Today the press ran an article about the first coordinated effort by a growing quorum of concerned technologists to engage the political process and push legislative action towards fixing the crypto problem. A problem that many of us feel is spiraling out of control. Our letter is inspired by the Union of Concerned Scientists’ letter addressing the climate change crisis; however, this time, it is an issue of financial regulation and concerns about consumer protection and market risk, which are both high matters of public interest.
I am deeply proud of this project and all the courageous people who signed on initially and helped in drafting it; and am happy to announce that we are opening up the signatories to the total tech community and hope that you will join us in telling our leaders that the status quo needs to change and that technologists should have a voice in shaping policy.
No letter is perfect, and no message will appeal to everyone. Crypto skepticism is not a homogeneous school of thought, and there is no central doctrine or leaders to this movement other than a broad north star of working to minimize fraud and protect the public from undue financial harm. There are crypto skeptics who think there might be some redeeming qualities in some crypto assets, and there are those who want it all to “die in a fire” and everywhere in between. The guiding principle of this letter is to find a middle way that at least most people can agree on and phrase it in a manner such that it can be best understood by our policymakers, who are deeply confused by even minimal jargon and technical obscurantism.
It’s no secret that the crypto industry is plowing vast piles of money into lobbyists left and right, and pouring all manner of money into putting industry insiders into office. The regulatory capture of crypto is best likened to the lobbying push in the 1970s when multilevel marketing schemes became a fixture of American life when legislators introduced loopholes and exemptions for legal pyramid schemes into our regulatory system due to massive inflows of industry lobbying. One of the primary goals of the drafters of this letter is not to go down that path again where crypto becomes a fixture of public life alongside the likes of predatory pyramid schemes.
Finding consensus on this issue was no easy task and was intensely frustrating. Over the last few weeks, I’ve had tons of back and forth with many professionals about the precise terminology of this letter and the specific claims about the harms and risks of crypto assets. With this article, I will endeavor to share my experience in consensus-building and semantics so that others don’t have to repeat this immensely stressful work.
Blockchain is a meaningless term. This is an enormous problem because if we aim to build policy concerning financial assets built on top of blockchains, we need to have a shared vocabulary about what we’re seeking to regulate.
There is no universal definition of blockchain. Historically the word itself only came into everyday use around 2016. And yet now, the term has been retroactively applied to subsume a truly vast collection of disparate concepts in computer science dating back to 1962. Under the most expansive definitions of the term, any data structure which involves a hash function and either a directed graph or linked list is now a “blockchain .” This definition includes technologies like SVN, CVS, Git, Certificate Transparency logs, linked timestamping, peer-to-peer archiving systems, Postgres commit logs, master data management systems, and various authenticated data structures.
Now, these technologies have essentially nothing to do with cryptoassets, and most predate bitcoin by decades. And yet somehow, as a field, we have decided to retroactively apply marketing terminology from the blockchain industry to subsume such a vast quantity of unrelated things, to the point where the overgeneralized term itself subsumes vast sections of computer science textbooks.
The rub in this discussion is that non-financial blockchains—if such a term is even well-defined—are not the subject of the cryptoasset debate. Nevertheless, the cryptoasset debate must involve a discussion of blockchains because the legal issues of peer-to-peer payments, identity management, censorship resistance, transaction privacy, and user data management surrounding these cryptoasset networks flow inexorably from their technical design choices. And so, we drastically need precise definitions to have an informed policy discussion about these technologies.
With intentionally ambiguous terms like “blockchain” and “web3”, we are left in a situation like the Indian parable of the blind men and an elephant where we’re all feeling around in the dark for something we grossly intuit but can’t describe objectively. And this is even more pronounced for lawyers, staffers, and politicians who typically lack any technical background even to begin to work on policy.
No issue seems to draw contention amongst technologists more than the issue of so-called “permissioned blockchains.” It is a highly ambiguous term that is obfuscated by marketing jargon and where the boundaries between it and traditional relational databases are incredibly unclear. Many so-called “permissioned blockchains” are simply relational databases with perhaps some additional software or marketing layered on top.
This is a topic that so many people I spoke with feel very strongly about, yet puzzlingly as far as I can tell, no one actually uses this type of software for anything. Let’s assume every dialogue about this quirky unused database is being done in good faith. However, I can’t help but feel like many arguments about this type of software are guided by perhaps an appeal to moderation to find some redeeming quality in the “blockchain” phenomenon however contrived. Even if no one actually uses this software in reality.
Permissioned blockchains go under various names ranging from private blockchains, permissioned blockchains, enterprise blockchains, distributed ledger technology, and ledger databases. The three most prominent examples of this appear to be:
Now there are probably a non-zero number of users of these solutions. But it’s not a number much above zero. These solutions are relatively niche and maybe have some use cases in regulatory reporting or back-office systems, effectively the legal and data plumbing of corporations that nobody ever sees. And after digging into both of these architectures, it’s evident from their documentation that both are actually built on top of traditional relational databases. And both can circumvent append-only designs when needed to redact, update and delete data. This design is not surprising given that corporations have compliance obligations under frameworks like ISO27001, SOC2, and GDPR, which require corporations to update and delete customer data.
However, this begs a fundamental question; if we add the ability to redact data from an append-only database/blockchain design, then well, to first approximation, we just have a database with an audit log. Why do we need a new buzzword for a database architecture that people were doing on DB2 on IBM mainframes in the 1970s? Sure we can rename this architecture a “permissioned blockchain” or a “replicated database ledger,” but what does the term clarify? We’ve already had terms for this architecture for decades. Why play word games?
I and a few of the other signatures of this letter have actually worked on these architectures in the past, and at least in my experience, the solutions that end up built are much like the now-infamous tweet thread Gergely Orosz describes of the Walmart Canada blockchain project. They’re Rube Goldberg machines constructed from middle managers and architecture astronauts reading too many Gartner whitepapers and thinking this is a sensible way to architect software. This architecture that Walmart chose to build is stupid on a profound level. One could replace this entire setup with a single Postgres node running on a minimum AWS instance and achieve vastly better performance than these 600 servers running in parallel, seemingly for no reason. However, there’s no law against stupidity in software architecture, and if a powerful multinational corporation wants to run up a vast cloud computing bill, well, that’s on them. It’s not on cloud providers to determine customer best interests on compute resources. We can laugh at this, but to be honest, more hilariously contrived topologies are being built on top of Kubernetes every day.
Permissioned blockchains are either pointless, redundant, undefined, or banal, and most importantly, nothing about them falls under the remit of any financial regulation or from first principles presents any harm to the public. We can talk about the veracity of this architecture from a purely academic software perspective, but perhaps we should leave it out of policy discussions because it’s so far removed from crypto assets as to be almost completely irrelevant and confuses policymakers. No one’s grandmother is losing their life savings gambling on Azure SQL ledger databases.
The word “cryptocurrency” itself is also a misnomer because, as any economist will point out, these tokens are financial assets not currencies. Nevertheless crypto assets aren’t a homogeneous group of products, and talking about the entire space in full generality is fraught with ambiguity. Broadly speaking there two buckets of assets, speculative tokens and non-speculative tokens.
People hold and trade speculative crypto assets like Bitcoin and Dogecoin, hoping they’ll appreciate in value to sell them to a greater fool for more dollars. They don’t use them as a medium of exchange because, as money, they are incredibly suboptimal compared to existing systems. The El Salvador experiment is a bleak failed experiment of what happens when a country tries and will always end badly. Now what is the purpose of a non-physical non-productive financial asset with no fundamentals, no cashflows, and purely narrative-driven demand? I don’t know. The Nobel laureates don’t know. The world’s top technologists don’t know. I don’t think anybody knows.
Speculative crypto assets are an extraordinary popular delusion like tulips or Beanie Babies, a bubble with no economic rationale for why its demand exists, other than people like to gamble, and there is a great mass of people who want to bet against each other on the financialization of talking dogs and castles of nothingness in the sky.
And then, we have non-speculative stablecoins, which attempt to create a medium of exchange by creating derivatives of sovereign currencies. These products don’t have a direct equivalence in our policy framework; they act somewhat like both unregulated banks and money market mutual funds and, as we found out in the last week, are subject to the same run risk as those products except riskier and which collapse faster and harder. This risk is so pronounced that people are now calling for deposit insurance on stablecoins, precisely like the framework we put into protecting banks after the market crash of 1929. And with stablecoins like Tether, we have no idea what’s inside of these black box pools of assets, a terrifying prospect from a systemic risk analysis perspective if we were to let these products intermingle with the larger economy.
In our policy discussion, we are indeed asking the wrong questions about stablecoins. Why do these stablecoins need to exist? We have banks. We have a robust framework around them that’s worked well for 150 years. What do stablecoins bring to the table other than more risk to consumers?
I understand that the network of crypto bucket shops running out of tax havens in Antigua, Barbuda and the Cayman Islands has to create their own clearing system because they have trouble getting traditional banking access, but just maybe there’s a reason they have trouble getting banking and payment access. The fundamental policy question related to stablecoins is whether these products offer the public any benefit to the public as compared to the risks of creating dark pools of offshore pseudo-dollar-denominated untaxable accounts that can seemingly evaporate almost instantaneously and with no warning. The goal of stablecoins is seemingly to geometrically expand the scope of shadow banking and give everyone in the world a numbered Swiss bank account, and it remains unclear how to reconcile such a prospect with our existing tax and money transmission framework.
Crypto used to mean cryptography, a branch of study at the intersection of mathematics and computer science. Web 3.0 used to mean the semantic web, a version of the internet in which all the world’s knowledge was organized into a searchable graph. Now both words have been co-opted to mean highly risky speculative investments and frauds and as marketing buzzwords to obscure intent.
A great many researchers and working software engineers don’t like this abuse of computer science terms to peddle risky investments. We’re tired of this, and many of us feel this is a blight on our profession and it needs to stop.
Technologists need to be involved in more grassroots lobbying on these issues. I’m certainly going to devote some of my life to this work, but I can’t do it alone. We have to work within our existing democratic institutions and with other like-minded people in the law and finreg community to tackle the problems because crypto is a problem that the software community created, and it’s one that we inevitably have to have a hand in reigning in. Although we might differ slightly on the end regulatory state, I have high faith in our democratic processes and institutions to arrive at a solution that balances the public interests with a legitimate desire for responsible financial innovation, and I think we can all agree we can do better than the hot mess we’re in right now.