The Bitcoin network’s massive use of electrical power to compute arbitrary values that select writers of new blocks to the chain has been a major source of anxiety in crypto communities for its waste of natural resources. Efforts to mitigate this waste, which some estimate to exceed annually the energy consumption of Ireland, consist of various alternatives to Bitcoin’s Proof of Work (PoW) approach, to be implemented in other blockchains. Most of these alternatives suffer from another fault at the heart of Bitcoin’s design, which is reliance on governance by the rich.
Owners of the most powerful equipment that wields the greatest hashing power in the Bitcoin (BTC) network have all the necessary advantages in the battle to mine new BTC. In an alternative proposal called Proof of Stake, owners of the largest amount of the network’s tokens are delegated as leaders of the chain, with the assumption that they have the most incentive to preserve the chain’s integrity. This, of course, favors the wealthy, conferring authority on the basis of financial means. Proof of Space, espoused by BitTorrent’s founder Bram Cohen in his upcoming token offering Chia, is another example of resource-based leadership, or governance by the rich.
The most simple, least wasteful alternative to these approaches would utilize the method that BTC does for bootstrapping new nodes onto its network, a restricted appeal to authority. Using any appeal to authority constitutes heresy in the anti-authority blockchain world. But a restricted appeal to authority is made drastically less susceptible to corruption, and forms a strong alternative to governance by the rich with only a few adjustments to its implementation. It may be termed Distributed Appeal to Authority (DAA).
Bitcoin’s Appeal to Authority
The driving principles behind blockchain’s ethos include decentralization, consensus, and avoiding reliance on single or multiple authorities. However, Bitcoin violates this principle when bootstrapping new nodes onto the network. When new nodes join, in order to contact other nodes, they must discover Bitcoin’s version of DNS entries containing the host/IP mappings that describe the network topology at the time the nodes join. This appeal to authority provides an essential service: DNS seeding for new nodes.
The identity of these nodes is hardcoded into the Bitcoin source, even revealing in comments the names of those responsible for maintaining the DNS seed nodes.
This leaves the network vulnerable to collusion between those particular parties/nodes, and constitutes a classic appeal to authority. That the creators of the Bitcoin implementation could not offer any alternative to this approach suggests that it is a necessary evil.
Any alternative network would need to seed new nodes with DNS entries in the same manner. One might utilize a similar mechanism to achieve consensus about the identity of the canonical blockchain that the network supports. This support of a single blockchain, instead of forks of the main chain, would obviate the need for wasteful Proof of Work operations, and for the alternatives which also favor the wealthy.
The solution proposed here, supporting only one canonical chain agreed upon by consensus, does not violate any principle to which Bitcoin adheres. All nodes in this new network would agree to store not just DNS information, but the Merkle root hash of the canonical chain that is to be trusted by new and participating nodes. This is subject to the same vulnerability as that faced by BTC’s DNS seeds, but that hazard can be mitigated by random selection of authoritative nodes.
The likelihood of the corruption of a small number of authorities, tolerated by BTC, would be addressed in the following manner.
Distributed Appeal to Authority to Ensure Blockchain Canonicity
The insecurity of most blockchains proceeds in part from the possibility of a 51% attack, in which a majority of nodes agree on a falsified version of a new block or of old blocks. In order to prevent the rewriting of old blocks, authority for designating the canonical blockchain should be extended on a random basis.
A shifting group of authority nodes, consisting of 5% of the network, must agree on the Merkle root hash for the canonical blockchain to which the leader is writing. In the case of any disagreement, another group of 5% will be selected at random, a set not to include the previous group of nodes.
Just like in BTC, registering new node activation and old node deactivation can be managed by that randomly selected group of authoritative nodes.
Random Selection of Leaders for Block Generation
The leader and sole responsible party for the creation of a new block would also be randomly selected via a seed number obtained through reference to an atmospheric noise-based random number generator. Then a new survey will be performed of all the known nodes, the outcome of which distributes the authority of that selection process, allowing all nodes to agree on the randomness of the selection of the new leader.
The group of known nodes is defined at the moment of survey initiation by the contents of the last block leader’s DNS table. The current leader will poll the random number oracle, and the leader will broadcast the number to all nodes known, along with its network DNS table at time of survey initiation. That number will select the next leader from a list indexed by the order in which the nodes joined the network.
This proposal, the thornier details of which are fully described in a whitepaper to be published in August, has the virtues of extreme simplicity, of avoiding governance by the rich, and of obviating the need for wasteful energy expenditure. The final result, a restricted, randomized appeal to authority, has its integrity in sharing authority equally among all nodes. If the appeal to authority is fairly and randomly and securely distributed, is there any drawback to it?
The alternatives to Distributed Appeal to Authority are well known. As noted, appeals to authority in the case of DNS bootstrapping are a priori good enough for BTC and other major blockchains, and are in fact instrumental to them. Perhaps making those appeals more useful and fairer by expanding their scope, but distributing the appeals randomly and securely, might solve key problems with blockchain’s most prominent protocols.