Today, powerful corporations process and mediate almost all transactions and online interactions we engage in today. Zoom and Google let us videoconference. Facebook and iMessage host our conversations. Large social networks have recently added ways for us to pay one another, with the most successful probably being WeChat, now accepted by nearly all merchants in China, with the help of the Chinese government.
As a result, data and money accumulate in centralized databases. This attracts hackers, advertisers, and government spy agencies. It also creates a lot of information asymmetry and confers great power (and great responsibility) to those who are in charge of the centralized systems.
Cryptocurrencies have inspired people around the world, ushering in the promise of autonomous, decentralized networks that let people transact without having to trust each other or any third party. These networks would not be controlled by any one party, but managed by their participants instead. They had set out to replace the intermediaries we use today.
Sadly, decentralized social and payment networks have not gained nearly enough mainstream adoption, and most people continue to use centralized systems in daily life. It’s been over a decade since Bitcoin was introduced as a peer to peer cash system, but few people use it for everyday purchases. Three years ago, tons of people invested into initial coin offerings on Ethereum, yet practically none ended up being actively used as currencies. What happened?
What’s Blocking the Blockchains
The reason can be traced back to one key architectural decision common to all these networks: they choose to maintain a global consensus about the order of all the transactions in the entire world. This consensus process creates a global bottleneck for the entire network, which manifests in various ways. Whenever there is an uptick in activity on either platform, transaction fees spike up to $20 and above. If thousands of people simultaneously wanted to transact on-chain, they wouldn’t be able to – at any price.
Most Internet protocols have no practical limit on how much concurrent activity they can scale to support. This is true, for example, of HTTP which powers the Web, and SMTP which powers email. As more servers and clients join the network, more websites can be hosted and more emails can be sent. By contrast, no matter how many nodes are added to Bitcoin or Ethereum today, the throughput of the networks will stubbornly remain the same: somewhere between 3 and 20 transactions per second.
These networks are based around growing one global blockchain, which must contain all transactions in the world, sequentially ordered by which happened first. These transactions may represent sending money anywhere in the world, on the Bitcoin ledger; or computer instructions executed on the Ethereum “World Computer”. The bottleneck caused by the global consensus manifests in the “miner” which mines the next block. Any transactions that aren’t included in a block don’t get accepted. Increasing the block size (as Bitcoin Cash did) doesn’t solve the underlying architectural problem, but merely multiplies the throughput by a constant number, like 32!
When proof of work is used, the situation can be even worse. Since we don’t know who will mine the next block, we have to send every transaction to every potential miner. In addition, to prevent double-spending, every “full node” has to store the history of every transaction ever, a history that grows all the time. Even if we somehow removed the bottleneck on transactions being appended, the amount required to store the entire history would quickly become prohibitive. These first-generation networks are not effectively designed for everyday payments, and even occasional transactions make it costly to maintain the network. Already, full nodes and miners to secure the network can only be operated by deep-pocketed elites.“Scalability is a big bottleneck because the Ethereum blockchain is almost full. If you’re a bigger organization, the calculus is that if we join, it will not only be more full but we will be competing with everyone for transaction space.” – Vitalik Buterin
Do we need Global Consensus?
The fundamental issue is that every full node has to be aware of every transaction ever made, and come to a global consensus about which one happened before which (called a “total linear order” in mathematics). This requires the network to constantly engage in a consensus process involving all the participants in the network. No matter how you design it, that will lead to a bottleneck.
But is global consensus truly necessary to avoid the double-spend problem? Can we create a decentralized network that is just as secure and byzantine-fault-tolerant, without creating this bottleneck? What if, instead of a “World Computer”, with transactions being akin to “time slices on a mainframe”, we instead had “personal computers”, all working in parallel, and occasionally sending each other messages?
Ideas along these lines would involve partitioning the network into smaller sub-networks, each responsible for maintaining a local consensus. This approach, called “sharding”, is behind the push for Ethereum 2.0 .
Consequences of Not Sharding
Despite its name, Bitcoin doesn’t have individual coins. Bitcoin’s wallets contain arbitrary balances called “UTXOs” (Unspent Transaction Outputs from previous transactions). Each transaction creates multiple UTXOs, and each can have a history stretching back to the first block, so it’s not possible to cleanly partition the network.
Ethereum tokens work by storing balances for each account inside variables on the blockchain, calculated and stored by every node. At first glance it would seem that one could partition the Ethereum network by having each token smart contract on its own blockchain, maintained by only a small subset of the nodes. But then, the security of each such “shard” would be greatly reduced 1, while a lot of value could be invested (“locked”) in that particular token or DeFi smart contract. Concentrating the value in one place creates a honeypot for hackers and miners to try to steal money from others.
This concentration of value and power is an unavoidable result of global consensus. Today, a new mechanism has emerged, which presents a large risk to DeFi projects. Nicknamed Flash Loans, it allows anyone to anonymously borrow vast sums of money in various ERC-20 tokens with no collateral and no risk, and then use them for manipulating oracles and siphoning money from leveraged margin trades. These are attacks are possible because the “World Computer” runs one transaction at a time. And given how few transactions can take place at a time, each transaction is allowed to be arbitrary large.
Truly Decentralized Networks
Protocols based on global blockchains have painted themselves into a corner, whether they are powered by proof of work, proof of stake, or variants thereof. Newer projects, like Intercoin or MaidSAFE, have begun with a completely different architecture, allowing them to scale to handle a practically unlimited of simultaneous transactions.
Instead of recording arbitrarily large balances, you can start with coins that are not divisible. Each coin worth a small, limited amount, and is individually tracked and secured by a small section of the network. To enable people to give exact change, coins come in various denominations (think quarters, dimes, etc. except divisible by powers of 2).
The upper limit on coin denominations is intentional. To move a large amount of money, you would need to send a lot of coins, akin to bringing suitcases of $100 bills. This means transaction fees, even if exceedingly tiny (e.g. 0.001%), would be proportional 1 to the amount of money being transferred. This architecture is designed for the long tail of everyday payments all around the world, rather than occasional transfers of large amounts.
By avoiding global consensus, the network has an entirely different character. There are no bottlenecks, and concentrating money and power in one place becomes a lot harder. Gone is the ability to move arbitrarily large amounts of money for a fixed fee, but now everyone can transact at once. Gone is the ability to borrow arbitrarily large amounts of money with flash loans, and deploy them on any vulnerable DeFi contract.
Distributed Decision Making
The role of Global Consensus was to get everyone on the same page about the “official” history of everything. Ambiguities occasionally arise, such as which of two conflicting transactions should be accepted by everyone. With Bitcoin and Ethereum, the ambiguities are aggregated into self-consistent versions of a giant, monolithic blockchain. Then, costs (e.g. electricity for mining) are escalated on all sides, to try to make one version win, and the others give up (producing orphans and uncles).
However, in the real world, end-users are ultimately the ones who choose whether to accept the results of payments and computations. They respond by taking real-world actions, like mailing that purchased eBay item or not.
Imagine an architecture without global consensus, where each coin or local activity is tracked and secured by a small section of the network. Nodes are periodically reassigned to different sections, unable to choose which section they’ll be part of next. Once in the section, they run a consensus about the latest state of a coin.
Under this set-up, there may be uncertainty about the current status of a specific coin, but it doesn’t affect the status of other coins. Ambiguities can occasionally arise for a number of reasons, such as
A) slight disagreements on which nodes belong to a section at the moment, and
B) whether a majority of them voted for a given version of the transaction.
Instead of aggregating them into giant blockchain versions that duke it out, projects like Intercoin focus on reducing the probability that these ambiguities arise in the first place. For example, even if there is disagreement about A, there would still be great agreement about B except in rare cases where things are split nearly down the middle. These ambiguities would eventually resolve themselves as nodes join other sections of the network and participate in their consensus instead. And even as these ambiguities about the coin’s current status may arise, the history of the coin is secure.
Individuals can transact in the face of these ambiguities given one simple mechanism: being able to endorse a transaction after the local consensus has voted in favor of it. Sometimes the recipient of the coin will refuse to accept it, due to some ambiguities in the consensus about its current status. The rare decision of “how risky” it is to accept the payment ultimately resides with the individual vendor. Until they are resolved, the purchaser simply pays with other coins.
This is what happens in the real world. Sometimes a credit card payment doesn’t seem to go through, so the purchaser pulls out another credit card and makes a successful payment. If the first payment eventually completes on the server side, the purchaser will simply refuse to endorse it, thereby avoiding a duplicate payment.
Crypto: The Next Generation
The last few years have seen a lot of innovations in the field of distributed systems and cryptography, including BLS signatures, and zero-knowledge proofs. It’s exciting to see a new generation of distributed systems that are able to combine security with scalability. Will they pick up where Bitcoin and Ethereum left off?