Outline Part I:
1. Why you should care about Cryptoeconomics
2. Use cases and why we need Cryptoeconomics
3. Social Contracts & Crypto
5. Security Models
Outline Part II (read it here):
6. The Two Pillars of Cryptoeconomics
7. Cryptographic Tools
8. Economic Tools: tokens, consensus mechanisms
9. Possible Attacks to the network
11. Further readings
We often imagine Bitcoin and other cryptocurrencies like the Wild Wild West: no rules, no social norms, only greed, selfishness and mining. This perceived lack of law and order makes the crypto world scary to many people. However, in reality, there are rules that govern decentralized peer-to-peer (p2p) networks such as Bitcoin. These rules are coded into protocols and deliver the framework for how participants of a network interact with each other. They help us create a secure, trustworthy and valuable system, just like laws deliver a framework for a better society. Cryptoeconomics asks the question of how we can design these rules and incentives, so that the networks stay secure and create value for everyone. Cryptoeconomics uses cryptographic tools, game theory and economic incentives to achieve this goal.
In order to understand how complex and valuable these decentralized p2p networks are we need to understand some basic cryptoeconomics behind them. If you have a better grasp of basic cryptoeconomics, you will understand why the emergence of cryptocurrencies is more than just hype.
Why I’m writing this
While both cryptography and economics are established academic subjects, cryptoeconomics is a new field. One could say it’s a little shy of 10 years old (since the inception of Bitcoin). Because it’s such an emerging field it is constantly evolving and there is no solid academic degree one could obtain in order to understand cryptoeconomics better. I’m writing this because I myself wanted to learn more about the design process of Bitcoin and other crypto networks. There are many great articles and even online courses, but it takes a while to go through them and piece the information together, so I wrote an intro for myself and for you. I’ll link further reading recommendations below.
Why is cryptoeconomics so important, what are its use cases and why do we even need it?
Even if you have never heard the term “decentralized p2p network”, you’ve likely used one or at least heard of it in the form of former filesharing websites, like Napster or BitTorrent. Generally, they’re systems in which humans interact with each other and exchange value. Value can be anything we collectively deem valuable, like a material item or service. Most people would probably think of fiat currency as valuable because it is widely accepted as such and because we trust in its stability and longevity. Nowadays, even cryptocurrencies like bitcoin partly fulfill this role.
These systems are designed, much like our nation states, governments and democracies, by writing down and enforcing laws. Unlike our nation states, decentralized p2p networks are designed by writing code into protocols. Unlike our nation states, we put trust in the code rather than the government.
How we design these protocols influences how we interact with each other in these systems and thus how much value we can create and share. Ultimately cryptoeconomics lays the foundations for everything that happens in decentralized p2p networks.
When designing these protocols, we make certain assumptions and theorize about how the protocols will be used and how they might be misused. We try to use these assumptions to maximize the value of the system for its participants.
Imagine: we don’t have any rules in our society and everyone just does what they want. I think we can all agree that if you can kill or rob without consequences, our society wouldn’t function well. It’d be like The Purge every day. Thomas Hobbes described life in this so-called Original State of Nature as a “solitary, poor, nasty, brutish, and short” and then goes on to theorize about social contracts.
Just as in real life, we want our digital networks to provide value, security and help us thrive as a collective. So, the most basic goal of a decentralized p2p network is not only to add value but also with security and longevity. We want to maximize the security of our network, just like we want to do that in our nation state.
In nation states, security is granted through the state’s monopoly on violence through the police and army. This violence is used to keep security and thus to keep our society valuable to us (in theory at least…). For example, the state enforces laws through their ability to punish you, which is enabled through their ability to be violent towards you (e.g. put you in handcuffs or imprison you). So, by being part of your society you give up some power in order to work towards a better society. You do so because you trust that the government and system will indeed provide security and added-value versus being out on your own in the woods. Obviously, this is all theoretical because in reality most of us don’t actively decide that we want to live in a nation state, we are born into it. We also don’t explicitly consent to give up our rights and we don’t always trust our governments to protect us.
In the crypto world, programmed protocols enforce rules within decentralized p2p networks and therefore ensure value and security. In comparison to our larger nation states, the nice thing about decentralized p2p networks is that:
- Nobody can force you to participate.
- There is no central authority (like a government) who can misuse their monopoly of power (think about the horrid things corrupt and unethical governments have done, like genocide, slavery, discrimination.)
- There is no physical violence used to make participants stick to the rules.
- You trust in open-source code to provide you with security.
The question then arises, what rules and incentives help create and sustain a valuable and secure network? This is exactly the question cryptoeconomics tries to answer.
Now that we have laid the foundations for our understanding of why cryptoeconomics is important, why it exists and why you should care about it, let’s dive into the actual subject matter.
First, we need to understand the more specific goals that we are trying to achieve through cryptoeconomics.
On a very high level, the goals of a decentralized p2p digital network is to be safe and to provide value. In more concrete terms:
Things we want to encourage:
- Trusted execution (you can trust that your transaction will be executed)
- Open Access (everyone can access and read the code, nothing is locked away to be viewed by a privileged few)
- Fast Finality (transactions are executed quickly and irreversibly)
- Decentralized Control (there is no central authority which controls the protocol and the network)
- Inexpensiveness (encourages many transactions)
Things we want to avoid:
- Safety Failure (e.g. someone steals your tokens)
- Censorship (e.g. someone decides that a certain group of people should not be allowed to transact)
- Slow finality (opposite of fast finality)
- Centralized Control (opposite decentralized control)
- Expensiveness (duh)
On a deeper level, these goals can be achieved by the following:
- Convergence (one block goes on top of the other block and thus keeps the correct sequence in the blockchain)
- Data Availability (open access facilitates decentralization)
- Validity (each transaction is valid, helps avoid double-spending)
- Availability of the network to all, which is equal to censorship resistance
- Timestamping (which helps us determine block sequences, transaction validity and more)
- High performance under several cryptoeconomic security models
The very last point, cryptoeconomic security models, is an important fundamental concept. These security models are fundamental to the design of decentralized p2p networks.
Security models are assumptions about the state of the network and its participants. There are also more technical challenges that come with the decentralized nature of the network. Security models can speculate what percentage of participants are honest or whether they act individually, whether they can collude, or whether they can be bribed.
I’m not going to elaborate too much on them but here’s a basic overlook with further reading recommendations.
Byzantine Fault Tolerance: A decentralized network has Byzantine Fault Tolerance if it can function despite several failure modes described in the Byzantine General’s Problem (e.g. a certain percentage of participants are dishonest and a threat to the security of the system.) Read more about Byzantine Fault Tolerance in Georgios Konstantopoulos article here.
Uncoordinated Choice Model: An Uncoordinated Choice model assumes that participants make independent decisions and are smaller than a certain size.
In an Uncoordinated Choice Model, we can assume an Honest Majority Model in which no participant has more than 50% of the hashing power. Security is compromised when someone acquires more than 50% of the hashing power. This would enable them to fork the blockchain and include faulty transactions. (This 50% is more nuanced in reality.) The Honest Majority Model is a very optimistic assumption and thus not very resilient when facing the hardships of the real world.
More realistically, it has been proven that the Bitcoin blockchain’s security can be compromised if one attacker has a little more than only 1/3 of hashing power. (Read more about it in Emin Gün Sirer’s Cornell paper.)
In general, it is increasingly unrealistic to assume that there is no collusion at all and that security can be compromised through collusion.
Coordinated Choice Model: The opposite of the Uncoordinated Choice Model. It assumes that most or all actors are colluding through some agent or coalition.
Bribing Attacker Model: The Bribing Attacker Model assumes no coordination amongst network participants. They are bribed to make decisions individually that in the end compromise the network’s security as a total. Vitalik Buterin explains this further in this video around 20min24s.
As you can imagine, these models are the fundamental assumption behind the design of our network. If you assume an Honest Majority Model, you don’t need to take into account as many factors and possible attacks as when you assume a Coordinated Choice Model or Bribing Attacker model. I think we’re going to develop more and more of these with time.