blockchain technology for interorganizational
collaboration
Jari M. van der Steen [11752610]
Faculty of Science, University of Amsterdam, The Netherlands Master Thesis Information Studies: Business Information Systems
Supervisor: prof. dr. T. M. van Engers
Abstract. Interorganizational sharing and processing of data is becoming in-creasingly important with the movement towards a data economy. The aim of this thesis is to examine to what extent blockchain technology can be institution-alized in market and network governance structures with regard to data sharing and processing. The institutional model of blockchain technology is presented, suggesting that regulations, policies, agreements and smart contracts need to be integrated into the study of blockchain technology within different institutional frameworks. Insight gained from the model is then used to create an expert-vali-dated generic infrastructure for sharing and processing data using blockchain technology. The results provide evidence that encrypted data in both markets and networks must be stored off-chain, while reference to that data, which provides a digital audit trail of events, must be stored on-chain within smart contracts. The proposed system improves upon the transparency, immutability, verifiability, privity, enforceability and dispute resolution of traditional contracts.
Keywords: Organizational governance, Blockchain technology, Data collabo-ration, Institutional theory, Contracts law, Microeconomics, Smart contracts.
1
Introduction
Satoshi Nakamoto’s work in the field of blockchain technology, a type of distributed system, introduced cryptographic currency in the form of Bitcoin (Nakamoto, 2008). This blockchain technology concept has throughout the past few years been subject to further innovation in the field of cryptographic currencies1. However, blockchain tech-nology has been further developed for different purposes outside the field of crypto-graphic currencies by organizations such as Hyperledger2 and the Ethereum Founda-tion3. These developments have among others led to the distinction between permis-sioned and permissionless blockchains (Swanson, 2015).
1 The rapid developments in the crypto currency domain have led to a gold rush among investors as can be seen from the wide variety of currencies on https://coinmarketcap.com/.
2 https://www.hyperledger.org/ 3 https://www.ethereum.org/
The growth of the blockchain domain has led to many use cases for blockchain in the domains of, for example, supply chain4 and provenance5. Furthermore, blockchain has recently reached new heights with the cryptographic currency investment hype6. These and other factors have not gone unnoticed by the scientific community, leading to interest into studying various aspects of the blockchain technology (Yli-Huumo et al., 2016). Interestingly enough, these aspects rarely include the governance and insti-tutionalization of blockchain technology. The limited amount of work that has been done on the governance of blockchain technology has mainly focused on a generic type of blockchain, therefore not taking into account the differences in characteristics of public, consortium, private, permissioned and permissionless blockchains (Swan, 2015). The aforementioned research scope is insufficient, as it does not address the holistic organizational governance structures in which a blockchain implementation op-erates. An implication of this is that blockchain implementations are done without tak-ing into account the environment in which an organization engages in transactions, leading to an inability to sustain the organization in the long-term.
Recent work of Viktor Mayer-Schönberger and Thomas Ramge (2018) describes the movement from a monetary economy to a data economy in which data will replace the information-carrying value of currency. They argue that data sharing is crucial in order for this movement to succeed, since this will allow for new competition within markets based on algorithms and data that now are impenetrable for new market entrants. In their work they suggest that the market is superior to the firm and they describe how the market will replace the firm. Whether blockchains are able to support such a move-ment is yet unknown. To approach this knowledge, we should explore how blockchains function within market and network governance structures, if these blockchains differ in their architecture and if data can be shared and processed using the technology. This research seeks to bridge this gap in knowledge by exploring to what extent blockchain technology can be institutionalized in market and network governance structures with the aim of sharing and processing data.
Within subsequent chapters, discourse will consist of varying topics. The following chapter is the literature review, which aims to discover the underlying mechanisms of organizational governance, institutionalization and blockchain technology. At the end of the literature review, a conceptual framework is constructed to explain how block-chain technology becomes institutionalized. Thereafter, the methodology section will provide a blueprint on how this research was performed to improve upon reproducibil-ity. The subsequent chapter discusses the results themselves within the context of the preceding outline of the methodology, literature review and conceptual framework. This thesis ends with two chapters on the conclusion and discussion of this thesis.
4 https://www.ibm.com/blockchain/supply-chain/ 5 https://www.provenance.org/whitepaper
2
Literature review
Within this literature review the following three questions are answered: (1) What are the traditional forms of organizational governance and how do they differ when taking a transaction costs perspective? (2) How does technology become institutionalized? (3) Of which components is blockchain technology currently composed?
2.1 Governance structures, transactions and agreements
The aim of this section is to define the various organizational constructions with their corresponding attributes and boundaries in which a blockchain can potentially operate. This is done in order to ultimately determine how the sociotechnical structures, being the institutions combined with blockchain technology, should be organized.
The following definition of governance structures is used: “Governance structures [also referred to as organizational structures] – the institutional matrix within which transactions are negotiated and executed – vary with the nature of the transaction.” (Williamson, 1979, p. 239). This definition of governance structures suggests that the manner in which transactions take place defines the governance structure. Therefore, the theory of Transaction Cost Economics (TCE) is explored to further characterize these governance structures. TCE deals with the cost incurred by making an economic exchange, including search, matching, contracting and policy enforcement (Dahlman, 1979). Before exploring more specifics of transactions, the governance structures them-selves ought to be addressed.
Hierarchies, markets & networks. In the Economic Institutions of Capitalism, where
economic institutions refer to governance structures, Oliver E. Williamson (1985) iden-tifies the first two out of three governance structures, being the firm, also known as hierarchy7, and the market. While being ideal, not ultimate, governance archetypes, these are generally accepted in literature. Although many hybrid governance structures exist and are recognized by academia, there is no reason to include these within this research due to them simply employing attributes of both the firm and the market gov-ernance structures. The third govgov-ernance structure that is differentiated is the network. Walter W. Powell (1990) suggests that the network governance structure is distin-guished as its own type since it is remarkably different from hierarchies, markets and in-between hybrid structures. The rationale Powell provides for this distinction is that networks are primarily based on know-how, the demand for speed and trust. Principles of networks include favoring vertical disaggregation over vertical aggregation and the formation of partnerships. This separates networks from firms, due to firms favoring vertical aggregation to consolidate processes and to centralize decision-making in an effort to lower transaction costs. Within firms, mergers and acquisitions are preferred over partnerships and alliances, therefore restricting the previously established freedom
7 Hierarchies, or firms, will not be used in further analysis as mentioned in the introduction. However, to be clear on its differences with other governance structures, the hierarchy is a part of this literature review.
of the acquired organization with new boundaries. This results in a lessened flexibility compared to a situation in which the organizations would have engaged in a partnership. The improved flexibility a network has over the firm is noteworthy; however, a network cannot reach the degree of flexibility a market has. Furthermore, markets operate under low commitment among transaction partners through the use of prices as a means of communication, whereas networks work with medium to high commitment by utilizing relations. This is due to markets having a climate of suspicion and networks aiming for mutual benefits. Therefore, markets often work with property rights and networks work with complementary strengths.
Returning to TCE, critical dimensions for describing transactions are (1) uncertainty, (2) transaction frequency and (3) asset specificity, being the degree of required knowledge specific to a transaction (Williamson, 1981). Hierarchies, markets and net-works are classified along these dimensions in table 1, based on the work of Williamson (1985) and Powell (1990).
Table 1. Governance structures classified along the dimensions of TCE. Governance structure Uncertainty Transaction frequency Asset specificity
Hierarchy Uncertain Frequent Transaction-specific
investments
Market Certain Infrequent
Non-transaction-spe-cific investments
Network
Uncertain, alt-hough mitigated by mutual trust be-tween transacting parties
Varying, due to trans-acting more with trusted transaction partners and less with yet untrusted transaction partners
Transaction-specific investments
Ronald Coase (1937) argues that with reduced transaction costs and information asym-metries8, markets would be able to carry out all production. This is consistent with the argument of Mayer-Schönberger and Ramge (2018) that algorithmic matching leads to a reduction in asset specificity and uncertainty.
When adopting a TCE perspective it can be seen that networks have the unique prop-erty of mitigating the effects of opportunism because of the need for cooperation. In addition, much like the firm, networks are only partially influenced by the effects of bounded rationality. Bounded rationality implies that individuals are rationally limited to time and their cognitive capabilities when making a decision (Simon, 1972). Impli-cations of bounded rationality in this context are partially mitigated due to transactions being internalized within the network, hence reducing the need to create contracts that need to cover all possible contingencies.
Over the past decade network governance has further evolved, leading to the mani-festation of network governance subtypes. These types are the distributed network,
8 Information asymmetries refer to one transacting party possessing more information than the other, ultimately leading to the deterioration of the market in which the transaction takes place (Akerlof, 1970).
steered network and administered network and are presented in table 2 (Provan & Kenis, 2008; Assens & Lemeur, 2016; Antivachis & Angelis, 2015).
Table 2. Network governance subtypes.
Type Description Limitations
Distributed network
The distributed network is a type of network that is governed by its own participants.
Constraints on the number of partici-pants to ensure its manageability and to prevent against stowaways – those who are part of the distributed net-work and are not contributing. Steered
network
A steered network is a highly central-ized type of network governance, ena-bling all decisions to be coordinated by a single organization.
Power asymmetries among partici-pants and vulnerability towards arbi-trary management.
Administered network
Administered networks have an exter-nal entity governing the network that may not participate within the network but can consist of delegations of the various participants in the network.
Differences in vision among network founders and non-founders lead to conflict.
Contracts law. As previously mentioned in this chapter, transaction costs are incurred
by making an economic exchange. Among other things9, contracts are part of these incurred transaction costs (Dahlman, 1979). Ian R. MacNeil (1978) differentiates be-tween classical, neoclassical and relational contract law. Classical contract law strives to maintain an as high as possible degree of discreteness, therefore having one-to-one transactions with no relation between the transaction partners. According to the four classifiers MacNeil (1978) uses to describe the three contract types, classical contract law can be highly flexible when utilizing short-term planning, whereas it can be of limited flexibility when long-term planning is used. Conflicts between planning the transaction and occurring changes are part of the internal planning and risk management of the individual transaction partners, thus being external to the transaction itself. Re-lation preservation is of no concern within classical contract law as there is no reRe-lation that is necessary to preserve when conflict arises. Furthermore, in light of terminating economic activities, demand and supply will point the remaining reasonable10 party to other pursuable paths.
Neoclassical contract law introduces some new ideas, moving further away from discreteness, therefore complicating contracting while allowing other concepts to arise.
9 The previously provided list of transaction costs included search, matching, contracting and enforcement. While this section deals with contracts, enforcement will be addressed later on. Search and matching are beyond the scope of this research.
10 ‘Reasonable’ is chosen here in contrast to where traditionally ‘rational’ would be invoked to describe an actor’s choice according to its behavior. This is done due to actors never being truly rational (Kahneman, 2003) and being limited by bounded rationality (Simon, 1972).
The main feature of a neoclassical contract is that a third party governs11 the transac-tions, which is able to resolve disputes and evaluate performance. Planners leave gaps in the, often long-term, planning of neoclassical contracts to maintain flexibility. To allow for these gaps, for example, it can be said that there are certain standards and/or regulations to adhere to. Relation preservation is part of the planning of the contract to ensure continuity. When issues arise that the contract does not cover, arbitration can be employed. Termination of economic activities in neoclassical contracts is dependent on the planning’s flexibility.
The final class of contracts law is relational contract law, which does not primarily focus on transactions, but on relations that are built on trust. These relations are not so much explicit as they are implicit and are therefore comparable with the likes of com-mon understanding, social behavior and culture. This makes a relational contract very flexible due to the continuous changes in social context. Conflicts between planning are, due to these changes continuously, adjusted. When conflict arises, which is highly undesirable for all parties involved, the absolute worst-case scenario would lead to court settlement. This high undesirability is reflected in how economic activities are never being expected to end.
Smart contracts. Arguably the biggest development related to contracts in the
block-chain domain is the implementation of smart contracts on the Ethereum and Hy-perledger blockchain. In 1996, Nick Szabo coined the term ‘smart contracts’. He pro-posed the idea of embedding contractual clauses in information systems using crypto-graphic building blocks. These cryptocrypto-graphic building blocks improve upon the tradi-tional tradeoffs in contracts between observability, verifiability, privity12 and enforce-ability. The cryptographic building blocks Szabo (1996) refers to, are nowadays part of blockchain infrastructures. An example of this is the Ethereum blockchain, which has built-in smart contracts functionality (Buterin, 2014). Actors can send transactions to a contract containing data that can be passed to methods of the smart contract. This allows actors to interact with the smart contract.
Smart contracts can execute self-enforced functions when conditions are met and can thus be used without relying on a trusted authority (Cuccuru, 2017). The output of a smart contract must be deterministic, as it needs to be validated by the blockchain network. Removing and upgrading smart contracts is not possible since transactions to and the contract itself must be immutable and should therefore always correspond to the contracts’ signed state.
A study on smart contracts and their applicability to legislation and regulations in the Netherlands suggests that the technology is applicable in various legal domains (Smart Contract Werkgroep, 2017). The conversion of paper contracts to smart contract code, however, is not always possible. The study mentions the possibility to write legal clauses in a smart contract as plain text, as signing a contract on the blockchain is at
11 Not to be confused with the previously described governance structures.
12 Privity is a principle, which dictates that a contract cannot confer rights nor impose its obliga-tions upon any person who is not a party to a contract.
least as safe as signing a physical paper document. The problem with this is that law requires the parties to the contract to be linked to known entities in the physical world. This issue can be addressed by using a permissioned blockchain, as users of this type of blockchain are known. The differences between the different types of blockchain are discussed in a later section. Another issue with smart contracts is that they might con-tain personal data, which in the European Union has the General Data Protection Reg-ulation bound to it. This regReg-ulation requires that personal data can be removed when desired by the person in question, which is an issue since smart contracts are immutable. Moreover, legal enforcement by a legal authority is not guaranteed, as these authorities do not yet acknowledge legal enforcement through smart contracts. Dispute resolution by the legal system or a third party could be improved upon by using smart contracts. Functions for self-enforced dispute resolution and notifications to third parties or the legal system can be implemented for improved signaling of disputes.
2.2 Institutionalization
Within this section institutional theory (INT) is explored to further understand how or-ganizational governance structures are created. INT deals with the processes by which structures become established as authoritative guidelines for social behavior (Scott, 2004). Furthermore, INT examines how these processes are created, diffused and adopted over space and time; and how they fall into decline and disuse.
DiMaggio and Powell (1983) argue, based on Giddens’ structuration theory (1979), that institutions become more homogenous over time due to a process of what they refer to as institutional isomorphism. This occurs due to an elite figure exercising power and/or through a process of natural selection. This leads to believe that conformity is necessary for institutional survival. Richard W. Scott (2004) suggests that conflict and consensus are vital to survival as well. At this point, similarities with TCE and contracts become visible, as TCE also deal with conflict, change, conformity and consensus. While contracts and the actual transaction are internal to the transaction, institutions are external to the transaction. This does not mean, however, that they have to be studied separately because they are interdependent. For example, take institution Ix that wants to perform a transaction with institution Iy and Iy refuses on the basis of Ix not possessing the right certifications, therefore, rejecting Ix on a basis external to the transaction. This affects the contract, which is internal to the transaction and is not fulfilled. The unful-filled contract might, lead to Ix undertaking a process of internal13 conflict, consensus and change to be eligible for certification and thus able to transact with Iy.
Orlikowski and Robey (1991) employ structuration theory (Giddens, 1979) in their work as well. They propose that the relation should be studied through combined ob-jectivity and subob-jectivity. This proposition has led to the creation of the structurational model of technology. A remodeled version of this model is shown in figure 1. The model describes human action shaping information technology (IT) (a) and IT as facil-itating human action whilst also constraining it (b). Moreover, the model presents that
institutions influence human agents’ interaction with technology (c) and that technol-ogy can transform or reinforce institutional properties (d).
Fig. 1. Structurational Model of Technology (reworked). Adapted from W. J. Orlikowski, 1992.
2.3 Blockchain technology
The aim of this section is to provide a clear overview of the state and constructs of blockchain technology. An important aspect of blockchain technology, smart contracts, has already been addressed in a previous section.
A blockchain is defined as a type of distributed ledger, which contains a growing list of chronological transactions (Yli-Huumo et al., 2016; Pilkington, 2015; Nakamoto, 2008). The blockchain utilizes varying consensus mechanisms to verify transactions, after which they are stored in blocks (Nakamoto, 2008, Buterin, 2014). These blocks, or lists of transactions, are immutable because they are linked, or chained, to each other using cryptographic hashes of its content and the hash of the previous block (Nakamoto, 2008). However, full immutability cannot be guaranteed due to limited fault tolerance of consensus mechanisms. When this limit is exceeded, malicious actors can, with dif-ficulties14, rewrite past transactions. Every block of transactions is stored on the block-chain and is shared and made available to all nodes, or actors (Yli-Huumo et al., 2016). Prior research has shown that blockchain has further evolved over time, leading to dif-ferences in blockchain architectures among the attributes: visibility, control and con-sensus (Bashir, Oldach, van der Steen & Tigchelaar, 2018). The classification of attrib-utes and values, including a description and originating author(s) is given in table 3.
Table 3. Classification of the blockchain architecture attributes.
Attribute Value Description Author
Visibility
Public Everyone can view the ledger.
Buterin, 2015; Zyskind & Na-than, 2015 Consortium /
Restricted
A restricted group of members can view the ledger. Read rights can be put in place by using a separate access control layer.
Buterin, 2015
14 Rewriting past transactions would require recalculating all previous hashes of blocks and change them into the desired values. It would also require a percentage of actors above the fault tolerance threshold to validate the new transactions.
Private One organization can view the ledger. Buterin, 2015
Control
Permissioned
There is an access restriction on the opera-tions that can be done on a blockchain. For example: a transaction. Write rights can be put in place by using a separate access control layer.
Swanson, 2015; Shrier, Wu & Pentland, 2016
Permissionless
Anyone can perform operations on the blockchain. This type of blockchain can only be used with a public blockchain.
Swanson, 2015; Bashir, Oldach, van der Steen & Tigchelaar, 2018 Consensus Proof-of-Work (PoW) Requires tokens Fault tolerance: 50%
An energy intensive consensus mechanism in which validators compete in computa-tion power to get the chance to mine a block. It is assumed that there are always more than 50% honest nodes/actors.
Nakamoto, 2008; Vukolić, 2015 Proof-of-Stake (PoS) Requires tokens Fault tolerance: 50%
A consensus mechanism with a higher transaction rate and less energy intensity than PoW. The chance to mine a block is determined by the stake in the blockchain network. Zheng et al., 2017; Baliga, 2017 Byzantine Fault Tolerance (BFT) Fault tolerance: 33%
A consensus mechanism that only works with a permissioned blockchain, due to need for nodes to be identifiable. It is faster and more energy efficient compared to PoW. A blockchain using this consensus mechanism, however, has a very limited scalability.
Baliga, 2017; Debus, 2017; Vukolić, 2015; Castro & Lis-kov, 2002
Federated BFT (FBFT)
Fault tolerance: 33%
This consensus mechanism is similar to BFT. However, it does not suffer from scalability constraints that BFT has through its use of hubs that a limited num-ber of users control and to which other us-ers connect and therefore have to trust. This allows FBFT to scale to the sizes of a blockchain that uses PoW or PoS.
Baliga, 2017
Access and storage. Access to a blockchain is based on visibility and control. The first
determines who can view the blockchain and the latter determines who can operate on the blockchain. When control is permissioned, the blockchain requires an access control layer, which provides access to the blockchain. This access control layer, which is unique to permissioned blockchains, can be seen in figure 2.
Fig. 2. The anatomy of transactions on a permissioned blockchain
From figure 2 it can be seen that an institution15 (Ii) can access a permissioned block-chain (Bi) through an access control layer, which will determine if the institution is eligible to access and perform operations the blockchain. The blockchain itself is a chain of blocks, each of which refers to multiple transactions (T) with data about the sender (Ix/Ci), receiver (Iy/Ci), contract(s) (C) and regulation(s)16 (R). The transaction data can refer to the cost of the transaction, timestamp and other data like a function call on a contract or a file. Data stored on a blockchain resides in a transaction or con-tract. Institutions can send and receive transactions, but contracts and regulations can do so as well, since they can hold data and have self-enforced properties.
All data on the blockchain has to be stored on each of the nodes on the network for the purpose of transaction verification. This poses a major problem, being that storing large data objects on the blockchain is undesirable because this implies that the entire network has to store that data object. The result is that the network becomes dependent on considerable storage capabilities and that it takes longer for new participants to enter the blockchain network because they need to retrieve the entire blockchain first.
2.4 Conceptual framework
This section aims to explain how blockchain technology becomes institutionalized by constructing a conceptual framework based on the structurational model of technology (Orlikowski, 1992). The conceptual framework is shown in figure 3.
Fig. 3. Conceptual framework: institutional model of blockchain technology.
15 Any type of actor that interacts with a blockchain could be chosen here. However, the institu-tion was preferred as this thesis deals strictly with instituinstitu-tions as transacting parties. 16 Regulations are a type of smart contract that will be discussed in the results section.
The conceptual framework is largely the same as the structurational model of technol-ogy. It has, however, some slight modifications to explain the institutionalization within the context of blockchain technology. Firstly, regulations, agreements and policy are decoupled from the institutional properties, due to its relationship with smart contracts. The regulations, agreements and policy influence actors and institutional properties di-rectly by transforming or reinforcing behavior. These can be implemented in smart con-tracts, similarly reinforcing or transforming the institutional properties or behavior of the actors. It should be noted that the relation between human actors and regulations, agreements and policy is deliberately left out, because the drafting of regulations is out of scope. Secondly, technology is separated into smart contracts and the blockchain. This is done, because none of the other components directly have an effect on the block-chain. As discussed before, the manner in which transactions take place is largely de-termined by the way of contracting. If actors desire to change the manner in which transactions take place, the contracting will be affected. When the manner of contract-ing is insufficient, the blockchain has to be altered to meet the demand. The relation is reciprocal, due to smart contracts being dependent on the blockchain itself. Finally, within this model the naming convention ‘actors’ is preferred over human agents, since interaction with smart contracts is not limited to human agents and could apply to non-human agents as well.
3
Methodology
This research was conducted in the period between April 1st, 2018 and July 12th, 2018. The research started with an initial literature review to determine the fit of literature regarding the topics addressed. After this phase an in-depth literature review took place of which the results are written in the previous section. Furthermore, a process of the-oretical saturation was utilized to construct the conceptual framework (Bryman, 2012). To lend further credibility to claims in the results section, argumentation from literature is used to support them. To improve on this credibility, a proof by engineering is in-cluded to demonstrate the functionality of components. Validity of the study is partially ensured by the proof by engineering. Five expert interviews were conducted to verify the results based on their underlying assumptions, which improves upon dependability and validity. This study is performed using a retroductive approach, since its goal is to discover underlying mechanisms, which enable data sharing and processing within var-ious institutional frameworks (Blaikie, 2004).
Literature was found using the CataloguePlus digital library provided by the Univer-sity of Amsterdam. Keywords from the relevant theories found during the initial liter-ature review where used to find literliter-ature. Based on citations and references from the initial literature, more background material was found, which occasionally had to be retrieved using a search engine. The theory used in this thesis is mainly classical, and theory on blockchain technology is scarce, so no further restrictions were imposed on the use of specific time frames or journals during the search for literature.
Proof by engineering is given using BPMN 2.0, Petri Nets and UML Sequence Dia-gram – modeling techniques. Interviewees were selected based on their experience in
the field of cryptography, distributed systems and information systems, as well as their affiliation with the ‘Big Data: real time ICT for logistics’ NWO-project. A semi-struc-tured interview approach was chosen because the interviews were intended to validate and supplement findings to ultimately achieve saturation of results. Originally the use of a snowball sampling technique was planned, but due to a lack of time a convenience sample was used. Table 4 displays the characteristics of the interviewees.
Table 4. Interviewee characteristics.
Field Role Experience (in years)
Cryptography Researcher 11
Distributed Systems Researcher 10
Distributed Systems Researcher 27
Big Data Sharing Researcher / Science officer 20
Big Data Sharing Researcher 20
4
Results
Within this section the questions raised in the introduction will be answered based on the literature review, conceptual framework and interviews. The questions were: (1) how can blockchain technology be used for sharing and processing data and what are its benefits; and (2) how does blockchain technology’s architecture differ in market and network governance structures?
4.1 Sharing and processing data using smart contracts
TCE and contracts law suggest that contracts transform transactions. Transactions that take place on a blockchain are transformed by smart contracts, which provide the added properties of data storage capacity and self-executable functions. The conceptual framework suggests that smart contracts are bound by off-chain17 regulations, agree-ments and policy. However, the paragraph on smart contracts points out that these can be factors can largely be internalized on-chain as types18 of smart contracts but not en-tirely. For example, relational contracts are implicit and require to be made explicit in a smart contract, which is not always possible. Classical and neoclassical contracts are fully supported by a blockchain. Classical contracts have the main trait that the trans-action itself has a high level of discreteness, which a blockchain can support with or even without smart contracts due to conflicts in planning being external to the transac-tion and are therefore handled off-chain. Neoclassical contracting is improved upon
17 Off-chain is used to indicate that something takes place outside of the blockchain, whereas on-chain implies that something takes place within the blockon-chain.
18 These types of smart contracts are agreements, being regular smart contracts, and regulations. Regulations are in this case both internal regulations (policies) and external regulations (reg-ulations by a legal authority).
with enhanced dispute resolution through third parties, but it requires that gaps in plan-ning are allowed, which requires a version control mechanism. This mechanism, a pointer system, based on IPFS’ content addressing (Benet, 2017), uses proxy contracts and regulations to maintain immutability and referential integrity. The system works as follows: for each distinct contract19 a proxy contract is created that redirects to the latest signed pointer with an ID of a certain contract, which then points to the actual contract. A Petri Net describing the addition of a new contract or regulation to a blockchain is presented in Appendix A. This mechanism also allows smart contracts to call a function upon itself to examine if it is the latest signed version. When this is not the case, the contract should notify the involved parties of the new contract and have functions to upgrade or reject the upgrade, including the handling of disputes. Thoughtful modeling of contracts is key to the handling of these actions. Therefore, it is helpful that the con-tract pointer system is compatible with the FRBRoo (Functional Requirements for Bib-liographical Records) document model for defining information ontologies of legal re-sources over time (de Oliveira Lima, Palmirani & Vitali, 2008). Categorizing contracts and regulations according to this document model allows for the systematic ordering of information over time in a blockchain. Appendix B contains a FRBRoo model in which smart contract dynamics are defined.
Internal and external regulations should be implemented as types of smart contracts that are validated before other types of smart contracts. This allows preventive checking of transactions to determine the validity of a transaction before a policy or law is breached. Off-chain legal enforcement can be implemented by adding legally binding clauses to the smart contracts that cover contingencies that cannot be enforced on-chain. The immutability and validation process of the blockchain ensures the integrity of con-tracts. Taking the aforementioned guidelines into consideration, the contracting engine is proposed as a design to take these into account. The contracting engine ensures that the conditions of relevant internal and external regulations are met before accessing one or more contracts. This guarantees that transactions with certain contracts cannot con-flict with regulations. It also guarantees that the transaction is only recorded when all the regulations and contracts are passed and that descriptive error messages are sent to the client. Appendix C contains a BPMN 2.0 model, which describes a generic interac-tion between the contracting engine, regulainterac-tions and contracts and a sequence diagram for added clarity. The pointer mechanism is not a part of the contracting engine but consists of multiple entities on the blockchain.
Applications can be built to retrieve data from smart contracts on a blockchain that it has access to. In Appendix D a BPMN 2.0 model is shown, which describes a generic contract data lookup process. Since a blockchain can only be used to store limited amounts of data, it should not be used as a data storage medium. Instead of storing the actual data on the blockchain, a hash functioning as a proxy is stored on-chain, which is again based on IPFS’ content addressing (Benet, 2017). This proxy refers to the latest pointer signed by the owner of the content, which points to the actual content off-chain. A benefit of this is that the data underlying the references can be updated and removed, which makes the data mutable and therefore allows for compliancy with the GDPR’s
right to be forgotten. This is also a weakness since auditing which data was available when becomes significantly harder unless all states of the content and the pointers are preserved. The data, which can now be a directory with subdirectories, can be encrypted using a password. This password can then be encrypted with the public key of the re-ceiving party, ensuring that the data password can only be accessed by that party. The twice encrypted password can then be stored within the smart contract. The data can be encrypted even further using homomorphic encryption to allow data to be processed by a third party without them being able to read the data (Makkes, 2010). However, pro-cessing time due to encryption and decryption would increase.
The system presented above allows encrypted data to be stored elsewhere, which introduces mutability to the otherwise immutable blockchain. Therefore, auditability and transparency of transactions decrease, and other measures need to be taken to en-sure state changes in the external data are well documented. The storage mechanism, however, allows data to be processed by the provider of the algorithm. Furthermore, due to smart contracts being able to handle multiple parties, a separate processing pro-vider can be included in the contract. From figure 4 it can be seen how various actors interact in the sharing and processing of data using smart contracts.
Fig. 4. Infrastructure for sharing and processing of data using blockchain technology. The figure shows that institutions can take on different roles, being data provider, algo-rithm provider and processing provider. In this figure they are displayed as three sepa-rate entities, however an institution can take on any two of these roles in this setting. Input data (Di) is referenced on the blockchain by the data provider. The algorithm (A) to transform the, possibly encrypted, input data is referenced by the algorithm provider. With both the input data and algorithm, the processing provider can run the actual ma-chines to process the data with the algorithm, the specifications of which can be agreed upon using the smart contracts. The output data (Do) will then be referenced by the processing provider, which the data provider, or other institutions, can get access to using its private key to decrypt the output. When the process fails, on-chain dispute resolution functions on the smart contract are activated. When the dispute resolution
functions fail, plain text legal clauses in the smart contract for off-chain enforcement should cover the contingencies in which the case must be taken to court or arbitration. One smart contract must be used to support a group of transactions between multiple parties that are related to a single process artefact to maintain a digital audit trail. Take, for example, a situation in which there are multiple algorithm providers. When the first algorithm is used on the data, the output can be stored after which it is retrieved again to process the data using the other algorithms. Although these are certainly multiple transactions, they all have to deal with the same contract. If there was a separate con-tract for each transaction, it would result in a rather difficult to follow digital audit trail. In addition, all parties involved are, in relation to the privity, party to the contract when a single contract is maintained. In the case of a dispute about intermediate results, or the lack thereof, a party can, for example, file a complaint with regard to a processing step that has already been carried out. Another benefit of maintaining a single smart contract is that new versions only require one upgrade.
Appendix E contains a BPMN 2.0 process model in which the various providers cooperate using a smart contract to gain a result. The model assumes that the parties have already created and agreed upon the contract and that no difficulties arise while providing the data. The process abstracts from the use of proxy contracts, contract pointers and regulations; and ends before the party that desires the result votes on whether the output is correct or not. If not, a dispute resolution process has to be started that determines the further actions.
4.2 Blockchain architecture in markets and networks
Within a market governance setting, it is assumed that there is no mutual trust between parties as a result of a climate of suspicion and low commitment. This means that a consensus mechanism should have a high fault tolerance. Low asset specificity indi-cates that knowledge to a transaction is low and that price can be used as a means of communication. Moreover, this means that tokens as a medium of communication can be used for trade. Markets can be open or limited to a specific group and therefore a blockchain in a market context can be permissioned or permissionless and also be pub-lic or restricted. The PoS consensus mechanism can provide a tokenized solution with high fault tolerance to provide trust. A best practice for open markets would be to im-plement a blockchain that is public, permissionless and uses a PoS consensus mecha-nism. For closed markets a best practice would be to implement a blockchain that is restricted, permissioned and uses a PoS consensus mechanism. Although, it could be argued that a closed market may have public visibility to improve transparency with regard to the external environment. A closed market is able to use contracts, policy and regulations in a manner as is described in the results section. An open market, however, would require consensus among participants to add both internal and external regula-tions, and to enforce their use. Assuming that this does not happen, parties to a contract can enforce compliance to regulations by including them as a reference in the contract. Networks, compared to markets, work with high asset specificity and trust and do therefore not require a token and a higher fault tolerance. BFT and FBFT consensus
mechanisms would lend themselves well for this purpose since they meet these require-ments. Networks are restricted in access by default, due to partnerships, which implies that using a permissioned blockchain would be an optimal choice. A best practice for distributed networks would be to use a BFT consensus mechanism since its size is lim-ited to prevent against stowaways. Adding internal and external regulations within a distributed network would require a vote amongst participants. Steered networks can scale larger in size due to acceptance of power asymmetries to which participants agree when joining the network. This larger size indicates that a FBFT consensus mechanism is good practice. The power asymmetries have a large impact on both internal and ex-ternal regulations. This is due to the management of regulations by a central party in the network and all parties agreeing to their use at all times while they are transacting within the network. A best practice for the administered network is to use a FBFT con-sensus mechanism, due to its large size and delegates or external entities being able function as hubs. Delegates or external entities have to vote on regulations to be part of the blockchain. Within all networks visibility can be either public or restricted. Its use is determined by the degree of transparency a network wants to broadcast to the external environment.
5
Conclusion
The aim of this thesis was to determine to what extent blockchain technology can be used for the purpose of sharing and processing data in market and network governance structures. Adopting a TCE, contracts law and INT perspective to study blockchain technology and smart contracts led to the creation of the institutional model of block-chain technology. Using the institutional model of blockblock-chain technology as conceptual framework for this research allowed smart contracts to be viewed as the crucial element in enabling the sharing and processing of data. Moreover, the model showed that regu-lations, agreements and policies become embodied within smart contracts and that the blockchain itself consists of varying parts. Smart contracts support classical and neo-classical contracting and improve upon traditional contracts in a number of ways. These improvements are partially automated dispute resolution, transparency, verifiability, privity and enforceability. Moreover, since smart contracts are part of a blockchain, transactions to a contract are transparent and immutable. Enforceability can be sup-ported off-chain by adding plain-text legally binding clauses to the smart contract due to the digital signing of contracts being at least as safe as a paper document. However, plain-text clauses in contracts should generally be avoided since they introduce manual steps into a system that is intended to remove them.
The proof by engineering shows how smart contracts can be made upgradeable and used for the sharing and processing of data by assigning different roles to actors, en-crypting data and storing it off-chain while keeping references on-chain. Furthermore, a contracting engine layer is proposed which allows preemptive checking of regula-tions. The system is therefore compliant with the GDPRs right to be forgotten and, due to the smart contract upgrade model, useable with the FRBRoo document model. The key to maintaining a digital audit trail of related transactions is the use of one contract
that multiple institutions use to achieve the desired output. It should be emphasized that the digital audit trail does not extend to the actual underlying data, so extra measures must be taken to audit the data itself.
The institutional model of blockchain technology was then used to explore how a blockchain’s architecture differs when institutional properties mirror the ideal types of markets and networks. Both have varying visibility, control and consensus mechanisms fitting their own archetypes. The manner in which smart contracts are accepted as reg-ulations also differs in each of the governance structures. It is important to remember that in the Netherlands and possibly elsewhere only permissioned blockchains can be used for entering into contracts, because it is legally required that parties to a contract are connected to known entities in the physical world.
In conclusion, blockchain technology, in both markets and networks, can be used as a transaction medium for off-chain sharing and processing of data through the use of on-chain smart contracts. This allows the data to be processed at the data provider, at the algorithm provider or at a separate processing provider by means of referencing hashed locations of storage containing encrypted data. The proposed system ultimately improves upon the transparency, immutability, verifiability, privity, enforceability and dispute resolution of traditional contracts.
6
Discussion
6.1 Further research
While this study has provided a substantial theory, implementations in practice require testing to discover whether this theory is complete. Moreover, consensus mechanisms are still in intense development, which might lead to new variations in blockchain ar-chitectures in the near future. Since this study relied heavily on INT & structuration theory, which offers a deterministic view, other approaches to the social sciences like actor-network theory (Latour, 2005) should be investigated to further extend and refine the theory. A good starting point would be to prove or disprove the three underlying assumptions of structuration theory, being: (1) groups and organizations are created and recreated through the use of rules and resources; (2) Interaction is the outcome of and is mediated by communication rules; and (3) Organizations have power structures that guide the decision-making process. Further research should look into alternatives to TCE and see if those lead to the same outcome as is presented in this thesis. This thesis did not address the economic costs and benefits for markets and networks, nor did it address transaction speed and maintenance. Further research should investigate these aspects, since they are essential components to make the technology successful. Com-munication between a blockchain and applications as described in this thesis is prone to manipulation. Further research is necessary to secure this communication network. Moreover, authentication infrastructures like the Public Key Infrastructure (PKI) should be compared with the presented infrastructure to determine which are better suited in different contexts.
6.2 Limitations
This research could be improved upon by a better selection of interviewees. Firstly, the number of interviewees is relatively low. Secondly, the domains in which the inter-viewees operate are closely related. Therefore, the results of the interviews might be pointing in a single direction, leading to a skewed outcome. This research did not pro-vide a working system as a proof of concept, due to a lack of time and the many custom-built components that had to be included. Moreover, this study did not address nesses of blockchain technology, such as Sybil attacks (Douceur, 2002) and its weak-nesses in its encryption schemes to quantum computing (Fehr, 2010). Also, perfor-mance of consensus mechanisms, data processing and the contracting engine are not addressed. For purposes of readability and due to the number of mechanisms used in practice, not all existing consensus mechanisms are used in this thesis, which is why in section 4.2. only best practices are suggested. Furthermore, this thesis is not written to be directly prescriptive for use in practice. For implementations of blockchain architec-ture in practice some variation between practice and the ideal governance strucarchitec-tures have to be taken into account since the governance structures in this thesis are ideal types. During this research a social-constructivist approach towards technology was taken, which limits the perspective taken on this topic.
References
Akerlof, G. A. (1970). The market for" lemons": Quality uncertainty and the market mechanism. The Quarterly Journal of Economics, 48(3), 488-500.
Baliga, A. (2017). Understanding Blockchain Consensus Models. Persistent Systems Ltd. Bashir, N., Oldach, D., van der Steen, J. & Tigchelaar, S. (2018). Trailblazing the way towards
blockchain governance: Laying the groundwork for interconnective blockchains. Unpublished manuscript, Faculty of Science, University of Amsterdam, Amsterdam, The Netherlands.
Benet, J. (2017). IPFS - Content Addressed, Versioned, P2P File System (DRAFT 3). White paper. Retrieved from
https://ipfs.io/ipfs/QmR7GSQM93Cx5eAg6a6yRzNde1FQv7uL6X1o4k7zrJa3LX/ipf s.draft3.pdf
Blaikie, N. (2004). ‘Retroduction’, in M. S. Lewis-Beck, A. Bryman, and T. F. Liao (eds), The Sage Encyclopedia of Social Science Research Methods. 3 vols. Thousand Oaks, CA.: Sage.
Bryman, A. (2012). Social research methods. Oxford University Press, USA.
Buterin, V. (2014). A next-generation smart contract and decentralized application platform. White Paper.
Buterin, V. (2015). “On Public and Private Blockchains.” Ethereum Blog, 7 Aug. 2015, blog.ethereum.org/2015/08/07/on-public-and-private-blockchains/.
Castro, M., & Liskov, B. (2002, February). Practical Byzantine fault tolerance and proactive recovery. ACM Transactions on Computer Systems, 20(4). 398-461.
Coase, R. H. (1937). The Nature of the Firm. Economica, 4(16), 386-405.
Cuccuru, P. (2017). Beyond bitcoin: an early overview on smart contracts. International Journal of Law and Information Technology, 25(1), 1–17.
Dahlman, C. J. (1979). "The Problem of Externality". Journal of Law and Economics, 22(1), 141–162.
DiMaggio, P. J., & Powell, W. W. (1983). The iron cage revisited: Institutional isomorphism and collective rationality in organizational fields. American Sociological Review, 48(2), 147-160.
Douceur J. R. (2002) The Sybil Attack. In: Druschel P., Kaashoek F., Rowstron A. (eds) Peer-to-Peer Systems. IPTPS 2002. Lecture Notes in Computer Science, vol 2429. Springer, Berlin, Heidelberg.
Fehr, S. (2010). Quantum cryptography. Foundations of Physics, 40(5), 494–531. https://doi.org/10.1007/s10701-010-9408-4
Giddens, A. (1979). Central Problems in Social Theory: Action, Structure, and Contradiction in Social Analysis. Berkeley: University of California Press.
Kahneman, D. (2003). Maps of Bounded Rationality: Psychology for Behavioral Economics. The American Economic Review, 93(5), 1449-1475.
Latour, B. (2005). Reassembling the Social: An Introduction to Actor-Network-Theory. New York: Oxford University Press.
Macneil, I. R. (1978). Contracts: Adjustment of Long-Term Economic Relations under Classical, Neoclassical, and Relational Contract Law. Northwestern University Law Review, 72(6), 854-905.
Makkes, M. X. (2010). Efficient implementation of homomorphic cryptosystems (Master thesis). Retrieved from https://research.tue.nl/en/studentTheses/efficient-implementation-of-homomorphic-cryptosystems.
Mayer-Schönberger V., Ramge T. (2018). Reinventing Capitalism in the Age of Big Data. London: John Murray.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system.
de Oliveira Lima J.A., Palmirani M., Vitali F. (2008) Moving in the Time: An Ontology for Identifying Legal Resources. In: Casanovas P., Sartor G., Casellas N., Rubino R. (eds) Computable Models of the Law. Lecture Notes in Computer Science, vol 4884. Springer, Berlin, Heidelberg.
Orlikowski, W. J. (1992). The duality of technology: Rethinking the concept of technology in organizations. Organization Science: A Journal of the Institute of Management Sciences, 3(3), 398-427.
Orlikowski, W., & Robey, D. (1991). Information technology and the structuring of organizations. Information Systems Research, 2(2), 143-169.
Pilkington, M. (2016). Blockchain technology: principles and applications. In: F. X. Olleros & M. Zhegu (Eds.), Research Handbook on Digital Transformation (pp. 225-251). Edward Elgar Publishing Ltd.
Powell, W. W. (1990). Neither market nor hierarchy. Research in Organizational Behaviour, 12, 295-336.
Simon, H. A. (1972). Theories of bounded rationality. Decision and organization, 1(1), 161-176. Swan, M. (2015). Blockchain: Blueprint for a new economy. " O'Reilly Media, Inc.".
Swanson, T. (2015). Consensus-as-a-service: a brief report on the emergence of permissioned, distributed ledger systems.
Scott, R. W. (2004). Institutional theory. In G. Ritzer (ed.), Encyclopedia of Social Theory (pp. 408-414). Thousand Oaks, CA: Sage.
Shrier, D., Wu, W., & Pentland, A. (2016). Blockchain & Infrastructure (Identity, Data Security). Connection Science & Engineering, MIT, 1-16.
Smart Contract Werkgroep – Dutch Blockchain Coalition. (2017). Smart contracts als specifieke toepassing van de blockchaintechnologie. Retrieved June 4, 2018, from https://www.dutchdigitaldelta.nl/uploads/pdf/Smart-contract-rapport-DBC.pdf. Szabo, N. (1996). Smart Contracts: Building Blocks for Digital Markets. Retrieved from
http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/L OTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html.
Vukolić, M. (2015). The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication. In International Workshop on Open Problems in Network Security (pp. 112-125). Springer, Cham.
Williamson, O. E. (1979). Transaction-Cost Economics: The Governance of Contractual Relations. Journal of Law and Economics, 22(2). 233-261.
Williamson, O. E. (1981). The Economics of Organization: The Transaction Cost Approach. The American Journal of Sociology, 87(3). 548-577.
Williamson, O. E. (1985). The Economic Institutions of Capitalism: Firms, markets, relational contracting. New York: The Free Press.
Yli-Huumo, J., Ko, D., Choi, S., Park, S., & Smolander, K. (2016). Where is current research on blockchain technology? — A systematic review. PLoS One, 11(10), e0163477. http://dx.doi.org/10.1371/journal.pone.0163477.
Zheng, Z., Xie, S., Dai, H., Chen, X., & Wang, H. (2017). An overview of blockchain technology: Architecture, consensus, and future trends. In Big Data (BigData Congress), 2017 IEEE International Congress on (pp. 557-564). IEEE.
Zyskind, G., & Nathan, O. (2015). Decentralizing privacy: Using blockchain to protect personal data. In Security and Privacy Workshops (SPW), 2015 IEEE (pp. 180-184). IEEE.
Appendix B: FRBRoo document model describing smart contract dynamics over time.
Appendix C: BPMN 2.0 model describing the generic interaction between the con-tracting engine, regulations and contracts, and a sequence diagram.
Appendix E: BPMN 2.0 model describing how multiple parties interact with a smart contract using external data sources.
