Blockchain opens up new avenues to moral, reputational, legal, and economic risks, but also brings four risks: lack of third-party protection, invasion of privacy, zero-state issues, and poor governance.
If I send you bitcoin, the transaction is simultaneously recorded on the more than 12,000 computers, servers, and other devices that bitcoin runs on. Everyone on the chain can see the transaction, and no one can change or delete it. Or you can send me a non-fungible token (NFT) on the Ethereum blockchain, and the transaction is also recorded on all the computers (aka “nodes”) running Ethereum. These two examples roughly explain what blockchain technology is: a way to keep immutable records of transactions on multiple computers. Thus, new transactions cannot be completed on just one computer without being recorded simultaneously on all other computers. Blockchain applications have gone far beyond cryptocurrencies and NFTs, as governments and industries, from healthcare to agriculture to supply chain operations, are leveraging the technology to improve efficiency, security, and trust.
The core capabilities of blockchain have enormous appeal, but they are a double-edged sword that opens up new avenues for organizations and their stakeholders to navigate ethical, reputational, legal, and economic risks. In this post, I have identified four of these risks: lack of third-party protection, invasion of privacy, zero-state issues, and poor governance . For each risk, I outline the responsibilities of two actors who play a key role in governing blockchain decisions and specifications: developers (people who design and develop blockchain technology and the applications that run on it) and enterprise users (organizations using blockchain solutions or advising clients using these solutions).
Lack of third-party protection
The lowest-cost third-party intermediaries such as banks are often seen as the best choice for doing business, and while predatory at worst, they do play a key role in safeguarding their clients’ interests. For example, banks have sophisticated methods to detect the activity of malicious actors, and consumers can question fraudulent transactions and scams on their credit cards.
What developers have to consider. Developers need to consider the kinds of services provided by third parties to protect stakeholders, and then devise a decentralized way to provide those protections. If this is not possible, developers must inform stakeholders that the technology lacks the protections they are accustomed to. The developer may even decide not to develop the app because the risk to the user is too high.
What the user has to consider. Users need to understand the risks of not having these safeguards, for themselves and the people they represent (the clients they advise, the patients they care about, the citizens of the rights they want to protect). They must be transparent about risks and obtain meaningful informed consent from those they serve. They should also explore non-blockchain solutions that can fill the void.
lack of privacy
The most popular blockchains, Bitcoin and Ethereum, are public. Known for its transparency and accessibility, anyone can view, add, and audit the content of the entire chain. However, if transparency poses a serious threat to the privacy of users, then private chains may be necessary. For example, Nebula Genomics uses private blockchain technology to give patients “full control” of their genomic data.
A blockchain may contain information that some users should see but not others; in this case, a hybrid approach may be required, where the private and public chains interact. For example, electronic health records contain both highly sensitive data that must be kept confidential, and information that should be shared with entities such as the Centers for Disease Control and Prevention (CDC) and health insurance providers. Hashed Health, Equideum Health, and BurstIQ, for example, are all hybrid blockchains that collect and share biometric information while giving patients more control over their data.
What developers have to consider. Developers need to carefully consider their ethical responsibilities in balancing transparency and privacy before deciding on the applicable public, private or hybrid chain options. An important factor is the likelihood of on-chain members being identified, and the ethical consequences of that. Other key decisions include determining who should access what data, under what conditions, and for how long.
What the user has to consider. Not only do users need to understand the impact of transparency on their own business and the people they serve, but they must also understand and address the risk that wallet (generally as an authentication mechanism for web3 users) holders may be identified (including the fact that they accidentally expose themselves identity of).
zero state problem
The zero-state problem arises when the accuracy of the data contained in the first block of a blockchain, or “genesis block,” is questioned. This can happen if due diligence on the data is not done properly, or if the person entering the data makes a mistake or changes the information in bad faith. For example, in a blockchain used to track goods in a supply chain, the first block might incorrectly show a truck full of copper from one mine, when in fact the material came from another mine. Those involved in the truck’s contents could have been tricked or bribed along the way without the people who created the genesis block being aware of it.
But if we’re talking about blood diamonds or property, then moral hazard goes up. If the government creates a blockchain as a database of records for land registration, and the person who entered the information into the first block assigns the plot to the wrong owner, serious injustice will occur (the land is actually stolen) ). Some organizations, like Zcash, which created a highly secure privacy-preserving cryptocurrency, have (justifiably) gone to great lengths to ensure the trustworthiness of their genesis block.
What developers have to consider. Developers must carefully verify all data that will be included in the genesis block and use best practices to ensure its accurate entry. They must also alert users to the zero-state issue and disclose the ways in which the blockchain may contain false information so that users can assess its potential risks and conduct their own due diligence.
What the user has to consider. Users of the blockchain should review how the genesis block was created and what the source of the data is. If the project recorded in the blockchain has been the target of fraud, bribery, and hacking throughout the project’s history, they should ask themselves tirelessly, is the organization that created the first block trustworthy? Has the block been audited by a reliable third party?
Users also need to understand that even if the data in the genesis block and subsequent blocks is accurate and legitimate, malignancy can still occur. For example, a compliant diamond may be put on a truck and its multiple transfers may be accurately recorded on the blockchain, but that doesn’t stop clever thieves from swapping fake diamonds for real ones in transit . And users must also inform those they serve about the state of zero, disclose their due diligence on the genesis block, and identify safeguards (if any) in place to prevent fraud.
Blockchain technology is described as a series of terms – “decentralized”, “permissionless”, “autonomous” – which can lead users to make assumptions about governance: for example, they may perceive it as libertarian and An anarchist wonderland, or where all members have an equal say in how the blockchain works. In reality, blockchain governance is a very, very complex thing with significant ethical, reputational, legal, and financial implications. The creators of the blockchain decide who has power; how they get it; what oversight, if any, is required; and how decisions are made and operated. A quick look at two cases, one notorious and one still in progress, is very instructive.
The first Decentralized Autonomous Organization (DAO), a hedge fund originally called “The DAO”, runs on the Ethereum network. Members have different voting rights based on how much money (ether, to be specific) they put into the joint venture. When the DAO was hacked in 2016, with about $60 million worth of ETH siphoned from the fund, members took very different ideological stances on what to do with it — and whether the hack constituted “theft.” One camp argues that ill-gotten gains from bad actors exploiting software vulnerabilities should be returned to the rightful owners. Another camp argues that DAOs should avoid reversing fraudulent transactions and simply fix the bugs to keep Ethereum running. This camp believes that “code is law” and “blockchains are immutable”, so the hackers acted according to the code and did nothing morally unacceptable. The former camp eventually won and created a “hard fork” that directed funds to a recovery address where users could get back their investments, essentially rewriting the history of the blockchain.
The second example is a dispute over the governance of another DAO, Juno. In February 2021, Juno conducted an “airdrop” (ie, sending free tokens to community members to facilitate participation) in its network. One wallet holder figured out a way to take advantage of the system and received a significant portion of the tokens, worth over $117 million at the time. In March 2022, a proposal was made to shrink the majority of the tokens of “whales (who are believed to have over $56 million worth of bitcoin)” to a fair share of what is considered an airdrop amount. A month later, the proposal was officially passed with 72% of the vote, and all but 50,000 whale tokens were withdrawn. Whale claims he invested with other people’s money, and he threatens to sue Juno.
These events demonstrate how important it is to build blockchains and the governance of applications running on them with great care and conscientiousness.
What developers have to consider. Developers must determine what constitutes good governance, paying particular attention to how the governance structure invites hackers or bad actors. This is not just a mechanical issue. The developer’s values need to be articulated and then implemented in the blockchain. Consider, for example, the philosophical disagreement among Ethereum developers as they weighed whether to change their blockchain when the DAO was hacked or fix the bug and move on, as well as the Juno token holders who voted for forfeiture and those who voted against similar differences between. To avoid such ethical issues, developers should set a banner to guide governance from the outset.
Divergence occurs when the rules about how power and money are distributed or earned on the system are not carefully considered. The DAO’s hackers exploited a bug in the software, which led to confusion over whether the code — even flawed code — was actually due to the law. In Juno’s case, the turmoil stemmed in part from a lack of thoughtful consideration of how tokens were allocated in the first place. Developers need to understand that those with voting rights can vary widely in beliefs, values, ideals, and aspirations. Strong governance is one of the most important tools for managing these differences, and significant ethical and financial risks can be avoided if developers’ values are implemented into the infrastructure, policies, and procedures that govern blockchains.
What the user has to consider. Users must ask themselves whether the values of blockchain creators align with those of their organization and customers. They must determine how much volatility, risk and lack of control they and the people they serve can tolerate. They must articulate their standards for what constitutes good and responsible governance, and only work with blockchains that meet those standards. Users may be using a distributed network without a single authority, but they are definitely dealing with a political entity.
Towards a Moral Hazard Framework for Blockchain
The moral hazard of any technology is as varied as its application. A self-driving car powered by artificial intelligence, for example, runs the risk of killing pedestrians. A social media application that comes with the risk of spreading false information. The ethical and reputational risks associated with nearly all data-driven technologies also apply to blockchain. When implementing blockchain, senior leaders must implement a framework to mitigate these risks. They should carefully consider a range of situations.
- What are the moral nightmares our organization must avoid?
- How do we account for edge cases?
- They should anticipate ethical issues and reflect on themselves.
- What governance structures do we have? What kind of oversight is required?
- Could blockchain technology undermine any of our organizational and ethical values, and if so, how can we minimize these impacts?
- What safeguards should be in place to safeguard our stakeholders and our brand?
Thankfully, many of these issues have been addressed in the adjacent AI ethics hazard literature, including the guide I wrote about implementing an AI ethics program. This material is a good starting point for any blockchain project.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/what-should-developers-and-users-of-blockchain-with-high-moral-hazard-pay-attention-to/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.