On Settlement Finality

In the ongoing debate between public blockchain and permissioned blockchain proponents, one of the major disputes centers around the issue of settlement finality. A simple property that a centralized system appears to have is the notion of "finality": once an operation is completed, it is completed for good, and there is no way that the system can ever "go back" and revert that operation. Decentralized systems, however, may provide this property probabilistically, within certain economic bounds, or not at all.

The concept of finality is particularly important in the financial industry, where institutions need to maximally quickly have certainty over whether or not certain assets are, in a legal sense, "theirs." If their assets are deemed to be theirs, then it should not be possible for a random blockchain glitch to suddenly decide that the operation that made those assets theirs is now reverted and so their ownership claim over those assets is lost.

Finality is Always Probabilistic

A very important philosophical point to make is that there is no system in the world that offers truly 100% settlement finality in the literal sense of the term. If share ownership is recorded on a paper registry, then it is always possible for the registry to burn down, or for a hooligan to run into the registry, draw a "c" in front of every "1" to make it look like a "9," and run out. Even without any malicious attackers, it is also possible that one day everyone who knows the registry's location will be struck by lightning and die simultaneously.

Centralized computerized registries have the same problems, and arguably an attack is even easier to pull off, at least if the security of the central bank of Bangladesh is any indication. In the case of fully on-chain "digital bearer assets" where there is no ownership other than the chain itself, the only recourse is a community-driven hard fork. In the case of using blockchains (permissioned or public) as registries for ownership of legally registered property (land, stocks, fiat currency, etc.), however, it is the court system that is the ultimate source of decision-making power regarding ownership.

The Courts as the Ultimate Source of Decision-Making Power

In the event that a registry fails, the courts can do one of two things. First, it is possible that the attackers find some way to get their assets out of the system before they can respond. In this case, the total quantity of assets on the ledger and the total quantity of assets in the real world no longer match up; hence, it is a mathematical certainty that someone with a finalized balance of x will eventually instead have to make do with an actual balance of y < x.

But the courts also have another alternative. They are absolutely not required to look at the registry in its standard presentation and take the results literally; it is the job of physical courts to look at intent, and determine that the correct response to the "c" drawn in front of the "1" is an eraser, not putting up one's hands and agreeing that uncle Billy is now rich. Here, once again, finality is not final, although this particular instance of finality reversion will be to society's benefit.

Empirical Evidence from Bitcoin

The practical relevance of the philosophical argument that all registries are fallible is strengthened by the empirical evidence presented to us by the experience of Bitcoin. In Bitcoin, there have so far been three instances in which a transaction has been reverted after a long time:

In 2010, an attacker managed to give themselves 186 billion BTC by exploiting an integer overflow vulnerability. This was fixed, but at the cost of reverting half a day's worth of transactions.
In 2013, the blockchain forked because of a bug that existed in one version of the software but not another version, leading to part of the network rejecting a chain that was accepted as dominant by the other part. The split was resolved after 6 hours.
In 2015, roughly six blocks were reverted because a Bitcoin mining pool was mining invalid blocks without verifying them.

Out of these three incidents, it is only in the case of the third that the underlying cause is unique to public chain consensus, as the reason why the mining pool was acting incorrectly was precisely due to a failure of the economic incentive structure (essentially, a version of the verifier's dilemma problem). In the other two, the failure was the result of a software glitch - a situation which could have happened in a consortium chain as well.

Finality in Proof of Work

Technically, a proof of work blockchain never allows a transaction to truly be "finalized"; for any given block, there is always the possibility that someone will create a longer chain that starts from a block before that block and does not include that block. Practically speaking, however, financial intermediaries on top of public blockchains have evolved a very practical means of determining when a transaction is sufficiently close to being final for them to make decisions based on it: waiting for six confirmations.

The probabilistic logic here is simple: if an attacker has less than 25% of network hashpower, then we can model an attempted double spend as a random walk that starts at -6 (meaning "the attacker's double-spend chain is six blocks shorter than the original chain"), and at each step has a 25% chance of adding 1 (ie. the attacker makes a block and inches a step closer) and an 75% chance of subtracting 1 (ie. the original chain makes a block). We can determine the probability that this process will ever reach zero (ie. the attacker's chain overtaking the original) mathematically, via the formula (0.25 / 0.75)^6 ~= 0.00137 - smaller than the transaction fee that nearly all exchanges charge.

Finality in Casper

The Casper protocol is intended to offer stronger finality guarantees than proof of work. First, there is a standard definition of "total economic finality": it takes place when 2/3 of all validators make maximum-odds bets that a given block or state will be finalized. This condition offers very strong incentives for validators to never try to collude to revert the block: once validators make such maximum-odds bets, in any blockchain where that block or state is not present, the validators lose their entire deposits.

Second, the fact that validators are pre-registered means that there is no possibility that somewhere else out there there are some other validators making the equivalent of a longer chain. If you see 2/3 of validators placing their entire stakes behind a claim, then if you see somewhere else 2/3 of validators placing their entire stakes behind a contradictory claim, that necessarily implies that the intersection (ie. at least 1/3 of validators) will now lose their entire deposits no matter what happens.

Law and Economics

However, these stronger protections are nevertheless economic. And this is where we get to the next part of Swanson's argument:

Thus, if the market value of a native token (such as a bitcoin or ether) increases or decreases, so too does the amount of work generated by miners who compete to receive the networks seigniorage and expend or contract capital outlays in proportion to the tokens marginal value. This then leaves open the distinct possibility that, under certain economic conditions, Byzantine actors can and will successfully create block reorgs without legal recourse.

Censorship Resistance and Other Practical Concerns

Another concern that is raised is the issue that public blockchains are censorship resistant, allowing anyone to send transactions, whereas financial institutions have the requirement to be able to limit which actors participate in which systems and sometimes what form that participation takes. This is entirely correct. One counter-point that can be raised is that public blockchains, and particularly highly generalizeable ones such as Ethereum, can serve as base layers for systems that do carry these restrictions: for example, one can create a token contract that only allows transactions which transfer to and from accounts that are in a specific list or are approved by an entity represented by a specific address on the chain.

The rebuttal that is made to this counter-point elsewhere is that such a construction is unnecessarily Rube-Goldbergian, and one may as well just create the mechanism on a permissioned chain in the first place - otherwise one is paying the costs of censorship-resistance and independence from the traditional legal system that public chains provide without the benefits. This argument is reasonable, although it is important to point out that it is an argument about efficiency, and not fundamental possibility, so if benefits of public chains not connected to censorship resistance (eg. lower coordination costs, network effect) prove to dominate then it is not an absolute knockdown.

Conclusion

In conclusion, the concept of settlement finality is a crucial aspect of blockchain technology, particularly in the financial industry. While public blockchains may not offer 100% settlement finality, they can provide probabilistic finality within certain economic bounds. Permissioned blockchains, on the other hand, can offer stronger finality guarantees through the use of validators and economic incentives. However, these stronger protections are still economic and can be vulnerable to certain economic conditions. Ultimately, the choice between public and permissioned blockchains depends on the specific use case and requirements of the application.

Source: https://blog.ethereum.org/en/2016/05/09/on-settlement-finality