When you ignore the benefits and exaggerate the risks
New BIS paper adds to the library of future papers that can be circular-cited to justify onerous regulations intended to prevent the benefits of permissionless blockchains from materializing
New paper from Bank for International Settlements:
Novel risks, mitigants and uncertainties with permissionless distributed ledger technologies
h/t @Discobanker
Permissionless blockchains as a settlement layer present numerous opportunities for any participant. This includes financial market participants, should they choose to experiment with permissionless blockchains for settlement between themselves. This irks some people at the BIS for some reason, for whom the alternative of a 'Finternet' is much preferred. This paper adds to the library of future papers that can be circular-cited to justify onerous regulations and legal architecture intended to prevent the benefits of permissionless blockchains from materializing.
Categories of risks
Governance risk
decentralized governance poses a challenge for regulated entities (what challenge that is, is an exercise left to the reader)
off-chain governance is time-consuming (ok?)
51% attack risk
Acknowledged as not likely as it would be counter to the incentive of the attacker
Legal and compliance risk
mishmash of non-specific AML concerns: "Permissionless blockchains pseudonymize participants [complicating KYC, AML, CFT]" sourced in a circle as per... FATF which simply states by diktat that "cryptoassets can be used for illicit purposes"
settlement finality is probabilistic and long
lack of privacy of transactions (despite this being a clear mitigant to the first concern in this list)
MEV may run afoul of consumer protection regulations as it is, again circular sourcing per Auer, "front-running" (it is not, as front-running needs prior knowledge of the activity that is being front-run)
Additional risks
Liquidity risk: for e.g. the higher frequency of market feedback in stablecoins means they are more susceptible to capital flight than a regular bank. With an open mind, we could also see this as a feature to be designed for, rather than a bug to be stamped out
Mitigants proposed
Business Continuity Planning
Smart-contract based permissioning (whitelists, blacklists, ZK KYC and centralized control)
Permissioning node infrastructure
KYC L2s
Technology to guarantee settlement finality
Risks of the mitigants
The idea of a neutral settlement layer is that it is unopinionated by design. If someone wants to build a KYC Layer 2 for the Western world, that's fine and very much possible. It does have the effect of boxing in many of the productivity benefits of neutral settlement layers to favor incumbent payment networks. That said, there is likely something of a Faustian bargain to be made with any infrastructure that seeks to integrate with a heavily regulated, existing economy, such as global capital markets.
The biggest risk the paper poses to the roadmap of Ethereum as a neutral settlement layer is the idea that permissioned nodes can mitigate operational and market risks for regulated entities at the Layer 1 level.
To begin with, 'permissioning' a set of validators does not change the fact that they are operating as part of a broader mesh of validators that run the network as a whole. Legal and compliance risks are not actually mitigated by this. Any mining or staking activity that takes place within a permissionless blockchain is undifferentiated technically from another. By participating in the consensus algorithm at all, it necessarily supports the network in validating any transaction.
Next, attempting to eliminate MEV through regulation by only allowing 'permissioned nodes' is doubly an error. Firstly, in mislabeling MEV as a form of 'market manipulation' that can be stamped out through enforcement. Secondly, in mistakenly considering that a validator plays an 'active' role in a consensus algorithm.
The accurate way of building a 'permissioned network' as described is through a specialized L2 or 'enterprise blockchain' if you will. Many of the risks described still do not disappear and many new risks materialize, notably around counterparty exposure.
Finally, the description of the alternative to permissioned nodes as 'nodes operated by criminals or other sanctioned parties' is simply unhinged. Clearly, this is not the only alternative. It is extremely unlikely that the solo staker running a NUC in their cupboard is participating in L1 consensus in order to somehow evade sanctions (as they would not be able to). Furthermore, there is no guarantee either that a permissioned node would not support business by criminals or other sanctioned parties.
Conclusion
It is standard Praxis for elements in the BIS with an agenda to stamp out permissionless blockchain technology to highlight and exaggerate risks, while proposing solutions that essentially reduce to 'continue using centralized systems'. Citations are self-referential and often lack explanatory power or insight. The biggest risk in this new contribution to a growing library of North Korean harvest reports from Basel is that it suggests we surrender the idea of permissionless blockchains, so that regulated entities can continue benefiting from delegated exorbitant privilege over the financial system.