The Governed Blockchain
Abstract: A blockchain is a platform controlled only by software rules, often termed a permissionless ledger. As the corporate world has entered into this new territory, it has modified the original vision to create permissioned blockchains. This mechanism, deployed to control anarchic and fraudulent behaviour, both, is familiar and effective, but comes with costs - it shuts out the small business, the engine of growth and innovation.
What would a blockchain for small business look like? From 1st principles, business needs a stable and safe environment, one in which its community is for it not against it. The missing element is the trust that a community can work together to resolve a disaster.
As blockchain isn’t that environment, the big money waits on the sidelines. To build trust onto a blockchain, we add a modicum of classical institutions of governance: a set of rules, and mechanisms to keep people within the rules. But, crucially, we do not need to build a wall around to lock small business out.
We call the result The Governed Blockchain as a 3rd alternative to permissioned versus permissionless ledgers. It preserves the free entry of open blockchains, but imposes rules of behaviour within the blockchain’s Constitution, and methods to feedback responsibility on bad behaviour.
The Governed Blockchain invites the entrepreneur in to build a business with some basic level of safety and security, that their business will not be destroyed by black swans and other disasters. It invites capital to deploy into blockchain to build business, where before, entrepreneurs were holding back.
The permanent home of this paper is http://iang.org/papers/the_governed_blockchain.html. A working draft is located in [working draft] .
IanG is a partner and advisor of block.one, the authors of EOS.IO software, however the words and concepts are his and not an official or approved position of block.one.
Credits. This paper received substantial editorial work by Eva Stöwe. Many others have reviewed and commented: Dan Larimer, Arthur Doohan, Thomas Cox, Ian Panchèvre, Jeff Daub.
· This paper has been presented through late 2017:
◦ 20th Sept 2017 - Hong Kong Bitkan's video（https://www.youtube.com/watch?v=qS5a_yS5NXo）;
◦ 16th Oct 2017 - London at Mattereum’s event video （http://internetofagreements.com/2017/12/13/ian-grigg-mattereum/）;
◦ 18th Oct 2017 - London EOS Meetup;
◦ 29th Oct 2017 - Cyprus Decentralized2017 slides（https://www.decentralized.com/wp-content/uploads/2017/12/Ian-Grigg-The-Governed-Blockchain.pdf） & video（https://www.youtube.com/watch?v=NTzxu-tLjh4）;
◦ 6th April 2018 - EOS meetup Hong Kong
◦ 22nd May 2018 - Frankfurt School of Finance & Management
制作人员。本文花费了Eva Stöwe大量的工作来编辑。还有来自很多人的评论:Dan Larimer, Arthur Doohan, Thomas Cox, Ian Panchèvre, Jeff Daub
It should be possible to justify a design for a system from first principles. Our mission is to build the EOS blockchain for everybody [Grigg, 2017a （http://iang.org/papers/the_governed_blockchain.html#ref_Grigg,%202017a）] . [Larimer, 2017 （http://iang.org/papers/the_governed_blockchain.html#ref_Larimer,%202017）] . In pursuit of the mission, we should be asking questions such as:
Who is everybody? What do they need? Can we provide it?
This paper lays down the logic for a governed blockchain from one starting assumption of need - trade. It is our hope that from this point, everything else follows.
最初的原则应该可以为一个系统的设计辩护。我们的任务是为每个人构建EOS区块链[Grigg, 2017a]、[Larimer, 2017]。为了执行任务，我们应该提出以下问题:
每个人都是谁? 他们需要什么? 我们可以提供吗?
A governed blockchain is built for business. An example of such a business is the Steem system, a social network or blogging environment built on a custom single purpose blockchain. Another example is Bitshares, a decentralised exchange for trading cryptocurrencies. These two businesses are sisters in model and team, but have completely different missions and customers. The existence of these two, so close but yet so different, and their relative solitude as viable and independent business proposals is significant - it suggests several things:
That, business is possible on the blockchain, That, there is a wide application space between and around the two use cases, and That, this application space is currently under-utilised by business.
在区块链上做生意是可能的； 在这两个案例之间和周围有一个广泛的应用空间； 这个应用程序空间目前还没有被企业充分利用。
Why is this? It is our thesis that other blockchains are unsuitable for business. And the very lack that businesses face is that other blockchains are not governed. Let’s build up the case for The Governed Blockchain .
To Permission or to UnPermission - was that the question?
Blockchains have been characterised as unpermissioned and permissioned (Swanson, 2015). This divides the space into (a) open entry, software only blockchains for public access and (b) closed off private blockchains, or ‘walled gardens’ with both software and legal provisions. Let’s consider each in turn.
区块链被分为不被允许的和被允许的(Swanson, 2015)。这将空间划分为(a)开放级入口、仅供公众访问的软件区块链和(b)关闭私人级区块链、或既有软件又有法律规定的“围墙花园（walled gardens）”。让我们依次考虑。
(a)The Unpermissioned Blockchain
The original or classical Bitcoin as an Unpermissioned, public blockchain had the disadvantage that with only software-enforced controls, only the things that can be controlled in software will be controlled. Everything else is left uncontrolled.
In effect, this means that there is a relatively stark line between simple and complex: relatively simple things such as payments can be controlled and are controlled because we can code them up. In contrast, complex things such as relying on your counterparty to deliver a swap in a month cannot be so easily controlled.
Hence the seemingly obsessive fixation by the blockchainers on exotic cryptography: multisig, zkSNARKs, ring signatures, Turing-complete smart contracts and other arcania. We must turn the complex into the simple, and without success, unpermissioned blockchains appear exciting but progress so far does not speak clearly or loudly to viable business use cases. The quest continues, even as it has broken many a venture, lost many a fortune and shows little sign of changing that pattern.
因此，在奇异的密码学上，封锁者们似乎执着于此:multisig, zkSNARKs, ring signatures, Turing-complete smart contract和其他arcania。我们必须把复杂的东西变成简单的东西，如果没有成功，未经许可的区块链就会让一些人感到兴奋。但是目前进展来看，并不能清晰对外用可行的商业用例来作为成功范本。这种追求仍在继续，尽管它穿越了很多冒险，失去了许多财富，而且没有显示出任何改变这种模式的迹象。
(b) The Permissioned Blockchain
Then, complex business with a use case turns to Swanson’s permissioned ledgers in the hope that once so controlled, people will behave and complex trade will start to roll [Swanson, 2015 （http://iang.org/papers/the_governed_blockchain.html#ref_Swanson,%202015）] . Trade begets revenues, revenues begets profits, and profits beget living - all is good. An alternate position to Swanson’s is the consortium blockchain which envisages that the consensus is controlled by a group, but otherwise the chain claims to be open entry, free to trade [Buterin, 2015 （http://iang.org/papers/the_governed_blockchain.html#ref_Buterin,%202015）] .
然后，带有用例的复杂商业业务转向Swanson受许可的分类账簿，希望一旦受到这样的控制，人们将会行动起来，让复杂的交易开始滚动[Swanson, 2015]。贸易创造收入，收入创造利润，利润创造生活——这样的一切看起来很好。对Swanson的另一种观点是区块链财团，该财团设想共识由一个组织控制，除此之外，该联盟声称是开放的，可以自由交易[Buterin, 2015]。
But permissioned and consortium ledgers face another problem: the person who provides the permissions inevitably owns or controls the chain.
He who permits, extracts. That person that controls the gate seeks to monetise, and adds rules of discrimination to generate pricing opportunities. The owner is also lobbied by other powerful players, and more rules are added to preserve the benefit for the powerful. A further opportunity is that the owner can capture business from users by raising barriers to entry.
Thus the cost rises for all participants, and these chains eventually become dominated by a group of powerful players - cartels following the economic theory if not the political viewpoint. Hence, the term is likely wrong: both permissioned and consortium chains will become private or closed blockchains given enough time and money.
The permissioned blockchain is a closed, private chain.
Free agents see these blockchains as costly. Costs rise, so much so that Internet entrepreneurs do not like permissioned ledgers. The thesis of inevitable cartelisation suggests that the rational entrepreneur knows that the power of the center will inevitably be turned against them, and they conclude it isn’t worth their time and money. The money and effort they invest in the chain has low ROI (“return on investment”), so low it is expected to be negative returns.
Indeed, perhaps, to some, the whole point of the blockchain is that there isn’t an owner, there isn’t a more powerful party, there isn’t a wizard behind the curtain, a central banker behind the coins, a core behind the code. I say, perhaps that is the point, because the design of the blockchain is as it is, the point is as much what we ascribe to it and what we extract from it as any claimed starting position that spawned the first blockchain.
More importantly, what is perhaps becoming clearer is this: everyone can probably agree with the principle that we automate everything that is simple to automate. Whereas, between the two camps either side of the permissioning fence, there is little or no agreement as to what to do with the space of complexity that lies above the line of simplicity.
Between Anarchy and The Leviathan
As Charles Evans suggests, we are caught between the Anarchy of the unpermissioned chain and The Leviathan of the permissioned alternative [Evans, 2017 （http://iang.org/papers/the_governed_blockchain.html#ref_Evans,%202017）] . This is an uncomfortable choice for the small business owner who is asked to invest substantial capital in what amounts to an unreliable future. To analyse our choices, we must go back to the first principles. We must ask what business is trying to do.
正如Charles Evans所言，我们夹在不受约束的链的无政府状态，和被许可的另类选择——利维坦之间(Evans, 2017)。这对小企业主来说是一个不舒服的选择，他们被要求在一个不可靠的未来投入大量的资金。为了分析我们的选择，我们必须回到最初的原则。我们必须问一下企业在做什么。
II. What does business do?
Trade is the beginning and the end
If you are a global corporation, finance theory tells us that your best strategy is generally to do what your business already does, until you die. If you are a person with wealth, a high net worth individual, the efficient market hypothesis predicts that your best strategy is to buy the market index, or in today’s lingo, to hodl.
For the rest of us, for the vast majority of humanity, we need to do business to survive. Trade with real goods and services is the beginning and the end of our life strategy.
We put it then as axiomatic that we should build a blockchain not for payments, not for one customer or another, not for banks or bloggers or day traders or gamers or silk roaders or hodlers. Not to please big or small blockers or big or small government.
We should build the blockchain for trade, for business, for all of you.
We live in complexity
Business is by its nature complex. As we hinted above, some trade is simple, homogenised, and automated - payments is an exemplary of that in finance. A payment system works at massive scale, is heavily automated and extremely cheap. Such economies at massive scale result in large slow-moving centralised organisations, which also makes them subject to capture and domination by large players. Inevitably: Large banks, large governments, large mining pools.
This is the commoditisation argument - the more simple the trade, the more it is automatable, the more subject to scale, and eventual capture. The takeaway here being that such simple, automatable business is not for us - not for the small players, not for the vast majority, not for the diaspora of small traders. We are competed out, we are excluded. We small traders are squeezed out of simple, scalable trade, but what is left is complex trade. We make our livelihood in that messy chaos where our minds & bodies are our capital, and nobody can squeeze us out of our own minds.
We should therefore build the blockchain for the complex trade.
Things that go bump in the middle of the night
But with complexity comes errors. We make our money on making the complex happen reliably but errors are the continual reminder: that, fundamentally, what we do is both complex and complicated. **If there were no errors, life would be simple. Everything would be automated, the geeks would have won, and we’d be all out of a job! **If our customer perceives no risk of errors, they would not pay us a premium for reliability.
It is small trader’s lot to live complex, error-filled lives. We and our errors are yin and yang. Perversely, we have more potential to make more money if our trade is rich with risk. Competition forces us to reduce our rate of error, but profitability incentivises us to keep a healthy ratio of complexity in our trade. As our business becomes more reliable, we compete on a different level - either we seek out more of our customers’ risks to resolve, or we seek to lock our customers in by other methods [Porter, 1979 （http://iang.org/papers/the_governed_blockchain.html#ref_Porter,%201979）] .
Error, be gone!
As errors are, they are mostly predictable in class, but unpredictable in the event. Some of our known blockchain risks are, briefly:
· "Fat fingers,"
· "We don’t need that library...," failure of smart contracts, re-direction of funds
· thefts of capital,
· breaches of contract by individuals
· breakages and lock-outs, lost keys, discarded drives
· loss or theft of customer data, breaches of privacy, GDPR, regulatory exposure
· Collapse of customer faith…
· Imitations, phishing, deceptive masquerading as others, sybils
· forks, splitting of currencies, confusion as to one true chain, doppelganger contracts
· censorship, unacceptable data, harassment, SWATing, extortion
That’s for the business of blockchain, and ordinary business is no stranger to risk on or off the chain - there are so many threats and attacks that once listed out, it feels as though no business should survive.
But we do. How do we survive? To keep our errors under control, businesses do risk analysis, which informs us on how to accept some risks, mitigate others, and change our very business to deal with yet others.
There are more clever ways to deal with the future than voodoo - risk management using probability, diversification, mitigation, actuarial science and all that good stuff. Others can get deep into risk analysis, here I shall just claim that while our regular small business person cannot predict the future, she can learn to live with the everyday stress another day in business brings: the tiny chance that today, the unexpected becomes harsh fact. She intuitively prices higher for greater risk, and lower for easy deals. She detects those trades that can break the business, and accepts those that deliver profit worthy of the risk. In short, she trades on the risk of the deal, and she does not risk the business more than any trade merits.
The business owner seems to survive - either she can do risk analysis on her individual trades in her head better than we can write it down on paper, and her mitigations against risks are working, or she’s living her life in a never-ending lottery.
Which tells us what about risk? Let’s look at one of the tools used for formal risk analysis, a risk matrix (Wikipedia “Risk matrix”).[Wikipedia （http://iang.org/papers/the_governed_blockchain.html#ref_Wikipedia）] . This tool measures each risk of error or failure by severity and by probability, and then divides them into three zones - acceptable, as low as reasonably practicable (ALARP), and not acceptable.
In a micro sense the blockchain industry has the right idea - to attack the errors, to reduce the risks. If we can remove or reduce some or all of the errors then surely everyone is better off? But in some high level or strategic sense, the blockchain geeks are missing the big picture of the risks in several fundamental ways:
- Technocrats with no skin in the game are generally biased to elegant system properties. Consequences include overemphasis by computer scientists on pure technical solutions such as exotic cryptography and formal provability, and obsession by bureaucrats on compliance empires. Yet, making systems correct or safe at the expense of the user is not an answer, as security is only of the user, not of the system. Arguably, a focus on the security of the blockchain by the geeks has led to more errors and higher risk for the average user, as compared to say banks and their reliable online systems.
1、没有共担风险（no skin in the game）的技术专家通常偏向于优雅的系统属性。其后果包括:计算机科学家过分强调纯技术解决方案，如奇异的密码学和正式的可验证性；官僚们沉迷于合规帝国的构建。然而，以牺牲用户为代价使系统正确或安全不是我们想要寻找的答案，因为安全性只属于用户，而不属于系统。可以这么说，与银行及其可靠的在线系统相比，极客们对区块链安全性的关注给普通用户带来了更多的错误和更高的风险。
- On the other side of the same coin, the technocrats are generally biased against users. For example, a frequent complaint in security circles is that a system is unusable by ordinary users yet the designers assert it is secure. This century-old security phenomena, known as Kherckhoffs’ 6th principle, is that if the secure system is bypassed or ignored for unusability, it reduces security by pushing users to weak methods [Kerckhoffs, 1883 （http://iang.org/papers/the_governed_blockchain.html#ref_Kerckhoffs,%201883）]. The same mundane error results in regulatory process: the desire for a secured financial system shuts out average users and pushes them to unsafe systems such as cryptocurrencies. Only a system that is used is capable of securing the user.
2、另一方面，技术专家通常对用户有偏见。例如，在安全领域，常见的抱怨是一个系统不能被普通用户使用，但是设计者声称它是安全的。这个有百年历史的安全现象，被称为Kherckhoffs第六原则，如果安全系统由于不可用性而被忽略，它会用降低用户到“弱方法（weak methods）”来降低安全性[kerckhoff, 1883]。同样常见的错误导致了监管过程的必要性：对安全金融系统的渴望将普通用户拒之门外，而这些人将会走向加密货币不安全系统的路上。只有使用的系统才能保护用户的安全。
- IT designs will generally attack the errors of highest probability - the ones that happen every day, those to the right of the chart above. This is good tactics because their frequency helps us to know more about them, and their cost over time becomes calculable and consistent. Why waste time chasing our tails on stuff that never happens?
- But this leaves us vulnerable to the errors on the upper left hand side! Indeed, our focus on correcting the errors we can see, and our propensity to go out and find more risky business results in a rise in risk on the left hand side. Remember, we live for errors! The forces of competition may not make our risks go down, instead, risks typically bounce around a bit until we find a new profitability, a new complexity, a new stability. And a new vulnerability to risk.
The upper left hand side is known as black swan risk - incredibly unlikely in the small, but if we wait long enough it’s guaranteed to happen. And when it does, such as happened to the financial system in 2008, we're doomed. In finance they call it turkey risk - the risk that tomorrow is Christmas Day is very low, so turkeys believe Christmas Day never comes.
For responsible business, for users, for our own peace of mind, we need to deal with the unlikely disasters that will wipe us out. We need to deal with our inner black swan.
Where do we find the fabled black swan? In three places: in the backwaters of Western Australia, in the risky writings of Nassim Nicholas Taleb, and on the blockchain:
June 500,000 BTC stolen from Jeb McCaleb’s Mt.Gox auditing account
Bitcoin hard fork from bug in code, rapidly rolled back by core & miners
October 179,342 BTC seized by US agents from ‘SilkRoad’ darknet market
650,000 BTC $323mm stolen from Mt.Gox, handling 80% of BTC trading
April The Collapse of the Bitcoin Foundation
June The DAO - 3.6mm Ether being about $50mm stolen, then fork of Ethereum
August 120,000 = $72mm hacked from Bitfinex exchange
July Bitcoin forked
September China regulates ICOs, orders funds to be reversed
October Ethereum multisig wallets in Parity hit by accidental freeze
November Bitfinex’s Tether dollar unit had $30m reserves stolen
watch this space...
These are just some highlights, but you can see where we are going: disasters on the blockchain are too frequent even to be called black swans.
In the face of the Black Swan, what is the entrepreneur to do? The entrepreneur is very adept at handling small, profitable errors, but the business or market collapsing Black Swan is another matter entirely.
The Entrepreneur invests heavily into his or her business: Programmers, business development, accounting and legal expertise, web development, and a movie's worth of supporting actors. All of these people cost money; an entrepreneur probably needs to find about a million bucks to get the attention of these supporters. You can pick your own number from your own experience, one that could be higher, or lower. But it is going to be a significant and painful number.
Further - opportunity costs are very fierce in the entrepreneurial world. As an entrepreneur, every one of your people faces a choice: to work at a good job at a good firm and earn steady salary, or take on a speculative, low paid, idealistic path to build what could be a fantastic future, but probably won’t be. Only one of five startups make the big time, and that’s after they’ve made it to Venture Capital money.
Whatever number we agree on, the entrepreneur and her team are investing a serious amount of value. The question for blockchain then is,
will the entrepreneur invest their own capital into blockchain?
This question needs to be put against the risks of blockchain. Let’s leave aside the ‘internal’ investor who is already committed to blockchain, can invest in fixing some part of the infrastructure, and can generate internal investment from hodling and ICOs. Let’s consider the external person building a business for users and bringing in external capital. Who, as we’ve suggested above is very adept at recognising risks, and is well able to process the black swan when it swims past.
What does this external, experienced business person think of unacceptable risks? They are too frequent on the blockchain. I suggest to you:
the sane, rational calculating business person does not invest in such uncertainty.
For the business person to come in, rationally, we need to find another way. Business people won’t accept the black swans, just because. Therefore,
We are building the blockchain to solve the black swan.
Figure X. Zero dapps are scaling
Trust resolves the hard errors
Fixing a black swan that devastates your new blockchain-based business, but maybe not that of others, is a big ask of the community. For your counterparty and your community to make themselves vulnerable to your misfortunes, on your say so, requires trust. They will need to trust you are telling the truth while they agree and implement emergency changes that put all at risk. For example, the 2013 Bitcoin hard fork incident was handled because once the emergency was spotted, trust allowed the key stakeholders to come to consensus quickly [Narayanan, 2015] .
Controversially, it only took a very few miners to switch their software version back and force the chain back to the earlier fork - contrary to how we expected decentralisation to play out. A similar process launched the 2016 Ethereum DAO repair, but with less success - although the trust in the dominant stakeholders was enough to make a decision, it wasn't enough to follow through to implementation. Not all of the community put full trust in the decision, and fought the patch to war cries of “code is law.” The Ethereum forked into two, becoming Etherea.
Before we ask how the goal should be met we need to be comfortable with the existence of the goal - to solve for the black swan. The challenge for new business is to understand whether the environment supports the resolution of these serious errors: is your counterparty willing to work quickly and fairly to resolve errors? Is your blockchain resilient to external hacks, both before and after? Will a miner return a fat finger error that would otherwise send you broke? Which event has happened in Bitcoin.
Can you repair a broken smart contract? As of the time of writing, the Etherea do not know the answer to that, and worse, they do not know what happens to a real contract after forking [Grigg, 2017b] .
These are billion dollar questions - but they are also hundred dollar questions. Although we came to the question via the utter disaster known as the black swan, for a business, the question is broader: Can you fix problems? How? And how costly? Which latter admits that there is no guaranteed fix, but this we already know - business conducts analysis of its risks.
And, this question ultimately reduces to another question: are you with me or against me?
To be cooperative or adversarial?
Huch nobHa'bogh verenganpu''e' yIvoqQo' Don't trust Ferengi who give back money Klingon proverb
The incidents above, both successful and debacled, suggest that fixing problems is possible, even if controversial. Business wants us to be able to handle several classes of failure, and in principle, we want detailed answers to a greater or lesser degree for the failures listed above (II. "Error, be gone!").
The choice is stark: Cooperate or Fight.
We can cooperate to solve problems, if we have trust, as did the core devs in 2013.
Or, if we expect insufficient trust on the part of the others, we can fight, as we found with the Mt.Gox, the DAO, the "classics", and a thousand other hacks. Without the expectation of cooperation, in an environment of untrust, your capital can be stolen or destroyed by those who are smarter or more adept than you.
Worse, if you can't beat ‘em, you join them: you play it fast, footloose and fancy free, and steal or destroy the capital of others. Either way, the blockchain of adversaries may live on but your own financial future is likely nasty, brutish and short.
To Win or to Lose?
There are other ways to look at this divide. Here’s several taken from varied disciplines.
Negotiation Theory 谈判理论
The master negotiator seeks a good trade for both parties in a process called win-win. This goal of sharing the win with your other party assumes that there will be follow on trades in some sense - you want your other party to be happy to come back, and also to spread your reputation for fairness far and wide. She wants the same.
As well as routine business, this theory suggests that cooperative trade with win-win negotiating should be the basis of family and employment negotiations, simply because both of these guarantee that there are new negotiations coming soon.
The alternate to win-win is called win-lose. For me to win, you must lose, and vice-versa. This negotiation occurs when there is no apparent follow on trade. The problem with this approach is that, for one side to win, the other side has to lose. If you don’t know which it is, then it’s probably you.
Hence this adversarial approach is reserved for shady business. Especially buying houses, used cars and lawsuits in court are the places where the decision is done on the day, and there is little or no benefit in the future to not fighting for every last crumb.
When we can both take something positive from our trade, economists call it production, because something extra has been produced by our combined efforts. For example, if one of us has a kitchen, one can provide some ingredients, another has a recipe, and one can cook, we can come together to bake a cake - or cookies, or pie, you pick. The result is that now we have a pie, and that’s better than before. We have produced, and now we can share the fruits of that production.
The alternate is called allocation: when someone (else?) has cooked a pie, and we only get to decide who gets which portion. This pie is made, there is no sensible play where we can make a larger pie out of a smaller one. Assuming that we don't walk out with the same sized slice of pie, then one of us is likely to win a bigger slice, and the other must walk out with a smaller slice!
Game Theory 博弈理论
If a game results in growth it is called a net-positive game. The players come out with a better situation than that which they entered.
The alternate to the net-positive is called the zero-sum game in which the value at the beginning is the same as at the end. Who benefitted and who lost?
Political Theory 政治理论
Capitalism [Gupta, 2014]: Nationally enforced rule of law creates skin in the game for everyone that goes beyond the current trade. Dishonest statements or lack of integrity can be brought to complaint, but all are vulnerable to the system.
Anarchy: Voluntary rules of interaction leaves no skin in the game beyond the present stake, thus allowing the sharp trader to out-compete the dumb trader. All are vulnerable to caveat emptor.
For the entrepreneur, all of these views end up on the same side of the fence - she wants to be on the left side so she can get some certainty about the safety of her investment. In particular, she wants to have her damages looked at in the event of disaster, even if the nominal result of “you lost” is all she gets back.
Taming the Black Swan
For Alice the trader to know that Bob the entrepreneur is on her side of the fence when disaster strikes is a question of trust. Building a productive business in complex space, over the long term raises the fear of her capital being raided - can she trust her community to be there when she needs them to help?
Trust then is a desirable property. But where does she find it? Is Trust a place, a service or a religion? Can the entrepreneur buy it at the supermarket like I buy beer?
Thinking about when you and I find trust with each other helps to set a framework [Grigg, 2016] . Game theory tells us that to build up the big trust, we need:
◦ Multiple trades, with no expectation of when they might end,
◦ shared profit from this round, and expectations of future shared profits, and
◦ punishments outside the game if we cheat.
I won’t trust you much after one beer, one meeting, one argument; I am much more likely to trust you after 100 beers, 100 meetings, 100 debates, by which time we’ll both know I’m untrustworthy about counting the beers.
Each of those 100 events requires a decision, and each adds some information for the next decision. This risk analysis is a cycle: analyse, decide, take on the risk, and enjoy the reward (or not!). We both need to remember the outcomes for the next time, and tag that information with the identity of our partner.
Then, trust comes at a high cost, and by its nature, it is too expensive for one trade.
If you require trust with me as your counterparty, the only way to make this workable is if we establish a framework of repeated trades. That is, we spread the cost of trust that fixes the one big snafu over many good trades that each have a little margin devoted to building trust. The building of trust into relationship is made of many small bricks: Introductions, information exchanges, trial transactions, user support, minor teething problems, finding those lost transactions. We hope that enough trust is built in time to capture and tame the black swan when it flies in.
The Blockchain for Tomorrow
Spot the flaw: trust is expensive. We need to 'amortise' or share the cost of all of these small steps. And for that, we need to rely on repeated business, and the expectation of repeated business.
Perversely, trust requires repeated trade and repeated trade requires trust - you are not going to engage in the process of building trust over multiple rounds unless you trust me to at least buy the next round.
Which is to say, right now, we may be cooperating on today's trade, but we are expecting every future trade we might also be involved in. We therefore require a blockchain that is cooperative, for all trades, all persons and all tomorrows, rather than adversarial, for the one big win today.
Blockchains have been lauded for their history, their immutable past, their lock on that which has happened, indeed their trustlessness. But this is to look backwards, to history, to archeology, to dead data. People who trade look forward because all trust builds towards a better future.
We build the blockchain of the future, in which all our tomorrows are anticipated, in which the long term is the term.
Without the future, trust cannot be.
The Man and her Machine
“[Global Thermonuclear War is] A strange game. The only winning move is not to play. How about a nice game of chess?” Wargames 1983
“全球热核战争是一种奇怪的游戏。 唯一的赢家之举就是不去参与。 来一盘好棋怎么样?” Wargames 1983
We can see something of the answer in the divide between humans and machines. Only humans can engage in net-positive trade, because only humans can value the results. Machines are incapable of production because they cannot value; the best they can do is automate the allocation of value that already exists, and assist in production for their owners.
Value belongs to humans: Pie and cookies are enjoyed only by humans. The appreciation of the results can only be enjoyed by the humans, because humans alone can make the subjective and emotional decision as to what is to be enjoyed. We can employ and own machines to assist in production, in the creation of positive value, but production can only occur because we value it so, because we ascribe a positive value to the results as against the inputs.
Machines then are limited to an allocative approach, win-lose, to fight, to extract, to play until death, whereas us humans have choice - we may play at win-lose, or we may also cooperate, or even switch our strategies because we don’t feel good about the other person. We may not play at all.
Yuval Noah Harari says that what makes humans special is our ability to create fictions or beliefs around which we can choose to cooperate at scale[Harari, 2015] . But none of this works if there is no choice, no risk, and damningly, no reward that can be enjoyed. We can build an AI or robot to engage in (say) high-frequency trading, splice a gene, or predict dating partners. But we cannot build an AI to enjoy early retirement off of a lifetime in the markets, to sip a margarita in bliss, to watch a sunset with a partner or share joy in bringing up a child.
Yuval Noah Harari说，人类之所以与众不同，是因为我们有能力创造虚构或信仰，并据此选择大规模合作[Harari，2015]。但如果没有选择，没有风险，更糟糕的是没有回报，这些都不起作用。我们可以建立一个人工智能或机器人来参与(比如)高频交易、拼接基因或预测约会对象。但我们无法构建一个人工智能，让我们在市场上享受早早退休的时光，在极乐中啜饮一杯玛格丽塔鸡尾酒，与伴侣一起观看日落，或在抚养孩子的过程中分享快乐。
Machines are therefore locked into an allocative game, and absent sophisticated and brittle AI techniques, they find themselves best able to engage in win-lose, in the zero-sum game. Two machines playing any game or protocol can only move existing value back and forth, they cannot create value.
This is reflected in the relative strength of the blockchain as an allocative method, below the line, and the relative weakness that the users and their smart contracts have found themselves in, above the line. In principle, this is sane and rational - before, we said that we should automate the simple, as much of the simple as we can. That which is complex, we leave above the line, for the humans. Therefore, correctly, blockchain places the choice above the line with humanity - win-win or win-lose, your choice, your smart contract, your enjoyment.
The Trap that UnPermissioning Created for Itself
“How much value is stored in smart contracts that actually do anything interesting?” Vitalik Buterin, tweet 13 Dec 2017
“有多少价值被存储在智能合约中，而这些合同实际上可以做一些有趣的事情?” Vitalik Buterin, 2017年12月13日的推特
The unpermissioned blockchain spends most or all of its strength below the line. Whether that user proposition be a payment or a series of simple “script” instructions, a virtual machine or a genetic algorithm trained to respond to questions of import [Sgantzos 2017], it is still automated, and it is left to the user to turn that base tool into valuable trade.
未受允许的区块链将其大部分或全部精力消耗在线下。无论用户主张是支付还是一系列简单的“脚本”指令、虚拟机还是训练有素的用于回答附加问题的演变算法（genetic algorithm）(Sgantzos 2017)，它仍然是自动的，用户可以把基本工具变成有价值的交易。
Satoshi’s design is justifiably seen as a breakthrough. The blockchain can complete simple trades automatically, at the allocative level of the zero-sum game; it defers complex trades of a more win-win, productive form to the complex layer, what might also be called smart contract space. The complexity of trade, as epitomised by the technical promise of smart contracts, is exciting to many.
Yet, it is somewhat clear that this latter part did not emerge, or was excruciatingly slow to do so. Why is this?
It may be that Satoshi's design so successfully solved the automation of payment and other simple tasks that the community put the win-lose on a taller pedestal than otherwise deserved. The solution was good at bringing together otherwise adversarial parties to trade, but there is no necessary conclusion that, just because the blockchain can solve an adversarial allocative trade in simple space, that complex space should likewise be adversarial, allocative, win-lose or zero-sum, either individually or in combination.
Above, indeed we present the entrepreneur as one potential user who does not want that. And has walked away in frustration. It is not just the absence of attention to this need, nor the weakness of tooling & solutions, nor the blasé attitude to end-user security. Rather, blockchain today has gone far further in its idolatry - the community champions the adversarial, the allocative, win-lose, zero-sum as the space in which to trade. It is as if the blockchainers say, “we've discovered trustlessness is the answer, and now trust is banned!”
And this is the trap that the UnPermissioned blockchain community has fallen into - the outcome of championing an allocative game is the promotion of an incompatible environment for constructive trade.
The obsession with the allocative approach has consequences. While a trader is concentrating on today’s big win, she is not concentrating on production. If she does win big, then her customer will lose big - and may not be there tomorrow. If on the other hand she loses big, she may depart the scene, with a bitter taste, big losses and no good word to say about blockchain.
Multiply the individual poverty across the community, into debates, chatrooms, decisions, divorces and other bankruptcies - the obsession presents a high barrier. It will over time act as a filter: those people who want to produce, have the patience to build, those who see the value in the long term, the trust will be excluded. Either by frightening them away, by chasing them away, or by win-losing away their value.
While, the easy winners are rewarded and encouraged to stay for another easy kill. If the environment promotes zero-sum trading then zero-sum traders are what will make up the community. If we can label that as a community.
The War on Trust
In Satoshi's view, technology can effectively route around the human "design flaw" in the present money system. Satoshi’s Bitcoin, therefore, is built to be incorruptible by human operators. Bitcoin champions a form of techno-absolutism that insists on properly designed technology as the solution to any social problem. This spirit of techno-absolutism **attracts like-minded people who are fascinated by the mistaken notion that technology can fully "replace" politics or human decision making. **Conjoin Bitcoin's techno-absolutism with an anarchic rejection of institutional authority and a libertarian commitment to property and privacy, and an unique social ideology emerges. It’s an ideology that is espoused by Bitcoin’s technology (i.e., its technology thesis) **and it also permeates the community. ** [Panchèvre, 2015 (my emphasis)]
在Satoshi看来，技术可以有效地绕过现行货币体系中的人类“设计缺陷”。因此，Satoshi的比特币是由人类操作者设计的，不会被腐蚀。比特币是一种科技绝对主义的形式，它坚持把正确设计的技术作为解决任何社会问题的方法。这种技术绝对主义的精神**吸引了志同道合的人，他们被一种错误的观念所吸引，即技术可以完全“取代”政治或人类决策**。将比特币技术的绝对主义与对制度权威的无法无天的拒绝，以及对财产和隐私的自由主义承诺结合在一起，一种独特的社会意识形态应运而生。这是比特币技术所支持的一种意识形态。**它也渗透到整个社会**。 [Panchèvre 2015(我记的重点)]
It gets worse. The win-lose approach to trade (think: real estate, used car selling and financial products) has now moved to center stage. This brings in people talented at the hard sell, the one off, the deceptive offering, the kill.
But, as the wrong type of trader permeates a community that also champions anonymity and an absence of standards or ethics, the line between aggressive trading and crime dissolves. Anything goes; it becomes rational to do what you can - as long as you don't get caught.
By way of rhetorical examples:
⇒ For me to make money on an altCoin pump, you must lose money by for example buying in with your life savings. Hopefully, for me, at the top, as I dump.
⇒ In the casinos, the house always wins.
⇒ If my ICO can convince the herd to move, I collect money, the herd pays. Delivery is optional, so the obvious happens - most ICOs are well dressed scams.
⇒ If I've bought in early on the ICO, and my take shrinks with each additional contributor, why not DDOS the chain so additional contributions can't get in?
If you look around the blockchain space and can't tell who's getting scammed, it's probably you. Jameson Lopp, tweet 23rd September 2016
如果你环顾一下区块链空间，不知道谁被骗了，很可能那个被骗的人就是你。 Jameson Lopp, 2016年9月23日发推
The earliest report of a possible crime is Jeff Garzik's report of an overflow bug being exploited in August of 2010 - some 184 billion were minted through abusing the limit of an integer at 2^64 size [Garzik, 2010] . Many followed. Indeed, many of the above list of black swans were criminally motivated. Which takes us from the early innocent days to the present brutal reality:
最早可能犯罪的是Jeff Garzik报告中溢出被利用的2010年8月的漏洞——通过滥用限制大小的整数2 ^ 64[Garzik,2010] 铸造了另外的1840亿。许多相关的事件在后面也连续发生。事实上，上面列出的许多“黑天鹅”都是出于犯罪动机。它把我们从早期的天真带到现实的残酷中:
Unpermissioned Blockchain is not only win-lose, it is encouraging of crime.
Attracting the sorts of people who can work effectively with win-lose and scaring away the rest is a self-fulfilling destiny in toxicity - BTFD, FOMO, and YOLO are rallying cries, anything goes becomes the climate, and crime follows close behind [Güring&Grigg, 2011]. We start with those who understand the haggle, the trade, the pop, the win in the short term. And we invite those who relish the easy money, the pump & dump, taking money from new players, the big kill. Followed by the crims.
In the final outcome, the unpermissioned blockchain fails to support business. Not because unpermissioning is a bad idea, but because an environment of zero-sum games promotes zero-sum behaviour, and squeezes out net-positive opportunities of productive trade. In a word, unpermissioned blockchain is toxic.
Of Casinos and Kitties
If your goal is money, you'll develop a destructive personality, as the world appears zero-sum, your desire is for others to do things for you. If your goal is liberty, you'll develop a constructive personality, since your world is your own creation. Mark Wilcox, tweet 13 April 2018
如果你的目标是金钱，你就会发展出一种破坏性的人格，因为这个世界看起来是零和的，你的愿望是让别人为你做事。如果你的目标是自由，你就会发展出一种建设性的人格，因为你的世界是你自己创造的。 Mark Wilcox，2018年4月13日
We can test the win-lose hypothesis: today's blockchains are where we automate payments, gaming, ICOs and exchange of crypto. The popular successful applications on Bitcoin and Ethereum are almost exclusively zero-sum games: "if you look at State of the Dapps, the large majority of working applications are either for betting, gaming, or facilitating the movement of ether." BlockMason, tweet 2017
我们可以检验赢方输方的假设：今天的区块链是我们自动支付、游戏、ICO和密码交换的地方。在比特币和以太坊上成功的应用几乎都是零和游戏: “如果你看看Dapps的状态，你会发现绝大多数的工作应用要么是用于赌博、游戏，要么是促进ether运动。” BlockMason，2017发推
This is the world of day traders, banks, pumpers & dumpers, private dealing, financial engineers, cartels and so forth: the house always wins, cartels are held together by self-interest, currencies such as BTC can only allocate and any 'gains' are because new buyers cash out the old buyers. There is consensus in transactions, but as we know from game theory, any faith you derive from these transactions is not long-lasting.
What are the net-positive businesses? To our knowledge, there are only two distributed applications in the entirety of crypto space that are productive rather than allocative:
☆ Steemit which is a blog posting site in which readers reward blog posters for good writings, and
☆ CryptoKitties, being a new game that 'produces' a cat from 2 others. The combination is a produced digital asset, however trivial, and the entertainment value of the process suggests that this is a productive venture, albeit controversially so.
If anything, CryptoKitties as a productive application highlights how far we haven't come - we've created a $500 billion industry in which the major crimes outnumber the major productive businesses.
Protecting the Environment
Who shut down BTC-e?
It wasn't the enterprising efforts of the cryptocurrency community or its verbose opinion-makers on social media or the "new 1%." It was several government law enforcement agencies that coordinated across multiple jurisdictions on limited budgets.6 Yet, like Silk Road, some people in the cryptocurrency community likely knew the operators of the BTC-e and willingly turned a blind eye to serious misconduct which, for so long as it continues, represents a black mark to the entire industry. [Swanson, 2017]
If the opportunity of unpermissioned blockchain in blockchain is winning or losing, then the outcome is destruction or denial. It’s hard for the small enterprise to make profits in a toxic environment. Encouraging the talents of war and appropriation has the effect of discouraging the talents of peace and trade. Which is fine, if we’re actually fighting a war, but what if we’re not? Such an environment does not welcome those who have the patience to build a business, those who see the value in trust.
Unpermissioned blockchains promote the zero-sum game therefore discourage business with aggressive win-lose, when business is by its nature built on the alternate, win-win. This is the fundamental reason why there have been few stable businesses in blockchain outside the zero-sum game - no rational business person will invest their capital in a toxic environment full of arguments & insults, thefts & hacks, risks of forks and the like.
In small business, we look for the trade that is a positive sum, because we want our customer to come back. We both win a little each time, and therefore, a win-win overall. We cannot grow as a society unless we all make profits together.
Therefore we must, in order to serve people and business, construct a blockchain that is encouraging to win-win, to net-positive trades. And while not discouraging of the allocative trade, which granted is an essential part of trade because of its simplicity, we do want to discourage the win-lose trader from taking center stage and thereby displacing the win-win trader.
We want to attract and incentivise the right sort of people, these that want to do good trade and make shareable profit; we want to discourage and filter out the wrong sort people, those that want to take the crumbs off the table, those that beggar their neighbour, and those that steal.
A blockchain for business is one that promotes win-win, productive trades over win-lose, allocative trades.
It is to that more refined goal we turn in the next section.
IV. The Governed Blockchain
The Challenge for Business
Our challenge then is to move the blockchain agenda from supporting the win-lose at the expense of the win-win, to supporting the win-win over the win-lose.
This is not to say that the zero-sum game, or that win-lose should somehow be forbidden. It's rather to say that our focus is on the win-win because that is where society creates value. Society loses money on the win-lose trade, which is why banks and bankers get richer and people get poorer and those countries that bailed out the banks in 2008 at the expense of the economy are in secular depression. Society - all of us - only create value when we work together and each take a profit out of the trade.
To encourage win-win we need to provide:
⇒ Open entry & exit
⇒ An environment of repeat transactions, where there is no end in sight,
→ Rules of the game
→ a way to trade (that’s the blockchain thing), and
→ Skin in the game
That latter is a new thing. Skin in the game says that we need a method for Alice to hold Bob to account when he acts up. The method needs teeth, so that the value in play is at risk. We need a structure where our community members can guard themselves against an aggressive party turning a trusting win-win trade into a win-lose by trick, just bad trust or downright crime. There must be repercussions for such actions, there must be skin in the game, so as to hold that aggressor to account.
Fixing the Walled Garden
A permissioned ledger provides for this, yet the process described above defeats it for the small player.
Why is that? A permissioned ledger consists of, let’s say:
◯ A wall around the garden
◓ A gate and a gatekeeper - fees, corruption, exclusion
☆ A set of rules,
☆ A method for applying the rules, aka Dispute Resolution,
☆ Consequences - skin in the game.
The problem - the difference between the two above descriptions - is the wall. Let's put them side by side:
◯ A wall around the garden
◓ A gate and a gatekeeper
⇒ Open entry & exit
⇒ repeat transactions
☆ A set of rules,
☆ A method for applying the rules
→ Rules of the game
→ a way to trade
→ Skin in the game
Once there is a wall, we have to have a gate to get into the garden. And once we have a gate, we have to have a gatekeeper. We outlined the barrier to entry costs of the gatekeeper above, but there is another cost we did not mention: Regulation.
Unless someone invents a decentralised wall (!), a decentralised gatekeeper (!!) and a decentralised gate (!!!) then the gatekeeper will be subject to both internal pressures and external pressures. To cut a long story short, our gatekeeper will come under some regulator's control, and will then proceed to place all of the regulator's choice rules in place.
See the problem? Pretty soon we'll be back to centralisation, to being a bank and needing a banking licence. Then everything will clog up and we'll be praying for another 2008 style bailout and a decade of stealth bailout, also known as Quantitative Easing.
A decentralised community cannot be beholden to a gatekeeper. If you're unsure of this, talk to the compliance department of any fiat exchange. Free entry has to be preserved in order for the result to be a community blockchain. Therefore, the decentralised community cannot have a wall nor a gate nor a gatekeeper.
Let's tear down the wall.
An Open Park
As well as being aligned to the concept of win-win, the rest of the elements above ☆ are not so forceful as centralising influences. In other words, they are not so controllable from outside the environment of your community’s blockchain. It turns out that we can decentralise these elements and create our system of governance with control in the hands of the community.
In brief, opening the Walled Garden into perhaps an Open Park with a posted notice board looks like this:
· The set of rules is a Constitution.
◦ It is offered and accepted on entry,
◦ It applies to every access, every transaction, every contract, every post.
◦ It points to the method of dispute resolution which is agreed in the same way,
◦ And, as a community document, we require:
· A method for the community to change … everything! A decentralised voting mechanism such as Delegated Proof of Stake (Larimer, 2017) does the trick, and can control change to:
◦ the rules! The Constitution can be controlled and voted by the community
◦ Software changes, too 😊
◦ important roles such as Block Producers, Arbitrators
· The forum of Dispute Resolution [Nagy&Shakel, 2008].
◦ Based on the Arbitration Act of all countries, which is to say, it’s legal 😊
◦ Unifies everyone under the same code (the Constitution) which smooths out any local advantages.
◦ Allows Arbitrators to be appointed by the community’s voting mechanism
◦ (And, did we mention, the rules are managed by the community!)
· An enforcement method for actions
◦ Decentralised voting can change the chain and rules.
◦ Rulings can be enforced by block producers.
◦ Rulings can also reach out to external world.
◦ Ultimately, a ruling enforced can take value or eject a person.
Why does this work? Firstly, the will of the community. It is not the wall that holds the person to account, it is the community, using the tools found inside. The rules are enforced by the members according to a process that is already agreed.
Secondly, in economics terms, the constitution forms a Schelling point to which everyone agrees on entry. This agreement, this constitution is sticky - when push comes to shove, most will stick to the rules, because they see that most will stick to the rules.
Then, the grievances can follow a path agreed by the community. The rules direct their grievances to the Arbitrator, who creates a Ruling, which can then act as a call to action encouraging the community to enforce. As the system starts to work, supporters gather and the process becomes the Community.
Finally, signalling: those smart criminals who are looking for easy marks will realise there are barriers here that will cost more and raise their risks. The the rules and rulings act as a filtering device. Crooks then analyse whether it is better to go to some other garden.
Further Research (of course)
There are three missing elements in this description which we have to leave out of scope.
One is Identity. As a consequence of the need to build trust over an extended series of trades (Alice’s Trust RADR above), Alice needs to be able to remember Bob and recall how her last decision went, before she relies on him again. Identity is a very deep and interesting topic in itself, but it is too big for this essay; interested readers are referred to the Identity Cycle [Grigg, 2015-2018] .
一个是身份。由于需要在一系列的交易中建立信任(之前的Alice的trust RADR)， Alice需要能够记住Bob并回忆起她最后的决定是如何进行的，然后再依据这些线索进行下一步。身份本身是一个非常深刻和有趣的话题，但是对于这篇文章来说它太大了;有兴趣的读者请参阅身份循环[Grigg, 2015-2018（http://iang.org/papers/the_governed_blockchain.html#ref_Grigg,%202015-2018）]。
Second, the technical security model. Multisig arrangements, recovery partners, time-delay transactions, staking and hardware wallets are all useful components (Larimer, 2017) that when deployed in concert with a strong Constitution and Arbitration framework will make the job of the criminal much harder.
二是技术安全模型。 Multisig安排、恢复伙伴、交易延迟、质押和硬件钱包都是有用的组件(Larimer, 2017)，如果与强大的公约和仲裁框架一起部署，将使罪犯的工作变得更加困难。
Thirdly, how to impose the Constitution on entry? This can be handled with a mix of two elements. (1) Technically by making the Constitution into a Ricardian Contract - one which is both machine and human readable, and critically has its hash placed into any relevant communications with users[Grigg, 2004]. Then, (2) legally, by having the Constitution include a clause that describes how third party operators and developers take on the responsibility for fairly presenting the Constitution to users. Their software can then ensure that users enter into the agreement, as signalled by the presence of the hash, to which all recipients may rely. Interested readers are referred to NortonRoseFulbright's "Legal Analysis of the Governed Blockchain" [NortonRoseFulbright, 2018].
第三，如何在进入时就能实施公约？这可以通过两个元素的混合来处理(1)。从技术上讲，通过公约变成一份李嘉图合约——一份机器可读的、人类可读的合约，并严格地将其哈希置于与用户的任何相关通信中[Grigg, 2004]。然后，(2)法律上，通过公约包含一项条款，描述第三方经营者和开发商如何承担向用户公平地展示公约的责任。接着，他们的软件可以确保用户签署协议，如哈希的存在所示，所有接收方都可以依赖哈希。感兴趣的读者可以参考NortonRoseFulbright对“被统治的区块链”[NortonRoseFulbright, 2018（http://iang.org/papers/the_governed_blockchain.html#ref_NortonRoseFulbright,%202018）]的“法律分析”。
"The principle of open entry is important for blockchain robustness, yet open entry can also occur within a range of actors that does not include the whole humanity, but only those that accept some rules and satisfy some requirements."
[Morini, 2017] .
A governed blockchain is one which has free entry, but conditions apply on entry (Morini 2017). Primarily those conditions are rules of behaviour, encoded in a Constitution, and include two critical elements: a forum for dispute resolution and a method for changing the rules.
We present it as a third alternative to the permissioned and unpermissioned blockchains (Swanson, 2015).
Up until recently, blockchains had been characterised as unpermissioned or permissioned, and this was thought to be the only choice. More limiting, to a large extent it was believed the two are incompatible, the choice is exclusive.
We offer a third choice, the Governed Blockchain. By identifying the components that differ, we find that one component - free entry versus the wall - is key, and it can be modified to create a third, safer alternative suitable for business.
A community of enforceable rules creates an open garden. A community in an open garden can cultivate win-win trade for the people. A community of win-win traders can build an economy for their mutually beneficial future. And finally, a mutually protective community can finally invite in the mass market.
The working draft of the paper was at: "The Governed Blockchain" - google docs https://docs.google.com/document/d/1TKegYdH5ASqGlEWiVDYFMubE7651hsZIuZb8FKO8KNk/edit#. ...
[working draft] "The Governed Blockchain" - google docs https://docs.google.com/document/d/1TKegYdH5ASqGlEWiVDYFMubE7651hsZIuZb8FKO8KNk/edit#.
[Grigg, 2017a] Ian Grigg, 2017a; "EOS: An Introduction," iang.org/papers/EOS_An_Introduction.pdf
[Larimer, 2017] Dan Larimer, 2017; "EOS Technical White Paper," github.com/EOSIO/Documentation
[Swanson, 2015] Tim Swanson, 2015; "Consensus-as-a-Service," http://www.ofnumbers.com/wp-content/uploads/2015/04/Permissioned-distributed-ledgers.pdf
[Buterin, 2015] Vitalik Buterin, 2015; "On Public and Private Blockchains," https://blog.ethereum.org/2015/08/07/on-public-and-private-blockchains/
[Evans, 2017] Charles Evans, 2017 "Delegated Proof of Stake: Between Anarchy and Leviathan," working paper forthcoming.
[Porter, 1979] Michael E. Porter, 1979; "How Competitive Forces Shape Strategy," Harvard Business Review Vol 59, No 2.
[Wikipedia] Wikipedia, "Risk Matrix," wikipedia.org/wiki/Risk_matrix
[Kerckhoffs, 1883] Auguste Kerckhoffs; "La cryptographie militaire ('Military cryptography')," Journal des sciences militaires, vol. IX, pp. 5-38, Jan. 1883, pp. 161-191, Feb. 1883. http://www.petitcolas.net/kerckhoffs/la_cryptographie_militaire_i.htm Kerckhoffs' 6th Principle is, "Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe."
[Narayanan, 2015] Arvind Narayanan, 2015; "Analyzing the 2013 Bitcoin fork: centralized decision-making saved the day," Freedom to Tinker blog https://freedom-to-tinker.com/2015/07/28/analyzing-the-2013-bitcoin-fork-centralized-decision-making-saved-the-day/
[Grigg, 2017b] Ian Grigg, 2017b; “Life is a Cabaret… Or how to split and merge a blockchain,” Financial Cryptography steemit.com/eos/@iang/life-is-a-cabaret-or-how-to-split-and-merge-a-blockchain
[Gupta, 2014] Vinary Gupta, 2014; "[Bitcoin] Cannot be divorced from pre-existing political theory," IAmSatoshi Interview, youtube.com/watch?v=FHFSvttMg6E
[Grigg, 2016] Ian Grigg, 2016; "On Trust," working paper, Part II of Identity Cycle.
[Harari, 2015] Yuval Noah Harari, 2015; “What explains the rise of humans?” TEDGlobalLondon https://www.ted.com/talks/yuval_noah_harari_what_explains_the_rise_of_humans
[Sgantzos 2017] Konstantinos Sgantzos "Implementing A Church-Turing-Deutsch Principle Machine on a Blockchain," forthcoming, HSCBB 2017
[Panchèvre, 2015 (my emphasis)] Ian Maya Panchèvre, 2015; "Immaterial World:The Virtual Politics of Bitcoin."
[Garzik, 2010] Jeff Garzik, 2010; "Strange block 74638," Bitcointalk
[Güring&Grigg, 2011] Phillip Güring & Ian Grigg, 2011; "Bitcoin & Gresham’s Law - the economic inevitability of Collapse," working paper
[Swanson, 2017] Tim Swanson, 2017; "Eight Things Cryptocurrency Enthusiasts Probably Won't Tell You," working paper
[Nagy&Shakel, 2008] Daniel Nagy, Nadzeya Shakel, 2008; "OpenPGP-based Financial Instruments and Dispute Arbitration,” Financial Cryptography 2008,
[Grigg, 2015-2018] Ian Grigg, 2015-2018; Identity Cycle, working cycle of papers, at https://drive.google.com/drive/u/0/folders/0B9aJ9_ZDMOjMbVRIMUNZdUJLakU
[Grigg, 2004] Ian Grigg, 2004, "The Ricardian Contract," First IEEE International Workshop on Electronic Contracting, iang.org/papers/ricardian_contract.html
[NortonRoseFulbright, 2018] Adam Sanitt & Ian Grigg, 2018; "Legal Analysis of the Governed Blockchain," NortonRoseFulbright, forthcoming
[Morini, 2017] Massimo Morini, 2017; "2018: The Year We Make Cont(r)act," Coindesk