74&W Exclusives


Christian Catalini


We begin our series on blockchain and cryptocurrency by tackling the basics with Christian Catalini, founder of MIT’s Cryptoeconomics Lab. Rather than asking him for a by-the-numbers primer, we decided to test our own ability to articulate some of the basic concepts of blockchain and ask him to correct or elaborate as appropriate. The result is an interview in which we gain a clearer understanding of what blockchain applications look like, what sets them apart from previous technologies, and how some of their more arcane features actually work.

To start out, rather than just asking you a straight series of questions, I thought I might try to describe to you what blockchain is, and then you can correct me.
Sounds good.

All right. So my understanding is that at its most fundamental level, a blockchain is simply a running ledger or record of linked transactions. Is that accurate?
Yeah. But I think one of the challenges is that there’s really no such thing as “blockchain.” It’s a suite of technology with many different implementations. When implemented correctly, it allows a network of economic agents – individuals, firms, robots and devices in the future – to really agree at regular intervals about the true state of some shared data. That shared data could be some sort of ledger. It could be some other record of transactions. It could be a set of attributes. So it’s a very general-purpose technology that can be applied in many different ways.

I understand that it may look a little different from application to application, but is there anything at the front end for the user or the consumer, for a person like me who’s in front of the computer, that would look or feel different about an application fueled by blockchain technology? Or is it more about the deep architecture, like an operating system?
I think a lot of it will be about the back end. Consumers may not even know that eventually a blockchain is behind some of those trades and transactions. But there’s a component of that that consumers may see, because they may have more options in terms of the degree of digital privacy that the system offers to them. And maybe cheaper prices. So I think in the long term, there’s a number of dimensions that may switch. And many of those have to do with this cost of networking, with the fact that you can create a digital platform without giving so much market power to a single intermediary. That may reflect in terms of prices, in terms of how much ownership you have over the digital assets, how much control you have over your data. Those are all dimensions that are likely to improve once the systems are deployed.

A moment ago, you defined blockchain as a technology that allows a network of agents to agree on the truth of shared data. As you just alluded, isn’t a key feature the lack of dependence on a third party to verify that shared data?
Yeah. [But] there’s a lot of confusion between the “permissionless” blockchain and the “permission” ones. On one extreme, when you think about some of these permission systems, they look a lot like the distributed databases that we’ve had around for 20 years. They don’t have economic incentives to power them. On the opposite spectrum, the permissionless ones are more novel but also often the ones that are more difficult to integrate with regulation and with the existing infrastructure, because they're changing some of the logic of how we do things.

One of the challenges is that there’s really no such thing as “blockchain.” It’s a suite of technology with many different implementations.

And if I’m understanding correctly, that older distributed database model essentially works like this: rather than having one single database held by one person, a whole network of people share the database and only the current best copy is the one that’s used. That, of course, makes it more protected from attack because there’s not just one thing that someone could hack into or compromise, because it doesn’t live in one place. It lives with everyone and is constantly updated. Is that right?
Right. So, often, you have many trusted nodes to replicate the data, unlike in a traditional environment [where you had one copy of the data]. But in that setting, if those trusted nodes collude, you can still rewrite the data, very much like you would have done in the past in [a standalone] database. So that’s why those permission databases are not really blockchains, even though some people label them that way.

All right. So help me make this clear. What exactly is the distinction between a distributed database and the blockchain?
The key distinction is that you add a native token. You add some sort of token that fuels the system and facilitates its operation by incentivizing actions on this new type of digital platform. So when I think about the more novel implementations of blockchain technologies that don’t look like distributed databases, they do have that feature, like in bitcoin, of some sort of token that may appreciate in value and really regulates incentives within the ecosystem.

Okay. So here you’re talking about the possibility for each participant in the blockchain – or to put it another way, each node of the network – to earn something valuable by executing some of the administrative tasks, like verifying the authenticity of the data. That’s the process that in bitcoin is known as “mining” – it’s basically a computing race to be the fastest and most accurate auditor of the chain of data, with a financial reward for the winner.
Right. When you think about bitcoin, you do have this immutable audit trail that forms over time. And the reason why that audit trail becomes more difficult to alter over time is partly because you have a clever mix of cryptography but mostly because you have game theory and incentives. So what makes blockchain secure is really the incentives that have been designed to protect its content over time.

By design, the amount of energy and computation behind mining will have to be equivalent to what society is willing to pay for that network to be operating.

So just to spell this out, again, the classic example of that incentive to protect content is the awarding of bitcoin to “miners” within that blockchain. Correct?
Right. When you “mine,” essentially what it means is that you were the one that added a new block to the blockchain. So that’s what mining is. And the protocol assigns you some rights. So when that happens, you’re entitled to assign some new generated bitcoin out of nowhere to yourself.

So it sounds like mining is a necessary component of the blockchain.
Not necessarily. I mean, it’s necessary within proof-of-work blockchains. But there’s now new experiments around proof-of-stake and other systems for reaching consensus without using miners.

How does that work?
Again, it’s still some kind of proof of work. It’s just that you're not asking to do mining or computation. You’re asking to do something else. In proof of stake, for example, the stake is I could say, “Look, I’m an honest validator of this chain and you should trust me.” And people would say, “Well, how can we trust you?” And you would say, “Look, I’m putting this money aside. This is my stake. If I don’t act honestly, you can take my stake away.” And so the cost of being a validator comes in the form of reduced liquidity, right? Because for some time, you don’t have access to that liquidity. You’re holding it almost as a bounty, in escrow, for your behavior. But there’s all sorts of new approaches to really thinking this through. You know, what other things can you do to make sure that honest nodes keep acting and validating and the bad nodes get removed from the network without using wasteful computation and energy? It’s unclear if they’ll be able to scale, but I think there’s a lot of interesting approaches coming up as alternatives to the bitcoin mining.

But to go back to bitcoin, how many participants in a blockchain network are usually miners? Like, does anybody know how many bitcoin participants there are right now, and are all of them miners?
It’s hard to say, but mining is usually a small fraction of the people speculating and investing, because it’s become so capital-intensive. Some of these [miners] have real data farms and everything.

So, realistically, how democratic or how competitive is mining? I mean, won't just a handful of people with supercomputers end up creating all the blocks, leaving the little guys out in the cold? Is it even possible for a guy like me to really create a block?
No. Mining now is very energy-intensive. So most of the small users are pooling together. That’s where mining pools come in. You can think of mining pools as a way to smooth out the uncertainty. More single miners would not find a block in a million years. But if you put enough small miners in aggregate, one of them may get lucky. So how these mining pools work is that they share the returns together. And they search the space together as if they were one big miner. Most mining is otherwise done by large players.

So, given the massive electricity and resources required for mining, is this whole blockchain idea even a reasonable possibility for the near future?
Right now, people are investing energy in bitcoin and other proof-of-work blockchains because they hope to get those tokens and they hope that those tokens will appreciate in value. They're making an investment. So that’s a key feature of this. But we need an equilibrium. By design, the amount of energy and computation behind mining will have to be equivalent to what society is willing to pay for that network to be operating. So I think you’ll see that number go down. But that’s sort of assuming that the technology cannot change and evolve. There’s experiments around what are called layer-2 solutions. So the idea there is to really increase the amount of transactions that you can clear and settle with the same amount of electricity and mining. Meantime, most people that don’t have a comparative advantage in mining would realize that they may as well just buy bitcoin on the market instead of generating them, and then hold onto them as a speculative investment.

The breakthrough from an economics perspective is the idea that, by using a native token in your protocol, you can coordinate economic activity and create incentives for people to provide resources.

We’ve gotten down into the weeds, so let’s pull back out a little and try to illustrate blockchain through a very simple example. Let’s say you and I and 10 other people are the nodes of one of these permissionless databases, or blockchains, and I sell you my car. There’s no bank involved, no third party. The transaction gets recorded onto this database that all 12 of us can see, and then it gets sealed cryptographically and verified by the fastest computer in the group, who then gets some kind of token as a reward for verifying it. And if you ever try to argue that I didn’t deliver the car, or I try to argue that you didn’t pay in full, there are 10 other people who can go back through the chain of transactions to see the receipt, as it were, which is sealed and thus can’t be tampered with by either of us or anybody else.
Yeah. We have a piece on the economics of the blockchain called Some Simple Economics of the Blockchain where we really try to make the distinction between two fundamental costs that the technology changes. Those two costs are verification costs and networking costs. The reason why we focus on these two costs is because the distributed-database-like blockchains only take advantage of the first cost but the permissionless systems take advantage of both. So, again, the first cost that we talk about is the cost of verification: verifying that some digital information is accurate and true. When you look at some of these corporate blockchain solutions or permission blockchain solutions, they do take advantage of some of this reduction in the cost of verification. But the cost that they don’t really take advantage of is what we call the cost of networking, which is essentially the cost of coordinating economic activity across the globe. Think about what bitcoin did. By writing incentives into the protocol, it [achieved] a really large deployment of infrastructure to secure this new type of financial network without anyone coordinating those investments. People just realized by looking at the incentives in bitcoin that if they provided computing power to the network they would be rewarded. That’s why you now have this massive infrastructure of miners all around the globe running computations to make bitcoin possible. The breakthrough here, from an economics perspective, is really the idea that, by using a native token in your protocol, you can coordinate economic activity and you can create incentives for people to provide resources and complementary assets, and you can incentivize early adopters.

So, again, it’s that incentive that’s really the innovation here, the thing that’s the true hallmark of the blockchain.
Yeah. You know, and it doesn’t need to be a cryptocurrency. Could be a crypto-token. It could be some sort of crypto-asset. Because in a sense, a currency is like a very simple version of a token that doesn’t have too much functionality. But you’re absolutely correct. It’s really by using this sort of incentive that you can get a number of the features that are interesting from an economics perspective. If you think about the digital platforms that we have today, most of them have accumulated a tremendous amount of market power. But with the token, you can recreate the digital platform where there’s no single entity controlling that marketplace. So you're able to create digital platforms without market power being concentrated in one or a few actors. And that’s quite novel.

A few minutes ago, you mentioned cryptography as being one of the keys to ensuring that the audit trail is immutable. So let’s delve into that a little. As I understand it, each block of the blockchain is verified by a cryptographic hash, and the miner that gets rewarded is the one that decodes that hash fastest. Each cryptographic hash is a secret code that’s extremely difficult to break, and it can’t be back-translated. So for example you could have two very similar strings of text, one being “My name is Jim Brown” and another being “My name is Jim Browne” with “Browne” spelled with an E at the end of it. If you converted both of those strings of text each into its own cryptographic hash, they would look entirely different from each other even though the only difference in the originals is that E at the end of Browne in the second one. So it’s not like by figuring out the coding for “My name is Jim Brown” you could even come close to figuring out the coding for “My name is Jim Browne.” They’re not back-translatable. Is that a proper understanding of a key component of blockchain?
Somewhat. Somewhat. So a blockchain becomes a chain by taking a digital fingerprint of every transaction that’s happening at a certain period in time, and then using that fingerprint to verify that that information hasn’t been altered over time. More computing power is dedicated in extending that chain, and you do have a digital fingerprint for each one of those blocks that kind of penetrates across the block. If I was trying to reverse or alter a transaction [from] the past, that would be extremely expensive for me to do, because not only would I have to alter the block that I’m trying to falsify, but I would have to alter every block after that. And since there’s a fixed amount of competition and effort that goes into each block, the more time passes, the more almost economically impossible it becomes for me to go and rewrite history.

And then when you couple that with the fact that it’s a decentralized thing, that it’s not just a single blockchain in reality, it becomes even less likely that it could be corrupted. Is that right?
Yes. Because now there’s multiple copies. And as long as the majority of nodes and people updating these blocks are honest, the honest chain will always grow at a faster rate than the dishonest one. Some people are really worried about what’s called the 51% attack. The basic idea behind that is that if you control the majority of computing power within a blockchain, you could do a nefarious thing such as spending the same amount twice on the ledger or reversing valid transactions. What people often don’t get about the 51% attack is that if you own the majority of computing power on the network, you’re the person that has the most at stake in that network, so by falsifying, you’re destroying the value of that network because everybody would see immediately that something nefarious has been done. And so a rational economic actor, even if he has the majority of the computing power, would not want to destroy the blockchain or try to double-spend and do those sorts of things.
It’s unclear if they’ll be able to scale, but I think there’s a lot of interesting approaches coming up as alternatives to bitcoin mining.

The perception of blockchain that I’m getting seems almost purely capitalistic in the way it relies on a trust system. Like if you do something nefarious then that removes anyone’s motivation to do business with you or to use your network. So you’re disincentivizing yourself. It seems like a lot of this is held together by market forces, by trusting the market, which is a really capitalistic concept, right?
Well, the market may not always be perfect in correcting some of these things or creating the right incentives. Some of these platforms are already struggling with governance and they're already realizing that to make progress and to advance, they do need to evolve and develop. So I think you’ll see over time that governance and other dimensions will also play a role. These systems will become to some extent almost like digital organizations. The market [will provide some] discipline, but part of that will also be better governance infrastructure of these decentralized platforms. So it’ll be a mix of market and governance.

What makes blockchain secure is really the incentives that have been designed to protect its content over time.

Some of the more interesting blockchain applications have to do with things like journalism, with securing intellectual property on an individual basis and protecting independent content creators.
Yeah. Those new models are all reflections of these new approaches.

It’s exciting, right? Because if you step back and sort of frame it like this, when people started to get on the internet in big numbers and connectivity was more of a common thing, then you saw things like file-sharing and the loss of control over IP. Which hurts content creators. This has been a struggle for a long time.
Right. [The problem has been that] if I have a digital good, I can copy it as many times as I want, right? I cannot distinguish an original banknote from a falsified one. With blockchain, it’s almost the opposite. Bitcoin solves the problem of double-spending. There was a thing called CryptoKitties, which were digital collectibles on a blockchain, the first example of a digital good that you cannot copy. Everybody laughed at it, but users started trading and transacting on them. So you create a set of new business models around digital content, how it can be monetized, how it can be protected. If I have a picture or a piece of music, I could implement some sort of digital rights [regime] without giving control to a digital rights management authority. Or if I’m using a picture on my website, I could prove that I’ve licensed it out [appropriately].


Christian Catalini is the Theodore T. Miller Career Development Professor at MIT, and Associate Professor of Technological Innovation, Entrepreneurship, and Strategic Management, MIT Sloan School of Management. He is also the founder of the MIT Cryptoeconomics Lab. Christian's main areas of interest are the economics of digitization, entrepreneurship, and science. His research focuses on blockchain technology and cryptocurrencies, and the economics of equity crowdfunding and startup growth. Christian is one of the principal investigators of the MIT Digital Currencies Research Study, which gave access to all MIT undergraduate students to Bitcoin in the Fall of 2014. He is also part of the MIT Initiative on the Digital Economy and the recently launched Digital Currency Initiative. He holds a PhD from the University of Toronto (Rotman School of Management), and MSc (summa cum laude) in Economics and Management of New Technologies from Bocconi University, Milan. In 2009-10 he was a visiting student at Harvard University. His work has been featured in Nature, Science, the New York Times, the Wall Street Journal, the Economist, WIRED, NPR, Forbes, Bloomberg, TechCrunch, the Boston Globe, and the Washington Post among others. He has presented his research at a variety of institutions including Harvard University, MIT, Yale University, London Business School, New York University, UC Berkeley, the Federal Reserve Bank, the US Treasury, the US Department of Defense, the World Bank, and the White House OSTP.

Return to 74&W Exclusives.

Copyright 2018 74&WEST LLC All Rights Reserved.
Do not reproduce without written permission from 74&WEST LLC.