The content of this page has evolved over the years (check wayback machine for previous iterations) and was last updated in July 2019, with an excerpt from the book Token Economy which builds – among others – on the educational blogposts that have been published on this website since 2015.
Cryptoeconomics refers to the study of economic interaction in adversarial environments. The underlying challenge is that in decentralized P2P systems, that do not give control to any centralized party, one must assume that there will be bad actors looking to disrupt the system. Cryptoeconomic approaches combine cryptography and economics to create robust decentralized P2P networks that thrive over time despite adversaries attempting to disrupt them. The cryptography underlying these systems is what makes the P2P communication within the networks secure, and the economics is what incentivizes all actors to contribute to the network so that it continues to develop over time.
Before the advent of Bitcoin, it was commonly believed to be impossible to achieve fault-tolerant and attack resistant consensus among nodes in a P2P network (Byzantine General’s Problem). Satoshi Nakamoto introduced economic incentives to a P2P Network and solved that problem in the Bitcoin White Paper published in 2008. While decentralized P2P systems based on cryptography were nothing new – see Kazaa and BitTorrent – what these P2P systems before Bitcoin lacked was the economic incentive layer for coordination of the network of participants. Satoshi’s implementation of a Proof of Work (POW) consensus mechanism introduced a new field of an economic coordination game, now referred to as cryptoeconomics.
The underlying challenge of P2P networks of untrusted actors is how to deal with malicious network nodes in the absence of centralized parties securing the system. This is referred to as the “Byzantine Generals Problem.” A malicious node, also called a Byzantine node, can lie and intentionally mislead other nodes involved in the consensus process. One must always assume that there will be bad actors trying to disrupt any open and public network. How can such a distributed network reach consensus about which data is correct or which is not correct, or which process is true or false in such an untrusted setup? Byzantine failures are considered the most difficult class of failures in distributed networks. Reliable consensus mechanisms must have sufficient resilience to withstand DDoS (Distributed Denial of Service) attacks, “Sybil attacks,”11 and other cyber attacks. They must also meet “Byzantine Fault Tolerance” requirements. Before Bitcoin, it was believed to be impossible to achieve fault-tolerant and attack-resistant consensus among untrusted nodes in a P2P network.
Decentralized systems are less likely to fail accidentally because they rely on many separate components.
Decentralized systems are more expensive to attack and destroy or manipulate because they lack sensitive central points that can be attacked at much lower cost than the economic size of the surrounding system.
It is much harder for participants in decentralized systems to collude and act in ways that benefit them at the expense of other participants, whereas the leadership of corporations and governments collude in ways that benefit themselves but harm less well-coordinated citizens, customers, employees and the general public all the time.
For the first time in the history of distributed computing, Bitcoin introduced a mathematical solution to this problem with the introduction of a consensus mechanism called “Proof-of-Work.” Bitcoin’s “Proof-of-Work” showed how a resilient consensus protocol can be designed in a way that the economic cost of attacking a system is disproportionate to the benefit of doing so. This makes counterfeiting or censorship economically unprofitable. “Proof-of-Work” sparked a new field of science around economic coordination games using cryptographic tools, also referred to as “cryptoeconomics.” It can be described as the study of economic interaction in untrusted environments, where every actor could be potentially corrupt. The Bitcoin blockchain is the first practical instance of cryptoeconomics. It produces “trust by math” rather than “trust by human discretion” or “trust by default of a legal contract.”
Cryptoeconomics applies economic mechanisms in combination with cryptography, to create robust decentralized P2P protocols. Cryptoeconomics is therefore interdisciplinary and requires a deep understanding of cryptography as well as economics. Economic mechanisms introduced a protocol that enables a universal state layer, something computer-science alone, before the emergence of Bitcoin, did not accomplish. Bitcoin and derived public and permissionless blockchains are products of cryptoeconomics. Cryptographic tools in combination with economic incentives are used in a way to make the economic cost of wrongdoing disproportionate to the benefit of doing so. The mechanism is designed to make the network fault-tolerant, and attack and collusion resistant. This allows entities who do not know one another to reliably reach consensus about the state of the Bitcoin blockchain.
Public-private key infrastructure hereby guarantees attack-resistant access control of one’s token. Hashing functions allow nodes to verify transactions that are done over the network. Both hashing functions and public-private key cryptography are also required for the economic coordination game called “Proof-of-Work,” to reward miners for adding truthful transaction blocks to the ledger. Cryptoeconomic mechanisms can provide a security equilibrium such that a distributed system is safe against attacks.
However, security very much depends on the strength of its assumptions about how people react to economic incentives. How people react to incentives has been a field of study in economics. Cryptoeconomics, therefore, has much in common with mechanism design, a field of economics related to game theory. Game theory analyzes strategic interactions, which are referred to as games. It tries to understand the best strategies for each player, and the likely outcome if both players follow those strategies according to the players’ utilities. Mechanism design defines desirable outcomes and works backwards to create a game that incentivizes players toward that desired outcome. While cryptoeconomics is interdisciplinary, it is a discipline that was predominantly developed in the computer science community. It seems that there is still much room to incorporate methods from various economic disciplines.
Network Security: Cryptoeconomic Mechanisms
“Proof-of-Work” is the consensus mechanism of the Bitcoin Network and similar blockchain networks. It is a set of rules and processes that define how multiple nodes can reach an agreement on the true state of the network. It is designed in a way that if you spend money, and you play fair by the rules, you can make money. It doesn’t pay to cheat. In this setup, the miners, or mining computers, validate transactions and compete with each other to calculate a cryptographic hash of the next block. This competition is driven by a cryptographic puzzle where all miners compete to be the first to find a solution to a mathematical problem, where they have to find an input that gives a specific hash value. Miners hereby have to collect recent transactions and some metadata, verify the transactions, and run all the data through a SHA-256 algorithm. They must find a hash value which begins with a consecutive number of zeros. This means that they have to perform computational work to solve the puzzle, which is the reason why this process is referred to as “Proof-of-Work.”
The first miner that solves a mathematical puzzle can write transactions to the blockchain, creating the next block, and in return, they get a “block reward” for the costs incurred in the form of new network tokens. In the case of the Bitcoin Network, it would be Bitcoin (BTC); in the Ethereum Network, it is Ether (ETH). This means that all network participants that work toward adding blocks of transactions to the ledger can potentially earn network tokens (block reward plus potential transaction fees). At the time of writing this book, the reward for successful block creation in the Bitcoin Network is 12.5 BTC per block. The block reward gets reduced by 50 percent every 210.000 blocks, around every four years. The next “halving” of block rewards is in 2020. By participating in this race, miners collectively make sure that all transactions included in a block are valid.
To get a better understanding of how high economic costs of attacking or manipulating a network would be, it is helpful to check these websites, because they provide real-time information about how much it currently costs to attack blockchains and similar networks:
Online tool to check what it would cost to attack Bitcoin:
Online tool to check what it would cost to attack different blockchains:
A successful 51-percent attack could have the following impact: (I) change blocks by adding or removing transactions, which requires additional PoW, which means the older a transaction is, the harder an attack gets; (II) censor participants and therefore blocks; (III) send transactions and then reverse them; and (IV) change protocol rules.
Full text and high-resolution graphics available as paperback & ebook: Token Economy, by Shermin Voshmgir, 2020
About the Author:Shermin Voshmgir is the Author of the Book “Token Economy“ the founder of Token Kitchen and BlockchainHub Berlin. In the past she was the director of the Research Institute for Cryptoeconomics at the Vienna University of Economics which she also co-founded. She was a curator of TheDAO (Decentralized Investment Fund), an advisor to Jolocom (Web3 Identity), Wunder (Tokenized Art) and the Estonian E-residency program. Shermin studied Information Systems Management at the Vienna University of Economics and film-making in Madrid. She is Austrian, with Iranian roots, and works on the intersection of technology, art & social science.
About the Book: This is the second edition of the book Token Economy originally published in June 2019. The basic structure of this second edition is the same as the first edition, with slightly updated content of existing chapters and four additional chapters: “User-Centric Identities,” “Privacy Tokens,” “Lending Tokens,” and How to Design a Token System and more focus on the Web3. Blockchains & smart contracts have made it easy for anyone to create a token with just a few lines of code. They can represent anything from an asset to an access right, like gold, diamonds, a fraction of a Picasso painting or an entry ticket to a concert. Tokens could also be used to reward social media contributions, incentivize the reduction of CO2 emissions, or even ones attention for watching an ad. While it has become easy to create a token, which is collectively managed by a public infrastructure like a blockchain, the understanding of how to apply these tokens is still vague.
The book refers to tokens, instead of cryptocurrencies, and explains why the term “token” is the more accurate term, as many of the tokens have never been designed with the purpose to represent a currency. This book gives an overview of the mechanisms and state of blockchain, the socio-economic implications of tokens, and deep dives into selected tokens use cases: Basic Attention Token, Steemit, Token Curated Registries (TCRs), purpose-driven tokens, stable tokens, asset tokens, fractional ownership tokens, Libra & Calibra (Facebook), and many more.