Permissionless and permissioned blockchains are in use every day, but how do you determine which one is right for your organization?
To start, permissionless means that no authorization is required. In most cases, this refers to blockchains that are open to anyone, where users can remain anonymous and no single entity controls the network.
What is a blockchain and how does it work?
A blockchain is an immutable ledger: a record of transactions that represents the activity on a given network.
While the desire for a distributed transaction system had been around for some time, the invention of Bitcoin and cryptocurrency more broadly brought this technology into the mainstream. Bitcoin is a useful starting point for understanding how a blockchain typically operates.
In a cryptocurrency network, a blockchain generally works through the following processes:
Transaction: A user exchanges a token (in this case, a bitcoin) with another user. At the heart of any blockchain is the idea that the record of this exchange is available to the governing mechanisms of the network. In the case of Bitcoin, this is a public ledger, though private systems may function differently.
Peer-to-peer network transmission: Transaction information is encrypted and organized into "blocks" of collected transactions, each unique to that transaction and signed with a complex key as a block signature.
Validation: To ensure entries in the chain are legitimate, the network employs a validation mechanism. Public blockchains typically use either a "proof-of-work" (POW) process, where nodes perform reverse cryptographic operations on the signature to verify it, or a "proof-of-stake" (POS) system, where nodes put up tokens as part of the verification process.
Block clusters and ledger commit: Validated blocks are placed at the end of the ledger, committed and immutable. At that point, the ledger record cannot be altered without a dramatic effort, including forking the entire chain.
While Bitcoin is the origin point for blockchains, the core technology has rapidly evolved to find application in specialized and enterprise systems.
What is a permissionless blockchain?
The push to adapt blockchain for modern, security-oriented contexts drove a general split between two types of blockchain organizations:
Permissioned systems: Pseudo-decentralized blockchains that operate in private enterprise contexts for data management.
Permissionless systems: Public, radically decentralized blockchains.
Permissionless blockchains
Permissionless blockchain ledgers are notable for their radical decentralization, including full transaction transparency, open-source development models, and the absence of any central authority.
Key benefits of permissionless blockchains include the following:
Open architecture: No central authority manages the network. Any user can add a node, and that node can participate freely.
Transparency: Every transaction is open and visible to any node on the network, which is critical for maintaining auditable records. That said, it also means any sensitive data included in a transaction is fully visible.
Pseudo-anonymity: Users can participate through an alphanumeric ID, and as long as no real connection is drawn between that ID and the user, it is difficult to trace one to the other.
Radical decentralization: User activity and transaction verification are fully distributed, allowing the network to grow without a central authority. Everything operates via peer-to-peer mechanisms.
Network resilience: The network is resilient to attack. Overwhelming it would require controlling 51% or more of the nodes, which is prohibitively difficult at scale.
Permissioned blockchains
Permissioned blockchains are closed versions of their permissionless counterparts. While this changes what they can do, it also enables them to serve in many roles that support decentralized enterprise applications.
At its core, a permissioned blockchain is one where a central authority controls aspects of the network, from user access to data encryption, typically by making the blockchain private.
Key benefits of permissioned blockchains include the following:
Security for sensitive data: Permissionless systems provide robust network resilience, but all data is transparent. Permissioned blockchains trade radical decentralization for stronger security around private information, making them viable for storing personal data, login credentials, and identity information on the blockchain.
Customization: Permissioned systems give central operators more control over how the ledger works, what it stores, and who can use it, compared to the broader, more uniform scope of permissionless systems.
Speed: Permissionless systems, especially those relying on proof-of-work verification, are slow at scale. Permissioned systems can scale readily to meet organizational needs.
Decentralization: While permissioned blockchains are less decentralized than their public counterparts, they are still distributed. This means they don't present the same honeypot that a traditional database system might.
In general, enterprise permissioned blockchains are more secure, scalable, and configurable than permissionless alternatives, even if they are less public and radically decentralized.
Permissioned blockchain for identity management with 1Kosmos
Private blockchains are quickly becoming a viable successor to traditional databases. They are more resilient to attack, provide better data ownership mechanisms for end users, and offer a stable platform for decentralizing authentication across a variety of devices.
1Kosmos is at the forefront of permissioned blockchain technology in the decentralized identity management and authentication space. Contact us to learn more and see it firsthand.
About the author
1Kosmos
1Kosmos enables remote identity verification and passwordless multi-factor authentication for users to securely transact with digital services.
