random number is generated within the blockchain and is
sufficient in itself to activate the smart contract, it is a deterministic smart contract.

A non-deterministic smart contract, on the other hand, does require information from an
external party outside the blockchain. Such a party is also called an oracle. (Atzei et al, 2017;
Alharby & Moorsel, 2017, p. 128) The need to use oracles can lead to the oracle problem.

103 It is common to define computer programs and algorithms as deterministic when the same input always leads
to the same output. If this is the criterion by which computer programs and algorithms are characterized as
deterministic or non-deterministic, it is somewhat strange to define non-deterministic smart contracts as smart
contracts that use information from an external source to execute the contract. The question you can ask yourself
is why we do not apply the same criterion used for the definition of deterministic computer programs and
algorithms for smart contracts.
- 212 -
8.5.2 Oracle and the Oracle Problem
Blockchains and smart contracts cannot access data from outside their network by itself. In
Fizzy's example, the smart contract uses data that comes from the global air traffic databases.
An external source that feeds the smart contract with information that is relevant to the
contractual agreement is also called an oracle. This can be all kinds of information, such as
temperature, the price of a product, the amount of rainfall, etc. Oracle's are important in the
connection of the blockchain with the real world and activate smart contracts when certain
conditions of the contract are met.

Numerous applications are possible if smart contracts can record information outside the
blockchain for the automatic execution of contracts. However, it does introduce an element of
trust in oracles, while blockchain initially wanted to avoid trust in third parties. (Thevenard,
2019) The problem of relying on third parties to feed the smart contract with external data is
known as the Oracle problem.

There are several ways in which you can deal with the oracle problem. We discuss some
examples below. The goal is to ensure the integrity of oracles so that only correct data input is
included in the blockchain.104

Use of multiple data sources


One way to prevent false data from being injected into the blockchain is by using multiple data
sources. In order to corrupt the data, the majority of the data sources or the oracle itself, which
is essentially a single point of failure, will have to be compromised. (Thevenard, 2019)

Use of multiple data sources using Schelling points


The chance that malicious information will be included in the blockchain can also be reduced by
using multiple oracles. The system remains safe as long as the majority provides reliable
information. Buterin (2014) wrote about how such a system could work through Schelling
points.

104 It is sometimes said that blockchain is a "truth machine" where you can be sure that the data on it is correct.
However, this is not true. The challenge is to stimulate people so that they do not write incorrect data to the
blockchain. Bad input in the blockchain always leads to bad output. This is also known as garbage in, garbage out.
- 213 -
The Schelling points concept was first introduced by Thomas Schelling in his book The Strategy
of Conflict (1960).105 In the book, Schelling describes it as a “focal point” for each person's
expectation of what the other person expects him to expect to be expected to do (p. 57). It
goes like this. Imagine that you and another prisoner are kept in separate rooms. Each of you
will receive two identical papers with eight numbers written on them:

14237 59049 76241 81259 90215 100000 132156 157604

You can both choose one number. If you both choose the exact same number, you will be
released. If you both choose different numbers, you will be held captive for the rest of your life.
In theory you could say that there is a 1 in 8 chance that you both choose the same number.
After all, there are only eight options. However, in reality the odds are much higher, because
the number 100000 is "special" and clearly stands out, making it a focal point. Each of you
expects the other to choose the number 100000 and expects the other to expect you both to
expect it.106 (Buterin, 2014) Such a concept can also be applied to encourage oracles to enter
correct data in the blockchain. For example, we could ask all oracles to enter the current price
of Apple (AAPL) shares into the blockchain and find out what the oracles think the current price
is. It can be agreed that only the median input is the correct input.107 (Chan, 2018)

Use of a reward system


In addition to the aforementioned use of Schelling points, it can also be agreed that every
oracle that has submitted a prize that falls within the 25th and 75th percentile will receive a
reward in certain tokens. For example, nodes within a decentralized oracle network could be
asked to provide a certain number of coins as collateral to perform the service of an oracle. If
they do their job well, they are rewarded. If they do not properly perform their work as an
oracle, a percentage of their collateral could be taken.

105 Thomas Schelling received the Nobel Prize in Economics in 1995 for his contributions to game theory.
106 See "SchellingCoin: A Minimal-Trust Universal Data Feed" by Vitalik Buterin (2014) for a more detailed
description of Schelling points and the weaknesses of such a system.
107 The median is the centre of a data set. If there are 13 numbers that are ranked from low to high, the 7th number
is the median. If there are an even number of numbers that are ranked from low to high, the average of the middle
two data is taken. At 12 numbers, the 6th and 7th numbers are averaged.
- 214 -
A system consisting of a combination of Schelling points and a reward system trusts that the
oracles are stimulated to guess correctly what the other oracles will give as data input to the
blockchain. Submitting accurate information is the best strategy to deliver the median number
and to be rewarded.

25th to 75th percentile

Median
$208,74

Figure 86: Oracle send the price of Apple (AAPL) shares to the blockchain. The median number is adopted by the blockchain as
the true price of an Apple stock. Oracles that enter the number between the 25th and 75th percentiles will be rewarded.

However, in the previous example, there is still the risk that a majority of the oracles are owned
by a single entity, or by a cartel that sends false data to the blockchain. In other words,
ownership of oracles may still be too centralized. Examples of projects currently working on a
decentralized oracle system to solve the oracle problem include ChainLink, Witnet and
Oraclize.108

8.6 Decentralized applications


There is no clear definition of what a decentralized application (dApp) entails. We define a
dApp as an application that uses the decentralized data storage of a blockchain. The application
is not executed via a central server, but via a decentralized network of nodes. Just like a normal
application, it often has a front end and a user interface. The interface offers the user an easier
interaction with smart contracts and the blockchain. By storing and executing the smart
contracts that form the core code of a dApp in a decentralized manner, there is no Single Point
of Failure. The operation of the application and the data of the application cannot simply be
censored or removed.

108 On June 13, ChainLink announced that Google will be using ChainLink technology for their cloud services (Day,
2019).
- 215 -
The Lisk (2019) website, like Ethereum, a blockchain platform developed to build smart
contracts and dApps, also compares a dApp with a website that invokes certain data from a
database through an application programming interface (API). The API is a communication
protocol that allows the web application and the server to share data messages with each
other. The following comparison is made between a traditional website and a dApp.

Figure 87: Comparison between the traditional web and a decentralized application.

The Ethereum white paper distinguishes between three types of dApps. The first category
consists of financial dApps that help you manage money and enable you to conclude contracts
with your money. Examples include cryptocurrencies and financial derivatives. The second
category consists of semi-financial dApps that also involve money, but which also have a
significant non-monetary side. Think, for example, of an insurance application such as that of
Fizzy. The third category consists of dApps that are completely non-financial by nature.
(Buterin, p. 19, 2014)

DApps can therefore be very diverse by nature. As an example, the following two Ethereum
dApps are discussed that you can currently use: Golem and Ethlance.

- 216 -
8.6.1 Golem
Golem is a project on Ethereum that offers people the opportunity to share their excess
computing power peer-to-peer with others. The computer power can be used for various
purposes. People can hire it for, for example, CGI rendering, for machine learning or for
performing complex scientific calculations. Anyone who makes their computer power available
will be rewarded in Golem Network Tokens (GNT). You can think of Golem as an open
marketplace for hiring and renting out computer power. It has the ambition to be a
supercomputer, accessible to everyone.

8.6.2 Ethlance
Ethlance is another dApp developed on Ethereum. It is a marketplace for freelancers who want
to work for Ethers. The platform does not take a percentage of the amount you get from the
employer and there are no membership fees. It uses a transparent review system and
freelancers and potential customers can transparently see previous activities before entering
into a business relationship.109

An interesting subgroup of a dApp is a decentralized autonomy organization (DAO) and a


decentralized autonomous corporation (DAC).

109 For more information about Ehtlance, see:https://ethlance.com/.


- 217 -
Intermezzo: Profitable dApps
An important question with regard to dApps is how you as a developer of the dApp can
make money with it. According to Siraj Raval (2016), a dApp that wants to be profitable
must have the following four properties:
1. Open source.
2. Internal currency.
3. Decentralized consensus.
4. No Single Point of Failure.

Open source
Although it is quite possible to develop closed source dApps, such dApps raise a lot of
mistrust. If the code is not transparent for everyone to see, developers may have designed
the dApp to censor the data. This goes against the initial principle of Bitcoin and other open
source blockchains to minimize trust in intermediaries. However, if it is open source, people
could copy and customize the application with their own logos.

Internal currency
The developer can introduce a scarce token, the appcoin, into the application. To be able to
use the blockchain network on which the application runs, this appcoin must be used. For
example, users who provide a service to the application or the network on which the
application runs can be paid out in these appcoins. If the appcoins represent a monetary
value, they encourage the use of the dApp.

Decentralized consensus
There should also be consensus within the decentralized network about the state of the
data. Every node on the network must therefore agree that your username and private key
belong to your account and that you can log in to the dApp.

No Single Point of Failure


Because the data in a dApp is decentralized over a large network of nodes, a dApp cannot
be easily closed. If one node fails, there are other nodes that can run the network.

- 218 -
8.7 Decentralized autonomous organization (DAO)
Decentralized autonomous organizations (DAOs) are sometimes also referred to as
decentralized autonomous corporations (DACs). Vitalik Buterin, however, sees the DAC as a
subclass of the DAO.110 He describes the DAO as an autonomous entity, which also relies on
hiring individuals. These individuals can perform certain necessary tasks that the entity cannot.
The DAO has internal capital at its disposal for this purpose, with which certain activities of
these individuals can be rewarded. (Buterin, 2014) What makes a DAO fundamentally different
from a centralized organization is that it does not have a top management team or a CEO. It
also has no branches, employees, or subsidiaries. Instead, a DAO exists on a decentralized
network of users and nodes that collect, verify and update transactions on a blockchain.
Decisions about changes to the code are made by democratic voting processes. So it is a
radically different way to set up a business organization. Due to its autonomous nature - after
all, it is a self-sufficient and self-organizing system - Bitcoin can be characterized as a DAO,
because it (a) runs a payment system, (b) employs subcontractors who work as miners and (c)
pays these subcontractors with newly distributed Bitcoins (Vigna & Casey, 2015, p. 229). In
addition, miners can vote for proposals for improvement to the protocol by means of their
computer power. DAOs are therefore
Definition of DAO organizations whose organizational rules are
A DAO can be defined as a non-hierarchical expressed in a completely transparent
organization that performs and registers computer program. They are controlled by a
routine tasks on a blockchain. The rules that collective decision-making process of
the DAO adheres to are also recorded on the stakeholders through a decentralized
blockchain. In addition, the DAO is protocol and are not influenced by a central
dependent on voluntary contributions from governing body.
internal stakeholders to guide the
organization through a democratic
consultation process. (Hsieh et al., 2018, p. 2)

110 Daniel Larimer, the founder of EOS, Steem and BitShares, among others, has introduced the concept of a DAC.
Buterin describes a DAC as a subclass of DAOs. A DAC has shares and distributes dividends to shareholders.
(Buterin, 2014)
- 219 -
One good example of a DAO on the Ethereum network was the failed Genesis DAO, also known
as the DAO for short. It was intended to be a venture capital fund for the crypto world.

Figure 88: Logo of the Genesis DAO on the Ethereum network.

The DAO would work as follows:


1. A Slock.IT developers team programs the DAO.
2. There is a predetermined period of time for the public to invest in the fund. In exchange
for the investment, investors receive DAO tokens. These tokens represent ownership of
the DAO. You can compare it to shares. You can compare the investment process with a
crowd sale or an Initial Coin Offering (ICO). ICOs are discussed in more detail in section
10.4.
3. When the investment period has ended, the DAO will start operations
4. People can then submit a project plan to the DAO for funding applications. The DAO
token holders can then vote on project plans by means of a voting process. Plans with
enough votes will receive funding, and the DAO token holders will receive rewards if the
projects make a profit.

The DAO can therefore be seen as an investment fund without traditional investment
managers. Instead of managers managing funds, the funds are managed through a democratic
process by the community of DAO token holders.

The DAO was launched on April 30, 2016 and the crowd sale would last for four weeks.
Ultimately, 12.7 million Ether was invested in the project at the time, at the price of $20 USD
per Ether, equated to approximately $250 million USD. However, a hack in the code was
exploited on June 17, 2016, allowing the hacker to drain the DAO's fund. Within hours, 3.6
million Ether was stolen, which at the time equalled just over $70 million USD. It is important to
know that the Ethereum protocol has never been hacked. The hack only concerns the DAO
application. To return the stolen fund to the investors, a hard fork has been proposed and

- 220 -
implemented. The proposal was to roll back the state of the blockchain to a moment before the
hack, as if the hack never happened on the blockchain.111

When you think of the potential of DAOs, you think of organizations without a central decision-
making body, such as a Facebook without a Board of Directors or an Amazon without an
Amazon CEO. The sentiment regarding the idealistic potential of DAOs is well expressed by
Vitalik Buterin (2015) with the words:

“Whereas most technologies tend to automate workers on the


periphery doing menial tasks, blockchains automate away the centre.
Instead of putting the taxi driver out of a job, Blockchain puts Uber out
of a job and lets the taxi drivers work with the customer directly.”

By removing the centre - in this case a company like Uber - users can directly engage in
economic and social interactions with each other. A DAO is therefore resistant to censorship
from central intermediaries. If there is somehow unwanted censorship, the DAO can bypass it
with instruments like a hard fork.

In general, the participants do not all know each other within a DAO. This makes the DAO an
interesting alternative for an association or foundation. Depending on the DAO protocol,
stakeholders can vote anonymously, and they can authorize others to vote on their behalf.
Imagine the situation that, depending on the subject, you give another person the authorization
to vote for you. The vote itself is recorded in a transparent, fast and accessible manner on the
blockchain.

Bitcoin is the first DAO. It has no CEO or managers to determine the direction of the Bitcoin
blockchain. Participants can submit improvement proposals and the network can vote by
providing computing power for the proposed blockchain updates.

111 As explained in a previous chapter, it is the full nodes that verify transactions and make updates. Likewise, it is
the full nodes that, if they can reach consensus, can reverse, change and censor transactions. This method
completely reversed the hack, which meant that there was also a split between the blockchain that did implement
this hard fork and the blockchain that did not implement this hard fork. So this led to two different versions of the
Ethereum blockchain. The version with the hard fork is called the Ethereum blockchain with Ether as the coin,
which is not compatible with the original Ethereum blockchain. The version without the hard fork is the Ethereum
Classic blockchain. This has the Ethereum Classic as a coin. The Ethereum Classic coin itself is also not compatible
with the Ethereum blockchain..
- 221 -
Some blockchains also use worker proposals. These are proposals that have been submitted by
people to request funding for a project that will benefit the blockchain in question. For
example, they can hire a marketing agency or get their own hours paid for the initiative. In
addition to technical committees, a DAO sometimes uses working groups for various purposes,
such as setting up documentation, conducting research, and obtaining exchange listings.

A DAO is not a perfectly arranged alternative. Many stakeholders are only fleetingly involved
and do not read the proposals in detail. It is also not always practical to make a hard fork.
However, a DAO is yet another example in which blockchain helps to innovate.

Examples of existing DAOs on the Ethereum platform are Aragon and DigixDAO. Aragon will be
featured in the following interlude.

- 222 -
Intermezzo: Aragon

The developers of Aragon believe in a future where organizations can be run autonomously
and locally. By using the blockchain, organizations have to reduce overhead and
administrative costs.

Aragon is a platform where you can create DAOs in an accessible way. In doing so, Aragon
uses Ethereum and InterPlanetary File System (IPFS), a peer-to-peer network to store and
share data.

Aragon is software that allows you to easily set up your own organization and collaborate
across borders. You can start your own organization on Aragon in no time with a number of
important organizational functions such as identity management, modules to control access
and ownership, decision-making rights, fundraising and administrative work. Because these
organizations are on a blockchain, you can design them bureaucracy-free. You can arrange
all this without programming knowledge.

Aragon currently offers a number of templates from organizations that you can start up in
no time. Examples of these templates are:
1. Fundraising to start a transparent and responsible crowdfunding campaign for your
own organization.
2. Open Enterprise where you can use apps to deploy project management, budget
planning and rewards for your own organization.
3. Reputation system to make decisions within your organization through democratic
votes. The weight of the votes is linked to reputations.
4. A stock system where you can capture and distribute ownership within your
organization. Decisions are made on the basis of democratic votes. The votes are
linked to the weight of the stake that a shareholder has. As a result, larger
shareholders have more influence.
5. Member system in which decisions within the organization are made on the basis of
a one-member-one vote principle.

You can experiment with creating and setting up DAOs on the Aragon testnet,
https://rinkeby.aragon.org/.

- 223 -
8.7.1 The future vision of DAOs and autonomous agents
An example of a further evolved DAO, which we may see in the near future, is a machine that
has complete autonomy of itself. David Irvine (2014), inventor of the SAFE Network, outlines an
intriguing future perspective, in which such machines have a place in our social and economic
world.112 Imagine developing a robot waiter with artificial intelligence. The robot serves food
and drinks in a restaurant and needs things like electricity and repairs. He is paid in a
cryptocurrency such as Ether by customers who order food and drinks from him. He stores the
Ether in his crypto wallet. In addition, the robot can also connect itself to a socket to charge. He
pays the electricity provider Ether for charging. If the robot is worn out and needs a repair, it
will go to a repair shop and pay the mechanic in Ether. Naturally, the robot contains sufficient
mechanisms to protect its crypto wallet against theft.

This robot is no longer a traditional DAO, because there is no group that has joint control over
the robot. Nor is it necessary that the robot's software is placed on a blockchain. Vitalik Buterin
(2014) calls such an entity that does not require the involvement of people in order to keep
itself running and manoeuvre around the world an autonomous agent (AA). Another example
of an autonomous agent that already exists is a computer virus. The virus survives by replicating
itself from machine to machine without human intervention.

A future perspective that seems closer than the above example of the robot is a self-driving car,
which offers rides for a fee and distributes its proceeds among its owners via smart contracts.
Elon Musk said in April 2019 that he expects to roll out the first robot taxis in 2020 (Korosec,
2019). Tesla cars already have enough artificial intelligence that they are self-driving. The only
thing missing is a smart contract with which the proceeds of the robotaxi automatically,
possibly without the intervention of a third party as a financial institution, share its profits with
its owner. If a community decides to jointly invest in such a robotic taxi in exchange for share
tokens and its management is transparently recorded on a blockchain, providing insight into
everyone's rights, then it is already a DAO. For example, the co-owners can use their share
tokens to submit proposals for certain updates to the taxi and vote in a decentralized manner
on which updates should be implemented. In addition, the robot taxi pays out profits to all its
owners in proportion to their invested money.

112 The SAFE Network is an autonomous peer-to-peer network developed by MaidSafe. SAFE stands for Secure
Access For Everyone.
- 224 -
Figure 89: Tesla CEO Elon Musk predicts that Tesla's first autonomous robotic taxis will hit the market in 2020. According to
Musk, the software is already ready. The only thing missing is regulatory permission. (Korosec, 2019).

8.8 Summary, terms and sources


Summary
The first generation of applications mainly focused on digital money. The generation of
blockchains on which these applications were built is also known as blockchain 1.0. While
Bitcoin is a currency and is mainly used as a cryptocurrency where services and goods can be
traded, it is also possible to use Bitcoin's scripting language to store small amounts of metadata
in the transactions. For example, in a Bitcoin transaction, you could enter a script that tells you
that 1,000 units of a new asset have been issued and that they have been assigned to a specific
Bitcoin address. These units can be seen as new coins. Such coins are called coloured coins.

Later blockchains emerged with the aim of developing new types of applications more easily
than just a new money system. These blockchains are also known as 2nd generation
blockchains: blockchain 2.0.

An example of blockchain 2.0 is Ethereum. Ethereum's goal is to provide developers with the
ability to develop smart contracts and applications with arbitrary terms and conditions. A smart
contract is a form of decentralized automation and is a contract with certain terms and

- 225 -
conditions that are laid down in code. The contract is self-executing, as it performs appropriate
corresponding actions itself when the terms and conditions are met.

There are two different categories of smart contracts: deterministic and non-deterministic
smart contracts. A deterministic smart contract does not require information from an outside
party from outside the blockchain to execute the contract. The smart contract can get all the
information necessary for the contract's executability within the blockchain network itself. A
non-deterministic smart contract, on the other hand, does require information from an external
party outside the blockchain. Such a party is called an oracle.

The need to use oracles can lead to the Oracle problem - the problem of relying on third parties
to power the smart contract with external data. There are several ways to deal with the oracle
problem. Some examples are:
1. Using multiple data sources.
2. Using multiple data sources using Schelling points.
3. Using a reward system.

With the smart contracts, decentralized applications (dApps) can be developed. We define a
dApp as an application that uses the decentralized data storage of a blockchain.

In addition to dApps, decentralized autonomous organizations (DAOs) and decentralized


autonomous corporations (DACs) can also be developed. A DAO can be defined as a non-
hierarchical organization that performs and registers routine tasks on a blockchain. The rules
that the DAO adheres to are also recorded on the blockchain. In addition, the DAO is dependent
on voluntary contributions from internal stakeholders to guide the organization through a
democratic consultation process. A DAC is a subclass of DAOs. A DAC has shares and distributes
dividends to shareholders.

Comments you can now explain


• Blockchain 2.0 offers us other applications on the blockchain than just a new money system.
• You can develop smart contracts on Ethereum where the terms and conditions are so clearly
laid down in the code that in the event of a breach of contract, interpretation of third parties
is no longer required.
• Bitcoin is a first-to-file system.

- 226 -
• Ethereum was created, because with Bitcoin it is hardly possible to add a piece of logic to a
transaction that, for example, says that a person automatically receives his BTC after he has
provided a consideration.
• Ethereum is Turing complete.
• Non-deterministic smart contracts can suffer from the Oracle problem.
• Bitcoin is the first decentralized autonomous organization (DAO).

Glossary of Terms
Application Programming Interface (API): A communication protocol that allows the web
application and the server to share data messages with each other.

Autonomous Agent (AA): An entity that does not require human involvement to keep itself
running and manoeuvring around the world.

Bitcoin 2.0: A newer generation of Bitcoin technology that aims to enable applications other
than just cryptocurrencies.

Blockchain 1.0: The first generation of blockchains that have mainly been used to store
cryptocurrencies.

Blockchain 2.0: The second generation of blockchains that are more focused on enabling smart
contracts, dApps and DAOs.

Blockchain 3.0: The third generation of blockchains that have solved a cluster of issues that
blockchain 2.0 still has to deal with. Examples of such issues are scalability, interoperability,
privacy, sustainability and governance. Blockchains that rank themselves below 3.0 include EOS
and Cardano.

Coloured coins: Coin, often one Satoshi, to which you can assign certain properties so that they
can represent various things, such as shares, bonds, property rights, coupons and alternative
cryptocurrencies. There has been a period when much research has been done into the
possibilities of coloured coins on the Bitcoin blockchain.

Deterministic smart contract: Smart contract that does not require information from an
external party from outside the blockchain to be able to execute the contract.

Gas: Transaction costs that you pay to perform a transaction on the Ethereum blockchain.

Decentralized Application (dApp): An application that uses the decentralized data storage of a
blockchain. The application is not executed via a central server, but via a decentralized network
of nodes. Just like a normal application, it often has a front end and a user interface.

- 227 -
Decentralized Autonomous Corporation (DAC): A subclass of DAOs. A DAC has shares and
distributes dividends to shareholders.

Decentralized Autonomous Organization (DAO): An autonomous entity that also relies on


hiring individuals. These individuals can perform certain necessary tasks that the entity cannot.
The DAO has internal capital at its disposal for this purpose, with which certain activities of
these individuals can be rewarded. What makes a DAO fundamentally different from a
centralized organization is that it does not have a top management team or a CEO. It is a non-
hierarchical organization.

ICO: See Initial Coin Offering.

Initial Coin Offering (ICO): Fund acquisition where tokens are created and sold by a company or
project.

InterPlanetary File System (IPFS): A peer-to-peer network to store and share data. In addition
to the blockchain, many dApps also use IPFS.

IPFS: See InterPlanetary File System.

Non-deterministic smart contract: Smart contract that does require information from an
external party from outside the blockchain in order to execute the contract.

Oracle: A source outside the blockchain that feeds a smart contract with relevant external
information so that the smart contract can check arbitrary conditions.

Oracle problem: The problem of relying on third parties to feed the smart contract with
external data.

Schelling points: A "focal point" for each person's expectation of what the other person expects
to expect what he is expected to do.

Smart contract: A contract with certain terms and conditions that are laid down in code. The
contract is self-executing, as it performs appropriate corresponding actions itself when the
terms and conditions are met. The contract must, however, contain sufficient information from
each party involved in the contract to deprive parties of their ability to terminate the contract.
There are two types of smart contracts: deterministic and non-deterministic.

Solidity: The programming language specifically developed for Ethereum to write smart
contracts with.

Turing complete: Any calculation or data operation that can be programmed can also be
programmed in a Turing complete system.

- 228 -
Worker proposal: A proposal that is submitted to request funding for a project that will benefit
the blockchain in question. For example, they can hire a marketing agency or get their own
hours paid for the initiative.

Sources
Ackermann, J. & Meier, M. (2018). Blockchain 3.0: The next Generation of Blockchain Systems.
Advanced Seminar Blockchain Technologies, Summer Term 2018, Technical University
Munch.

Atzei, N., Bartoletti, M., & Cimoli, T. (2017). A Survey of Attacks on Ethereum Smart Contracts
(SoK). Lecture Notes in Computer Science, 164–186. https://doi.org/10.1007/978-3-662-
54455-6_8

AXA. (d.n.). fizzy by AXA. Consulted on December 27, 2019, from Fizzy.axa website:
https://fizzy.axa

Buterin, V. (2013). Ethereum white paper: a next generation smart contract and decentralized
application platform [White paper]. Consulted on 27 December 2019, from Blockchainlab:
http://blockchainlab.com/pdf/Ethereum_white_paper-
a_next_generation_smart_contract_and_decentralized_application_platform-vitalik-
buterin.pdf

Buterin, V. (2014, May 6). DAOs, DACs, DAs and More: An Incomplete Terminology Guide.
Consulted on 27 December 2019, from Ethereum.org website:
https://blog.ethereum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-
terminology-guide/

ChainTrade. (2017, December 27). 10 Advantages of Using Smart Contracts. Consulted on


December 27, 2019, from Medium website: https://medium.com/@ChainTrade/10-
advantages-of-using-smart-contracts-bc29c508691a

Chan, K. (2018, November 9). Keeping Honest - Solving the Oracle Problem. Consulted on
December 27, 2019, from Medium website: https://medium.com/@kenchangh/keeping-
honest-solving-the-oracle-problem-714addc06e53

Clement, A. (2019, May 24). fizzy by AXA: Ethereum Smart Contract in details. Consulted on
December 27, 2019, from Medium website:
https://medium.com/@humanGamepad/fizzy-by-axa-ethereum-smart-contract-in-
details-40e140a9c1c0

Coloured-Coins. (2017, June 5). Coloured Coins. Accessed December 27, 2019, from GitHub
website: https://github.com/Coloured-Coins/Coloured-Coins-Protocol-
Specification/wiki/Faq#coloring-satoshis

- 229 -
Day, A. (2019, June 13). Building hybrid blockchain / cloud applications with Ethereum and
Google Cloud | Google Cloud Blog. Accessed December 27, 2019, from Google Cloud Blog
website: https://cloud.google.com/blog/products/data-analytics/building-hybrid-
blockchain-cloud-applications-with-ethereum-and-google-cloud

Ethereum Foundation. (2014, March 28). SchellingCoin: A Minimal-Trust Universal Data Feed.
Consulted on December 27, 2019, from Ethereum.org website:
https://blog.ethereum.org/2014/03/28/schellingcoin-a-minimal-trust-universal-data-
feed/

Etherscan.io. (n.d.). Fizzy contract. Consulted on December 27, 2019, from Etherscan.io
website: https://etherscan.io/address/0xe083515d1541f2a9fd0ca03f189f5d321c73b872

Ethlance. (n.d.). Ethlance - hire or work for Ether cryptocurrency. Consulted on December 27,
2019, from Ethlance.com website: https://ethlance.com/

Hsieh, Y.-Y., Vergne, J.-P., Anderson, P., Lakhani, K., & Reitzig, M. (2018). Bitcoin and the rise of
decentralized autonomous organizations. Journal of Organization Design, 7(1).
https://doi.org/10.1186/s41469-018-0038-1

Irvine, D. (2014, February 19). Machines that own themselves in bitcoin. Consulted on
December 27, 2019, from Metaquestions website:
https://metaquestions.me/2014/02/19/machines-that-own-themselves-in-bitcoin/

Korosec, K. (2019, April 22). Tesla plans to launch a robotaxi network in 2020. Consulted from
TechCrunch website: https://techcrunch.com/2019/04/22/tesla-plans-to-launch-a-
robotaxi-network-in-2020/

Raval, S. (2016). Decentralized applications: harnessing Bitcoin’s Blockchain technology.


Sebastopol, Calif.: O’reilly.

Rosenfeld, M. (2012). Overview of Coloured Coins. Consulted on December 27, 2019, from
https://bitcoil.co.il/BitcoinX.pdf

Schelling, T. C. (1960). The strategy of conflict. Whitefish, Montana: Literary Licensing.

Thevenard, J. (2019, January 15). Decentralized Oracles: a comprehensive overview. Consulted


on December 27, 2019, from Medium website: https://medium.com/fabric-
ventures/decentralised-oracles-a-comprehensive-overview-d3168b9a8841

Vigna, P., & Casey, M. (2015). The age of cryptocurrency: how bitcoin and the blockchain are
challenging the global economic order. New York, N.Y.: Picador/St. Martin’s Press.
Young, S. (2018). Enforcing Constitutional Rights Through Computer Code. Consulted from CUA
Law Scholarship Repository website: https://scholarship.law.edu/jlt/vol26/iss1/5/
- 230 -
- 231 -
9. Blockchain governance and who can participate with which role

“The first point is that transnational organizations need transnational


governance structures. The reach, accessibility, and transparency of blockchain
technology could be an effective transnational governance structure. Blockchain
governance is more congruent with the character and needs of transnational
organizations than nation-states. The second point is that not only is the
transnational governance provided by the blockchain more effective, it is fairer.
There is potentially more equality, justice, and freedom available to
organizations and their participants in a decentralized, cloud-based model. This
is provided by the blockchain’s immutable public record, transparency, access,
and reach.”
- Melanie Swan (2015)

9.1 Introduction and learning objectives


In this chapter you will learn
• That a blockchain can have different governance structures.
• That conditions can be set that you must meet before you can participate in a
blockchain.
• That participants can take on different roles.
• That the conditions that are set to obtain a role differ per form of cooperation on the
blockchain.
• That a central versus decentralized control of these forms of cooperation has an impact
on participants within the blockchain.
• That the difference between a permissionless and a permissioned blockchain is
important here.
• That the difference between a public and a private blockchain is also important.

- 232 -
Introduction
A blockchain, like any partnership, needs a way to be controlled. This control is also known
as blockchain governance. The interpretation of a form of control is related to the goals that
the relationship pursues. In this chapter, we mainly look at the difference in control form
between, on the one hand, more central driven blockchains and, on the other hand, more
decentralized driven blockchains such as the Bitcoin network. Specifically, we focus on the
difference between public and private blockchains and the intermediate form, consortium. A
control form of a blockchain also results in who may participate in the blockchain. When it is
clear who can participate, you can see who can act as a validator to help maintain the
network, who can decide on the hardware and software of the system and who can help to
develop the strategy. Is there open access for everyone to be able to use the blockchain and
participate in the form of management or are some closed off from participation?

After first discussing the definition of blockchain governance in Section 9.2, we make a core
distinction between a system where everyone maintains the consensus mechanism versus a
system where only a select group can do this. This is the difference between permissionless
and permissioned (section 9.3). Section 9.4 further distinguishes between public, private and
consortium blockchains. The same section concludes with an overview of the different types
of blockchains, based on the distinctions in permissionless, permissioned, public, private and
consortium. Section 9.5 summarizes the chapter and lists the terms and sources used.

9.2 Governance
Blockchains are set up for various reasons and can adopt their own governance from there.
Governance is defined by Peter Weill as the framework of decision rights and responsibilities to
stimulate desired behaviour (2004, p. 3). This includes the following three main elements:
1. Rights to decision making.
2. Accountability.
3. Incentives.

9.2.1 Rights to decision making


Rights to decision-making include the right to submit, execute and monitor decision proposals.
These rights can be organized both centrally and locally. (Beck & Müller-Block, 2018, pp. 10-11).
In other words, is the power of decision-making concentrated within one party, a small group of
parties, or is it spread over a fully decentralized network? The question of how you want to

- 233 -
organize these rights in a decentralized manner has an impact on the choice between a public,
private or consortium blockchain.

9.2.2 Accountability
Accountability is linked to the right to monitor decisions and behaviours and to be held
accountable for your responsibilities on this basis. Accountability is exercised through contracts
and behavioural protocols that are, for example, laid down in blockchain systems. (Beck &
Müller-Bloch, 2018, p. 11)

9.2.3 Incentives
Participants in a blockchain can be encouraged to participate or even help maintain the
blockchain through monetary and non-monetary incentives. An example of a non-monetary
incentive is to obtain privileges in showing good behaviour. Other examples are that with good
behaviour you can enjoy greater visibility within the system and your reputation will increase. A
blockchain with a well-developed incentive structure encourages people to use the blockchain
and behave in such a way that their actions are in line with the goals of the system. (Beck &
Müller-Bloch, 2018, pp. 11-12)

- 234 -
Intermezzo: What Serey's governance looks like
Serey.io is a social media blockchain platform derived from Steemit. It is the first blockchain
project in Cambodia and aims to encourage Cambodians to write more. Serey believes that
writing is one of the best ways to develop your intellect. By writing, you are forced to reflect
on your own thinking and cultivate your imagination. In addition, like Steemit, Serey stores
all the content of a post on the blockchain, making it impossible to censor the content. It is
also an instrument to promote freedom of expression - something that is not yet accepted in
many countries of the world. The word "Serey" in Cambodian therefore appropriately means
"freedom".

Validation of
blocks

Serey
Governance

Accountability Incentives

Figure 90: The aspects of governance at Serey.

Serey's governance revolves around democratic participation. It contains the following three
aspects:
1. The right to maintain the Serey blockchain. Everyone who runs the blockchain, also
called witnesses, has been democratically chosen by the community to add new
posts to the blockchain.
2. 2. Participants in the blockchain are made accountable for their behaviour. This
aspect is in line with point 3. Users who post bad posts can be downvoted.
Downvotes make the post less visible and also make the post receive less monetary
rewards. The rewards take place in Serey coins.

- 235 -
3. Incentive system. Users are encouraged to post posts that the community deems
valuable as such posts get more upvotes. Upvotes lead to both monetary and non-
monetary rewards. Posts with more upvotes receive more rewards in Serey coins. In
addition, upvotes increase the user's reputation score and make the posts more
visible. Finally, the votes of users with more Serey coins also have more impact. A
vote of someone with 1,000 Serey coins has more impact than a vote of someone
with only 1 Serey coin.

Figure 91: Serey logo.

The governance system also encourages users to enter discussions in a civilized manner.
Trolling is discouraged because they can be downvoted. The downvotes make trolls less
visible and give them a lower reputation score that is visible to everyone.

- 236 -
9.3 Who can join with which role?
A blockchain does not always have to be accessible to everyone. A blockchain can have certain
rules, so that only people who meet certain criteria can participate. These participants can fulfil
certain roles that can be roughly divided into the following four aspects: transaction,
consensus, software and hardware and governance.

Transaction
Who can initiate, approve, view, change and change transactions?

Consensus
Who can act as validator of the data and provide consensus on the correct state of the
blockchain?

Software and hardware


Who is allowed to propose and implement which software changes? On which hardware,
including the network connections, do you run the blockchain?

Governance
Who decides the direction, rules, strategy and other control measures of the blockchain?

Figure 92: The four aspects you can participate in within a blockchain.

9.3.1 Roles
You can take certain powers from every aspect and combine them into a role. For example,
you can create a role in which someone can view transactions, participate in consensus
building and propose software updates.

9.3.2 Permissionless
One core distinction made between blockchains occurs at the consensus level. If a blockchain
allows everyone to participate in data validation and consensus building, it is called a
permissionless blockchain. Such blockchains are naturally open by nature. Examples of a
permissionless blockchain are Bitcoin and Ethereum. Everyone can run a full node, with which
all transactions can be validated, and everyone can also participate in the process of producing
new blocks and adding them to the blockchain. The only restriction is that you must have
hardware suitable to run the blockchain and, in the case of Proof-of-Work, you must have
enough computer power so that you can actually produce valid blocks. However, this is not a
restriction on who the person is. Everyone - no matter how old you are, where you come from,
- 237 -
where you live, what your status in society is or what gender you have - can participate in
consensus. It is important to realize that we talk about consensus building at the network level.
It is still possible, for example, to develop a smart contract or dApp on Ethereum in which
certain permissions are set about who may or may not use the smart contract or the dApp.

If everyone is allowed to run a full node, everyone can potentially view all data in the
blockchain. The protection of data must then be achieved by using anonymity technologies
such as, for example, Zero-Knowledge Proofs.113

9.3.3 Permissioned
In a permissioned blockchain, on the other hand, only a selected group of participants can help
validate data in a blockchain and thus contribute to consensus building. There is an authority
that must first grant permission to act as a validator. In other words, not everyone can be a
node on the network that helps maintain the blockchain.. In a permissioned blockchain, all
validators are therefore known to the authority. A permissioned blockchain therefore does not
rely on full decentralization in which everyone can participate in consensus building. Such
blockchains are more closed off by nature and often require the validator to disclose his
identity to those who are allowed to make decisions at the governance level.

9.3.4 Reasons to choose permissionless or permissioned


There are several reasons why you might want to opt for a permissionless over a
permissioned blockchain and vice versa.

Firstly, it is easier to combine multiple powers with permissionless. With a permissioned


blockchain, the chances are greater that, in line with an existing degree of organization, the
authorizations will be split more. For example, you can separate the initiation of a
transaction with a permissioned blockchain from viewing the transaction, or even give
someone the authority to correct or delete the transaction afterwards. The consequence of
a more subtle division of roles can lead to blockchain performance optimization. For
example, a smaller network of validators and more central governance control can process
more transactions per second and make strategic decisions faster. On the other hand, trust
in a decentralized system can also provide an opportunity to further decentralize powers,
reducing the need for compliance procedures such as internal controls.

113 Zero-Knowledge Proofs are covered in Chapter 5.


- 238 -
A second difference is that you make identity management more central in a permissioned
blockchain. Roles, authorizations and conditions to obtain these roles can be set up, as
companies know with current ERP systems. It is also possible to experiment with new, more
efficient consensus mechanisms. For example, you can decide to keep the group of
validators small and agree that only 5 of the 7 validators should approve a block. In addition,
you can also set the rule so that of these 5 there is always a specific subgroup of 3 that must
give permission for each transaction. Another requirement may be that the group of
validators must always have the latest and fastest hardware.

A third difference is that with a permissioned blockchain, you shift trust from a decentralized
system to the people you have authorized to participate. In line with this, you can decide to
shield the transparency of data more from other users, because as a company you do not
want or cannot share everything. The consequence of a less decentralized setup is that the
system can be more sensitive to errors, fraud, spam and distributed denial of service (DDoS)
attacks.

A fourth notable difference between a permissionless and permissioned blockchain is the


possible use of crypto tokens within the crypto economy.114 To encourage participants to
collaborate, participants can earn a reward in, for example, monetary tokens, more visibility
or a better reputation. Permissionless blockchains often use crypto tokens to function. This
is not always necessary with permissioned networks, because participants can be motivated
to display the right behaviour in other ways as part of system policy. For example, if the
permissioned network is that of a company, you can control the behaviour of participants
with instruments such as reward structures, opportunities for promotion or improvement of
fringe benefits.

9.4 Public, private and consortium blockchains


In addition to the distinction between permissionless and permissioned, there is also a
distinction between public, private and consortium blockchains. This distinction is based on
whether everyone can participate in a blockchain or not.

114 Crypto-economy is discussed in more detail in chapter 10.


- 239 -
9.4.1 Public blockchain
If everyone is allowed to participate in a blockchain, in any role, then there is talk of a public
blockchain. A characteristic of public blockchains is that it is not important who writes data
to the blockchain, who reads data from the blockchain and who is allowed to maintain the
blockchain. The latter ensures that most public blockchains are also permissionless. Due to
the low barrier to joining the network, such blockchains are the most decentralized.

Many peers

Most
Most
decentraliz
transparent
ed

Public

Reward Validator is
token (pseudo)
present anonymous

Consensus
dependent
on target
network

Figure 93: Aspects of a public blockchain.

In public blockchains, there is a strong confidence in decentralization and less confidence in


an authority that takes over the governance of a blockchain. The system itself enforces trust
through agreed protocols. By extension, if it is not important to know who is participating in
the network, you might as well grant them (pseudo) anonymity within the blockchain. You
mainly use a public blockchain, where everyone is treated equally, if you want a group of
like-minded people to work together. Cooperation is guaranteed in this by the consensus
mechanism. A blockchain where there is no central party to determine who can participate
in the network is also called an open blockchain. The participants determine the functioning
of the blockchain in line with group motives such as openness, neutrality and freedom.
Within the public blockchain, everyone can also participate in decision-making on all
governance issues. In addition, such blockchains are also more focused on stimulating

- 240 -
innovations, without taking the interests of one party or organization into account. Many of
the public blockchains are often open source due to their innovation-driven nature. To
encourage everyone to join the network and display good behaviour, which is consistent
with the goals of the system, a public blockchain often includes a reward token. With
Bitcoin, these are the newly created Bitcoins and the transaction fees that are paid to miners
after they produce a valid block with the computing power they provide to the network.

Public blockchains try to eliminate as many intermediaries as possible. Many intermediaries,


such as a land registry or notary, are more likely to opt for private blockchain initiatives in
which they can take on a role as intermediary. In addition, a public blockchain is not always
desirable for many companies, especially in a more regulated environment in which it is
expected, among other things, that they know the identity of all parties who write data to
the blockchain.

9.4.2 Private blockchain


If you don't trust that the blockchain software can be carried by a decentralized network of
(pseudo) anonymous like-minded people, you will want to put some of your trust in the
participants that you know and have chosen to participate yourself. You will want to
influence who can participate in issues related to governance, software and hardware,
consensus and transactions. A blockchain in which a central party can exert influence on its
own blockchain network is called a private blockchain. This central party has often set up a
number of nodes that manages itself and that keep the blockchain running together. In the
most extreme case, the party has a single node on which the blockchain runs. However, this
does not offer any advantages over a centralized network which is also a SPOF.

There is also talk of a closed blockchain when this central party decides who can and who
cannot participate. An open versus closed blockchain is only about participation and is the
result of having a public or private system. The central party can be a company that develops
its own blockchain. This company will thus want to control not only access, but also the work
that participants in the system do. For further control of the blockchain, the company draws
up rules regarding:
1. What a participant must meet.
2. Which roles you need to technically maintain the blockchain.
3. Which roles you need to execute, view and adjust transactions.
4. What roles you need for the entire consensus mechanism to work.
- 241 -
Few peers

Most Least
central transparent

Private

Validators
Reward
are known
token often
to private
absent
parties
Consensus
depends on
the target
of the
private
party
Figure 94: Aspects of a private blockchain.

The central party, business owners or the management team, invites specific participants
and assigns them a specific role. These participants include own employees and the roles are
created in line with the existing management control systems. If you know who someone is,
you assume they don't misbehave. After all, you also use your management control system
to check what they do, so that misconduct can be followed up with measures. This way, you
also support the legislator and auditors. In addition, a centrally managed organization can
make decisions faster because it consults with fewer parties. These decisions can concern
the four aforementioned aspects: governance, software and hardware, consensus and
transactions.

With a private system, think of an intranet in which you check the nodes, data and source
code. You know everyone and all transactions can be viewed if this is necessary, but you also
shield people from verifying or seeing certain transactions. This is useful when the data is
company sensitive. In a public system it is also possible to build this in technically, but in
practice this proves to be difficult and expensive for the time being.115

115 Ernst & Young (2019) has researched the transaction costs within a private blockchain and a public
blockchain that uses Zero-Knowledge Proofs. They conclude that the transaction costs of Zero-Knowledge
- 242 -
9.4.3 Consortium blockchain
An intermediate form of a public and a private blockchain is one in which multiple
organizations work together to set up a blockchain. This is called a consortium blockchain or
federated blockchain. The consensus is managed by a selection of nodes. An example of a
consortium is 15 financial institutions that each run a node. At least 10 of these 15 nodes
must approve a block. (Buterin, 2015) This is therefore a closed blockchain where the
consortium decides for the entire network who can participate with which role, which
transactions can be seen openly, which transactions remain protected and how the
governance should be structured. The consortium can, however, decide to make the right to
read the blockchain public.

Libra, the blockchain developed by Facebook to facilitate the Libra coin, among others, is an
example of a consortium blockchain. In addition to Facebook, it will also be managed by a
network of other parties such as Uber, Xapo, Spotify, Coinbase and Vodafone. Because the
governance structure of blockchain is not in the hands of just one party, but in the hands of
several known parties, it is more centralized than a public blockchain and more
decentralized than a private blockchain.

Proofs in public blockchains will become cheaper in the short term than privacy transactions on a private
blockchain. (p. 14)
- 243 -
Few peers

Fairly
Least
decentraliz
transparent
ed

Consortium

Validators
Reward
are known
token often
to the
absent
consortium
Consensus
dependent
on target
consortium

Figure 95: Aspects of a blockchain consortium.

Parties can have different interests within a blockchain consortium. A consortium supply chain
blockchain can, for example, consist of transporters, governments and financial institutions that
work together locally. In a consortium you can also shield your own transactions from other
participants. This is useful, for example, in communicating trade secrets or when two customers
make a price agreement via the blockchain. Full transparency of the data, as we know it from
public blockchains and anonymity of participants, is usually not on the books. On the other
hand, you will want to provide public insight into certain transactions to demonstrate the
integrity of the system and to provide certain data to auditors, for example.

- 244 -
Intermezzo: Facebook's cryptocurrency, the Libra
After years of refraining from the crypto world, a consortium of large companies and social
impact organizations, led by Facebook, wants to make their entrance soon. The original plan
was to introduce the future cryptocurrency, the Libra, in the first half of 2020. The Libra
White Paper (2019) describes the Libra as a low-volatility cryptocurrency that will run on the
Libra blockchain.

Goal of Libra
The goal is to make Libra a stable currency built on a highly secured and stable open source
blockchain. To keep the currency stable, it will be fully covered by Libra reserves - a basket
of real assets, such as bank deposits and short-term government bonds in the following
currencies: USD, GBP, EUR and JPY. In that regard, Libra is similar to the Special Drawing
Rights (SDRs) introduced by the International Monetary Fund in 1969 to replenish other
reserves of participating countries. SDRs are also linked to a basket of different currencies,
namely the USD, EUR, CNY, JPY and GBP.
The reason for linking the Libra to a collection of several assets is to make price fluctuations
less dependent on one asset. These assets will be held across a global network of
administrators who are only allowed to run a full node. As a result, Libra will enjoy the
benefits of stable traditional government money and the benefits of cryptocurrency. For
example, Libra will be able to be transferred almost immediately to both home and abroad
in a safe manner at low transaction costs.
The hope is that financial services will become better and cheaper and thus more accessible
to everyone.

Considerations for the layout of the Libra blockchain


The Libra blockchain has been developed with the following three requirements in mind:

1. It must be scalable to billions of accounts with high transaction processing and


speed.
2. The funds and financial data must be highly secured.
3. It must be flexible enough to enable future innovations to the network and financial
services.

- 245 -
There has been chosen for:
1. To introduce a new programming language called Move. The aim of Move is to make
the development of smart contracts and transaction logic on the blockchain safer, so
with fewer risks that the software developer writes errors in the code that lead to
unforeseen bugs and unwanted behaviour of the software.
2. In addition, a Byzantine Fault Tolerance consensus protocol has been chosen that is
suitable for high transaction processing, has little network delay and energy is more
efficient than the Proof-of-Work consensus mechanism of, for example, Bitcoin. The
consensus protocol is the set of rules that determines how consensus is reached
within a blockchain network about the correct state of the blockchain and what the
conditions are for a transaction to be approved.
3. Furthermore, according to the White Paper, the blockchain is pseudo-anonymous
and offers users the possibility to create multiple addresses that are not linked to
their worldly identities.

De Libra Association
The Libra Association will consist of a consortium of founding members, including Uber,
Xapo, Spotify, Coinbase and Vodafone. To enter the consortium, they had to contribute $10
million USD to the Libra Reserve. In addition, there are also social impact organizations such
as Women's World Banking and Kiva. The consortium participants will receive Libra
Investment Token (LIT), which will allow them to participate in the governance of the Libra
Association. They may also be rewarded in LIT for blockchain maintenance and transaction
validation.

The Libra Association will manage the Libra Reserve in favour of the stability and growth of
the Libra economy. The interest earned on the Libra Reserve will be used to cover the costs.
The Libra Association will be the only party able to create and destroy new Libra. New Libra
is created when authorized resellers have purchased Libra from the Libra Association with
fiat money to cover the newly issued Libra. Libra will only be destroyed when the authorized
resellers sell their Libra to the Libra Association in exchange for the underlying assets. The
Libra Reserve acts as the "buyer of last resort".

- 246 -
Figure 96: Libra consortium (Libra.org, 2019).

The Libra Association's policy can only be changed if a majority has been reached among the
participants. It is still unclear how much consensus must be reached. It is also unclear how
much consensus must be reached to approve a transaction. As with most other Byzantine
Fault Tolerance protocols, 67% consensus is expected to be required for transaction
approval. Another goal of the Libra Association is to develop a standard for open digital
identities. Such identities are a prerequisite for financial inclusion, according to the Libra
Association.

Permissioned blockchain
That not everyone can run the blockchain on their own computer means that it is a
permissioned blockchain. However, they intend to start the transition to a permissionless
environment within 5 years, so that everyone can also run a node, in order to help maintain
the network.

Calibra wallet
Libra will be implemented in the Facebook ecosystem, including applications such as
Messenger, WhatsApp and Instagram. The wallet in which Libra will be stored is called the
Calibra wallet.

What will the consequences of Libra be?


It is difficult to predict what the consequences of Libra will be for the crypto and financial
world, especially because not all details and regulations regarding Libra are known yet.

- 247 -
9.4.4 Overview of Permissionless vs Permissioned vs Public vs Private
It is important to realize that a blockchain can take different forms. All the previously
discussed differences between permissionless, permissioned, public and private blockchains
show that blockchain building blocks can be used or modified in other ways, depending on
the goals the partnership is pursuing.116 Any company is free to experiment with the
technology and experience the advantages and disadvantages. The following table
summarizes the different blockchains, as we have previously distinguished them from each
other.

Trust in unknown validators

Permissionless Permissioned

Anyone can participate in the Anyone can participate in the


Public blockchain. Everyone can act as a blockchain. Not everyone is allowed
Trust in decentralization

validator. to act as a validator.


(PoW / Bitcoin) (DPoS / EOS)

Not everyone can participate in the


blockchain. Only members of a
Private ? private party or consortium may act
as a validator.
(PoA / Libra consortium)

Figure 97: An overview of different types of blockchains, expressed in permissionless, permissioned, private and public.

Choices between the different types of blockchains affect the control of the organization.
The more confidence there is in the decentralized nature of the blockchain, the easier it is to
participate. The more confidence there is that validators may participate in consensus
building as unknowns, the more transparent the system. After all, everyone can then run a
full node and help validate all data. Due to the decentralized nature, such systems often
have many validators and, partly because of this, still have scalability problems. Also, such

116 The building blocks of blockchain are the following properties: decentralized network, no Single Point of Failure,
peer-to-peer, unalterability of transactions, cryptography and consensus mechanism.
- 248 -
blockchains are relatively more expensive than the less decentralized and permissioned
variants. In the long run, however, a permissionless public blockchain is expected to become
increasingly efficient, so that more professional parties will opt for such blockchains. These
blockchains must then be arranged in such a way that the roles that participants can take for
business applications are well defined and meet business requirements. For example,
companies on permissionless public blockchains can anonymize data through Zero-
Knowledge Proofs and participants at the application level can be asked to show their
identity.

Internet of Blockchains
The internet of blockchains is a network of different blockchains that
communicate and exchange data. This is also known as interoperability.
Private blockchains almost automatically request multiple blockchains that
exchange data with each other. For example, one for your identity, one for
your belongings and one for your social media. There will be smart
contracts and interfaces with which data can be exchanged between
different blockchains.

- 249 -
9.5 Summary, terms and sources
Summary
A blockchain, like any partnership, needs a way to be managed. The management is also known
as blockchain governance. This exists of:
1. Rights to decision making.
2. Accountability.
3. Incentives.
The interpretation of these elements is related to the goals that the relationship pursues.

You need access to participate in a blockchain. Central authorities may need to grant you access
first. This is called a private blockchain. If access is arranged for everyone, it is called a public
blockchain.

Once you have access, you as a user are able to take on different roles that can be divided into
the following aspects; transaction, consensus, software and hardware, and governance. The
role of maintaining the consensus mechanism is important here. If everyone is allowed to do
this, it is a permissionless blockchain. However, if the role is reserved for a select group, we are
talking about a permissioned blockchain.

Whether or not to decide on an organization's access or role leads to four differences between
a permissionless and permissioned blockchain. First, by splitting up the roles, a company can
more or less maintain the underlying organizational structure. Secondly, you can strengthen the
identity management within your own blockchain if you control all roles and persons to whom
you give it. Thirdly, you do not transfer trust to the system, but you manage your organization
in addition to the blockchain in other ways, such as with personnel management and
department managers. This is why, fourth, within a permissionless system, you often use crypto
tokens to encourage collaboration.

The latter is also a reason that public blockchains have more confidence in decentralization and
the system, and less in an authority that takes over the governance of a blockchain. Other
reasons include the consensus protocols used, the open source nature and the transparency of
decision-making. This leads to a greater confidence in the joining and participation of strangers.
After all, trust lies in the system and not in the user.

- 250 -
Comments you can now explain
• A public network relies more on the blockchain system itself.
• In a private network, the need for central control and knowing its own participants leads
to a situation in which there is less need to rely on blockchain and more on its own
management control system.
• A company that is inclined towards a private blockchain will, in general, want to know
who is in the blockchain system and, on the basis of this, rather assign specific roles.
• A larger number of nodes helps build confidence in the blockchain system.
• Participation in and roles of participants in a blockchain are related to the anonymity of
the participants and the trust in the participants.

Glossary of Terms
Accountability: The obligation to be held accountable for responsibilities based on the
exhibited behaviour.

Consortium blockchain: A connection in which multiple organizations set up a permissioned


blockchain. This is also referred to as a federated blockchain.

Cryptotoken: A token on a blockchain that represents a digital or physical asset.

Federated blockchain: See consortium blockchain.

Closed blockchain: A blockchain in which a central party determines who can participate in
the network.

Governance: The framework of decision rights and responsibilities to stimulate desired


behaviour.

Internet of blockchains: A network of blockchains that communicate and share information.

Interoperability: See internet of blockchains.

Open blockchain: A blockchain where there is no central party to determine who can
participate in the network.

Permissioned blockchain: A system whereby an authority grants permission to validate on


the blockchain. The validators are known here.

Permissionless blockchain: A blockchain without authority. Anyone can join and fulfil the
role of validator. The validators do not need to be known.

- 251 -
Private blockchain: A blockchain in which a central party exerts influence on the entrants
and roles of its own blockchain network.

Public blockchain: A blockchain where the public, rather than a central party, jointly decides
on newcomers and roles of the blockchain network.

Sources
Beck, R., & Müller-Bloch, C. (2018). Governance in the Blockchain Economy: A Framework and
Research Agenda. Journal of the Association for Information Systems, 19(10), 1020-1034.
Doi: 10.17705/1jais.00518
Buterin, V. (2015, August 6). On Public and Private Blockchains. Consulted on December 22,
2019, from Ethereum website: https://blog.ethereum.org/2015/08/07/on-public-and-
private-blockchains/
ConsenSys (2018, December 12). 5 Reasons Why Enterprise Ethereum Is so Much More Than a
Distributed Ledger Technology. Consulted on December 22, 2019, from Consensys
website: https://media.consensys.net/5-reasons-why-enterprise-ethereum-is-so-much-
more-than-a-distributed-ledger-technology-c9a89db82cb5
Ernst & Young (2019). Total cost of ownership for blockchain solutions. Consulted from
https://www.ey.com/Publication/vwLUAssets/ey-total-cost-of-ownership-for-blockchain-
solutions/$File/ey-total-cost-of-ownership-for-blockchain-solutions .pdf
Libra Association Members. (2019). An introduction to Libra [White paper]. Consulted from
https://libra.org/en-US/wp-
content/uploads/sites/23/2019/06/LibraWhitePaper_en_US.pdf
Weill, P. (2004). Don’t just lead, govern: How top-performing firms govern IT. MIS Quarterly
Executive, 3(1), 1-17.
Zhang, R., Xue, R., Liu, L. (2019). Security and Privacy on Blockchain. ACM Computing Surveys,
1(1), 1-35.

- 252 -
- 253 -
10. Crypto economics and the relevance of cryptographic tokens

“This Cambrian explosion of cryptoassets will precipitate one of the greatest


reorganizations of wealth and transformations to the global economy in our
history. This represents a second kick at the can – an opportunity to assure that
everyone has the ability to benefit from the prosperity of the digital age.
To truly realize that promise, however, it’s time we looked at cryptoassets not
just as ‘digital gold’, but of digital everything.”
- Alex Tapscott (2018)

10.1 Introduction and learning objectives


In this chapter you will learn
• What tokens are and how they relate to cryptocurrencies.
• What crypto economics is and what role a token can play in this.
• What the difference is between tokens for the benefit of the application and tokens for
possession.
• What exchangeable and non-exchangeable tokens are and how they support the crypto
economy.
• How tokens can be used for fundraising.

Introduction
One of the great inventions of Satoshi Nakamoto is the combination of pre-existing
technologies with a reward system that keeps a decentralized network up and running. As
mentioned earlier, the reward in Bitcoins is paid to the miner who produces a block.

Tokens in our current society are known as vouchers and coins - for example, loyalty points,
casino coins and gift cards. We also know tokens in IT that provide access rights to a network to
perform a task or as representations of rights to underlying assets. A Bitcoin, which you could
also see as a cryptographic token, differs from the aforementioned tokens in the sense that it
represents value. Cryptographic tokens can be used for many reasons. In the blockchain
landscape, they mainly serve the Internet of Value.

- 254 -
With cryptographic tokens like Bitcoin, you can pay or save, but you can also take it a step
further. Bitcoin, for example, can be earned by supplying computer power to produce new
blocks. Thus, it creates an economy where several participants are encouraged to help secure
the network in exchange for crypto. The use of cryptographic tokens to stimulate certain
behaviour of participants and to punish wrong behaviour through a consensus protocol is part
of crypto economics.

In this chapter, 10.2 first describes what crypto economics is. Subsequently, 10.3 describes how
to classify tokens. This includes dApp tokens and cryptocurrency, but also the difference
between exchangeable and non-exchangeable tokens. The chapter is continued in section 10.4
with an overview of how tokens can be used for fundraising by an Initial Coin Offering, Security
Token Offering and Initial Exchange Offering. In chapter 10.5 the chapter is summarized, and
the terms and sources used are mentioned.

10.2 Crypto economics

Software
developmen
t

Applied
Crypto-
Blockchain cryptograph
economics y

Game
theory

Figure 98: Multidisciplinary aspects of crypto economics.

Crypto economics is a new discipline that has emerged through the advent of blockchain. It is
engaged in the production, consumption and wealth transfer through computer networks,
cryptography, game theory and software development. The foundations of crypto economics
- 255 -
are therefore highly multidisciplinary. (Sultan et al., 2018) These computer networks can be
seen as systems in which value can be exchanged between different people. What is defined as
value can vary from person to person and is completely subjective. For example, value can be
represented in a crypto token, a service or certain information. The computer networks are
designed with certain rules that act as a kind of law for everyone who participates. The first
difference with laws, as we know them in nation-states, is that they are not designed by a
government. Rules are designed by a private party if it is a private blockchain. In a public
blockchain, the rules are determined by a community that jointly reaches consensus on the
rules. A second difference is that there is confidence that the software enforces the rules,
rather than the government.

During the development of the rules, certain assumptions are made about how participants can
behave and misbehave within the network. The central idea behind crypto economics within
blockchain is that protocols are developed that encourage people to participate in the network
in such a way that the value of the network is maximized for the participants. Network value
can only be maximized if the network and the transactions that take place therein are also
secured. To accomplish this, cryptography is used to secure transactions within the network
and rewards are paid to participants who help secure the network, for example, by mining or
staking. For example, it uses hash functions, digital signatures, block rewards, crypto tokens and
consensus mechanisms.
The protocol should thus lead to a number of things such as:
1. Participants can trust that their transactions are actually being executed.
2. Transactions are executed quickly and irrevocably.
3. Transactions are cheap.
4. Everyone has access to the source code within a public blockchain.
5. There is no central authority that controls the protocol and network within a
decentralized blockchain. (Nguyen, 2018)

If we look at peer-to-peer file sharing programs such as BitTorrent and Napster, we see that
they lack additional economic incentives that, for example, the Bitcoin blockchain offers.
People who use BitTorrent and Napster keep files on their hard drive that they make available
to download to the rest of the network, without being rewarded. BAt Bitcoin, miners are
encouraged to help maintain and secure the network by receiving a reward in the form of
valuable Bitcoins. The underlying idea of a well-designed crypto economic system is that it
becomes sustainable and preferably a self-organizing system, without central parties urging
people to act in a certain way.
- 256 -
10.2.1 Game theory
Game theory is a formal study of decision making where several players have to make choices
that potentially affect the interests of other players. Game theory is about looking for optimal
decisions in a competitive environment. 117 A crypto-economic system should be designed in
such a way that participants always choose to display good behaviour in their choices, because
this leads to more profit than bad behaviour. In other words, bad behaviour should be punished
so severely that a player doesn't dare to do this. For example, within the Proof-of-Work crypto
economics system, if a miner tries to double-spend a transaction in a malicious block, his
malicious block will not be accepted by the network. In other words, his block becomes an
orphaned block and he is not rewarded for the work he has done. The miner has concentrated
his computer power on creating a malicious block without any rewards, while paying electricity
costs for the production of the block.

Central to crypto economics is that good behaviour of participants is rewarded, and bad
behaviour is punished. One way to encourage participants on good behaviour is through crypto
token rewards.

117 Game theory is also defined as a theory that assumes that man is rational - homo rationalis. He is supposed to
always act purposefully and logically to get as close to his goals as possible. (Bonanno, 2015, p. 2)
- 257 -
10.3 Classification of blockchain tokens

Coins or tokens? The internet was initially set up to exchange


What is the difference between coins and information with each other. This is also
tokens? The initial term was coin. Hence also known as an Internet of Information.
Initial Coin Offering. This coin was mainly Within this, it is difficult to store and move
intended to show that it is a currency as in value without a trusted intermediary
"currency". Since then, Ethereum, among (Tapscott, 2016). The role of the
others, came up with ERC-20 tokens, to which intermediary is mainly to see whether
the term token became fashionable. While value, for example a euro, is not spent twice
tokens aren't necessarily developed as a (Satoshi, 2008, p. 2). With the advent of
currency, they do offer these, and other, blockchain, you can bypass the need for
options. This means that the term token intermediaries and trade peer-to-peer value
covers a broader load and is more directly.118 This is also known as the
appropriate within the current developments Internet of Value. Crypto tokens are used
of blockchain. for this. A crypto token can be created on a
blockchain and also represent a tradable
asset. Sometimes tokens are created in an ICO or an STO to fund a project. The process of token
creation is called tokenization. Trading these tokens allows you to transfer ownership to the
underlying assets.

There are different perspectives of how to look at crypto tokens. As the field is still developing
rapidly, there is currently no clear and universally used format of tokens. The following format
is twofold and focuses on the future major role of tokens in an Internet of Value:
1. First, there are tokens for maintaining an application that encourage people to
participate in a blockchain application. These tokens are then used as a reward. Because
these tokens represent a value, they help facilitate participation. These tokens are
distinguished from tokens as assets. Tokens as assets also represent a value, but mainly
to demonstrate possession of this value and to transfer the right to it.
2. Secondly, there is the question of how to apply crypto tokens in an economic system.
One way to do this is to look at token exchangeability. Some are exchangeable and
some are unique. These unique tokens can represent a minuscule value yet efficiently
captured and traded on the blockchain.

118 With a sovereign identity, the barrier to sending value to each other is also significantly lowered. This way you
can send money, shares or property rights to real estate to each other even more reliably.
- 258 -
This classification can be summarized in the diagram below and is then further explained:

Token for the benefit of


Token as assets
the application
Asset: gold
Network: Ether
Security: part Shell
Application

Exchangeable Tokens
dApp: Augur
Crypto currency: Bitcoin

Asset: birth certificate


Non-exchangeable
tokens
Security: personal loan

Figure 99: Two-way token format. On the one hand, to distinguish tokens used to maintain a blockchain network vs demonstrate
and transfer property. On the other hand, to distinguish tokens that are redeemable vs non-redeemable.

10.3.1 Tokens for the purposes of the application versus tokens as assets
As mentioned in chapter 10, there are different participants and roles within a blockchain. To
ensure that people display the desired behaviour, tokens of a certain value can be used to
reward the desired behaviour. The value of the token depends on supply on the market. To
raise the question, you could try to better communicate the ease of use and the usefulness of
the network, creating a network effect where more people will use it.119 Within private
blockchains, the use of a token as a reward is not so useful, because a central party, such as
company management, already knows all participants in the network and regulates
cooperation. Participants are already rewarded with, for example, a salary and trust is already
being enforced by the central party. The different parties of the network do not know each
other within a public environment.

Note that a token can serve multiple purposes at the same time. For example, Bitcoin is used as
a network or application token and an asset. This is also known as a dual token structure.

119 A network effect is the effect that makes a product or service more valuable when there are more users of the
product or service. If there is only one user on a telephone network with a telephone, having a telephone is of little
value to one user.
- 259 -
10.3.2 Tokens for the purpose of the application
These tokens are used at the most basic level to encourage the network to be kept going. This
network can serve as a platform on which decentralized applications, dApps, run.

Tokens for the application can be classified as follows.


Tokens for the purpose of
the application

Network token

dApp-token

Figure 100: Subdivision of tokens for the application.

Network token
Network tokens are used to reward participants for the work they do to help maintain the
network. Other names for these network tokens are intrinsic, native, built-in or system incentive
tokens. They occupy a central place within a blockchain, because as an organizational idea they
support a distributed trusted network and thus shape the crypto-economic system of a
blockchain. In addition to an application, a network can also be a platform. These are networks
that serve as operating systems that run dApps - similar to Windows or iOS that applications
run on. The platform then supports, for example, with verifying transactions and preventing
spam. An example of a platform is Ethereum with the Ether token (ETH). Ethereum, like Bitcoin,
uses the Proof-of-Work consensus mechanism, with the miner generating the correct block
header hash also being rewarded in ETH. In addition, the miner also receives the fees for the
transactions.

- 260 -
Four examples of platform tokens are:
1. EOS tokens from the EOS network.
2. NEO tokens from the NEO network.120
3. ADA Tokens from the Cardano Network.121
4. IOTA MIOTA Tokens.

At IOTA, it is also the case that participants in the network can use the network without
compensation as long as they provide computing power or space, verifying two previous
transactions instead of using the MIOTA token as a reward. 122 IOTA does not use blocks and has
a low threshold to keep the data infrastructure running in connection with the use of IOTA-
based Internet of Things sensors. IOTA focuses on Machine2Machine communication (M2M)
and thus on the Internet of Things (IoT).123
dApp-token
dApp tokens are also referred to as utility token because they are only useful within their own
application and they are used to access this utility. They are of no use outside of that
application. You can of course trade them outside the application. However, they are not
always programmed as currency or share in a network. An example of a dApp token is Siacoin
(SC). Siacoin is also the name of the underlying cloud storage network. Within Siacoin, people
can make their free disk space available to others in the network. As a reward for offering disk
space, they earn Siacoin.

120 NEO is also known as the Chinese Ethereum. In addition to the NEO tokens, NEO also includes GAS tokens that
are used to settle transaction costs and ONT tokens with which token holders can participate in, for example,
network upgrades. For more information about NEO, see https://neo.org/.
121 Cardano's primary leader is Charles Hoskinson, co-founder of Ethereum. For more information about Cardano,
see https://www.cardano.org/.
122 More information about this pay-it-forward system and how IOTA works can be found at
https://www.iota.org/get-started/what-is-iota.
123 If IOTA is not using blocks, you may wonder if it is a blockchain. The IOTA website states that its data structure,
called the Tangle, does not use a blockchain, but "Directed Acyclic Graphs" to store the ledger. This benefits
scalability. While not using blockchain, IOTA is still relevant within the blockchain landscape, as it includes certain
features of traditional blockchains, such as platform tokens. In addition, it is also a relevant development of
blockchain alternatives. For more information about Tangle, see https://www.iota.org/research/meet-the-tangle.
According to the IOTA foundation, people will eventually participate less than 1% in all internet traffic. The IoT will
make up the rest of the traffic.
- 261 -
Two public chain examples of dApp tokens are:
1. Golem Network Tokens (GNT) run on Ethereum. GNT Tokens give you access to a
marketplace for computing power. People who share their computing power with the
Golem network are rewarded in GNT. GNT can also be used to rent computer power from
someone else.124
2. Augur Reputation Tokens (REP) that allow you to participate in a decentralized prediction
market. People can open a prediction market for a particular event with REP. Others can
then abandon their REP and bet on whether it will happen or not. Augur is built on the
Ethereum network.125

The dApp tokens on Ethereum are made according to the Ethereum Request For Comments 20
(ERC-20) protocol. The protocol defines certain rules and standards related to issuing tokens on
the Ethereum network. All dApp tokens made according to ERC-20 are unique to their
application and can be traded within the Ethereum network.

Some tokens that were initially created as a utility token are now designated as security tokens.
Security tokens are discussed later in this chapter.

124 For more information about Golem, see https://golem.network/.


125 For more information about Augur, see the white paper: https://www.augur.net/whitepaper.pdf.
- 262 -
10.3.3 Tokens as property
Tokens for the benefit of applications differ from tokens that revolve around capturing and
exchanging value within the blockchain applications, tokens as assets. This class of tokens can
be further subdivided as follows.

Natural asset token


Tokens as assets

Asset token
Cryptocollectibles
Fiat collateralized
Security token
token
Non stable coin
Natural asset
Cryptovaluta token
collateralized token
Stable coin
Crypto
collateralized token
Non collateralized
token
Figure 101: Subdivision of tokens as assets.

Asset tokens
If all rights and obligations to the underlying asset are recorded in the token, the value of the
token is the same as the underlying asset. For example, if your token is a digital representation
of the ownership of your home, the token is worth as much as your home. Digitizing property
greatly facilitates transfer within a blockchain. Such tokens with an underlying value in the real
world are called asset-backed tokens. An important condition for asset tokens is that the
identity of the owner can be established.

Within asset tokens, a distinction is also made between different types. Natural asset tokens
have gold, oil, CO2 and water as underlying values. Cryptocollectibles are tokens that represent
unique digital objects such as CryptoKitties or e-Sports cards or an avatar within a game.

Asset crypto tokens potentially bring other benefits:


1. You can easily divide the asset holdings and make them available in small units to
companies, users and investors. This is also known as fractionation. For example, you

- 263 -
could have the ownership of the Mona Lisa represented by 1,000 tokens and sell these
tokens on the market. People who have 1 token then own 1/1000th of the Mona Lisa.
2. You can program rights to the cryptographic token and enforce them via smart
contracts. For example, you can set your Mona Lisa token to be sold only to non-profit
organizations, or that it can only be sold to people who can prove to go to a painting
museum at least three times a year within a time frame of now and three months..
3. You reduce the friction of buying and selling, partly due to the fast and cheap
microtransactions.126 For example, a smart refrigerator can constantly scan where the
cheapest electricity is at a given time and buy electricity there one hour here and the
next.
4. You can record all relevant information for the underlying assets in the token. For
example, you can see who the previous owners of a second-hand machine you
purchased were. Thus, the sharing economy can receive an injection
5. You can easily create an asset yourself, such as an entrance ticket to a home concert. An
example of networks where you can create asset tokens is BitShares. For example, you
can create a token on BitShares that represents a share within your company. Such
tokens are also known as security tokens.

Security tokens
Security tokens are tokens representing bonds, stocks, loans, futures, options and other
negotiable financial assets. Although they belong to the asset tokens, they are often still
mentioned separately. Security tokens are also known as a stake or membership token. All
kinds of rights can be given to security tokens. For example, the right can be granted to view
revenue or profit and receive dividends at any time of the day. It can also offer the right not to
resell the security to everyone, or to be able to temporarily lend your voting rights about the
direction of the company to someone. Holders of security tokens focus on increasing their
value. They can do this by raising funds, expanding the network, voting on which developers
take which initiatives regarding the network and using the dApp commercially.

Some public blockchain examples of networks creating security tokens within their ecosystem
are Waves and NXT. Within Ethereum they are created as ERC-1404 tokens. Examples in the
private equity sphere are JP Morgan's Quorum that runs on Ethereum and Bakkt, an exchange
linked to existing non-crypto markets.

126 Micro transactions are payments in the number of cents. This is possible with blockchain.
- 264 -
Cryptocurrency tokens
Cryptocurrency tokens are also part of the asset tokens and are still treated separately due to
the expected financial-economic impact. Bitcoin is the best known example of a
cryptocurrency. In this case, the token is intended to act as money. The way in which Bitcoin
pursues the currency target is known. Other cryptocurrencies include Bitcoin Cash (BCH),
Litecoin (LTC) and Zcash (ZEC).

Stable coins are also added to the cryptocurrency tokens in this format. These are intended to
overcome the volatility of the value of cryptokens. Stable coins aim to represent a stable value.
This is done, for example, by holding physical assets, such as fiat or gold in collateral, such as
with Tether (USDT) and USDVault. Tether is fiat collateralized and USDVault is natural asset
collateralized with gold as collateral. This collateral is placed in escrow with a third party, often
a private bank, while the keeping of this collateral is enforced through audits that are
preferably available to everyone.

Crypto fiat tokens offer the blockchain benefits of an efficient, cryptographically secured and
fast payment method with low transaction costs. There are many central banks, including the
European Central Bank (ECB), that monitor crypto fiat development. If a central bank itself
issues a cryptocurrency, we are speaking conceptually of a Central Bank Digital Currency
(CBDC). While the CBDC can use elements of blockchain, it is not necessarily a blockchain
application. This is diametrically opposed to Bitcoin's origins as it is a centrally regulated
currency.

A crypto fiat can also have crypto assets in collateral. They are called crypto collateralized
tokens. Examples of this are DAI and BitUSD. The risk with such tokens is that the underlying
crypto assets lose such value that the parent stable coin can no longer hold the value.

Finally, there are also cryptocurrencies without any collateral. These are called non
collateralized tokens and keep their stable value through algorithms.

- 265 -
10.3.4 Blockchain promises to capture easily accessible unique objects
Tokens can also be classified based on their degree of interchangeability (fungible) or non-
fungible.

Exchangeable Tokens
A 1 kg pack of flour can be exchanged for another 1 kg pack of flour. A €10 banknote can also
be exchanged for two €5 banknotes. The same goes for exchangeable tokens: the individual
units are indistinguishable from each other and can be exchanged with each other. An example
is Bitcoin. 1 Bitcoin can be exchanged for another Bitcoin and two half Bitcoins can be
exchanged for 1 whole Bitcoin.127

Non-exchangeable tokens
Opposite exchangeable are the non-exchangeable tokens. These are unique and therefore
scarce. Think for example of persons, country and birth certificates that cannot be exchanged
against other persons, country and birth certificates. You can fractionate the underlying
property. Blockchain allows to capture the authenticity of non-exchangeable tokens in an
accessible, fast, cheap way. This is very important, because especially in a digital world, it is
easy to create a copy of a digital good. So in having a token as a representation, there is not
only an opportunity to easily trade goods from the real world together. It also gives you the
opportunity to give any physical good an authentic digital representation, however small or silly
that good may be, and to trade it. In addition, creating a scarce token is also economically
interesting if you want to keep the price high. The price of a product is determined in a
competitive market under the influence of buyers and suppliers. The lower the supply, the
greater the scarcity and thus the chance of a higher price.

127 However, what if, for example, you know that the cryptocurrency you have was once captured by the police in
connection with a murder? Then you might personally give a different value to the token. The same also applies to
fiat money. If you know that you have a euro coin that has been associated with a matter that is unethical to you,
you might appreciate that specific euro coin differently. It is also possible that tokens that appear to have been
used for criminal purposes through blockchain analysis will be blacklisted.
- 266 -
ERC-721 tokens – cryptogoods Smart contracts further enhance
The ERC-721 standard on the Ethereum tokenization by providing users with the
network features non-exchangeable tokens tools to give further rights and obligations to
to. In addition to token data as a name and their assets. For example, it can be
symbol, you can also enter data that displays programmed that an artwork is sold at the
unique property details. This is important first sale with a 10% commission and the
because a non- exchangeable token is not the subsequent resellers receive 2%.
same as another non- exchangeable token.
One CryptoKitty is not the same as another So much for the classification of tokens.
CryptoKitty. This data has been reliably Next, it is important to understand how
validated by the blockchain. tokens are created for fundraising and how
they can be used within the blockchain
domain.

- 267 -
Intermezzo: Paradigm shift by tokenization
All in all, tokenization seems to lead to a paradigm shift. Tokens offer a flexible and varied
way to transfer or capture value, information, ideas, rights and obligations in a fast,
transparent and secure manner between multiple parties. They can also be embedded in
smart contracts. You create so-called smart assets with the smart tokens. You can, for
example, follow up where a good comes from or how and by who it is insured or repaired.
An example of this are impact tokens in which parties such as government, investors and
organizations work together to support impact investing. With an impact token like a
SolarCoin you can verify the production of your own solar energy. Multiple SolarCoins can
provide insight into where solar energy is generated and consumed, enabling you to
automate impact measurement. Investors can use the coins to make the investment
portfolio more sustainable. You also become an asset in a low-threshold way. You can
exchange or trade that trading method fractionally as a guarantee for a loan. So part of your
house or share could theoretically be sold and used to run errands alongside your usual
currency. Tokenization can therefore create new business models.

Tokenization also ensures that the threshold for conducting transactions is significantly
lowered, for example due to the low transaction costs and the fast settlement time. It also
raises the following interesting questions about money. If a share in a company is a security
token that you then use to buy groceries, has the share become a form of money? Can we
say that we are returning to a situation where resources are exchanged without the
involvement of a medium like money? For the time being, this will remain a diffuse situation
for legislation and controlling and implementing authorities.

- 268 -
Intermezzo: Central Bank Digital Currencies
Discussions about the effects of cryptocurrencies like Bitcoin and Libra on nation-states and
financial service providers have accelerated in recent years. New crypto coins find use in the
real world and can be an alternative to a national fiat money. VHence, central banks have
launched multiple investigations and actions to keep the responsibility of the monetary
system and national currency to the nation-state. They also looked at the potential
consequences of a homemade Central Bank Digital Currency (CBDC). A CBDC is a
cryptocurrency based on centrally controlled blockchain technology or some other form of
Distributed Ledger Technology (DLT). (Lietuvos Bankas, 2019)

Benefits and risks


Some potential benefits of a CBDC are:
1. It is a cost-efficient and fast system that facilitates international payments and
reduces the payment risk. It can thus improve the competitive position of national
companies and currencies.
2. It can link to digital identities of citizens, organizations and devices.
3. Transactions with CBDC are encrypted within a blockchain or distributed ledger and
are therefore more secure.
4. A foundation is laid for further digital innovation, such as currency programming. For
example, it is possible to program automatic tax payments in the CBDC and to
regulate the supply of the CBDC.
5. It falls within the familiar environment of national currencies, largely removing
competition from digital currencies not created under national law.
6. It also allows other digital currencies to be created within national law by private or
public parties that collaborate with the CBDC.
7. It is more difficult to illegally duplicate or use the CBDC illegally.

In this intermezzo, these advantages are separated from the discussion about the extent to
which a nation-state should have a monopoly on a currency. After all, this discussion is
conducted separately in Chapter 13 of Part II.

In contrast to the benefits of a CBDC, according to Banque de France and the National Bank
of Belgium, there is a risk that the low threshold means that a large party of citizens
massively withdraw their money from a financial institution (Pfister, 2017). To this, the Bank
of England replied that banks can be protected by not requiring them to exchange their
deposits in CBDC on request (Kumhof & Noone, 2018).

- 269 -
If, after weighing these benefits and risks, a CBDC is reached, its implementation will require
a public-private partnership that would do well to address issues such as:
1. Coordinating interests and actions of various parties, including national banks,
governments, the European Union and the ECB through a consortium.
2. Introducing legislation that regulates the digital identity of citizens and devices.
3. Introducing legislation that regulates the processing of the digital information
surrounding the use of a CBDC.
4. (Bankenverband.de, 2019)
5. Introducing legislation that protects consumers and businesses when using a CBDC.
6. Regulating and introducing pan-European payment solutions. (Bankenverband.de,
2019)

Future
CBDCs are expected to launch in the short term. China recently launched a pilot of their
CBDC. This involves 4 large banks, 3 large telecom companies and Huawei (Ledger Insights,
2019). French central banker, Francois Villeroy, has also already encouraged the ECB to issue
its own CBDC and wants France to start a pilot with a CBDC as early as 2020 (Jakobson,
2019).

- 270 -
10.4 Fund Acquisition Tokens
There are generally three ways to acquire funds through token sales: Initial Coin Offerings,
Security Token Offerings and Initial Exchange Offerings.
Fund Acquisition Tokens

Initial Coin Offering (ICO)

Security Token Offering (STO)

Initial Exchange Offering (IEO)

. Figure 102: Three ways to acquire funds through token sales

10.4.1 Initial Coin Offering (ICO)


One of the first blockchain fundraising tools was the Initial Coin Offering (ICO), which was
created and sold on blockchain tokens. Ethereum is known as the primary blockchain where
ICOs took place. A large number of ICOs took place outside the protection of national laws and
regulations. As a result, there was uncertainty about questions such as: "What voting rights do I
buy as an investor?" And "Do I own part of the company?" Also, often no financial
accountability was provided to the shareholder, because no official shares were issued. This has
led to a lot of abuse, where funds were raised for ideas without any code having been written
and there was no intention to actually deliver a product. There are now more than 150,000
coins available on Ethereum.128

10.4.2 Security Token Offering (STO)


The successor to the ICO is the Security Token Offering (STO).129 It serves the same purpose as
an ICO. But now you do participate in a company's activities through its securities, such as
stocks. You also have voting rights and possibly also a right to dividend. Companies such as
Securitize and Polymath have written standard protocols for this, with which you can create,

128 See https://etherscan.io/tokens for a list of different tokens on Ethereum, among others.
129 You can see from the naming that there is no longer a reference to coins (ICO), but to tokens (STO).
- 271 -
distribute and hold STO tokens using your wallet on, for example, Coinbase.130 In this way, STO
retains the advantages of a quick and cheap way to transfer rights and obligations. Within the
Netherlands, the security token would fall under the supervision of the AFM and DNB and
legislation and regulations such as EMIR, PRIIPS, AMLD5 and MiFID II. Under Dutch law, the
investor must have completed a KYC process. In the United States, the Howey test is used to
determine whether a token is a security or not. If it is a security, it is under the jurisdiction of
the United States Securities and Exchange Commission (SEC). The question is whether an
investment has been made in USD within a partnership in which the deployment of a person
expects to lead to profits. In other words, the token is a security when it meets the following
requirements:
1. It is an investment of money.
2. There is a profit forecast due to work by a third party.
3. Investments have been made in a joint venture.

10.4.3 Initial Exchange Offering (IEO)


Another development is that ICOs and STOs are increasingly being performed via Initial
Exchange Offering platforms such as Bitfinex and Binance. Here, a start-up obtains
crowdfunding with a crypto exchange as intermediary, which usually takes on KYC and AML
checks. The funds are often obtained in the platform's own network token, for example the
Binance Coin (BNB).

130 Coinbase is a cryptocoins trading exchange.


- 272 -
Intermezzo: ICO bubble
During 2017 and 2018, a run on ICOs took place. This led to an investment bubble in the ICO
market. This bubble was caused by the increasing attention for Bitcoin and other crypto
tokens and the possibilities of blockchain technology.

The beginning of the bubble


Before the bubble took place, Bitcoin was known as a fairly obscure digital currency. With
initiatives such as Ethereum, it became clear that the underlying blockchain technology
could also be used for other purposes. This led to tense expectations for the young
technology. These expectations, together with the low threshold of making an investment,
the financial nature of Bitcoin and the history of a previous speculative bubble of Bitcoin,
were the main reasons for a massive increase in investments in the blockchain market.

This led to a higher value of Bitcoin and other public systems. In addition, it also led to more
blockchain investments by companies and organizations in private systems. This, in turn,
further fuelled attention and investment in ICOs, resulting in an ever-increasing influx of
new money into the market. The investment phenomenon FOMO (Fear of Missing Out)
often happens here: the fear that you will miss the appreciation of your investment portfolio
if you do not invest in an upward investment bubble. This bubble was twofold, on the one
hand investment in the growing number of ICOs increased. For example, the ICO
phenomenon only started in 2013, but the ICOs were worth $ 27 billion USD between 2014
and December 16, 2017. (icobench.com, 2019)

- 273 -
On the other hand, there was more interest in blockchain in general, and in particular in
existing tokens such as Bitcoin and relatives. Total market capitalization exploded during the
bubble from $18 billion USD in January 2017 to $830 billion USD in January 2018, multiplying
46 times in one year. The $27 billion USD in ICOs revenue is modest by comparison.
However, as a quickly accessible and initially very successful application of a blockchain, it
was a symbol of expectations of blockchain technology that have already been met.

Subsequently, the phenomenon accelerated with the arrival of Ethereum in 2014, when it
was the second largest ICO project. With the ERC-20 standard protocol, Ethereum offered an
opportunity to easily create a token as a new digital asset. This increased the number of ICOs
to 5,655 between 2014 and December 16, 2019 (https://icobench.com). The phenomenon
became so strong that even when the bubble deflated in 2018, the two largest ICOs to date
could still take place; those of EOS and Telegram. (https://www.coinist.io). Another
phenomenon from this time was the airdrop. Hereby, tokens are freely distributed to
support the promotion of these tokens.

The slowly increasing risks of ICOs


Accelerating market growth also increased risks of loss and scandals related to ICOs. First, it
emerged that the new technology could not live up to expectations, especially in such a
short period of time. This while roughly half of the ICOs went bankrupt during the highs of
the market. (Sedgwick, 2018) This was partly due to the inexperience of the entrepreneurs,
who may have the knowledge as developers, but not as business managers or financial
professionals. Ethereum had lowered the threshold for creating its own token so much that
it was easy to start an ICO yourself. (Kauflin, 2018) In addition, scandals surrounding ICOs
increased. For example, investors were lied to in scams, where unknown entrepreneurs ran
with the money. Theft also occurred with databases of central exchanges or with the
aforementioned Ethereum Genesis DAO (see chapter 8.7). There was also extensive writing
about market manipulation of various tokens, such as pump and dump. Substantial amounts
of a token are bought by a party to encourage others to buy. Then the same party tries to
sell the tokens at a higher price.

- 274 -
Another method of market manipulation is to spread false information about a token to
bring down the price. This is called FUD, which stands for spreading “Fear, Uncertainty and
Doubt”.

The majority of these investors who experienced the problems were inexperienced small
investors (De Vries & Wassink, 2018). These investors only slowly realized that in all these
cases they had no legal means to enforce their rights. Also, the tokens themselves did not
represent legal ownership or entitle them to potential dividends. National attention to the
shortcomings of these investments led to intervention by national governments.
To protect these investors, citizens have been warned about the high risks of the
investments. In many countries, ICOs are highly regulated or even banned. (Russell, 2017)
Despite the strong price fluctuations, the term HODL was widely used. In doing so, the
investor retains the token for the long term, despite losing value.

The deflated bubble


The bubble deflated during 2018. Total market capitalization of $195 billion USD on
December 16, 2019 is still nearly 11 times higher than in early 2017. In this sense, the
increased focus on the crypto market has had a lasting impact to date. Within this
capitalization, Bitcoin still takes the most value.

Figure 103: Market capitalization of the crypto market from January 1, 2017 to December 16, 2019.

However, other initiatives that you can run ICOs on, such as Ethereum and EOS, are also
listed here as well-funded blockchain organizations. Meanwhile, the notion of ICO itself is
developing with ideas such as Security Token Offerings (STOs), Digital Security Offerings
(DSOs), Initial Exchange Offerings (IEOs) and tokenized IPOs.

- 275 -
Intermezzo: Atomic Swaps
If you want to trade cryptocurrencies, you often use a trading platform (exchange) for this.
This platform is either centralized or decentralized. The disadvantage of a trading platform is
that not all available cryptocurrencies can always be traded. In addition, you cannot always
immediately exchange one cryptocurrency for another. Trading often still goes via Bitcoin
and Ethereum. For example, if you want to exchange Zcash for Litecoin, you must first
exchange ZCash for Bitcoin and then convert to Litecoin. The exchange is accompanied by
exchange costs.

There are specific disadvantages with centralized platforms. For example, the private keys
are owned by the owner of this platform. This therefore forms a Single Point of Failure. This
makes the platform sensitive to hacks. In addition, the central platforms often charge higher
rates compared to decentralized platforms to cover costs and make a profit. Decentralized
trading platforms (decentralized exchange or DEX) do not have these disadvantages, but
they do have other disadvantages. For example, decentralized platforms often have smaller
trading volumes to offer a market or a good price for each cryptocurrency.

To avoid these drawbacks of trading platforms, people who want to trade cryptocurrencies
are also turning to a peer-to-peer solution outside exchanges. Here you are, however, not
always sure that the other party actually supplies the cryptocurrencies. This is also known as
counterparty risk.

An atomic swap solves these disadvantages by setting up a direct transaction between two
wallets. This way you can exchange cryptocurrencies of different blockchains with low rates,
without an intermediary and with a guarantee of mutual delivery. Atomic swaps use smart
contracts for this. The word atomic indicates that the exchange is either happening entirely
or not happening at all. This makes atomic swap an important development to make
cryptocurrency trading safer. (Van der Hoeff, 2018) This method was first suggested by
Sergio Demian in July 2012. In 2013 it was further elaborated by Tier Nolan. Atomic swaps
became more widely known when the first working swap between Decred and Litecoin was
tweeted on September 19, 2017.

- 276 -
An example of how an atomic swap works
Bob and Alice want to exchange their Litecoin and Bitcoin via an atomic swap and agree on
an amount and price. Then they enter into a Hashed TimeLock Contract (HTLC), a kind of
virtual safe that can only be opened with two keys:
1. A HashLock key that distributes cryptocurrencies between merchants only after they
have signed the transaction with a secret code.
2. A TimeLock key that returns the cryptocurrencies to the original traders if the
exchange is not made within a specified time period.
Alice opens a contract for this, with which her Litecoin is placed on an HTLC address, the
safe, and a secret code is created, a preimage. This preimage is used to create a
cryptographic hash that Alice sends to Bob. Bob needs this hash to put his Bitcoin on an
HTLC address, the safe. So Bob uses the same hash based on the same secret code as Alice's.
Now Alice knows in which safe, HTLC address, the Bitcoins are located, she can open the
lock with her own digital signature and preimage. The preimage is then placed transparent
on the blockchain, so that Bob can use it to open the lock on his side. When both locks are
opened, the doors of the safe open and Alice and Bob can take out the Bitcoin and Litecoin.
This also fulfils and terminates the smart contract.

If at any time Alice and / or Bob decide to abandon the swap, they can decide not to open
their own lock. In that case, nobody gets the cryptocurrency from the other. (Nolan, 2013)

The cryptocurrencies are therefore exchanged between two different blockchains, although
you can of course also swap within the same blockchain. A swap between two different
chains is also known as a cross-chain swap. For two different blockchains you have to set up
a payment channel between each other, in which you can transfer multiple amounts to each
other via a smart contract, with the result that only the final balance of all transactions is
written on a blockchain. This saves space and rates for recording the information in blocks.
(OAX, 2018) These payment channels are supported by Bitcoin's Lightning network, among
others.

- 277 -
Future
However, there are still some technical limitations that prevent the development of atomic
swaps. For example, possibilities are being sought to harmonize the different hash
algorithms that blockchains use, to increase the speed and to prevent a blockchain from
having to support smart contracts to work with atomic swaps.
The application also lacks some liquidity to work efficiently, partly because atomic swaps are
still an emerging technology that has yet to gain in scale. By resolving this in the future,
atomic swaps are expected to further improve the security, scalability and interoperability of
blockchains. In addition, they make the blockchain ecosystem more currency agnostic, which
may benefit smaller blockchains. (Uczciwek, 2018)

Today, there are already trading platforms that operate entirely on atomic swaps. One is
Atomic DEX. For more information on this trading platform, see https://atomicdex.io/.

- 278 -
10.5 Summary, terms and sources
Summary
Cryptographic tokens serve many purposes such as accessing a system or representing
information from a physical object. This provides the tokens with value that you can exchange
between different parties within a blockchain. This transfer of wealth through computer
networks, cryptography, game theory and software development, together with wealth
creation and consumption, is part of crypto economics. An important role of Bitcoin as a token
is that it stimulates people to collaborate and thus help maintain a self-organizing crypto
economic system.

Tokens are classified in two ways in the book. On the one hand as tokens for the application
(network/dApp) versus tokens as assets such as assets and cryptocurrencies. On the other
hand, to fit them into an economic system by examining the extent to which a token can be
exchanged. Blockchain can capture and trade these tokens particularly efficiently, even if they
represent a minuscule value and/or are unique in their kind.

The book also refers to the easily accessible way in which financial funds can be acquired to
support initiatives. Initial Coin Offerings, Security Token Offerings and Initial Exchange Offerings
are mentioned as ways of fundraising. The trend here is that these tokens are increasingly being
offered and traded in an organized manner, supported by governments and regulations.

Comments you can now explain


• You don't need a token to run a blockchain.
• Tokenization is one of the major blockchain contributors to crypto economics.
• Crypto economics is a new discipline that has emerged through the advent of blockchain
and includes the study of computer networks, cryptography, game theory and software
development.
• Smart tokens easily transfer value, information, ideas, rights and obligations through smart
contracts.
• In general, every asset can receive a token within the blockchain, up to individual paper
clips.
• In the future, you could theoretically use any asset you own, tokenize and use these tokens
fractionally or otherwise as a means of payment or financing.
• Central banks monitor cryptocurrency developments very closely and some are already
experimenting with Central Bank Digital Currencies (CBDCs).

- 279 -
• There are several ways to acquire funds using tokens. The most common ways are Initial
Coin Offerings, Security Token Offerings and Initial Exchange Offerings.

Glossary of Terms
Financial Markets Authority (AFM): The Dutch regulator of the financial markets.

Airdrop: token distribution to support the promotion of these tokens.

AMLD4/5: The fourth and fifth EU Anti-Money Laundering Directive. This stands for the EU anti-
money laundering directive.

Asset-backed token: Refers here to a stable coin that holds collateral assets as collateral.

Atomic Swap: A direct swap between two different cryptocurrencies. Atomic swaps use Hashed
TimeLock Contracts.

Central Bank Digital Currency (CBDC): Cryptocurrencies issued by a central bank.

Counterparty risk: The risk that the other person with whom you enter into a transaction does
not fulfil his contractual obligation.

Cross-chain: Between two different blockchains. A cross-chain swap is a switch between


cryptocurrencies from two different blockchains.

Crypto collateralized tokens: Refers here to a stable coin that has crypto ownership as
collateral.

Cryptocollectibles: Tokens that represent unique digital objects such as CryptoKitties or e-


Sports cards or an avatar within a game.

Crypto economics: EA new discipline that has emerged through the advent of blockchain and
includes the study of computer networking, cryptography, game theory and software
development. Within crypto economics, research is being conducted into how a decentralized
network should be set up to encourage participants to display good behaviour as much as
possible.

Decentralized Exchange (DEX): A trading platform supported by a public blockchain without a


central party.

De Nederlandsche Bank (DNB): The Dutch central bank.

Dual token structure: A structure in which a token serves multiple purposes at the same time.
For example, Bitcoin is used as a network or application token and an asset.
- 280 -
European Market Infrastructure Regulation (EMIR): EU regulations on derivatives.

Ethereum Request for Comments 20 (ERC-20) protocol: The protocol defines certain rules and
standards related to issuing tokens on the Ethereum network.

Ethereum Request for Comments 721 (ERC-721) protocol: The protocol for non-exchangeable
tokens on the Ethereum network.

Fiat collateralized token: Refers here to a stable coin that holds fiat currency as collateral.

FOMO: Fear of Missing Out. The fear of missing out on a token's appreciation.

Fractionation: Dividing property tokens into small units.

FUD: Fear, Uncertainty and Doubt.

Fungible tokens: Tokens that are indistinguishable from each other and that can be exchanged.
An example of this is Bitcoin.

Trading platform: A platform on which tokens can be traded.

HODL: The investor retains the token for the long term, despite losing value.

Howey test: American test to see if a token is a security or not. If it is a security, it is under the
supervision of the Security and Exchange Commission.

Initial Coin Offering (ICO): Fund acquisition where tokens are created and sold by a company or
project.

Initial Exchange Offering (IEO): Fund weathering with a crypto exchange as intermediary, which
usually takes on KYC and AML checks. The procurement is often obtained in the platform's own
network token.

Internet of Information: First appearance of the internet, in which the internet was primarily
intended to exchange information.

Internet of Value: The internet where, in addition to information, value can also be securely
exchanged.

Exchangeable Token: See fungible token.

Membership token: See security token.

- 281 -
Markets in Financial Instruments Directive (MiFID II): EU directive aimed at harmonizing
financial markets within the EU and protecting the investor.

Natural asset collateralized token: Refers here to a stable coin that, as collateral, holds natural
property.

Network token: Token used to reward participants for the work they do to help maintain the
network.

Non-Fungible Token (NFT): Non-exchangeable token. They are not unique. This is in contrast to
a fungible token such as your bicycle with registered frame number.

Non-exchangeable token: See Non-Fungible Token.

Non collateralized token: refers to a stable coin where no collateral is held to support the value
of the token.

Packaged Retail Investment and Insurance-Based Products (PRIIPS): EU regulations on


alternative savings products.

Pump and dump: An investor buys substantial amounts of a token and then encourages others
to also buy so that the price increases. After that, the same investor tries to sell the tokens at a
higher price.

Securities and Exchange Commission (SEC): American counterpart of the AFM.

Security token: Token representing bonds, stocks, loans, futures, options and other negotiable
financial assets. Security tokens are also known as a stake or membership token.

Smart asset: A token representing an asset and defined by the rules of smart contracts.

Smart token: Token that you can program. For example, you can determine the right to use
digital music within a pre-agreed period.

Game Theory: A formal study of decision making where several players have to make choices
that potentially affect the interests of other players.

Stable coin: A blockchain token that remains relatively stable in value. The aim is to obtain the
stability of fiat currencies such as EUR and USD.

Stake: See security token.

Security Token Offering (STO): An STO serves the same purpose as an ICO, but now you
participate in a company's activities through its securities, such as stocks.
- 282 -
Tokenization: The process of token creation.

Token as an asset: Token that represents an asset.

Token for the benefit of maintaining an application: token that stimulates people to
participate within a blockchain application.

Utility token: Token that is used to be allowed to use a dApp.

Sources
Aggarwal, V., & Tan, Y. (2019). A Structural Analysis of Bitcoin Cash's Emergency Difficulty
Adjustment Algorithm. SSRN Electronic Journal. 1-36. Doi: 10.2139/ssrn.3383739

Autonomous Next (2018, October 8). CRYPTO: September ICOs 90% Down from January, but
Venture Funding is Ray of Hope. Consulted from
https://next.autonomous.com/thoughts/crypto-september-icos-90-down-from-january-
but-venture-funding-is-ray-of-hope

Bankenverband (2019, October 30). German banks say: The economy needs a programmable
digital euro! Consulted from
https://en.bankenverband.de/newsroom/comments/programmable-digital-euro/

Bonanno, G., (2015). Game Theory: An open access textbook with 165 solved exercises.
eScholarship, University of California. Doi 10.13140/RG.2.1.3369.7360

Chan, W. (2018, September 18). Atomic swaps, cross chain swaps, on chain, off chain.
Consulted from https://medium.com/@OAX_Foundation/tl-dr-atomic-swaps-cross-chain-
swaps-on-chain-off-chain-f428512e1d2a

Cointelegraph. (n.d.) Difference between Bitcoin and Bitcoin Cash. Consulted from
https://cointelegraph.com/bitcoin-cash-for-beginners/btc-bch-differences

Colloquium of the Belgian Financial Forum in cooperation with SUERF & The European Money
and Finance Forum & Eggsplore, Smets. J. (2016). Fintech and Central Banks. Consulted
from
https://www.suerf.org/docx/l_ec5decca5ed3d6b8079e2e7e7bacc9f2_9467_suerf.pdf

Crypto Gibraltar (2019, March 25). Interview with Komodo's CTO, How Atomic Swaps Will
Change How Cryptocurrency is Traded. Consulted from
http://www.cryptogib.gi/interview-with-komodos-cto-how-atomic-swaps-will-change-
how-cryptocurrency-is-traded/

- 283 -
Decred. [@decred]. (2017, September 19). [Tweet] Consulted from
https://twitter.com/decredproject/status/910224860625780736

Finextra (2019, October 31). German banks call for digital euros. Consulted from
https://www.finextra.com/newsarticle/34677/german-banks-call-for-digital-euro

Frankenfield, J. (2019, June 25). Atomic Swaps Defined. Consulted from


https://www.investopedia.com/terms/a/atomic-swaps.asp

van der Hoeff, M. (2018, April 20). Atomic Swaps Simply Explained: How to Swap
Cryptocurrencies without a Middleman. Consulted from https://hackernoon.com/atomic-
swaps-simply-explained-how-to-swap-cryptocurrencies-without-a-middleman-
6cd29680c32e

Mayer, T. (2019). A digital euro to save EMU. Consulted from https://voxeu.org/article/digital-


euro-save-emu

Jakobson, L. (2019, December 5). France: 2020 national digital currency bridge to e-euro.
Consulted from https://modernconsensus.com/cryptocurrencies/france-2020-national-
digital-currency-bridge-to-e-euro/

Juškaitė, A., & Šiaudinis, S., & Reichenbachas, T. (2019). CBDC - in a whirlpool of Discussion.
Consulted from
https://www.lb.lt/uploads/publications/docs/23917_e0ae2c863fbc83cc688dac638fb1645
5.pdf

Kauflin, J. (2018, October 29). Where Did The Money Go? Inside the Big Crypto ICOs of 2017.
Consulted from https://www.forbes.com/sites/jeffkauflin/2018/10/29/where-did-the-
money-go-inside-the-big-crypto-icos- of-2017 /

Kharif, O. (2018, July 9). Half of ICOs Die Within Four Months After Token Sales Finalized.
Consulted from https://www.bloomberg.com/news/articles/2018-07-09/half-of-icos-die-
within-four-months-after-token-sales-finalized

Kumhof, M., & Noone, C. (2018). Staff Working Paper No. 725. Central bank digital currencies -
design principles and balance sheet Implications. Consulted from
https://www.bankofengland.co.uk/-/media/boe/files/working-paper/2018/central-bank-
digital-currencies-design-principles-and-balance-sheet-implications

Lannquist, A. (2019). Central Banks and Distributed Ledger Technology: How are Central Banks
Exploring Blockchain Today? [White paper] Consulted from
http://www3.weforum.org/docs/WEF_Central_Bank_Activity_in_Blockchain_DLT.pdf

- 284 -
Leonard, S. (2017, June 21). The Internet of Value: What It Means and How It Benefits
Everyone. Accessed December 24, 2019, from https://www.ripple.com/insights/the-
internet-of-value-what-it-means-and-how-it-benefits-everyone/

Levine, M. (2019, April 4). Money Stuff, Token Sales Have Some Rules Now. Consulted from
https://www.bloomberg.com/opinion/articles/2019-04-04/token-sales-have-some-rules-
now

MacIver, K. (2016, July). From the internet of information to the internet of value. Consulted
from https://www.i-cio.com/big-thinkers/don-tapscott/item/from-the-internet-of-
information-to-the-internet-of-value

Mayer, T. (2019, November 6). A digital euro to save EMU. Consulted from
https://voxeu.org/article/digital-euro-save-emu

Nakamura, Y., & Kharif, O. (2017, December 4). Battle for "True" Bitcoin Is Just Getting Started.
Consulted from https://www.bloomberg.com/news/articles/2017-12-04/battle-for-true-
bitcoin-is-just-getting-started-quicktake-q-a

Nguyen, A., (2018, September 9). Intro to Cryptoeconomics. Consulted from


https://hackernoon.com/intro-to-cryptoeconomics-c984b020d186

Nolan, T. (2013, May 2). Alt chains and atomic transfers [Online forum comment]. Post posted
at https://bitcointalk.org/index.php?topic=193281.0

Peterson, J. Krug, J., Zoltu, M., Williams, A.K., Alexander, S .. Forecast Foundation. (November 1,
2019). Augur: a Decentralized Oracle and Prediction Market Platform (v2.0). Source:
https://www.augur.net/whitepaper.pdf

Peterson, J .. & Krug, J., & Zoltu, M., & Williams, A.K., & Alexander, S. (2019). Augur: a
Decentralized Oracle and Prediction Market Platform (v2.0) [White paper]. Consulted
from https://www.augur.net/whitepaper.pdf

Pfister, C. (2017). Monetary Policy and Digital Currencies: Much Ado about Nothing? Consulted
from https: //publications.banque france.fr/sites/default/files/medias/documents/dt-642.pdf

Popper, N. (2017, June 25). Some Bitcoin Backers Are Defecting to Create a Rival Currency.
Consulted from https://www.nytimes.com/2017/07/25/business/dealbook/bitcoin-cash-
split.html

Russell, J. (2017, September 4). China has banned ICOs. Consulted from
https://techcrunch.com/2017/09/04/chinas-central-bank-has-banned-icos/

- 285 -
Sedgwick, K. (2018, February 23). 46% of Last Year's ICOs Have Failed Already. Consulted from
https://news.bitcoin.com/46-last-years-icos-failed-already/

SFOX Edge (2019, June 3). Bitcoin Cash vs. Bitcoin SV: Six Months after the Hash War. Consulted
from https://blog.sfox.com/bitcoin-cash-vs-bitcoin-sv-six-months-after-the-hash-war-
e6d92a03b891

Sultan, K., & Runi, U., & Lakhani, R. (2018). Conceptualizing Blockchains: Characteristics &
Applications. 11th IADIS International Conference Information Systems 2018. 49-57.

Tapscott, S. (2018, July 25). Beyond digital gold; Cryptocurrency is just one of seven types of
cryptoassets you should know. Consulted from https://qz.com/1335481/cryptocurrency-
is-just-one-of-seven-types-of-cryptoassets-you-should-know/

Uczciwek, M. (2018). What Are Atomic Swaps? The Most Comprehensive Guide Ever! Consulted
from https://blockgeeks.com/guides/atomic-swaps/

Wassink, S., de Vries, M., (2018). Cryptocurrency market research report: investment bubble or
not? And: To what extent can an investment bubble be predicted? Saxion University of
Applied Sciences.

van Wirdum, A. (2018, November 14). When the Fork Forks: What You Need to Know as Bitcoin
Cash Goes to War. Consulted from https://bitcoinmagazine.com/articles/when-fork-forks-
what-you-need-know-bitcoin-cash-goes-war/

- 286 -
- 287 -
11. Blockchain and the Promise of the Internet (Web 3.0)

“The real promise of these new technologies, many of their evangelists believe,
lies not in displacing our currencies but in replacing much of what we now think
of as the internet, while at the same time returning the online world to a mere
decentralized and egalitarian system.”
- Steve Johnson (2018)

“We are concerned about the growing number of threats to the very existence
of the open Web, such as censorship, surveillance, and concentrations of power.
The Web that drives economic progress and knowledge, is the one where new
businesses bloom, where government transparency is a reality, and where
citizens document injustice.”
- Tim Berners-Lee and Web We Want coalition (n.d.)

11.1 Introduction and learning objectives


In this chapter you will learn
• That blockchain development fits in logically with other technological developments, such
as those within the 3rd and 4th industrial revolution.
• That data is central to the digital revolution.
• That interconnectivity offers great opportunities for further acceleration of technologies.
• How blockchain compares as internet technology.
• Which promises the internet made and blockchain fulfilled.

Introduction
Technological developments are inherent in humans. We learn from each other and the lessons
we learn are passed on from one generation to the next through information carriers such as
language, clay tablets, papyrus and database systems. This is something that other animal
species seem to be unable to do, or to a lesser extent. Technological advancements accelerated
when humans were able to generate and transport gigantic amounts of energy, starting with

- 288 -
the steam engine. This was the 1st industrial revolution. Every industrial revolution is
characterized by the enormous changes in how people organize themselves in, for example,
political, socio-economic and military systems. Industrial revolutions have partly caused this
impact because significant productivity steps are taken from an economic perspective. This has
always been accompanied by more efficient use of capital resources and a significant increase
in prosperity.

The 2nd industrial revolution was characterized by replacing steam power with electricity,
which could be generated and used in a more mobile way. In addition, the industrial application
of mass production led to further economies of scale and cheaper products. It also led to issues
of urbanization, organization of infrastructure, education, social innovation and the
environment

In the 3rd industrial revolution, production was further automated and the share of services in
the gross national product grew thanks to the rise of electronics, computers and the internet.
The internet is important because it organizes people in a way that was not possible before.
Within the Internet, there are three streams called Web 1.0, Web 2.0 and Web 3.0. These flows
are relevant to blockchain.

2e 3e
Automation,
Electricity, mass computers,
production electronics

Figure 104: Overview of the 4 industrial revolutions. The image comes from "How Can Space Support the Fourth Industrial
Revolution?" (Tully, n.d.).

- 289 -
Cyber security, Internet of Things, artificial intelligence, blockchain, robotization, biotechnology,
quantum computing will play a major role in the 4th industrial revolution. The 4th industrial
revolution is due in large part to the increased capacity of hardware, greater availability of
information and greater advancements in algorithms. This allows you to make even smaller and
more complex sensors and machines. In the 4th industrial revolution, the possibilities for
generating and analysing digital data are also further developed. This digital data is created
again thanks to the previous revolution, including computerization, process automation and the
internet. This makes it possible to understand even more deeply how, for example, a product or
production process can be improved, or how a person can be influenced to buy a product or
service.

In the next section, we will go deeper into the practical applications that are widely used thanks
to the internet, such as social media, email and e-commerce. They also discuss their influence
on the decentralization of our society. This is done by first discussing technological
developments that have made the internet possible. The three developments of the Web are
then discussed: Web 1.0, Web 2.0 and Web 3.0.

Section 11.3 describes how the internet could be reshaped by building blockchain layers in it,
the blockchain stack. In section 11.4. will further discuss the promises that the internet made at
the time, and the way in which blockchain could fulfil these promises. Section 11.5 below
examines the various technological developments that led to blockchain. The chapter concludes
with a paragraph in which a summary and the concepts and sources used are mentioned.

- 290 -
11.2 The technological development of means of communication and the internet
The Internet is based on communication systems such as radio waves and computers. What
follows is an overview of the technological developments that led to the internet and which
also enabled large-scale communication between individuals.

1836 Morse, Henry and Vail are developing the telegraph system.
1876 Bell patents the electric telephone.
1889 Hertz discovers electromagnetic waves.
Marconi uses a telegraph to send the first radio message across the
1902
Atlantic via electromagnetic waves.
1941 First electric computer is developed.

This created the conditions for the development of the internet. The internet itself is a network
in which devices are connected to each other and can exchange data with each other. This is
different from the development of the World Wide Web, also known as WWW or the web. The
latter is an information medium that can be reached via computers connected to the internet.
The internet has a longer history than the web.

11.2.1 Internet
In the 1960s, the Internet was developed as a decentralized technology to ensure that the
military communications network was able to exchange data quickly in a way that was not easy
to get off the air. Other stakeholders picked up on this development and spread the network of
connected devices. Scientists and visionaries, for example, saw that there was more potential in
a system in which information could be exchanged between everyone who was connected in a
decentralized manner. Below is a list of some key moments in the development of the Internet.

1945 Vannevar Bush publishes the idea of a memex in which your brain links information
through association with other information, not through looking up information
through indexes, for example. The concept of the memex has influenced the
development of early hypertext systems. So it indirectly influenced the creation of the
WWW.
1958 The United States is setting up the Advanced Research Projects Agency (ARPA) to
develop military technologies.131 ARPA later became the primary driver of the Internet,
although the idea was co-developed by others outside of ARPA. Among other things,

131 ARPA later turned into the Defence Advanced Research Projects Agency (DARPA).
- 291 -
ARPA has taken the initiative to have mainframes of military bodies, military suppliers,
universities and government bodies exchange information with each other. In the
coming years, the idea will develop into a decentralized system in which information
packages are exchanged via the fastest route.
1963 Ted Nelson develops a model that creates and links information. Here he also mentions
the concept of hypertext, a way of sharing information with each other.
1964 Paul Baran describes a distributed network as an alternative to a centralized network in
the article, "On Distributed Communications" (1964). In this he states that a distributed
network is less susceptible to attacks and he provides that data can be divided into
blocks before they are sent by the network.
1968 Douglas Engelbart demonstrates a computer system that uses a graphical interface,
video conferencing, mouse, word processor and hypertext, among other things.
1969 Two computers exchange data for the first time, which has led to ARPANET, the first
version of the internet. The number of connected military and university computers will
steadily increase after this. ARPA also uses it to allow researchers from one institution
to use computer programs from other institutions remotely to reduce collaboration
costs.
1971 First microprocessor is produced in series. Microprocessors ensure that computers can
be made cheaper and smaller.
1971 The first email is sent about the ARPANET. Email is seen as the killer application of the
internet.
1973 The word "internet" is mentioned by Robert Kahn and Vinton Cerf as an abbreviation
for inter-networking. Both are working on ARPANET.
1974 Robert Kahn and Vinton Cerf develop the Transmission Control Protocol (TCP) and the
Internet Protocol (IP), known collectively as TCP / IP. With this protocol, data is sent in
small packages to a node that places the packages in the correct order to form an
unambiguous information package. TCP / IP will later become a worldwide standard
with which data can be exchanged over the internet in the same way.
1979 Usenet is being developed as a network for the exchange of messages. These messages
are divided into newsgroups.
1982 Carnegie Mellon University scientists connect a local Coca-Cola machine to the internet,
which allows them to remotely retrieve information about the stock and the time when
new drinks are cold enough to drink. This was the first realization of the Internet of
Things.

- 292 -
Figure 105: The first practical application of an IoT device at Carnegie Mellon University (Maxey, 2016).

1983 Paul Mockapetris and Jon Postel are developing the Internet Domain Name System
(DNS), a protocol for translating IP addresses into easy-to-remember domain names.

1990 ARPANET is discontinued.

11.2.2 Web 1.0


Scientists and visionaries supported decentralized development where information could be
easily shared with each other. This led to Web 1.0, a web that grew out of the belief that every
individual has the right to freedom, self-determination and freedom of expression. What
follows are important developments within Web 1.0.

1990 Until then, the internet was mainly used by scientists and libraries to reach each
other's computers. However, this has not yet happened in a user-friendly manner. In
addition, large files could not be distributed via email or the existing networks, but via
floppy disks. To overcome this, Tim Berners-Lee developed the World Wide Web
(WWW). The WWW is based on the internet infrastructure that was mainly developed
through ARPA. Berners-Lee linked standards such as TCP / IP, hypertext and DNS to
self-developed universal standards such as the Hypertext Transfer Protocol (HTTP).
This protocol allows a web browser to query Hypertext Mark-up Language (HTML)
documents, another 1992 invention, from a server. In addition, Uniform Resource
Identifiers (URI) are also used, which are a unique name for a source or piece of
information. An example of a URI is the Uniform Resource Locator (URL) of which

- 293 -
https://www.saxion.nl/onderzoek/meer-onderzoek/blockchain is an example. In
addition, the WWW enables a server to return the requested HTML documents to the
client. This allows the transfer and display of web pages to be organized. By typing
web addresses in a web browser, you will see web pages. By clicking on links, you surf
user-friendly to other information. As a result, you can now use the internet without
much technical knowledge. This user-friendliness has caused the number of users to
increase significantly.

Figure 106: The World Wide Web ran on this first NEXTcube web server from 1990 (CERN, n.d.).

Berners-Lee was aware of the need for cooperation. He saw the WWW as a way of
distributing information openly and democratically so that everyone can reap the
benefits of cooperation. His employer, The European Council of Nuclear Research
(CERN) supported this and made the developed internet technologies open source.
1991 Tim Berners-Lee creates the first website. This creates Web 1.0, which is characterized
by static websites.
1992 Tim Berners-Lee develops the programming language, Hypertext Mark-up Language
(HTML), to format HTML documents so that they can be presented clearly in a web
browser. Web browsers request HTML documents from servers and display them in
the form of web pages.
1993 Marc Andreessen and Eric Bina take the idea further and organize graphic
information, videos and sound by having the above and other protocols work
together in the first graphic web browser - NCSA Mosaic. Mosaic, followed by
Netscape in 1994, was easy to use and open source. This brought the internet to the
masses. Now everyone could easily go from page to page. In line with this, the first
search engines are built.
1994 Founding of the World Wide Web Consortium (W3C) by Tim Berners-Lee, DARPA, MIT
and the European Commission, among others, to promote web standards. These

- 294 -
standards are free of rights, so that adoption is accelerated. The W3C is not the first
organization to attempt to agree on web standards and protocols. The Internet
Engineering Task Force (IETF) has been the most prominent developer and supporter
of open standards since 1987.
1998 From the beginning of ARPANET, the issuing of IP addresses was coordinated by Jon
Postel, a computer scientist who was also involved with ARPANET. The organization
Postel works for, the non-profit Internet Corporation for Assigned Names and
Numbers (ICANN), is responsible for coordinating DNS addresses and for the duties of
the Internet Assigned Numbers Authority (IANA). IANA's duties include maintaining a
file of DNS data and the related URLs provided by ICANN.
2016 In October, the last IANA functions will be transferred to the global internet
community.

11.2.3 Web 2.0


Many web protocols that were developed were open and used for the development of Web
2.0. Tim O'Reilly (2005) described Web 2.0 as a web for genuine interaction between users,
because people can both upload and download information. Where Web 1.0 mainly used
HTML, within Web 2.0 it was expanded with new technologies that make applications more
interactive. The programming language JavaScript and AJAX played a major role in this. Web
scripts can be loaded on part of the page without having to refresh the entire page. Within this,
the web and internet are shifting from a somewhat more technical niche network to a user-
friendly way for people and organizations to communicate and cooperate with each other.
Social media, blogging, chats, wikis, file sharing and e-commerce are among others emerging.
The size of the web is increasing exponentially as more people create and share content. This is
done in cheaper and faster ways, so that educational institutions, companies and home users
can also use the network to, for example, share research, make the library titles available and
communicate with stakeholders within a global network. With this, content-driven suppliers
such as news magazines, book publishers, music producers, video producers, distributors,
hotels, taxi services and other intermediaries are increasingly being replaced by new internet
applications such as search engines, Wikipedia, professional apps for editing photos or videos,
digital sales channels of digital media, Alibaba, Airbnb, Uber and MonsterBoard.

However, the use of Web 2.0 often runs through commercial intermediaries, which allows
central governments to censor and is vulnerable to security breaches that can be exploited by
malicious parties. In this sense, on the surface, the Web appears to be entirely owned by users
- 295 -
who create and participate in content but is under the control of central parties that can
influence what may be published and who may participate. (Henley, 2015)

What follows is a summary of the most important developments within Web 2.0.
1997 AOL comes with instant messaging.
1999 The first blogs such as Blogger.com are launched.
2001 Apple introduces the iPod, an easy-to-use digital music player.
2002 The BlackBerry 5810 is introduced with applications such as push e-mail, text messaging
and a web browser.

Figure 107: The BlackBerry 5810 phone is considered the first smartphone (Segan, 2013).

2003 Skype is introduced.


2004 Facebook is created.
2005 YouTube releases user-generated video content.
2006 Twitter launches microblogging.
2007 Apple introduces the iPhone, and Dropbox is coming up with cloud storage services.
2008 Spotify launches an online music streaming service. AirBnB and Android are emerging.
2009 The first Bitcoin block is produced on January 3, 2009 and Uber is founded.
2009 Berners-Lee and Rosemary Leith set up the World Wide Web Foundation with the aim
of contributing to an open web as a public good and a basic human right.
2010 Creation of Pinterest, WhatsApp, Instagram and IBM Watson. IBM Watson is a
computer system capable of performing analyses based on large amounts of data and
self-learning algorithms. It is currently also used for analyses of investment
opportunities to recognize cancer metastases.
- 296 -
2011 Snapchat launched and Apple Siri rolled out.
2016 Under further pressure from other governments, ultimate responsibility for IANA is
transferred from the United States Department of Commerce to ICANN. The
vicissitudes of US surveillance, as evidenced by Edward Snowden's leaked documents in
2013, have played a role in the transition.

11.2.4 Web 3.0


Blockchain is an important technology within Web 3.0, because it decentralizes data storage
and brings the client-server relationship to a more equal peer-to-peer relationship. Web 3.0
seems to be able to realize the promise that the web in at the start made. This is discussed in
more detail later in this chapter. In addition to blockchain, Web 3.0 will also use a semantic
web, artificial intelligence, data mines, virtual reality and augmented reality. This combination
of different technologies is also known as the digital mesh.

Some advantages of Web 3.0 compared to Web 2.0 are:


1. There will be no intermediaries that manage your personal data without your
permission. You can allow yourself which personal data you want to record or share
with other parties.
2. There will be less data breaches, because data is distributed over a decentralized
network like blockchain.
3. There will be less censorship, because the data stored on a blockchain is almost
impossible to censor or delete.
4. There will be less loss of internet services, because a decentralized system is almost
impossible to attack with, for example, a DDoS attack. Such a system naturally has
multiple backups. Data is therefore continuously processed.

Search engines will use the actions you take on the web to learn more about you and smartly
display results that fit your profile.

- 297 -
Below you will find a comparison table between Web 1.0, Web 2.0 and Web 3.0.

Web 1.0 Web 2.0 Web 3.0


The Web The Social Web The Semantic Web
Sharing information Interaction Immersion
Connecting information Connecting people Connecting context,
people and knowledge
User reads content User creates and shares Content is consolidated
content and personalized
Static content, interaction is Social content, interaction Visualization
a one-way street is a two-way street
Web Forms Web Applications Smart Applications
Analogy: Britannica Online Analogy: Wikipedia Analogy: Semantic Web
Table 4: Comparison between Web 1.0, Web 2.0 and Web 3.0.

- 298 -
Intermezzo: Gartner Hype Cycle for blockchain
A well-known model for seeing how a new, promising technology becomes a product in a
mature market is described in the Gartner Hype Cycle model. This model shows that these
products go through the following five phases.

Figure 108: The Hype Curve (Linden & Fenn, 2003).

1. Technology Trigger: technology is primarily a technological breakthrough that is not yet


used in products. However, it does receive media attention.
2. Peak of Inflated Expectations: there are great expectations about the technology.
3. Trough of Disillusionment: the hype deflates, and the same exaggerated reaction takes
place, but in a negative sense. Media is negative, companies are leaving, there is great
disappointment and there is increasing doubt about whether the technology will survive.
4. Slope of Enlightenment: investments are increasing, and new products are being
developed based on the technology. Adoptions are starting to take place on a larger
scale.
5. Plateau of Productivity: the advantages of the technology are clear, and the technology is
widely used in products. 20-30% of the public adopt the innovation.

The Gartner Hype Cycle is a useful model that sparks discussions as to how emerging
technology is a hype. However, the model is not based on the scientific method. Steinert
and Leifer (2010) criticize this and propose to Gartner to substantiate the model with a
mathematical model, so that Gartner can substantiate his own analyses quantitatively.

- 299 -
Figure 109: According to Gartner, blockchain is going through the Trough of Dilussionment phase in 2019 (Gartner, 2019).
Blockchain will go through the phase of the Through of Disillusionment in 2019, according to
Gartner, but will have a transformative impact on many industries in 5 to 10 years. The main
industries that will experience the greatest impact from blockchain are, according to
Gartner, banking and investment, gaming and retail. It is expected that developments in the
creation and acceptance of digital tokens will continue, among other things, and can be
disruptive within the banking and investment sector. These tokens also give gamers more
control over their in-game items and will also make them transportable from one gaming
platform to another. In retail, blockchain will have a major impact on the traceability aspect.
It will also be used more widely in combination with the Internet of Things and Artificial
Intelligence to radically change retail business models. (Gartner, 2019)

The potential of blockchain and Web 3.0 is so great that it is expected to lead to widely used
applications. As long as these applications are not in place, there is a risk of over-promises
that cannot be delivered quickly enough.

- 300 -
11.3 Blockchain technology stack
A technology stack is a combination of different technologies that makes an application
possible. In the case of blockchain technology, the technology stack consists of four layers
(Deloitte, 2017). These layers are:
1. Application layer. This layer contains the user interface, business logic and customer
interaction. Parts of this are also programming languages such as Solidity, with which
dApps can be developed.
2. Services low. This layer contains blockchain services that enable the operation of
applications and connections to other technologies. These include wallets, public and
private keys, smart contracts, oracles and digital identities.
3. Network and protocol layer. This layer contains protocols and network requirements to
participate in the blockchain. Examples of this are the consensus mechanisms such as
Proof-of-Work and Proof-of-Stake and the governance structure of a blockchain.
4. Infrastructure layer. This layer contains the underlying, often physical, infrastructure that is
required to run a blockchain. Components of this are, for example, servers and mining
equipment.

Figure 110: The four layers of the blockchain technology stack (Deloitte, 2017).

- 301 -
11.4 The promises of the internet
The promises of the Internet, as expressed by several cryptographers and techno-libertarians,
include such terms as having:
• one large network of connected individuals
• who directly
• and securely
• exchange information in an uncensored manner..

John Perry Barlow, one of the founders of the 1990 digital rights group Electronic Frontier
Foundation 132, supplemented this in 1996 through his "A Declaration of the Independence of
Cyberspace." This article was co-written in response to more stringent US Congress legislation
within the 1995 Telecommunications Act. Barlow sees cyberspace as a boundless environment
in which everyone is welcome and can participate sovereignly. This boundless environment is
one in which the world is more humane and fairer than the physical world built by
governments. Simone Ross calls this a techno-utopia in which individual freedom is assured and
social, economic and political boundaries are blurred. The techno-utopia envisioned by Barlow
would ideally lead to a democratization of everything and a more prosperous, healthier, fairer
society that also blurs physical and virtual boundaries (Ross, 2017).

The Internet has been able to keep its promise to connect people to each other so that they can
exchange information. The majority of people now have access to the internet in a fairly secure
manner. However, the techno-utopia described by Barlow has not become a reality.

11.4.1 The promises that the internet has not kept


The use of Web 2.0 often runs through large commercial intermediaries. Data is largely stored
on central hardware. The data is often in hands of a small group of dominant semi-monopolistic
companies, such as publicly traded US social media companies and state-controlled Chinese
companies such as Alibaba and Tencent. This not only allows them to view the information of
users, but also to indicate what users can and cannot see. It is also possible that the
information you see has been manipulated. From this you can deduce that the data you provide
is not always entirely in your own possession. Web 2.0 is therefore very sensitive to censorship.
In addition to the fact that you have to trust a third party to handle your data carefully,
intermediaries also cost time and money.

132 In the Netherlands, the Bits of Freedom group from 2000 has a similar mission.
- 302 -
The government itself is also an intermediary. Thus, within the Chinese Social Credit Rating
system for each population member, a score is maintained on the basis of the desired social
behaviour that they display both offline and online. Some governments ban certain social
media applications or news sites, such as during the Arab Spring. In other countries, such as the
United States, the government is trying to weaken encryption. The US government has tried
this with the iPhone, for example.133 A government can also compel companies to share
information about their users. In addition, malicious parties have an arsenal of tools, such as
phishing, DDoS attacks and man-in-the-middle attacks, with which they can disrupt your
internet behaviour or steal your personal data. The web is therefore not yet able to offer good
security and therefore great internet freedom to everyone. The highly centralized design of
Web 2.0 is one of the main reasons for this. The concept of Internet of Information also fits
within the idea of total freedom of expression. The current Internet is, to some extent, unable
to deliver on the promise of an Internet of Value. It is currently not transparent which parties
are involved in a transaction, under which conditions they manage the user data and to what
extent we can be confident that they comply with the conditions that are set during the
transaction.

The key to regaining control seems to lie in analysing and controlling the data created through
the internet. The size of data on the internet is increasing due to, among other things, IoT. This
also increases the importance of analysing data, controlling it to make money and guaranteeing
the safety of residents. So data is central and therefore also the algorithms that collect, analyse
and stimulate more data to take action again. This also makes trust in code and algorithm more
important. The question is, is all code transparent? Is it written correctly? Does it pursue the
goals we support? Here too you can say that the internet does not keep its promise: it is not
always transparent which parties are involved in your data traffic and with which code they
support you with which motives in that data traffic. If your data is stolen, how do you know in
time? As mentioned earlier, blockchain has a lot of potential here, because it does not want to
place data in centralized servers but wants to decentralize. It can also be used to decentralize
the Public Key Infrastructure and thereby reduce dependence on certification authorities.134. It
also offers opportunities to create sovereign digital identities and gain more control over what

133 After the attacks in San Bernardino, in which 14 people died, the FBI tried to get Apple to implement a backdoor
in the iOS software. Apple declined to do so because it would compromise the security of the iPhones and the
privacy of its users. (Kahney, 2019)
134 Also see the intermezzo, "Public key Infrastructure (PKI)", in Chapter 5.
- 303 -
data you share with whom. Blockchain is also able to let different parties from different
disciplines work together. After all, the condition of always knowing and trusting each other to
work together has lapsed. This potentially leads to entirely new collaborations, such as the
DAO, that are different from traditional organizational structures. These new collaborations in
turn lead to innovations that can nullify or replace well-trodden paths such as business control
audits or standard operating procedures.

11.4.2 Importance of privacy


As mentioned earlier, data privacy is critical given the role some intermediaries currently play in
influencing the individual. A profit-driven party is more likely to come to a crossroads where it
has to decide between using the marketing of personal individual data in favour of profit, or at
the expense of privacy. Although data within the digital world may be a deeply personal
reflection of who someone is, the individual concerned may not have been able to make this
reflection himself. However, he is confronted with a technology that influences his decisions,
while the motives for deploying these technologies may not be completely transparent to him.
If you, as a user do not know to what extent data you come across on the internet is complete
or correct, do you trust on the internet that people are who they say they are? This guaranteed
digital identity is important because it allows you to indicate that you exist, that your opinion is
authentic, that digital data associated with it belongs to you and that it is your colour, age,
salary, partner, house and passport. Remember that it is also not possible for a product in the
physical world to have a watertight digital identity. This also makes it inconclusive to
demonstrate that you own the product and have the right to transfer ownership of it to
another person.

Blockchain has the potential to make and keep digital data safe and private with the help of a
decentralized database and cryptography. This is seen by some as a Human Right.135 Chapter 12
reverts to the digital identity.

11.4.3 The promise of the internet that fulfils blockchain


Blockchain can design a decentralized network without an intermediary, in order to directly and
securely exchange information with each other. Certain current internet standards and services
such as DNS and ICANN may be decentralized. Blockchain can also decentralize the Public Key

135 For example, Hu-manity.co believes that every person has the right to own their own data.
- 304 -
Infrastructure, so that the need for central third parties that now issue certificates and
authenticate and distribute public keys can be avoided.

With the help of blockchain, the data is also stored decentralized and encrypted within Web
3.0. The promise of Web 3.0 is that it enables the user to decide for himself which personal
data he will record or share. The user therefore has more control over the extent to which he
remains anonymous on the internet. Intermediaries are increasingly being replaced by direct
peer-to-peer transactions between users. This in turn strengthens the decentralized sharing
economy. Community initiatives can be decentralized, because blockchain helps them with
anonymity, stronger privacy, transparency and, where necessary, a structurally more robust
and safer network.

To give an example of how blockchain promotes the initial promise of freedom of expression
and information sharing uncensored, consider the following situation:
1. You want to share your political opinion on social media.
2. Via a rating system of news providers as part of your social media you will gain more
confidence in the opinion of bloggers and journalists. These suppliers may or may not be
anonymous, but you can see to what extent they themselves are considered reliable
again and by whom.
3. With these parties, which you may or may not know, you could organize substantive
posts for a certain opinion or party
4. While sharing your content posts, you keep your personal data in a personal wallet, and
you can choose to share certain data freely or not. You can build in that posts are
illegible for some, or that you may or may not sell your data or make it available for
scientific research, for example.
5. Using smart contracts, you could then share data between social media platforms,
without giving away too much data of yourself. You can also set your post to be
automatically hidden after a certain time.
6. Finally, your post cannot be censored, because there is no central party that has control
over the storage of your mail.

11.5 Technological developments leading to blockchain


The developments below have contributed to the creation of blockchain technology.

1970 File sharing and other predecessors of decentralized P2P networks are being
developed within several initiatives.

- 305 -
1975 The Data Encryption Standard (DES), developed by IBM and after consultation with
the National Bureau Standard (NBS) and the National Security Agency (NSA), is
released.
1976 Whitfield Diffie and Martin Hellman publish "New Directions in Cryptography". In it
they present the concept of public key cryptography. Shortly after, they develop the
Diffie-Hellman key exchange protocol that allows public key cryptography to be
applied. In addition, they describe the concept of digital signatures without having
implemented them in an application.
1978 Ron Rivest, Adi Shamir and Leonard Adleman design their own public key
cryptosystem called the RSA. The purpose of the system is twofold: (a) to guarantee
privacy in electronic communications and (b) to be able to place digital signatures.
The system was first presented in the article, "A Method for Obtaining Digital
Signatures and Public-Key Cryptosystems."
1979 Ralph Merkle develops Merkle trees.
1983 David Chaum publishes the article "Blind Signatures for untraceable Payments" in
which he explains that electronic payment systems will have a substantial impact on
privacy. Chaum presents in the article how blind signatures can be used to make
transactions anonymous.
1989 DigiCash Inc. is founded by David Chaum based on his 1983 scientific paper. Chaum
implements blind signature technology in DigiCash to enable anonymous monetary
transactions.
1992 Cynthia Dwork and Moni Naor develop the Proof-of-Work concept to prevent spam
mail. The concept was presented in the article "Pricing via Processing or Combatting
Junk Mail" (1993). In it they describe a mail system that obliges the sender of the
email to first solve an arithmetic function before the email can be sent. The feature is
simple enough that a computer can solve it in a short time, but it is also difficult
enough for a spam computer to consume that significant amount of computer power
to send large amounts of emails at once. They call this function a price function.
1997 Adam Back presents Hashcash in the article "Hashcash - A Denial of Service Counter-
Measure". Hashcash is a Proof-of-Work system to prevent email spam and denial-of-
service attacks. Satoshi Nakamoto would later use the Hashcash Proof-of-Work
feature for Bitcoin.
1997 Nick Szabo introduces smart contracts in the article, "Formalizing and Securing
Relationships on Public Network".
1998 Wei Dai introduces B-money, a distributed money system that uses Proof-of-Work, a
collective ledger, rewards for maintaining this ledger and forcing and broadcasting
contracts based on digital signatures. Satoshi Nakamoto later refers in his Bitcoin
white paper to Wei Dai's article on B-money.

- 306 -
1998 Nick Szabo introduces Proof-of-Work in a decentralized digital currency, the Bit Gold,
to address the double-spending problem. Bit Gold never rolled out, however.
1999 Practical Byzantine Fault Tolerance Practical (pBFT) is introduced by Miguel Castro and
Barbara Liskov in the article "Practical Byzantine Fault Tolerance".
2001 File sharing programs, Kazaa and BitTorrent, are developing decentralized peer-to-
peer systems based on cryptography. These are robust systems where files can be
efficiently shared in a pseudo-anonymous manner. However, these systems are still
sensitive to viruses and you cannot link smart contracts or develop applications on
them.
2001 The National Security Agency introduces the SHA-2 family, including Secure Hash
Algorithm (SHA) -256.
2004 Hal Finney creates a Reusable Proof-of-Work system.
2008 On October 31, 2008, Satoshi Nakamoto's white paper "Bitcoin: A Peer-to-Peer
Electronic Cash System" appears on a cryptography mailing list.
2009 On January 3, 2009, Nakamoto creates the first Bitcoin block. He places the text “The
Times 03/Jan/2009 Chancellor on brink of second bailout for banks” in the block. On
January 12, Nakamoto sends 10 created Bitcoins to Hal Finney for the first time.

From this it becomes clear that blockchain technology is still young compared to internet
technology. It may take a decade before it is a mature technology that is widely accepted.
Compare blockchain with the early years of the internet, where initiatives were mainly shared
open source and where applications were not always user-friendly in the early days.

11.6 Summary, terms and sources


Summary
In the 3rd Industrial Revolution, the Internet organizes people in a way that was not possible
before. The Internet ensures that devices can exchange data directly, without the possibility of
shutting down the network easily. For some, like techno-libertarians, the internet promises:
• one large network of connected individuals
• who directly
• and securely
• exchange information in an uncensored manner.

The internet itself is based on many discoveries that build on each other. Web 1.0 also emerges
from this internet, which, with a web browser and open protocols, ensures mass adoption of
the internet. The developments within the web, in turn, play a role in the rise of blockchain.

- 307 -
Blockchain will once again support the 4th industrial revolution for technologies such as the
Internet of Things, artificial intelligence, robotization and biotechnology.

Web 2.0 makes the web more dynamic and interactive. However, data exchange still goes
through intermediaries such as commercial companies and central governments. Security
breaches are increasingly being exploited by malicious parties.

Web 3.0 responds to this by decentralizing data storage and extracting the interest of the
intermediary. This will make the internet safer and censorship of intermediaries more difficult.
This way, efforts are also made to fulfil the promise of the Internet. Encryptions to keep data
secure and private in the hands of the individual are crucial.

Comments you can now explain


• Blockchain fits perfectly within the digital revolution in that it creates cross-pollination
between the technologies.
• Blockchain itself is an example of a digital mesh
• Blockchain can help make the Web more secure and data more reliable.
• Blockchain developments logically fit within other technological developments, such as
those within the 4th industrial revolution
• Blockchain can help with the promises of the internet, for example in terms of data
reliability, direct exchange of information and a digital identity for objects that exist in
physical reality. However, blockchain also has drawbacks.
• Blockchain can help with the Internet of Value.

Glossary of Terms
1st industrial revolution: Development in which humans are able to generate and transport
substantial amounts of energy for the first time, starting with the steam engine. This initiated
the movement from agricultural societies to more urban societies. This revolution started in
England around 1750.

2nd industrial revolution: Development in which steam power is replaced with electricity,
which could be generated and used in a more mobile way. In addition, the industrial application
of mass production led to further economies of scale and cheaper products. This revolution
lasted from about 1870 - 1910.

3rd industrial revolution: Development also known as the digital revolution. Production is
becoming considerably more automated and the share of services, and thus communication, in

- 308 -
the gross national product is growing thanks to the rise of electronics, computers and the
internet. This revolution started about 1950.

4th Industrial Revolution: Development characterized by the influence of digital technology on


organic and biological systems, nanotechnology, artificial intelligence, the Internet of Things,
blockchain and others. This revolution is currently taking place.

Advanced Research Projects Agency (ARPA): Institute of the United States Department of
defence responsible for the development of emerging technologies. ARPA has developed the
ARPANET, the forerunner of the internet. The institute's name changed to defence Advanced
Research Projects Agency (DARPA) in 1972.

AJAX: Web technology to send and receive data asynchronously to and from a server so that
different sections of a web page can be refreshed at different times. This makes web pages
more dynamic.
ARPA: See Advanced Research Projects Agency.

ARPANET: The forerunner of the internet developed by ARPA. It is a network in which data
packets are sent between devices using internet protocols such as TCP and IP.

CERN: See Conseil Européen pour la Recherche Nucléaire.

Conseil Européen pour la Recherche Nucléaire (CERN): European Council of Nuclear Research.

defence Advanced Research Projects Agency (DARPA): See Advanced Research Projects
Agency.

Denial-of-Service attack (DoS attack): Cyber-attack where the target, often a web server, is
made unavailable by flooding it with redundant requests.

Distributed Denial-of-Service attack (DDoS attack): Same as a DoS attack, except that requests
are sent to a target from a network of different computers.

Digital mesh: Combination of different digital technologies such as blockchain, artificial


intelligence and Internet of Things.

Domain Name System (DNS): System that maintains the names of devices and services
connected to the Internet. The system translates the names of computers into IP addresses.

Electronic Frontier Foundation (EFF): American foundation that deals with digital rights. The
foundation fights against internet censorship and self-determination rights of internet users.

Gartner Hype Cycle: A model developed by the IT company, Gartner, to see how a new,
promising technology becomes a product in a mature market.
- 309 -
Hypertext Mark-up Language (HTML): Standard mark-up language for web pages. HTML
documents can be opened and read by web browsers. The styling of HTML documents is mainly
done with CSS.

Hypertext Transfer Protocol (HTTP): Protocol to communicate data between a web client and a
web server. It specifies which requests a client can submit to a server and which replies the
server can return.

Hypertext: Clickable text that directs the user to a specific text or page.
Internet Assigned Numbers Authority (IANA): American non-profit organization that
distributes IP addresses and manages the Domain Name System, among other things. IANA is
part of ICANN.

Internet Corporation for Assigned Names and Numbers (ICANN): American non-profit
organization that maintains and coordinates various internet name databases, including
through IANA.

Internet Engineering Task Force (IETF): Organization dealing with internet architecture and
developing voluntary internet standards.

Internet Protocol (IP): Network protocol to communicate data within a network of devices. IP
provides data packets between devices based on IP addresses. IP is often referred to as TCP / IP
together with TCP.

JavaScript (JS): Programming language with which interactive web pages and web applications
are written. Together with HTML and CSS, it is one of the core technologies of the WWW.

Man-in-the-middle attack (MITM attack): Attack where the attacker secretly intercepts, views,
modifies, and repositions communications between two parties, causing the parties to believe
they are communicating directly with each other.

Technology stack: Combination of different technologies that makes an application possible. In


the case of blockchain technology, the technology stack consists of four layers: infrastructure
layer, network and protocol layer, services layer and the application layer.

Transmission Control Protocol (TCP): Protocol that allows data transfer over a network. This
includes a guarantee that data will arrive as it was sent.

Uniform Resource Identifier (URI): Identifies a piece of data with a unique name to distinguish
it from other data.

- 310 -
Uniform Resource Locator (URL): Identifies the location of a piece of data. The URL is a form of
the URI. Examples of URLs are website addresses such as
https://www.saxion.nl/onderzoek/meer-onderzoek/blockchain.

Usenet: Decentralized network within which files and messages are exchanged using
newsgroups. A newsgroup usually focuses on a specific topic.

Web 1.0: A web that grew out of the philosophy that every individual has the right to freedom,
self-determination and freedom of expression. Web 1.0 is characterized by static web pages
formatted by HTML.

Web 2.0: Where Web 1.0 mainly used HTML, within Web 2.0 it was expanded with new
technologies that make applications more interactive. The programming language JavaScript
and AJAX have played a major role in this. Web scripts can be loaded on part of the page
without having to refresh the entire page.

Web 3.0: Third appearance of the WWW in which internet applications make use of a semantic
web, artificial intelligence, data mines, virtual reality, augmented reality and blockchain. Some
advantages of Web 3.0 are: no intermediaries that manage your personal data without your
permission, less data leaks, less censorship and less internet services.

World Wide Web (WWW): Standards with which data can be sent via the internet, such as web
pages and email. It is also sometimes seen as the collection of documents and applications
offered on the Internet.

World Wide Web Consortium (W3C): International organization that designs and supports
open standards for the WWW, such as HTML, XML, CSS and HTTP.

World Wide Web Foundation: Organization that is committed to an open and free web for
everyone, set up by Tim Berners-Lee and others.

Sources
Baran, R. (1962). On distributed communications networks. The RAND corporation. Santa
Monica. P2626. Doi: 10.7249/RM3420

Barlow, J.P. (1996). A Declaration Of The Independence Of Cyberspace. Electronic Frontier


Foundation. Consulted from: https://www.eff.org/cyberspace-independence

Castro, M. & Liskov, B. (2002). Practical byzantine fault tolerance and proactive recovery. ACM
Transactions on Computer Systems, 20(4), 398-461. https://doi.org/
10.1145/571637.571640

- 311 -
CERN. Servicing the first web server - Tim Berners-Lee's NeXT. Consulted on December 20,
2019, from CERN website: https://cds.cern.ch/record/1547556

Chaum, D. (1983). Blind Signatures for Untraceable Payments. Advances in Cryptology, 199–
203. https://doi.org/10.1007/978-1-4757-0602-4_18

Dai, W. (1998). B-Money. Consulted on November 19, 2019, from Weidai.com website:
http://www.weidai.com/bmoney.txt

Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on
Information Theory, 22(6), 644–654. https://doi.org/10.1109/tit.1976.1055638

Dwork, C., & Naor, M. (1992). Pricing via Processing or Combatting Junk Mail. Advances in
Cryptology — CRYPTO’ 92, 139–147. https://doi.org/10.1007/3-540-48071-4_1

Gartner. (2019, September 12). Gartner 2019 Hype Cycle for Blockchain Business shows
Blockchain will have a transformational impact across Industries in Five to 10 years.
Consulted on November 19, 2019, from Gartner website:
https://www.gartner.com/en/newsroom/press-releases/2019-09-12-gartner-2019-hype-
cycle-for-blockchain-business-shows

Henley, J. (2015, February 9). The great internet swindle: ever get the feeling you've been
cheated? Consulted on November 19, 2019, from The Guardian website:
https://www.theguardian.com/technology/2015/feb/09/andrew-keen-internet-not-
answer-interview.

Johnson, S. (2018, January 16). Beyond the Bitcoin Bubble. Consulted on November 19, 2019,
from The New York Times Magazine website:
https://www.nytimes.com/2018/01/16/magazine/beyond-the-bitcoin-bubble.html

Kahney, L. (2019). Tim Cook: the genius who took apple to the next level. Penguin Books.

Linden, A., & Fenn, J. (2003). Understanding Gartner's Hype Cycles. Consulted from
https://www.bus.umich.edu/KresgePublic/Journals/Gartner/research/115200/115274/11
5274.pdf.

O'Reilly, T. (2005, September 30). What is Web 2.0: Design Patterns and Business Models for
the Next Generation of Software. Consulted on November 19, 2019, from O'Reilly
website: https://www.oreilly.com/pub/a/web2/archive/what-is-web-20.html

Panetta, K. (2017, August 15). Enterprises should explain the business potential of blockchain,
artificial intelligence and augmented reality. Consulted on August 15, 2017, from Gartner
website: https://www.gartner.com/smarterwithgartner/top-trends-in-the-gartner-hype-
cycle-for-emerging-technologies-2017/
- 312 -
Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and
public-key cryptosystems. Communications of the ACM, 21(2), 120–126.
https://doi.org/10.1145/359340.359342

Ross, S. (2017, March 1). Whatever Happened to the Internet's Promise? Consulted on
November 19, 2019, from Techonomy website:
https://techonomy.com/2017/03/whatever-happened-to-the-internets-promise/

Steinert M, & Leifer L. (2010, August). Scrutinizing Gartner's hype cycle. Article presented at
Portland International Centre for Management of Engineering and Technology, Portland.
https://www.researchgate.net/publication/224182916_Scrutinizing_Gartner's_hype_cycl
e_approach

Szabo, N. (1997, December 29). The Idea of Smart Contracts. Consulted on December 23, 2019,
from Nakamotoinstitute.org website: https://nakamotoinstitute.org/the-idea-of-smart-
contracts/

Tully, C. (n.d.). How Can Space Support the Fourth Industrial Revolution ?. Consulted on
November 19, 2019, from SpaceNews.com website:
https://spacenews.com/sponsored/industrial-revolution/

- 313 -
- 314 -
12. Blockchain and de Self-Sovereign Identity

"Everyone, wherever they are, has the right to be recognized as a person before
the law."
- Article 6 of the Universal Declaration of Human Rights

“Granting control of digital identity to centralized authorities of the online world


suffers from the same problems cause by the state authorities of the physical
world: users are locked into a single authority who can deny their identity or
even confirm a false identity. Centralization innately gives power to the
centralized entities, not to the users.”
- Christopher Allen (2018)

12.1 Introduction and learning objectives


In this chapter you will learn
• What Self-Sovereign Identity (SSI) is.
• What the difference is with a digital identity.
• What the skew growth has arisen in Web 2.0 with regard to this identity.
• Why this identity is important within an Internet of Value.
• How to demonstrate the link between a product in the physical world and the digital
equivalent.
• What role the government can play in a Self-Sovereign Identity (SSI).

Introduction
The internet was developed without a standard regarding how people and organizations are
identified. As a result, websites and online service providers have developed identification
systems with usernames and passwords that are kept within their databases. This has not made
using applications easier. In addition, databases on which identity data are stored also attract
malicious parties. Also, you do not always have full access to the data that is kept about you
and what happens with that data.

- 315 -
Governments want to ensure that all citizens have an approved identity, which the government
is aware of. In this way, the European Union can, for example, support European citizens to
keep more access to their own data, for example through the General Data Protection
Regulation (GDPR) legislation. This chapter looks at the current situation, and the role that
blockchain can play in strengthening a citizen's individual digital identity using a Self-Sovereign
Identity (SSI).

For this, section 12.2 first examines what a digital identity is. The evolution of this digital
identity into a Self-Sovereign Identity (SSI) is discussed in section 12.3. In section 12.4, we
discuss the role of blockchain in achieving this SSI. Section 12.5 describes how you can
practically use the blockchain to capture the digital identity. The chapter concludes with a
summary and overview of the concepts and sources used in section 12.6.

12.2 What is a digital identity


Classically, identity consists of your name, date of birth and nationality - the information that
can simply also be found on your birth certificate or passport. This is information in which
mainly the national government plays a role and thus acts as a gateway to other services. With
a valid identity card you have access to education, voting, real estate, a bank account and other
opportunities that lead to full participation in society. The better the central government
functions in registering such identities, the easier you can access services.

A digital representation of this identity is in line with this but can indicate various concepts. For
example, it can be both a legal identity and a login for a social media access, behind which
personal user data can be found (Nyst, Pannifer, Whitley, & Makin, 2016).

In the following, the digital identity is discussed within two domains, on the one hand from a
commercial perspective and on the other from the perspective of the government.

12.2.1 Digital identity and the government


Traditionally, the national government is the party that maintains a person's identity. For
example, it registers birth, marriage and death. She also issues national identity cards and
passports. A government thus enforces, especially in well-organized countries, that people can
provide an official legal identity and that companies only trade with these people. This is done,
among other things, to know who their residents are, but also to protect their rights and ensure

- 316 -
that they pay taxes. In addition, the government can also do this to know who is within their
borders and where their compatriots are outside these borders.

With a guaranteed digital identity you can also improve an election process or link ideas to the
people whose ideas they belong to. In line with this, you can indicate what you think or vote
and, for example, temporarily grant this vote to someone else via e-Voting or use it to record
your own idea.

What pinches the government is that they keep the registration within different institutes.
Because the different institutes do not always share the information, a lot of data is recorded in
separate data silos. Sometimes the institutes cannot yet technically regulate the sharing of data
and sometimes it is not allowed in connection with privacy regulations such as the GDPR. This
GDPR is based on the GDPR law of the European Union. With this GDPR, the European Union
tries to support both a legal identity and a commercial identity.

In addition to the various data silos, governments still work with paper processes, while as
citizens we increasingly move into a digital domain where national digital identity data are
central. In some countries, this allows governments to collect information with corresponding
risks of misuse of personal information. Consider, for example, Aadhaar, a biometric ID system
from the Indian government, where each Indian receives an identification number with which
he can show who he is and where he lives. On the other hand, there are also governments that
do not always have the means or regulations to register their own population and provide an
identity card. If you don't officially have the documentation to prove who you are, it will be
difficult to travel internationally or request access to benefits or education. These people are
sometimes completely excluded from the digital financial system if they cannot apply for a bank
account. Then they cannot save money digitally and they have no chance of credit with a bank.
This lack of online access will complicate economic growth for these individuals and their
countries.

From the perspective of the transformation from paper processes to digital processes, it is also
important that the government makes e-Signatures possible.

- 317 -
12.2.2 Digital identity and other institutions
Nyst et al. (2016) view a digital identity from a commercial perspective as a means of building
trusted relationships with customers that allow you to:
1. To understand the customer better and can therefore serve him with a product or
service.
2. Offer this product or service safely, without major barriers to use this product or service.
This security is not helped by the fact that the Internet has historically been built to
identify devices rather than people (see Chapter 11). This makes this digital identity
more susceptible to hacks and leads to inefficiencies in tracking and protecting all
usernames and passwords.

Certain institutions therefore use the personal data for their services. In addition to commercial
companies, these are also institutions within the medical field or education. For example,
institutions within these fields want to know at which pharmacy you have previously received
medicines, whether you want to be called and what follow-up advice you received from your
previous school.

In order for this data to be reliable, they must have confidence in a person's online identity. If
they cannot trust the data, for example, it is difficult to estimate whether the potential
customer will pay on time. So these companies are also looking for a technology that offers
confidence and security in an accessible way. But it is a technology that does not slow down or
increase costs and that does not have the chance of high fines and loss of reputation. Think
again of having to follow privacy legislation such as the GDPR.

In addition to security risks and privacy issues, there is also the question of who the user data
is. For example, is information about how you use an app your own or that of the app maker?
Suppose information is collected about how you use your bank account, or your car, or the
clicks on your Facebook profile. Who then owns what information? And why are you now not
allowed as a citizen to get value from this data, except through the company that holds your
data.

- 318 -
12.3 Evolution of digital identities
According to Christopher Allen (2016), digital identities evolve in four stages:
1. Centralized Identity.
2. Federated Identity.
3. User-Centric Identity.
4. Self-Sovereign Identity.

Centralized Federated User-Centric Self-Sovereign

Figure 111: The evolution of online identities (Sovrin, 2017, p. 6).

12.3.1 Centralized Identity: administrative control by one authority


Central authorities, such as IANA for IP addresses and ICANN for domain names, have been
controlling digital identity since the early days of the Internet. From 1995, Certificate
Authorities (CA) started to help those commercial parties, such as Service Providers like
Bol.com and Facebook, prove who they were. In turn, these parties created their own
hierarchies in which they supported people with the management of their digital identity
(Allen, 2016).

In a centralized identity, one organization owns the digital identity. This currently concerns the
majority of all online identities. Examples of centralized identity are websites, for which you
have to create a separate identifier (username) and credential (password) per Service Provider.
The digital identity can only be used within the Service Provider's own identity domain. Because
these centralized organizations manage your digital identity, they can also take it from you. This
can be deduced from the conditions when you create an account, for example:

“Yahoo may, without telling you, immediately cancel or limit your access
to your Yahoo accounts, certain Yahoo Services and any associated email
addresses…” [Yahoo]136

136 Yahoo's Terms in 2016 (Sovrin, 2017, p. 6).


- 319 -
“We reserve the right to modify or terminate the Service or your access
to the Service for any reason, without notice, at any time, and without
liability to you…” [Instagram]137

The more the internet grew, the more hierarchies emerged with separate identities, and the
more websites forced their users to maintain their own identities with separate usernames and
passwords. All of this has resulted in a select group of dominant platforms being able to
monetize the collection, sales and analysis of user data, mainly for the benefit of advertisers.
The internet is thus centralized, or at least it is set up hierarchically with parties such as CAs,
domain registrars and individual sites. This entails the risk that they share personal data with
other parties, often without the user being aware of it. As a user you are practically forced to
keep track of the many different usernames and passwords. This prevents usability and attracts
malicious parties who attempt to steal identity data from central servers. These parties are also
forced to protect this data on their own servers. This increases the risk of hacks of personal
information such as passwords, email addresses, but also driver's license details and credit card
details. Users also have to deal with different login details with different service providers with
centralized identity systems. It can sometimes be difficult to manage these login details
properly.

137 Instagram terms in 2016 (Sovrin, 2017, p. 6).


- 320 -
SP 1 SP 2 SP 3

1 2 3

Figure 112: Centralized Identity model. The user creates user identifiers and authentication credentials for each individual
Service Provider. After the user has accessed the Service Provider's system, the Service Provider provides its services to the
user. (Josang & Pope, 2005, p. 4)

12.3.2 Federated Identity: administrative control by a federation of authorities


In a federated identity, one identifier and credential are used to access a Service Provider. The
identifier is then distributed to a group of Service Providers who have an agreement among
themselves that the identifier and associated credential can be used across the different
Providers. This results in a single virtual identity domain. For example, with a federated identity
you can use your Saxion data to log in to BlackBoard, email and other online Microsoft Office
services - a federation of Service Providers. The advantage of a federated identity compared to
a centralized identity is that it gives you a degree of portability. Portability means that the
identity is easy to carry and can be used with other Service Providers. In the case of a portable
identity, one identifier and credential can be used with, for example, my.Saxion, Blackboard
and your Saxion email. This means you also have to remember fewer usernames and
passwords.

Although federated identities offer more ease of use than centralized identities, the identity is
still in the hands of a central party that has offered the identity. The use of federated identities
makes a number of platforms even more dominant and increases privacy and security
concerns. If your identity is stolen from the central party, you will also lose access to other
services. The consequences of losing your identity are therefore greater than with a centralized
identity. (Sovrin, 2017, p. 7)

- 321 -
SP 1 SP 2 SP 3

Figure 113: Federalized Identity model. The user creates a single user identifier and authentication credential with a Service
Provider. After the user accesses the Service Provider's system, the same identifier and credential can be used to access the
other Service Providers' system. (Josang & Pope, 2005, p. 5.)

12.3.3 User-Centric Identity: individual or administrative control over different authorities,


without the need to use a federation of parties
User-centric Identity does not focus on the Service Provider within the identity process, but on
the user. This mainly concerns the following two elements: consent and interoperability. A user
can decide for himself which personal data he wants to share and with which Service Provider.
(Allen, 2016). However, the data is kept with a central body that provides online access. This
also means that this body that takes care of the registrations can change your identity at any
time.

12.3.4 Self-Sovereign Identity: individual control over each authority


The Self-Sovereign Identity (SSI) is the last step in identity evolution. In the case of an SSI, you
manage all your personal data yourself and register when you give whom access to what for
how long. This is accompanied by full control without the intervention of a third party. What is
central to SSI is autonomy. To make this possible, an SSI must be portable, so that the user is
not dependent on a central party that manages his identity. An SSI should also allow users to
make claims about Personally Identifiable Information (PII). This is information that can
identify a person. Consider, for example, a name, social security number and email address.

- 322 -
Figure 114: Self-Sovereign Identity focuses on you (Almasi, 2019).

Christopher Allen (2016) has identified ten principles of SSI. These are as follows:
1. Existence. Each SSI must be linked to the independent existence of a user.
2. Control. The user has authority over his identity. He must be able to refer to his identity,
upload it or even hide it.
3. Accessible. The user must have access to his own data so that he can also make claims
about his personally identifiable information. However, this does not mean that the user
may change any information linked to his identity just like that.
4. Transparency. The systems with which SSIs are administered must be free and open
source, so that it is possible for everyone to see how these systems work.
5. Persistent. Ideally, a user's identity should last forever or at least as long as the user
wants. It is important that this property does not conflict with the right to be forgotten.
A user must be able to get rid of an identity or update his identity. To make this
possible, there must be a distinction between identity and claims regarding an identity.
6. Portable. Identity data must be portable. This means that this data may not be stored on
a single central server. These servers can remove the identity. Portability assures the
user that he is in control of his identity and that he can take it with him to use other
services.
7. Interoperability. SSIs must be able to be used across different platforms and national
borders.
8. Consent. Users must consent to the use of their identity by a third party.
9. Minimization. Claims disclosure should be minimized. If identity data is required, it
should be possible to selectively display the information relevant to the moment. This
- 323 -
can be supported by cryptographic technologies, such as Zero-Knowledge Proofs. It is
also in line with protecting our right to privacy.
10. Protection. The rights of users must be protected. If there is a conflict between the
identity network and a user's rights, first, freedom and other individual rights must be
protected.

These ten principles fit within the following three essential domains of an SSI: secured,
manageable and portable.

Secured Manageable Portable


The identity data must be The user must be in control The user must be able to use
secured of who has access to and can his identity data anywhere
view his data and is not tied to a single
service provider
Protection Existence Interoperability
Persistent Persistent Transparency
Minimization Control Accessible
Consent
Table 5: Principles of Self-Sovereign Identity (Tobin & Reed, 2017, p. 10).

First, the SSI should address the security issues of today's Web 2.0. In addition, as a user you
want to be able to give full control of your own data and rights to others for sharing this data.
Finally, you want to be able to use the identity within different applications. It challenges the
technical infrastructure of the current Web 2.0.

- 324 -
Intermezzo: The costs of KYC and AML
Financial institutions have specific rules, such as the Know Your Customer (KYC) procedure
or Customer Due Diligence (CDD), in which institutions must collect mandatory data about a
new customer before they can provide services to that customer. This function of financial
institutions is also known as the financial gatekeeper function. You also have anti-money
laundering legislation; the Wet ter voorkoming van witwassen en financieren van terrorisme
(WWFT). The English term for this is Anti Money Laundering (AML). The measures to
combat terrorist financing are based on the rules established by the International Financial
Action Task Force (FATF). Under these laws, financial institutions must actively identify and
report unusual transactions. Certainly in international business, the government wants to
prevent partners and customers of financial services from obtaining money illegally.
Therefore, you often have to conduct a due diligence investigation as a financial institution.
Within this context, the institution checks, for example, whether the partner has been
placed on a list of suspicious parties and determines the risks of this party based on its
previous activities.

However, there are negative consequences associated with such regulations as:
1. Higher compliance costs.
2. More customer friction.
3. Higher chance of identity theft.

According to Thomson Reuters (2016), a financial institution spends an average of $60


million annually on AML compliance. Larger financial institutions sometimes pay up to $500
million per year. 10% of the world's largest financial institutions spend at least $100 million
annually. KYC's costs increased by 19% from 2016 to 2017 and by 16% from 2017 to 2018.
Such high compliance costs lead to more expensive financial services. (Callahan, 2018)

Thomson Reuters 'Cost of Compliance 2017 Report' conducted a survey among international
financial institutions. This resulted in the process of onboarding customers taking 22%
longer in 2016. In 2017, the process increased further by 18%. The result is that the process
at banks takes an average of 24 days and 12% of customers have switched banks due to KYC
issues.

- 325 -
In addition, the financial institutions are persuaded by the government to proactively collect
and analyse personal data for the benefit of that government. Until a few years ago, this
requirement was not made within the crypto world to companies that offer crypto coins. It
follows from the WWFT that providers of crypto coins in the Netherlands will be subject to
supervision by De Nederlandsche Bank from January 10, 2020. Therefore, these companies
must also actively analyse the wallets and transactions. For example, people who want to
buy or sell Bitcoins need to identify themselves by means of identity documents and they
may also be asked questions about income, origin of money and Bitcoins and what the
destination is. A risk profile must be drawn up for every customer and every transaction will
be monitored and checked. Bitonic, one of the first Bitcoin exchanges in the Netherlands,
sees such legislation as a restriction on the financial freedom of citizens:

“The right to privacy is always put in second place by anti-money


laundering and terrorist financing rules, which is how you ultimately
create a police state. We are of course bound by Dutch law and will
comply with it, but we are concerned about the far-reaching effects in
the short and long term. The new rules and mandatory transaction
monitoring apply to all customers and all amounts, which limits the
financial freedom of citizens.” (2019)

The KYC documents are currently mostly stored on centralized servers of multiple parties.
For example, if you want to take out a mortgage, you must provide your personal details to
your mortgage advisor and they can be shared with the mortgage provider and the bank.
This increases the risk of data breaches. (Johnson, 2019)

All of the above leads to longer and more expensive procedures and poorer services for
customers. Perhaps the most poignant consequence is that fewer people can open a bank
account. This mainly concerns the poorest people in society, because they are not
interesting for financial institutions because of the high operational costs. The people
without a bank account are also called the unbanked. According to the World Bank Group
(2017), approximately 1.7 billion adults are unbanked. Cryptowallets are expected to provide
a solution for many of these people in the long term. After all, you can create Bitcoin wallets
for free.

- 326 -
12.4 Blockchain and Self-Sovereign Identity
Due to the decentralized data structure, there is no need for dominant parties to put and
manage data traffic centrally on their servers. Multiple organizations can view, supplement and
use the information of transactions, ownership, identity and other information depending on
the rights that users give. This prevents double entry, errors, slow entry and misuse of privacy-
sensitive information.

12.4.1 Two schools of thought in which SSI is possible


The question is who adds the data and who controls it. There are two schools of thought for
this:
1. On the one hand, a user can create an account on the blockchain without submitting
any other data, such as a birth certificate. Here you have access to all your data via your
own private key that you store behind, for example, your biometric data and passwords
on your mobile phone. Examples of known applications for this are Sovrin, developed
with Hyperledger Indy, and uPort via Ethereum.

In this case, the power of the company shifts to the user who gains more sovereignty
and thus decides for himself what happens to his own identity data. In time, this could
fulfil the Web 3.0 promise of a more decentralized Internet with more privacy. For
example, instead of logging into Google Gmail to access your email, you can log into
your browser on your phone with a personal cryptographic key. Within this browser you
control your digital fingerprint and link the data that you find relevant, such as training,
work and reputation, or your own blockchain tokens for the benefit of your dApps that
are linked to each other. You are central here.
2. On the other hand, an already known registration, such as a passport, is placed on a
decentralized database by an institution. If someone wants to obtain a service now, this
person must demonstrate that he is the correct user before he can access the digital
services. Examples of well-known projects are ID2020, SecureKey and TrueRec from SAP
on Ethereum.

For example, if you want to have a vaccination in this case, the health organization
compares your evidence on a central database and records your vaccination data on the
blockchain. As a result, power lies in the hands of a central institution that can
determine what happens to this data. This is in line with Web 2.0.

- 327 -
It is in line with the expectation that the second mindset will be adopted on a larger scale in the
short term. So the current data that different institutions have, they add on the blockchain and
as a user you have to request access to it yourself, without necessarily making changes or
deriving rights from it. Chances are that the government will take an initiative to set up such a
wallet. There is a risk that your identity is on multiple blockchains that do not communicate
with each other. In the long run, the first option will arise in which a user creates an account on
the blockchain, without submitting any other data, such as a birth certificate. A hybrid system
will probably continue to exist in this way. This can be done in the form of an all-in-one app for
the customer. Search, entertainment, social media, games, payments and other activities are
then arranged in a solution in which the data is of multiple parties.

Adoption of one or the other system partly depends on how reliable the systems are and to
what extent a critical mass is reached to create the network effect.

Figure 115: Aspects of a self-sovereign individual (Allen, 2016).

- 328 -
12.4.2 Other advantages and disadvantages of your identity via the blockchain
In theory, an accessible blockchain always promises up-to-date, cheaper and, above all, safer
data. Consider the increase in hacks of personal information or the use of your personal
information for marketing, which you are not always aware of.138 The data is also more reliable,
because you supervise it together with another party. In the long term, this can be done even
faster, without an intermediary, and you can always carry your digital identity with you. For
example, to demonstrate when you access a secure site who hired you for when and where. In
case of loss of your data, you always have your own biometric data and a password to get your
private key back to your digital identity. Or as in the case of uPort, ask a quorum of people on
your contact list to create a new private key for you.

An SSI facilitates the monetization of your economic identity that may give you access to
property or credit.

Blockchain also offers the advantage of giving custom rights and obligations to the SSI data via
smart contracts. This way you can provide the data under your conditions: for that project, for
that time and with that refund. For example, you can temporarily give your vote to a person for
a specific topic. You will receive a digital key for your recently bought car, which you can resell.
And if you drive too fast, you immediately have your fine.

There may be a situation where you seek secret information to make a decision. For example, if
you want to calculate the amount of a possible mortgage for a new customer, but you do not
have the information about the salary you need. In that case, you must therefore be able to
prove a secret without the secret itself being revealed. Some ways to prove this are Multi-party
computation (MPC)139, attribute-based credentials140 and Zero-Knowledge Proofs. This
mechanism reduces the need to trust another. Or as Goossens and Verslype (2019) put it, in

138 For a visualization of the world's largest data breaches, see:


https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/.
139 Cryptographic technique that allows parties who collaborate on data to perform calculations together on the
blockchain without revealing their own input to each other. For example, a group of parties can calculate the
average salary between them without the parties revealing each other's salaries.
140 A way in which a third trusted person or organization only confirms necessary references without giving away
other data. For example, when buying alcohol, you can confirm that you are over the age of 18 without showing
any other personal information.
- 329 -
this case the focus was “on confidentiality, where blockchain just relies on transparency” (p.
129).

This will also allow businesses to collaborate more, even through public blockchains, as they
want to share data without too many business-sensitive details. The advantage is that you only
give away the data that is needed; via a public shared network that does not have a central
party that you can hack, or that will intentionally modify or block information. On a public
network you are then free to look at the transactions that are taking place, without you being
able to find out the details of the transactions. For example, you can view real-time data on
how many mortgages take place within a region at which interest, without seeing too many
personal details of the transactions. Against these advantages of sharing secret information, the
ease of use depends on the extent to which governments and public institutions and companies
can make and comply with agreements.

Apart from the digital identity of persons, it is difficult to demonstrate that the SSI of any
physical object corresponds to reality. This Proof-of-Existence (PoE) is remedied by trusted
parties, such as auditors and trusted sensors that remain necessary as an intermediary. The
infrastructure is also not yet ready to allow governments to fully cooperate with all parties.
There are legal, technical and privacy barriers that the European Union is trying to overcome,
among other things.

A network on which the identity of things is established is important for the Internet of Things.
A final, more temporary, problem is that blockchain and identity legislation is still lagging
behind and public blockchain is not yet scalable enough.

In addition to people, entities will also enter into certain contracts using smart contracts. Think
of a house as a legal company that for example rents itself out and hires parties for cleaning, or
a company that has to demonstrate that it has certain licenses and pays the relevant taxes, or
that it specifies which natural persons it knows as external representatives. A real estate
purchase agreement does not work without KYC and government control. Thus, the entity
requires official status, including a secure wallet with a private key and a public key to sign
transactions. The same applies to a company or foundation. It is clear that the government has
a role to play in ensuring that the large sums of money have no criminal origin, that the laws
are observed and that the tax is paid. And it is clear that a transparently recorded reputation
can play a greater role than before. For example, a reputation could be based on transactions

- 330 -
that commentators comment on transparently, while the assessors can also be viewed
transparently again.

A digital property or an entity with no possibility or need for smart contracts, on the other
hand, could be done with a simpler version of an SSI. A simpler version of an SSI is a digital
certificate with KYC data such as "date of origin" or "characteristics" attached to it. This could
be linked to a token that again belongs to an owner. More about tokens in chapter 10. For now
it is important to understand that these identities will play a role in enabling a sharing economy
and exchanging the promises of the Internet of Things.

12.4.3 Power to the individual or to the institutions?


Much of this blockchain and internet technology is slowly shifting. So you will probably still
have a browser and a search engine on your phone, but especially a phone with a few
integrated super dApps in which you socialize, shop, search for information and listen to
music.141 Or a dApp with which you can keep your identity papers with the government and
arrange your taxes, salary, pension and school papers. You no longer have to log in every time
for a new site to enter a secure environment. Your internet application will do this for you
automatically the moment you open your dApp. In this way, the power shifts from the settings
to the user.

12.5 Hoe How identity management works on a blockchain in practice


An identity management solution is a shared theme within different blockchain applications. To
achieve identity management, the Verifiable Credentials Data Model of the World Wide Web
consortium is important:
1. Someone or something makes an identity claim, for example “I am a person over the
age of 18”.142
2. There is evidence that verifies this claim, such as an extract from a person's birth
register including Social Security number, created and signed by a central government.
3. There is a statement from a third party that endorses this claim, such as a bank asking if
a particular person is over the age of 18.

141 Social media companies are constantly looking for an opportunity to serve customers as much as possible
within one app, to collect and monetize more data from the customer.
142 Bundles of multiple claims can be made at the same time.
- 331 -
To capture the claim, evidence and statement for a person on the blockchain and establish an
SSI, the process below is used.

First of all, people or parties must have an agent to record and communicate the claims,
evidence and statements. For people, such an agent is often an app on a mobile phone or
computer, which can be used to approach an identity wallet (van Deventer & Joosten, n.d.). For
example, the Swedish communications company Telia uses an ID app in the Lantmäteriet
example in Chapter 16, which allows people to access an identity wallet on their phone. The
Swiss municipality of Zug uses the uPort app (Zug Stadt, n.d.) for this. For example, for a
company, an agent can be a web application.

A person can now create an identity wallet via an app in which different types of data are
recorded. In the example of Zug, you must first register your phone and yourself within the
municipality of Zug by submitting an identity document. Once registration is complete, the
phone's ID number on Ethereum will be tied to a public Ethereum address. Your ID is only
stored on your phone. Now you can use services with the digital identity on your app where
you normally would have to physically provide your proof of identity.

In the example of Lantmäteriet's Telia app, your Swedish citizen service number is recorded on
the blockchain. With this app you can now start the purchase procedure of land within the
Swedish system, contracts and the like of the different agents are kept within the app, the
participating parties can invite each other and view the necessary documents.

In the following we describe a methodology based on the work of the World Wide Web
Consortium discussed in chapter 11.

12.5.1 Method to record identity on the blockchain


The idea is that an identity wallet contains multiple claims that are attested and can be sent to
those who request you to prove such a claim. For example, the claim that you are over the age
of 18, the claim that you have curly hair, or the claim that your digital passport is a digital
representative of you. For this you create a public address with public key and private key for
each claim. This address is considered a decentralized identifier (DID). The identity wallet
manages the different addresses. You can create this DID without the intervention of a central
authority. After all, you create the address directly on the blockchain. The app to create such a
wallet and the data you capture for it can only be on your own computer or mobile device.
- 332 -
Suppose you have to prove the claim that you are over 18 to a bank. In this case, you request
the government, for example via the Telia app, to place a claim on the blockchain stating that
you are over the age of 18. The government technically fills your DID document (DDO) in. This
DDO includes the claim(s) containing the public keys of both yourself and the government, the
type of agent, the way the agent is used, and thus actually identifies the owner of the DID.

The government can see in the DDO via which app, telephone and DID the request is made. For
example, the government already knows that the municipality of Zug has previously certified a
certain identity document to approve access to the app, and a DID. Based on this, the
government can make the claim that you are older than 18 in a separate DDO or add it to a
DDO with several other claims.

Suppose the government makes a separate claim for your DID. For this, the government sends
its own DID plus the claim, signs it with its own private key and encrypts all this with the public
key of the applicant. The applicant can now open the claim using his own private key.

Figure 116: The comparison between Public Key Infrastructure and Decentralized PKI (Gisolfi, 2018).

- 333 -
The applicant can share a claim with someone on the blockchain by bundling a DID in a
transaction, signing it with its own private key and encrypting it with the other party's public
key. In this case, the claim would therefore be sent to the bank.

The information that is now on the blockchain does not need to be more than that the claim
made is correct. The claim itself can be on the phone, off-chain, while a hash of the claim is on-
chain shared on the blockchain. Also, the digital ID is only on the phone, off-chain, and it is
publicly unclear who is behind the DID. No further personally identifiable information needs to
be recorded on the blockchain. If no personal information has been disclosed, no personal
information can be deleted. This is in accordance with the wishes of the GDPR.

The bank can then start the procedure to investigate financing for the purchase of land.

A personal identity data management system (PIMS) is an instrument for managing your own
digital data. Via the PIMS on the blockchain, it is conceivable that a user can manage his own
data in detail in a user-friendly manner. He may also have the option to withdraw data
authorizations that have been granted. This also supports the GDPR.

It is also possible within the eIDAS agreement to use eSignature to sign digital transactions.143

12.5.2 SSI and the opportunities for the Internet of Things


Not only people benefit from sharing a database with others. The SSI can also be used to create
a device identity. The sensors of that device then provide information about its use and the
condition under which it was used. It can also provide information on how it was insured, when
it was repaired and who replaced which spare parts. This can be useful if, for example, you buy
a new or second-hand machine from a supplier you do not know, or if you have a smart
refrigerator that acts as your agent using its own identity and constantly searches the internet
for the best price for electricity. In the long term, it could even be possible that you as an
individual invest in a DAO that has its own SSI with which contracts are entered into, profits are
generated and subsequently investments can be made on behalf of the DAO SSI.

Each device will be able to record a transaction on the blockchain using its own identity. This
allows the device to irrefutably demonstrate what information it has sent via sensors, for

143 You can read more about eIDAS in section 16.2.


- 334 -
example. In this way, blockchain supports the growth of an Internet of Things. The Internet of
Value is also helped with this, because blockchain registers transactions and assets.

- 335 -
Intermezzo: uPort
The uPort mobile identity wallet is based on Ethereum.

With this app you can:


1. Securely login to applications without passwords.
2. Check personal information and verifications.
3. View and digitally sign Ethereum transactions.

With the wallet you are connected to the uPort platform, a network of different dApps for
the decentralized web. uPort itself communicates with open protocols to achieve all web
communication. This communication takes place without centralized servers.

Figure 117: uPort logo.

As a demonstration, you can see at https://uportlandia.uport.me/ how, in principle, you can


request a diploma with municipal personal data that you can use at an employer and which
you can share again to take out insurance. It thus offers the possibility to log into networks
that, unlike tech companies at the moment, give you the opportunity to enter into legal
contracts and to choose when you share which data.

In addition to uPort, examples of Sovrin have also been cited. Both organizations, together
with Microsoft, IBM, Hyperledger, R3, Mastercard, NEO and Blockstack, are members of the
Decentralized Identity Foundation. The Foundation can be found at
https://identity.foundation/.

- 336 -
12.6 Summary, terms and sources
Summary
The Internet was developed without a standard regarding how people and organizations are
identified online. As a result, websites and online service providers have developed
identification systems with usernames and passwords that are kept within their databases. This
creates barriers to the use and security of applications and prevents you from having full access
to your digital data.

The digital representation of your identity, the digital identity, is at stake as an instrument to
gain access to both government services and commercial and other services.

In order to overcome the different barriers, the individual needs to gain direct and complete
control over the different authorities that exist digitally. This evolution of control shifts from a
centralized identity via a federated and user-centric identity to a Self-Sovereign Identity. Within
the Self-Sovereign Identity, the identity data is secure, the user controls who has access to the
data and the user is able to use this data anytime and anywhere.

Blockchain can support the evolution towards a Self-Sovereign Identity by means of a


decentralized encrypted data structure. The question is who will create and maintain the
account in the future, the user or an institution.

The chapter mentions a method for practically establishing identity on the blockchain. This
focuses on an identity claim, proof that the claim is correct, and a statement that endorses this
claim. The claim is created as a public address without a central authority and placed on the
blockchain. Another agency can endorse the claim on which the claim can be shared with the
party seeking this information.

Comments you can now explain


• Without SSI no Internet of Value.
• Potentially, SSI on blockchain is shifting power to the user, but this is not guaranteed to lead
to a more decentralized internet.
• Each token requires at least a digital certificate, but this is not yet an SSI.
• Every person needs an SSI, every entity that signs smart contracts will need the same.
• Without SSI it becomes difficult to develop a Web 3.0 as internet of value.

- 337 -
Glossary of Terms
Agent: Someone or something to record and communicate the claims, evidence and
statements. In light of digital identity, this is often an app, mobile phone or computer that can
be used to access an identity wallet.

Algemene verordening gegevensbescherming (AVG): Data protection and privacy legislation


based on the EU GDPR. Also see GDPR.

Anti-Money Laundering (AML): Anti-money laundering legislation, co-designed to combat


terrorist financing. Also see Wwft.

Attribute-based credentials: An authentication mechanism that reveals only a specific attribute


of an entity. For example, a third person or organization can only confirm the necessary
references without sharing other data. For example, the municipality confirms that you are
over the age of 18 or older, without seeing your other personal data.

Evidence: Something that proves a claim. For example, this could be a document signed by a
government.

Certificate Authorities (CA): Within PKI, certificate authorities specialize in issuing, storing and
signing digital certificates that help entities prove who they are.

Customer Due Diligence (CDD): Procedure in which institutions must collect mandatory
information about a new customer before they can provide services to that customer. This
involves verifying the customer's identity and sometimes also evaluating the customer's risk
profile. Customer Due Diligence is part of KYC.

Centralized identity: Digital identity where one organization is the owner. This currently
concerns the majority of all online identities. Examples of centralized identity are websites, for
which you have to create a separate identifier (username) and credential (password) per
Service Provider.

Decentralized identity: A digital identity that is recorded and managed in a decentralized


manner.

Decentralized identifier (DID): Data registered on a Distributed Ledger Technology or


blockchain that can identify a person. A decentralized identifier is a URL that links the person to
a DID document.

Decentralized Identifier Document (DDO): Digital document with verifiable claims about your
identity, including the public keys of both yourself and those who can endorse the claims.

- 338 -
Digital identity: Identity within the digital domain to which digital data of something or someone
can be linked.

Portability: In light of digital identity, this is the extent to which the identity can be taken along
and used by other Service Providers. For example, one portable identity with one unique
combination of username and password can be used with, for example, my.Saxion, Blackboard
and your Saxion email.

eIDAS: EU directive on how to use digital signatures as legally binding signatures within the EU.

e-Signatures: Digital signatures with legally binding consequences.

Federated identity: Digital identity where the administrative control lies with a federation of
authorities.

Financial Action Task Force (FATF): Intergovernmental organization set up within the G7 to
combat money laundering and terrorist financing.

General Data Protection Regulation (GDPR): EU data protection and privacy legislation from
2016 that has been translated in the Netherlands into the Algemene verordening
gegevensbescherming (AVG).

Identity claim: A claim about an identity. For example, "I am over the age of 18".

Know Your Customer (KYC): Procedure in which institutions must collect mandatory
information about a new customer before they can provide services to that customer. CDD falls
under KYC.

Multi-party computation (MPC): Cryptographic technique that allows parties who collaborate
on data to perform calculations together on the blockchain without revealing their own input to
each other. For example, a group of parties can calculate the average salary between them
without the parties revealing each other's salaries.

Personal identity data management system (PIMS): System to manage your own digital data in
detail.

Personal Identifiable Information (PII): Information that can identify a person. Consider, for
example, a name, social security number and email address.

Proof-of-Existence (PoE): Prove that a digital representation such as an SSI corresponds to


reality.

Self-Sovereign Identity (SSI): A portable digital identity where the user fully owns and controls
the underlying data.
- 339 -
Unbanked: People who do not have access to the services of financial institutions.

User-centric identity: Digital identity where the Service Provider is not central to the identity
process, but the user. It mainly revolves around the following two elements: consent and
interoperability. A user can decide for himself which personal data he wants to share and with
which Service Provider. However, the data is kept with a central body that provides online
access. This also means that this body that takes care of the registrations can decline the
identity at any time.

Verifiable Credentials Data Model: Standard established by W3C to support online references
in a secure, discreet and verifiable manner.

Wet ter voorkoming van witwassen en financieren van terrorisme (Wwft): Dutch anti-money
laundering legislation that was introduced as a result of the introduction of the European
AMLD4 money laundering directive in 2018 and the AMLD5 in 2020. The AML in these laws
stands for the English term of anti-money laundering legislation, Anti-Money Laundering.

Sources
Allen, C. (2016, April 26). The Path to Self-Sovereign Identity. Consulted on December 20, 2019,
from Lifewithalacrity.com website: http://www.lifewithalacrity.com/2016/04/the-path-
to-self-soverereign-identity.html

Almasi, P. P. (2019, February 7). The Identity Revolution — Self Sovereign Powered by
Blockchain. Consulted on December 23, 2019, from Medium website:
https://blog.goodaudience.com/how-blockchain-could-become-the-onramp-towards-
self-sovereign-identity-dd234a0ea2a3

Bitonic. (2019, November 1). Vanaf 10 januari verplichte identiteitscontrole. Consulted on


December 23, 2019, from Bitonic website: https://bitonic.nl/news/197/vanaf-10-januari-
verplichte-identiteitscontrole

Callahan, J. (2018, 10 July). Know Your Customer (KYC) Will Be A Great Thing When It Works.
Forbes. Consulted on December 20, 2019, from Forbes website:
https://www.forbes.com/sites/forbestechcouncil/2018/07/10/know-your-customer-kyc-
will-be-a-great-thing-when-it-works/

van Deventer, O. (2019, May). Self-Sovereign Identity - the good, the bad and the ugly.
Consulted on 23 December 2019, from TNO website: https://blockchain.tno.nl/blog/self-
sovereign-identity-the-good-the-bad-and-the-ugly/

- 340 -
English, S., & Hammond, S. (2017). Cost of Compliance 2018. Consulted from
https://legal.thomsonreuters.com/content/dam/ewp-
m/documents/legal/en/pdf/reports/cost-of-compliance-special-report-2018.pdf

Gisolfi, D. (2019, June 13). Self-sovereign identity: Why blockchain? Consulted on July 19, 2019,
from IBM website: https://www.ibm.com/blogs/blockchain/2018/06/self-sovereign-
identity-why-blockchain/

Johnson, A. (2019, April 3). Is Privacy Under Threat From All The Know-Your-Customer
Documents Stored With Countless Services? Consulted on December 20, 2019, from
Forbes website: https://www.forbes.com/sites/alastairjohnson/2019/04/03/is-privacy-
under-threat-from-all-the-know-your-customer-documents-stored-with-countless-
services

Goossens, J., & Verslype, K. (2019). Blockchain en smart contracts. Het einde van de vertrouwde
tussenpersoon? Brussels, Belgium: Editions Larcier.

Josang, A., & Pope, S. (2005). User Centric Identity Management. Article presented by CRC for
Enterprise Distributed Systems Technology. The University of Queensland.

Lundkvist, C., Heck, R., Torstensson, J., Mitton, Z., & Sena, M. (2016). Uport: A Platform for Self-
Sovereign Identity. Consulted from
http://blockchainlab.com/pdf/uPort_whitepaper_DRAFT20161020.pdf

Nyst, C., Pannifer, S., Whitley, E., & Makin, P. (2016). Digital Identity: Issue Analysis. Consulted
from https://www.chyp.com/wp-content/uploads/2016/07/PRJ.1578-Digital-Identity-
Issue-Analysis-Report-v1_6-1.pdf

Thomson Reuters. (2016, May 9). Thomson Reuters 2016 Know Your Customer Surveys reveal
escalating Costs and Complexity. Consulted on December 23, 2019, from Thomson
Reuters website: https://www.thomsonreuters.com/en/press-
releases/2016/may/thomson-reuters-2016-know-your-customer-surveys.html

Third, A., Quick, K., Bachler, M., & John, P. (2018). Government services and digital identity.
Consulted from https://www.eublockchainforum.eu/sites/default/files/research-
paper/20180801_government_services_and_digital_identity.pdf

Tobin, A., & Reed, D. (2016). The Inevitable Rise of Self-Sovereign Identity A white paper from
the Sovrin Foundation [white paper]. Consulted from https://sovrin.org/wp-
content/uploads/2017/07/The-Inevitable-Rise-of-Self-Sovereign-Identity.pdf

United Nations. (2017). Universal Declaration of Human Rights. Consulted on 23 December


2019, from Amnesty International website:

- 341 -
https://www.amnesty.nl/encyclopedie/universele-laring-van-de-rechten-van-de-mens-
uvrm-volledige-tekst

W3C. (2019, March 26). Verifiable Credentials Data Model 1.0. Consulted on December 23,
2019, from Github.io website: https://w3c.github.io/vc-data-model/CR/2019-03-26/

W3C. (2019, December 9). Decentralized Identifiers (DIDs) v1.0. Consulted December 23, 2019,
from W3.org website: https://www.w3.org/TR/did-core/#dfn-service-endpoints

World Bank Group. (2017). The Global Findex Database 2017. Accessed December 20, 2019,
from Worldbank.org website: https://globalfindex.worldbank.org/

Zug Stadt. (n.d.). Register digital ID. Consulted on 20 December 2019, from Zug Stadt website:
https://www.stadtzug.ch/digitaleid/5295

Icons
Service provider, Bob and security shield created by Prettycons from www.flaticon.com

- 342 -
- 343 -
PART II: THE BACKGROUND AND THOUGHTS
FROM WHICH BLOCKCHAIN ARISED
With the previous knowledge of blockchain from part I, it is time to provide insight into the
bigger thoughts behind blockchain.

In recent years, more and more people have become involved in blockchain projects. This has
removed many newcomers from the initial appeal that blockchain had on early adopters.
Certainly in the early years, before a hype arose around cryptocurrency, blockchain was seen as
an economic and political instrument that would free the individual from government
interference through cryptographic technology. In the blockchain community, blockchain was
often mentioned in the same breath with revolution, financial freedom, privacy, transparency,
and so on.

An important economic movement that has had a lot of influence on the blockchain world is
the Austrian School of Economics. People who follow this movement want as little government
interference as possible in the economy and want to lift government monopolies on money
production. They adhere to a political ideology called libertarianism. Libertarians want the
smallest possible government. This group also includes the cryptoanarchists and the
cypherpunks who have developed technologies that use the Bitcoin blockchain.

This part consists of two chapters. In Chapter 13 we discuss Bitcoin and the financial system.
Here the different economic movements and disagreements of Satoshi Nakamoto with the
current system are discussed. A link is also being made between the Austrian School of
Economics and the Bitcoin blockchain.

In Chapter 14 we discuss the philosophical background from which the Bitcoin blockchain
originated. For this we look at the main people, cryptoanarchists and cypherpunks, who have
developed technologies that the Bitcoin blockchain has used. We also discuss the ideals of
cryptoanarchists and cypherpunks in order to draw a connection between these ideals and the
properties of the Bitcoin blockchain.

- 344 -
- 345 -
13. Bitcoin and the financial system

“The public at large have learned to understand, and I am afraid a whole


generation of economists have been teaching, that government has the power
in the short run by increasing the quantity of money rapidly to relieve all kinds
of economic evils, especially to reduce unemployment. Unfortunately, this is true
so far as the short run is concerned. The fact is, that such expansions of the
quantity of money which seems to have a short run beneficial effect, become in
the long run the cause of a much greater unemployment. But what politician
can possibly care about long run effects if in the short run he buys support?”
- Friedrich Hayek (1977)

“The logical conclusion to be drawn from these facts would have been to do
away with privileged banks altogether and to subject all banks to the rule of
common law and the commercial codes that oblige everybody to perform
contracts in full faithfulness to the pledged word. Free banking would have
spared the world many crises and catastrophes.”
- Ludwig von Mises (1912)

13.1 Introduction and learning objectives


In this chapter you will learn
• What the main economic trends are at the moment.
• That the Austrian School of Economics has had a major impact on the Bitcoin blockchain.
• What the main ideas of the Austrian School regarding their financial theories are.
• What central banking and fractional reserve banking are.
• How Bitcoin fits in well with the idea of as little government interference as possible.
• How Bitcoin is trying to disrupt the monopoly on central bank money production and
introduce free banking.

- 346 -
Introduction
In this chapter, we discuss Satoshi Nakamoto's disagreements with the financial system. It is
from these disputes that the need for Bitcoin arose.

This chapter starts with a global overview of the main economic trends. Then, in section 13.3,
we discuss the influence of the Austrian School of Economics on the Bitcoin blockchain. Then, in
Section 13.4, we will discuss central banking and fractional reserve banking, two concepts of
the current financial system that Satoshi Nakamoto disagreed with. Then, in section 13.5, we
compare the ideas of the Austrian School against Bitcoin and see how Bitcoin fits with the
Austrian current. The chapter concludes in 13.6 with a summary and a list of important terms
and sources.

13.2 Global overview of economic trends


The movement that has been most influential in the creation of blockchain is the Austrian
School of Economics. This is also endorsed by the European Central Bank in "Virtual Currency
Schemes" (2012). In the article, the ECB says that the theoretical foundations of Bitcoin lie in
the Austrian School of Economics and its criticism of the current fiat money system. (p. 22)

Before discussing Satoshi Nakamoto's disagreements with the current financial system, let's
give a global overview of the major economic directions. From here we can find out the
intellectual movements that affect blockchain. The four main economic directions at the
moment are:
1. Marxism.
2. Keynesianism.
3. The Austrian School of Economics.
4. Monetarism.

For the historical perspective in which we discuss the Austrian School of Economics and its
influence on the Bitcoin blockchain, it is useful to keep the following scheme in mind. The
scheme is also useful for the next chapter. We discuss the philosophical influences on the
Bitcoin blockchain and discuss libertarianism and cryptoanarchism.

- 347 -
Austrian
Marxism Keynesianism School of Monetarism
Economics

Carl Menger –
Karl Marx – John Maynard The Fundamentals Chicago School of
The capital Keynes – of the Economy Economics and
(1867) The General Theory (1871) Milton Friedman
(1936) (libertarian
Value comes Value is subjective. minarchist)
from labour More government Government should
spending, lower not interfere with Government
interest rates, more the economy. Leave should not
loans and more money production interfere with the
consumption to to the free market. economy. A
stimulate the Central banks are central bank does
economy the cause of have to regulate
economic crises the money supply

Ludwig von
Mises

Murray Rothbard Friedrich Hayek David Friedman


(libertarian (libertarian (libertarian
anarchist)– anarchist)– anarchist)–
The Ethics of Denationalization of Machinery of
Liberty (1982) Money (1976) Freedom (1973)

Cryptoanarchism and
Cypherpunk

Figure 118: Overview of the main economic currents and their influences on the Bitcoin blockchain.

- 348 -
13.3 Austrian School of Economics
The Austrian School of Economics was created with the work of Carl Menger in 1871, called the
Fundamentals of Economics. In this work Menger explains the subjective theory of value and
the theory of marginal utility. These two theories go against the then popular labour theory of
value of, for example, Adam Smith, David Ricardo and Karl Marx. Marx thought that the value
of a good came from the labour used to produce it. Menger, on the other hand, believed that
value depended on the usefulness of a good in meeting the needs of a person who valued the
good. In other words, the value of a good depends entirely on the value judgments of
individuals. Menger's subjective value theory is not only in contrast with the labour value
theory, but also with the intrinsic value theory. According to Menger, there is therefore no
objectively correct value of a good.144

Menger's theory of marginal utility is explained as follows. People have different needs that
they rank in importance. The main needs of people are normally the needs on which their lives
depend. When people have to choose which personal needs they want to fulfil first, they
always want to fulfil the needs that are more important. If you are in a desert and are thirsty,
you will use the first gallons of water to drink to keep you alive. You use the other litres of
water for needs that are less necessary. This is an example where the marginal utility of water is
decreasing.145

144 Also look at Jim Cox's The Concise Guide To Economics (2007) for an explanation of the labour theory of value
and how it contrasts with subjective theory of value. Whether or not a good can have intrinsic value is still a
discussion in the blockchain world to this day: does Bitcoin have intrinsic value or not? One argument that appeals
to the labour theory of value regarding Bitcoin's value is that the value depends on the work put into mining the
new coins.
145 The theory of marginal utility has led to the marginal revolution in economic theories. It helps us to explain why
a diamond is more expensive than water, but when your life depends on the bit of water you have, you consider
the water more valuable than the diamond.
- 349 -
The Austrian School of Economics is called that
because the leading economists who followed
Menger's theories came from Austria. The
name was also used to indicate the contrast
with the German Historical School, which was
already popular at the end of the 19th
Figure 119: From left to right, these are Ludwig von Mises, century.146 Famous economists who worked in
Friedrich Hayek and Murray Rothbard. All three worked in the the Menger tradition were mainly Austrians
tradition of the Austrian School.
such as Eugen Böhm von Bawerk 147, Friedrich
von Wieser148, Ludwig von Mises and Friedrich
Hayek. Of the 20th century Austrians Ludwig von Mises and Friedrich Hayek were the best
known. Ludwig von Mises was the older of the two and had a great influence on Friedrich
Hayek and Murray Rothbard. Hayek won the Nobel Prize in economic sciences in 1974 for his
work in the theory of money and business waves. Rothbard, in turn, has been very influential
on the modern libertarian movement and is seen as the father of libertarian anarchism. What
libertarianism and libertarian anarchism entail, and how they relate to the Bitcoin blockchain is
described in the next chapter.

13.4 Austrian criticism of the financial system


The Austrian School was involved in cyclical waves, among other things. According to the
Austrian theory, economic waves are the result of monetary interventions in the market, in
which an excessive expansion of bank credit leads to an increase in the money supply.
The process of creating money by commercial banks is called fractional reserve banking. In
addition, according to the Austrians, central banks also influence business cycles by keeping
interest rates artificially low.

146 The two schools got into a heated intellectual battle over how economics should be conducted. Today, the
German Historical School no longer plays a significant role in economic theories.
147 Eugen Böhm von Bawerk has become known for his criticism of Marxism and his role as Minister of Finance in
Austria-Hungary. He criticized Marx's operating theory, arguing that capitalists do not exploit their workers, but
rather help them by providing them with an income before generating any income for the capitalists.
148. Friedrich von Wieser has become known for his theory of alternative costs, also known as opportunity costs.
- 350 -
Satoshi Nakamoto (2009) seems to support this theory. He is writes:

“The root problem with conventional currency is all the trust


that’s required to make it work. The central bank must be
trusted not to debase the currency, but the history of fiat
currencies is full of breaches of that trust. Banks must be
trusted to hold our money and transfer it electronically, but
they lend it out in waves of credit bubbles with barely a fraction
in reserve.”149

According to Satoshi Nakamoto, the main problem of the current financial system is that people
need to have confidence that central banks do not devalue money due to low interest rates and
that banks have enough cash money and do not grant too much credit with only a fraction of
our money in reserve. If banks create too much credit from fractional reserve banking, it can
lead to credit bubbles.

Based on Satoshi Nakamoto's above disagreements with the financial system, we can split the
problem into the following two sub-issues that we explain in more detail:
1. Central banking.
2. Fractional reserve banking.

We explain both concepts by looking at how new money comes into circulation.

13.4.1 How new money comes into circulation


In 1928 Ludwig von Mises published "Monetary Stabilization and Cyclical Policy" in which he
describes how governments and central banks contribute to economic booms and busts
through their monetary policy. Before 1914, the monetary system was still based on the gold
standard. This standard limited the growth in the money supply, because a growth in the
money had to correspond to the gold reserve that had to be kept. Since gold is a scarce
commodity and cannot be mined out of the blue, a gold standard ensures that not too much
money can be created. Governments and central banks are therefore limited in their monetary

149 The full message was posted by Satoshi Nakamoto on February 11, 2009 on the P2P foundation forum. You can
find the message, "Bitcoin open source implementation or P2P currency"
here:http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source.
- 351 -
policy by a gold standard. Since we have completely moved away from the gold standard, there
is no longer a limit for governments and central banks to create new money.150

Central banking
The main purpose of a central bank is to maintain price stability (ECB, 2019). In addition,
monetary policy is also used to combat economic recessions and unemployment. The main
tools used by the central bank are to regulate interest rates and to set minimum reserves for
banks. Banks should hold reserves in their accounts with the European Central Bank (ECB). The
ECB determines how high these minimum reserves should be. For example, for every €100 of a
customer's deposits, a bank holds €2 as a cash reserve with the ECB. The bank lends the
remaining €98. The ECB can increase or decrease total credit by increasing or decreasing the
minimum reserves.

In addition, the ECB can determine interest rates by buying up government bonds and other
open market securities. In the European Monetary Union, this process works as follows. A
government sells a government bond to the banking system, for which they get money back. A
government bond is a government loan with interest on it. 151 This interest is transferred to the
bank that bought the bond. The bank may subsequently deposit the bond as collateral with the
ECB in exchange for loans. This makes that the bank has more liquid assets again. The interest
that the bank pays on the loans to the ECB is again distributed to the government as profit. The
gains that a government makes on money production is also called seigniorage. In the following
picture you will find a schematic representation of the process of central banking.

150 Many countries dropped gold standards during the Great Depression of the 1930s into the 20th century. At the
end of World War II, in 1944, the Bretton Woods system was established. According to the system, the US Dollar
was pegged to gold and a fixed exchange rate with the dollar was set for other currencies. There was indirectly a
reintroduction of the gold standard. John Maynard Keynes has been one of the foremost architects of the Bretton
Woods system. When more countries began converting their dollar reserves to gold in the early 1970s, partly
because the United States had raised the money press to fund expensive government projects such as the Vietnam
War, the United States had released the peg between the US dollar and gold in 1973 under President Nixon.
151 In mid-December 2019, the interest on Dutch 10-year government bonds is approximately -0.18%. For the
current rate, see https://www.iex.nl/Rente-Koers/190118356/Nederland-10-jaar.aspx.
- 352 -
Interest Interest

Bonds European
Bonds Banking
Government Central
system Bank
Money Reserves

Profit

Afbeelding 120: Geldcreatie door het opkopen van staatsobligaties.

This is also called quantitative easing of money and it leads to an increase in the total money
supply.152 The money supply can also grow through a process called fractional reserve banking.

Fractional reserve banking


In fractional reserve banking, commercial banks hold only part of the money entrusted to them
in readily available form. The vast majority they lend. The ECB determines the percentage that
banks must hold as a reserve. If we assume in our example that this percentage is 2%, the bank
of €100 entrusted to them can lend €98 in credit. When the €98 returns to the banking system,
2% of this is again kept in reserve and €96.04 can be lent. When that money comes back into
the banking system, 2% is again held in reserve and the banking system lends out €94.12. If this
process continues to repeat, €100 in circulation, approximately €100 x (100/2%) = €5,000, may
be in circulation. This is mainly money created as credit.

152 The ways in which central banks operate may differ between countries. In this book we give as an example how
the European Central Bank works.
- 353 -
The following table provides a more detailed elaboration of the calculation.

Deposit number Amount Loaned Reserves

deposited

1 €100,00 €98.00 €2,00

2 98,00 96,04 1,96

3 96,04 94.12 1,92

4 94,12 92,24 1,88

5 92,24 90,40 1,84

… … … …

291 0,26 0,25 0,01

Total: €4985,93 €4885,93 €99,75


Table 6: Calculation of the amount of money in circulation when a reserve of 2% is maintained in fractional reserve banking.

The consequence of fractional reserve banking is that the amount of credit in relation to the
reserves is considerably larger.

Ludwig von Mises wrote in The Theory of Money and Credit (1912) about the following four
consequences of fractional reserve banking:
1. It can lead to higher inflation, the rise of the general price level in an economy.153
2. It can lead to a redistribution of wealth.154
3. It can lead to panic in the banking system.
4. It can lead to economic cycles.

153 Inflation literally means blowing up. Monetary inflation means blowing up the money supply.
154 When more money comes into circulation, the money is not evenly distributed across the economy. As a result,
prices between the different goods rise disproportionately. This is also known as the Cantillon effect, named after
the 18th-century Irish-French economist Richard Cantillon. Friedrich Hayek describes it as a process of putting
honey in a cup. The honey will first clump in the centre of the cup before spreading. According to the Austrians,
this leads to a redistribution of wealth, whereby the people who first get their hands on the newly produced
money can spend the money at full value. Inflation has already devalued money before it ends up in the hands of
the rest of society. For this reason, inflation is also known as a tax on future purchasing power. It redistributes
wealth by shifting the future purchasing power of people who receive the money later to people who receive the
money earlier. Because few people are aware of this consequence of inflation, inflation is also known as a secret
tax. Given that under the current financial system, the government is one of the first to receive the money under
the current financial system, inflation is an important means for the government to finance itself, in addition to
taxation.
- 354 -
Major reasons for quantitative easing
The main effects of quantitative easing are:
1. Lower interest rates, because an expansion of the money supply lowers the price of
short-term money. The price of financial resources as money is also subject to supply
and demand. Higher demand for money, while supply remains the same, would lead to
higher interest rates. An equal demand for money, while supply increases, leads to
lower interest rates. You can see the interest as the cost of borrowing money.
2. More loans, because the lower interest rates make it more attractive for consumers and
companies to take out new loans.
3. More spending, because the lower interest rates make it less attractive to leave money
in a savings account.
4. Less unemployment, because the loans give companies more capital. In addition, they
can achieve more sales through increased consumer spending. All this stimulates
companies to hire more employees.
5. More confidence in the economy, as it is driven by more investment and more
spending.
6. This can lead to more inflation in the longer term. If the Central Bank considers inflation
to be too low, quantitative easing of money is an attractive means of raising inflation.
The European Central Bank is trying to keep inflation close to 2% in the medium term
(ECB, 2019).

John Maynard Keynes was a strong advocate of quantitative easing in times of economic crises.
In addition, he wanted more government spending and lower taxes to boost an economy from
a recession.

13.4.2 The Austrians on central banking and fractional reserve banking


The Austrian School is strongly opposed to a centrally planned money system and is therefore
strongly opposed to monetary and fiscal policies to influence the economy. The Austrians
believe that quantitative easing of money does indeed lead to economic prosperity in the short
term, but point out that artificially low interest rates also lead to investment in projects that
would not be profitable in a free market. According to the Austrian School, the economy is

- 355 -
therefore flooded with mal investments and a higher mountain of debt due to the low interest
rates. This situation can eventually lead to an economic bubble.155

Philipp Bagus encourages us to imagine the following in The Tragedy of the Euro (2012).
Imagine that you have the power of the ECB to be the only person who can produce money.
Wouldn't you try to convince people that money production is important for their own good?
Wouldn't you also hire economists to support your corresponding monetary theories? Wouldn't
you say you are so indispensable that without you the economy will collapse? (pp. 73-75) The
important questions that Bagus implicitly poses here are whether this system is not maintained
for self-interest by a financial elite and whether there is no better alternative.

Free banking as an alternative to monopoly on money production


As an alternative to the current money system, Friedrich Hayek wanted to disrupt the
monopoly on money production. In 1976 Hayek published an essay entitled "Choice in
Currency", which received quite a lot of criticism. In this essay, Hayek argued for free market
competition in the money-making industry. He wrote that we should abolish the exclusive right
for institutions to produce money and the exclusive right for governments to force people to
accept the money.156 The idea behind the privatization of money production is that there is
more competition among the different currencies and that private money producers are
stimulated to produce good money. The exchange rates between the different currencies
would be variable. This is money that people, from their own freedom of choice, choose to use.

155 The Austrians believe that the financial crisis of 2007-2008 stems from the low interest rates that the US Central
Bank, the Federal Reserve, implemented in 2001. After the dot.com bubble burst in 2000-2001, the Federal
Reserve attempted averting a financial crisis by cutting interest rates from over 6% in 2001 to 1% in 2003-2004.
The consequence, according to the Austrians, is that the cheaply released money was mainly used by people to
invest in the housing market. This created a housing bubble that eventually triggered a financial crisis in 2007-
2008, when the bubble burst. For more detailed information on how the 2007-2008 financial crisis came about
from the Austrian perspective, see Meltdown (2009) by Thomas Woods.
156 Friedrich Hayek (1976) wrote the following:

“The best the state can do with respect to money is to provide a framework of
legal rules within which the people can develop the monetary institutions that
best suit them… if we could prevent governments from meddling with money,
we would do better than any government has ever done in this regard. And
private enterprise would probably have done better than the best they have
ever done.” (p. 22)
- 356 -
In The Denationalization of Money (1976), Hayek assumes that competition leads to the
adoption of means of payment with the greatest stability in value. According to Hayek, it is
likely that the stable means of payment are linked to a basket of raw materials. A system in
which banking is completely left to the free market is also referred to as free banking. Under
the free banking system, interest rates are not determined by a central bank or government,
but by a natural demand for and supply of available money.

In addition to the argument that free banking would lead to a more stable currency, the
following arguments are also put forward by proponents:
1. Citizens have freedom of choice, because there are no legally required means of
payment.
2. Citizens have the freedom to establish financial institutions without permits.
3. Citizens have the freedom to offer financial services.
4. Citizens have the freedom to produce means of payment themselves and to issue their
own currencies. (RatioVincit.nl, n.d.)

Among Austrians, there is no unanimity whether fractional reserve banking should be allowed
under free banking. Austrians like Friedrich Hayek, George Salin and Michael Rozeff believe that
it should be allowed under free banking. Others, such as Murray Rothbard, Hans Hermann
Hoppe and Walter Block, are opponents of fractional reserve banking. They see it as a form of
financial fraud and are an advocate of full reserve banking. In case of full reserve banking, a
bank must maintain 100% reserve.

- 357 -
Intermezzo: Quantitative easing in 7 pictures
The ECB has explained in 7 pictures how quantitative easing works. These are as follows.

- 358 -
13.5 Bitcoin and the Austrians
Satoshi Nakamoto's disagreements with central banking and fractional reserve banking fit well
with the Austrians' criticisms of the current financial system. Below is a table comparing the
Austrian School's ideas regarding the financial system against the properties of Bitcoin.

Austrian School of Economics Bitcoin


1. Money is not an invention of Bitcoin originated in the free market.
the state.
2. People should be free to issue In addition to Bitcoin, people can issue their own
their own means of payment cryptocurrencies. The decentralized nature of
without permits. blockchain makes cryptocurrencies difficult to regulate.
3. Money production should also Bitcoin breaks the government monopoly on money
be subject to free market production. Bitcoin is again introducing free banking
competition. and is an alternative to national currency.
4. Central bank must be closed. The best way to fight national currencies is to provide
an alternative that can compete. Bitcoin has the
ambition to become the new money system.
5. Citizens have freedom of The Bitcoin community does not force you to use
choice. Bitcoin. Participating in Bitcoin is entirely voluntary.
6. Low inflation is good and leads Inflation for Bitcoin is pre-programmed in the protocol.
to more price stability. There is a halving of inflation every four years. The first
four years of Bitcoin, a miner who created a valid block
still received 50 BTC. Four years later, that was cut in
half to 25 BTC. After that, it halved to 12.5 BTC. The
previous halving took place in May 2020.
Table 7: The monetary wishes of the Austrian School of Economics compared to Bitcoin.

- 359 -
13.6 Summary, terms and sources
Summary
There are generally four major economic currents: Marxism, Keynesianism, the Austrian School
of Economics and Monetarism. Of these four currents, the Austrian School has had a significant
influence on the creation of Bitcoin. The European Central Bank also agrees that the theoretical
foundations of Bitcoin lie in the Austrian School and its criticism of the current money system.

What makes the Austrian School unique compared to the other schools of thought is that it is
for as little government interference as possible and wants a separation of state and money.
According to the Austrians, central banks have no significant role in this, and governments
should not pursue fiscal policies to stimulate the economy.

Two criticisms that Satoshi Nakamoto has on the current money system, which many of the
Austrians also agree with, are that the central bank should be trusted not to devalue money
and commercial banks should be trusted not to lend too much money with only a fraction on
reserve. Satoshi Nakamoto's criticism thus concerns central banking and fractional reserve
banking.

In central banking, a central bank can create money by buying up assets, such as government
bonds. More money comes into circulation. The consequence of a larger money supply is that
the interest falls, after which it is cheaper to borrow money. This stimulates the economy. The
process of creating money through asset purchases is called quantitative easing.

In fractional reserve banking, commercial banks keep a fraction of the money entrusted to
them in reserve and lend out the rest. A reserve percentage of 10% means that about 10 times
more money can come into circulation, mainly in the form of credit.

The Austrian School believes that central bank monetary policy and monetary growth through
fractional reserve banking can lead to cyclical waves and credit bubbles. The Austrians find
Bitcoin an interesting phenomenon, because it takes away the monopoly on money production
from governments and central banks and because Bitcoin introduces free banking.

- 360 -
Comments you can now explain
• The Austrian School of Economics has had a significant impact on Bitcoin.
• The Austrian School is as free as possible to the market and for this reason is against asset-
buying programs from central banks.
• Bitcoin reintroduces free banking.
• New money is being created by central banking and fractional reserve banking.
• The Austrian School believes that if there is more competition in funds and people have the
freedom to choose which funds they use, the innovation in the money industry will
increase.
• According to the Austrian School, the current money system causes more instability of the
financial system.

Glossary of Terms
Labour theory of value: The theory of value that assumes that the value of a good or service is
determined by the work that has been put into the good or service.

Cantillon-effect: When more money comes into circulation, the money is not evenly distributed
across the economy. As a result, prices of various goods rise disproportionately.

Central banking: The way in which central banks conduct their policies.

Fractional reserve banking: Commercial banks hold only a fraction of the money entrusted to
them in readily available form. The vast majority they lend.

Full reserve banking: The bank must maintain a 100% reserve of the amount entrusted to
them.

Inflation: The rise in the general price level in an economy. Many Austrians define inflation as
the growth in the money supply which, ceteris paribus, leads to an increase in the general price
level.

Quantitative easing: Form of direct money creation by central banks, buying up assets such as
government bonds to put more money into circulation. Quantitative easing is used to stimulate
the economy. The wish of the European Central Bank is to bring inflation levels down, but close
to 2%.

Marginal utility: The marginal utility of a good or service is the change in satisfaction or benefit
that comes from an increase in consumption of the good or service.

Seigniorage: The profit that a central bank makes on money production.

- 361 -
Government bond: A loan issued by the government.

Subjective theory of value: Value theory that claims that the value of a good or service
depends on the subjectivity of man. This is in contrast to the labour theory of value.

Free banking: A completely free market of money and banking. There is no central bank or
government that regulates the money anymore.

Sources
Bagus, T. (2012). The tragedy of the Euro. Auburn, Al. Von Mises Institute.

Cox, J. (2007). The concise guide to economics. Auburn, Ala.: Ludwig Von Mises Institute.

European Central Bank. (2012). Virtual Currency Schemes. Consulted from


https://www.ecb.europa.eu/pub/pdf/other/virtualcurrencyschemes201210en.pdf

European Central Bank. (2017, May 8). Why are stable prices important? Consulted on 23
December 2019, from European Central Bank website:
https://www.ecb.europa.eu/explainers/tell-me-more/html/stableprices.nl.html

Hayek, F.A. (1974). Choice in Currency: a way to stop inflation. London. The Institute of
Economic Affairs.

Hayek, F.A. (1976). Denationalisation of money: an analysis of the theory and practice of
concurrent currencies. London: Institute Of Economic Affairs.

IEX. (2019). Netherlands 10 years of government bonds. Consulted on 23 December 2019, from
iex.nl website: https://www.iex.nl/Rente-Koers/190118356/Nederland-10-jaar.aspx

von Mises, L. (1912). The theory of money and credit. Consulted from
https://mises.org/library/theory-money-and-credit

von Mises, L. (1928). Monetary Stabilization and Cyclical Policy. Consulted from
https://mises.org/library/causes-economic-crisis-and-other-essays-and-after-great-
depression/html/c/193

Nakamoto, S. (2009). Bitcoin open source implementation of P2P currency [forum]. Consulted
from http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source

RatioVincit, (n.d.). Free Banking in 25 Questions and Answers. Consulted on 23 December 2019,
from Ratiovincit.nl website: http://www.ratiovincit.nl/VrijBankieren.html

Woods, T. (2009). Meltdown. Washington, DC. Regnery Publishing.

- 362 -
- 363 -
14. Cryptoanarchism and the Cypherpunk Movement

“Bitcoin is the future. Act like you believe it. Act to prevent corruption of the
system. Act to prevent Bitcoin becoming co-opted in any way. We must preserve
the principles of Satoshi Nakamoto.”
- Amir Taaki (2013)

“It’s [Bitcoin] very attractive to the libertarian viewpoint if we can explain it


properly. I’m better with code than with words though.”
- Satoshi Nakamoto (2008)

“Cypherpunks are activists who advocate the mass use of strong cryptography
as a way protecting our basic freedoms against this onslaught.”
- Julian Assange (2012)

14.1 Introduction and learning objectives


In this chapter you will learn
• What cryptoanarchism is and how it relates to libertarian anarchism.
• How the Cypherpunk movement came about.
• What the philosophical background is from which the Bitcoin blockchain originated.
• To know the main people who have developed technologies from which blockchain
originated.
• How the philosophical ideas of cryptoanarchism have led to certain properties of the
Bitcoin blockchain.

Introduction
As has already been shown in Chapter 11, Blockchain and the Promise of the Internet,
blockchain technology did not emerge in a vacuum. In this chapter we trace the philosophical
origins from which this technology was developed. Many of the existing technologies that
blockchain is based on have been developed by cryptoanarchists and cypherpunks. We are
- 364 -
going to see that cryptoanarchism and cypherpunk have developed technologies that have
been applied to the Bitcoin blockchain. These technologies are designed to ensure privacy and
other freedoms.

Section 14.2 discusses cryptoanarchism. Next, 14.3 discusses cypherpunks and their desire to
develop an anonymous monetary system. Section 14.4 draws the relationship between
cryptoanarchism and anarcho-capitalism. In 14.5, we draw a parallel between cryptoanarchism
and the properties of the Bitcoin blockchain. The chapter is then concluded with a summary, a
list of the most important terms and a list of sources.

14.2 Cryptoanarchism
In the 1970s and 80s, a group of cryptographers and computer engineers were concerned
about government privacy violations. In addition, they predicted that society would become
increasingly digital, which could ultimately lead to more individual freedoms, more economic
prosperity, more knowledge sharing and a drastically new way for people to socialize. However,
they also feared the potential grip governments could have on such a society.

Such sentiment was shared by Paul Armer, former manager and lecturer at Stanford
University's Computer Science department, in 1975. He wrote in the article "Computer
Technology and Surveillance" (1975) that a group of experts in computers, communications and
surveillance came together to investigate the following issue:

“Suppose you were an advisor to the head of the KGB, the Soviet Secret
Police. Suppose you are given the assignment of designing a system for
the surveillance of all citizens and visitors within the boundaries of the
USSR. The system is not to be too obtrusive or obvious.”
(p. 12)

The system devised by the group of experts was an Electronic Fund Transfer System (EFTS). The
system would process all financial transactions and be provided with the necessary statistical
analyses that were submitted to the government. The system would close accounts and block
transactions. In addition, the government would have full insight into which purchases you
make, the time of the purchases and also where you are with the purchases. Armer says that he
is less worried about the bankers who violate his privacy, but that he is more afraid that under
pressure from the government, these bankers are forced to use EFTS for surveillance for the

- 365 -
benefit of that government. According to Armer, we should be concerned with surveillance
because it forces us to conform to certain behaviours. Our creativity and our ability to express
ourselves authentically would suffer severely from the pressure to conform. The consequence,
according to Armer, is that we lose our authenticity in such an environment. (p. 12-13)

In the late 1980s, the cryptoanarchist movement arose out of the same concern. Timothy May,
a former electrical engineer at IBM and a co-founder of this movement, introduced the idea of
cryptoanarchism to the Crypto "88 conference. Here he found like-minded people among the
techno-anarchist faction present at the conference and shared his self-written cryptoanarchist
manifesto with the group. The same manifesto, called "The Crypto Anarchist Manifesto" (1988),
he also shared on November 22, 1992 with the people on the Cypherpunk mailing list.

May describes in the manifesto that a spirit haunts the modern


world, the spirit of cryptoanarchism. The basic principle of
cryptoanarchism157 is that total anonymity, total freedom of
expression and total freedom of trade are made possible through
encrypted communication. According to May, unbreakable
cryptography goes even further than simply facilitating anonymity
and the freedoms of expression and trade: it even casts doubt on
the concept of nation-states. In "Crypto Anarchy and Virtual
Figure 121: Timothy May.
Communities" (1994), May writes that the combination of
unbreakable public key cryptography and virtual network communities in cyberspace will lead
to major social changes. He describes cryptoanarchy as a realization of anarcho-capitalism and
that it will provide us with opportunities to engage in voluntary economic interactions with
each other.158 We will discuss what anarcho-capitalism is in a later section.

157 Timothy May pokes fun at this opening sentence with Karl Marx's Communist Manifesto (1850), which begins
with: “A specter is haunting Europe - the specter of Communism”.
158 Timothy May (1994) writes:

“The combination of strong, unbreakable public key cryptography and virtual network
communities in cyberspace will produce interesting and profound changes in the
nature of economic and social systems. Crypto anarchy is the cyberspatial realization
of anarcho-capitalism, transcending national boundaries and freeing individuals to
make the economic arrangements they wish to make consensually.”

- 366 -
14.3 Cypherpunk
On November 19, 1992, Timothy May, Eric
Hughes and John Gilmore159 invited a
group of like-minded people to gather at
Eric Hughes' home. The meeting was
mainly about how to use crypto
instruments to guard the freedoms
essential to them. They also discussed The
Figure 122: The three founders of the Cypherpunk movement. From Crypto-Anarchist Manifesto by May.. The
left to right, they are Timothy May, Eric Hughes and John Gilmore.
political philosophy that moved these
people was very libertarian in nature. They
found that cryptography was too important an invention to leave it to governments and
companies alone. This was the beginning of a movement that would later become known as the
Cypherpunk movement.160 (Levy, 2005, pp. 263-265)

An online discussion environment was set up within a month of the first meeting, in which they
exchanged ideas regarding cryptosystems. A few weeks after setting up the environment, more
than 100 people registered on the mailing list and Hughes wrote the "Cypherpunk Manifesto"
(1992). Julian Assange and Rop Gonggrijp, the co-founders of WikiLeaks and XS4ALL
respectively, are two of the many notable persons who were also members of the Cypherpunk
mailing list.

14.3.1 The essence of privacy


The "Cypherpunk Manifesto" provides a defence for anonymous transactions by first discussing
the essential difference between "privacy" and "secrecy". Privacy is explained herein as the
power to selectively reveal yourself to the world, while secrecy is a means of hiding something
no one should know. If you buy a magazine with cash, the cashier doesn't need to know who
you are. When you send an email, the email provider does not need to know the content of the
messages you send and receive. The task of the email provider is to know how he can deliver

159 In addition to the important work John Gilmore did for the cypherpunks, he also co-founded the Electronic
Frontier Foundation (EFF) in 1990 with Steve Wozniak, John Perry Barlow and Mitch Kapor. The EFF is a foundation
that promotes civil rights and freedoms on the internet.
160 Cypherpunk is a derivative of the words “cipher” and “Cypherpunks”. A cipher is an algorithm for performing
encryption and decryption. Cypherpunks is a subgenre within science fiction, in which technological and scientific
developments play a central role.
- 367 -
your email to the right destination and how much you have to pay him for this service. An
anonymous system allows the user to reveal only the relevant details of his identity, when he
wants and when it is needed. That, according to Hughes, is the essence of privacy.
Cryptography is the key technology that makes this possible, and cypherpunks are committed
to building such cryptosystems.

14.3.2 Anonymous electronic money system


Cypherpunks are practical idealists who develop working applications to realize their ideals.
What is striking in the "Cypherpunk Manifesto" is that in addition to anonymous email systems
and digital signatures, explicit anonymous electronic money is also mentioned. The technical
foundation for anonymous electronic money was laid by the cryptographer David Chaum.161 In
1985 he wrote "Security without Identification: Transaction Systems to Make Big Brother
Obsolete". In this article, Chaum writes that it is possible to develop a digital money system in
the near future that guarantees the privacy and security of individuals and organizations. In this
he speaks out against the “file society”, a society in which computer systems are used to
monitor people. In this society, Chaum predicts, data about people is valuable and will be sold
without these people knowing. In the worst cases, the data is used to manipulate public
opinions and elections, or surveillance is so widely represented that people can no longer or do
not dare to express their opinion freely.162

161 David Chaum is also the inventor of DigiCash, an anonymous money system that used blind signatures.
DigiCash's operation is based on his previously written article, "Blind Signatures for untraceable Payments" (1983).
162. It seems that we are already living in the “file society” that David Chaum is guarding us against. According to
whistleblowers Robert Epstein and Zachary Vorrhies, Google is already actively interfering with election results.
Google does this with the help of subjective autocomplete suggestions and a partial ranking mechanism of search
results. Vorrhies has uploaded over 1,000 internal Google documents to Project Veritas as evidence.
- 368 -
Wei Dai en B-Money
Over the years, several cypherpunks have attempted
to develop anonymous money systems. They also
developed technologies that were later applied to
Bitcoin. For example, Wei Dai developed the concept
of B-Money in 1998, an anonymous money system
that, like Bitcoin, uses the Hashcash Proof-of-Work
feature.163 The Hashcash feature was developed by
another cypherpunk, Adam Back.164
Figure 123: Wei Dai.
In his essay on B-Money, Wei Dai makes it clear that
he is fascinated by Timothy May's cryptoanarchism. He sees a cryptoanarchist community as an
environment in which violence is impossible because the participants cannot be linked to their
true names and physical locations. Such a community must operate on a voluntary basis. Wei
Dai believes that forcing contracts and having a money system are essential for efficient
collaboration. B-Money is a money system where nodes, like Bitcoin, can also create money if
they solve a difficult math problem. As with Bitcoin, money is transferred from person A to
person B by sending the transaction to a network of nodes. 165

163 The smallest unit of Ether is named after Wei Dai. This is called a “Whey” and is equal to
1/1,000,000,000,000,000,000 Ether.
164 Adam Back is the CEO of Blockstream, a company that helps finance the development of Bitcoin Core. Bitcoin
Core is the primary Bitcoin software.

Hashcash is intended to prevent email spam by having the sender of an email solve a cryptographic puzzle before
the email is actually sent. The metadata of an email (the 'from' address, the 'to' address, the time, etc.) is
formalized in a protocol. The sender of the email must also add a nonce, which is hashed together with the
metadata. Only if the hash meets a certain requirement - for example, that it must start with 8 zeros - is the hash
valid and the email sent.
165 In the essay, "B-Money" (1998), Wei Dai writes:
“I am fascinated by Tim May’s crypto-anarchy. Unlike the communities traditionally
associated with the word ‘anarchy’, in a crypto-anarchy the government is not
temporarily destroyed but permanently forbidden and permanently unnecessary. It’s a
community where the threat of violence is impotent because violence is impossible,
and violence is impossible because its participants cannot be linked to their true names
or physical locations.”

Wei Dai had distributed the essay to the Cypherpunk mailing list.
- 369 -
Wei Dai, incidentally, was the second person approached by Satoshi Nakamoto. His essay on B-
Money is also on the list of references in the Bitcoin white paper.

Two other prominent cypherpunks we discuss are Nick Szabo and Hal Finney.

Nick Szabo, Bit Gold en smart contracts


Nick Szabo is clear in his goals as cypherpunk. He, like most other
cypherpunks, wants to create a peaceful cyberspace separate from
the state.166 Szabo was very active in criticizing the Clipper chip in
the 90s.167 He has developed the concept of smart contracts and is
also the inventor of Bit Gold, a predecessor of Bitcoin.

Szabo realized that in order to create a stateless environment on the


Figure 124: Nick Szabo. internet, things like property and contracts need to be documented.
This is how he came up with the idea of smart contracts.168 Like
Friedrich Hayek, he was also involved in free banking: a monetary system in which private
parties can issue their own money, which is separate from governments and central banks.
Szabo had also worked on David Chaum's DigiCash, but saw the risk that DigiCash was a
centralized company. He looked for decentralized alternatives that eventually became Bit Gold.
Like Bitcoin and B-Money, Bit Gold uses a Proof-of-Work mechanism similar to Hashcash's.
Money, Bit Gold uses a Proof-of-Work mechanism similar to Hashcash's.

166 Nick Szabo writes the following in his September 17, 1997 email to the Cypherpunk mailing list:
“If we step back and look at what many cypherpunks are trying to achieve, a major
idealistic theme is a Ghandian cyberspace where violence can only be make-believe,
whether in Mortal Kombat or ‘flame wars’. … Our 20th century information commerce
systems, from publishing to credit cards, have often been very dependent on the
threat of violence, usually law enforcement.”

In homage to Nick Szabo, a “Szabo” is a unit in Ether. This is set at 1/1,000,000 Ether.

167 The Clipper chip was discussed in more detail in section 5.6.1 within the context of the first crypto war.
168 See "The Idea of Smart Contracts" (Szabo, 1997) for more information about the concept of smart contracts.
Nick Szabo came up with the idea of Bit Gold in 1998, but only fully described it in his essay "Bit Gold" The Clipper
chip was discussed in more detail in section 5.6.1 within the context of the first crypto war. (Szabo, 2005).
- 370 -
Hal Finney
Hal Finney was another cypher punk who got involved with the Bitcoin
network early on. It was Hal Finney who received the first Bitcoin
transaction from Satoshi Nakamoto. In an email to the 1992 Cypherpunk
mailing list, Finney writes about the dangers of the “file society” and
how David Chaum shows that cryptography can be used to free and
protect people, rather than control.169 In 2004, he developed a Reusable
Proof-of-Work system and worked on the Bitcoin software until his
death in 2013.
Figure 125: Hal Finney.

So far, we have discussed what cryptoanarchism and cypherpunk are


and have addressed some notable cypherpunks that have had a major impact on the
development of the Bitcoin blockchain. In the next section, we will discuss the libertarian
anarchist philosophy that underlies cryptoanarchism and the goals of many cypherpunks.
Finally, we draw parallels between cryptoanarchism and the properties of the Bitcoin
blockchain.

169 Hall Finney writes:


“Here we are faced with the problems of loss of privacy, creeping computerization,
massive databases, more centralization – and Chaum offers a completely different
direction to go in, one which puts power into the hands of individuals rather than
governments and corporations. … The work we are doing here, broadly speaking, is
dedicated to this goal of making Big Brother obsolete. It’s important work. If things
work out well, we may be able to look back and see that it was the most important
work we have ever done.”
As a tribute to Hal Finney, 1/1,000 Ether is named after 1 “Finney”.
- 371 -
Intermezzo: Internet Freedom Report
How is it actually going with internet freedoms in the world? Freedom House (2019) has
published a report entitled "Freedom on the Net 2019". According to the report, over 3.8
billion people have access to the internet, but 71% live in countries where individuals are
arrested or imprisoned for posting content on political, social or religious issues. 65% live in
countries where individuals were attacked or killed for their online activities between June
2018 and May 2019. 59% live in countries where authorities use online commentators to
manipulate discussions. (p. 2)

Figure 126: A demonstrator wears a Guy Fawkes mask while protesting mass surveillance in Manila, the Philippines
(Freedom House, 2019).

According to the report, 33 of the 65 countries evaluated have lost their internet freedoms.
The biggest deteriorations occurred in Sudan, Kazakhstan, Brazil, Bangladesh and Zimbabwe.
Iceland and Estonia performed best among all countries surveyed. China is the largest
Internet freedom abuser for the fourth consecutive time, and while the United States scores
quite well, it has been declining for three years in a row. (pp. 4-5)

Governments now have more surveillance capacity than ever before, thanks to artificial
intelligence. Among other things, Freedom House recommends creating more transparency
in online political advertising and addressing the use of bots in social media manipulation. In
addition, they want a restriction on the export of advanced instruments that serve to
monitor citizens. China is the furthest in online surveillance. The Chinese government is
working with companies to monitor individuals online. For example, in March 2019, it was
reported that a Uyghur had been locked up and interrogated for three days just because
someone had checked into WeChat in their contact list from Mecca, Saudi Arabia. (p. 13)
The Vietnamese government is also strongly committed to online surveillance (pp. 13-16).

- 372 -
14.4 Cryptoanarchism as Realization of Anarcho-Capitalism
To understand the purpose of cryptoanarchism, we need to better understand the concept of
anarcho-capitalism. Another word for anarcho-capitalism is libertarian anarchism or
voluntarism. Anarcho-capitalism consists of the following two participles: "anarchy" and
"capitalism". The word "anarchy" has its origin in Greek and is a combination of an and arkhos
which literally means "without ruler". Today, anarchism is regularly defined as "chaos," while
cryptoanarchists still use the word in its literal sense. Cryptoanarchists thus see anarchy as a
state without a ruler, or a state without a government, and believe that such a society would
actually lead to more social harmony. An important characteristic of this society is that it is
purely capitalist and libertarian.

Various arguments have been made on philosophical grounds in defence of a libertarian


anarchist society. Murray Rothbard, who coined the term "anarcho-capitalism", follows the
tradition of natural law and assumes that every person naturally has certain rights.170

14.4.1 Natural rights according to libertarians


Rothbard believes that every person basically has the absolute right to their own body. In For a
New Liberty (1973), Rothbard writes that man has a specific nature to learn more about himself
and the world around him through his mind, so that he can discover values and means by which
he can achieve his goals.. According to Rothbard, this is essential for any person as it is
necessary for their survival. If someone disturbs him in his nature to use his mind, it is anti-
human (pp. 32-33). For a person to be able to use his mind independently, he must also have
ownership of his own body.

170 In general, you can divide the arguments for a libertarian society into the consequentialist arguments and the
deontological arguments. The consequentialist focuses on the consequences of an action or policy, while a
deontologist focuses on the morality of the action or policy itself. For example, a libertarian consequentialist
believes that the government should be as small as possible, because it leads to more individual freedoms and
society is generally better off. David Friedman, son of Milton Friedman, is an example of a libertarian
consequentialist. A libertarian deontologist, on the other hand, believes, for example, that every person has a
natural right of self-determination and that the government should therefore let him be free as much as possible.
- 373 -
The idea that people have the right of self-determination is not new and has had a significant
impact on the Enlightenment philosophers in Western society.171 For example, the British
philosopher John Locke already wrote in The Second Treatise of Government (1689) that
everyone has a property in their own person, to which no one is entitled except himself.172.
Both Locke and Rothbard argue that the right to property and the right to liberty flow from this
right of self-determination.

Right to self-
determination

Right to Right to
Right to life
freedom property

Figure 127: According to the natural law theory that libertarians adhere to, the rights to life, freedom and property derive from
our right to self-determination. You could argue that by taking someone's life, you commit murder. Depriving someone of his
freedom is a form of slavery. Theft of someone's property is theft. According to libertarians, these three activities violate natural
human rights.

By the right of self-determination, people can take ownership of resources. Taking ownership of
this can be done by (a) mixing your own labour with something that was not yet available from
another and (b) voluntary trading. 173 The idea that you become the owner of something by
mixing your labour with the resource in question that is not yet owned by anyone else is quite
intuitive for many people. For example, imagine walking around in nature and you see an apple.
By climbing into the tree and picking the apple, you actually mix your labour with the apple and
make the apple available to you. The apple has become your property. Voluntary trade is also

171 Another word for libertarianism is also called "classical liberalism".


172 John Locke describes it as follows: "… every man has a property in his own person: nobody has any right to this
but himself" (1689, p. 19).
173 Taking ownership of your work by mixing it with your work is also known as “homesteading”. John Locke (1689)
describes homesteading as follows:

“The labour of his body and the work of his hands, we may say, are properly his.
Whatsoever, then, he removes out of the state of nature hath provided and left it in,
he hath mixed his labour with it, and joined it to something that is his own, and
thereby makes it his property.” (p. 19)
- 374 -
an intuitive way for many people to acquire property. If you voluntarily decide to trade your
EURO for an apple, it intuitively feels unfair if someone else steals your apple. By voluntarily
buying that apple, you intuitively feel that that apple has become yours. Rothbard extends this
view to extremes and concludes that the state is unlawful.

In "Society Without A State" (1974), Rothbard defines an anarchist society as a society without
a legal means of engaging in compulsive aggression against a property or an individual. The
state is prohibited in this society because the state engages in aggression by stealing private
property in the form of tax.174

14.4.2 How, according to libertarians, the state violates natural rights


Franz Oppenheimer (1908) distinguishes between the economic means and the political means
with which people and institutions can maintain themselves. By economic means he talks about
using and trading your own labour. Political means he talks about seizing the fruits of other
people's labour. (p. 25) Economic means require peaceful production and trade, while political
means require violence and coercion.

Libertarians therefore see the state as a gang of bandits. It is important to know that there are
different views among libertarians about the legitimacy of their activities.

14.4.3 Distinction between libertarian minarchists and libertarian anarchists


The main distinction we make in this book is the distinction between libertarian minarchists
and libertarian anarchists. A minarchist is someone who believes that the government does
indeed plunder the population in the form of taxation, but that this plunder is somewhat
legitimate when used to perform some essential functions in society. Milton Friedman is an
example of a libertarian minarchist. He believes in a night watchman state, a state in which the
government interferes as little as possible with its citizens.
According to Friedman, the government has only the following three functions:
1. Providing a nation's military defence.
2. Forcing contracts between individuals.
3. Protecting civilians from crime and theft.

174 Rothbard describes the state in "The Anatomy of the State" (1974) as a society organization that maintains a
monopoly on the use of force and coercion in a particular area. (p. 57)
- 375 -
However, Rothbard is fundamentally against any kind of plundering, regardless of the goals it
pursues. He therefore believes that the state should not infringe the right to self-determination
and the resulting rights such as the right to life, liberty and property.175

14.4.4 The non-aggression principle


The rationale of libertarianism rests on the central idea that no person or group of people
should aggress a person or any person's property. Aggression is defined as the initiation of
violence, or the threat of committing physical violence against a person or against a person's
property. This rationale is also known as the non-aggression principle. Instead of coercion,
libertarians prefer voluntary cooperation, freedom of choice and self-government as much as
possible.

14.4.5 Voluntary association


Libertarian anarchists endorse that society has no uniform values and that political
disagreements are inherent in a society. Plural values allow conflicts to arise.176 The most
peaceful way to deal with this, according to libertarian anarchists, is to give everyone the right
to separate themselves. From self-determination law, based on the non-aggression principle
and natural law theory, people also have the right to voluntary association and the right to
choose their own leaders. If an individual no longer feels associated with the state he lives in,
the individual has the right to join another association and separate as a new political entity.

175 The philosopher, Gerard Casey, defends this idea in Libertarian Anarchy (2012). He writes

“Governments are criminal organizations. All governments, not just the obviously
totalitarian or repressive. … This statement is meant to be taken literally and not as a
form of rhetorical exaggeration. The argument is simple. Misappropriation, theft,
kidnapping and murder are all criminal activities. Those involved in such activities, on
their own or on behalf of others, are by definition criminals. The government is
engaged in an activity that is morally equivalent to misappropriation or theft in tax
collection; imprisonment of some people in prisons, especially those convicted of
alleged victimless crimes, or when calling on people to participate in the military, the
government is guilty of kidnapping or false confinement; engaging in wars that do not
stem from defensive interests and even if they are defensive, or when defensive assets
are used disproportionately and arbitrarily, the state is guilty of manslaughter or
murder. " (p. 1)

176) The philosopher Bernard Williams wrote in In The Beginning Was The Deed (2005) that political philosophy is
primarily concerned with the idea of political disagreements and that these disagreements arise from different
interpretations of political values such as freedom, equality and justice. (p. 77)
- 376 -
According to libertarian anarchists, there is no limit to secession. Provinces may separate from
a state, a district from a province, a city from a district, a district from a city, a household from a
district, and an individual from a household.

14.4.6 Capitalism in Libertarian Anarchism


According to libertarian anarchists, capitalism is nothing more than a system of voluntary trade
of property and the absence of governments to interfere in such activities. If you buy an apple
from a greengrocer in the market, voluntary trading takes place: you give up your money in
exchange for an apple. Libertarian anarchists believe that both sides benefit from this voluntary
trade. Had they not both benefited, of course based on their judgment at the time, they would
not have entered into trade. In the example of the apple, you value the apple more than the
money you have given it. Conversely, the seller of the apple values your money more than the
apple he has given up. Thus, both parties are progressing in voluntary trading. The same also
applies to contracts. You do not enter into a voluntary contract if it does not benefit you. This is
why libertarian anarchists are advocates of free market capitalism.

14.4.7 Spontaneous order


The idea that an anarchist society does not have to fall into chaos rests on the concept of
spontaneous order. The basic principle is that people in a society that is left alone can bring
order to their lives and society. They do this by creating rules themselves, for themselves and
for the society in which they live. According to libertarian anarchists, no government is needed
to achieve these rules.

The concept of spontaneous order is thousands of years old. For example, it plays a major role
in the Daoist philosophy.177 The almost mystical power that causes people to reform

177 Lao Tze, the father of Daoism and according to Rothbard also the first Libertarian, wrote in chapter 57 of Dao
De Qing:

“That is why the Wise says: I am Wu Wei


And people become reformed by themselves.

I am at peace,
And people become fair by themselves.”

Wu Wei is a Chinese term meaning "to act by not to act". In this case, the Wise says that by not acting he still gets
things done. The people are reforming themselves for good.
- 377 -
themselves by themselves is called “Dao” in Daoism. This mystical power, which leads to
spontaneous order, is also sometimes compared to "the invisible hand" of Adam Smith.
Friedrich Hayek endorses the idea that order can arise without a centralized party that
organizes society according to its own insights. A good example of this is language. Language
has its own rules and grammar and is constantly changing naturally. The Bitcoin blockchain is
another example of spontaneous order. Here there is no central party that determines the set
of rules.

- 378 -
Intermezzo: The pencil as a metaphor for spontaneous order
Leonard Read wrote I, Pencil (1958) to denote the concept of spontaneous order in the free
market. It is a short essay on a pencil that shows how complex it is. The pencil, according to
Read, is so complex that not one person in the world can make it. It consists of graphite,
wax, glue, a piece of metal to bind the eraser to the wood, cedar, etc. The graphite is, for
example, mined in Sri Lanka. To mine it, you need to know how to make the mining tools and
know how to transport it on ships. The graphite is mixed with Mississippi clay where
ammonium hydroxide is used to refine the graphite. The eraser at the end of the pencil is
obtained through a refining process using rubber from Indonesia and sulphur chloride. The
tenor of the story is that no one has all the skills to produce one simple pencil. Still we have a
pencil.

The pencil is actually made by millions of people who, without knowing each other, made a
small contribution. The graphite miner doesn't know the Oregon lumberjack, and the rubber
producer doesn't know the people who transport the part products on ships or trains. The
pencil is a spontaneous configuration of creative human labour. Each person acts out of his
own interests, values and wishes and has only a little bit of knowledge about the work he
does. The lesson from the story is that if we let people be free, a productive order is created.
Friedrich Hayek calls this spontaneous order the extended order, an order that did not
originate centrally. The private knowledge that people possess to get to a product like a
pencil is decentralized. On our own we don't know how to make a pencil, but collectively we
do. Friedrich Hayek describes in his article, "The Use of Knowledge in Society" (1945), how
individualism and decentralized knowledge can lead to extensive cooperation in a free
market. According to Hayek and other libertarians, we should release people as much as
possible, because they know best with their local knowledge how to organize their own lives.
In response to the Marxists of his time in Economic Calculation in a Socialist Commonwealth
(1920), Ludwig von Mises has similarly described why centrally planned societies lead to
economic poverty. According to Mises, economic interventions by the government lead to
distortions in the price mechanism of the free market. Prices are like a coordination
mechanism. They signal to people what society needs. If the price of grain increases, the
farmer knows that there is a greater need for grain at that time.

- 379 -
Due to price distortions, producers do not know what society needs and they cannot focus
their production capacities on the production of what society wants.

The idea that knowledge is decentralized and the principle that we should let people be free
as much as possible was also applied by Jimmy Wales when setting up Wikipedia. The
underlying idea of Wikipedia is to let people write articles themselves on the platform and
have articles edited themselves. While Wikipedia does not consider itself a reliable source,
the result is an online encyclopaedia that is quite accurate and is often used as a starting
point to learn more about a topic. Some studies have even shown that Wikipedia contains
no more errors than more traditional encyclopaedias such as Encarta. (Wiegand, 2007)

You can also compare the organization of a spontaneous organization to a hierarchical


organization. In the image below we see a graphical representation of both types.

Figure 128: On the left is a spontaneous organization, also called a network organization. On the right is a hierarchical
organization. (Silver84, n.d.)

The Bitcoin network is a good example of a network organization, born out of a spontaneous
order.

- 380 -
14.5 The relationship between cryptoanarchism and the Bitcoin blockchain
Although cryptoanarchists and cypherpunks had developed technologies for anonymous
electronic money since the 1980s, their applications still had a single point of failure. A central
party was required to ensure that double spending was not possible. The major drawback, in
addition to trusting a central party, is that a state can attack such money systems. It is not
inconceivable that states would attack money systems that offer serious competition against
national currencies.

Given his familiarity with the technologies of the cryptoanarchists and cypherpunks, it is very
likely that Satoshi Nakamoto was someone (or a group of people) who was also active on the
Cypherpunk mailing list in the 1990s. Using a pseudonym to identify Bitcoin introduction, fits
well with a cypherpunk.

The relationship between cryptoanarchism and the Bitcoin blockchain is further explained
through nine cryptoanarchist ideals. These ideals are compared in the following table against
the properties of the Bitcoin blockchain.

- 381 -
Cryptoanarchist Ideals Properties of the Bitcoin blockchain
1. Voluntarism: voluntary You are allowed to join the network voluntarily and you
interactions are not forced to use Bitcoin.
2. Privacy Bitcoin wallets are pseudo anonymous. You do not
need to provide any personal information to create a
wallet and you are encouraged to create a new key pair
with each transaction.
3. Property rights: you have the As long as you know your private key and do not share
right to keep the fruits of your it with anyone, no one can confiscate your Bitcoins.
labour
4. Free market: no government Breaks the monopoly on money production from
interference and government central banks and governments. It again introduces free
monopolies banking and an alternative to national currency.
5. Decentralization: as little There is no trusted third party that makes it resistant to
power as possible in censorship. The network is radically neutral.
centralized institutions Transactions are done peer-to-peer. Everyone is
treated equally according to the protocol. It is open and
inclusive to everyone.
6. Transparency: accountability of The blockchain is open source and all blocks can be
governments through viewed transparently with, for example, block
transparency explorers.
7. Spontaneous order: rules can Rules are established bottom-up through a democratic
be created bottom-up without process. This makes the system anti-fragile.
government. This leads to more
social harmony
8. Voluntary association: you can You can choose which software version you join. You
choose your own leader, join can also separate yourself from a chain using a hard
an association and separate fork.
yourself from an association
Table 8: Cryptoanarchist ideals compared to properties of the Bitcoin blockchain.

14.5.1 Voluntarism
Cryptoanarchists believe, based on the libertarian non-aggression principle, that you should not
use violence against people who have not used violence themselves. In addition, you should not
threaten anyone with violence or rob them of their belongings. Cryptoanarchists believe
everyone is allowed to engage in social and economic interactions on a voluntary basis. This
ideal is also reflected in the Bitcoin blockchain. You may volunteer to join the community and
join the network. You are not forced to use Bitcoins. On the other hand, governments can
- 382 -
oblige you to use their national currency. They do this, for example, by having your tax paid in
the national currency. If you create your own money system, such as Bernard von NotHaus did
with his Liberty Dollar, you may even be forced by the government to shut down the money
system.178

14.5.2 Privacy
Cryptoanarchists use cryptography to ensure privacy. Satoshi Nakamoto also writes in his
Bitcoin white paper that privacy is very important. Banks achieve privacy by shielding users'
access to information. A system like Bitcoin where all transactions are publicly disclosed can
protect privacy in two ways.

The first way is to make the transactions no longer traceable to the users. This is made possible
by pseudo-anonymous Bitcoin wallets and public keys.

The second way is to use a new key pair of public and private keys for each transaction.
(Nakamoto, 2008, p. 6) Many mobile wallets have the standard function of creating a new key
pair with every transaction. It is possible that the Bitcoin protocol will have additional privacy
functionalities in the future. Some Bitcoin forks, such as Bitcoin Gold and Bitcoin Private, have
already implemented Zero-Knowledge Proofs.

In addition, no personal information is required to create Bitcoin wallets. This contrasts with
the current financial system with the strict regulations regarding KYC and AML.

14.5.3 Property rights


Cryptoanarchists believe that every person has the right to keep the fruits of his labour. Bitcoin
responds to this ideal. As long as you keep your private key and do not share it with another
person, no one can seize your Bitcoins. In other words, Bitcoin has strict property rights. Banks,

178 The Liberty Dollar was created in 1998 by Bernard von NotHaus and served to compete with the national money
of the United States. Von NotHaus was inspired by Friedrich Hayek's idea to denationalize money. The Liberty
Dollar was in both physical and electronic form and was completely covered by silver. So it was not updated on a
credit basis. The US Dollar, on the other hand, is based on credit by fractional reserve banking and more can be
made from scratch by the Federal Reserve. In November 2007, the US government seized $8 million USD in
precious metals, of which approximately $6 million USD was used to cover the circulating Liberty Dollar. For more
information on Bernard von NotHaus' Liberty Dollar, see A History of Digital Currency in the United States (Mullan,
2016).
- 383 -
on the other hand, can seize the money you have with the bank, freeze your bank account and
even close your bank account. That is impossible with Bitcoin.

14.5.4 Free market


Cryptoanarchists support a free market economy. Where possible they want to break through
government monopolies. In the current money system, governments and central banks have a
monopoly on money production. Bitcoin breaks this monopoly and blockchain technology has
significantly lowered the barrier to developing cryptocurrencies. It offers an alternative to the
current money system.

14.5.5 Decentralization
Cryptoanarchists are very sceptical of centralized institutions such as governments. They
advocate as much decentralization of power and self-government as possible. The Bitcoin
blockchain fits well with this philosophy, because it is a decentralized network where no party
has all power over the network. This also makes the network resistant to censorship. Everyone
is free to join the network and help decentralize the network. The network is radically neutral.
Everyone is treated equally on the network. No matter how much power you have in the
physical world, you cannot receive privileges on the Bitcoin network. The network is also open
and inclusive for everyone. It is therefore difficult to regulate itself.

14.5.6 Transparency
Cryptoanarchists want as much transparency from governments as possible. Julian Assange
advocates in Cypherpunks: Freedom and the Future of the Internet (2012) for privacy of the
weak and transparency of governments. Transparency of power systems is hereby necessary to
enforce accountability. In line with this philosophy, Bitcoin is open source. That means anyone
can see Bitcoin's source code and confirm that the entire system is running according to the
rules. In addition, the Bitcoin blockchain is also publicly available and, for example, you can
view all transactions on the network with a block explorer. This radical transparency ensures
that more confidence is created in the system and that people cannot cheat with transactions.
In contrast, central banks and governments are not always transparent in what they spent the
money on, making it more difficult for the population to hold them accountable for their
expenses.

- 384 -
14.5.7 Spontaneous order
Cryptoanarchists assume that spontaneous order arises if there is no central power that designs
society. Bitcoin also has no central party, yet the community is able to set new rules and make
updates. This is done through a democratic process where nodes can vote for improvement
proposals by updating or not updating their Bitcoin software. Many Bitcoin developers also
work voluntarily or are paid with donations. In that sense, order has arisen spontaneously with
Bitcoin.

If Bitcoin is attacked, people will work on new improvement proposals again to make it
stronger. This ensures that Bitcoin has become an anti-fragile system that is difficult to get out
of the blue.

14.5.8 Voluntary association


Cryptoanarchists believe that you can separate yourself from a group. You may join a
community and separate yourself from a larger group with your community. In addition, you
may also choose your own leaders and determine your own rules for the new political unity.
You cannot impose a leader on another. There is a lot of disagreement in the Bitcoin
community about the direction Bitcoin should take. Disagreements can be overcome by
submitting improvement proposals and discussing them, for example, to create support.

The Bitcoin blockchain also involves voluntary association. You have the right to vote for an
update and if you want to separate completely, you can also perform a hard fork. A hard fork is
basically a separation from the original chain and is a peaceful way to resolve irreconcilable
disputes.

In the blockchain community, there is a lot of disagreement about whether a hard fork is a
desired way to implement an update. Vitalik Buterin (2017) defends hard forks based on
libertarian principles. He says soft forks are forcing people to either go with an update, if there
is enough support, or revert to the original version. Therefore, with a soft fork there is always a
compulsion in accepting or refusing new protocols. A hard fork, on the other hand, offers the
opportunity to separate yourself.

- 385 -
Intermezzo: Bitcoin, the separation of state and money
Since the emergence of Bitcoin, the sound of separating money from the state is getting
louder. Shapeshift.io CEO, Erik Voorhees, indicates that this is the most important aspect of
Bitcoin. Voorhees (2015) tells how the state and religion were still strongly interwoven in
Western civilization a hundred years ago. Few realized this was immoral. He also thinks that
most people do not currently realize that the current money system, where the state
controls the money, is also immoral. He predicts that we will find the separation of state and
money completely moral in the future and says:

“Money is absolutely as fundamental to our lives as religion,


and for many people, it is far more fundamental to their lives as
religion. It affects how your life unfolds. The choices that you
make about money dictate the ramifications of your life and
those around you. And so, to have an institution like money so
controlled by a central entity – by a monopoly – is absurd. It is
immoral. We should get rid of it.”

Many cryptoanarchists agree with this, believing that the monetary system is designed on
the basis of violence and coercion. For example, governments can force you to use a national
currency - for example, to pay taxes - and deprive you of your future purchasing power
through inflation. Andreas Antonopoulos (2017) agrees with this and says that the current
money system has become a system of control. It has become a political tool to control who
may or may not receive money. Your money can also be seized and your accounts frozen. If
you as a country do not act in the interests of the United States and the West, you can be cut
off from the SWIFT network. All this means, according to Antonopoulos, that current money
is no longer the best trading tool. In addition, it is no longer a good potting medium when it
can be confiscated or frozen.

Bitcoin is seen by cryptoanarchists and people like Voorhees and Antonopoulos as a new
payment method that can bypass state control. According to them, Bitcoin is neutral, open,
boundless and resistant to censorship. In that respect it has initiated the separation of state
and money.

- 386 -
Intermezzo: The Bitcoin Foundation and its values
The Bitcoin Foundation was established in 2012 to promote the reputation of Bitcoin. The
Foundation has published the "Bitcoin Foundation Manifesto" (2016), which states what
values they stand for:
1. Privacy.
2. Guaranteed access to financial services.
3. Decentralization.
4. Autonomy.
5. Stable money supply.
6. Financial inclusive.

They believe that every person has financial rights that should not be limited by
governments, financial institutions or other people. These rights are:
1. The right to privacy for transactions that are not harmful to others.
2. The right to keep your savings, or to spend your money anywhere in the world.
3. The right to economic participation with or without a bank account.
4. The right to economic participation with or without a credit history.
5. The right to exchange fiat money for Bitcoin and vice versa.
6. The right to use Bitcoin as a trading tool.
7. The right to use Bitcoin as a store of value.

In addition, the Bitcoin Foundation believes that:


1. Fiat money is a poor store of value, especially since the gold standard was released.
2. Inflation encourages consumption and discourages saving.
3. Traditional financial services, especially banking, are not included for the 2.1 billion
people living in poverty (less than $3.10 USD / day).
4. The processing time and costs of electronic payments are too high, an important
reason why 85% of all global trade is done in cash.
5. The collapse of financial services in 2008 and the successive bail-out of the banking
system have caused misery for the world's poorest people.
6. Card fraud losses were $16.3 billion USD in 2014, with more than half of these frauds
occurring online.
7. The traditional banking and payment system is not secure.
8. Confidence in traditional banks and financial services is at an all-time low.

- 387 -
14.6 Summary, terms and sources
Summary
Blockchain is a convergence of different ideas about how people can live together.
Philosophical, economic, political, social and technological movements are appropriate here. By
understanding these ideas, we not only gain more insight into why blockchain originated, but
also gain insight into what the many blockchain pioneers want to achieve with the technology.

Bitcoin can be traced from the cryptoanarchism and the cypherpunk movement. Many who
were involved in the cryptoanarchism and cypherpunk movement in the 1980s and 90s have
played a major role in the development of technologies that Bitcoin uses. Some of these people
who inspired the blockchain world are David Chaum, Timothy May, Eric Hughes, John Gilmore,
Wei Dai, Adam Back, Hal Finney and Nick Szabo.

The goal of cryptoanarchism is to create a libertarian anarchist environment on the cybernet.


This is a society where the government plays no significant role and where people can enjoy the
right to privacy, freedom of expression, voluntary social and economic associations and strict
property rights. According to the cryptoanarchist and founder of the Cypherpunk movement,
Timothy May, unbreakable cryptography goes beyond being able to facilitate anonymity and
the freedoms of expression and trade. It will also question the concept of nation states.

In this chapter we have also looked deeper into the background of libertarian anarchism. Here
we have seen that Murray Rothbard defends libertarian anarchism on the basis of natural law
and that libertarians see the state as a gang of bandits. Instead of coercion, libertarians prefer
voluntary cooperation, freedom of choice and self-government as much as possible. According
to libertarians, people also have the right to voluntary association from the perspective of self-
determination, based on the non-aggression principle and natural law theory.

We have also seen that there are differences between libertarians. A libertarian minarchist is
one who believes that the government plunges the population in the form of tax, but that this
plunder is somewhat legitimate when used to perform some essential functions in society.
Rothbard pulls the libertarian principle of non-aggression to its ends, concluding that the state
has no right to exist because it continuously damages people's natural rights.

The idea that an anarchist society does not have to fall into chaos rests on the concept of
spontaneous order. An application that arose out of spontaneous order is the Bitcoin
- 388 -
blockchain. There is no central party that regulates the Bitcoin blockchain, yet there are rules
and protocols within the blockchain. Decisions about the rules and protocols within Bitcoin are
made by the community. In addition, you are not forced to use Bitcoins. Governments, on the
other hand, can oblige you to use their national currency. They do this, for example, by having
you pay tax in their national currency. For example, many parallels can be drawn between
cryptoanarchism, cypherpunk and Bitcoin.

Comments you can now explain


• Bitcoin has been strongly influenced by the cryptoanarchists and cypherpunks who want to
make governments more transparent and offer the people more privacy.
• Cypherpunks are practical idealists.
• Cryptoanarchism is based on libertarian anarchism.
• There are many parallels between the cryptoanarchist ideals and the Bitcoin blockchain.
• According to libertarians, an anarchist society need not lead to chaos.

Glossary of Terms
Anarcho-Capitalism: The philosophy that endorses an anarchist society without government
and with a completely free market.

Cryptoanarchism: The philosophy that endorses the realization of anarcho-capitalism in


cyberspace.

Cypherpunk: A person who applies cryptography to bring about social changes. Cypherpunks
value transparency of power systems and privacy for the people. They are often strongly
libertarian in nature and some, like the founders of the Cypherpunk movement, are
cryptoanarchist.

Economic resources: Production and trade to acquire ownership of goods and services. Franz
Oppenheimer believes that these are peaceful means that are widely accepted in society.

Extended order: An extensive productive order that is not centrally controlled. This arises
spontaneously in a free market.

Libertarian Anarchism: The philosophy that endorses an anarchist society based on a


completely free market and strict property rights. See also anarcho-capitalism.

Libertarian anarchist: One who adheres to the philosophy of libertarian anarchism.

Libertarian minarchist: Someone who believes that the government still has basic functions in
society, but where possible leaves the free market alone.
- 389 -
Night watchman state: A state in which the government only takes on the basic tasks such as
defence, law and police.

Natural law: Right that a person has by nature. According to libertarians, all people naturally
have the right to self-determination.

Non-aggression principle: The principle that you should not use violence against people who do
not use violence against you. This is about damaging someone else's natural rights. Should
another person commit violence against you, you have the right to protect yourself.
Libertarians adhere to the non-aggression principle.

Political means: According to Franz Oppenhemier, this is a violent way to acquire ownership
over goods and services. Examples of political means are inflation and taxes.

Spontaneous order: Order that arises spontaneously without interference from an authority.
Examples of spontaneous order are language and the Bitcoin blockchain.

Voluntarism: See libertarian anarchist.

Voluntary Association: The right to associate yourself with something. According to libertarian
anarchists, you may associate yourself with a political community and then separate from a
state. With a blockchain, voluntary association and separation can lead to a hard fork.

Right to self-determination: The right to own your own body. According to libertarians, the
right to self-determination follows other rights, such as the right to life, freedom and property.

Sources
Antonopoulos, A. (2017, September 30). Money as a System-of-Control [YouTube]. Consulted
from https://youtu.be/FyK4P7ZdOK8

Armer, P. (1975). Computer Technology and Surveillance. Consulted from Stanford website:
https://stacks.stanford.edu/file/druid:zf198qx6952/zf198qx6952.pdf

Assange, J., Appelbaum, J., & Müller-Maguhn, A. (2012). Cypherpunks: freedom and the future
of the internet. New York: Or Books.

Bitcoin Foundation. (2016). Bitcoin Foundation Manifesto. Bitcoin Foundation.

Buterin, V. (2017, March 15). Hard Forks, Soft Forks, Defaults and Coercion. Consulted on
December 23, 2019, from Vitalik.ca website:
https://vitalik.ca/general/2017/03/14/forks_and_markets.html

- 390 -
Casey, G. (2012). Libertarian Anarchy: against the state. London: Continuum International
Publishing Group.

Chaum, D. (1983). Blind Signatures for Untraceable Payments. Advances in Cryptology, 199–
203. https://doi.org/10.1007/978-1-4757-0602-4_18

Chaum, D. (1985). Security without identification: transaction systems to make big brother
obsolete. Communications of the ACM, 28(10), 1030–1044.
https://doi.org/10.1145/4372.4373

Dai, W. (1998). B-Money. Consulted from Weidai.com website:


http://www.weidai.com/bmoney.txt

Finney, H. (1992). Why Remailers I. Consulted on December 23, 2019, from Fennetic.net
website: http://fennetic.net/irc/finney.org/~hal/why_rem1.html

Freedom House. (2019). Freedom on the Net 2019. Consulted from Freedom House website:
https://www.freedomonthenet.org/sites/default/files/2019-
11/11042019_Report_FH_FOTN_2019_final_Public_Download.pdf

Hayek, F.A. (1945). The Use of Knowledge in Society. Consulted from


https://www.econlib.org/library/Essays/hykKnw.html

Hughes, E. (1993). A Cypherpunk’s Manifesto. Consulted on December 23, 2019, from


Activism.net website: https://www.activism.net/cypherpunk/manifesto.html

Levy, S. (2001). Crypto: how the code rebels beat the government, saving privacy in the digital
age. New York: Viking.

Locke, J. (1689). Second treatise of government: an essay concerning the true original, extent
and end of civil government. Arlington Heights: Harlan Davidson.

Marx, K., & Engels, F. (1850). The Communist Manifesto. London: Vintage Classic.

May, T. (1994). Crypto Anarchy and Virtual Communities. Consulted on December 23, 2019,
from Mit.edu website:
http://groups.csail.mit.edu/mac/classes/6.805/articles/crypto/cypherpunks/may-virtual-
comm.html

von Mises, L. (1920). Economic Calculation in the Socialist Commonwealth. Auburn, Ala., Ludwig
von Mises Institute.

Mullan, P.C. (2019). A History of Digital Currency in the United States: new technology in an
unregulated market. S.L.: Palgrave Macmillan.
- 391 -
Oppenheimer, F. (1908). The State: its history and development viewed sociologically. (J.M.
Gitterman, Trans.) New York: Vanguard Press.

Project Veritas. (2011). Google Document Dump. Consulted on December 23, 2019, from
Projectveritas.com website: https://www.projectveritas.com/google-document-dump

Read, L. E. (1958). I, Pencil. Consulted on December 23, 2019, from Fee.org website:
https://fee.org/resources/i-pencil/

Rothbard, M. N. (1973). For A New Liberty. Blurb.

Rothbard, M.N. (1974). The Anatomy of the State. In M.N. Rothbard Egalitarianism as a Revolt
against Nature and other Essays (pp. 55-88). Consulted from http://mises.org

Rothbard, M.N. (1978). Society without a State. Nomos, 19, 191–207.

Silver84. (2019). Ethereum community and its ecosystem: Needs-Based Theories of Motivation
approach. Consulted on December 23, 2019, from kauri.io website:
https://kauri.io/ethereum-community-and-its-ecosystem:-structural-
analysis/9a486bc098674bb6b70408334947eb93/Venona

Szabo, N. (1997, December 29). The Idea of Smart Contracts. Consulted on December 23, 2019,
from Nakamotoinstitute.org website: https://nakamotoinstitute.org/the-idea-of-smart-
contracts/
Szabo, N. (2005). Bit Gold. Consulted on December 23, 2019, from Nakamotoinstitute.org
website: https://nakamotoinstitute.org/bit-gold/

Szabo, N. (1995, September 9). VENONA Cypherpunks Archives. Consulted on December 23,
2019, from Venona.com website:
https://cypherpunks.venona.com/date/1995/09/msg01303.html

Williams, B. (2005). In The Beginning Was The Deed: Realism and Moralism in Political
Argument. New Jersey: Princeton University Press.

Zi, L. (n.d.). Tao Teh Jing. Consulted from https://spiritueleteksten.nl/wp-


content/uploads/2014/03/Tao-Teh-Jing-vertaling-door-Henri-Borel-spirituele-teksten-pdf-
download.pdf

- 392 -
- 393 -
PART III: ENTERPRISE BLOCKCHAIN
Companies trade with multiple parties in an ecosystem within a competitive and regulated
environment. They use intermediaries, such as auditors, banks and notaries. They also use
ledgers, such as a bank account, tax accounts, or recipes to track changes in ownership and
registration. To avoid errors and misuse in these inefficient processes, an inefficient internal
control system is often maintained. Partly because they do not trust all parties in their
ecosystem, they miss the opportunity to use or combine data that is available in the ecosystem.
Some companies see an opportunity to overcome these challenges with secure blockchains.
After all, with blockchain, they can be confident that the data entered across all parties is
current and correct. For example, each party in the blockchain can see when a party is updating
address and bank details, or see that a payment to a supplier is in preparation.

Blockchain applications for businesses are referred to as Enterprise blockchain in this section.
This includes not only blockchains but also Distributed Ledger Technology (DLT).179 In this
section, we describe the reasons for and how a company implements Enterprise blockchain.

To this end, we first look at how companies are organized within business models and
ecosystems in chapter 15. In addition to a description of the blockchain building blocks, we also
look at what digital data-driven models and decentralized business models are.

In chapter 16 we outline a framework of how blockchain applications can be implemented


within a company with four examples. In these examples we compare public and private
organizations with each other. We also look at the extent to which the organization is able to
implement blockchain.

In Chapter 17, we elaborate the criteria that companies can look at to decide whether to
implement blockchain. If it follows from this that there is a meaningful blockchain case, it only
makes sense to see under what conditions a blockchain is introduced. We look at different

179 In a DLT, several parties simultaneously maintain a ledger without a centrally trusted entity. A blockchain is a
DLT where the ledger is divided into cryptographically encrypted ordered data blocks. This arrangement gives the
chain of data blocks an unchangeable character and thus ensures reliability in the system. It is often set up in such
a transparent manner that data can be viewed by everyone. However, companies do not always need this and can
opt for a more closed blockchain or a DLT other than blockchain.
- 394 -
cases and split the cases into more concrete application types, so that we can see per block
type which blockchain elements are relevant.

In chapter 18, we explain the three largest blockchain platforms and consortia and discuss the
impact of consortia in more detail. We also look at the challenges that companies face when
they work with other organizations around blockchain.

This way, a logical structure is outlined with which organizations can explore practical
blockchain. Blockchain is a promising combination of proven technologies, such as
decentralized networks and cryptography. However, the application of this combination to
companies is relatively new. As a result, years of scientific research related to business
implementations are not available and we do not have a full understanding of what blockchain
applications have the potential to offer.

Part III describes these relatively new blockchain implementations without losing sight of the
potential of blockchain, but also without pretending to know what the exact impact of these
developments will be.

- 395 -
- 396 -
15. Business models

“If you are alone, don’t do blockchain, what’s the use?”


- Emmanuel Delerm (n.d.)

15.1 Introduction and learning objectives


In this chapter you will learn
• To understand the consequences of blockchain for a company per blockchain building
block.
• Basic concepts such as the business ecosystem, the environmental factors through PESTEL
analysis and the Business Model Canvas.
• the Decentralized Business Canvas Model.

Introduction
This chapter starts with an introduction of the building blocks of blockchain in section 15.2.
These building blocks are the basic elements that make up a blockchain. These building blocks
are important to understand where blockchain is useful and what to consider when developing
a blockchain application. It lays the foundation for giving examples in Chapter 16 on how these
building blocks can be used specifically in Enterprise blockchain applications.

To provide insight into where companies can use blockchain in which way, we also explain the
basic concepts of the business ecosystem (section 15.3), environmental factors (section 15.4)
and business model (section 15.5).

It makes more sense for an organization to think strategically about opportunities from the
business model and the industry than from the advantages and disadvantages of an unknown
phenomenon such as blockchain. In other words, once you know what type of company you
are, it is easy to see to what extent the opportunities that blockchain offers connect or not.
Also, making newer or stronger connections between partners is an important opportunity that
blockchain offers to ecosystems. This network thinking is reinforced by looking at both the
business model and the business ecosystem within which the organization operates.

- 397 -
The chapter also deals in section 15.6 with digital business models and in section 15.7 with the
decentralized business model canvas. All of these models are used in Chapter 16 to
demonstrate how to set up blockchain applications. This lays a foundation with which you can
estimate the consequences of blockchain for a business model or ecosystem.

We finish the chapter in 15.8 with a summary, a list of important terms and a source list.

15.2 Building blocks


The usefulness of a blockchain depends on which building blocks you enter and how these
building blocks have been adapted. The basic building blocks show themselves with a short
definition of the blockchain. A blockchain is a:

Agreed distributed database where transactions are encrypted in data blocks.

1. 2. 3. 4. 5.
Consensus Serviced Transaction Authenticity of Progressive
mechanism together overview. transactions transparent data
provides a without SPOF. and data blocks that can
consistent blocks are only be
view of the guaranteed corrected with
state of the with additional data.
database. cryptography.

Figure 129: Basic building blocks of blockchain.

Depending on what a company needs, these building blocks may or may not be adapted and
imported as a whole or in parts. For example, on the one hand, a bank can use cryptography for
linking data blocks. On the other hand, the bank does not want to keep all transaction data with
encryption anonymous when it must be able to provide transaction data to its supervisor, The
Dutch Bank.

These building blocks and their possible consequences are briefly explained as follows.
- 398 -
1. Through a consensus mechanism, the blockchain provides a consistent picture of the
state of the blockchain for all involved. If someone changes something, the others who
maintain the network see it and have to approve the change.

2. The blockchain is copied, distributed and maintained by a network of different parties.


There is therefore no Single Point of Failure. If a node removes the blockchain, a backup
can be retrieved quickly. This makes the network robust.

3. The transactions in a blockchain can be any type of data. This can be, for example,
cryptocurrency, rights, duties and information about an object. The blockchain
therefore does not only have to be a general ledger containing only financial
transactions.

4. The use of cryptography guarantees the authenticity of transactions and data blocks.
This increases the security and reliability of the blockchain. Public blockchains such as
Bitcoin are completely transparent, with the exception of so-called privacy blockchains
such as Zcash and Monero. These privacy blockchains use cryptography to protect
privacy for those involved in the transaction.

5. No data can be modified or deleted within the progressive chain of data blocks. We also
refer to this as an append-only data structure. If you want to correct data, you have to
add new data with a reference to the previous data to be changed. You also keep a
complete overview of the data history.

No intermediary is needed anymore to trust the data. The combination of the building blocks
ensures that the blockchain enforces this trust. These trusted data are directly available to all
participating parties. This stimulates the establishment of relationships between parties. This
network of collaborating partners is an important element of the business ecosystem. Valuable
elements have also been added to the classic blockchain, such as smart contracts, dApps and
tokens. Among other things, these elements ensure that agreements are automatically
enforced, that ownership can be digitized and can change ownership and that decentralized
management models can be initiated more easily.

- 399 -
15.3 Business ecosystem
A business ecosystem is a group of fully influencing partners who have relationships with each
other with regard to a product or service.180 These partners can be companies, governments,
customers or other individuals. In the following, we reason from the perspective of a company.

The company that adapts best to the environment creates the best chances of survival for itself.
The adjustment translates into value creation what a company does by jointly strengthening
relationships with other parties. The parties within a business ecosystem are therefore to some
extent dependent on each other. Within this, a company is free to cooperate with a competitor
and to strengthen each other.

A company can be part of several business ecosystems at the same time. For example, Airbnb
can work with the ecosystem of cleaning companies and the ecosystem of photographers. It is
important in the business ecosystem that certain key partners determine the value of a product
or service. It is these partners that a company specifically looks for when it is looking for new
relations or wants to strengthen its position.

The business ecosystem has different layers of participants. See the business ecosystem actors
of Moore (1996).

180 You can read more about business ecosystems in The Death of Competition: Leadership and strategy in the age
of business ecosystems (Moore, 1996).
- 400 -
Business ecosystem
Labour unions
Extended business
Trade Customers of
organizations Core business customers
Core contributors Competition
Suppliers
of Distribution channels Suppliers
suppliers Direct customers of additional
Investors Direct suppliers Products
Standardization
bodies Other
Legislative bodies stakeholders

Figure 130: The business ecosystem, based on Moore (1996).

The three layers are:


1. The core company.
2. The extended company with customers and suppliers of suppliers.
3. The business ecosystem with partners such as unions, trade organizations, investors,
governments and possibly competitors that you would not easily involve in an industry.

Within these parties there are also rules and guidelines that companies must adhere to. Think,
for example, of employment law and profit tax. Strengthening cooperation at all levels is
essential to adapt as a network or individual company to the environment.

An industry is fairly linear with suppliers looking in one direction at the customer or suppliers,
without interfering with other parties in the branch. On the other hand, a business ecosystem is
more geared to the mutual coordination of the participating parties. For example, where you
trade money for goods within the traditional thinking of a manufacturing industry, you look in a
business ecosystem to see what data or value you get back when you deliver data or value. This
creates value for both partners.

- 401 -
15.4 PESTEL
A business ecosystem functions within a changing environment where the parties have to
adapt. A well-known strategic model for mapping this environment is PESTEL.181 This stands for
the following environmental factors:
1. Politics
2. Economic
3. Social
4. Technology
5. Environment
6. Legal

Legaal Politiek

Environment PESTEL Economie

Technologie Sociaal

Afbeelding 131: Het PESTEL-model om omgevingsfactoren waarbinnen een organisatie opereert in kaart te brengen.

The elements of this model interlock. To give an idea of the environmental factors that
companies are confronted with, with regard to digital innovations such as blockchain, you can
set up a PESTEL analysis as follows.

181 Initially, this was referred to as the ETPS model by Francis J. Aguilar in his book, Scanning the Business
Environment (1967). Later this model was expanded in several ways.
- 402 -
15.4.1 Political
Politics are trying to improve the country's competitiveness by investing in the digital field.
Furthermore, efforts are being made to protect the digital identity of the individual citizen,
certainly within the European Union. Personal data must be protected and cannot simply be
stored, analysed or shared. Industrial investments are being made in digital technologies to
make the information networks of their own industry more robust. Attempts are also being
made to prevent own companies from being disrupted by the dominance of non-European
technology companies. Consider, for example, protecting the national financial service
providers of the payment innovations that social media companies such as Google and
Facebook and mobile phone manufacturers, such as Apple, are introducing to win customers
and their data.

15.4.2 Economic
Digital innovation and globalization encourage further acceleration of trade between an ever
larger network of (un) known partners and consumers. Themes such as the sharing economy
and a more dynamic, more decentralized entrepreneurial culture are cited within this.
Blockchain can provide a supporting role within both themes. Blockchain can transparently fill
unfulfilled capacity of investment goods and support citizen initiatives. It can also accelerate
the payment traffic for the rental of your home at a lower cost, or support citizens' initiatives
such as mutually arranging health insurance for the self-employed.

15.4.3 Social
Socially, it has already been cited that individual freedom has come under some pressure with
the central role technology companies and states have taken on. Blockchain can play an
important role in decentralizing power. It moves centralized control from governments and
large technology companies to citizens. Blockchain can achieve this with the help of, for
example, a Self-Sovereign Identity, more decentralized political decision-making, peer-to-peer
free education and free movement of ideas.

15.4.4 Technological
Technologically, blockchain falls within a series of innovations that together form the 4th
industrial revolution. Blockchain supports the emergence of technologies such as Big Data,
Artificial Intelligence and the Internet of Things. It also has the potential to support further
globalization and productivity growth of companies with an Internet of Value.

- 403 -
15.4.5 Environmental
Within the environment, the theme of circularity has become more central.182 Transparency in
where and how goods are produced, stored, adapted, consumed and reused offers
opportunities for a technology such as blockchain. Blockchain can serve here as a connecting
technology between the different parties in a value chain. It offers the possibility to link an
identity to each part of a product and to make this digitally tradable. Consider, for example,
linking an identity for each spiral that is in a spring mattress and that can be reused piece by
piece if the mattress goes back to the original producer.183

15.4.6 Legal
The European Union places great emphasis on protecting privacy. For example, the European
Union has introduced the General Data Protection Regulation (GDPR), which is also known in
the Netherlands as the Algemene Verordening Gegevensbescherming (AVG). As with other
technological innovations, the legislator is still somewhat cautious in setting clear frameworks,
inclusive of blockchain. The legal status of cryptocurrencies, smart contracts and Decentralized
Autonomous Organizations has not yet been established in many countries. In addition,
governments are actively tackling the financing of criminal and terrorist organizations. They do
this by, among other things, the anti-money laundering legislation184, stricter supervision of
cryptocurrency payment providers and the strengthening of the gatekeeper function of
financial institutions with guidelines on Know Your Customer (KYC) and Customer Due Diligence
(CDD).

Environmental factors can accelerate digital innovations this way. These innovations make it
easier to set up networks with partners you don't know yet, including customers and
competitors. Blockchain allows for decentralized cooperation, without a company losing its
autonomy. Blockchain offers transparency in goods flows that were previously not transparent.
It can also shield sensitive information, enforce payments between unknown partners, make
information systems more secure and support the individual's Self-Sovereign Identity, helping
people regain control of their personal data. In some areas, blockchain has already had the

182 Within circularity, a lot of attention is paid to People, Planet, Profit.


183 Netherlands Circular, Sustainable Finance Lab and Circle Economy have published a white paper called "The
Circular Service Platform" (2019) in which the potential of blockchain within circularity has been investigated.
Blockchain, as a technical-administrative infrastructure, emerged as an excellent tool for managing value within
circular networks.
184 Following the introduction of the European AMLD4 money laundering directive in 2018 and the AMLD5 in 2020.
- 404 -
opportunity to prove itself. For example, cryptocurrencies have had the necessary applications
and there is plenty of experimentation, such as with the Libra coin. In other areas, such as
smart tokens and DAOs, blockchain is primarily an experimental technology whose
consequences are unclear.

As mentioned earlier, companies and other partners where digital innovation is important
within the business ecosystem will be attracted to experimenting with blockchain applications.
Given the current unfamiliarity with the technology, these companies are likely to focus on less
risky projects with limited impact on the business model.

15.5 Business model


A business model describes how an organization, or network of organizations, wants to create
value for its customers and for itself. In other words, how do I earn money? With this business
model it tries to adapt within its business ecosystem. In addition to the business model, a
company implements a strategy of how it will create value.

You develop a business model if you have an idea for a company, or if you already have a
company, but want to renew it. You can also develop a business model to analyse how your
organization creates value, so that you gain more insight into whether you are still on the right
track.

To develop the business model, you need to answer the following four questions:
1. Who? - customers and users, segments.
2. What? - offer and value proposition.
3. How? - activities, tools, partners.
4. What does it yield? - revenue, costs, investments.

Elements that belong to these questions were put together in an overview by Osterwalder and
Pigneur to clearly outline the relevant details of a business model, so that you can test or
discuss an idea or plan. The overview is called a Business Model Canvas (BMC).185

185 For more information, see "Business Model Generation: A Handbook for Visionaries, Game Changers, and
Challengers" (Osterwalder & Pigneur, 2010).
- 405 -
How? What? Who?

What does it yield?


Figure 132: Strategyzer.com Business Model Canvas. The Business Model Canvas is licensed under Creative Commons
Attribution Share Alike 3.0. Unported License.

Within this canvas, the core is the value proposition: the part of the business model that
describes how an organization, or network of organizations, generates value (income) for itself.
This is also referred to as the revenue model. The importance of the value proposition has
already been explained under the heading about business ecosystems. By creating constant
value creation in a changing environment, you ensure that you survive in this ecosystem.

The value proposition focuses on the customer and can be found as follows:
1. Identify your customer group.
2. Describe the purpose and wishes of your customer.
3. Describe your product and the intended benefits.
4. Evaluate the match between customer and product.

- 406 -
Below you will find an example of a completed Uber business model.

Managers can use this Business Model Canvas (BMC) to get an idea of the impact of blockchain
on their existing business model, or perhaps to build a new business model. In the following, a
tip of the veil is lifted for the impact of blockchain on a general business model with the four
core questions within the BMC.186

Completed Business Model Canvas for Uber


The following example comes from Timber Haaker and Christa Barkel who both work within
the Digital Business Models & Blockchain minor from Saxion University's Business Models
and Blockchain professorships.

Figure 133: Strategyzer.com Business Model Canvas.

Attribution Share Alike 3.0. Unported License.

186 This is based on 'How blockchain technologies impact your business model' (Morkunas, Paschen, & Boon, 2019).
- 407 -
15.5.1 Who? Customers and users
Customer segments are the segments in which you can classify customers. Blockchain offers
the opportunity to make more direct transactions with a large new group of people. For
example, think of people in emerging markets who do not currently have a financial profile, or
potential customers that you can now reach through the networks of other companies within
your blockchain system.

Channels are used by the company to communicate with the customers and to reach the
customer segments. Here, blockchain potentially removes potential intermediaries, such as the
notary standing between the buyer and seller of a home. Blockchain can introduce new
channels. This is possible, for example, within a supply chain where, as a vegetable supplier to a
supermarket, you will also become known among the final customers and deliver directly to
these customers. Blockchain allows intermediaries to be removed from the supply chain,
enabling you to enter into a direct relationship with your customer.

Customer relationships describe the relationships between the company and the customer
segments. For example, in a personal conversation, a company can perpetuate the relationship
with the customer by offering help via social media or by telephone at the request of the
customer. A company can also let the customer search for digital information at a greater
distance, without further contact.

15.5.2 What? Offer and value proposition


Value propositions are all activities that create value for the customer. Blockchain can
contribute to this by providing services that were previously unavailable. Take, for example, the
South African Centbee that allows you to send Bitcoins to people in your contact list in an
inexpensive and easy way within your mobile app, regardless of where they are located
geographically. More complex property transfers, such as those of a house, can also be made in
a simpler and faster way, while providing a transparent view of the entire chain of financing,
legal ownership registration and tax payments.

15.5.3 How? Activities, tools, partners


Key resources are processes and resources that a company has to make the business model
work. The means can be physical, intellectual, financial or human. They increase customer
value, reach markets, maintain customer relationships and generate income. The question for
customers and employees is to what extent they have the right skills to work with blockchain.
- 408 -
Blockchain is a fairly technical solution that, because people are not used to it, can lead to
implementation and execution issues.

There are also core activities. These are activities you need to deliver value. For example, how
do you ensure that you can increase the quality of your product or maintain the customer
relationship? Here you can think of reducing double input of customer data now that others
within your blockchain also make this input and this data becomes transparent available to you.

Key partners are relationships such as suppliers and partners that you need to make the
business model work. Blockchain can also have a significant impact here, such as when using
FinTech companies instead of banks for payment transactions, contacting new suppliers and
other parties in an open transparent cross-border supply chain or bypassing an intermediary
such as a notary. Consider which roles are needed to create and deliver a new service, and
which parties want and can work together to take on these roles. Here, too, it is important to
distinguish the critical roles and partners from each other.

As previously indicated, managing relationships with the right partners is an important factor
for value creation within business ecosystems. It is precisely within blockchain as data-driven
digital technology that it can help to establish a partner value matrix. Such a matrix clarifies the
mutual benefits of a partnership or collaboration. For this you identify the most important
partners, describe what a partner contributes and what the partner gets in return from the
relationship.187

15.5.4 What does it yield? Revenue, costs, investments


Income streams are the revenues generated by sales. For example, blockchain companies can
issue tokens to acquire funds. Tokens can also be issued to use blockchain platforms like gas is
used with Ethereum. In addition, you can use them as money, as is the case with Bitcoin. Crypto
tokens enable a company to make direct payments in an accessible way. Due to the low
transaction costs, pay-per-usage or payments for advertisements and sponsorship are possible.

Ultimately, the cost structure describes all costs that a business model has. Blockchain can
potentially reduce costs of, among other things, transactions, intermediaries and the costs of

187 More information about the partner value matrix can be found at https: // business
modellab.nl/tools/partnerwaarden-matrix or via https://innovalor.nl/.
- 409 -
risks of unreliable partners or purchased materials. With blockchain, you can make the
transaction history and reputation of suppliers transparent, so that you can choose the most
reliable partner and thus save the long-term costs of late delivery or incorrect quantities.

With regard to costs, there is also the question to what extent a new blockchain system can
connect to current IT systems. To what extent are the database structures aligned to enable
direct communication between the systems?

Given the possibilities for increasing cooperation between partners, consideration should also
be given to how investments, costs and revenues are distributed among the parties.

So much for the classic business model. In the following sections we will discuss the digital
business model.

15.6 Digital business model


In addition to more complete business ecosystems with a strong digital component, there are
specific business models that have data innovation at the heart of the strategy: data driven
business models. Data is used to create value through, for example, big data analyses and
artificial intelligence. This data is created and shared with relevant partners. Logically, this
offers opportunities for blockchain, because it can coordinate the data within an entire
ecosystem. An example of a data driven business model is PatientsLikeMe, an online platform
in which patients share each other's experiences to improve the results of their treatments.

In line with data-driven models, there are business ecosystems that rely heavily on data and
digital technology to create value. It is precisely for these types of models that digital
innovations such as blockchain play an important role in adapting to the environment and
perhaps also influencing the business ecosystem. Investments are made in new ways to create,
adjust, store and use data with parties. Take, for example, an ecosystem around financial
services such as international payments. Here, Western Union, where the commissions are
sometimes as high as 8-13%, is outdone by the start-up TransferWise with 90% lower costs.
Currently, the blockchain start-up ABRA is trying to do the same by offering the same service
that is 90% cheaper than TransferWise (Morkunas, Paschen, & Boon, 2019). This development
was made possible by an environment in which digital innovation was accelerated acceptance
in the market. In addition, it also became possible because within the ecosystem there is a need
from customers (core) for such a service from indirect suppliers, such as that of an internet
- 410 -
infrastructure (extended company) and a government that has opened the legislation (third
layer) for this.

Because the service or product is digitally created and transferred within these business
ecosystems, contact with the customer can be established in an accessible manner. If a
company decides to strengthen the digital component within its business operations, digital
transformation may be necessary. It may be useful to redefine your business processes and
business model using digital technology. In this case, the central question is how to bring your
vision of the company and the business environment together with the impact of blockchain
technology. You can approach your processes and business model in two ways. On the one
hand, you can innovate step by step, perhaps because your organization is not yet ready for
disruption, because you do not want to run the negative risks, or because there are still legal
barriers that do not allow to change everything at once. On the other hand, you can disruptively
change your entire business model, which often has consequences for your ecosystem.

One type of a disruptive change is self-disrupt. The adjustment of your business model is so
disruptive that you cannibalize your own core business model. The corporate culture also
influences the digital transformation. It is important that workers are taught a digital culture,
sharpening digital skills. Such a transformation may also have consequences for the leadership
model in which innovation is initiated in a more decentralized manner, rather than from a
central leadership position.

Blockchain is a digital technology that often revolves around sharing and verifying data
between different parties. Blockchain can therefore accelerate a decentralized business model.
The next section discusses this decentralized business model.

BlockFi
BlockFi was set up by the well-known blockchain investment brothers Winklevoss and the
Ethereum affiliate software company Consensys to provide cryptocurrency loans. It has
rolled out a trading company based on zero rates. Revenue is generated instead of tariffs by
selling user information to large institutional crypto companies that provide BlockFi with
more liquidity by acting as a market maker. For more information, see: https://blockfi.com/.

- 411 -
15.7 Decentralized Business Model Canvas
Business models can be divided into different types, such as those of a manufacturer, a
distributor, an online marketplace, crowdsourcing and blockchain.

In order to reap the benefits of blockchain, it is not always necessary that the entire business
model is based on blockchain. It may also be that some of the challenges a business model is
experiencing are partly solved by blockchain. You can use the BMC to give these challenges and
solutions a place. However, the BMC is not focused enough specifically on blockchain to
perform a correct analysis. For this reason, MVPWorkshop has created the Decentralized
Business Model Canvas (DBMC), which is specifically aimed at blockchain business models.

Image 134: Decentralized Business Model Canvas (Bujošević, 2019).

The major difference between a decentralized and centralized business model is that the
former in its pure form is a public permissionless system, set up by several individuals who
don't need to know each other. Governance is set up in a decentralized manner by the public,
data is stored in a decentralized manner and communication between the various parties takes
place peer-to-peer. This is the most open form of a blockchain. A company is free to adjust the
building blocks of blockchain itself. With a centralized system, a central organization makes the
decisions.

In a decentralized business model, sales are often shared among those who contribute the
most to the network and the costs of using the platform are very low - for example, with the
social blogging blockchain platform Steemit.
- 412 -
Decentralization of the business model can take place at different levels. McKie (2017)
describes two ways:
1. Decentralized Business Models with low or no dependence of intermediaries.
2. Decentralized Business Models with some dependence of intermediaries.

This is as decentralized as possible, preferably including decentralized governance and the


possibility for everyone to participate in consensus and obtain tokens through a consensus
mechanism such as Proof-of-Work. In the second case, a closed private network is used earlier.

For the DBMC we also look at the same four core questions that have been asked for BMC.

15.7.1 Who?
This time, in addition to customers, key partners or users, mainly different types of
stakeholders come forward (01). With blockchain, you can turn any party or partner that
creates value into a stakeholder by making tokens available. 188 If a blockchain's crypto economy
is properly designed, a token holder will be self-interested in value creation and motivated
more quickly to exhibit behaviour that is in line with the strategic direction. The advantage of
this is that you develop an involved ecosystem. After all, the token holder sees himself as a co-
owner of the project, regardless of his role as a programmer, investor or customer. This is a
substantial difference with central parties where roles are often more separate, such as the
roles of a shareholder, an employee or a customer. A decentralized business model will make
the relationship with key partners, unknown partners and other stakeholders even more
numerous and dynamic.

An IoT device may also play a role in the 'who' in the future. Consider, for example, a self-
driving car that is owned by multiple parties and autonomously carries out trips for customers.

In addition, network governance and interaction channels also deal with the "Who" question,
such as how decisions are made within the network and how arbitration takes place. (07) What
are the best channels to communicate with key users and partners? (08) Token holders and
validators could contribute (pseudo) anonymously to the decisions of the network. Due to the
peer-to-peer nature, the network also offers the opportunity to communicate directly with all
stakeholders.

188 A token can be expressed in, for example, cryptocurrencies, loyalty points or shares and may or may not pay
dividends
- 413 -
15.7.2 What?
To see the opportunities of a value proposition (02), a trade-off can be made between
centralization and decentralization. An analysis of these trade-offs shows where blockchain has
the most value.

Image 135: Decentralized Business Model Canvas (Bujošević, 2019).

Here it is again important to look at the value that is created by all parties involved in the
ecosystem.

15.7.3 How?
What does the proposed solution look like? (03) Here the architectural technology and ICT
component are emphasized more than at the BMC, such as the roles of the nodes, the way
information is stored and the cryptographic and consensus components.

What mechanisms do we use to gain trust between the stakeholders? (04)

What are the rewards for validators to join the network and help validate data blocks? (05)
Various incentive mechanisms have already been mentioned in part I of the book.

15.7.4 What does it yield?


What are the costs? (06) The decentralized business model can be relatively easily, quickly and
cheaply financed through crowdfunding. The costs of maintaining the network are also spread
over a network of different stakeholders.

In addition, the ways in which sales can be generated should also be taken into account.189 (9)

189 Cases performed by MVPWorkshop are described in "Celsius Network: Product Case Study (MVPWorkshop,
2019).
- 414 -
much for the introduction to business models and their elements. In the next chapter, these
models are filled in with examples of blockchain applications in different sectors.

15.8 Summary, terms and sources


Summary
In this chapter you will learn to know digital and data-driven business models.

Once you know what type of business you have, it is easier to see to what extent the
opportunities that blockchain offers connect or not. The opportunities and challenges of
blockchain, and other external developments, are looked at through a model with
environmental factors. To give a picture of the environmental factors that companies are
confronted with, with regard to digital innovations such as blockchain, you can perform a
PESTEL analysis. PESTEL stands for:
1. Political
2. Economic
3. Social
4. Technological
5. Environmental
6. Legal

The business model can be developed on the basis of a Business Model Canvas (BMC), in which
you have to answer the following four questions:
1. Who? - customers and users, segments.
2. What? - supply and value proposition.
3. How? - activities, tools, partners.
4. What does it yield? - revenues, costs, investments.

The company's value proposition is central to this.

An important place within the BMC is occupied by networks of connected partners. These
ecosystems consist of a core company, the extended company and the business ecosystem,
including unions, governments and competitors.

- 415 -
The digital data-driven business model is relevant for blockchain. Within these models, data
is used to create value. This data is created and shared with partners in the ecosystem.
Blockchain can better coordinate the data flows within an ecosystem of trusted or untrusted
partners.

In addition, the Decentralized Business Model Canvas (DBMC) is introduced as an adaptation of


the BMC. A public permissionless system is the most relevant example for a blockchain
adaptation. A topic such as the combined role of token holders as a user, validator, employee
and owner finds a place in this. Other blockchain adaptations using this decentralized model
are possible. For this, companies can adjust the building blocks of blockchain to their own
needs.

Comments you can now explain


• You must first understand and master your business ecosystem before implementing a
blockchain that fits within the ecosystem.
• Blockchain offers an opportunity to digitize ecosystems.
• Blockchain ensures an increase in data-driven business models.
• Where blockchain has a dominant influence, it makes sense to use a Decentralized Business
Model Canvas.
• Decentralized thinking, with the arrival of token holders and validators, the relationships
within an ecosystem and business model are changing.

Glossary of Terms
Append-only data structure: Data structure where no data can be modified or removed. If you
want to correct data, you have to add new data with a reference to the previous data to be
changed.

Business ecosystem: An ecosystem of influencing partners who have relationships with each
other around a product or service.

Business Model Canvas (BMC): A method to clearly lay out the relevant details of a business
model, so that you can test or discuss an idea or plan.

Businessmodel: Een businessmodel beschrijft hoe een organisatie, of netwerk van organisaties,
waarde wil creëren voor haar klanten en voor haarzelf.
communiceren met de klanten en om customer segments te bereiken.

Business model: A business model describes how an organization, or network of organizations,


wants to create value for its customers and for itself.
- 416 -
Data-driven business model: Business model in which data is central to creating value. For
example, the business model is driven by big data analysis and artificial intelligence.

Decentralized Business Model Canvas (DBMC): Method to clearly lay out the relevant details of
a blockchain business model, so that you can test or discuss an idea or plan.

Income Flows: Income generated by sales.

Channels: In een Business Model Canvas betreft het de Channels voor een bedrijf om
Channels: In a Business Model Canvas it concerns the channels for a company

Core Activities: Activities you need to obtain value.

Key partners: Relationships like suppliers and partners that you need to make the business
model work.

Customer Relationships: Relationships between the company and the customer segments.

Customer segments: Segments in which you can divide customers.

Cost structure: Structure of all costs that a business model has.

Partner Value Matrix: Model to be completed that attempts to bring out the mutual benefits of
a partnership or partnership.

PESTEL: Model to investigate environmental factors for a business model with the themes of
politics, economy, social, technology, environment and legal.

Self-disrupt: Type of disruptive change in which a company cannibalizes its own core business
model.

Earning model: See value proposition.

Value proposition: The part of the business model that describes how an organization, or
network of organizations, generates value (income) for itself. This is also referred to as the
revenue model.

- 417 -
Sources
Achterberg, E. (2019). The Circular Service Platform: A technical-administrative infrastructure
for managing value in circular networks. Consulted from
https://circulareconomy.europa.eu/platform/sites/default/files/the_circular_service_plat
form.pdf

Aguilar, F.J. (1967). Scanning the business environment. New York, Macmillan.

Bujošević, V. (2019, July 22). Decentralized Business Model Canvas # 1. Consulted on December
23, 2019, from MVPworskhop.co website:
https://mvpworkshop.co/blog/decentralized-business-model-canvas-1/

Franch, X. (2015). Business and Software Ecosystems: How to model, analyse, and survive!
[PowerPoint slides]. Consulted from https://www.slideshare.net/xfranch/re-2015-
ecosystems-tutorial

Haaker, T., Bouwman, H., Janssen, W., & De Reuver, M. (2017). Business model stress testing: A
practical approach to test the robustness of a business model. Futures, vol. 89, pp. 14-25,
10.1016/j.futures.2017.04.003.

McKie, S. (2017, September 30), Investing in Tokens and Decentralized Business Models. Learn
the Details behind this impending entrepreneurial Paradigm Shift. Consulted on December
23, 2019, from Medium website: Source: https://medium.com/blockchannel/investing-in-
tokens-and-decentralized-business-models-e7629efa5d9b.

Moore, J. F. (1996). The Death of Competition: Leadership and strategy in the age of business
ecosystems. John Wiley & Sons.

Morkunas, V. J., Paschen, J., & Boon, E. (2019). How blockchain technologies impact your
business model. Business Horizons, 62(3). https://doi.org/10.1016/j.bushor.2019.01.009

Nederland Circulair, Sustainable Finance Lab, Circle Conomy. (2019). The Circular Service
Platform: A technical-administrative infrastructure for managing value in circular
networks. Consulted from https://circle-economy.com/circular-service-platform

Osterwalder, A., & Pigneur, Y. (2010). Business model generation: a handbook for visionaries,
game changers, and challengers. John Wiley & Sons.

Strategyzer. (n.d.) Business Model Canvas. Consulted on December 23, 2019, from
Strategyzer.com website: https://www.strategyzer.com/canvas/business-model-canvas

- 418 -
- 419 -
16. Enterprise blockchain applications

“The economist Hernando de Soto told us that only one third of all people can
prove they own their land. Apart from the legal uncertainty, there is $20 trillion
in dead capital, as land with unexplained legal titles cannot be sold. So we told
him, ‘Find us such a country and we bring the land register to the Blockchain for
free.’ And that was Georgia.”
- Marc Taverner (2017)

16.1 Introduction and learning objectives


In this chapter you will learn
• The Saxion Blockchain Model to assess where opportunities for business models lie in
implementing blockchain.
• Applications of blockchains in sectors where most of the developments related to
blockchain are currently taking place.
• Applications of disruptive decentralized blockchain models for which barely existing
business models are known.

Introduction
This chapter outlines a model to assess the opportunities for business models currently working
on blockchain applications. Reasoning from an actual application provides us with insights into
how blockchain building blocks can be used. The description of the applications defines basic
terms and non-financial indicators that help evaluate the situation in which a company has
conceived a blockchain application, the extent to which the company is able to implement it
and the impact of this application.

This chapter describes the following four deployed applications:


1. Banking and Finance by ICE Bakkt and BitShares (section 16.2).
2. Government and Public Goods by Lantmäteriet and Land Layby (section 16.3).
3. Manufacture by BMW and VeChain (section 16.4).
4. Prediction market by PredictIt and Augur (section 16.5).

- 420 -
Within each example, an organization with a central business model is compared to an
organization that pursues a radically innovative decentral model. The first two examples were
chosen based on a study by Hileman & Rachs (2017). They reviewed 132 DLT use cases and
segmented them into sectors. 190 The image below, which is taken from the study, shows that
30% of the use cases fall within the Banking and Finance sectors and 13% in Government and
Public Goods.

Figure 136: Overview of 132 DLT use cases and which sectors they fall into (Hileman & Rauchs, 2017).

The other two examples, Manufacturing and Prediction market, were chosen for the following
reasons:
1. Manufacturing to indicate how different parties use blockchain in a larger ecosystem.
2. Prediction market as an example of a service that can completely disrupt existing
business models thanks to the development of blockchain technology.

The applications are described within the Saxion Blockchain Model using the following tools:

190 DLT stands for Distributed Ledger Technology. DLTs use distributed ledger technologies, but they don't
necessarily have to be blockchains. Hashgraph, Holochain, Directed Acyclic Graph are not blockchains, but are
DLTs. Blockchains are a subset of DLTs.
- 421 -
A. External developments affecting the business model in accordance with the PESTEL
method.
B. Business Process including the most relevant characteristics of this process and the
purpose that the blockchain implementation would serve.
C. Business ecosystem actors to show which partners the company has.
D. Heat map business model elements in which the influence of external developments
is shown on the business model. This allows more insights to be gained about
opportunities and challenges for the company.
E. Details of the solution in which the incremental solution is compared with a
disruptive model in various areas, as well as where blockchain offers opportunities to
enter into and deepen relationships within the ecosystem.
F. Blockchain Readiness score that assesses the extent to which the organization is
ready to implement blockchain.
G. Expected impact of blockchain. This indicates the expected usefulness of blockchain
and where the challenges lie in its introduction.
H. Blockchain Innovation score to indicate the extent to which the company is
experiencing incremental versus radical innovation, based on which the chances of
value creation of the business model can be estimated.
I. Blockchain Implementation Risks that look at risks specifically associated with
blockchain projects.
J. Conclusion.

After the various blockchain implementations have been discussed, the chapter concludes with
a summary, a list of important terms and a source list.

There have been no comprehensive implementations of blockchain yet, the consequences of


which on the business ecosystem have been extensively investigated. Because scientific
research is not widely available, we have mainly put the following into practice on the basis of
existing cases.

16.2 Banking and Finance


Banking and Finance is the largest sector where blockchain is applied. Since blockchain was first
used to transfer value to others quickly, cheaply and without the intervention of third parties, it
is not surprising why blockchain is very disruptive for this industry. After all, Satoshi Nakamoto
also saw the need to disrupt this sector. The cases that we will analyse for Banking and Finance

- 422 -
are ICE Bakkt and BitShares. Bakkt is a platform on which Bitcoin futures can be traded and
BitShares is a decentralized trading platform on the blockchain.

A. External developments
From the aforementioned external developments of PESTEL, the factors below influence the
business model of financial institutions the most. These developments are presented in a heat
map that can indicate influences from external development in four ways:

Red Challenging development with clear influence on the business model, action required.

Orang Development with possible influence on the business model, more research needed.

Green Promising development with possible positive influence on the business model, action required.

Grey Development does not affect the business model.

The description of the following business models only describes the main challenges and
opportunities for the sake of clarity. In general, the following important developments apply to
Banking and Finance.

Political
Challenge: urge to manage systemic bank risks by stimulating competition on the one hand, but
regulating Big Tech on the other. In this light, also consider the discussion about Libra as an
alternative to national currencies and as an instrument for Big Tech to enter into financial
relationships with customers.

Economic
Challenge: New competitors such as FinTech and Big Tech are entering the market with digital
innovations and financial services, threatening to take over customer relationships. As a result,
the traditional value chain is being replaced by ecosystems, in which different parties that
previously did not cooperate are linked together.

Opportunity: Financial service providers see opportunity in tokenization and fractionalization of


all types of assets. Emergence of decentralized blockchain business models. Trading in crypto
assets is increasing significantly.

- 423 -
Technological
Opportunity: Blockchain has been around since 2009 and is stable enough to create significant
value in specific financial services, given the high volume of value transfers. While there are
already several applications to store and trade crypto assets, the potential market for financial
services is so great that there are still many opportunities here. There is room for even more
widely used applications. In addition, there is also the possibility that blockchain technologies
will obviate the way some current financial services are delivered. Consider, for example, the
avoidance of Payment Service Providers when payments are made peer-to-peer.

Challenge: Blockchain technology is not yet fully trusted by large financial institutions that also
have to deal with legal supervision.

Legal
Challenge: In some countries, political pressure is exerting to outlaw decentralized peer-to-peer
networks. See, for example, the U.S. Securities and Exchange Commission (SEC) that does not
allow public blockchain initiatives in financial services without KYC / AML.

Challenge: The law emphasizes the protection of personal data and the gatekeeper function of
financial service providers. Crypto tokens, blockchains, smart contracts and DAOs also have
unclear legal status in many countries. In addition, there is also the lack of legal supervision
with ICOs or DAOs. Public blockchain systems do not act in accordance with national law. Some
regulators do not allow the direct use of cryptocurrency by large financial institutions.

Challenge: you do not want the invariability of transactions through supervision in some
countries. You also sometimes do not want that crypto accounts cannot be seized.

Relevant financial services, where blockchain has a greater influence, are payments, securities
trading, national currency, cryptocurrency, financing and crowdfunding.

B. Business process, characteristics and purpose of blockchain trading in cryptocurrencies and


digital assets
The example described here is securities trading, cryptocurrency trading and the use of this
cryptocurrency in payment transactions. We describe the current business process, the purpose
of the blockchain and the characteristics of the value chain for ICE and BitShares.

- 424 -
The current securities business process is as follows:
1. A seller has a certificate of ownership that is physically held and administered by a
custodian.
2. A buyer places an order that is placed with his broker.
3. The broker tries to negotiate a transaction with the selling brokers on the stock
exchange.
4. The brokers of the seller and buyer agree on a transaction and confirm this with the
buyer and seller.
5. A clearinghouse then ensures that the transaction between both parties is processed
administratively.

When trading cryptocurrencies, an order can be placed on the blockchain without


intermediaries such as a broker, custodian and clearinghouse. Part I also explains the current
payment process and the option to pay with different wallets and cryptocurrencies.

For the sake of convenience, we will only list the main characteristics of securities trading
within the current setup below, i.e. without the use of blockchain. Cryptocurrency trading and
payment transactions complement:
1. Financial ownership is transferred between professional parties in high volumes.
2. The property mainly consists of unique digital assets with underlying paper documents,
such as contracts.
3. The transfer takes place both manually and digitally within a complex administrative
process in which mutual coordination of data plays a major role.
4. There is a lot of regulation of the service. Parties know each other and are obliged by
law to support complex KYC processes.
5. The intersection of high profits, high process complexity and great automation
opportunities encourage new competition to join through innovative services.

C. Business ecosystem actors


In the following, a company is used that is looking for an opportunity to apply
blockchain within this value chain. For this we look at the company Intercontinental
Exchange (ICE), the parent company of the New York Stock Exchange (NYSE),
among others. ICE would like to take advantage of the opportunities that blockchain offers to

- 425 -
further expand the financial services, including trading in Bitcoin futures and other digital
property.191

The main actors within the ICE business ecosystem are shown in the following table.
Core Large financial institutions and their own exchanges and clearinghouses. In
business addition, custodians and brokers. Shareholders in the public market.
Extended Customers of the parties mentioned under core business.
business
Competition with other exchanges such as NASDAQ, but also online crypto
Business eco trading platforms such as eToro and Coinbase.
system Securities and Exchange Commission (SEC), Federal Trade Commission,
Commodity Futures Trading Commission (CFTC), Federal Reserve and other
regulators.
Table 9: Actors within the ICE business ecosystem.

D. Heat map business model elements


Each PESTEL development examines where the major challenge or opportunity now lies for the
current ICE business model. Normally a company takes 3 to 4 PESTEL elements for this. For ICE
we take two developments that we deal with within a BMC: one challenging and one promising
development.

On the one hand, volumes in cryptocurrency trading are growing, while there are not yet widely
used legal applications to store and trade crypto assets outside of peer-2 peer networks. On the
other hand, the regulator does not allow cryptocurrencies to actually be provided as a
termination of cryptocurrency derivatives such as Bitcoin futures. Based on these
developments, the business model can be interpreted as follows.

191 Bitcoin futures contracts are legal agreements to buy or sell Bitcoin at a specific price at a specific time in the
future.
- 426 -
Increasing trade Prohibition supervisor
Who? People who invest in Not being able to tap into new
customer segments cryptocurrencies, retailers and their customer segments.
end customer.
What? Offer Bitcoin futures through trusted Currently destructive. Opportunity
value proposition professional parties. to circumvent the ban opens up
new opportunities.
Who? Current partners, Bitcoin blockchain,
Channels widely used digital customer
applications such as wallets via web
and mobile applications and debit
cards.
customer Integration of online accounts, wallets
relationship and debit cards.
What? New services and products.
yields
How? Trade in crypto currency and data
core activities sharing.
people & Innovative knowledge, information
resources system, software protocols, internal
controls and the like.
key partners Public blockchain stakeholders, data Supervisors including Securities
systems, blockchain enthusiasts, and Exchange Commission (SEC),
software suppliers, investors and Federal Trade Commission,
token holders. Commodity Futures Trading
Commission (CFTC) and the
Federal Reserve.
What? Requires investment in new Risk management, mainly legal risk
costs knowledge and IT systems to use management.
blockchain.
Table 10: ICE completed business model.

From these developments there is an opportunity to come up with


a solution that is acceptable to the regulators, with which ICE can
expand its financial services, including trading in Bitcoin futures and digital ownership. ICE
founded Bakkt in 2018 for this purpose.

In 2019, Bakkt received the necessary approval from regulators such as the American
Commodity Futures Trading Commission (CFTC). The regulators wanted Bakkt to be able to
seize crypto funds. Bakkt holds the private keys of customers for this. In accordance with the
- 427 -
law, Bakkt will handle Bitcoin futures by providing Bitcoins where competitors will still trade the
futures with cash. For this Bakkt uses the Bitcoin blockchain, the Microsoft Azure platform and
the custodian BNY Mellon Bank. 192 In time, Bakkt wants to roll out an application that allows
smaller customers or end users to exchange various cryptocurrencies and digital property
directly against national currencies in order to buy or sell products and services. To this end,
Bakkt is working with Starbucks and Microsoft and its suppliers on applications with which a
customer can, for example, pay for a coffee in a Starbucks café.

The ICE trajectory is further elaborated in the following. Where relevant, the solution is
compared to a public blockchain initiative to show the comparison between an incremental
innovation, in which centrality still plays a role, and a radically innovative model. This way, an
attempt is made to clarify the consequences of further decentralization in the future. In this
case, ICE Bakkt is compared to BitShares.

BitShares is a DAO trading platform where anyone without KYC


can create an account, create tokens and trade cryptocurrency
peer-2-peer. BitShares is also known as a Decentralized Exchange
(DEX). These tokens don't just have to be cryptocurrencies. They can also represent, for
example, art, real estate, concert tickets and working hours. The goal of BitShares is to set up
broad financial services for trading, payments and investments. BitShares actually does what
Bakkt aims for, but on a blockchain.

192 In this case, the custodian retains both digital ownership and the private and public keys.
- 428 -
E. Detail of the solution
Here Bakkt's solution is explained in detail and compared with BitShares on the main points.

Service For the time being trading in Bitcoin Trade in all digital assets
futures. and payments.
Governance Central organization. Private, closed, Decentralized
permissioned, owned by publicly organizations. Public open
listed company. Bakkt retains detailed permissionless with central
customer information about committee, witnesses,
transactions and the like, which workers, token holders and
means that information asymmetry support from a foundation.
remains. Agreement with supervisors. Does not have legal status
as a DAO.
Technical Bitcoin blockchain, Microsoft Azure C ++ programming language
solution and own information system. for the Graphene
blockchain.
open source No, but yes as Bitcoin token holders. Yes
consensus mechanism No, but yes as Bitcoin token holders. Delegated Proof-of-Stake.
smart contracts no Yes
dApps No, but yes as Bitcoin token holders. Yes
SSI of digital identity Digital identity Digital identity
blockchain of alternative No, but yes as Bitcoin token holders. Blockchain
DLT
Unchangeable data No, but yes as Bitcoin token holders. Yes
Transparent data No, but yes as Bitcoin token holders. Yes
Tokens / rewards
Validator reward No, but yes as Bitcoin token holders. Yes
Payment / native token nee BitShares
Digital property token Initially Bitcoin. Can be created on the
platform.
Fractionalization nee Yes
Table 11: Bakkt's solution compared to BitShares.

The ICE ecosystem becomes more dynamic with the arrival of Bakkt. It gives the possibility to
obtain data from the customers of relations such as Starbucks. It also gives the opportunity to
involve suppliers with suppliers, such as application developers for the Microsoft Azure
- 429 -
platform, and to create a possible future interface with private and public blockchains. It also
trades with Bitcoin token holders, who will form a new ecosystem in the future. The number of
competitors is also increasing with companies such as other digital trading platforms such as
eToro, Binance, Circle, Huobi and BitShares. In addition, the rollout of new services can
potentially make the ecosystem many times more dynamic. This can trigger a network effect.

The BitShares ecosystem consists of a group of customers, investors and suppliers, all of whom
can also be BitShares token holders. The latter facilitates governance at first sight. Within
BitShares, token holders combine multiple roles, including that of promoter, customer, investor
and supplier of, for example, software skills. The competition is no different from Bakkt's,
although it will run faster against competition within the blockchain domain. BitShares has
partnerships with professional private non-blockchain companies, disruptive technology
companies and other Graphene-driven organizations and EOS.

In light of ecosystems, Bakkt itself acts as an intermediary between the public blockchain and
private parties. Bakkt also still acts as an intermediary with roles as exchange and
clearinghouse. BitShares attempts to take away these roles and puts the governance in the
hands of delegates elected by token holders.193

The business case towards both traditional competition and blockchain competition for Bakkt
has already become clearer when discussing red and green PESTEL developments. The
important difference between Bakkt and BitShares is that Bakkt backs up ICE as a strong reliable
party with known software. The directors are also known by name and reputation at Bakkt,
which is not necessary at BitShares. So in the end, it provides transparency and confidence to a
market that many don't yet understand. Thus, the benefits that come from the decentralized
nature of blockchain are not fully used - something BitShares does. Furthermore, Bakkt tries to
create greater ease of use by integrating the application with various massively adopted
systems from, for example, Microsoft.

193 BitShares uses Delegated Proof-of-Stake as explained in section 6.4. New blocks are produced by witnesses and
the governance is in the hands of delegates.
- 430 -
F. Blockchain Readiness score
The central question here is to what extent the business case is sufficient to choose blockchain
as a solution. This question is answered with a Blockchain Readiness Score. This score was
obtained by attaching a score to a set of questions surrounding the digital strategy, the process
flow, the ecosystem and the technical readiness. In this case, ICE does not implement a full
blockchain solution, but integrates the use of an existing public blockchain system. The table
has been filled in with the idea that ICE Bakkt trades Bitcoin futures. Given the background of
BitShares as a public blockchain system, a comparison with BitShares has little added value here
and is therefore not created.

(1 = absolutely not, 5 = absolutely) 1 2 3 4 5


Digital innovation is part of the strategy. 5
Different parties share data. 4
These data and their transactions concern monetary value. 5
The data are confidential 5
Different parties edit data. 5
Data must be verified. 5
There is a clear Return on Investment to be calculated, and this is 5
sufficient in this case.
Verification is complex, cost and or time-increasing. 5
The solution to choose blockchain is the simplest opportunity to 5
overcome the problem.
The solution influences the existing organizational structure. 5
The solution affects the existing workflow. 5
The solution affects the existing ecosystem. For example, there is no 1
intermediary with a central position.
The technical solution is close to or can be integrated with existing 4
systems.
The solution is data intensive but scalable. Think in differences of 1k, 5
10k, 100k, 1 million or> 10 million transactions per hour.
Blockchain Readiness score Bakkt 64 / 14 = 4,6
Table 12: Bakes Blockchain Readiness Score.

- 431 -
The table shows that ICE has a Blockchain Readiness Score of 4.6. The minimum score is 1 and
the maximum score is 5.

4,6

With a score of 4.6, ICE seems ready to introduce blockchain, which is not surprising because
Bakkt was specifically started as a blockchain initiative by ICE. However, it has not introduced a
full blockchain solution in this case. It currently only trades Bitcoin futures within the existing
business model. In the long term, it is expected that Bakkt will further integrate with other
public blockchain systems. Perhaps blockchain will eventually be used as an underlying data
infrastructure, completely avoiding intermediaries. The next step in this direction is to develop
a wallet application that allows customers to directly use their digital property to purchase
services and products from retailers within the Bakkt ecosystem, such as Starbucks.

G. Expected impact blockchain


Based on the previous models, you can estimate the impact expected when blockchain is
introduced. Because the impact of blockchain on ICE is more transparent when we compare it
to BitShares, these two projects are juxtaposed in the following table.

- 432 -
Increase in turnover New services with possible Intrusion new market. Involve new
upscaling of other services, such as customers.
fractionalization.
Increase in data Obtain potentially new data thanks
to combination with Starbucks.
Network effect Ecosystem of various new partners The role of token holders as agents of
with the possibility to scale up the the company could accomplish this, but
'partners of partners'. This leads to the network effect is yet to prove itself
more data that can be combined and here.
analysed, which in turn leads to an
increase in turnover.
Risk reduction Increased risk because custodian
also stores public and private keys
and transactions on the Bitcoin
blockchain cannot be reversed.
Working capital Possible advantage in netting
purchase and sales orders. Possible
disadvantage because capital is
stuck in purchased Bitcoin.
Identity management Anonymity and autonomy within
own DAO.
Governance Token holders with all key roles
united in DAO.
Disintermediation Bypassing intermediaries, such as
clearing house.
Safety Use of private network for
scalability, but at the expense of
security.
Legal compliance Rigging the disadvantage of an Threats to public blockchain
internal control system to be able systems such as BitcoinSV and
to work with public blockchain. BitcoinCash developing
applications using Bakkt as a legal
example to operate in accordance
with laws and regulations.
Experimenting with ICE Bakkt is slowly scaling up the
technology use of the technology.

Table 13: Expected impact of blockchain on Bakkt and BitShares.

- 433 -
H. Innovative power
The central question here is to what extent this concerns incremental versus radical innovation.
This is relevant for the implementation and the possible returns and costs that the model
brings. This question is answered with the following table. Each sub question has a number of
points to be earned, which ultimately lead to a Blockchain Innovation Score. This time the table
has only been completed for Bakkt.

(1 = not at all, 5 = absolutely) 1 2 3 4 5


Degree of decentralization. 1
Tapping into a new market or an existing market. 5
Use of new processes. 4
Use of new stakeholders within a new ecosystem. 4
Bypassing the intermediary. 1
Technical innovation: uses SSI, tokenization, smart contracts, new 3
consensus mechanism, new technical workflow.
Blockchain Innovation score Bakkt 18 / 6 = 3
Table 14: Bakkt Blockchain Innovation Score.

The minimum Blockchain Innovation Score is 1 and the maximum score is 5. In this case, the
Blockchain Innovation Score is 3. The initiative is therefore moderately innovative.

- 434 -
I. Implementation risk
An important question is to what extent the impact of the innovation will influence the
complexity of the implementation. This question is answered with the following table. The table
shows a set of elements that can be scored from 1 to 5. The average of the points achieved
leads to a Blockchain Implementation Score. A higher score indicates that the organization is
more ready to successfully implement blockchain.

(1 = not at all, 5 = absolutely) 1 2 3 4 5


Ecosystem is simple in the sense that there is no intermediary, 3
cooperation is geographically close to home, want to cooperate with
actors, coordinate limited number of actors.
Blockchain Readiness score. 5
Blockchain Innovation score. 3
Internal emphasis is on digital innovation: data and digital innovation are 5
central to strategy, organizational structure has proven to be able to
innovate, information systems and processes in order, technical
knowledge available.
The initiative is legal and in accordance with applicable standards / 5
guidelines.
The problem has a certain priority, but it is not a critically complex 2
process that requires (large) organizational changes.
Blockchain Implementation score Bakkt 23 / 6 = 3,8
Table 15: Bakkt Implementation Score.

The minimum Blockchain Implementation Score is 1 and the maximum score is 5. In this case,
the Blockchain Implementation Score is 3.8. The score is therefore well above average.

3,8

In this case, the conditions for a successful implementation seem to exist. The ecosystem will
want to cooperate, and the organization is internally ready to implement blockchain.

- 435 -
J. Conclusion
The previous analyses have now revealed the opportunities and challenges for the business
model, strategy and implementation. This mainly shows that ICE is not going to work more
decentralized at the moment, but it does have the opportunity to do so in the future. On the
one hand this leads to adjustments of the processes and on the other hand to an enlargement
of the market. In addition, ICE is experimenting with new partners with new technology within
an ecosystem that offers great opportunities for expanding services and products. The question
here is at what speed ICE is able to scale up the new services and to what extent it is taking
steps towards a decentralized business model, partly under pressure from decentralized
models such as BitShares.

16.3 Government and Public Goods


Government and Public Goods is the second largest sector for blockchain use cases (Hileman &
Rauchs, 2017). Indeed, there is a great need in this sector for the transparency and efficiency of
digitally developed governments and their e-Government projects that blockchain can
contribute to. The case studies that we will analyse are the Swedish Lantmäteriet and the
Kenyan Land Layby that register real estate.

A. External developments
In the description of the following business models, only the main challenges and opportunities
are described for clarity. The following important developments apply to Government and
Public Goods.

Political
Opportunity: the need to provide transparency and openness to citizens about digitization and
internet access via mobile devices.

Economic
Challenge: public institutions often still use inefficient manual processes in which paper
changes hands. This can lead to errors, omissions and duplication of data.

Opportunity: Sweden is a developed digital country with a strong growth in digital information.
Within this, the use of information via e-Government and e-services is increasing.

- 436 -
Technological
Opportunity: Blockchain as a technology offers the opportunity to safely automate manual
processes and the transfer of documents between multiple parties. The Self-Sovereign Identity
can be guaranteed within this.

Challenge: Blockchain technology is not yet fully trusted by citizens.

Legal
Challenge: Different laws and regulations complicate the adoption of digital technology. For
example, the EU General Data Protection Regulation (GDPR) prescribes that the individual has
the right to control his own data, including being able to protect and delete it where desired
and possible. The Swedish Institute for Standardization also prescribes the use of standards.194.
In addition, there is an eIDAS guideline on how digital signatures can be used as legally binding
signatures within the EU. This is called e-Signatures. In Sweden, however, the trading of
property in movable and immovable property still has to be done with written signatures since
2016. Furthermore, the status of digitally signed contracts based on blockchain is still unclear -
for example whether and how contracts on the blockchain are binding.

B. Business process, characteristics and purpose registration of real estate in Sweden:


Lantmäteriet
The example described here is that of property
registration by the Swedish Lantmäteriet.
Lantmäteriet's tasks are to maintain the Swedish cadastral system, to provide geodata and to
perform land registration.

The current land registration business process basically looks like this:
1. A landowner and buyer find each other and negotiate a price.
2. The purchase agreement is signed by both.
3. The buyer makes a down payment.
4. A broker issues a proof of sale.
5. The bank forwards proof of sale after financial verification to Lantmäteriet.

194 Such as ISO 15489, TIFF and PDF-A.


- 437 -
The main characteristics of this process are:
1. It concerns transfers of high value.
2. These are mostly paper processes that can take up to 3-6 months in total. In addition to
inefficient data entry, information may also be missing, and the information is prone to
errors and fraud.
3. Mutual reconciliation of data plays a major role, although data obtained is not reused.
4. Data must be kept for 10 years according to Swedish law.
5. There is a high degree of regulation of the service. Parties know each other and are
regulated by law.
6. The identity check takes place manually.
7. Lantmäteriet is only involved in the process in the final steps, so that the process that
takes place before is not transparent to the public.

C. Business ecosystem actors


Lantmäteriet had in 2015 roughly 50 offices, employed 2,000 people and had a turnover of
€165 million (Lantmäteriet, 2016). As a large public organization, it wants to use blockchain to
gain insight into and coordinate the purchase and registration process of real estate.

The main actors within the current Lantmäteriet business ecosystem are as follows.
Core Buyers, sellers, lawyers, appraisers, brokers and providers including
business banks, insurers and pension funds.
Extended ICT companies including developers and data supply companies.
business
Business Government agencies, such as the Swedish Institute for Standardization,
ecosystem the ISO, comparable companies within the European Union.
Table 16: Actors within the Lantmäteriet business ecosystem.

D. Heat map business model elements


Each PESTEL development examines the major challenge or opportunity for the current
business model. On the one hand, technology offers the opportunity to automate manual
processes to save costs as well as provide transparency and openness of the entire process to
citizens. On the other hand, in 2016, when the project started, laws and regulations such as
GDPR and Swedish public information laws stood in the way of blockchain innovation, such as
the immutability of information and digital signatures for (immovable) property. Furthermore,
the legal status of e-contracts is unclear.

- 438 -
Based on these developments, Lantmäteriet's main focus is on the following factors within the
business model.

Process improvement Prohibition supervisor


Who? Not being able to tap into new
customer segments customer segments.
What? Providing real-time transparency to Currently destructive. Opportunity
value proposition citizens throughout the entire to circumvent the ban opens up
process with blockchain, process new opportunities.
acceleration and cost savings.
Who? Online platform with current
Channels partners.
customer relationship Online platform with entire
transaction chain, including online
and personal support.
What? More openness and transparency,
yields speed up the process and reduce
errors.
How? Registration and storage of sales of
core activities land titles.
people & resources Innovative knowledge with partners
in online platform and blockchain
information system. Reorganization
by simplifying the process.
key partners New ecosystem with multiple Government agencies to test the
partners such as ChromaWay extent to which e-contracts, e-
blockchain supplier, Telia Sweden, signatures and GDPR blockchain
SBAB bank, Landshypotek Bank, solutions are possible.
Kairos Future consultancy, Evry ICT,
other government agencies and real
estate search portal Svensk
Fastighetsförmedling.
What? Investment translates into less Legal risk management and the
costs administrative burden and chance of not fully utilizing
maintenance, resulting in perhaps blockchain technology.
€100 million in savings per year
(Kairos Future, 2017).
Table 17: Lantmäteriet completed business model.

- 439 -
Lantmäteriet successfully tested the sale of land
titles via blockchain in 2019 and has been working
on the same solution for houses and buildings ever since. Lantmäteriet also involves other
government services, such as the Swedish tax authorities. Within the blockchain solution,
Lantmäteriet stores personal information off-chain. This information can be removed in
accordance with GDPR if the customer so wishes.

Furthermore, contracts are signed manually and placed on the blockchain via hashes. The
original contracts are on the server with other parties. Telia offers a mobile app ID solution that
allows people to register without knowing the Swedish Civil Service Number. These
registrations are also stored on the blockchain via a hash.

In the following the path of incremental innovation of Government and Public Goods is further
elaborated. Where relevant, the solution is compared to a public blockchain initiative that
pursues more of a radically innovative model. This shows what else decentralization has to
offer in the future.

In this case Lantmäteriet is compared to Land Layby. This is


a Kenyan holding company that wants to bring transparency
to a slow, sometimes corrupt, administrative land
registration system in Ghana. The Ghanaian government has had several initiatives to integrate
blockchain with their land register, including Bitland, BenBen and IBM in 2018. These
collaborations have not led to an implementation of the system (Eder, 2019). In order to
facilitate the purchase and sale of land for mainly Ghanaian immigrants, Land LayBy therefore
wants to keep country titles on the blockchain. This country mirrors the official registration with
the Ghana Land Commission, but the information about the country is kept on the blockchain
by various parties. Users can earn the Harambee token. Land LayBy is not a complete
alternative to Lantmäterite. It offers 2-year ongoing call options on underlying land that gives
potential buyers the opportunity to officially complete the buying process through Land LayBy
intermediaries. The call options can be traded.

- 440 -
E. Detail of the solution

Service Land registration Sales call options on land.


Governance Central government organization Private, developed Land LayBy
with private, closed, permissioned Listing (LLL) dApp on Ethereum
blockchain system. Government that has witnesses, workers and
owned, under the supervision of token holders.
Swedish public government bodies.

Technical Collaboration CromaWay's Esplix and Solidity, dApp is connected to


solution stakeholders' own information Ethereum blockchain.
systems.
open source Yes Yes
consensus mechanism Practical Byzantine Fault Tolerance Proof-of-Work (at the time of
and Proof-of-Work. writing this book, December
2019, Ethereum is still using
PoW).
smart contracts Yes, Esplix records data on Yes
blockchain.
dApps No, but yes to apps. Yes, on Ethereum.
SSI of digital identity Off- and on-chain, digital identity via No
mobile phone.
blockchain of alternative blockchain blockchain
DLT
Unchangeable data No, except personal information. Yes
Transparent data No, except personal information. Yes
Tokens / rewards
Validator reward No Yes, ETH. Also Harambee (HRBE)
ERC20 token for provide land
details.
Payment / native token No Harambee (HRBE) for dApp.
Digital property token No, property remains registered with no
Lantmäteriet information system.
Fractionalization no No
Table 18: Lantmäterite solution compared to Land LayBy.

A further explanation of the solution can be found in the Annex at the end of this chapter.

- 441 -
Lantmäteriet's ecosystem is being expanded and strengthened with direct data exchange and
mutual process coordination between buyers, banks, brokers and other government agencies.
In addition, the system has become publicly accessible for the benefit of confidence in the
process and the parties. The system can now expand to include parties such as insurers,
notaries and other local public authorities.

Land LayBy's ecosystem consists of lawyers, entrepreneurs, clients and token holders.
Governance remains in the central hands of Land Layby. The token holders are encouraged to
act as oracles by rewarding them with tokens when they add correct details to the files. They
lose tokens if the details turn out to be incorrect. Hired lawyers also fulfil the role of an oracle.
However, the way in which lawyers are encouraged according to the model is unclear. Finally,
Land LayBy itself keeps track of whether official documents are available and correspond to the
land register.

Land LayBy's challenge is to overcome the slow and sometimes corrupt processes of land
registration. This challenge is partly due to corruption within government agencies.

If a customer of Land LayBy buys land and there is a difference between the data on the
Ethereum blockchain and the official land register, the customer still has to go through a
difficult process with the government. This does not completely solve the problem. Ultimately,
Land LayBy tries to gain trust by placing itself as an intermediary next to a government that
does not have the confidence. Land LayBy has a technical partnership with IT company Winjit.
The register is also publicly available to the government, courts, financial institutions and
buyers and sellers.

F. Blockchain Readiness Score


The central question here is to what extent the business case is sufficient to choose blockchain
as a solution. This question is answered with the Blockchain Readiness Score, details of which
can be found in the Annex.

- 442 -
3,9

The minimum score is 1, the maximum score is 5. The high score of 3.9 is not surprising,
given Lantmäteriet has successfully tested blockchain implementation since 2016. They also
do this by using both a private and public solution that they link to existing systems. A
comparison with Land LayBy shows that Land LayBy is not a complete alternative, has little
added value to the existing Landmäteriet solution and is therefore not created.

In the long term, Lantmäteriet is expected to slowly expand the range of services and
ecosystem further to the existing solution.

G. Expected impact blockchain


Based on the previous models, an estimate can be given of the impact that can be expected if
blockchain is introduced via the table below.

This impact is more transparent if we compare it with the impact that Land LayBy has.

- 443 -
Increase in turnover Greater confidence could increase
investment, thereby further
stimulating the economy.
Operational efficiency Time reduction from 4-6 months to a
few days, €100 million/year savings
through fewer errors and maintenance.
Working capital Time savings lead to less money being
held by banks.
Data quality Verification of correct data, refusal of Verification of correct data, refusal of
incorrect data, certainty of complete incorrect data, certainty of complete
data. data.
Risk reduction One version of the contract with One version of the contract with
unambiguous characteristics. Less unambiguous characteristics. Less
fraudulent data. Less chance that title fraudulent data. Less chance of corrupt
will not be obtained now that legal action by changing data afterwards,
proceedings have been set up. Less although the chance remains of the
chance of stealing property. original Ghana land register. Less
chance of stealing property.
Data integrity Transparency in value chain and assets. Transparency in value chain and assets.
Audit trail to client, auditor and Audit trail to buyers, banks and
legislator. No coordination between government bodies. Reconciliation
parties required. with Ghanaian land register.
Data availability Eliminating information asymmetry, Online data available.
insight into the entire chain compared
to the previous system.
Identity management Found partial solution. Ethereum ID linked to own solution,
partly trusted.
Governance Private blockchain with emphasis on More control over current governance
cooperation between trusted via Ghanaian land register.
intermediaries
Legal compliance GDPR is met, although the subject
remains on the agenda due to
transparency on the public chain. e-
Signatures solution is sufficient.
Usability Automatic confirmation of received
country title.
Safety Open source software on distributed Use Ethereum and smart contracts, the
public network in addition to private solution of which still has to be proven
network on 4 nodes. Right parties technically.
involved in steps. Digital backups of
relevant information.
Experimenting with Knowledge acquired is used to scale up
services and the ecosystem, including
technology international parties.
Table 19: Expected impact of blockchain on Lantmäteriet and Land LayBy.

- 444 -
H. Innovation power
De Blockchain Innovation score van Lantmäteriet is: The central question in this section is to
assess to what extent this is an incremental versus radical innovation. Lantmäteriet's Blockchain
Innovation score is:

2,5

The minimum score is 1, the maximum score is 5. The further details can be found in the Annex.
In this case, the solution is technically innovative, but the business model itself is not innovative
as it remains close to the ecosystem, the service and the central business model.

The special thing here is that the company makes good use of blockchain and has a positive
impact, without ambitiously pursuing a more decentralized role.

I. Implementation risk
The central question here is to what extent the impact of the innovation influences the
complexity of the implementation. Lantmäteriet's total Blockchain Implementation score is:

The minimum score is 1, the maximum score is 5. Further details can be found in the Annex.
The problem that Landmäteriet solves has a certain priority given the great financial and
political interests. Furthermore, the implementation is quite easy to do, given the well-known
partners close to home and the processes known by law. In other words, the Swedish
government has chosen a good blockchain case to pick the low-hanging fruit.

- 445 -
J. Conclusion
The opportunities and challenges for the business model, strategy and implementation
emerged from the above. Lantmäteriet has thoughtfully rolled out a project that creates a
foundation to support new services like building sales and tax coupling in the future. The other
partners may want to take the project a step further by simplifying mortgage processes and
direct payments via cryptocurrency.

Lantmäteriet: identity management via the Telia app


As mentioned in chapter 12, Self-Sovereign Identity (SSI) is an appropriate identity
management system as it provides a portable digital identity solution that can be applied to
different industries. This increases control and privacy, while keeping the identity securely
on a trusted network.

The practical application of SSI and the example of the Telia app has already largely been
described in chapter 12. For example, a document with a link to the official Swedish
registration of the citizen service number is used within the Telia ID app. The chain of
messages shared within this app is accessible to all parties involved in the land purchasing
process and includes information such as the contract. The original documents and
verifications can be kept by an external party, or interested parties.

Digital signatures are approved within eIDAS. Swedish law seems to deal with this more and
more broadly with regard to real estate. For example, apartments can already be sold this
way. Thus, the legal obstacle of e-signatures identified in 2016 seems to largely resolve
itself. The obstacle regarding GDPR and personal information versus the Swedish law of
publicity of the real estate register is technically solved with this solution.

If the chain of messages leads to the conclusion of a contract, the Lantmäteriet checks the
information and changes its own register. Then a hash of the messages and the verification
is made and published on the Bitcoin blockchain. With this, Landmäteriet safeguards the
integrity and the process becomes transparent to the public. Digital personal information
can be removed if an individual so wishes and it is not required by law to be public
information.

- 446 -
16.4 Manufacturing
Technical developments, such as blockchain, are interesting for production companies, because
their business models are changing considerably under pressure from the 4th industrial
revolution. Data sharing within the supply chain, production processes, product life cycle, etc.
are becoming increasingly important. In this section, we take a closer look at the automotive
industry. The cases we examine in the section are BMW and VeChain.

A. External developments
The following major challenges and opportunities apply to car manufacturing companies.

Economic
Opportunity: the sharing economy is growing with relevant successful examples such as
Car2Go, SnappCar and Uber.

Social
Challenge: a growing expectation of people to become more owner of their own digital data.

Technological
Opportunity: the 4th industrial revolution has resulted in cars being connected to the internet,
in which the importance of data and cyber security is increasing. The importance of Smart Cities
and Smart Industries is also increasing. In addition, the electric and autonomous cars are
emerging. Blockchain as a technology offers the opportunity to allow data exchange between
devices to take place securely. Secure digital identities can be guaranteed within this.

Environmental
Challenge: circularity and a green future are important themes among young people. The diesel
scandal has damaged the image of car manufacturers.195 The use of electric cars is increasing,
and car manufacturers are feeling the pressure to make their processes more sustainable.

195 For more information about the diesel scandal, see, among others, "Diesel scandal 2.0: Volkswagen installed
illegal engine update" (Wilman, 2019).
- 447 -
B. Business process, characteristics and goal BMW and digital identity
The example described here is the generation of a digital identity of the user and
the car. BMW is a German car and motorcycle manufacturer that produces and
sells internationally. 50% of the shares are publicly listed, the other half is owned
by the Quandt family.

Car manufacturers realize that creating a digital identity for cars and car drivers is an important
prerequisite for using the different technologies of the 4th Industrial Revolution. This leads to
three opportunities for BMW for the time being:
1. Mobility and a user who buys or hires a car, where the car eventually parks as an
autonomous taxi company, refuels petrol, drives people around and pays dividends and
taxes.
2. Insight into the supply chain, raw materials, spare parts, data of the use of the car parts
and of waste when the car is at the end of its life cycle.
3. Producing customer-oriented products such as selling the car directly with financing or
taking out direct non-life insurance with the customer or giving the customer the data
to do this himself.
For all these opportunities, knowing the car or motorist is central, and with that the acquisition
of the data via a digital identity.

The business process for organizing a digital identity of the user and the car has the following
important elements:
1. It concerns high value product transfers.
2. It concerns technically difficult to understand products. In this case, intermediate
parties are often relied on for the purchase of a used car. In Germany, this appears to
have reversed mileage in 33% of cars (ADAC, etc.)
3. The parties are professionally organized and know each other.
4. The trend is towards a car as an app, with which the car manufacturer has a direct
individual relationship with the motorist. For the time being, BMW is focusing more on
an ID for the car.
5. Obtaining data from the car and motorist offers opportunities for the user and the car
manufacturer. Products and services can be more personalized. If the data becomes
more transparent, you can also prevent fraud. Buyers of second-hand cars, for example,
often do not currently know how the mileage is determined and whether it has ever
been adjusted manually.

- 448 -
C. Business ecosystem actors
The main actors in the BMW business ecosystem are:

Core The customer who has an increasingly longer and more direct connection
business due to data on driving use. In addition, the suppliers in the chain itself.
Extended ICT companies and other suppliers of technical innovations such as IoT
business and DLT companies such as IOTA or blockchain companies such as
VeChain Thor.
Business Competition, government, shareholders.
ecosystem
Table 10: Actors within the BMW business ecosystem.

D. Heat map business model elements


The impact of the following challenging and promising development is discussed in the business
model.

On the one hand, BMW sees the opportunities of integrating the various emerging technologies
with a major role for data collection, storage and analysis. Although BMW is currently focusing
on a unique ID for the car, the development is viewed from the perspective of the possibility of
creating and using an ID for the user in the long term. On the other hand, BMW feels the
pressure to play a role in the need to control its own user data.

Based on these developments, BMW's main focus is on the following factors within the
business model.

- 449 -
New technologies Management of own data
Who? In time, new products and services Possible customer loss if it does not
customer around data such as insurance and car go along with the changes. Chance
segments rental. of customer profit if it is first mover.
What? Blockchain-reinforced digital identity for Car manufacturer as a responsible
value proposition motorists and cars as a starting point member of society. Car and machine
for data analysis for supply chain and as IoT with constant information
later customer-oriented products. about use, waste, quality, etc.
Who? The car as an internet app to get to
Channels know both car and user.
customer A permanent direct relationship with Influencing driving behaviour in
relationship the user through 'car as an app' instead favour of the environment via 'car as
of, for example, through brokering or an app'.
car financiers.
What? Higher quality supplies, new services More openness and transparency
yields such as insurance, rental, car purchase about the origin and use of products.
financing, etc. Set up new services to improve
circularity.
How? Goods movement within the chain. Data creation by own products
core activities within the ecosystem.
people and Knowledge and commitment to
resources innovation platforms such as BMW
Startup garage.
key partners Integration of technology gives the car Close ties with suppliers, customers,
manufacturer a direct relationship with not-for-profit organizations. Use the
the car user and the car. The data can end customer for feedback, "free
be exchanged with any relevant advice" and improve your own image.
partner, including players such as data
sales agencies, auto investment
companies and insurers.
What? Large investments within partnerships Reduce risks of more expensive raw
costs in new technology. Less working capital materials, production processes and
in supply chain, lower purchasing costs, stricter legislation on carbon
less waste, lower maintenance costs for footprint and emissions.
machines and systems, and so on.
Table 21: BMW completed business model.

- 450 -
BMW sees the provision of a Vehicle Identity (VID) as a necessary step to develop a safe and
transparent system with which you can share and analyse data.

In line with this, it has taken several steps, such as joining the Mobility Open Blockchain
Initiative (MOBI), a blockchain consortium with 100+ parties. MOBI has put the VID at the top of
its agenda to build standards for, for example, communication between cars and with air traffic
controllers. Collaborations of this kind are necessary in this industry under the pressure of
innovation. There are also several examples in which car manufacturers jointly develop new
technologies.

Figure 137: Mobility ecosystem and use cases (MOBI, 2019).

- 451 -
BMW experiments its Start-up garage in collaboration with blockchain start-ups. This led to a
new collaboration with VeChainThor, which again resulted in tests with the VerifyCar app in
2019. This app logs static information such as type and production date per car, and dynamic
information such as the number of kilometres driven on the blockchain. The VerifyCar app can
be seen as a first blockchain step towards a VID.

BMW is taking small steps towards disruptive innovation on existing business models of itself
and participants in its ecosystem. Decentralization of data has played an important role in this
innovation.196

E. Detail of the solution


In the following the VerifyCar is further elaborated. VerifyCar is one of the apps within BMW
mobility services. Others include DriveNow for short-term car rental and ChargeNow for
charging services.

VerifyCar adds blockchain to the development of a VID for the car. In time, a VID for car parts,
production machines, etc. can also be created. In the short term, the VerifyCar app mainly
offers BMW the opportunity to organize the supply chain more efficiently. In the future, there
may also be room to link the digital identity of the users to the car. The opportunities this
brings for mobility and customer-oriented products present greater, longer-term challenges.

196 Solutions that pursue even more radical innovations within this domain are not available. The production of
technically complicated products such as cars is currently reserved for central parties such as BMW. VeChain is also
a public blockchain. A description of an extra public decentralized initiative, as done in previous sections, has no
added value and is omitted here.
- 452 -
Service Car manufacturing and sales.
Governance Central private organization using a publicly open blockchain, VeChain
Thor. VeChain Thor is a DAO with a central governing body and a
vibrant community of token holders who each fulfil different roles.
Technical Collaboration of own information systems on car and public blockchain
solution solution.
open source Yes
consensus mechanism Proof-of-Authority (VeChain Thor).
smart contracts Yes, partly to record data on the blockchain.
dApps Yes, VerifyCar.
SSI of digital identity Unique digital ID on blockchain. Every relevant party complements
blockchain. Data is also periodically sent to the blockchain via car-built
SIM cards and Machine-to-Machine communication.
blockchain of alternative blockchain
DLT
Unchangeable data Yes
Transparent data Yes
Tokens / rewards
Validator reward Yes
Payment / native token Yes, VeChain Token VET. In addition, the VeThor VTHO token is
required to pay transaction fees.
Digital property token No
Fractionalization No
Table 22: BMW solution.

VeChain Thor uses a VerifyCar app to capture and verify hashes of the data on a public
permissioned blockchain. The hash is therefore verified, so that you know that data has been
supplemented. The underlying data of the hash is stored on a private server, which poses a
security risk as a Single Point of Failure (SPOF). With the hash you can get confirmed that the
data on the server is correct.

BMW makes the choice that data can no longer be modified and that they have no control over
the governance or the code from where they log the data. The BMW data is on the blockchain
and can be made available by the owner of that data to, for example, insurers.

- 453 -
If BMW currently wants to use the app mainly for the supply chain, this setup seems sufficient.
The supply chain ecosystem can thus be scaled up to add customs officers, raw material
suppliers and governments in addition to machine builders, parts suppliers and banks.

In ecosystems for mobility and customer-oriented products, the ecosystem becomes more
dynamic with the addition of town planners, city councils, smaller rental companies or new
legal supervisors through financial services or products.

BMW already shares relationships with blockchain consortia such as MOBI, Corda R3 and
TrustedIoTAlliance. BMW also has direct relationships with blockchain companies such as IOTA
and Hyperledger and may also now be dealing with token holders, developers and the board of
the DAO VeChain Thor.

BMW faces a significant challenge in managing these complex and fast-growing ecosystems. In
addition, BMW has the difficult task of ensuring and even guaranteeing the security and the
complete and responsible use of data from many sources.

F. Blockchain Readiness score


The central question here is to what extent the business case is sufficient to choose
blockchain as a solution. This question is answered with the Blockchain Readiness score,
details of which can be found in the Annex. The minimum score is 1, the maximum score is 5.

A high score of 4 stems from the need of BMW and its ecosystem to seize the opportunities
of innovative technologies. Blockchain certainly offers good opportunities in the field of
supply chain and data creation. BMW's blockchain solution delivers quite clear efficiency
gains. In time, blockchain readiness for mobility and new customer-oriented products must
also be further sharpened, as is now the case with MOBI, VeChain Thor and IOTA.

- 454 -
G. Expected impact blockchain
Based on the previous models, an estimate can be made of the impact that can be expected if
blockchain is introduced for supply chain. The first project can provide a basis for introducing
blockchain elements such as cryptocurrency and digital identity of the user in the longer term.
This in turn can lead to users who jointly invest in a DAO car, users who get rental car offers
including insurance, users who can sell their own information, and so on.

- 455 -
Increase in turnover New products and services around data such as insurance and car
rental.
Operational efficiency Supply Chain leads to lower administration costs, higher quality
deliveries and therefore lower costs. Lower transaction costs and
overhead fees.
Working capital Faster supply chain leads to lower required working capital.
Data quality Verification of correct data, refusal of incorrect data, certainty of
complete data.

Risk reduction Preventing kilometre fraud. Prevent counterfeiting of auto parts.


Data integrity Transparency in value chain and assets. Audit trail to client, auditor and
legislator. No mutual coordination between suppliers required.
Data availability Eliminating information asymmetry, insight into the entire chain
compared to the previous system, including up-to-date information
about the status and location of the product for all parties. Documents
are legible for man and machine.
Identity management First step to Vehicle ID (VID)
Governance Open source software, collaboration with DAO with reasonably
transparent management.
Legal compliance Large ecosystem upscaling, access to VeChain Thor token holders via
public blockchain. This leads to more data that can be combined and
analysed, which in turn leads to an increase in turnover.
Usability VerifyCar as an app to give the user insight into car details on the
blockchain.
Safety dApp on open source public network. Car that can communicate
securely on network, armed against cyber-attacks. Safe transactions
logged on blockchain in the long term.
Experimenting with Knowledge acquired is used to scale up different ecosystems for supply
technology chain, mobility and customer-specific products.
Table 23: Expected impact of blockchain on BMW.

- 456 -
H. Innovative power
The central question in this section is to assess to what extent this is an incremental versus
radical innovation. The Blockchain Innovation score of BMW's VerifyCar app is 2.5. The
minimum score is 1, the maximum score is 5. More details can be found in the Annex.

2,5

The VerifyCar app is fairly innovative as a first step to enter blockchain including VID. The next
step to create a supply chain ecosystem around blockchain is still more innovative. In the longer
term, BMW can put the user ID on blockchain and develop new business models regarding
mobility and customer-oriented products.

The special thing here is that BMW makes good use of blockchain and has a great positive
impact there, without ambitiously pursuing a more decentralized role.

I. Implementation risk
The central question here is to what extent the impact of the innovation influences the
complexity of the implementation. BMW's total Blockchain Implementation score is 3.7.

3,7

The minimum score is 1, the maximum score is 5. More details can be found in the Annex.

The problem that BMW is trying to solve is a high priority, given the interests of the entire
industry to align a new set of innovations. The auto industry ecosystem itself is already well
coordinated.

- 457 -
J. Conclusion
With the VerifyCar app, BMW is taking a first step with blockchain within a larger strategy,
where a decentralized data infrastructure plays a major role in the long term. Think of the self-
management of data that you create as your driving behaviour is tracked.197 BMW can also
develop a direct link with individual car users via blockchain, opening the way for mutual value
exchange, such as insurance and fractional investment in autonomous cars.

BMW's blockchain strategy provides a particularly good picture of the need for collaboration
within an ecosystem.

16.5 Prediction market Augur


Here, an example is discussed of a service that can completely disrupt existing business models
thanks to the development of blockchain technology.

It concerns the Decentralized Business Model Canvas of the public blockchain Augur. Since it is
a disruptive innovation viewed from the side of a blockchain start-up, it deviates from the
format used in previous sections:
A. Introduction prediction market.
B. Decentralized Business Model Canvas.
C. Augur controversy.
D. Conclusion.

A. Introduction prediction market


From different organizations and individuals there is a need to question a mass of people about
their prediction of a future event. The underlying idea is that the more individuals you collect
predictions of, the more likely these predictions will come true. The crowd's aggregated
response is also known as wisdom of the crowd. The economic theory behind this goes back to
the theories of Friedrich Hayek and Ludwig von Mises described in part II.198

197 It is unclear to what extent this party is entitled to the information here.
198 These economic theories can be found in, among others, "The Use of Knowledge in Society" (1945) by Friedrich
Hayek and "Economic Calculation in the Socialist Commonwealth" (1920) by Ludwig von Mises.
- 458 -
An example of a prediction market is an estimate of an election result or the probability that a
product to be introduced will reach a certain amount of sales. This differs from an opinion poll,
because an estimate of a result is requested and no substantive opinion. You can reinforce this
estimate by asking people to bet money and to pay or withhold this depending on the final
result. For example, you can bet €1 on the chance that it will actually rain tomorrow at 12:00
and you will lose this money if it turns out not to be so afterwards. This also gives you the
opportunity to hedge yourself financially against an unwanted result by betting money on it.

Commodity Futures Trading Commission Several organizations offering prediction markets have
been closed in the past. One of the reasons for this was that these companies, such as InTrade,
were considered to be commodity traders or gambling companies according to local laws and
did not have the correct permits. Currently, there are two companies that are both allowed by
the US Commodity Futures Trading Commission (CFTC199) to place real money on a prediction
market platform These are PredictIt and Iowa Electronic Markets.200 PredictIt is only used for
political markets and is also known as the political stock exchange. Iowa Electronic Markets
adds economic markets to this. Both were created for research and educational purposes. In
addition, online gambling companies with prediction elements such as Betfair, polling
companies and crowdsourcing companies are competing with the same prediction market
business model.

The prediction market is therefore not really getting started. With the arrival of blockchain,
prediction markets have been revived. Gnosis, Stox and Augur are well-known examples of
prediction markets on the blockchain. On the one hand, the disruptive element is in the
transparent open peer-to-peer platform where smart contracts within blockchain take over the
place of an intermediary. On the other hand, the disruptive element lies in ignoring local laws
and regulations and the ability to spread prediction markets globally over the Internet.

Next is a comparison between the centralized PredictIt and the decentralized Augur.201 The
process at PredictIt is as follows:
1. An event is created by PredictIt as a market on the
website.

199 US regulator of derivatives trading.


200 These initiatives are owned by the Victoria University of Wellington and the University of Iowa respectively.
201 Augur has 44 unique users in one week in the last week of December 2019 (DappRadar.com, n.d.). PredictIt
itself claims to be an experimental site that has not gone mainstream (PreditIt, 2019).
- 459 -
2. Users bet money on the market with an underlying contract.
3. An event takes place.202
4. PredictIt reports the result on the website.203
5. The monetary amounts are sent back and forth by PredictIt.

The challenge is that as a central party, PredictIt has access to the creation of a market, the
contracts, the money, the reporting of the results and the administrative completion process.
The development of blockchain technology offers the opportunity to remove these
intermediaries by placing trust in a set of open source smart contracts.
Augur uses this. It has been in development since 2015 and in 2018
the application was rolled out and used.

To avoid any appearance of possible interference, Augur bets tokens on the Ethereum network.
Augur withdraws as an intermediary from every step of the business process. This process is as
follows:
1. Any person can pseudo-anonymous log on to Augur and create a market on everything,
while PredictIt only serves the political market.
2. Any user can enter into a peer-to-peer transaction based on Ether (ETH) or the DAI
stable coin. The sale / purchase transaction is arranged on the basis of smart contracts.
3. An event takes place.
4. Holders of the reputation token, REP, verify the result and are rewarded if they correctly
signal this to the blockchain. If they support the wrong result, they lose their REP token.
5. The amounts of money are automatically sent back and forth by the smart contracts.

B. Decentralized Business Model Canvas (DBMC)


Here the Decentralized Business Model Canvas is completed for the opportunities that
blockchain technology offers to a prediction market such as Augur. Details of the solution such
as technical aspects and governance are integrated in this model. In the aforementioned BMC
examples, they were not.

202 The source that registers the result of an event in a decentralized market is also called an oracle. In the example
of PredictIt, there is a centralized market, so no oracle is used.
203 This is also referred to as arbitration.
- 460 -
Who? A user does not have to be a token holder. Token holders are necessary to
Customer segments serve as an oracle or to create markets. Token holders are not officially
investors or software developers. Customers are mainly people who want to
hedge against or speculate on an event.
What? The decentralized provision of a transparent and well-secured forecast market.
Value proposition
How? dApp of smart contracts built on the Ethereum blockchain. Augur is a DAO and
Solution has no central statutory supervisor as a decentralized solution.
Consensus Ethereum is a permissionless Proof-of-Work blockchain.204 There is no KYC or
AML. Trust lies in the decentralized nature of the system and there is no
intermediary except the Forecast Foundation.
Validator reward A REP token holder uses tokens to serve as an oracle. With this, he receives part
of the transaction fees and stimulates the use of the network, which increases
the demand for the token. He also receives a greater weighting of his share of
the total REP token pool. 100% of the REP tokens have already been distributed
and will be redistributed only among the active holders after each transaction.
Inactive holders therefore get less importance. A rapporteur loses REP tokens if
he reports incorrect results.
What? ICO in 2015 with 80% of REP tokens distributed to participants, 16% to founders
Costs and 4% to Forecast Foundation.
Who? The Forecast Foundation converted the 4% REP tokens into USD 5 million cash,
Network governance paying the salaries of Augur software developers since 2015. Their only activity
is to develop and maintain the open Augur protocol. No one owns the Augur
platform, neither REP token holders nor the Forecast Foundation. Decisions
about Augur's direction are made by the Forecast Foundation only through
technical updates to the software.
Interaction channels Direct communication between token holders and with the Forecast
Foundation about weekly updates takes place via Github, Discord, Twitter,
Facebook, Medium and the Augur.net website. Current news is not
automatically provided by all channels simultaneously.
What? All fees obtained are distributed to the network of REP holders and market
Yields initiators. No profit is made. The Forecast Foundation does not receive any
money from Augur. As more users generate fees, REP holders also receive
more income in the form of fees.
Table 24: Augur completed business model.

204 At the time of writing, Ethereum has not yet switched to Proof-of-Stake.
- 461 -
Based on this, the following additional comments can be made about the Augur ecosystem.
Core business Augur is a DAO in the sense that REP token holders ensure that
Augur remains in use as an application. However, token
holders are not owners. The number of Augur users is modest
given the praised potential market disruption and € 108 million
in market capitalization.
Extended business Companies that build applications based on Augur, such as
Guesser and Blitzpredict, and companies that will develop
applications within the current regulations.
Business eco system Gnosis, Stox, PredictIt, online gambling companies, polling
companies and crowdsourcing initiatives.
Table 25: Actors within the Augur business ecosystem.

The decentralized blockchain models of, for example, Augur and Gnosis have not yet led to
widespread adoption of the prediction market. A fully decentralized public blockchain
application seems to have the best chance of success, because it provides an accessible
platform for many individuals to participate. This also allows you to try to avoid current
regulations. Augur users are currently being warned to enter the platform at their own risk.
However, mobilizing users takes time.

The prediction market itself is relatively unknown. In the ecosystem, there are also
opportunities with relevant variants of polling, crowdsourcing and online gambling. To take
advantage of this scope of the ecosystem, the public blockchain must have more users and
applications.

C. Augur controversy
As a blockchain start-up from 2015, Augur has had the necessary controversy, which is
characteristic of other blockchain start-ups from the same period. In America and other
countries, the first question is whether the REP token is a security. The CFTC decides on this.
This has been the reason for Augur to specifically declare the REP token separate from
ownership of Augur afterwards. The CFTC is also responsible within America for licensing
prediction markets. In addition, partly due to the sudden and high appreciation of the time,
Augur has to contend with a legal battle for compensation between the original owners. All this
has had an impact on the legal position of the Forecast Foundation. There have been multiple
Forecast Foundations, including one that is still registered in Estonia by the original founders
(Augur, 2018). Furthermore, a Forecast Foundation in Oregon and a Dyffy holding company

- 462 -
were involved in Augur's original sales. None of these companies are licensed by the CFTC.
(Leising, 2018) The Forecast Foundation has established statutes by the founders. REP token
holders have no influence on this. The directors, including the original Augur founders, do. Legal
risks are an important determinant of the future of many such start-ups. In line with this, the
users themselves are responsible for creating (a) moral or illegal markets. For example,
immediately after Augur went live in 2018, a death list of known persons was launched as a
market (Orcutt, 2018). The Forecast Foundation responded to this by referring to a statement,
stating that they have no influence on how the platform is used in terms of content (Oberhaus,
2018).

Finally, Augur also suffers from technical defects that it has to overcome. For example, in April
2019, Binance claimed that Augur is not sufficiently safe with low user numbers (Baker, 2019).
Existing users could create multiple accounts, which they bet against a self-placed highly
probable prediction to let unwitting predictors also bet money. The forecast is designed to have
minor flaws that are unclear to the ignorant forecasters. Due to these flaws, the contract
cannot be executed, and the total pot is shared equally among all participants. Because the
highly probable forecast seems like an opportunity, the ignorant forecasters bet more in
practice than the other accounts. Because the pot is shared equally among all participants, the
unwitting predictors lose more money than they get back.

D. Conclusion
Public blockchains can be disruptive and differ greatly from each other. For example,
companies such as BitShares and Augur pay all their fees to token holders or active participants,
as a token holder at BitShares you can determine the course of the DAO and VeChain has a
central management team that pursues commercial success through cooperation with large
international companies.

Ultimately, the projects do not deliver their big promises yet, partly due to inexperience with
governance, limited community engagement, back pressure of the law and more belief in
technical progress than focus on the practical application of this technique. Nevertheless,
blockchain has a lot of potential. It makes it possible to bring society further on the
decentralized path. It is also difficult as a central company to compete with a community that
can cooperate with one another but does not aim for profit. That is where the promise of the
public blockchains and DAOs lies.

- 463 -
16.5 Summary, terms and sources
Summary
This chapter provides a roadmap to assess where the opportunities lie for companies
considering blockchain applications. The step-by-step plan is explained on the basis of four
cases from large organizations and DAOs. This way, every case of a central business model is
compared with an organization that pursues a radically innovative decentralized model. These
cases are described with the following instruments within the Saxion Blockchain Model:
A. External developments affecting the business model in accordance with the PESTEL
method.
B. Business Process including the most relevant characteristics of this process and the
purpose that the blockchain implementation would serve.
C. Business ecosystem actors to show which partners the company has.
D. Heat map business model elements in which the influence of external developments
is shown on the business model. This allows more insights to be gained about
opportunities and challenges for the company.
E. Details of the solution in which the incremental solution is compared with a
disruptive model in various areas, as well as where blockchain offers opportunities to
enter into and deepen relationships within the ecosystem.
F. Blockchain Readiness score that assesses the extent to which the organization is
ready to implement blockchain.
G. Expected impact of blockchain. This indicates the expected usefulness of blockchain
and where the challenges lie in its introduction.
H. Blockchain Innovation score to indicate the extent to which the company is
experiencing incremental versus radical innovation, based on which the chances of
value creation of the business model can be estimated.
I. Blockchain Implementation Risks that look at risks specifically associated with
blockchain projects.
J. Conclusion.

A conclusion from this is that successful blockchain applications are manageable well-defined
blockchain cases that are implemented as part of a larger plan.

- 464 -
Comments you can now explain
• A structured approach for a blockchain application requires no more than a simple step-by-
step plan, based on decentralized data-driven business models and a readiness score from
the organization.
• Depending on the type of challenge a company faces, a blockchain has an impact in all areas
of the business model.
• The current successful blockchain applications were cautious first steps in an incremental
change process.
• dApps on the public blockchains can cause disruptive change, but are still hampered by
team members' inexperience, current regulations and practical application of the
technology.

Glossary of Terms
Blockchain Readiness score: To what extent the organization is ready to implement blockchain.

Blockchain Implementation Risk: Risk related to implementing blockchain projects.

Blockchain Implementation score: Indicates to what extent the impact of the innovation will
influence the complexity of the implementation.

Blockchain Innovation score: Indicates the extent to which the company is experiencing
incremental versus radical innovation. Based on this, the chances of value creation of the
business model can be estimated.

Commodity Futures Trading Commission (CFTC): US regulator of derivatives trading.

Federal Reserve: United States central bank.

Federal Trade Commission (FTC): U.S. government agency that protects customers from,
among other things, fraudulent and misleading corporate actions.

Securities and Exchange Commission (SEC): Independent U.S. government agency that focuses
on investor protection and oversees the functioning of U.S. financial markets.

Wisdom of the crowd: Collective opinion of the group. This is compared to the individual
opinion of one person or expert.

- 465 -
Sources
Augur. (n.d.). Overview. Consulted on 23 December 2019, from Augur.net website:
https://docs.augur.net/#overview

Augur. (2018, July 9). Forecast Foundation OU Privacy Policy. Consulted on 23 December 2019,
from Augur.net website: https://www.augur.net/privacy-policy/

Baker, P. (2019, April 1). Binance Research: Design Flaws Make Augur Vulnerable To Attack.
Consulted on December 23, 2019, from Crypto Briefing website:
https://cryptobriefing.com/binance-augur-flaw/

Bakes. (n.d.) Bakkt. Consulted on December 23, 2019, from Bakkt.com website:
https://www.bakkt.com/

BitShares. (n.d.) BitShares. Consulted on September 9, 2019, from Bitshares.org website:


https://bitshares.org/

Carfax. (2019). How to detect mileage rollback? Consulted on December 23, 2019, from
Carfax.eu website: https://www.carfax.eu/article/mileage-rollback

ChromaWay. (n.d.). ChromaWay. Consulted on December 23, 2019, from ChromaWay website:
htps: //chromaway.com/landregistry/.

Eder, G. (2019). Digital Transformation: Blockchain and Land Titles. Consulted from
http://www.oecd.org/corruption/integrity-forum/academic-papers/Georg%20Eder-
%20Blockchain%20-%20Ghana_verified.pdf

Garrick, D., & Rauchs, M. (2017). Global Blockchain Benchmarking Study. Consulted from
https://www.jbs.cam.ac.uk/fileadmin/user_upload/research/centres/alternative-
finance/downloads/2017-09-27-ccaf-globalbchain.pdf

Hayek, F.A. (1945). The Use of Knowledge in Society. Consulted from


https://www.econlib.org/library/Essays/hykKnw.html

Kaoris Future. (2017) The Land Registry in the blockchain – testbed. Consulted from
https://chromaway.com/papers/Blockchain_Landregistry_Report_2017.pdf

Land LayBy. (2019). Land Layby Listing (LLL) Platform [White Paper]. Edition 3. Consulted from
https://hrbe.io/images/whitepaper.pdf

Land LayBy. (n.d.). Land Layby Holding Limited. Consulted on December 23, 2019, from
landlayby.com website: http://kenya.landlayby.com/

- 466 -
Lantmäteriet, Telia, ChromaWay & Kairos Future. (2016). The Land Registry in the blockchain.
Consulted from http://ica-it.org/pdf/Blockchain_Landregistry_Report.pdf

Leising, M. (2018, July 26). As Crypto Meets Prediction Markets, Regulators Take Notice.
Consulted on December 23, 2019, from Bloomberg.com website:
https://www.bloomberg.com/news/articles/2018-07-26/as-crypto-meets-prediction-
markets-u-s-regulators-take-notice

McKie, S. (2017, September 30). Investing in Tokens and Decentralized Business Models.
Consulted on December 23, 2019, from Medium website:
https://medium.com/blockchannel/investing-in-tokens-and-decentralized-business-
models-e7629efa5d9b

von Mises, L. (1920). Economic Calculation in the Socialist Commonwealth. Auburn, Ala., Ludwig
von Mises Institute.

MOBI. (2019). DLT-based Vehicle Identity Business Review. Consulted from https://dlt.mobi/wp-
content/uploads/2019/07/DLT-based-VID-Business-Review.pdf

MOBI. (2019). Vehicle Identity Standard. Consulted from https://dlt.mobi/wp-


content/uploads/2019/07/MOBI-Vehicle-Identity-Standard-v1.0-Preview.pdf

Mulligan, C., Zhu Scott, J., Warren, S., & Rangaswami, J. P. (2018). Blockchain Beyond the Hype A
Practical Framework for Business Leaders. Consulted from
http://www3.weforum.org/docs/48423_Whether_Blockchain_WP.pdf

Mwanza, K. (2018, February 16). African startups bet on blockchain to tackle land fraud.
Consulted on December 23, 2019, from Reuters website:
https://www.reuters.com/article/us-africa-landrights-blockchain/african-startups-bet-on-
blockchain-to-tackle-land-fraud-idUSKCN1G00YK

Nimfuehr, M. (2017, December 3). Blockchain application land register: Georgia and Sweden
leading. Consulted on 23 December 2019, from Medium website:
https://medium.com/bitcoinblase/blockchain-application-land-register-georgia-and-
sweden-leading-e7fa9800170c

Oberhaus, D. (2018, July 25). Assassination Markets for Jeff Bezos, Betty White, and Donald
Trump Are On the Blockchain. Consulted on December 23, 2019, from Vice website:
https://www.vice.com/en_us/article/gy35mx/ethereum-assassination-market-
augur?utm_source=mbtwitter

- 467 -
Orcutt, M. (2018, August 2 This new blockchain-based betting platform could cause Napster-size
legal headaches. Consulted on December 23, 2019, from MIT Technology Review website:
https://www.technologyreview.com/s/611757/this-new-ethereum-based-assassination-
market-platform-could-cause-napster-size-legal/

Peterson, J., Krug, J., Zoltu, M., Williams, A., & Alexander, S. (2019). Augur: a Decentralized
Oracle and Prediction Market Platform (v2.0). Consulted from
https://www.augur.net/whitepaper.pdf

PredictIt. (2019). A Predictable Newsletter - 11.1.19. Consulted on December 23, 2019, from
PredictIt Political Analysis website: https://analysis.predictit.org/post/188747880043/a-
predictable-newsletter-11119#mobile

- 468 -
Annex
Land LayBy: further explanation of the solution
Land LayBy is developing a dApp that collects information via mobile phone, which is then
registered via smart contracts on a Land LayBy Listing (LLL) on the Ethereum platform. For this
it receives technical support from IT company Winjit.
The Harambee token provides access to the registry. Tokens can be earned by making correct
changes in the LLL and tokens are removed if wrong changes are made.

Land LayBy also conducts due diligence on the details itself, including by looking on site and
using a copy of Ghana's land register. For this they also enter data on Ethereum. Land is only
registered on the blockchain if the history can be fully checked and all official documents are in
order. Land Layby then also issues a Land LayBy Listed certificate, which should increase
confidence in the information to the public.

By also recording the purchases and sales of the land on the blockchain, it can serve as a
shadow accounting for the users.

- 469 -
Blockchain Readiness score Lantmäteriet
(1 = not at all, 5 = absolutely) 1 2 3 4 5
Digital innovation is part of the strategy. 4
Different parties share data. 5
These data and their transactions concern monetary value. 5
The data are confidential 3
Different parties edit data. 5
Data must be verified. 5
There is a clear Return on Investment to be calculated, and this is 5
sufficient in this case.
Verification is complex, cost and or time-increasing. 5
The solution to choose blockchain is the simplest opportunity to 4
overcome the problem.
The solution influences the existing organizational structure. 1
The solution affects the existing workflow. 3
The solution affects the existing ecosystem. For example, there is no 2
intermediary with a central position.
The technical solution is close to or can be integrated with existing 4
systems.
The solution is data intensive but scalable. Think in differences of 1k, 3
10k, 100k, 1 million or> 10 million transactions per hour.
Blockchain Readiness score Lantmäteriet 54 / 14 = 3,9
Table 26: Landmäteriet Blockchain Readiness score.

Blockchain Innovation score Lantmäteriet


(1 = not at all, 5 = absolutely) 1 2 3 4 5
Degree of decentralization. 2
Tapping into a new market or an existing market. 2
Use of new processes. 3
Use of new stakeholders within a new ecosystem. 3
Bypassing the intermediary. 1
Technical innovation: uses SSI, tokenization, smart contracts, new 4
consensus mechanism, new technical workflow.
Blockchain Innovation score Lantmäteriet 15 / 6 = 2,5
Table 27: Lantmäteriet Blockchain Innovation score.

- 470 -
Blockchain Implementation score Lantmäteriet
(1 = not at all, 5 = absolutely) 1 2 3 4 5
Ecosystem is simple in the sense that there is no intermediary, 4
cooperation is geographically close to home, want to cooperate with
actors, coordinate limited number of actors.
Blockchain Readiness score. 4
Blockchain Innovation score. 3
Internal emphasis is on digital innovation: data and digital innovation are 4
central to strategy, organizational structure has proven to be able to
innovate, information systems and processes in order, technical
knowledge available.
The initiative is legal and in accordance with applicable standards / 5
guidelines.
The problem has a certain priority, but it is not a critically complex 4
process that requires (large) organizational changes.
Blockchain Implementation score Lantmäteriet 24 / 6 = 4
Table 28: Lantmäteriet Blockchain Implementation score).

- 471 -
Blockchain Readiness score BMW
(1 = not at all, 5 = absolutely) 1 2 3 4 5
Digital innovation is part of the strategy. 4
Different parties share data. 5
These data and their transactions concern monetary value. 3
The data are confidential 4
Different parties edit data. 4
Data must be verified. 5
There is a clear Return on Investment to be calculated, and this is 4
sufficient in this case.
Verification is complex, cost and or time-increasing. 5
The solution to choose blockchain is the simplest opportunity to 4
overcome the problem.
The solution influences the existing organizational structure. 3
The solution affects the existing workflow. 4
The solution affects the existing ecosystem. For example, there is no 3
intermediary with a central position.
The technical solution is close to or can be integrated with existing 4
systems.
The solution is data intensive but scalable. Think in differences of 1k, 4
10k, 100k, 1 million or> 10 million transactions per hour.
Blockchain Readiness score BMW 56 / 14 = 4
Table 29: BMW Blockchain Readiness score.

Blockchain Innovation score BMW


(1 = not at all, 5 = absolutely) 1 2 3 4 5
Degree of decentralization. 2
Tapping into a new market or an existing market. 3
Use of new processes. 3
Use of new stakeholders within a new ecosystem. 3
Bypassing the intermediary. 1
Technical innovation: uses SSI, tokenization, smart contracts, new 3
consensus mechanism, new technical workflow.
Blockchain Innovation score BMW 15 / 6 = 2,5
Table 20: BMW Blockchain Implementation Score

- 472 -
Blockchain Implementation Score BMW
(1 = not at all, 5 = absolutely) 1 2 3 4 5
Ecosystem is simple in the sense that there is no intermediary, 2
cooperation is geographically close to home, want to cooperate with
actors, coordinate limited number of actors.
Blockchain Readiness score. 4
Blockchain Innovation score. 3
Internal emphasis is on digital innovation: data and digital innovation are 4
central to strategy, organizational structure has proven to be able to
innovate, information systems and processes in order, technical
knowledge available.
The initiative is legal and in accordance with applicable standards / 4
guidelines.
The problem has a certain priority, but it is not a critically complex 5
process that requires (large) organizational changes.
Blockchain Implementation score BMW 22 / 6 = 3,8
Table 31: BMW Blockchain Implementation Score

- 473 -
- 474 -
17. Criteria and application types

“You can replace the term ‘distributed ledgers’ with ‘shared Excel sheets’ in
about 90 percent of talk about blockchain and finance.”
- Tracy Alloway (2019)

17.1 Introduction and learning objectives


In this chapter you will learn
• Which criteria are relevant to estimate the extent to which blockchain is useful for a
company.
• How the blockchain building blocks can be classified into types of blockchain applications.
• How to use the types of blockchain applications to come up with a blockchain application.
• What typical questions there are to determine whether you have a specific blockchain use
case.

Introduction
The previous chapter shows that blockchain does not always make sense. Certain criteria must
be met that are mainly expressed in the Blockchain Readiness score and the Blockchain
Implementation score. In this chapter, section 17.2 provides an in-depth analysis of this
Blockchain Readiness score based on criteria for entering blockchain. If it follows from this that
there is a meaningful blockchain case, it is only useful to look at the conditions under which
implementation takes place. Change management and implementation strategies for digital
strategies are quite generic and are therefore of less use for the time being in this book.

The cases mentioned in chapter 16 largely meet the blockchain implementation criteria. These
cases can be broken down into more concrete application types. In section 17.3 we categorize
the most common application types and show with examples which blockchain elements are
important to develop the application types. The chapter concludes with a summary, a list of
important concepts and a source list in section 17.4.

- 475 -
17.2 Criteria to enter blockchain
While blockchain is promising, it is currently the best solution only in specific cases. There are
countless failed and paused blockchain projects. In this section, we provide guidance on how to
assess the success of a project based on 3 detailed criteria.

Before we go through the criteria, it is recommended to record the business process in line with
the previous chapter. Therefore, try to answer the following questions first:
1. What dates are there?
2. Which party uses, stores and processes this data for what purpose?
3. How are the data distributed among themselves?
4. Who are the users of the data?
5. Which data would you not like to share or send out?

Indications when a blockchain project has a chance of success can be found in the definition of
a blockchain as an “agreed distributed database where transactions are encrypted in data
blocks”.

Data is generally shared between certain parties. The specific solution of blockchain is that it
removes frictions in its own way, or creates opportunities when sharing data between certain
parties. These options can be divided into the following blocks:
1. Data.
2. Parties.
3. Data traffic.

Data

Data traffic Parties

Figure 138: Core blocks of blockchain criteria.

- 476 -
In the following, these criteria are further elaborated on the basis of points of attention and
questions that you should ask yourself. These criteria have been drawn up on the basis of
Hereijer, Waughray, & Warren (2018) and Castellon, Cozijnsen, & van Goor (2018).

17.2.1 Data

Cash value or digital


possession
Data Dynamic data
Data friction

Figure 139: Data core block.

a. To what extent is it in regard to data with monetary value or digital possession?


The more digital the product and the higher the money values, the more relevant blockchain is to support the value
transactions trusted between parties. Other relevant questions are:
• To what extent is there a data file around this product with changeable data?
• To what extent do you need a digital identity of product, own company, customer, other stakeholders
within this file?

b. To what extent is dynamic data used?


Blockchain is built around data transactions. These changes in data, such as sensors that constantly send updates,
are stored securely with blockchain and made transparent to share them between parties. Static data, such as
personal data, can be stored on the blockchain, but alternative systems are still more suitable for this.

c. Where is data friction experienced?


Think of problems that arise as data:
• Are incorrect or incomplete.
• Are corrupted.
• Are confidential or personal.
• Are unclear.
• Are censored.
• Are adjusted unnoticed.
• Aren’t available, or not available at the same time.

- 477 -
d. What are the benefits of removing this friction?
You can remove the friction by, among other things, having logs or a complete audit trail of what has changed, by
having data verified by different parties or by standardizing the data and processes. Within this, a vision of the
organization being crushed by the decentralized execution and automation of work and controls is an important
strategic consideration for the business model.

e. Where are the opportunities for the use of new data?


What data is there with parties that are not currently shared and that you could use? Which potential new users
could you find for your own data? Then you need to look at how existing or new data can be combined and
analysed to create value within the network.

17.2.2 Parties

Number of parties
Parties known to each other
Parties Parties in one line

Figure 140: Core block parties.

a. Are these two or more parties involved?


The more parties work together, the more valuable blockchain is to increase mutual transparency and trust.

b. Do the parties know each other?


With blockchain, trust lies in the system itself and not so much between the parties themselves. At Enterprise
Blockchain, the first projects are mainly aimed at well-known parties to incrementally expand the ecosystem. In
consortia, companies also clearly focus on collaboration with competitors.
Here the companies know each other, but trust is enforced with additional agreements. See also chapter 18.
There is an explicit opportunity to involve the customer in the network and to be able to approach this directly
individually via the blockchain system. To what extent can a network effect be created?

c. what extent are the partners aligned with the use of blockchain?
What supports this is if there is a dominant party that can enforce data standards and cooperation. Explore the
possibilities of aligning each other's goals. Consider, for example, how you can jointly increase the loyalty of the
same end customer, improve confidence in the quality of the product or process, or how you can present yourself
directly to the end user or enter into a dialogue with it.

- 478 -
17.2.3 Data traffic

Number of parties
Parties known to each other
Datatraffic Parties in one line

Figure 141: Core block of data traffic.

a. Where is friction experienced with data traffic?


Also see the comments under "data friction" under the heading Data (17.2.1). In data traffic, the emphasis is on
sub-optimal cooperation through:
• Time-intensive projects such as reconciling data.
• Error and fraud prone processes.
• Processes in which one party waits for another party's opaque action to continue the process.
• An intermediary that serves as an extra link, whether or not laid down by law. In the longer term, it is
expected that the government will change the roles of supervisors, gatekeepers and other legal
intermediaries under the pressure of technological developments such as blockchain.

b. Where are the opportunities within data traffic?


To what extent can the customer be directly approached individually via blockchain? To what extent can a network
effect be created? How does the process help to share data anonymously or not anonymously?

c. How robust and secure is the network?


The question here is not only whether the network is susceptible to cyber-attacks, but also to what extent the data
must be in a separate physical place, whether it is cryptographically protected, how company hardware is
protected and what the minimum data is you want to protect. Robustness and security also encompass the roles
and powers that different parties take within a blockchain system, such as keeping data current or maintaining the
hardware.

d. To what extent does the network work with existing software?


To what extent can the system communicate or even integrate network data with existing CRM and ERP packages?
To what extent is this possible with other public or private blockchain systems, whether on- or off-chain?

- 479 -
There are three main reasons for introducing blockchain:
1. Recording property and data.
2. Increasing efficiency.
3. Disintermediation.

Other obvious reasons are access to more data and a more secure network.

Rule of thumb to apply a blockchain


Blockchain is useful if the following criteria are met:
1. Digital innovation is part of the strategy.
2. Different parties share data.
3. These data and their transactions concern monetary value.
4. The data are confidential
5. Different parties edit data.
6. Data must be verified.
7. There is a clear Return on Investment to be calculated, and this is sufficient in this
case.
8. Verification is complex, cost and or time-increasing.
9. The solution to choose blockchain is the simplest opportunity to overcome the
problem.
10. The solution influences the existing organizational structure.
11. The solution affects the existing workflow.
12. The solution affects the existing ecosystem. For example, there is no intermediary
with a central position.
13. The technical solution is close to or can be integrated with existing systems.
14. The solution is data intensive but scalable. Think in differences of 1k, 10k, 100k, 1
million or> 10 million transactions per hour.

In addition to answering the aforementioned questions, you can use the following rule of
thumb.

We have also applied this rule of thumb to make the Blockchain Readiness score as an initial
assessment of the extent to which a blockchain solution is the right choice for a company.

The following simple decision tree can be made from the aforementioned criteria and rule of
thumb.

- 480 -
Is a (shared) A blockchain
no
database solution is not
required? necessary

Alternatives are email or


Yes spreadsheets.

Are there
no A blockchain
multiple parties
solution is not
writing in the
necessary
database?
An alternative is a traditional
Yes database.
A blockchain
solution is probably
Do the writers Do you want/ Does your not necessary.
Yes Yes Yes
know and trust have a trusted current Otherwise, consider
each other? intermediary? solution work? a private /
consortium
no no no blockchain

Do you want/ Consider public /


have a trusted Consider private /
private / consortium
intermediary? consortium blockchain
blockchain

no

Consider public
blockchain

Figure 142: Simplified decision tree whether or not to use blockchain.

This is followed by the question of what type of blockchain you want. You can choose from a
public, private and consortium blockchain. In addition, a blockchain can also be permissionless
or permissioned. You choose a permissioned blockchain if you want to check the functionality
and access rights. Many companies also opt for a permissioned blockchain if they do not want
to show the transactions transparently, although you can also embed more privacy in
permissionless blockchains using cryptographic techniques such as Zero-Knowledge Proofs.205

205 See, among others, "Total cost of ownership for blockchain solutions" by Ernst & Young (2019). According
to their research, the transaction costs of Zero-Knowledge Proofs in public blockchains will become cheaper in
- 481 -
Another thing that you also have to take into account is the maintenance of the blockchain. A
permissionless blockchain is often publicly available and open source. These blockchains are
maintained by the community, while a permissioned blockchain set up by you or in a
consortium requires more maintenance. When updates and new innovative features are
automatically added to a permissionless blockchain, you also have less to worry about
blockchain innovations. However, you have less control over where a permissionless blockchain
is headed.

Permissioned blockchains are often faster due to the small number of nodes that maintain the
network and can process more mutations per second. For some companies, the number of
transactions per second that permissionless blockchains can process is too low and the
processing time of transactions is too long.

Furthermore, if you choose for a permissionless blockchain, you also have to ask yourself how
decentralized you want the blockchain to be. Highly decentralized blockchains are often safer,
but they can also compromise on scalability. Think of the blockchain trilemma discussed in
section 7.2.

Finally, permissionless blockchains often also have higher transaction costs than permissioned
blockchain. These are all considerations you should consider when deciding what type of
blockchain you want.

17.3 Types of blockchain applications


The blockchain cases mentioned in chapter 16 largely meet the criteria for applying blockchain.
These cases can contain several more concrete application types. The types are based on a
practical foundation of fields of application that already exist. For example, BitShares is a
blockchain project with application types such as a trade exchange, clearing and settlement,
payment transactions, etc. We can use these types to gain insight into which essential
blockchain elements are important to enable the types. If you have a blockchain case and know
which application types you want to have within the case, you also know which blockchain
elements to use.

the short term than privacy transactions on a private blockchain. (p. 14) This is expected to ensure that more
companies that want to regulate privacy will opt for permissionless open blockchains..
- 482 -
Blockchainelement A
Blockchaintype 1
Blockchainelement B
Casus
Blockchainelement C
Blockchaintype 2
Blockchainelement D

Figure 143: Schematic representation of how we approach a blockchain case. The case is divided into different blockchain types
to which associated blockchain elements are linked.

A blockchain element is a basic building block that is used together with other building blocks to
enable an application type. The blockchain building blocks also determine the characteristics of
a blockchain that you want to use. For example, the blockchain element "payment token" has
an impact on the ease, speed and transparency of payment transactions. Examples of
blockchain elements are wallets, smart contracts, dApps, DAOs, oracles, and so on.

Application types thus bundle blockchain elements that themselves represent a certain user
utility of the blockchain. The user utility is related to how you bundle and / or adapt these
elements for your own application types.

The following table shows the cases from Chapter 16 with corresponding application types and
blockchain elements. To keep the table somewhat orderly, only case types that have not been
mentioned before are mentioned within the cases. For example, in the case of the Telia app,
digital ownership is also an application type, but it is not included in the table because it has
already been mentioned in the BitShares case.

- 483 -
Blockchain
Blockchain Element Wallet & digital Smart Network Payment Asset Decentralize
Casus 1.0 dApp DAO Oracle Note
signature contract token token token d identity
Application type elements
Exchange /
marketplace: Network token is also
BitShares
organization of entire used for payments.
exchange
Automatic processing
Clearing and settlement of purchase / sale /
change of ownership.
Payment transactions To make payments.
Stimulating behaviour
of the token holder as
Token economics
a customer, investor
and participant.
Disintermediation
Create, hold and
Digital ownership trade excl. Digital
identity.
Voting
Direct communication
between token holders
Registration of files: Hash registration via
Lantmäteriet
country Ethereum.
Use of private
Ownership Certification network for recording
data.
Telia app Self-Sovereign Identity
Unclear, possibly
maintain data of
Land Layby Quality certification
property tokens
within dApp.
BWM Chain cooperation
Following the
movement of goods
Table 32: Model of blockchain cases, blockchain application types used and blockchain elements.
A further explanation of the blockchain elements is as follows:
• Blockchain 1.0 elements: basic elements of blockchain such as consensus mechanism
that is mutually maintained, immutability of data (with open permissionless
blockchains), overview of transactions, chain of data blocks and applications of
cryptography to guarantee the authenticity of data. Inherent to this is a more robust
and secure network. The main application within this is cryptocurrency, but other
applications such as registrations of votes and ownership are also possible.
• Wallet & digital signature: having a wallet to execute transactions and own tokens, so
not directly in accordance with the e-Signatures within the eIDAS directive. This includes
being able to demonstrate ownership of a particular property at any time.
• Smart contract: a contract with certain terms and conditions that are laid down in code.
The contract is self-executing, as it itself performs the appropriate corresponding
actions when the terms and conditions are met. Possible application types are digital
rights, gambling and money deposits.
• dApp: an application that uses the decentralized data storage of a blockchain.
• Decentralized Autonomous Organisation: an autonomous entity, which also depends
on the hiring of individuals. These individuals can perform certain necessary tasks that
the entity cannot. The DAO has internal capital at its disposal for this purpose, with
which certain activities of these individuals can be rewarded. Bitcoin is the first DAO.
• Oracle: a source outside the blockchain that feeds a smart contract with relevant
external information, so that the smart contract can check arbitrary conditions.
• Network Token: Token that aims to reward participants for the work they do to help
maintain the network.
• Payment token: token for the purpose of making payments within the blockchain
network. Possible applications are e-commerce, peer-to-peer lending and microfinance.
• Asset token: token with an underlying asset in the real world. Possible applications are
loans, crowdfunding and private markets.
• Decentralized identity: A digital identity that is recorded and managed in a
decentralized manner.

This model only provides an overview of blockchain elements that are common. Other
elements discussed and added in the book include fractionalization, smart asset, smart token,
smart property, and Zero-Knowledge Proofs.

- 489 -
In addition, you could add the following application types that we discussed earlier in the book
to the model:
• Crowdfunding: acquiring funds to fund an initiative.
• KYC/AML: demonstrate that a party is who it says it is based on data across the
ecosystem and understand what the party did in the past. A so-called compliant check
box can be shared between financial service providers and customers.
• Notarization: indicate what the state of something was at a certain time
• Triple entry accounting: demonstrate simultaneously for several parties that the
transaction has taken place.
• Upfront compliancy: arrange in advance that transactions take place in accordance with
laws and regulations.

Alternative data management systems


It is not always necessary to use a blockchain. There are alternative data management
systems that may be better, cheaper and easier. You could consider the following
alternatives, whether or not in combination:
1. A shared database with access rights.
2. A password-protected spreadsheet on a shared server.
3. An encrypted database.
4. A provider of cloud solutions.
5. An authorization model for clearing transactions.
6. Other Distributed Ledger technologies.

Many organizations already have experience with these solutions. It is advisable to involve
the IT professional within the organization to see whether such data management systems
are a better alternative than blockchain. You can also submit the use case to differently
composed teams to see to what extent they would handle it differently.

Remember that you should be able to clearly identify the added value of blockchain over
other alternatives.

- 490 -
The model can now be used as follows to conceptualize a blockchain. Let's say you are a
financial services provider that mainly provides loans and financing. Application types such as
KYC / AML, Self-Sovereign Identity, crowdfunding and payment transactions play a role in this
business model. These translate into analysing how elements such as blockchain 1.0, wallet and
digital signature, smart contracts, payment or asset tokens and decentralized identity are filled
in and interact with each other.

Another example is insurance, the other sector where one of the most DLT use cases is located
according to Hileman & Rauchs (2017). Let's say you are a car insurance provider. In that case,
your challenges will be close to the ones that financial service providers and auto companies
also know. You will want to use the same application types as those of BitShares and BMW.
After all, they are located in these sectors. The aforementioned advantages of this are safe and
cheap transactions, which lead to faster and more efficient processing of the process.

According to Hileman & Rauchs, healthcare is the sector with the third most DLT use cases.
Within this sector, medical data must be compiled and shared in a transparent manner
between various parties, such as hospitals, doctors, pharmacies, insurers and the patient.
Central to this is registration of data, a robust network, Self-Sovereign Identity and perhaps
payment transactions to involve an insurer in invoice processing via a smart contract.
Blockchain can provide more security and confidence in the medical data, so that care can be
provided faster.

- 491 -
17.4 Summary, terms and sources
Summary
There are a number of criteria you can look at to decide if blockchain is of interest to your
business. We have established criteria that fall within the following three blocks:
1. Data.
2. Parties.
3. Data traffic.

After all, blockchain is an instrument to remove frictions with data or data traffic, or to create
opportunities with data and data traffic. As a rule of thumb, it is useful to use at least the
following criteria:
1. Digital innovation is part of the strategy.
2. Different parties share data.
3. These data and their transactions concern monetary value.
4. The data are confidential
5. Different parties edit data.
6. Data must be verified.
7. There is a clear Return on Investment to be calculated, and this is sufficient in this case.
8. Verification is complex, cost and or time-increasing.
9. The solution to choose blockchain is the simplest opportunity to overcome the problem.
10. The solution influences the existing organizational structure.
11. The solution affects the existing workflow.
12. The solution affects the existing ecosystem. For example, there is no intermediary with a
central position.
13. The technical solution is close to or can be integrated with existing systems.
14. The solution is data intensive but scalable. Think in differences of 1k, 10k, 100k, 1 million
or> 10 million transactions per hour.

If you have a blockchain case, you need to split the case into application types. Based on your
application types, you can select blockchain elements. A blockchain element is a basic building
block that is used together with other building blocks to enable an application type. The
blockchain building blocks also determine the characteristics of a blockchain that you want to
use. For example, the blockchain element "payment token" has an impact on the ease, speed
and transparency of payment transactions. Examples of blockchain elements are wallets, smart
contracts, dApps, DAOs, oracles, and so on.

- 492 -
Application types thus bundle blockchain elements that themselves represent a certain user
utility of the blockchain. The user utility is related to how you bundle and / or adapt these
elements for your own application types.

Comments you can now explain


• Blockchain mainly gives companies the opportunity to effect data traffic between
cooperating parties, within the company and the ecosystem.
• Currently, the impact of blockchain in companies is mainly focused on efficiency,
disintermediation and registration.
• The impact of blockchain is great where cooperating parties unlock and create new data.
• After business models, ecosystems will have to be set up in a more decentralized manner in
order to utilize the full benefits of blockchain.
• A simple decision tree can help to quickly estimate the usefulness of a blockchain project.
• The possibilities for applying blockchain are related to the application types and the
blockchain elements.
• The building blocks of blockchain can be freely bundled and adapted in order to enjoy a
specific user benefit of the blockchain.
• A successful blockchain project needs a positive ROI to substantiate.

Glossary of Terms
Asset token: Token with an underlying asset in the real world. Possible applications are loans,
crowdfunding and private markets.

Payment Token: Token for the purpose of making payments within the blockchain network.
Possible applications are e-commerce, peer-to-peer lending and microfinance.

Blockchain 1.0 elements: Basic elements of blockchain such as consensus mechanism that is
mutually maintained, immutability of data (with open permissionless blockchains), overview of
transactions, chain of data blocks and applications of cryptography to guarantee the
authenticity of data. Inherent to this is a more robust and secure network. The main application
within this is cryptocurrency, but other applications such as registrations of votes and
ownership are also possible.

Blockchain Element: A basic blockchain building block used in conjunction with other building
blocks to enable an application type. The building blocks also determine the characteristic
properties of a blockchain that you want to use. For example, the blockchain element "payment
token" has an impact on payment transactions.

Crowdfunding: Acquiring funds to fund an initiative.

- 493 -
dApp: An application that uses the decentralized data storage of a blockchain.

Decentralized identity: A digital identity that is recorded and managed in a decentralized


manner.

Decentralized Autonomous Organisation: An autonomous entity, which also depends on the


hiring of individuals. These individuals can perform certain necessary tasks that the entity
cannot. The DAO has internal capital at its disposal for this purpose, with which certain
activities of these individuals can be rewarded. Bitcoin is the first DAO.

KYC/AML: Demonstrate that a party is who it says it is based on data across the entire
ecosystem and understand what the party did in the past. A so-called compliant check box can
be shared between financial service providers and customers.

Network Token: Token that aims to reward participants for the work they do to help maintain
the network.

Notarization: Indicate what the state of something was at a certain time.

Oracle: A source outside the blockchain that feeds a smart contract with relevant external
information so that the smart contract can check arbitrary conditions.

Smart contract: A contract with certain terms and conditions that are laid down in code. The
contract is self-executing, as it itself performs the appropriate corresponding actions when the
terms and conditions are met. Possible application types are digital rights, gambling and money
deposits.

Application type: Application types bundle blockchain elements that themselves represent a
certain user utility of the blockchain. For example, BitShares has as application types a trade
exchange, clearing and settlement and payment transactions.

Triple entry accounting: Simultaneously demonstrate for multiple parties that the transaction
has taken place.

Upfront compliancy: Adjust in advance that transactions take place in accordance with laws
and regulations.

Wallet & digital signature: A digital wallet with which you can perform transactions and own
tokens. Transactions are performed with a digital signature, in which a private key is involved.
This includes being able to demonstrate ownership of a particular property at any time.

- 494 -
Sources
Alloway, T. (2017, January 19). An experiment. Source: http://www.tracy-alloway.com/?p=577.

Castellon, N., Cozijnsen, P. & Van Goor, T. (2018). Blockchain Security: A Framework for Trust
and Adoption. Consulted from: https://dutchblockchaincoalition.org/nieuws/cyber-
security-framework-helpt-organisaties-met-veilig-toepassen-blockchains.

EU Blockchain Observatory & Forum (2019). Feeling good: Healthcare data and the blockchain.
Consulted from https://www.eublockchainforum.eu/news/feeling-good-healthcare-data-
and-blockchain

Herweijer, C., Waughray, D., & Warren, S. (2018). Building Block(chain)s for a Better Planet.
Consulted from http://www3.weforum.org/docs/WEF_Building-Blockchains.pdf

Hileman G., & Rauchs M. (2017). Global Blockchain benchmarking study. Consulted from
https://www.jbs.cam.ac.uk/fileadmin/user_upload/research/centres/alternative-
finance/downloads/2017-09-27-ccaf-globalbchain.pdf

Millar, J. (2018, January 10). 6 Questions to Ask When Considering Blockchain Solutions for
Enterprise. Consulted on December 23, 2019, from Consensys website:
https://media.consensys.net/6-questions-to-ask-when-considering-blockchain-solutions-
for-enterprise-10616a0c63c4

Yaga, D., Mell, P., Roby, N., & Scarfone, K. (2018). Blockchain technology overview.
https://doi.org/10.6028/nist.ir.8202

- 495 -
- 496 -
18. Platforms and consortia

“No matter who the financial advisor of the future becomes, they will be
running a Blockchain based operating system for commerce and finance.”
- Lex Sokolin (2019)

“The mix of blue chip technology companies, international organizations,


logistics and manufacturing players and academia that have joined us from
point around the world show the widespread interest and investment in open
source enterprise blockchain technologies. This broad-based involvement is
what drives our expanding portfolio of open source projects, which are fully
conceived, developed and advanced by the ever-growing Hyperledger
community.”
- Brian Behlendorf (2019)

18.1 Introduction and learning objectives


In this chapter you will learn
• What considerations companies take to apply blockchain.
• The pros and cons of Enterprise blockchain platforms such as Ethereum, Hyperledger and
Corda.
• The pros and cons of blockchain consortia such as Ethereum Enterprise Alliance,
Hyperledger and R3.
• The challenges that a blockchain consortium faces.
• BaaS as an alternative way of getting started with blockchain software in an accessible way.

Introduction
Many companies that implement Enterprise Blockchain use blockchain platforms for this. These
platforms allow you to write applications using certain technologies. Various partnerships have
been organized around these platforms, so-called consortia.

- 497 -
In this chapter, well-known Enterprise blockchain platforms, in section 18.2, and consortia are
described in section 18.3. The impact that a consortium can have on companies is mentioned in
section 18.4. The chapter concludes with a summary, used terms and sources in section 18.5.

18.2 Enterprise blockchain platforms


Various stakeholders have organized themselves in consortia to jointly develop blockchain
applications. Within this they seek cooperation with existing (public) blockchain systems and /
or create their own blockchain system based on a blockchain platform. These platforms allow
you to write applications using certain technologies. This allows your application to collaborate
with other dApps, for example, in its own or shared programming language, documents are
stored or shared, a technical infrastructure is developed or access to a specific network. For
blockchain, platforms focus specifically on communication protocols, dApps, smart contracts
and cryptography.

In the following, we will discuss three leading blockchain platforms that different consortia
make use off:
1. Ethereum has the most developers and also the highest market capitalization of the
blockchain 2.0 public blockchain systems.206 The Ethereum Enterprise Alliance (EEA) has
also managed to mobilize most participants in an organized group.
1. Hyperledger was started in December 2015 by the Linux Foundation and has a large
number of developers around the professionally organized open source initiative. IBM is
one of the drivers of Hyperledger Fabric, a permissioned blockchain infrastructure, to
run professional blockchain applications.
2. Corda is a professionally organized open source blockchain that has existed since 2015.
Corda was developed by R3 and mainly focuses on financial services.

Significant differences from these three platforms are summarized below as guidance for
further discussion of these platforms.

206 Ethereum currently has the largest developer ecosystem of the public blockchains. Bigger than EOS, Cardano
and Tron. (Electric Capital, 2019). It also has the most dApps, although the activity of many dApps is still quite
limited.
- 498 -
Ethereum Hyperledger R3 Corda
Type of platform Generic Modular Financial
Governance Ethereum Enterprise Linux Foundation R3 consortium
Alliance (EEA)
Blockchain type Permissionless and Permissionless and Permissioned
permissioned permissioned
Crypto currency Ether (ETH) No / some possibility None / possible in
the future
Consensus mechanism PoW Pluggable Pluggable
Smart contracts Yes Yes Yes
Table 33: A comparison table between Ethereum, Hyperledger and R3 Corda. The table is based on the research by HfS research
(2018).

Ethereum and Hyperledger are used by various industries, while R3 specializes mainly in the
financial industry. Hyperledger seems to be more used in recent years thanks to increasingly
stable technology, while Ethereum as a first mover offers the potential of a public network for
new start-ups.207

Hereafter we will go deeper into the three platforms.

18.2.1 Ethereum
Ethereum was one of the first blockchains to use smart contracts. The platform is currently
considered to be the main representative of blockchain 2.0. It offers the possibility to develop
different dApps on the platform.

Of the three platforms, Ethereum is the only one that is basically a public blockchain. The
Ethereum Enterprise Alliance (EEA) has been set up around this platform. EEA is a member
organization that defines Enterprise software using agreements and standards.208 Based on this
software, they can create applications and make integrations with their old database systems. In
addition to code and smart contracts, the Ethereum Virtual Machine

207 It is unclear which platforms will become dominant. In principle, platforms that have a large market share can
lose most of their market share due to the high competition. This has been shown in the past in mobile, e-
commerce and social media technology changes. Think for example of Nokia, eBay, Yahoo and MySpace. According
to del Castillo (2019), of the 50 largest blockchain projects, use 50% Hyperledger and 40% Ethereum.
208 EEA members include companies such as Samsung, Microsoft, Accenture, ING and HP Enterprise.
- 499 -
(EVM) is used for this. The EVM is responsible for the computations on the network and for
handling the internal state on the network.209

Interoperability Ethereum still has scalability issues. To


Interoperability refers to the possibility of overcome this, Ethereum is working on,
sharing information between different among other things, a transition from a Proof-
blockchains. Think of a token that you buy of-Work to a Proof-of-Stake consensus
on one blockchain and want to use on mechanism via the Casper updates. Casper is
another blockchain. Another possibility, in also seen as the new evolution of Ethereum,
line with interoperability, is to place a lot of also referred to as Ethereum 2.0. In addition
data off-chain as a separate side chain and to scalability, the goal is to make the network
link it to the root chain. safer and more environmentally friendly.

Given the importance of interoperability, Another way to increase scalability is through


there are several companies that engage in sharding. With sharding, a blockchain is split
this topic. into several pieces (shards), which an
individual node can download, store and
verify, so that the network can be maintained
in pieces, rather than as a whole.

Finally, there is the Plasma initiative, in which the blockchain infrastructure consists of a root
chain that is linked to various side chains. The side chains can be seen as blockchains that are
maintained separately. In this light, coordinating interoperability protocols between EEA
members is important for both scalability and for aligning dApps and using each other's data. Or,
you can exchange information and transactions with untrusted parties without leaving your own
application. It is possible that the side chain on the plasma network is a private blockchain that
occasionally sends the state of the blockchain to the root chain. The root chain helps to verify
the state of private side chain. This leads to better security of the private side chain. Ethereum
therefore allows business data to remain within private systems, while the resultant state of all
data is processed and maintained within the Ethereum network. For more information about the

209 An EVM is a decentralized virtual machine that can run scripts. EVMs take care of the computations on the
Ethereum network. Smart contracts written in the Solidity programming language are compiled into "bytecode"
that can be read and executed by the EVM. Each node on the network contains an EVM and compiles and executes
smart contracts.
- 500 -
scalability problem of blockchains and how it can be solved with sharding and plasma, see
section 6.9.

Ethereum is a widely used technology and is offered by various external parties for Blockchain-
as-a-Service (BaaS), among others, to keep the development of its own blockchain system
accessible. In the public system, there is an Ethereum cryptocurrency (Ether) that is used to pay
gas for writing a transaction and executing its computations.

Furthermore, as mentioned above, Ethereum is a public network. This gives EEA members the
opportunity to connect an existing public network of thousands of users and developers within
the stakeholder group to the application the company is developing.

Ethereum is also open source and already has standards for tokens, decentralized storage,
messages and user-friendly address names. In addition, Ethereum as a platform allows, where
necessary, to control the access and functionality of users and whether or not to keep
transactions hidden.

You can also develop a private blockchain based on Ethereum. For example, you can create a
private Ethereum blockchain with a permissioned consensus mechanism such as Proof-of-
Authority or Practical Byzantine Fault Tolerance. This permissioned setup is important for
members of EEA, because it allows them to determine who has access rights to their own set up
blockchain. They can also set up the private chain in such a way that no crypto token is used, and
no gas has to be paid. This way they only have to cooperate with parties they know and trust.
Ethereum can thus be used as an Enterprise software.

Enterprise Ethereum offers solutions for problems that companies experience with public
models so:
1. That you keep sufficient influence on the decisions within a DAO.
2. That you don't know how to react when a hard or soft fork comes.
3. It is unclear to what extent open source developments are shared with competitors.
4. That there are participants who have a role within the network, without it being clear
what goals they serve.
5. To what extent laws and regulations are followed.

- 501 -
18.2.2 Hyperledger
The EEA collaborates with the Hyperledger Project, the second platform. Hyperledger is
supported within the Linux Foundation. Hyperledger participants include Airbus, Ant Financial,
Huawei, SAP, TNO, Bank of England, Smart Dubai, ABN Amro, Rabobank, and R3.210

Hyperledger was created because several companies felt the need to work together on a
blockchain that was not built directly around cryptocurrency, but still allowed to work together
around smart contracts..211 For this, these companies brought
their blockchain systems together on the open Linux platform.
As a result, various open source templates and modules were
available to them, which companies could enter easily. The templates and modules are also
called pluggable, because you can choose which of these you want to implement or modify and
which you do not.

The members of Linux, like EEA, work together around the modules to agree on how to build
Enterprise software with smart contracts, client libraries, graphical interfaces and applications.
It also discusses how these systems can work together to be interoperable. In addition, there
are templates for various business applications where the storage models, contracts, roles and
the like can be adapted. From the various initiatives within Hyperledger, six blockchain
frameworks have emerged within Hyperledger.

The following image provides an overview of the different frameworks and the libraries and
tools used with Hyperledger.

210 Some companies such as Samsung and JP Morgan are members of both EEA and Linux, or even R3.
211 This is explainable, as a private initiative, Hyperledger does not need crypto tokens to reward participants to
properly reach consensus.
- 502 -
Figure 144: Overview of Hyperledger and the different frameworks (Hyperledger.org, 2019).

There is the widely used Hyperledger Fabric, co-founded by IBM, with which you can split
identities and responsibilities per role. It is intended as a basis for developing applications or
modular architecture solutions. It is often noted that because IBM plays a major role within
Hyperledger Fabric, it becomes more difficult to use a supplier other than IBM. This is also
referred to as vendor lock-in.

Other blockchain frameworks within Hyperledger include Sawtooth (Intel), Burrow (Monax),
Indy and Iroha. These support the Ethereum Virtual Machine (EVM) for the benefit of smart
contracts and a cryptographic reward system. Hyperledger Fabric and Hyperledger Sawtooth
can be modified again to also allow permissionless networks. Sawtooth is the most popular
Hyperledger framework after Fabric. It allows dApps and uses the Proof-of-Elapsed Time (PoET)
consensus mechanism. The mechanism prevents high energy consumption for the maintenance
of the blockchain. Hyperledger Indy has been specially developed for decentralized identity.
Sovrin, the initiative to roll out Self-Sovereign Identities, is based on Indy.
Hyperledger is not tied to any particular blockchain technology and, in that sense, is an open
platform where other platforms like Ethereum and Corda are used. For example, various
consensus mechanisms and smart contracts can be developed and used within Hyperledger.
For this, chain code, a smart contract layer, is used. Tokens can also be built in, although they
are not standard features within Hyperledger. This encourages crypto economics to stimulate
cooperation between (cross) industrial partners.

The data from the different entities using Hyperledger blockchains can be combined to form a
pool for everyone to fish from. This prevents, among other things, duplicate input and errors and

- 503 -
potentially offers more information where participants in previous instances had no access or
only access after cumbersome requests from others. Zero-Knowledge Proofs makes this easier
to access. You can also still open your own chain with your own ledger. The data from your own
chain is then not shared with anyone else if you want to.

Hyperledger is less robust as a connection of private networks than public Ethereum. These
private blockchains and R3 Corda are expected to gain connectivity to public blockchains in the
long term and increase their robustness.

Hyperledger has been able to profile itself well with Ethereum in recent years thanks to stable
technology with reasonable scalability and a built-in way to keep data private. Like Ethereum,
Hyperledger is used for various Blockchain-as-a-Service solutions (BaaS).

Blockchain-as-a-Service (BaaS)
Sometimes companies don't have the hardware, knowledge or connectivity to run a
blockchain application. For this they use cloud providers such as IBM, Microsoft, Amazon
Web Services, Huawei, Alibaba, Oracle and Tencent. These rent out hardware environments
with cloud connections, backup options and network software, on which you can run your
own blockchain system or already programmed templates. Additionally, BaaS vendors also
integrate with these companies' current databases and servers, as well as auditing tools.

An Enterprise Ethereum, Hyperledger or Corda application can thus be efficiently developed


and maintained, allowing BaaS to play an important role for companies that want to develop
blockchain, but do not have all the tools at their disposal. An interesting development is that
Enterprise Resource Planning suppliers such as SAP also offer BaaS services, such as
Hyperledger. For participating companies, this is an opportunity to quickly update their data
in a familiar manner using APIs, while still being able to keep the data private.

18.2.3 R3
The third platform, R3, is a consortium of financial institutions that developed the Corda
blockchain. It is specifically intended for financial transactions, such as financing, trading,
insurance, healthcare and digital ownership.

- 504 -
R3 itself has received funding from the participants to set up a team of
developers. Initial participants included Barclays, JP Morgan, Credit Suisse,
UBS, SWIFT, HSBC, Deutsche Bank, ABN AMRO, ING and Rabobank. B3i, an
insurance consortium, is now also a member of R3. In addition to B3i, the
trade finance consortium also makes Marco Polo 212, and MOBI also uses Corda. For the latter,
see also the BMW case in section 16.4. R3, in turn, is a member of Hyperledger.

The increase in members and the increased use of Corda is also because it offers an application
that you can easily copy and change to your own wishes. In this case Corda offers an application
that you can copy as an organization from a template and where you can have the Corda team
make adjustments in outline. You do not have to program the entire application from the
beginning.

At Corda, messages are sent point-to-point rather than globally broadcast to all nodes on the
network. Each message is addressed to the party for whom it is intended. This ensures that
transactions are only shared between parties involved in this transaction and kept anonymous
to others. This also means that a transaction is not placed in a data block in a shared database.
Thus, consensus is also achieved at transaction level, or even only parts of transactions instead of
the entire transaction. To increase processing speed, several transactions can be processed side by
side.

At Corda, every transaction - transfer of money between parties - is part of an agreement that is
executed via smart contracts with legal consequences. Another characteristic that shows that
Corda must comply with the specific laws and regulations of the highly regulated financial
services is that transactions can be reversed, and the database returned to another historical
state. This roll-back function thus ensures that a wrong transaction can be reversed. Corda is
therefore a Distributed Ledger Technology and not a pure blockchain in which the data blocks
are chained together. Corda also has a searchable and separated database in SQL format. This
makes it easier for supervisors to perform their work.

As with Hyperledger, tokens are not inherent in Corda. These will be possible in the future. A
disadvantage of Corda is that you are quickly stuck with developments from the R3 Corda

212 For example, Daimler, owner of Mercedes-Benz, made an initial transaction in which an order was delivered for
a balancing system with engineering company Dürr.
- 505 -
organization. This is because competitors who work within Corda do not allow each other to
work on Corda within their own company. This could lead to the company needing to use
sensitive information that its competitors have made available to Corda for this purpose.

18.2.4 Notable differences and similarities between the three consortia


There are also significant differences within the three aforementioned consortia. For example,
EEA experiences less the need to know all participants of the Ethereum platform, because in
principle Ethereum is permissionless. The members of EEA themselves consult with each other
and with the Ethereum Foundation.

Hyperledger has more of a member structure and more centralized governance, making
individual members more likely to enter into collaborative contracts should they wish to have
some of the software implemented by vendors such as IBM. This is in contrast to Corda, where,
for example, B3i itself has set up a company with shareholders where Corda is developed for
insurance. Due to the specialization of financial services in governance, Corda will again involve
more legislative and regulatory bodies in the network.

There are also agreements, such as that in all three consortia the members decide and all three
work with technical steering committees, which determine the technical direction of the
community, assess and approve technical contributions and oversee the working groups.

So much for the three main platforms.

Inventor's dilemma
To some extent, companies work together knowing they are simultaneously improving their
competitive powers. Working together, you divide the risk of the inventor's dilemma.
Namely that you invest in a disruptive technology that on the one hand helps your
customers with improved services, but on the other hand can lead to the cannibalization of
your revenue model.

- 506 -
18.2.5 Other relevant platforms
In addition to these platforms, the following relevant platforms are briefly described: Quorum,
EOS, Ripple and Stellar.

First, there is Quorum ledger, made by JP Morgan and based on Ethereum. It uses Ethereum
code, but has made it so it has to meet the requirements of its own industry. In this case for
financial transactions. For example, there are no gas costs at Quorum, and it can easily make
updates that are made to the Ethereum network to its own system. Quorum has partnered with
Zcash to integrate its own form of Zero-Knowledge Proof technology to facilitate private
transactions. External supervisors have also been assigned roles within the Quorum network.

Secondly, there is EOS that was introduced in 2017. Like Ethereum, this well-funded public
blockchain is a blockchain platform on which applications are developed. It is freely scalable
due to the Delegated Proof-of-Stake consensus mechanism. From a public point of view, EOS
was founded by a commercial party, Block.one, and there are a limited number of 21 block
producers (witnesses), which some consider to be limited. Certainly for consortia, this can be an
argument for not committing to EOS. However, it is one of the most scalable public blockchains.
213 It also has its own crypto currency called EOS.

A third platform is Ripple, which operates with the cryptocurrency XRP 214 focuses on currency
and payments. Ripple is not a DAO but part of the private company, Ripple Labs. Ripple Labs is
recruiting financial services providers by building a faster and cheaper global blockchain
alternative for international payments. This poses a threat to, among other things, the existing
SWIFT system.

Ripple was founded in 2012 by Jed McCaleb, among others, who founded Stellar within the
Stellar Development Foundation in 2014. Like Ripple, Stellar offers payment infrastructure, but
also focuses on digital ownership. The Stellar platform is a public blockchain and a DAO. Among
other things, it has partnered with Hyperledger Fabric to handle foreign payment transactions
using Stellar's token, XLM. SWIFT is involved in this, in addition to R3.

213 Also see Section 6.4 for more information on Delegated Proof-of-Stake.
214 XRP is the cryptocurrency of the Ripple platform. The X stands for the country of issue of this currency. Since
XRP has no issuing country, the X is used. Just as XBT is common for Bitcoin.
- 507 -
18.3 Consortium
The three aforementioned major platforms were set up by various partnerships of collaborating
parties such as Ethereum Enterprise Alliance, Linux / Hyperledger and R3. The parties that
cooperate in this can vary from government bodies, interest groups and unknowns, to
suppliers, customers and direct competitors. These alliances are called consortia when it
concerns a form of cooperation of blockchains in which the new entrants are known and are
assigned specific roles.215

A step further is the hybrid blockchain, a blockchain that combines different elements of a
private blockchain with elements of a public blockchain. Within EEA, for example, different
versions of Ethereum are used. Some are fairly open and decentralized, but do contain the
permissioned element. For now, the terms consortium and hybrid systems are grouped under
the terminology consortium, because the challenges and concerns focused on the Enterprise
blockchain are broadly similar.

18.3.1 Blockchain challenges for which companies see collaboration as a solution


The large consortia focus on developing applications, standards and infrastructure around an
Enterprise blockchain to meet specific challenges. Some of the challenges that blockchain
companies face that can be addressed through collaboration are as follows.

Firstly, laws and regulations are not always clear due to the wait-and-see attitude of
supervisors. Consortia share knowledge about this and maintain active contact with supervisors
through consortia. Differences in national legislation and the more global structure of
blockchains play a role within international consortia. Certainly within Europe, this leads to
complications, because to a certain extent you also coordinate legal boundaries within one
platform on top of bridging geographical and cultural boundaries. Supervisors will want to
figure out how consortia ensure that, within a multinational system, they mainly comply with
GDPR legislation and limit data exchange.

Secondly, the technology is evolving, so there may be too few resources or too high risks to
implement blockchain alone. Collaboration helps to share developer talent. Agreements on
interoperability, data structures, programming languages and the like help reduce the risks of

215 The other relevant platforms mentioned were not set up by consortia but by private parties, such as JP Morgan,
block.one, Ripple Labs and the Stellar Development Foundation.
- 508 -
an overly generic or overly complex system for the specific company. A company will want to
keep shielding its own hardware and software from itself, although cooperation may also be
possible there.

Thirdly, a company is not sure whether it can reach the critical mass needed for adoption and a
stable performing system. This critical mass can be achieved through collaboration with others.
Adoption applies to the clientele as well as to the company's own employees, given the impact
that blockchain has on the organization itself.

In line with this, a fourth aspect can be mentioned. Blockchain can change the ecosystem in
which both known and unknown parties work together.216 Blockchain offers an opportunity for
new business models that were not obvious before. These business models may or may not
take advantage of the opportunity to share data that was previously not available or usable
between and marketed by the various parties. This does not only have to be a company that
uses the value of new data, but it can, for example, also be the customer who sells its own user
data. In this light, some blockchain implementations can also be seen as a digitization of an
ecosystem or value chain that aligns information systems of companies and organizations.

Within the ecosystem, a dominant player may also be prevented from creating the blockchain
system, as happened in Web 2.0. An open source network, preferably in combination with a
public system, is an important condition for the end user.

18.3.2 Examples of consortia


An example where various challenges are addressed through collaboration is the Industrial
Value Chain Initiative.217 This Japanese group of IoT manufacturers shares information about
the blockchain. This helps both small and large manufacturers to securely and reliably share
product development data, use of production resources and quality data. Smaller
manufacturers do not have to invest as much in obtaining data. Both the reduction of data
leaks and the cheaper sharing of information are envisaged. You don't have to build a data
integration system to quickly share reliable information. You can easily join, while your data is
safe, and you decide with whom you share what. All parties that cooperate put down their data

216 In principle, parties who know each other work together in a consortium. In specific cases, this link can be
extended to include collaboration with unknown parties, among other things, by linking it to public systems.
217 For more information, see "100 Japanese manufacturers harness blockchain to share data" (Matsui, 2019).
- 509 -
transparently, which prevents incorrect data. The person who maintains the data and the
software can be paid via a cryptocurrency.

Other examples of consortia include relationships for:


1. Insurances (Blockchain Insurance Industry Initiative, B3i).
2. Energy trade (VAKT, member of EEA).
3. Transport (Blockchain in Transport Alliance, BiTA).
4. Internet of Things (TrustedIoTAlliance).
5. Trade finance (we.trade).
6. Mobility (Mobility Open Blockchain Initiative, MOBI).

As B3i and SWIFT show, the same consortia or companies use multiple platforms to develop
blockchain systems and the big three platforms, EEA, Hyperledger and Corda, work together.
This is because, on the one hand, the platforms converge as stable technology in terms of
development, while on the other hand specialization is also emerging. For example, B3i initially
chose to use Hyperledger for reinsurance, because this was the most developed technology.
However, when Corda caught up, B3i made the switch to Corda.

18.3.3 Challenges faced by a company within a blockchain consortium


In addition to the challenges of blockchain, there are other challenges that a blockchain
consortium must take into account. Within blockchain, collaboration with other parties is
central. However, trust between the parties is necessary for this cooperation within a
consortium. This seems to contradict how blockchain was initially set up by Satoshi Nakamoto,
which offers trust in the system rather than trust between the parties. A blockchain consortium
has strong similarities with other forms of collaboration, such as joint ventures.

In consortia, parties generally opt for cooperation with a limited number of parties from
outside their own organization, and preferably parties with which they already work and which
they already trust. This involves more cooperation between competitors. The competitors you
work with are also known as concullegas: In specific cases, or in the longer term, the
collaboration will be expanded with unknown parties to enjoy the benefits of blockchain as a
network technology. Legal cooperation agreements are an important part of a consortium's
control measures to regulate this cooperation. It addresses topics that are both blockchain and
non-blockchain related, such as:

- 510 -
1. The mutual distribution of resources and investments such as knowledge and
intellectual property. The development of programs shifts from companies to the
consortia.
2. Taking care of decision-making within a consortium. To what extent should a new
company be established in which shareholders are represented? How is the financing
arranged and what is the division of tasks between the central body and participating
companies?
3. Dealing with mistakes that are made. How should errors be corrected? What sanctions
are imposed if a party is negligent?
4. Shielding business-sensitive information, such as that about customers and processes. It
should be mentioned that it is both a plus and a disadvantage that competitors can look
in each other’s kitchen, and also provide insight into each other's strategic priorities,
way of thinking and business processes..218
5. Sharing data and the value that these data yield. Consider, for example, the value of
personal data with which the parties that work together on Corda can offer personalized
insurance premiums.

A blockchain consortium is the first step for many companies to set up and continuously adapt
the revenue model and thus the business model of an organization and its ecosystem in a
broader context.
In this sense, organizations must be able to adapt themselves to efficiently collaborate with
distributed networks around mutual data sharing and access to efficient marketplaces in which
value is shared.
This goes beyond introducing a technology or an update to it.

As a final challenge, collaborating companies experience that it is not easy to appreciate shared
assets and that it is difficult to make contracts that fully cover the complicated interaction
within a consortium.

18.3.4 Roles within a consortium


As an individual profit-oriented entity within a competitive and regulated landscape, a company
has a different need for cooperation than a community of equals. For example, a company has
specific needs for safety, performance, compliance and reliability.

218 This is part of the so-called cooperative dilemma, in which cooperating competitors who constantly weigh up
the extent to which cooperation continues to be useful on the basis of recognized advantages and disadvantages
of this cooperation.
- 511 -
A more centralized form of control arises from this need of companies. Within this you hire
people, you coordinate the work between the groups of people, you control the work of the
groups and you stimulate to pursue the goals of the total group. For example, within a painting
company, the owner decides who is employed under what commercial conditions. The owner
also decides how to motivate employees to perform better, for example by celebrating
successes or setting variable rewards.

A company tends to keep full control. When they hire people and coordinate work, they prefer
people they know better to do work with higher responsibility. This leads to a company often
opting for a permissioned private blockchain. Within such a blockchain, a company can identify
the entrants and roles, which greatly facilitates governance. The company also has the
opportunity to keep data such as customer names or certain transactions from others
protected.

In section 9.3, the roles within a blockchain are classified as follows:

Transaction
Who can initiate, approve, view and change transactions?

Consensus
Who can act as validator of the data and provide consensus on the correct state of the
blockchain?

Software and hardware


Who is allowed to propose and implement which software changes? On which hardware,
including the network connections, do you run the blockchain?

Governance
Who decides the direction, rules, strategy and other control measures of the blockchain?

Figure 145: The four aspects you can participate in within a blockchain.

These roles can be combined in profiles. Identity management is central to this, in line with the
organizational chart and parties in the ecosystem. For example, one profile will be to control
the hardware to keep a complete history of the blockchain. In another profile, a wallet with
private and public keys is required to perform transactions.

- 512 -
A classification of the necessary profiles for a company network that functions according to
laws and regulations looks like this within the own network:
1. Decision makers on management measures such as an IT manager, internal auditor,
business owner and general manager.
2. System manager of the existing information systems to ensure interaction with other
information systems.
3. Blockchain network operator who manages the network.
4. Blockchain developer working on the blockchain application and thus working on, for
example, the security protocol, the consensus mechanism and the cryptography.
5. Certificate authority that issues the digital certificates, which demonstrate, among other
things, ownership of a public key.
6. Validator involved in consensus building.
7. End user who approves, initiates, inspects or changes the transactions.
8. Regulatory and authorities that supervise within the country or industry. (Hok, Fuentes,
& Riviera, 2016)

Coordinating all these different roles can become complex if responsibilities are shared across a
network of companies. The roles then differ per node, per person, per company and per form of
cooperation.

With regard to the regulatory and supervisory authority, there has already been talked about
taking care of decision-making within a consortium. Various forms are possible, such as setting
up a new company, a joint venture, a foundation, and so on.

18.4 Summary, terms and sources


Summary
Many companies that implement Enterprise blockchain use blockchain platforms for this. These
platforms allow you to write applications using certain technologies. This allows your
application to collaborate with other applications, for example, in its own or shared
programming language, documents are stored or shared and access to a specific network is
obtained. The three most prominent platforms are Ethereum, Hyperledger and Corda.

Each platform has its own unique features. Ethereum is, generally, a public blockchain,
Hyperledger offers plug-and-play modules using various technologies, and Corda as DLT is more
specialized in financial services. Members who have joined a partnership around one platform

- 513 -
are often also members of partnerships around the other platforms. The platforms themselves
are open source.

The partnerships are called consortia when it concerns a form of cooperation of blockchains in
which the new entrants are known and assigned specific roles. The cooperating parties can vary
from government bodies, interest groups and unknowns, to suppliers, customers and direct
competitors.

Consortia can help parties overcome four challenges. First, consortia share knowledge about
and maintain active contact with supervisors. This is to clarify the laws and regulations, among
other things. Second, they spread the risks by sharing resources to develop blockchain systems.
Third, through collaboration, they provide critical mass to adopt a stable performing system.
And fourth, they take the opportunity to establish new decentralized partnerships with trusted
and untrusted parties, without losing too much autonomy that blockchain offers. Think
specifically of competitors who will create and exchange data with each other, or collaborations
with each other's customers and suppliers.

On the other hand, the parties must mainly trust each other in order to work together. Usually
this trust is enforced by making agreements about means, decision-making, sanctions, sensitive
information and mutual data sharing.

Comments you can now explain


• Given the need for standardization and the benefits of data sharing, blockchain consortia
will play an increasingly important role within corporate ecosystems.
• It is difficult for companies to join a consortium, to continue to work with it and to leave a
consortium. Nevertheless, companies have great advantages when joining a consortium.
• Business consortia weigh scalability, security and decentralization in seeking value creation
through blockchain and Distributed Ledger Technology.
• Different consortia are likely to coexist. Interoperability within and between consortia plays
an important role in this.
• BaaS is an alternative for companies without large resources to start using blockchain
software in an accessible way.
• It is too early to see what the consequences will be if massively adopted public and private
systems connect.

- 514 -
Glossary of Terms
Blockchain-as-a-Service (BaaS): Third party services to help companies build and deploy their
blockchain solutions through the cloud.

Blockchain platform: Technical platform on which you can write smart contracts and
applications using certain technologies. Well-known platforms are Ethereum, Hyperledger and
Corda

Casper: Set of updates to help Ethereum make the transition from a Proof-of-Work to a Proof-
of-Stake consensus mechanism. In addition to scalability, the goal is to make the network safer
and more environmentally friendly.

Chaincode: Smart contract layer used by Hyperledger.

Concullega: Dutch term- Competitor you work with as if it were a colleague.

Consortium: Group of collaborating companies around a blockchain that often uses


permissioned networks.

Cooperation dilemma: The dilemma in which competitors who constantly weigh up on the basis
of the recognized advantages and disadvantages of a cooperation to what extent the
cooperation continues to be useful and whether they should leave the cooperation or not.

Corda: DLT platform for financial services providers developed by R3.

Cordapp: dApp on Corda.

EOS: EOS is a well-funded public blockchain and, like Ethereum, is a blockchain platform on
which applications are developed. It is scalable through the Delegated Proof-of-Stake consensus
mechanism.

Ethereum Enterprise Alliance (EEA): Group of collaborating companies to use Ethereum for
Enterprise blockchain.

Ethereum Virtual Machine (EVM): A decentralized virtual machine that can run scripts. EVMs
take care of the computations on the Ethereum network. Smart contracts written in Solidity are
compiled in "bytecode" that can be read and executed by the EVM. Each node on the network
contains an EVM and compiles and executes smart contracts.

Gas: Transaction costs that you pay to perform a transaction on the Ethereum blockchain.

- 515 -
Hybrid blockchain: Blockchain that combines different elements of a private blockchain with
elements of a public blockchain. Within EEA, for example, different versions of Ethereum are
used. Some are fairly open and decentralized, but do contain the permissioned element.

Hyperledger: Open source partnership, led by Linux, around the Hyperledger framework
ecosystem. Hyperledger's goal is to develop blockchain applications that can be used by
companies.

Interoperability: The ability to allow blockchains to communicate and share information.

Linux Foundation: Non-profit technology consortium that develops open standards for the Linux
operating system. It also supports open source software projects including Hyperledger.

Plasma initiative: A scaling solution in which side chains (child chains or plasma chains) are
created that are linked to the main chain (root chain). You can think of side chains as new
blockchains that regularly send their state to the main chain. Plasma is therefore a network of
blockchains that are linked to the main chain.

Quorum ledger: A blockchain based on Ethereum and developed by JP Morgan.

R3: Organization that develops Corda.

Ripple: A private blockchain alternative that focuses on interval currency and payment
transactions.

Roll-back function: Function to roll back completed registrations on a blockchain to a certain


original state of the blockchain.

Sharding: A scaling solution where the blockchain is split into partitions, also known as
“shards”. Each shard then has its own transaction history, so that the nodes that maintain a
shard only have to process the transactions that are relevant to the shard. It is important that
there are enough nodes within the subset of transactions to verify that the system is safe.

Stellar: Like Ripple, Stellar offers payment infrastructure, but also focuses on digital ownership.
The Stellar platform is a public blockchain and a DAO.

Inventor's dilemma: There may be an inventor's dilemma within partnerships. On the one hand,
you invest in a disruptive technology that helps your customers with better services, but on the
other, it can lead to cannibalizing your revenue model if you improve the competitive strengths
of other companies.

- 516 -
Point-to-point: In point-to-point communication, each message is addressed to the party for
whom it is intended. This ensures that transactions are only shared between parties involved in
this transaction and kept anonymous to others. This also means that a transaction is not placed
in a data block in a shared database. Consensus can thus be obtained at transaction level.

Vendor lock-in: A supplier makes a customer dependent on its products and services because
the customer is unable to change suppliers without substantial switching costs or other
inconveniences. It is often noted that because IBM plays a major role within Hyperledger Fabric,
it becomes more difficult to use a supplier other than IBM.

Sources
Del Castillo, M. (2019, December 10). Blockchain 50: Billion Dollar Babies. Consulted on
December 23, 2019, from Forbes website:
https://www.forbes.com/sites/michaeldelcastillo/2019/04/16/blockchain-50-billion-
dollar-babies/

Fersht, P. (2018, March 16). The top 5 enterprise blockchain platforms you need to know about.
Consulted on 23 December 2019, from Horses for Sources website:
https://www.horsesforsources.com/top-5-blockchain-platforms_031618

Hok, D., Fuentes, B., & Riviera, J. U. G. (2017, March 6). IBM Bluemix Nice Meetup # 4-20170302
6 Meetup @INRIA - BlockChain. Consulted on December 23, 2019, from Slideshare.net
website: https://www.slideshare.net/IBMFranceLab/ibm-bluemix-nice-meetup-
420170302-6-meetup-inria-blockchain

Hyperledger. (2019) Business Blockchain Frameworks & Tools Hosted by Hyperledger.


Consulted on December 23, 2019, from Hyperledger website:
https://www.hyperledger.org/

Matsui, M. (2019, June 16). 100 Japanese manufacturers harness blockchain to share data.
Consulted on 23 December 2019, from Nikkei Asian Review website:
https://asia.nikkei.com/Business/Business-trends/100-Japanese-manufacturers-harness-
blockchain-to-share-data

Shen, M. (2019). Developer Report. January - June 2019. Consulted from Electriccapital.com
website: https://www.electriccapital.com/developer_report_H1_2019_pdf

- 517 -
- 518 -
Epilogue

Given the adoption time of previous technologies, blockchain technology is still in its infancy state.
The parallels of blockchain with internet technology have already been mentioned. In that sense,
email has just been introduced and we are waiting for blockchain and dApps to be widely used. It
is important that standards are agreed between cooperating organizations. On a global level, we
ultimately want to tie all blockchains together to give everyone the opportunity to use the Internet
of Value. To this end, the various blockchains that will continue to exist will be connected to public
blockchains, leading to a large network, such as the internet once consisting of smaller individual
networks.

We also expect to be on the start of mainstream adoption. Gartner predicts that large companies
will adopt blockchain more and more and that the technology will converge with other
complementary technologies such as the Internet of Things, artificial intelligence and
decentralized Self-Sovereign Identities by 2025. Blockchain will create $3.1 trillion USD in new
business value by 2030, according to Gartner.

In any case, developments ensure that people become familiar with decentralized thinking.
Because of the decentralized mindset, people will rather think of decentralized alternatives to
central systems that they already know, for example, in education, politics, money production,
pension schemes and business models. This is in line with a trend in which there is more reliance
on peer-to-peer communication. In addition, platform business models such as Airbnb and Uber
are already making society more familiar with decentralization. After all, everyone can offer
accommodation on Airbnb and everyone can offer a car ride on Uber. However, blockchain
promises to go even further by enabling users to directly provide peer-to-peer services and
interact. Here we will see further crushing of the organization.

Blockchain is a promising part of emerging technologies that are each on the shoulders of the
work and insight of many individuals. It is a combination of proven technologies such as the
Internet, cryptography and distributed computer systems. Blockchain is an original thought that
generates new ideas, stimulates sociological imagination and offers the opportunity to implement
well-intentioned ideologies of decentralization.

We would like to jointly thank the following people for the support we received during the making
of the book.
- 519 -
Sander Reinderink, Tekla van Marle, Jurgen Scheffer and Bert Velt for the wonderful
opportunity to write a book, for organizing the Blockchain Lectorate at Saxion and
the constant enthusiasm. Thanks!

Jan Veuger, Christa Barkel and Joris Heuven for the support from our Blockchain
Lectorate; organizational, substantive and moral. Thanks!

Misha de Boer, Michael Damen and Remko van Yperen for all the provided
feedback on our work. Thanks!
Kjell Heinenbernd, Niek Horstman, Tom Kleine, Lesly ter Heerdt, Mart Swensson,
Tom Bruggink, Pim van Kaam, Michel Koop, Iris Diender, Jochem Schmaloer and Erik
Horsthuis for their comments and feedback on the book. Thanks!

And of course our thanks to Satoshi Nakamoto and all the others on whose
shoulders we stand, the many great thinkers, the many great doers, everything
works together, open source works. Thanks!

Acknowledgment Chhay Lin


My acknowledgment goes to all cryptoanarchists, cypherpunks and other blockchain pioneers
who have provided the world with such a disruptive technology that the world will radically
change for the better. I would also like to thank my family: Im, Lok, Lang, Chhay Lem and
Chaneng. I would also like to thank my partner and biggest supporter, Nicole.

Acknowledgment Arthur
My daughters, for the frolics around my head and my feet when I didn't ask for it, but needed
it. My wife, my lovely sweet wife who read my work and who caught the balls left and right that
fell when I was not there, physically or mentally.
And of course my mother. I was always somewhat surprised that Oscar winners thanked the
mothers more often than the fathers. But it is not surprising if you read the few lines above
again. When I look back at the happy starting position to take the beautiful opportunities that
life gave, I look back at one woman who put me in that position. Thanks mom, thanks Mer,
thanks Fem and Lente!

- 520 -
- 521 -

You might also like