The Economics Blockchain Design: A Real-Time Commentary

Kevin Werbach
6 min readJun 30, 2019

A really important paper (or technically extended abstract) by Christian Catalini, Ravi Jagadeesan, and Scott Duke Kominers was posted last week. It goes to the heart of the choices facing the blockchain community today. It’s short (6 pages) and equation-free, so it’s more accessible than most technical or economics papers.

The authors are affiliated with Calibra, Facebook’s subsidiary associated with its Libra cryptocurrency initiative. Calibra funded the research. The conclusions are, unsurprisingly, consistent with Libra’s design. It’s no accident the document was released the same day as the Libra announcement. That said, it’s not a Libra document; it’s an academic paper. And it doesn’t ever mention Libra, because its analysis is not limited to Libra in any way.

This is a significant contribution to the blockchain legal/institutional/governance debate. What follows are my comments and questions, with snapshots, which were originally written as a tweetstorm.

A much better explanation of the value of decentralized financial institutions than the usual “centralization bad. very very bad. when moon?” from most crypto proponents. But I’m confused about the highlighted part…

How are there economies of scale for contracts and courts? Yes, they are centralized, but isn’t that because enforcement traditionally requires an accepted source of authority.

Implicit but important and easy to skip over: Even public utilities (or commons) have market designs.

How are there contracts between miners and exchanges/wallets? The latter are dependent on the former for security, but that’s implicit in the market structure rather than any express relationship.

Custodians don’t fork, nodes do. The UASF effort in the Bitcoin scaling wars was the exception that proves the rule.

Not the only constraint. A malicious PoW node isn’t slashed or excluded, but it’s going to waste whatever money it puts into an unsuccessful 51% attack or other exploit.

Still having trouble understanding this claim. Is “utility” for a blockchain simply a function of the probability of catastrophic failure? In other words, the benefits and wealth generated are immaterial to utility?

OK, now I see the earlier point about the contracts. It’s not that there are custodian-miner contracts under PoW which are unenforceable; no one ever attempts such contracts (the standard legal/economic response to opportunism) because they would be unenforceable.

Now I’m trying to understand how the relational contracts work in proof of stake. First, do PoS systems necessarily involve this liquid democracy, where token holders can delegate authority to stakers? I thought in many systems you must actually stake to have a vote.

Next, why are PoS delegations contractually enforceable? Is the point of custodians being able to freely change that they can demand a legally enforceable contract in return for delegating (which the node will demand as well bind the delegator)?

If I’m understanding correctly, the paper makes an argument why the incentives created by PoS are compatible with a legally/institutionally enforceable regime emerging, not that the relational contracts necessarily exist.

Bingo. A Bitcoin maximalist would say this gives up the whole game; if effectiveness of a blockchain depends in any way on governments or other trusted institutions, it’s not a blockchain. The paper implicitly rejects this view (as do I).

This part of the paper is extremely helpful in identifying the interplay of code and law in blockchain systems. It’s a more formalized explanation for the argument in my book (and by others) that the two are necessarily interconnected.

We can choose to build blockchains, such as Bitcoin, as completely independent of legal authority at the core as possible. But there are big tradeoffs involved, in security not just in scalability or other dimensions. (And law will still matter for those using the blockchain.)

Acknowledging the legal/institutional environment doesn’t make a blockchain “just a centralized database.” It makes scalability and perhaps governance much easier. But it creates its own set of tradeoffs.

A huge insight, if I’m understanding it correctly. PoS systems can bootstrap locally enforceable contracts into a globally secure system. No legal contract can be truly global because enforcement is by territorial sovereigns.

International and transnational law exists, of course. But it’s based on incentives and reciprocity, rather than the direct enforcement power of territorial law.

The pattern of global consistency despite local failures is not new. It’s inherent in distributed systems design in computer science, where a bad link or machine doesn’t disrupt global state. Blockchains are a particular class of distributed systems.

The difference here is we’re talking about global contracts, not just global state. That has massive implications.

Ethereum’s “world computer” vision of smart contracts also implies contracts that are enforceable globally, but that’s at the application layer. This discussion is about the core blockchain consensus layer, which needs to work for the higher-level functionality to exist.

I don’t fully understand the argument, though. How do strong local institutions for some delegators enforce contracts for other delegators without strong local institutions? Why does the system embody the strongest rather than the weakest link?

Is it that those in jurisdictions with weak institutions free ride on others, similar to the way PoW users free ride on the work done by miners to secure the network (paying an implicit inflation tax)? So the system is globally secure as long as there is enough activity based on strong local institutions?

Appropriately acknowledges the tradeoffs here. There’s no free lunch. It all comes back to whether escaping law and established institutions is an instrumental goal of blockchains, or the ultimate goal.

I’m convinced decentralization uber alles is bound to fail, except for narrow use cases that may lack critical mass. But decentralization is an important goal that we can’t lose sight of.

Exchanges seem to play a pretty prominent role in the Bitcoin ecosystem, no? Though to be fair, the recent Binance hack aftermath illustrates the limits on exchanges’ power over PoW miners.

What I just said, and what many others have said. To restate the point: proof of work may be needed for censorship resistance, but minimum viable decentralization is generally more important than censorship resistance.

Fin. Comments welcome.



Kevin Werbach

Wharton prof, tech policy maven, digital connector, pesctarian, feminist. Co-author, For the Win; author, The Blockchain and the New Architecture of Trust.