By Mehdi Touzani –Lawyer at the Paris Bar. Blockchain Expert.
Personal researches, practical example of Company X’s PoA, with an Epilogue.
General definition of Proof Of Authority
In PoA-based networks, transactions and blocks are validated by approved accounts, known as
validators. Validatorsrun software allowing them to put transactions in blocks. The process is automated and does not require validatorsto be constantly monitoring their computers. It, however, does require maintaining the computer (the authority node) uncompromised. The term was coined by Gavin Wood, co-founder of Ethereum and Parity Technologies.
In brief, PoA involves “approved accounts” who “guarantee” the “integrity” of the “authority node”.
Usage of PoA
A Proof of Authority aims at avoiding the risks of fake transactions organized by a majority group of miners to fraudulently receive crypto-funds. By “pre-validating” transactions
A secondary usage is to cut the costs of public transactions by registering a single transaction on the public
Implementation of PoA
Oxford dictionary, definition of “authority”
“The power or right to give orders makes decisions, enforce obedience, official permission or sanction”
Smart-contracts simply need to be compatible with each other. The relationship is better visualized as a “request/authorization” relationship rather than “order/obedience”.
B// Different Levels of Authority
A proof of authority can be used for different purposes, from simple cost cutting technics (similar actual authority as “
Objectively, it means that there are different levels or types of authorities that can be implemented, to either interconnect or to separate networks.
A lower level PoA is closer to a “Proof of Work prior to another Proof of Work”, without any intent to generate actual authority but mainly to cut costs by grouping transactions (a cryptographic authority prooves content of blocks). It can be a PoA recognized by the users of a particular system, but without any kind of value outside the system and/or on another Blockchain. For example, items valid in a game, but not in other game.
A higher level PoA extends the node-authority to external entities, which can be other Blockchains (interconnexions allowed at certain conditions/standards/standardized certificates), or even legal authorities of the physical world (which have their own standards to recognize or refuse the value of a record as an “evidence”: the PoA must comply to be admitted).
C// “With great power comes great responsibility”
When there is no accountability, authority is not complete. It is fragile or inexistent.
If the Authority is neither accountable nor liable, it should not be able to issue a Proof of “actual Authority”, ie recognized as valid outside the ecosystem of a network in particular.
If the Proof of Authority does not contain actual authority, it should remain at the level of a type of Proof of Work which is used to generate a secondary PoW on another system (PoW to PoW). It can also be a proof of stake, without further Authority than the binding power of the stake itself. As such, Proof of Stake can sometimes be an opportunity to corrupt the authority.
D// Stronger Authority should embrace liability to feed a higher standard of trust.
Liability of the validators appears to be the primary component to deserve the privilege to give an “actual authority” to their action.
Embracing their responsibilities means that the validators are aware of their role, believe in their mission, and accept all that their misbehaviors bears consequences, that can range from simple warnings, temporary bans, or even jail sentences, and of course a deletion from the list of approved authorities.
E// Is Authority compatible with Stake?
Authorities may have a stake in the system . It is natural to receive compensation for work.
But, if the Authorities have a stake in the system, it can be problematic to remove that stake, in particular when the stake is high. It is as problematic when the stake is too low.
If the State/Governance does not provide a sufficient stake for the authorities, AND if the State/Governance is too weak to control and enforce sanctions, then the authorities are likely to use their authority to raise their stake, in a manner that is not intended by the governance.
Corruption (at large) derives from an abuse of authority. When corruption is deeply rooted in the system, it is difficult to remove because the corrupted authorities will not accept it: the corrupted behavior has become the Stake without which the system stops working (nobody’s interested in making it work anymore).
In conclusion, authority is not incompatible with stake as long as it ensures that the system works in the uncompromised way that is intended by the Governance.
F/ ANALYSIS OF COMPANY X’s PoA (actual ICO)
The platform uses Proof of Authority, so the computing power is irrelevant to the process of blocks creation and will not increase with time. This is substituted with miner’s authority (..)
Miner is an owner of 10,000or more tokens, who has applied for mining participation. Minersmaintain the functionality ofCOMPANY X blockchain system.
5% of the payment for all files, entries of which are contained in the block, is distributed.
Authority derives from a stake (10 000 tokens or more) and is a Proof of Stake acting as “Authority” over subsequent public PoW.
It’s all about being rewarded. Stake is the only condition of Authority. Stake proves mining privileges.
It works like this:
Proof of Authority = PoS + Opt-in.
BUT Opt-in = for stake (making the sys working for more profits, token valuation etc).
Then : Opt-In derives from Stake, and Authority derives from Stake.
So, the only criteria to become a miner is the Proof of Stake.
The subsequent PoA means nothing but a Proof of Stake.
Because stake is the only condition to acquire Authority.
The “Proof of Authority” implemented by COMPANY X is construed as a “Proof of Stake prior to a Proof of Work ”, from a Private Blockchain to a Public Blockchain.
Authority is entirely derived from a stake in the system.
There are no “validators” in COMPANY X, only miners; this is the meaning of the sentence “substituted with miners’ authority”.
The “actual authority” (guarantee of integrity) lies less in the hand of the “substituted miners” than in the encryption and the Ethereum VM. The validators do process the system by mining, but do not improve the guarantee provided by the encryption engines.
It is not expected from miners to take any action in case of compromission (or at least, this information does not exist in the White Paper). Are they even able to detect a compromission ?
They simply mine the private blockchain and get rewarded for that. Their role is passive in terms of protection of integrity.
The only certainty offered by the current PoA is that the validators are corporations or individuals interested in maximizing profits by mining (stake in all operations supposed to guarantee commercial success of the whole system by attracting new stakers to maximize current miners’ stake).
The founders assume that the stake will be enough to ensure that miners “maintain” the system, as they need to seduce new users to increase their revenues, and users will not come if the system is corrupted. It’s logical but also partial.
There is no liability or sanction detailled for cases of abuse of Authority.
As a consequence, in its current description, the Proof of Authority implemented by COMPANY X is minimal, is merely a Proof of Stake, and actual authority is inexistent, except to prove the stake.
Absence of actual authority is reinforced by the fact that miners come in the system for the reward and may leave at any time it if these expectations are not fulfilled or if they sell all their tokens (for a profit or not). It is also possible to take over the system by purchasing all mining-tokens.
Investors could argue that they have invested precisely because there is no sanction and because the role is passive, saved the need to use the system to make it run in the background to make money. This is also valid but it is only 1 of the two conditions of the Proof of Authority.
In Conclusion, the PoA has no actual authority and is similar to a Proof of Stake.
It is acceptable that a PoA remains without actual authority, as it is primarily an exchange of cryptographic signatures between nodes proving that “something” has been mined correctly on a private blockchain.
But it must be stressed that we are talking about a project that aims at collecting a large number of personal and corporate documents from “a maximum number of users”, in other words, a very high volume of sensitive and sought-after data.
And the value of such data could become much higher than the stake provided by the system.
The value of the tokens itself is not a valid argument to say that the system is protected by the high amounts of capital required to purchase all tokens of all miners. At some point, tokens are sold at prices that can be afforded.
Long before the “malicious acquisition suceeds” the Governance could have little other choice as shutting down the system, for the sake of protecting the stored data. It does not seem coherent with the ambitions of the founders (hard cap 80 m€) that such issues have not been adressed.
In any case, Stake is the entry point to Authority: a complete take-over of the mining roles is easy to achieve through the purchase of all available mining-tokens, once the system is full of valuable data.
With such a high level of risks and responsibility toward the users of the system, it is not acceptable that the founders adopted a PoA of such low quality: they did not include – or even evoke – a mechanism of sanction or “downgrade” of the validators by the community of users and/or the other validators/miners and/or the Governance of the Private Blockchain.
The company’s ICO did not reach its soft cap (4.7 millions vs 5 millions required). MDTI Legal bears no responsability in the failure of this ICO because this article was not published before it was obvious that the ICO had failed and the project lost or postponed.