Bootstrapping the Decentralized Autonomous Enterprise: Part 1

US presidential candidate Mitt Romney reminds us that businesses are people. Whether you agree with the conclusions his partisans draw from that argument or not, that statement certainly contains a great deal of truth. After all, what is a business but a specific group of people working together according to a specific set of rules? When a corporation owns property, what this really means is that there is a legal agreement that that property can only be used for certain purposes and under the control of the people who are currently the board of directors. The name itself may be modified by certain groups. shareholders. If a company does something, it is because its board of directors agrees that it should be done. When a business hires an employee, this means that the employee agrees to provide services to the business’s customers according to certain rules, especially those related to payment. A corporation’s limited liability means that certain people are given additional privileges to act with less fear of legal prosecution by the government. That is, a group of people with more rights than ordinary people acting alone, but ultimately people nonetheless. After all, it is nothing more than a contract with a person.

But a very interesting question arises here. Do we really need people? On the one hand, the answer is yes. Although some machines in the post-Singularity future will be able to survive on their own, the near future will require some form of human behavior to interact with the physical world. But on the other hand, over the last 200 years the answer has increasingly been no. The Industrial Revolution allowed for the first large-scale replacement of human labor with machines, now leading to the development of digitized factories and robotic arms that self-produce complex products such as cars. But this is just automating the floor. By eliminating the need for regular manual workers and replacing them with a small number of specialists, robots can be maintained without affecting company management. The question is whether we can approach the problem from a different direction. Even if humans are still needed to perform certain specialized tasks, can we instead remove management from the equation?

Most companies have some sort of mission statement. It’s often about making money for shareholders. In other cases, it involves moral obligations related to the specific product they are making and other goals, such as helping the community sometimes join the mix, at least in theory. Currently, this mission statement exists only insofar as it is interpreted by the board of directors and ultimately shareholders. But what if, with the power of modern information technology, you could encode your mission statement into code? That means creating inviolable contracts that generate revenue, pay people to perform certain functions, and find the hardware to run them themselves. Doesn’t all of this require top-down human direction?

Let’s talk about Bitcoin’s Daniel Larmier pointed out In his own exploration of this concept, in a sense, Bitcoin itself can be thought of as a very early prototype of just such a thing. Bitcoin has 21 million shares, and these shares are owned by people who can be considered shareholders of Bitcoin. You have employees and you have protocols for paying them. That’s 25 BTC to one random employee roughly every 10 minutes. It also has its own marketing department and is made up mostly of shareholders. But it is also very limited. You know almost nothing about the world other than the current time, and there’s no way to change any aspect of the feature other than the difficulty, and it doesn’t really change anything. do Anything in itself; It simply exists, and we leave it to the world to recognize it. The question is: Can we do better?

calculate

The first challenge is clear. How do such companies actually make decisions? At least given a predictable environment, it is easy to write code that takes given input and calculates the desired operation to perform. But who will run the code? If the code simply exists as a computer program on a particular machine, what’s stopping the owner of that machine from shutting it all down, or even modifying the code to send all the money to himself? There is only one effective answer to this problem: distributed computing.

However, the kind of distributed computing we are looking at here is not the same as the distributed computing of projects like SETI@home and Folding@home. Even in these cases, there is a central server that collects data from distributed nodes and sends requests. Rather, what is needed here is the kind of distributed computing seen in Bitcoin: a set of rules that decentrally self-verify their own computations. In Bitcoin, this is achieved with a simple majority vote. If you do not help compute the blockchain with a majority of network power, your block will be discarded and you will not receive block rewards. The theory is that no single attacker will have enough computer power to subvert this mechanism, so the only viable strategy is essentially to “go with the flow” and act honestly to support the network and receive block rewards. So can this mechanism be simply applied to distributed computation? That is, could we ask every computer on the network to rate a program and then reward only those whose answers match the majority vote? The answer is unfortunately no. Bitcoin is a special case because of its simplicity. Bitcoin is just a currency and has no assets or personal data of its own. On the other hand, virtual companies will likely need to store their private keys in a Bitcoin wallet. no one, it does not apply to everyone in the same way as Bitcoin trading. But of course the private key must still be available. So what we need is a system to generate Bitcoin addresses that can sign transactions and even compute them in a decentralized way. Fortunately, Bitcoin allows you to do exactly that.

The first solution that immediately comes to mind is multi-signature addresses. Given a set of a thousand computers that can be used to keep a business running, have each computer generate a private key and generate 501/1000 multi-signature addresses between them. To spend your funds, simply construct a transaction with the signatures of 501 nodes and broadcast it to the blockchain. The problem here is obvious. The transaction will be too large. Each signature makes up approximately 70 bytes, so 501 of them create a transaction of 35KB. This essentially makes it very difficult to be accepted as Bitcoin on the network. Refuse transactions with scripts exceeding 10,000 bytes.. Second, the solution only applies to Bitcoin. If a company wants to store personal data for non-financial purposes, multi-signature scripts are useless. Multi-signature addresses work because there is a Bitcoin network that evaluates them and places transactions on the blockchain based on whether the evaluation is successful or not. For personal data, similar solutions essentially require a decentralized authority to store the data and only provide it if the request has 501 of the 1000 required signatures. That means we can go right back to where we started.

But there is still hope in another solution. The common name cryptographers give it is “secure multi-party computation.” In secure multi-party computation, the input to the program (or more precisely, the input to the simulated “circuit”, since secure multi-party computation cannot handle “if” statements and conditional looping) is split using the following algorithm:Sharing Shamir’s Secret, each participant is provided with a piece of information. Shamir’s secret sharing allows you to split any data into N pieces, recovering the original data with only K pieces (K-1 missing). Just choose K and N when running the algorithm. 2/3, 5/10, and 501/1000 are all possible. The circuit can then be evaluated on pieces of data in a distributed manner. That is, at the end of the computation, everyone has a portion of the result of the computation, but at no point during the computation does a single person get even the minimum result. You can get a glimpse of what’s going on. Finally, we put the pieces together and reveal the results. The runtime of the algorithm is O(n3). This means that the number of computational steps required to evaluate a calculation is roughly proportional to the cube of the number of participants. With 10 nodes, that’s 1000 computation steps, and with 1,000 nodes, it’s 1 billion steps. A simple billion-step loop in C++ takes about 20 seconds on my laptop, and my server can do it in less than a second, so 1000 nodes is currently roughly at the limit of computational practicality.

As a result, secure multi-party computation can be used to generate Bitcoin addresses and sign transactions. The protocol for address generation is simple.

1. Everyone generates random numbers with their private key.
2. Everyone calculates the public key corresponding to the private key.
3. Everyone publishes their public key and uses Shamir’s secret sharing algorithm to compute a public key that can be reconstructed from 501 of the 1,000 published public keys.
4. An address is generated from that public key.

Because of the public key Addition and subtraction possible , multiplication, and even division by integers. Surprisingly, this algorithm works exactly as expected. If everyone combines their 501-of-1000 private keys in the same way, those private keys can be used to spend money sent to an address generated by applying the 501-of-1000 algorithm to the corresponding public keys. This works because Shamir’s secret sharing is actually just an algebraic formula. That means you can calculate this formula “against” the public key just as easily as you would an address, using only addition, subtraction, multiplication, and division. As a result, it does not matter whether the transformation from private key to public key is done before or after the algebra. Transaction signing can be done in a similar way, but the process is somewhat more complicated.

The benefits of secure multi-party computation extend beyond Bitcoin. It can also be easily used to run the artificial intelligence algorithms that businesses need to run. Even so-called “machine learning,” the common name for a set of algorithms that detect patterns in real-world data and allow computers to model them without human intervention and are widely used in areas such as spam filters and self-driving cars, is “just algebra” and safe. It can also be implemented in multi-party computation. In fact, any computation is possible if it is decomposed into circuits for individual bits of the input. There are naturally some limits to the possible complexity. Converting complex algorithms into circuits often adds complexity, and as explained above, sharing Shamir’s secrets can itself be expensive. So in practice it should only be used to implement the “core” of the algorithm. More complex, higher-level incident tasks are best tackled by external contractors.

Are you interested in this topic? Parts 2, 3, and 4 explore how decentralized enterprises can interact with the outside world, how simple secure multi-party computation circuits work at a mathematical level, and how these decentralized enterprises can make a difference in the real world. I expect two examples for:

See also:

http://letstalkbitcoin.com/is-bitcoin-overpaying-for-false-security/

http://bitcoinmagazine.com/7119/bootstrapping-an-autonomous-decentralized-corporation-part-2-interacting-with-the-world/

http://bitcoinmagazine.com/7235/bootstrapping-a-decentralized-autonomous-corporation-part-3-identity-corp/