Notes from the Vault
Larry D. Wall
July 2018

The current financial system relies heavily on trusted third parties, such as banks and clearinghouses, to transfer claims from one party to another. Blockchain technology is being promoted as a way to transfer financial claims in a "trustless" manner; that is, the transfer relies solely on computer code and not on institutions controlled by humans. Many blockchain supporters argue that, because it eliminates the financial institutions, blockchains could revolutionize finance (see, for example, here, here, and here). However, as Vili Lehdonvirta, a professor at the Oxford Internet Institute, observes in a recent post, there is a difference between enforcing the rules and making them. As he observes, "Who makes the rules matters at least as much as who enforces them."

The question of who makes blockchain rules might not matter if the code for individual blockchains were immutable. Anyone seeking to use a particular blockchain could examine its rules and determine whether the rules were appropriate for their activity. However, the rules are not immutable, and potential changes have been a major source of contention at two of the largest blockchains.1 In one case, the blockchain Ethereum faced the problem of whether to undo part of its history to block the "theft" of funds from an investment fund called the DAO (or Decentralized Autonomous Organization) that operated on its blockchain. In the other case, the bitcoin blockchain, the point of disagreement has been how, if at all, the rules underlying the blockchain should be changed to increase transactions volume, or the scale of that blockchain.2 Given the need for blockchains to evolve over time in response to changing needs, Fred Ehrsam, the cofounder of Coinbase, has stated that "governance is the most vital problem in the space (blockchains)."3

This post is the second of a two-part series on blockchains. The first part summarized some of the basics on blockchains and considered some important challenges facing the technology.4 This post provides a high-level overview of some of the issues involved in the governance of blockchains—that is, who decides whether a proposed change in the code of a blockchain should be adopted and by what process that decision is made. In particular, it focuses on the governance of those blockchains that seek to avoid reliance on trusted third parties. These public, permissionless blockchains allow anyone to write to and read from the contents of the blockchain (although some of the data may be encrypted) and to participate in their governance. These blockchains, which I will call permissionless blockchains, create the potential for radically restructuring the financial system. However, the philosophy of openness and resistance to a central authority (beyond the blockchain code itself) limits the set of possible governance structures by ruling out structures that rely on a central authority to make changes.5

Conflicting interests
The governance of blockchains (or anything else) would not be a problem if everyone involved agreed on what should be done and how it should be done. However, as in most human endeavors, the interests of the various participants are not perfectly aligned, which can lead to conflicts that must be resolved.

Suppliers of the computing capacity needed to run the blockchain are one important stakeholder in permissionless blockchains. The suppliers are typically compensated for their efforts and, all else equal, benefit from increased demand for their services as a blockchain grows.6 However, the ultimate incentive of these suppliers is to maximize the value of their inputs. As with the suppliers of inputs into other production processes, blockchain suppliers in some circumstances may benefit from their blockchain using a more costly production process that results in lower output than is socially optimal.7

Two other important stakeholders are developers of applications that run on a blockchain and the applications' users. These stakeholders have a common interest in the blockchain using an efficient production process that minimizes the cost of using it. However, the rules governing a blockchain affect more than just its costs of operations—they also influence other service characteristics, such as the timeliness and security of the transactions. Moreover, user preferences across the different characteristics can differ significantly. For example, someone using the blockchain to provide critical financial infrastructure may well have priorities across blockchain rules that differ from someone using a blockchain to run a virtual game such as CryptoKitties.8

A third stakeholder for the typical permissionless blockchain includes those who hold (own) its cryptocurrency. These stakeholders benefit from the appreciation of their cryptocurrency, which is correlated with the usefulness of that cryptocurrency as a medium of exchange. Its usefulness is likely to be at least somewhat correlated with blockchain usage. However, the cryptocurrency holders do not internalize all of the benefits or costs associated with a blockchain. In this respect, cryptocurrency holders can be compared with the shareholders of a corporation, which have both a residual claim on the firm's assets and hold ultimate governance power.9 As the residual claimants on the value of a corporation, shareholders have an incentive to use their governance power to maximize the value of their firm by producing the outputs with the highest value using inputs in the most cost-efficient manner.10 However, the blockchain itself is just a piece of code; it does not produce a measure of its value creation similar to corporate profits that can be distributed to its cryptocurrency holders. Moreover, cryptocurrency holders' evaluation of alternative blockchain rules is likely to be influenced by their role as users of the blockchain to hold and transfer their cryptocurrency.

Thus, governance is important for blockchains because their stakeholders have conflicting interests. Ideally, their governance structure would be designed so that those holding governance power would fully internalize the costs and benefits of their decisions. Arguably, this condition holds for corporate governance as those with the ultimate control, the shareholders, benefit from producing more higher-value products at lower cost. No such single party exists for blockchains.

Governance structures
The governance of permissionless blockchains must not only mediate conflicting interests, it must also do so within some important constraints if it is to operate efficiently without relying on a trusted third party. To avoid relying on a trusted third party, no individual or small group of individuals should have control. On the other hand, only a limited set of people are capable of evaluating changes to a blockchain. Any change is likely to raise technical programming issues, and major changes in rules may have significant economic implications. Ideally, the people involved in a blockchain's governance should have a good understanding of both the technical and economic issues.

In practice, blockchain governance structures come in two general forms: off-chain governance and on-chain governance.11 Any proposed change to a blockchain with off-chain governance requires users running the blockchain to manually update the software to incorporate that change.12 Conversely, blockchains with on-chain governance have governance rules coded into the blockchain's protocol such that if the governance rules approve a change, the change will automatically go into effect for everyone running that blockchain. Both forms of governance have some advantages and some weaknesses.

Off-chain governance
Bitcoin and many other blockchains use off-chain governance. The use of off-chain governance places the ultimate decision on whether or not to adopt a coding change in the hands of the individuals supplying the computing capacity needed to run the blockchain (hereafter called miners).13 Leaving the decision to the miners opens up the possibility that some will adopt the change and others will not, resulting in a blockchain being split into two different blockchains with different rules. The potential for such forking has some important implications for governance and for the usefulness of such blockchains as financial infrastructure.

The potential for a blockchain to fork allows app developers and blockchain users to protect their interests from adverse actions by the blockchain's miners. For example, suppose most but not all miners decide to adopt a code change that benefits them at the expense of the users and app developers. In this case, the users and app developers could continue to use the original blockchain code being run by those miners that did not adopt the change. Those miners that adopted the change would then lose the demand for their services from the users and app developers that remain with the original chain. Moreover, the mere threat of such a split creates an incentive for miners to consider the interests of application developers and users when adopting changes to blockchain code.

However, the potential for a blockchain to be split into two blockchains also poses some problems of its own. A general problem with blockchains splitting is that the split reduces the network effects—that is, the externalities gained from associating different users on a single blockchain.14 A further serious problem may arise if the blockchain being split is used as the authoritative record of the ownership of financial or physical assets. As Paul Brody from the consulting firm EY writes, digital tokens representing real-world assets "need to be quite specific about what constitutes the 'primary' or 'original' blockchain on which the token is located." The existence of two or more blockchains claiming to control the same financial or physical asset would lead to conflicts over who is the actual owner. Brody observes that this need for ownership to be represented on a single blockchain is likely to reduce the potential for splitting a blockchain. Splitting lessens the chance that users "will come to alternative paths."

On-chain governance
On-chain governance solves the problems of splits in the blockchain but raises the question of who controls the on-chain governance procedures. In practice, blockchains that rely on on-chain governance typically provide for some form of voting by those with some stake in the blockchain, most commonly those holding the blockchain's cryptocurrency. The intent is to allocate governance rights to those with a stake in the success of the blockchain while retaining the off-cited permissionless blockchain advantage of independence from any single trusted authority.

Although that goal is well-intentioned, on-chain governance does not necessarily prevent decisions from being made by a small group of people. Nor does it necessarily insure that the decision makers are adequately informed and motivated by the overall health of the blockchain.

The concerns about control by a small group arise, in part, from the problem of how to allocate votes. The one objectively identifiable group that has an interest in a blockchain is the holders of its cryptocurrency. However, reliance on this group for governance decisions is likely to result in those with the most coins (the greatest wealth invested in the cryptocurrency) having the largest say. Haseeb Qureshi, general partner at MetaStable Capital, observes that allocating votes to coins is necessary because it is not possible on blockchains to follow a one-coin-holder, one-vote rule because most blockchains are not designed to identify individual holders of their cryptocurrency.15 This problem is compounded by low voter participation rates, as noted in a post by Vitalik Buterin, co-founder of Ethereum; one important vote on the Ethereum chain drew only 4.5 percent of the voters. As a result, it may be possible for a few people with only a very small percentage of all coins to control an election.

Qureshi and Buterin also raise concerns about the competence and motivation of coinholders. Quershi refers to blockchains as "experimental software" and says that administering blockchains requires the solution to some hard, technical problems. Quershi points to the management of comparable technical projects, such as is done by the Linux Foundation, and notes that the governance of these projects does not look like a democratic institution. Buterin comments that coinholders are only one class of stakeholder, and their interests may collide with other interests.

Some enthusiastic advocates of blockchain technology predict that someday the code in permissionless blockchains will replace the need for trusted third parties in our financial system. However, the decision on what computer code will be included in any given blockchain is one that must be decided by humans. This post discusses several issues related to both the stakeholders who may be involved in blockchain governance and the process by which those stakeholders make governance decisions.

In evaluating alternative blockchain governance systems, it is important to remember that perfection is an unattainable standard for human institutions. However, if permissionless blockchains are to replace existing financial infrastructure, the standard for acceptable governance must be high as financial infrastructure problems can spill over into the real (nonfinancial) economy with severe consequences.16 Whether permissionless blockchain governance can meet the standards expected for critical financial infrastructure remains to be seen.17 As with many other aspects of permissionless blockchains, their governance structures are still a work in progress.

Larry D. Wall is executive director of the Center for Financial Innovation and Stability at the Atlanta Fed. The author thanks Scott Frame, Brian Robertson, Simon Saval, and Warren Weber for helpful comments. The views expressed here are the author's and not necessarily those of the Federal Reserve Bank of Atlanta or the Federal Reserve System. If you wish to comment on this post, please email


1 Most of the blockchain examples in this post are drawn from the two most influential public permissionless blockchains: bitcoin and Ethereum. These blockchains are designed, however, to serve very different purposes. Simple descriptions of the workings of bitcoin and Ethereum and their intended uses may be found here and here

2 An article by Patrick Murck, a fellow at the Berkman Klein Center at Harvard University, discusses the governance issues around both Ethereum’s handling of the DAO and bitcoin’s transaction capacity. See also my post on smart contracts for a discussion of some of the issues related to Ethereum and the DAO.

3 The problem of dealing with “unknown unknowns” in blockchain is the subject of a post by Shermin Voshmgir, director of the Research Institute for Crypto Economics at the Vienna University

4 See also a post by blockchain engineer Preethi Kasireddy for a more in-depth discussion of the challenges facing public blockchains and some possible responses.

5 In contrast, permissioned blockchains accept transactions only from a previously identified group of agents, where each of the agents is willing to place some trust in the other agents. Individual permissioned blockchains also need to establish their own governance rules. However, more centralized control structures are possible for permissioned blockchains as these blockchains are typically created for a well-defined purpose and the participants in the blockchain have already shown they have at least some trust in each other.

6 The suppliers of computing capacity are typically compensated in one or both of two ways. First, a blockchain with a cryptocurrency may be structured so that new cryptocurrency is created and provided to the suppliers for their work. Second, the users of the blockchain may pay the suppliers of the computing capacity to have their transactions recorded on the blockchain.

7 One interpretation of the ongoing conflict over increasing the scale of bitcoin is that the miners (those solving a cryptographic problem) are seeking to use a production process that reduces potential output but increases payments from those who want their transaction added to the bitcoin blockchain. See a post recounting part of the controversy by former Bitcoin blockchain developer Mike Hearn.

8 CryptoKitties runs on the Ethereum blockchain. At times, this game has generated so many transactions that it slowed the rate at which other transactions could be posted to that blockchain. A post by ConsenSys, a developer of applications on Ethereum, provides a post-mortem on the problems CryptoKitties caused.

9 In practice, senior corporate managers have considerable governance power in large, public corporations. Blockhain developers are a rough equivalent of corporate management for blockchains. Before the governance structure of a blockchain can adopt new rules, new computer code must be written to implement those rules. A blockchain’s developers are the people who write this code. The role of developers in blockchain governance is very important but beyond the scope of this post. A paper by St. Mary’s University professor of law Angela Walch discusses some concerns associated with relying on the bitcoin developer model to supply financial market infrastructure.

10 Note that shareholder value maximization is not the same as short-term profit maximization. For example, in many cases, a firm may maximize short-term profits by deferring maintenance and reducing investment (including investment in research and development). However, to the extent these actions reduce future profits, they are likely to reduce the value of the corporation to its shareholders.

11 A post by Vlad Zamfir, researcher at the Ethereum Foundation, makes the important point that, in practice, governance includes not only the formal rules but also the informal expectations and interactions of many participants. Although he makes this point in the context of blockchains, the point is widely applicable to a variety of governance procedures ranging from corporate boardrooms to representative democracies. Nevertheless, the formal rules of governance are important because they have both a direct impact on how decisions are made and an indirect impact by influencing the terms on which informal interactions occur.

12 As a blog post by Ethereum cofounder Vitalik Buterin emphasizes, some sort of coordination mechanism is important for blockchain governance. He notes that one way off-chain governance structures can obtain this coordination is by allowing nonbinding (or “loosely coupled”) votes by coin holders.

13 The term “miners” is ordinarily used for those who supply the computing capacity to solve the cryptographic problem embedded in blockchains that rely upon a consensus method called proof of work. For the purposes of this discussion, I am using the term as a shorthand for anyone supplying computing or data storage capacity vital to the operation of a blockchain. For example, this definition is intended to include those nodes that validate blocks and the “forgers” who can write new blocks in proof of stake blockchains.

14 Network effects arise when the value of a network (such as a blockchain) increases as the number of people who use it increases.

15 Permissionless blockchains typically do not store information on the holders of their cryptocurrency, which provides those holders with some level of privacy.

16 Both a paper by the Committee on Payments and Market Infrastructure of the Bank for International Settlements and a paper by a number of Federal Reserve staff members highlight the importance of governance in payments systems.

17 An interesting question that is beyond the competency of this nonlawyer is whether a blockchain that otherwise meets the standard as a systemically important financial market utility could be so designated by the Financial Stability Oversight Council under current United States law and, thus, be made subject to Federal Reserve regulation.