Primavera De Filippi is a permanent researcher at the CERSA/CNRS/Université Paris II, a faculty associate at the Berkman-Klein Center for Internet & Society at Harvard Law School, the "alchemist" for DAOstack and a co-author of “Blockchain and the Law.”
Much discussion is currently taking place concerning the nature and specificities of blockchain governance, but when we say "blockchain governance" we’re really talking about multiple things.
While people often use the term to describe the mechanism by which the underlying protocol of a blockchain-based network can be modified or updated – in terms of both on-chain and off-chain governance – we focus here on a much broader question:
What are the various elements or forces that influence the governance of blockchain-based networks or applications?
Harvard professor Lawrence Lessig identifies four different forces that influence behavior: law, social norms, markets, and architecture (i.e., technical infrastructure or code). In doing so, he underlines the fact that we cannot focus solely on the rules specifically designed to govern or regulate one particular individual.
Rather, we need to take a larger ecosystemic approach, looking at various forces that influence that individual. Accordingly, when it comes to promoting or precluding certain behaviors, we might choose to directly regulate individuals via the legal system or indirectly regulate them through one of the other three forces (markets, social norms, and architecture).
We propose such an ecosystemic approach to identify the different levers that could influence the operations of a blockchain-based system and the extent to which these levers contribute to the broader notion of “blockchain governance.”
Blockchain-based applications do not exist in a vacuum. They subsist within a larger ecosystem of internet applications, each operating according to its own protocols and rules.
The internet layer
In particular, the operations of a blockchain-based system – whether it is a blockchain-based network, platform, or application – are defined by the rules that govern these systems but also respond to the different layers of the internet infrastructure, which to a different extent contribute to shaping the systems' overall governance.
Specifically, blockchain-based networks like bitcoin and ethereum operate on top of the internet and ultimately depend on protocols like the TCP/IP, which is responsible for routing and transferring packets of information between different nodes on the network. These blockchain-based networks thus cannot operate without internet connectivity.
Most critically, because internet service providers (ISPs) ultimately control the transportation layer of the internet, they could discriminate against packets coming from or directed toward a blockchain-based network, effectively tampering with its operations.
Internet governance can therefore have a significant impact on the operations of a blockchain-based network. Particularly relevant in this context is the “net neutrality” debate. The practice of packet discrimination makes it possible for ISPs to favor certain blockchain-based networks, at the expense of others.
More radically, if a government were to ban a particular blockchain-based network, it could require all ISPs operating within its national boundaries to block or filter traffic coming from or directed to that network – e.g., through mechanisms such as deep packet inspection (DPI) or other traffic detection techniques.
Accordingly, while internet governance is external to the blockchain ecosystem (in that its scope is much broader), regulating the internet infrastructure could indirectly affect the operations of a blockchain-based system.
The blockchain layer
Similar problems emerge within a singular blockchain-based network.
While ISPs are responsible for routing packets through the internet, according to specific protocols (e.g., TCP/IP and BGP), miners on a blockchain-based network are responsible for validating and recording transactions into the underlying blockchain, according to a particular protocol (e.g., the bitcoin protocol), consensus algorithm and fork-choice (e.g, bitcoin’s proof-of-work protocol stipulates that miners should always add to the “longest chain” as defined by the amount of hashing power required to compute the chain).
Today, this task of processing transactions is driven mostly by an economic incentive system, whereby the higher the transaction fees paid to the network, the greater the chance for these transactions to be included into the next block.
But transaction fees and mining rewards – albeit a fundamental incentive for miners – are not the only factors that might influence the behavior of miners. Other levers might come into play, stemming from the outside of the blockchain infrastructure.
For instance:
- Markets: What would prevent a large mining pool from entering into an (off-chain) agreement with third parties, in order to speed up the inclusion of certain transactions at the expense of others?
- Social norms: Could miners collectively agree that specific transactions coming from or directed towards a criminal dapp [decentralized application] will not be processed into a block?
- Laws: Could regulators stipulate that all miners located in particular jurisdictions are prohibited from validating transactions pertaining to a specific dapp or account?
- Architecture: Might the Great Firewall of China be constructed to limit the ability of miners in China to handle larger blocks?
These external forces, existing beyond the control of any given blockchain-based application, could force radical consequences over the operations of that particular dapp.
The application layer
It becomes clear that the governance of a particular blockchain-based network could directly or indirectly affect the operations of a particular blockchain-based application running on top of that network.
Even if dapps can be designed to be completely autonomous—in the sense that no single party has the power to control or influence their operations—they remain affected by the operations of the underlying blockchain network and the specific set of protocols that establish its modus operandi.
The governance of a blockchain-based network could be leveraged toward censoring some of the transactions directed to these dapps, or even altering their operations by modifying their code through a hard fork.
This is precisely what happened after The DAO hack, when 3.6 million ether were drained from The DAO’s account due to a code vulnerability. The ethereum community responded by intervening with a coordinated action to modify the ethereum blockchain protocol. By transferring funds from The DAO to another smart contract, a mechanism was provided for returning the siphoned funds back to the original owners.
This extreme remedy has been heavily criticized. Some saw it as a betrayal of the “immutability” and “incorruptibility” of the ethereum blockchain (i.e., the “code is law” paradigm).
Going deeper into the stack, there are the various blockchain-based platforms on top of which people can deploy their own dapps.
Some dapps sit directly on top of a blockchain-based network. For example, Gnosis is implemented as smart contracts on the ethereum blockchain. Others are deployed on top of a dapps framework such as DAOstack, which implements its own protocol for creating and maintaining dapps.
While most decentralized blockchain-based applications come with their own sets of rules, they also depend and therefore must follow the rules of the platform on which they operate. This may give rise to two distinct types of problems.
One is that if there is a flaw in one of these smart contract platforms, the flaw will affect all blockchain-based applications that rely on the platform. Recall the bug in Parity's multisignature smart contracts, which led to the theft of over $30 million worth of ether, followed by a subsequent attack on Parity’s revised multisignature smart contract code, which had been brought to “selfdestruct,” thereby freezing the funds in all multisig wallets that depended on this shared code.
Another problem emerges by construction, when platforms implement “proxy” contracts that delegate calls to other smart contracts, which can be updated by the platform developers. While such practices are still uncommon, some platforms (e.g. Zeppelin Solutions) are starting to experiment with proxy libraries so that, whenever one of the underlying functions is changed, all dapps relying on these libraries will automatically inherit those changes.
While this provides many benefits in terms of flexibility and upgradability, such a design can be problematic to the extent that it relies on a trusted authority (i.e., the smart contract platform operator) that could arbitrarily influence the operations of these so-called decentralized applications.
(Note that the DAOstack framework does not actually provide such a feature. The set of smart contracts provided by the framework, once deployed, cannot be arbitrarily changed by the platform operators. While DAOstack might, over time, offer a series of upgrades to some of the platform’s smart contracts, these upgrades cannot be automatically implemented without the consent of the platform’s users.)
With this in mind, we might reframe our understanding of “blockchain governance” to include not only the rules specifically meant to regulate the operations of a particular blockchain-based network or application, but also the rules that contribute to regulating the underlying infrastructure on which these blockchain-based systems operate – which themselves operate on top of another infrastructure, and so on.
As the saying goes, it is turtles all the way down.