Permissionless vs. Permissioned Blockchains: Pros & Cons

Permissionless and permissioned blockchains are being used every day, but how do you figure out which one you should use?

What does permissionless mean? Permissionless means that it does not require authorization. In most cases, this refers to permissionless blockchains that are open to anyone, where users can remain anonymous and no one entity controls the blockchain.

What Is a Blockchain and How Does It Work?

A blockchain is an immutable ledger, a record within a system of transactions that represents the activity on that network. 

While the desire for a distributed transaction system has been around for a few years. The invention of Bitcoin, and cryptocurrency more broadly, brought this technology into the limelight. Discussing Bitcoin can help explain how a blockchain will typically operate.

Generally, a blockchain in a cryptocurrency network will work through the following processes:

  • Transaction: A user exchanges a token (in this case, a bitcoin) with another user. At the heart of any blockchain, rooted in the exchange of immutable tokens, is the notion that the record of this exchange is available to the governing mechanisms of the exchange network. In the case of Bitcoin, this is a public ledger, but in private systems, this may function differently. 
  • Peer-to-Peer Network Transmission: The security and function of a crypto network operate through advanced encryption (hence the name “crypto”). Transaction information is encrypted, organized into “blocks” of collected transactions unique to that transaction and signed with a complex key as a block signature. 
  • Validation: To ensure that the entries in the chain are legitimate, the network will employ a validation mechanism. In the case of public blockchains, this includes a “proof-of-work” (POW) process (where other nodes perform reversed cryptographic operations on the signature to verify it) or “proof-of-stake” (POS) systems (where nodes put up tokens as a “stake” as a part of the verification process).  
  • Block Clusters and Ledger Commit: Blocks that have been validated are then placed at the end of the ledger, committed and immutable. At this point, the extension of the ledger record is unchangeable without a dramatic effort, including forking the entire chain.

While Bitcoin serves as the origin point for blockchains, the core technology has rapidly evolved to find application in specialized and enterprise systems.

What Is a Permissionless Blockchain?

The biggest change from the original conception of a blockchain was to try and fit the technology into modern, security-oriented contexts. 

The public form of the blockchain was technically secure because it was resistant to brute-force attacks and double-spending. However, it’s not a technology you could trade sensitive information on because that information would become visible to everyone on the network. 

To address these issues, there has been a general split between two types of blockchain organizations:

  • Permissioned Systems: Pseudo-decentralized blockchains that operate in private enterprise contexts for data management.
  • Permissionless Systems: Public, radically decentralized blockchains.

Permissionless Blockchains

Permissionless blockchain ledgers are notable for their radical decentralization. This includes mechanisms for full transparency of transactions, open-source development models, and a lack of central authority. 

Permissionless blockchains have a few key benefits:

  • Open Architecture: Permissionless blockchains do not rely on a central authority to manage the network. This means that any user can add a node, and this node can participate in the network. 
  • Transparency: Every transaction is open and visible to any node on the network—a critical part of maintaining auditable transactions. Conversely, however, this also means that any sensitive data put into a transaction is also completely visible.
  • Pseudo-Anonymity: Users on permissionless systems can remain semi-anonymous. That is, the user can participate through the use of an alphanumeric ID, and so long as no real connection is drawn between that ID and the user, it’s difficult to trace one from the other. 
  • Radical Decentralization: The decentralization of user activity and transaction verification means that the network can grow quickly without the central authority to manage it. Everything operates via peer-to-peer mechanisms. 
  • Network Resilience: While transaction data isn’t very secure, the network is resilient to attack. Hackers can only overwhelm the network by controlling 51% or more of the nodes, which is prohibitively difficult in a massive network. 

Permissioned Blockchain

Permissioned blockchains are closed versions of their permissionless counterparts. While this changes the landscape of what they can do, it also empowers them to serve in many different roles that can bolster decentralized enterprise applications. 

At its heart, a permissioned blockchain is one where a central authority controls aspects of the network, from user access to data encryption and access, typically through making the blockchain private. 

Some of the benefits of permissionless blockchains include the following:

  • Security for Sensitive Data: While permissionless systems provide robust network resilience, the trade off is that all data is transparent. Permissioned blockchains trade radical decentralization for more security around private information. This makes a permission system viable for storing personal data, login and identity credentials on the blockchain, etc.
  • Customization: Permissionless systems are simple and overarching in their scope, meaning that they usually provide a baseline of functionality that can work over a huge scope of work. Permissioned systems, on the other hand, provide central operators more control over how that ledger works, what it stores, and who can use it. 
  • Faster: Permissionless systems, especially those that rely on proof-of-work verification systems, are painfully slow with any appreciable scaling. Permissioned systems, on the other hand, can scale readily and with the need of their organization. 
  • Decentralization: While the decentralizing capabilities of a permissioned blockchain aren’t as vast as those for their permissionless counterparts, they are still decentralized. This means that they don’t provide the same honeypot that, say, a database system might. 

In general, enterprise permissioned blockchains, while less public and decentralized than their counterparts, are more secure, scalable, and configurable. 

1Kosmos: Permissioned Blockchain Service for Identity Management

Private blockchains are quickly becoming a potential successor to traditional databases. They are more resilient to attack, provide better ownership mechanisms for end users, and provide a stable platform for decentralizing blockchain authentication across a variety of devices. 

1Kosmos is on the forefront of advanced permissioned blockchain technology in the decentralized identity management and authentication space. Features of our BlockID platform include the following:

  • Private and Permissioned Blockchain: 1Kosmos protects personally identifiable information in a private and permissioned blockchain and encrypts digital identities and is only accessible by the user. The distributed properties ensure that there are no databases to breach or honeypots for hackers to target.
  • Identity Proofing: BlockID verifies identity anywhere, anytime and on any device with over 99% accuracy.
  • Streamlined User Experience: 1Kosmos provides simple user onboarding and convenient access anywhere, anytime and on any device. The experience can be delivered via the BlockID app or integrated via our SDK into your custom app.
  • Identity-Based Authentication: We push biometrics and authentication into a new “who you are” paradigm. BlockID uses biometrics to identify individuals, not devices, through credential triangulation and identity verification.
  • Interoperability: BlockID can readily integrate with existing infrastructure through its 50+ out of the box integrations or via API/SDK.

To learn more about decentralized authentication, watch our webinar on Digital Identity, Passwordless Authentication and a Path to Frictionless Zero-Trust Architecture. Also, make sure to sign up for the 1Kosmos newsletter for more information on products and services.

Enabling Digital Business with Decentralized Identity
Read Here
Meet the Author

Javed Shah

Former Senior Vice President Of Product Management

Javed has spent his entire twenty year career designing and building blockchain and identity management solutions. He has led large customer facing pre-sales teams, led product management for identity management platforms like the ForgeRock Identity Platform and the ForgeRock Identity Cloud. Javed has an MBA from UC Berkeley.