A Note On Censorship Resistance
Originally published on 4 October 2018.
TL;DR
Cryptocurrencies have been designed to provide censorship resistance - the ability to do things others wouldn't let you do. This property comes at a substantial cost, which may outweigh the benefits for many use cases.
What is censorship resistance?
Censorship resistance is one of those terms that keep floating around the cryptocurrency space for the lack of a more suitable alternative, without being well defined or conceptualised.
So what do people mean when they refer to censorship resistance?
Many things, it turns out. For the sake of simplicity, I will define censorship resistance here as
the ability of doing things that others wouldn't let you do.
This simple definition implies the presence of third parties ("others") that are actively trying to prevent someone ("you", the user) from performing a specific operation.
Note that the definition is purposefully kept broad: an "operation" can essentially mean any type of action, such as logging into an account, making a payment, or sending a message.
Deconstructing the concept
The term (and definition) can be further deconstructed.
I tend to use the term "censorship resistance" (likely inaccurately [1]) as an umbrella term to refer to a set of characteristics, which can be summarised as follows:
In a censorship-resistant system, there is no single party that can unilaterally...
1. Change existing rules
2. Prevent a user from performing a specific operation
3. Freeze user accounts
Characteristic (1) assumes that no single party is able to gain sufficient influence over the system so that it can easily change the existing ruleset - either by adding new restrictive rules or by removing existing rules.
Characteristic (2) affirms that no single actor in the system can unilaterally block or censor transactions (i.e. instructions waiting to be executed), at least not permanently. This is identical to the core definition provided in the previous section.
Characteristic (3) asserts that no single entity can unilaterally freeze user accounts and confiscate user property.
What about "decentralisation"?
So, how does a system become censorship-resistant?
Simple: by preventing a single party from gaining sufficient influence and power over the system - a.k.a. "decentralisation".
It follows that, contrary to popular beliefs, "decentralisation" is not a goal in itself, but rather a means to an end, with the end being - as you might have guessed by now - censorship resistance.
A system can thus be considered censorship-resistant if it is sufficiently decentralised so that no single actor can reach a dominant position that would allow breaking any of the three characteristics described in the previous section [3].
Now, decentralisation is a multi-faceted and ill-defined concept. There have been many attempts at explaining the concept (see for instance Sarah Jamie Lewis's tweetstorm or Vitalik Buterin's blog post), as well as quantifying its level using a set of seemingly objective metrics (see for instance Balaji Srinivasan's Minimum Nakamoto Coefficient).
While an interesting thought exercise, I think that decentralisation needs to be assessed qualitatively, which inevitably introduces subjectivity (e.g. see this Twitter thread for a humble proposal).
I plan to write a blog post in the future that dives into the "decentralisation" concept in more detail. In the meantime, I refer interested readers to Tony Sheng's excellent blog post.
Enter cryptoassets
How does all of this relate to cryptoassets?
Well, it turns out that cryptoasset systems have been specifically designed (at least initially!) to provide censorship resistance. This property enables cryptoasset users to route around obstacles existing in traditional platforms and applications.
Let's take Bitcoin as an example: a global censorship-resistant value transfer system ("Bitcoin"), based on an artificially scarce, unseizable digital asset ("bitcoin").
In Bitcoin, there is no entity (e.g. developer, user, company, organisation, institution, ...) that can unilaterally change consensus rules, such as the 21 million coin limit or the block size. Similarly, there is no single entity (e.g. miner) able to unilaterally block payments of specific users - unless they control a majority of the hash rate, that is [2]. Finally, no single entity in Bitcoin (e.g. developer, miner) will be capable of unilaterally freezing a user's "account" and seizing its bitcoin, as long as the user retains full control over funds (i.e. controls the private keys).
You can extend the same mental model based on the three characteristics of censorship resistance onto other cryptocurrencies: for example, replace "payments" with "executable computer programs, and you have Ethereum. Substitute "file storage" for "executable computer programs", and you've got Filecoin.
You get the picture.
Final thoughts
In a future blog post, I will argue that cryptocurrencies' main value proposition(s) can be divided into two categories:
(a) Enable users to do things they otherwise couldn't do.
(b) Enable users to do things others wouldn't let them do.
Category (a) refers to the lack of a working/practical alternative. Category (b) refers to what this blog post is all about - censorship resistance.
As (public) blockchains tend to become victims of their own success, growing platform usage will lead to higher fees and longer confirmation times. This will eventually crowd out all use cases pertaining to category (a), with censorship resistance remaining as the sole value proposition.
The major question then becomes whether the benefits derived from censorship resistance outweigh the costs engendered by decentralisation. Measuring the costs is fairly simple. Quantifying the benefits not so much.
I guess that's a topic for another blog post.
Footnotes
[1] I had an interesting conversation with Federico Tenga at the 2018 Baltic Honeybadger conference in Riga about the use of "censorship resistance" as an umbrella term. Federico suggested that only characteristic (2) would effectively refer to censorship, whereas the other two would conceptually fit more accurately "trustlessness", or "trust-minimisation".
[2] Some will argue that less than 51% are required to perform a successful attack. While this is true, the implications will be similar: a loss of trust in the system, leading to a severe price decline, which destroys miners' investment in equipment and facilities. In short, Bitcoin's game theory in full play (simplified, of course).
[3] Being a multi-dimensional concept, "decentralisation" is not binary but operates on a spectrum, instead. It is worth noting that there is no such thing as "absolute" decentralisation in this world: the best you can achieve is "reasonable" or "sufficient" decentralisation, and that is subject to the specific use case requirements (and your objectives)