A wholesale model for permissioned blockchains; September 2018
Unpermissioned blockchains have proven themselves as viable business ecosystems with effective economic incentives. Opinions may differ on how well-spent the energy is for proof-of-work Bitcoin or Ethereum mining, it is undeniable that they provide the proper incentives for the validators/miners to keep them sufficiently collaborative (they accept each other’s mined blocks) and competitive (each strives for efficiency). Other more energy efficient unpermissioned blockchain technologies are being developed, like those based on accumulated cryptocurrency (proof of stake), or those based on available empty hard-drive space (prove of space), with similar cryptocurrency-based incentive design.
An issue with unpermissioned blockchains is that the validator/miner are awarded in cryptocurrency. The intrinsic volatility of a cryptocurrency forms a major risk for users, which may range from start-ups to industry sectors, to rely their core business processes on an unpermissioned blockchain. Too high or very volatile transaction costs may make a use case economically unviable, whereas too low revenues for the miners/validators may jeopardise the reliability and even the existence of the unpermissioned blockchain.
The situation is less clear for permissioned blockchains. A major benefit of these is that transaction fees do not need to be coupled to a volatile cryptocurrency . Still, a proper economic incentive design and an associated governance structure is needed that aptly rewards nodes and other business roles in the ecosystem. This should keep the economic pressures towards efficiency and low transaction cost, and this should keep the system sufficiently distributed to prevent monopolistic behaviour of individual roles or the system as a whole.
This whitepaper provides an initial exploration of economic incentive design of public permissioned blockchains. Private blockchain are left out of scope, as any financial arrangements can be handled in the consortium agreement that governs such blockchains. Also cryptocurrencies are left out of scope, as the focus of this whitepaper is who pays whom for what, and not the currency that is used for these payments.
We shall first explore business roles and their activities. Next, we shall look into the cost components in a permissioned blockchain. Based on this, we postulate a set of wholesale business models, from which we derive some initial conclusions and research questions.
The basic interactions of an application with a blockchain are writing data onto the blockchain and reading data from the blockchain. The blockchain has business rules to keep the data on the blockchain consistent, e.g. by checking the validity of deployed chaincode (a.k.a. smart contract), checking input data against the chaincode and rejecting inconsistent transactions, like double-spending attempts.
A central role in any blockchain ecosystem are the validators that together write data/transactions/chaincode onto the blockchain using some type of consensus algorithm, and provide read access.
Vital to the blockchain ecosystem are the users, who send write and read requests to the validators. It is generally expected that their fees finance the blockchain ecosystem.
A third role in a permissioned blockchain is the governing entity, that organises the setting and enforcing of rules for the blockchain through legal, economic and/or other means. The governing entity is typically a not-for-profit foundation in case of a permissioned blockchain, and its participants may be its validators and/or a representation of its users.
When zooming in, more roles could be distinguished. The user role could be split into end users (persons), their client software, application providers and others. These roles may coincide. The user role could also be a start-up, an established business or even a complete industry sector. Similarly, the validator role could distinguish core validators that participate in the central consensus algorithm, and edge validators that only vet incoming write requests and provide read access to the blockchain. Also the governing entity could be further subdivided. Nevertheless, we believe that the main three business roles suffice for the scope of this whitepaper, see Figure 1.
The following costs component may be distinguished in a blockchain ecosystem.
- Capital cost: processing, storage and networking hardware 
- Operational cost: connectivity, software, electricity, staff
- Governance cost: governing entity and governance processes
The distribution of these cost depends on the type and scale of the blockchain. Initial estimations indicate that staffing and governance may be the dominant cost in small-scale blockchains. Economies of scale splinter the fixed costs and consequently connectivity and electricity cost may be dominant in large-scale blockchains. We also note that blockchains typically sustain many more read than write operations, so even though a write operation is more costly than a read operation on an individual per operation basis because of the connectivity (and potentially validation) cost of the consensus algorithm, read operations could still on aggregate be the dominant cost factor per node and for the system overall.
Much more could be said about the techno-economics and their dependence on technical details of the blockchain design and its dominant applications. Nevertheless, we believe that the above analysis suffices for the scope of this whitepaper, see Figure 2.
Like any infrastructure, costs need to be covered. If usage is measurable, then typically costs are allocated to users. On the highest abstraction level, users are expected to pay fees to interact with the permissioned blockchain. These fees are used to finance the operations of the validators and governing entity. In many blockchains, there are only fees for write operations and not for read operations. This is a bit similar to open-access publication, where the authors incur the full cost of the publication or telephony networks where the caller (initiator) pays for the call and not the receiver. A main reason is that read operations help verifying the integrity of the blockchain and should therefore have little barriers (costs). However other tariffing models could be applied as well, like subscription models, read fees, data-storage fees and combinations of these, similar to retail models for telephony and internet access, see Figure 3.
A permissioned blockchain can be seen as a generic and managed data infrastructure with conditional access. We found this to be analogous to telecom industry where infrastructure is made available via ‘wholesale’ to multiple types of use and service providers. I.e. competing internet access service providers (ISPs) may use the same physical infrastructure provided under wholesale agreements to ‘resellers’ that typically add valuable services to the offer.
Looking a level deeper, questions arise to whom the users pay their fees, how the tariffing models are established, and how the fees are distributed throughout the blockchain ecosystem. Figure 4 sketches three basic wholesale models for this.
a) A user pays the governing entity, which pays the other roles.
b) A user pays a validator, which pays the others.
c) A user pays multiple validators, which pay the others.
Other more dynamic and hybrid models are left out of scope here.
Model a) is a subcontracting model. It may be an efficient model to kickstart a permissioned blockchain, but it has serious sustainability problems. First of all, the validators may consider the governing entity as their customer and not the users, which skews the business relationships and lays the say at the governing entity, which seems to be in contrast with the distributed aspect of the blockchain philosophy as it clearly introduces a (single) middle man. This drawback may be addressed by establishing the governing entity as a joint venture (or other aggregating entity like a foundation) of the validators. This will at least align some incentives. Also this model has no intrinsic incentives for the governing entity to keep its operations as efficient as possible, given its dominant position in the monetary flows.
Given the symmetries it would make sense that all validators are paid equally. So more efficient validators earn more money. Still the economic market pressures are unclear. If the fees are high, then more parties want to become validator and competitive regulation may not prevent this. Additional validators means additional cost in the business ecosystem, which may put upward pressure on the fees. Conversely, if fees are low, then less efficient validators will need to drop out, lowering the cost of the business ecosystem and driving it towards a no-longer distributed single-validator system.
Model b) is a classic two-sided business model  , well known from telecommunications and the internet. Each validator has some users as its retail customers. They could offer all kinds tariffing models for their “blockchain access” service (and potentially in complement to other services), similar to telecommunication and internet access services (ISPs). Each validator would also have other validators as its wholesale co-providers, as the proposition of the point-of-contact validator is largely depending on the co-providers, whereas the willingness of co-providers to co-provide to the point-of-contact validator largely depends on the set of users it represents. The wholesale service here is the consensus process where data/transaction/code are written on the blockchain by the group of co-providing validators.
The default wholesale payment model is mutual cancellation of any wholesale payments if volumes are more or less equal. In such case each validator should finance its full operation from its own user fees, including payments to the governing entity. A more advanced model includes inter-validator payments, and these payments could be differentiated and even bilaterally negotiated. In such a model, a sufficient number of validators would need to be rewarded to write a transaction, for example a qualified majority, a user-determined number or a user-specified set. It should be noted that the more control of the ‘subcontracting’ validation the user contact point has and the more untransparent the underlying arrangements are, the less this model is in line with the blockchain philosophy. It is for further study whether and how a viable two-sided business model could be designed for public permissioned blockchains. Existing two-sided business models could serve for inspiration.
The governing entity has a less prominent role in perspective of the users and merely serves to facilitate the communication and standardization of the validators, as is typically the case with an association of peers.
Model c) is also a two-sided business model, albeit not a classic one. That is, we are not aware of any similar two-sided models from other sectors. The key feature of this model is that the user selects multiple validators, e.g. a qualified majority or a user-specified set. Similar to model b), validators would compete for users as their retail customers, and there could also be associated inter-validator wholesale business arrangements. Again, it is for further study how such a two-sided business model could be designed to be economically viable and sustainable, driving towards efficiency and low transaction cost, while maintaining a diversity of validators.
The role of the governing entity in this case is both to facilitate inter-validator communication and standardization as well as to ensure independence of selected validators for the user.
In this sense model c) combines aspects of model a) and model b).
Public permissioned blockchains are a relatively young phenomenon, being in its start-up phase. Their promise is to be a best-of-both worlds between volatile cryptocurrency-based unpermissioned blockchains and closed small-scale sector/application-specific private blockchains. However, their long-term business models are yet unclear. In practice the difference between the proposed models is relatively fluent in the sense that relatively minor changes in the governance can imply a shift from one model to the other. E.g. requiring a user to select two or more instead of one validator from a managed list implies a shift from model b) to model c). This means that it is possible to experiment with these models in practice.
There may be intrinsic paradoxes between healthy competition between validators and the distributed-ness of the blockchain, but perhaps not. Bitcoin proved the Zooko’s triangle  incorrect . Something similar may be true for public permissioned blockchains. We believe that this possibility makes the following research questions worth studying.
Based on the above analysis, we can formulate a set of research questions.
- Are there any viable and sustainable business models for public permissioned blockchains that drive towards efficiency and low transaction cost, while maintaining a diversity of validators?
- Are there any of such for a subcontracting model with central fee collection?
- Are there any of such for a two-sided model with inter-validator payment?
- What are preconditions and maturity indicators for establishing these models and what are possibilities and indicators for moving from one model to another?
This whitepaper does not consider competition between blockchains. In a from a user perspective ideal business ecosystem, there would be no major blockchain lock-in. Users would and should be free to migrate their business to a competing blockchain, be it public, private, permissioned or unpermissioned. Perhaps the inter-blockchain economic forces will play a positive role here.
Oskar van Deventer and Frank Berkers
M.O. van Deventer et al.,
“Stichting Consortium Blockchain Nederland – towards a Dutch blockchain infrastructure”,
TNO whitepaper, February 2018.
Rochet, Jean‐Charles, and Jean Tirole.
"Platform competition in two‐sided markets."
Journal of the european economic association 1.4 (2003): 990-1029.
Eisenmann, Thomas, Geoffrey Parker, and Marshall W. Van Alstyne.
"Strategies for two-sided markets."
Harvard business review 84.10 (2006): 92
 Typically such costs can be shifted to operational costs, e.g. when outsourced to a cloud provider. However, eventually these infrastructural elements imply investments.
 Rochet, Jean‐Charles, and Jean Tirole. "Platform competition in two‐sided markets." Journal of the european economic association 1.4 (2003): 990-1029.
 Eisenmann, Thomas, Geoffrey Parker, and Marshall W. Van Alstyne. "Strategies for two-sided markets." Harvard business review 84.10 (2006): 92.