Cardano transaction is not a bank transaction
Blockchain transactions are different from banking transactions and it is good, bad, and ugly. Let's talk about the differences in the article and describe the advantages and disadvantages. We will also explain how important is a transaction context.
How a blockchain transaction differs from a bank transaction
Alice wants to send some fiat money to Bob. Alice asks Bob for his bank account and sends him the money from her bank account. This is a very simple and basic scenario. Let’s have a look at a few details.
What if Alice types the Bob bank account number wrongly and the money will be sent to Carol? The transaction is reversible. Alice will contact the bank and explain the situation. It is possible to find out the identity of Carol since the creation of all bank accounts require KYC. Alice’s bank can send an official request to Carol and ask her to send the money back. If Carol refuses that then Alice’s bank contacts a given authority that will solve the issue. Carol has committed illegal enrichment by keeping money that has been sent to Carol’s account by accident. The law of a given country usually takes this scenario into account and has a solution for it. Notice that Alice is protected by the law from making a silly mistake that would result in losing money.
Alice does not hold all her money by her. She has just a part of her money in cash for daily spending and the majority of her money sits in the bank. The bank is actually responsible for Alice’s money. Alice has some form of internet banking to be able to give the bank a spending order. There is no middleman in the world of blockchain technology that would be responsible for the money of Alice or for your money. Everybody is directly responsible for his or her money and it means that there is no mechanism that could help you to get your money back in case you send coins or assets to the wrong address. Blockchain transactions are irreversible. Once the owner of the coins signs a transaction and the transaction is inserted into a new block the transaction will be in the blockchain forever. What is even worse, there is no authority or mechanism that would tell you whose address you have wrongly sent the coins. If you are lucky you will find out that you have sent coins to the same address in the past and that it is the address of Carol. So you can ask Carol to send you your coins back. Nevertheless, if Carol refuses to do so, then it depends on a given country whether the case is considered as an illegal enrichment as it is the case with the fiat money. In the case of banks, the authority can order to freeze Carol’s bank account or take her the money that belongs to Alice. It is not possible in the case of the blockchain. The authority can just order Carol to send coins back to Alice via a blockchain transaction. If she refuses, then the authority must act within the fiat money world or punish her physically by putting her in prison.
What if Bob’s bank receives a piece of information that Bob has committed something wrong and no money can be sent to his bank account? Then the bank just acts as the authority orders. It does not matter whether it is true or not. The bank will not ask Bob for details and it will inform him about the fact. That is all. The bank can actually censor transactions on both sides. On the side of the sender or on the side of the recipient. Bob will not be able to send money to anybody from his account. It will never happen in a blockchain network. The process that selects transactions and gives them into new blocks is fully automated and a group of independent computers does the job. Even if one operator decides to block for example Bob’s transaction some other will insert it into a block. Once the transaction is processed by the network the recipient will receive the coins and has the right to spend them.
Pool operators are scattered all around the world in the case of the Cardano network. It is nearly impossible for authorities to provide them with the necessary context regarding some blockchain addresses and ask them for help. Even if the authority knew Bob’s address it would be nearly impossible to ask all operators not to process transactions with the address. Pool operators are often anonymous and there is currently no mechanism or tendency to deanonymize them. Banks have postal addresses and belong to some jurisdictions. There are mechanisms in place that enable quickly freeze a bank account. Cardano pool operators belong to given jurisdictions but they do not often need to inform authorities about their activities and they do not need to provide postal addresses. In the case that pool operators announce the activity to the tax authorities there often has not been prepared the legislation regarding the operating of pools. It is the place where we expect a clash between the authorities and blockchain technology. The authorities will probably require the same level of control that they currently have over banks. They do not currently have control over blockchain networks but the need to gain control will likely appear with the rising adoption of the technology.
Every transaction has a context. The pure transaction networks like Bitcoin do not care about the context at all. The context knows the sender and receiver of the transaction. If the transaction is valid the network just processes it. Every transaction in the blockchain is valid from the network perspective. However, it might not be the case from the perspective of users and authorities. For example, Bob steals cell-phones and sells them on the internet. Alice has bought a cell-phone from Bob for 1000 ADA coins. Bob has managed to sell many cell-phones and has earned 100,000 ADA coins. One day, the authorities notice Bob’s illegal activity and arrest Bob. The authority will confiscate all cell-phones from buyers including Alice. All transactions that buyers have sent to Bob are still valid from the network perspective. They have been valid at the time of paying for the cell-phones and they will be valid forever from the network perspective. What has changed, however, is the context in the physical world. Alice has bought a cell-phone that has been confiscated by the authority. So she does not have the cell-phone and she wants back her 1000 ADA coins. Only Bob is able to sign a transaction from his wallet so only he is able to send ADA coins back to buyers or the authority. Now imagine that the authority would not be able to arrest Bob but it would confiscate cell-phones. Bob could spend the ADA coins that he got from the illegal activity. What can the authority do? The Bob address and related coins are known since all buyers have paid to the same address. The authority could hypothetically try to prevent the usage of the address by asking or ordering all pool operators to not insert a transaction with Bob address into a block. As we said, there is no such mechanism at the moment. The authority could also freeze an exchange account if Bob makes a mistake and send coins to a centralized exchange. If Bob paid in a restaurant then the authority can easily track the transaction and find out that the recipient is the restaurant. Should the restaurant give back the coins? We do not have the ambitions to resolve the problem and satisfy all participants. We just wanted to highlight the importance of the transaction context and the difference between the perception of transactions from the point of the network and the physical world.
Cardano, and many other blockchain projects, have irreversible transactions and they are censorship-resistant. Is it actually good or bad? It depends on your perspective and context. Some people like these qualities but others do not. Sending a lot of coins to a wrong address without a chance to reverse the transaction is an unpleasant situation that makes nobody happy. On the other hand, if you like freedom and full control over your money, you will like blockchain technology. It was a user perspective and users can freely decide whether they want to use blockchain or not.
Governments are responsible for many things that happen in the physical world. If they allow people to use blockchain technology that interacts with the physical world, then they necessarily have to learn how to interact with the digital blockchain world. For the governments, it is not a choice but a necessity. So, governments will have to find a way to deal with the nascent blockchain technology and prepare a legal framework. Authorities will probably not like that they have no control over blockchain networks and the crypto industry should not blindly ignore the needs of the real world. It does not mean, however, that it should be possible to freeze blockchain addresses. It means that the technology must mature and prevent users from making silly mistakes or enable recipients to decide which transactions they are willing to accept.
Do we need a transition context?
Let’s ask a question. Should we keep the digital and physical worlds separated from each other as it is now? Or, should we strive for bringing these two worlds closer together? It is a tough question and many individuals would have different opinions on that. The goal is to find a solution that will satisfy the majority of users. As we have already said, there is always a context behind every transaction. The full context always exists only in the physical world and people use technologies to help them to simplify, securitize, or fasten some processes. Only direct participants of a transaction know the full context with all details. Details that have been arranged in the physical world and it does not matter, whether participants agreed on something via discussion, via phone call, or via a paper agreement with their lawyers. It is not possible to separate the physical context from the digital transaction from the human perspective.
Let’s modify the question a bit. Should the blockchain know and work with the context or even store the context of transactions? Currently, transactions are mostly stored without the context. When you randomly browse transactions you can see only addresses and values. Even if there is some data appended to a transaction, without the physical context you can just guess what that means. Without other data that could be analyzed, for example, the network traffic or information collected by centralized exchanges, it is impossible to link blockchain addresses with owners. Users generally like that data in blockchain networks are not fully transparent. It is impossible to randomly show at a transaction and tell who sent the value to whom and why. It is expensive to store data in the blockchain and we will definitely come to the point where we will need to prune the history. Without pruning a blockchain would just grow forever. We will probably be able to deal with the growing blockchain. In our opinion, the abilities of blockchain technology should be improved to allow users to work with context more digitally. It does not necessarily mean that more data will be stored in the blockchain or that privacy will be negatively affected. Useful cryptographic material is already used during sending transactions and every transaction has an ID. It can be utilized to improve user experience and reliability of the technology.
We can use smart contracts technology for describing a social context and use it in the digital world. It can help in many cases mainly in situations where participants do not know and trust each other. A transaction can be surrounded by a condition and the smart contract can be responsible for the evaluation of the condition and acting upon the result.
Would it be possible to prevent sending money to wrong addresses? Yes. Let’s firstly describe the current practice. Alice wants to send coins to Bob and ask him for his wallet address. Bob sends Alice his address via email and waits for coins. Alice copy/paste Bob’s address into her wallet and sends coins to Bob’s address. It usually works fine. Nevertheless, there are cases when it might fail. For example, malicious software can change Bob’s address during the copying process and if Alice will not notice it then the attacker wins and receives Alice’s coins. Alice should have compared the address in the email with the address that she has copied into the wallet. The malicious software can even change the address in the email that Alice has received from Bob. In this case, Alice has no chance to reveal it by comparing the address in the email with the address that she has copied to her wallet. She believes that it must be Bob’s address. Yet another scenario. Alice can wrongly copy the address and omit a few characters at the beginning or at the end. Some wallets can recognize a wrong address and warn her, some not. Alice can decide to send the coins the next day or even the next week and then she finds a different address in a different email. Hopefully, Alice will not decide to rewrite the address manually. As you can see, Alice can make a lot of silly mistakes. How to improve it? Bob, as the recipient, would check his own address and confirm it to Alice before the transaction is sent. How to achieve it? Let’s have a look.
For example, we can imagine a smart contract that would finish the sending of a transaction after providing a secret that the sender would provide to the recipient. So the recipient would have to provide the secret to the contract. It would be a kind of double-check. The secret could go by a different communication channel and you can find many use-cases in which the secret is provided by the sender under fulfilling certain conditions in the real world. Alice, as the sender, would just initiate the transaction. Bob, as the recipient, would finish it by checking the recipient address (actually his own address) and providing the secret to the contract. Instead of pushing the value from Alice to Bob, Bob would have to actively agree with receiving the value. Moreover, Bob needs to get the secret from Alice to receive the value. So Alice can lock the money in the contract for some time and Bob will need to get the secret from her. Otherwise, the value is sent back to Alice. This can be a bit overkill for a common transaction and it would be useful only for higher values or when the receiver has to confirm receiving the value (e.g. in case of some legal consequences). The solution must be nicely wrapped to a fancy UI so Alice and Bob might not even notice that the secret is used. Bob can just confirm the address belongs to him by pressing a button. Or the wallet itself could do it? We can see a lot of space for improvements in the user experience. A decentralized application can do the dirty work and users just enjoy the secure sending of value.
There is even a bit simpler solution on how to double-check the addresses of a transaction. Emurgo, one of the teams standing behind the Cardano, works on the SYRE protocol. The SYRE protocols enable sending an invoice. The invoice is created by a recipient of funds and it is signed by the private key that is related to the recipient’s address. It provides proof of the recipient’s address ownership. The invoice can be then sent on-chain to a payer as a data that is appended to the transaction. Alternatively, the invoice can also be sent off-chain, for example via email or SMS. The person that receives the invoice, the payer, can be quite sure that the invoice has been sent by the owner of the address. Thus, the payer is sure that the value will be sent to the correct address of the recipient. The invoice creator just needs to ensure that the invoice is sent towards the correct wallet. If the invoice is not paid in time then it can be checked whether the invoice has been sent to the correct person. In the case of a fault, there is no financial loss. The payer knows from whom he or she expects an invoice and can verify the recipient’s address. The payer is not fully responsible for sending the value to the correct address. The risk is split to both sender and receiver and both can verify the correctness of addresses before the payment is sent. This or similar solution can be implemented not only in Cardano. It will work with other blockchain solutions well.
Do you remember Bob who has sold stolen cell-phones? Could we find some improvement here? Probably not. The issue is that the context changed after the payment transactions have been processed. Buyers have paid Bob for the cell-phones and believed that everything was ok. It changed at the moment when the authority confiscated their cell-phones. Would it be better with a bank account? Only in the case that Bob would keep money on the account. In this case, the authority could freeze the bank account and it would be possible to give money back to buyers. Bob would probably keep money in cash. As you can see, we need a solution for these cases. Transactions can be considered valid from the social context at the moment when they are processed but the context can change later. The change of the social context should be retrospectively reflected in the blockchain. Or not? Anyway, coins are always present in the blockchain but only the owners of private keys can sign transactions and spend them. It is not possible to confiscate the coins if an owner of the private key refuses to sign a transaction and it is not possible to find the private keys. At the moment, authorities can only watch coins, wait for their transfer, and hope that they will be able to find the owner of the recipient address. Still, there is no way to purify the coins. All coins are always pure from the blockchain perspective. Only the social context can make coins dirty. Higher coin fungibility and privacy could improve it from the user perspective. It would be more complicated to track coins and centralized exchanges would not be able to blacklist dirty coins. On the other hand, it would be more difficult for authorities to act in the physical world and put things in order.
When we need to link blockchain transactions with social context
In some cases, we intentionally want to link the social context with the blockchain transactions. Let’s consider the situation that you want to buy a house for 500,000 ADA. The real estate cadastre is not currently on the blockchain. So it is not possible to make an atomic swap and exchange ADA coins for a token that would represent the house. The cadastre in western countries usually works with paper agreements and it is required to have verified signatures on the agreements. The whole process of buying a house takes weeks and it often requires a notary as a middleman that takes the money of buyers into custody. Once the cadastre confirms that the house has the new owner the notary can send money to the seller. In this complex scenario, it is not possible to just send ADA coins from buyer to seller of the house. The buyer needs to be sure that the seller will really initiate the transfer of the house into the buyer ownership. That is why the trusted middleman with required expertise is needed.
The usual process is that the buyer sends ADA coins to the notary and the notary will send ADA coins to the seller when the buyer becomes the owner of the house. But wait a minute, make it sense to pay for the house by ADA coins when the middleman is needed? The buyer has to pay for the notary service. The most important role of the notary is the custody service. This use case could be nicely substituted by a smart contract. The buyer would lock the ADA coins in the smart contract. The smart contract would wait for the change of the ownership and then it would send the ADA coins to the seller. The smart contract would need data from Oracle services that would communicate with the cadastre or retrieve data from public service.
It would be nice to tokenize the house. Then, it would be easy to sell the house within a minute via a smart contract. The cadastre would need to accept the token as proof of the ownership. It is not a technological problem. People and authorities would have to agree on the fact that ownership can be represented by tokens on a given blockchain. Still, there would be many legal issues. For example, what to do when the owner lost private keys or somebody would steal them. The paper agreement and verified signatures ensure that the owner of the house really agrees with the selling. A verified signature could be hypothetically substituted by scanning of biometrical information but it is not probably sufficient protection. Anyway, we believe that technological progress and digitalization will resolve the issue.
By the way, buying a house is a nice example where we can see that it is not easy to use digital currencies in a fully decentralized way. Meaning without the middleman. Even if the buyer and the seller agree on avoiding the notary and just sign the paper agreements, then the cadastre is still the middleman. The seller is the owner of the house but it is needed to contact the cadastre in order to sell it. It would be easier with things that we can sell without the middleman. For example, bicycles for laptops. We can imagine a service that would tokenize physical things and provide a kind of proofs-of-ownership service. The producers would tokenize physical things at the beginning of the production and provide tokens during the selling.
With further adoption, we can expect many improvements in user experience. Users will require that to adopt the technology since they do not want to risk losing money just due to making silly mistakes. Projects will strive to provide the best possible solution for them. Cardano will have secure smart contracts and SYRE protocol can also help a lot. Users will definitely want to use human-readable addresses instead of long strings of characters. We need to isolate users from the cryptography similarly as web browsers do it. It is a challenge, but we need to face it. We hope that Cardano will come up with some great ideas.