Code, Law, and the Nature of Consensus

On cryptonetworks, is code law, or is it all social consensus? The answer is yes. Let's explore why.

 
The tweet which inspired this post. Let’s explore why my answer is, "Actually, both are true.”

The tweet which inspired this post. Let’s explore why my answer is, "Actually, both are true.”

 

What is law?

We have to start by understanding what we're calling "law." Do we mean "law" like the human legal system? Or do we mean "law" like the laws of physics?

Legal law is man made. It changes by social consensus, through systems we generally call politics.† During prohibition, it became illegal to drink alcohol. Today, it's not.

Physical law is intrinsic to the nature of the universe. It simply can't be changed. No one will ever succeed in traveling faster than the speed of light by convincing people they should be able to. If anyone ever does travel faster than c, it will be by gaining a deeper understanding of laws of physics, not by breaking them.

In short, physical laws are part of base reality. Legal laws are not.

In the digital realm, there is no base reality. The internet is natively Post Modern. All is simulacrum.

If you follow me on Twitter, you're made to believe my name is Ben DiFrancesco, that I'm a nerdy dad, and that I have red hair and a big nose. How do you know this is true? You don't. Unless, of course, we've met in person. Claims of Truth in the digital realm have to be settled in the real world.

In many scenarios, this fact about the nature of the digital world is fine, or even advantageous. In other areas, it makes things unworkable. Money falls into the latter category.

The Physics of Money

In the real world, how do you know I have a piece of gold to give you? You can simply observe that I have it. How do you know it's really gold? You can inspect its physical properties. How do you know that gold is scarce to begin with? The laws of the universe make it such. Verifying these facts does not require trusting me. They're enforced by the laws of base reality. This is what makes gold good money.

 
gold-bars.jpeg
 

None of this is possible online. That's why, until Bitcoin, all forms of "digital" money relied on settlement in the real world through trusted entities. There was no other way to make it work. So how did Bitcoin achieve this feat?

Bitcoin leveraged cryptography to push a bit of physical reality into the digital realm. Perhaps a better way to say it is this: cryptography shows us where the abstractions of the digital realm bump into the physical reality that undergirds it.

The digital realm, after all, is instantiated on physical computers. Those computers have to obey the laws of physics and math. Cryptography, then, lets us verify certain kinds of truths digitally, but it does so explicitly by relying on the physical boundaries of the digital realm.

We might, then, be tempted to say that this explains how Bitcoin, and other cryptonetworks, make "code" into "law," meaning “law” like the laws of physics. We might say, "Bitcoin makes code into law by leveraging cryptography, which in turn leverages the physical reality of digital existence." This would be wrong, though. Cryptography alone does not get us digital money, digital scarcity, or digital ownership.

The kinds of truths that cryptography lets us verify are very specific. We can know, for example, things like "the hash of this data computes to this sequence of bytes." We can also know things like, "someone with access to an unknown private key, corresponding to some known public key, has signed the contents of a given message."

What we can't verify using cryptography alone are claims like "I just sent you 0.1 Bitcoin." How then, does Bitcoin work?

The Social Consensus is that Code is Law

Satoshi combined the kinds of truths cryptography does let us verify with a peer-to-peer network and a system of incentives. The result isn't a network that's impossible to change via social consensus, just one that's very hard to change via social consensus. That's due to the network's decentralization.

Folks in crypto are rightly obsessed with the concept of decentralization for exactly this reason. If cryptography alone were enough to give us digital scarcity, we wouldn't need to worry about decentralization at all.

This is, fundamentally, where the confusion about “code is law” vs. “social consensus” arises. The two are not actually opposed, but exist together in a mutually reinforcing way. Satoshi used cryptography and peer-to-peer networking to bootstrap social consensus on the idea that code is law. Or, in Twitter meme format:

 
Nicely said.

Nicely said.

 

Bitcoin is a system that's so decentralized, achieving social consensus to change it is nearly impossible. The code doesn't guarantee this because it can't. Ultimately, what code I run on my node is an extension of my will— a social decision. If enough people run code that breaks the rules, the rules are broken.

What the code does do is create a system where I can credibly believe social consensus to break the rules won't happen. The code creates social consensus that social consensus won't be used to change the code.

If this all seems rather circular, that's because it is, but not in a bad way. It's circular in a good way, as in a self reinforcing network effect. The more people who believe a network is credibly neutral, and choose to participate in that network because they do, the more credible the network's neutrality becomes.

So is code law, or is it social consensus? Hopefully, by now, you understand why the answer is yes.

Layer 0

There is one final, and rather important point, that needs to be made. This isn't just some philosophical chicken-and-the-egg type discussion that can go on endlessly. There is an answer to the question, "In the final analysis, does a cryptonetwork’s security rely on code or on social consensus."

The answer is social consensus. It is the “layer 0” of decentralized cryptonetworks.

It's critically important that we remember this as crypto moves into the next phase of global adoption. Before I explain why, let me bolster that claim with a bit of empirical evidence.

In 2010, someone used an overflow bug in Bitcoin's codebase to mine a block that created 184 Billion new Bitcoin. Five hours later, Satoshi released new node software that rejected blocks with overflows. The Bitcoin community, being small at the time, achieved social consensus on the newly encoded rule. Since enough users adopted the change, the blockchain soft forked to remove the transaction in question.

An even more telling example is Ethereum's infamous DAO hardfork in 2016. In said incident, a bug in a smart contract— not in the protocol itself— allowed a malicious entity to steal nearly 5% of all the Ether then in existence from the DAO's smart contracts.

Less than a month later, the Ethereum community achieved social consensus on an irregular state change that transferred the Ether out of the hacker's account, and into a pool where DAO participants could reclaim it. The change was so contentious, the network actually split, with a minority of the community refusing to confiscate the funds, resulting in a network called Ethereum Classic. While Ethereum Classic still exists today, its usage, adoption, and value have languished. The hacker may have kept his ETC, but he lost his ETH.

It can't be overstated how clearly these incidents demonstrate that the laws of cryptonetworks are nothing like the laws of physics. If an alchemist were ever to succeed in finding a way to transmute iron into gold, no amount of social consensus could undo the chemical reaction. If a thief breaks into Fort Knox and takes all the gold stored there, no amount of social consensus will ever make the gold teleport back into the safe.

Why is it so critical, then, that we remember this reality moving forward? As crypto's adoption grows, it will threaten the status quo. Those of us who want to see these networks succeed need to understand what will ultimately threaten them.

Defending Consensus

The biggest threat to crypto isn't that it's hacked or attacked at the technical level, but rather that it's co-opted at the social layer by those with the power to nudge the narrative in their preferred direction.

Imagine, for example, if a technical flaw in the SHA256 hashing algorithm was uncovered by the NSA and used to wreak havoc on Bitcoin mining. The most likely result in such a scenario is that broad social consensus would emerge around forking to a new algorithm and restoring the network to a state before the attack began. It would be bad, but likely survivable for Bitcoin and crypto as a whole.

On the other hand, if a mostly-centralized proof of authority network— one that imported the Bitcoin UTXO set as its starting point— was adopted in a coordinated way by banks, centralized exchanges, and governments who all began claiming they'd "solved the Bitcoin energy problem for the sake of preventing a climate disaster," the final outcome would be far murkier.

In that scenario, the "real" proof of work Bitcoin would almost certainly continue to exist. But such a powerful and coordinated social attack— one using fear, uncertainty and doubt around a fiercely tribal issue like climate change— would likely convince many to support a "green" version of the network at the expense of decentralization. This is simply one scenario. If you don't find it plausible, so be it. The point remains that the largest threat to Bitcoin, and all of crypto, is a social attack, not a technical one.

In the end, what most people believe is the "real" Bitcoin, or the "real" Ethereum, or the "reality" reflected by any decentralized ledger, is entirely a matter of social consensus. If we forget this, and pretend as if "code is law" exempts us from the hard work of shaping and protecting this social consensus in the public square, the entire promise of the crypto movement is at peril.


† In the field of ethics, there's a theory called Natural Law, which posits the existence of a body of unchanging moral principles which undergird all human conduct. This is an idea I'm quite sympathetic to, but expounding on it in the context of this particular discussion was neither feasible nor relevant.