In 1994, Nick Szabo, a legal scholar and computer scientist, coined the term “smart contract” to describe the ability to embed contracts, a legal construct, into computer code.
With the emergence of a blockchain ecosystem, the excitement around smart contracts has picked up.
In this article, I’m going to explore what smart contracts are and why it’s valuable to combine them with blockchain technology to make “blockchain smart contracts.” Then we’ll dive into the core problems they solve at a high level and then look at some potential specific-use cases. We’ll finish up by looking at the barriers and drawbacks of smart contracts. Alas, there is no free lunch!
What Is a Smart Contract Anyway?
The simplest example of a smart contract is a vending machine:
IF someone puts in a dollar
IF they press the button for Diet Coke
THEN dispense a Diet Coke
Smart contracts allow for the conversion of “wet code,” human-readable language like legal contracts, into “dry code,” computer-readable language. Wet code is more malleable and subject to interpretation, which can make it more flexible, but it can also make it less fair and more expensive (lawyers gotta make that Ke$ha too). Dry code is more rigid and deterministic, which makes it less flexible, but cheaper and fairer.
Though we don’t think about them much, contracts are an essential building block of our economy. As Ronald Coase pointed out, a firm is just a nexus of contracts with employees, vendors, shareholders and customers.1
You live in your home or apartment because you have a contract with a bank (a mortgage) or landlord. Whoever owns your home has a contract with a government entity that maintains the property title register saying who the home belongs to. In many ways, our lives are just nexuses of contracts—employment contracts, mortgage contracts and marriage contracts.
The basic idea behind smart contracts is that many kinds of contractual clauses (such as collateral, bonding, delineation of property rights, etc.) can be embedded in the hardware and software we deal with, in such a way as to make breach of contract expensive (if desired, sometimes prohibitively so) for the breacher and, in so doing, reduce the transaction costs associated with that contract.
A more complex example than vending machines might be dealing with a car lease. A car could have a “smart lien” protocol where if someone failed to meet their contractual obligation of making the lease payment, their electronic key no longer works and a key owned by the bank activates the car instead.
This would be a lot cheaper than using a repo man to chase down the car. If the car was autonomous, you could make it part of the contract that if a payment was not met, the car would simply drive itself to a location designated by the creditor. When the car purchaser paid off the car in full, the contract would make the key that the bank was holding useless. Additional clauses could be added for safety. You wouldn’t want to revoke operation of the car while it’s doing 75 miles an hour on I-40.
Enter your email below to download this essay as a beautiful PDF to read later:
Dry, Smart Contracts Vs. Wet, Legal Contracts
Smart contracts are not intended to replace existing common law, but to extend them and make it easier for individuals, businesses and eventually computers to make contracts with each other.
There are four important properties to good contracts:
If you enter into a contract with someone, like an employment contract, you want to be able to:
- Observe they are doing what they said they would do in the contract.
- If they don’t, you want to be able to have a way to verify that they didn’t do what they said they were going to do.
- Have a way to enforce consequences for breach of contract.
- Ideally, you would also like to keep the contract private. Not everyone needs to know the terms of your employment contract or mortgage.
Today, the main role of the accounting industry is to take the “nexus of contracts” that make up the economy and make them observable. The role of the auditing and investigation industries is to verify contracts. The role of the judicial system is to enforce those contracts: if someone violates a contract with you, you have the right to take them to court and punish them (through arrest, confiscation of property, etc.) for violating the contract.
Now that we’ve looked at the basics of smart contracts, let’s look at two ways in which blockchain smart contracts could help the existing system be more efficient and fair:
Scaling a company via code and contracts instead of via people mitigates the Principal-Agent problem.
Scaling via community-generated code and content mitigates Hayek’s Local Knowledge problem.
— Naval (@naval) September 3, 2018
Let’s break these two down:
- How can blockchain smart contracts use code to resolve the principal-agent problem?
- How can they use community to mitigate the local knowledge problem?
Blockchain Smart Contracts and the Principal-Agent Problem
The current system of common law contracts offers a primarily reactive form of security. Ken Lay and Jeff Skilling, the leaders of Enron, were both sentenced to jail and fined for fraud and corruption, but that didn’t mean grandma got her money back; it was already gone.
The reason the current system can only offer a reactive form of security is, in part, because wetl, legal code means we have to give up privacy in order to get verifiability and observability. Enron didn’t have to share their information publicly because they could claim that it would be giving away trade secrets. In theory, their auditing firm and trusted third party, Arthur Anderson, was supposed to be verifying the books and protecting investors. As Enron investors found out, they were not.
This problem is applicable beyond Enron. Whenever you have a trusted third party like Arthur Anderson in charge of observing, verifying or enforcing a contract, there is the possibility that the third party is corrupt or incompetent.
Broadly, this is called the principal-agent problem. The principal-agent problem happens when one person or entity (the agent) is able to make decisions that impact another person or entity (the principal) but their incentives are not perfectly aligned.
Common examples include company managers (agents) and shareholders (principals), politicians (agents) and voters (principals), or lawyers (agents) and clients (principals). Is a company manager buying back stock because it’s the best thing for shareholders or because it’s the best thing for them personally? Is a lawyer recommending a legal proceeding because it’s the best thing for their client or because it will generate income for the lawyer?
The principal-agent problem is the result of information asymmetry. When the agent knows something the principal doesn’t, the principal can’t directly ensure that the agent is always acting in the principal’s best interest.
The client doesn’t know enough about the law to know the right course of action and so must rely on the lawyer. The same is true with the voter and the shareholder.
These principal-agent problems are often the result of the tradeoff between being able to observe and verify versus having privacy. Enron, or managers of any company, quite reasonably don’t want to publicly share every bit of what they are working on for their competition to see. So we mostly rely on trusted third parties like accountants and auditors, which is much better than nothing but still creates potential problems.
From Arthur Anderson, to Yahoo, to Equifax (the subject of 2018’s massive data breach), trusted third parties always come with a moral hazard—what is best for them is not always best for the principal.
In the film adaption of Michael Lewis’s account of the 2008 financial crisis, The Big Short, there’s a scene where Steve Eisman (played by Steve Carell) walks into Standard and Poor’s and asks why they labeled all those mortgage-backed derivatives as AAA. The rating agent admits that “if I didn’t do it, the banks would have just gotten someone else to do it.”
The scene is apocryphal, but it’s spirit is true. The ratings agencies were not really investigating the mortgages in the bonds they were stamping as AAA. This was the principal-agent problem: Moody’s and Standards and Poor’s (the agent) didn’t have any skin in the game. If the bonds turned out to be worthless, they didn’t lose anything. They did stand to get business from the banks if they rated them AAA, so they did, even though it wasn’t in the best interest of the principal (the buyers of those bonds).
As was the case with Enron, cybersecurity breaches that have happened over the last decade, the agents like Yahoo and Equifax were only punishable retroactively. The customers still had all their data compromised.
Smart contracts make it possible to trust but verify. To deserve our trust, third parties must convince us that their claims are true by allowing us to “ping” their veracity and verify that certain claimed transactions in fact occurred. It would be possible for shareholders to determine that Enron wasn’t committing fraud without them having to reveal their numbers.
This is possible with a cryptographic technique called zero-knowledge proofs. Zero knowledge proofs make it possible for a principal to verify the truth of something said by an agent without the agent having to reveal too much information.
As a very simple example, imagine you are sitting on the opposite side of a table from a blindfolded friend who has two pool balls, one red and one green.
Your friend cannot see the pools balls (because blindfold), but you want to prove to your friend that the pool balls are in fact differently colored, but without revealing which one is red and which is green.
Your blindfolded friend hides both balls under the table and then brings the red ball up for you to see. After that, your friend hides the ball under the table and mixes them up.
They then hold up the green ball and ask, “Did I switch the ball?”
If both balls are the same color, there is no way for you to know.
But if the balls are different colors, you can prove to your blindfolded friend that the colors are different by saying that they changed the balls under the table without revealing the color of the balls.2
ZCash is the most well-known blockchain using zero-knowledge proofs, though others like Ethereum have also integrated it in some way.
Blockchain smart contracts that leverage cryptography make it possible to get both observability and verifiability without sacrificing privacy and reducing information asymmetry.3 This is potentially a big deal.
Currently, there is a tradeoff between control and empowerment between parties in a contract.
A boss can micromanage a direct report (high control, low empowerment) or trust them to do their job (low control, high empowerment). A board can micromanage a CEO or trust her to do her job. A client can micromanage a vendor or trust them. More control reduces the principal-agent problem, but can hamstring the agent. The shareholders know exactly what the CEO is doing, but she are hamstrung and unable to operate the company effectively by having to get approval for everything.
The possibility unlocked by blockchain smart contracts is the ability to truly “trust but verify.” Within companies, there could be less asymmetry between management and other professional employees. Outside of companies there could be less asymmetry between management and shareholders. In politics there could be less asymmetry between politicians and voters. In law, there could be less asymmetry between lawyers and clients.
Today, the problem with “trust but verify” is that verification is both expensive and unreliable—not every investor in a company can afford to have their own team of accountants auditing the company. The result is Arthur Andersen and Enron. When those teams of accountants are 1s and 0s, dry code, they become both cheaper and more reliable. The marginal cost of running a computer script is near zero.
In this way, the combination of blockchains and smart contracts could lower transaction costs (by making verification cheaper and more reliable) while solving the need for privacy, which could let contract participants reduce (thought not eliminate!) the hazard inherent in the principal-agent problem without having to resort to micromanagement.
However, even with smart contracts, there will still be some information asymmetry which can create tail risk. An agent still has local knowledge about how the system is architected and so if the principal isn’t asking the right questions, the agent can answer zero knowledge proofs all day long without revealing where in the structure the risk is hidden.
The CEO can prove certain things to the board, but if the board isn’t asking the right questions, it won’t do them much good. The CEO will always know more than the board and so they will always have the capacity to do this.
Smart Contracts and Incomplete Information
The other the major problem that smart contracts will be able to help with is incomplete information. This was first addressed by Friedrich Hayek in his 1945 paper, The Use of Knowledge in Society. Hayek asks readers to consider a world in which all information is known to a single individual. In this world, allocating resources in the most efficient way is just a math problem – that individual can just add up the pros and cons and pick whatever the optimal solution is.
However, Hayek points out, this is “emphatically not the economic problem which society faces.” In the real world, information is spread out, incomplete and often contradictory.
Hayek observed that most knowledge is not universal knowledge like physics. E=mc2 is true whether you are in Bhutan or Cincinnati, or on Mars. Most knowledge isn’t like E=mc2 though, it’s local: “the knowledge of the particular circumstances of time and place.” For example, I know that the sole on my right shoe is coming off and if I don’t buy a new one soon, it will fall off. How likely is it that anyone else would know that? That everyone else would know that?
The problem of local knowledge is compounded because the world is dynamic and constantly changing, not fixed. If I buy a new pair shoes or glue the sole of my existing pair back on, the knowledge I had about my sole falling off is no longer true. This means the optimal allocation of resources has changed—I don’t need new shoes anymore.
According to Hayek, solving this problem requires some form of decentralization, where decentralized actors need to be able to:
- Exploit their local knowledge.
- Make use of some sort of summary of the local knowledge possessed by others.
This problem can be solved by markets and the price system. If a local actor in a market discovers some new valuable use for tin, or copper, or microchips, they will be able to exploit that knowledge to buy more (believing they can use their knowledge to make something more valuable with them and sell them at a profit) and that will drive up the price.
The price is a (very brief) summary of the local knowledge possessed by others. Another actor in the same market doesn’t need to know that new valuable use case, that knowledge is encapsulated in the rising price.
Compared to central planners, markets are better at aggregating knowledge. Much local knowledge can’t be made explicitly legible, easy to comprehend, to the central planner—or at least not without a lot of difficulty. When resources are allocated by market actors rather than a central planner, you only need one actor to understand a piece of knowledge in order for that knowledge to start being incorporated in the price.
If you reflect on your own experience, Hayek’s point intuitively makes sense: Are the difficult decisions in your life hard because you know every last relevant detail and aren’t sure how to do the math and add them together? Or because they are full of unknowns and unknown unknowns?
Consider how many unknowns there are on a daily basis for the CEO of a large company or a government official in charge of a large department.
Here’s Hayek again:
“If we can agree that the economic problem of society is mainly one of rapid adaptation to changes in the particular circumstances of time and place, it would seem to follow that the ultimate decisions must be left to the people who are familiar with these circumstances, who know all the relevant changes and of the resources immediately available to meet them. We cannot expect that this problem will be solved by first communicating all this knowledge to a central board which, after integrating all knowledge, issues its orders. We must solve it by some form of decentralization.”
Because of the price mechanism, individual actors need to know very little in order to properly allocate resources. If the price of a new pair of shoes goes from $50 to $500, I don’t need to investigate the shoe industry demand spike and its supply chain issues to know that I would rather buy some glue and patch up my shoes to make them work than pay $500. The local information about the shoe industry is compressed and expressed via the increased price.
In this way, markets act as a coordination mechanism which contributes to economic growth and wellbeing in large part because they dispense with the need for any one individual to know all information. Markets aggregate local information through price.
Blockchain smart contracts have the potential to more effectively distribute knowledge and mitigate the problem of incomplete information because they make it possible to create markets in areas where it was previously impossible.
How Blockchains Turn Networks Into Markets
1/ Blockchains will replace networks with markets.
— Naval (@naval) June 21, 2017
What we call society is a series of overlapping networks. Some networks are physical—roads, train tracks and electricity grids. Some are digital—the internet and social media. Some are mental—religion, nation-states and money. Blockchains will make it possible to convert networks into markets.
Networks have networks effects. Adding a participant increases the value of the network for all existing participants. More train tracks means the usefulness of each train goes up. More Facebook users make the usefulness go up for all other users.
In order for networks to function, they must be organized according to rules. They require rulers to enforce the rules. Because of network effects these rulers tend to become the most powerful people in society. In Medieval Europe, the Pope enforced the rules of the network of Christianity and so he was among the most powerful.
Today, Facebook runs the social network, Google runs the search network, and different groups of elites run the university network and banking network.
Over the last couple hundred years, we have seen a new type of network: markets. The market networks are titans. These are the credit markets, the stock markets, the commodities markets, and the money markets. Compared with other networks, market networks tend to be more open and meritocratic. The 20th century and the markets that characterized it was the period of the greatest socio-economic mobility in history.
Blockchain allows people to engage in an open and meritocratic network without a ruler and without money (at least as we traditionally think of it). Just as society gives you money for giving society what it wants, blockchains give you coins for giving the network what it wants. Blockchains pay in their own coin, not the fiat money issued by nation-states.4
Different blockchains compensate you for different work. Already, we are starting to see some of the early applications. Bitcoin pays for securing the ledger of transactions allowing two parties to transact value or money without a ruler.5
Blockchains combine the openness of the the internet with the merit of markets. To a blockchain, merit can be security, computation, prediction, attention, bandwidth, or storage. For example, Ethereum pays for performing computation.6
Blockchain smart contracts could introduce markets into corners of society that have never before been reached by markets.
We are currently in the process of what Netscape founder Marc Andreessen has called software eating the world. As connectivity spreads and more machines are embedded via the internet of things, more and more networks will become digitized. When you add public blockchains, it’s possible to transform those networks into markets.
Consider the network of roads. When you get in the autonomous cars of the future, you may see a sliding scale offering the ability to set an arrival time and calculate the cost of the ride. If you want to arrive quickly, the car will make a flurry of payments to other cars allowing it to pass. If you’re not in a hurry, you may choose a later arrival time and lower fare, allowing other cars to fly past.
The solar grid on your roof may be able to buy and sell power with your neighbors depending on how hot or cold you want your air conditioning and demand at each time of the day.
No one central planner will have to control these networks because the blockchain will act to secure the ledger, the state of the system, and the smart contracts will execute the logic.
These markets will all be interconnected and aggregate larger and larger amounts of local information in the form of prices.
Enter your email below to download this essay as a beautiful PDF to read later:
Blockchain Smart Contract Use Cases
Here’s a few blockchain smart contract use cases, ordered from least weird to weirdest:
Currently, insurance policies can take weeks or even months to be paid. The process of getting reimbursed is still very manual, which adds costs, driving up premiums. It’s possible that insurance companies could automate part of the process using smart contracts.
Measurable factors like wind speed, location of a hurricane or magnitude of an earthquake could be recorded onto a blockchain and claims could be triggered if certain thresholds were crossed.
This would reduce administrative costs and make the process more transparent. It would also allow insurance companies to do more accurate pricing. Using smart contracts, a car insurance company could charge rates differently based on where, and under what conditions, policyholders are operating their vehicles.
In an industry like music where copyright privileges allow the copyright holder to receive a royalty anytime their work is used, there’s a big administrative cost in the current system keeping track of who owns the rights and who is using them. A system of blockchain smart contracts could more easily track who owns the copyright and who is using the copyrighted material so that royalty payments could be paid accurately and in real time.
This would not eliminate piracy or copyright violation, but could curb it in some meaningful way. Torrenting music has decreased in popularity in large part because services like Spotify make it so easy and convenient to just pay for the music that users would rather pay than pirate.
Currently, bank regulation like liquidity and capital requirements are justified by the fact that there is a principal-agent problem where depositors and shareholders are unable to observe the bank’s ledger.
Bank runs occur when depositors believe that their bank might not be able to cover their deposits and rush to withdraw their funds.
One potential application of blockchain smart contracts would allow depositors and shareholders to know that bank’s reserves and lendings were within some parameters, make it less likely for bank runs to occur.
An even further-reaching application would be a blockchain bank—a decentralized, autonomous organization which matches borrowers with lenders. A blockchain bank could make regulators less needed or, in some cases, irrelevant. At the moment that the blockchain bank becomes insolvent, the underlying assets would be automatically disbursed to shareholders and depositors.
It’s possible that smart contracts could reduce the overall need for government regulation since much regulation is designed to solve principal-agent problems resulting from asymmetric information.
However, there exist definite limitations on the impact of smart contracts. What if there are bugs in the code? Unlike wet, legal code which allows human judgement to be factored in, dry code needs to be right from the start. If you write the contract wrong and accidentally revoke control of a car when it’s on the interstate, that has real consequences. Writers of smart contracts will need to “move slowly and don’t break anything” as opposed to writers of web apps which tend to “move fast and break things.”
Other questions include how should smart contract transactions be taxed? What happens if there is an honest mistake and the person is punished automatically? It seems almost certain that for the foreseeable future, dry code smart contracts will still be highly supplemented by lots of wet code around them to deal with these issues.
The Oracle Problem
Smart contracts have the lowest transaction costs and are near frictionless when everything is on the blockchain. It’s easy for the bitcoin blockchain to know if Bob sent Alice one bitcoin because that transaction happened “on chain.” All parties have high confidence that it truly happened because they both see it on the Bitcoin blockchain.
But what about writing smart contracts for events that happen “off chain,” like for a farmer who wants to insure his crops against a storm in Kansas? Or the selling of a house and exchanging of a property title?
For these sorts of events, you need something in the real, physical world to get that information onto the blockchain. These are commonly called “oracles.”
The Oracle Problem is a new transaction cost and a source of ambiguity: How do you know that the storm really happened? What if the farmer just poured some water over the sensor? How do you measure exactly how strong the storm was? How do you measure whether the damage was caused by wind or rain?
One example of the Oracle Problem today is a system called MakerDAO, which is a decentralized currency that has an active monetary policy, run by smart contracts, which attempts to keep its internal cryptocurrency, called “dai,” at a price as close as possible to one U.S. dollar.
This means dai is what’s called a stablecoin; it’s a cryptocurrency like bitcoin or ether, but the goal of the system is to stabilize the price (in USD terms).
Maker does this with a smart contract facilitated market—if the price of dai goes above or below $1, then smart contracts start to offer ways for traders to arbitrage that away and make money so the price of dai should move back to one dollar.7
This requires a price feed to know what a dai is trading at relative to a dollar. The price of a dai expressed in U.S. dollars is not “on chain”; it’s happening off chain at exchanges. This means that, similar to the storm in Kansas, there is always a question of what the price of dai really is. It could be trading for $0.98 one one exchange but $1.02 on another.
MakerDAO uses a decentralized price feed mechanism composed of a few different Ethereum accounts as oracles. These Ethereum accounts are elected by owners of the MKR token and have some restrictions placed on them; however, it’s still possible for one (or all) of them to cheat and inaccurately report the price in a way that would benefit them, just like it’s possible for the farmer in Kansas to try and cheat to get reimbursed for crop damage even if there was no storm.
Once everything is on chain, the system is almost completely frictionless and free of transaction costs.8 The blockchain is a secure ledger once the data is on chain, but getting the data on there is still a problem, or more precisely, the Oracle Problem.
In those cases where the data is publicly accessible and easy to retrieve and verify, the oracle problem is likely to be fairly minimal. Getting information like who won the World Cup or a presidential election “on chain” is likely to be possible.
Once you get into very specific issues, like you and a friend are going to enter into a personal smart fire insurance contract where if her house burns down, then you have to pay her some amount to cover the cost then the cost of getting the information is very high because it’s very specific to one transaction. You probably need to have a claims adjuster go out to the house an inspect it so smart contracts wouldn’t be much more effective than what we have now.9
In general, I expect that information that is digital and general, like who won the World Cup, will be easy to work with using oracles while information that is analog and specific, like if a particular house suffered fire damage, will be difficult.
In situations where information is analog and specific, it’s easier to cheat (or make honest mistakes).
One way this may start to change is that as the cost of computers come down and they become embedded in more and more of the world, the cost to cheat will go up while the profit will remain the same. In the case of crop insurance, you could have hundreds of cheap sensors around the field meaning that if the farmer wanted to cheat, he would have to tamper with hundreds of sensors instead of just one.
Ultimately, if there’s some way to cheat and profit, it’s likely that someone will eventually do it. However if it’s more expensive to cheat than it is to behave honestly, you can more safely assume that actors will behave honestly. In the case of the farmer, if it was going to cost a $100 dollars to cheat the system, but the farmer would only make $50, they would be far less likely to try to cheat.
More information is becoming digital. Many things that were only available in analog form 10 years ago are now digital and that trend is likely to continue.
You could also come up with mechanisms that build in who the arbitrators are. If all the people in the village put some amount of money into a smart contract, and the people vote and agree that one particular person is in need of cash, then he gets the cash.10
Because the oracle problem will always exist, smart contracts will never be perfect and never fully replace wet code. However, belief that smart contracts will become increasingly important relies on four trends which seem very likely:
- The world becomes increasing digital.
- Sensors become increasingly embedded in everything with the internet of things.
- Computers become more powerful and “smarter.”
- Blockchains become more prevalent.
As these four trends play out, dry code will slowly take over some of what wet code does today. Perhaps more interestingly, they may create new, emergent use cases we haven’t ever seen, like a blockchain bank.
Will Smart Contracts Eat the World?
Smart contracts make it possible to embed many kinds of contractual clauses (such as collateral, bonding, delineation of property rights, etc.) into computer hardware and software and, in so doing, reduce the transaction costs associated with that contract.
Smart contracts such as a a vending machine already exist today. Blockchain smart contracts have potential to break the tradeoff that exists in contracts today between privacy and observability. This could reduce the principal-agent problem by empowering the agent while still protecting the principal.
As blockchain markets become more and more prevalent, blockchain smart contracts also have the ability to aggregate local information in the form of price. This would increase the efficiency of those areas of the economy. When you consider that potentially many, many areas of the economy will eventually be “eaten” by blockchain-based markets, then the overall impact could be quite significant.
Thanks to Gabe Bassin and Doug Von Kohorn for feedback on early drafts of this essay.
Last Updated on July 30, 2019 by Taylor Pearson
- Nick Szabo has an excellent article explaining why Tort Law underlies contract theory – https://unenumerated.blogspot.com/2008/05/coase-theorem-is-false-contracts-depend.html. The implication that the pure contractualist view (we can make a society composed entirely of voluntary contracts) is a bit over simplified and you need some underlying form of tort law to build on top of.
- Obviously, it’s possible to get lucky and just guess right. Zero-knowledge proofs solve this problem by repeating the experiment over and over again. After every round, your chance of being consistently right by pure luck goes down by half. So with five rounds, you have a 1 in 32 chance of successfully faking. With 10 rounds, it is one in 1024, and with 20 rounds, it is about one in a million. Since computers can do these calculations much faster than humans, you can reach an extremely high probability of being right relatively quickly.
- Sadly, this doesn’t fully mitigate the fat tail problem. ZKPs would verify that, indeed, banks are making 3% a year on bonds. but they wouldn’t reveal that there is hidden tail risk.
- The preceding paragraphs are just a lightly edited version of Naval’s tweetstorm here: https://twitter.com/naval/status/877467629308395521?lang=en
- This is what so-called “miners” do. They try to solve a very difficult math problem and when they do, they receive a reward and hash the difficulty of the problem into the chain.
This hash of the difficulty is a “proof of work,” which is a proof of how much computational energy went into trying to solve the problem.
Among cryptographers, the invention of this “proof of work blockchain” was the biggest breakthrough by Satoshi Nakamoto.
As a proof of work blockchain like Bitcoin becomes more valuable, miners make more money, which incentives more miners to participate in the network, which increases the difficulty of the problem.
Anyone can download the blockchain on their computer and:
1. Verify consecutively that every block transitively hashes correctly on top of the prior block.
2. They can calculate the total number of calculations required to produce this data by reading the difficulty of each block and verifying the miners’ solution.
The blockchain with the most accumulated proof of work (i.e. the most difficult and expensive to create) is considered the true blockchain.
If someone handed you today’s Bitcoin blockchain on a disk, you could very quickly estimate the huge amount of energy that was invested to construct this data.
The benefit of this is that no one can “fake” a blockchain the size of Bitcoin with the same difficulties hashed into its blocks without spending the same amount of computational energy.
As of mid-2018, it would cost billions of dollars to buy enough computers and electricity to rewrite the Bitcoin blockchain from scratch.
- This section is just a lightly edited version of the tweetstorm from Naval Ravikant embedded at the top of the section: https://twitter.com/naval/status/877467629308395521?lang=en
- There is a lot of debate about the long-term viability and potential of MakerDAO and exactly how the market works. That is irrelevant to the present discussion so I’m ignoring it, but the concept of the oracle problem is real regardless of whether MakerDAO succeeds or not.
- For more reading on MakerDAO, check out https://medium.com/coinmonks/a-deep-look-at-makerdao-and-dai-and-mkr-3a035eb04694 and https://medium.com/cryptolinks/maker-for-dummies-a-plain-english-explanation-of-the-dai-stablecoin-e4481d79b90. For a critical take, look at https://medium.com/reserve-currency/our-analysis-of-the-makerdao-protocol-4a9872c1a824
- Economist Tyler Cowen and Ethereum co-founder Vitalik Buterin discussed this on a podcast: https://medium.com/conversations-with-tyler/vitalik-buterin-tyler-cowen-cryptocurrency-blockchain-tech-3a2b20c12c97