Q&A  | 

Samer Hassan

“We cannot trust that the code implemented is always right because there are always bugs.”

Tags: 'Blockchain'


Reading Time: 10 minutes

Samer Hassan is an activist, researcher and teacher, Faculty Associate in the Berkman Klein Center for Internet and Society at Harvard University, and Associate Professor at the Universidad Complutense de Madrid in Spain. His background includes Computer Science, Social Sciences and Artificial Intelligence.
His focus is on decentralized collaboration. Specifically, about how to build free/open source privacy-aware decentralized systems (e.g. blockchain) that may facilitate the sustainability of collaborative communities and social movements. Hassan has been recently awarded with EU’s largest individual research grant to work on Blockchain-based Decentralized Autonomous Organizations (DAOs) for bootstrapping a new type of Collaborative Economy.

How would you define blockchain?

Blockchain is mostly an assigned synchronization mechanism for a database replicated in a trustless peer to peer network, let’s say. So it’s a very elaborate synchronization mechanism for this replicated database in the network.


What makes blockchain so secure?

Well, on the one hand, cryptographic algorithms that we consider reliable. We don’t know what will happen in 10 years, if they will be broken or not, but nowadays we encrypt with these algorithms. And on the other hand, a network of peers that validate the chain. And when you model this mathematically, it’s considered actually very secure with the combination of peer to peer validation and cryptographic algorithms.


How is blockchain technology being used by the public sector?

Well, blockchain is barely used in real cases. There is a lot of boom, a lot of hype about it, but blockchain still has many structural problems. It’s very nice for research. It’s very nice for a startup to attract funding, but it is not reliable enough for legit scale implementation, neither in the private, nor in the public sector. There are small examples of applications typically with so called private blockchains or with distributed ledger technology more than blockchains but if we talk about Ethereum blockchains there is currently barely anything in terms of actual applications that citizens are interacting with and that the public sector has procured, or provided. There are some applications of the currencies, but still, I don’t know any example of proper use in the public sector that I would recommend, only pilots, many pilots, but only pilots.

In what specific areas can blockchain technology improve governance?

Well, I think that it could, but it is still an open question. We have seen how the governance of Bitcoin, for example, is pretty distributed where an algorithm is enabling the collaboration of a large network of users in different degrees of collaboration and the rules of interactions are all encoded in software. We already have that legally. We already have, for example, a non profit association which is an entity whose interactions are encoded in rules, in bylaws that define how the members of this organization are going interact with each other. Who has more responsibility, or who has the power to do certain things and who has not? And what are the methods for validating their decisions or removing someone from the role of power? We already have bylaws or legal contracts to deal with them, and now blockchain facilitates enormously the encoding of these agreements in a way that is intermediated because we already have a lot of rules embedded in code. We already have communities mediated by code like Airbnb when I’m interacting with others mediated by the rules established in the code of Airbnb. But the novelty here is that we don’t rely on a central intermediary. So we could self organize ourselves mediated or partially mediated by some code that doesn’t need a central entity to play the overlord. I think this has a lot of potential. I think it can facilitate distributed governance, something that we have been already seeing a lot.

We have seen communities rising and self-organizing themselves in order to provide wonderful outcomes. Of course the most famous example is Wikipedia, but there are many others. We see in Thinkdiverse many designers of 3D objects sharing their outcomes. We see of course open source software communities. We see many communities in the collaborative economy arising typically mediated by a central platform. So the question that arises is how this platform is governed, which in most cases is centrally governed. And with the integration of Wikipedia we have the Wikimedia foundation that control the servers. They are democratically elected.

In others like Uber or Airbnb, we basically have classical corporations. So blockchain disrupts the way this infrastructure is governed. The question, of whether the governance of these large communities could be completely automated, like in Bitcoin, or not, I would rather say no. Because of different cases in the blockchain ecosystem, we have seen how the problems of fully automatic governance, but still we can automate a lot of the processes and make more efficient large-scale organizations.


How do you see this technology evolving in the coming years?

Well, I would say that of course we need proper ways for it to scale because nowadays scalability is the main issue with blockchain. Whenever there is a small application that is successful in the ecosystem, it basically halts and slows down the whole network and all other applications. Well, this doesn’t make sense of course,  but there are very good people working on these problems, and very good proposals being tested out. So scalability is feasible in the coming years. I also see how they are more and more critical of the environmental impact of blockchain, which would be greatly diminished with the moving from proof of work to proof of stake – Ethereum has a good roadmap to follow and to implement. And probably there will be more hybrids, sort of decentralized and centralized systems, playing with each other in different ways.

Is it possible to fully decentralise governance?

Well, I would say that it is possible, another thing is if we want to. I mean in practice it’s true that even cases where the governance is very decentralized theoretically. With Bitcoin, there is concentration of power, for example, in the miner farms. When we are relying on coders and developers to manage these blockchains, we are giving them a lot of power in practice. The Therium Community, or the Vitalik in particular, they have a lot of power on how all the obligations within the federal ecosystem evolve, because every line of code has social and political consequences, so they are coding things that are very political. In social movements theory we have a lot of examples of very decentralized communities. So I think governance can be very decentralized. Another thing is if we want that, if it’s useful to have these points of power that can be legitimized democratically, that can be replaced if the community is against them, that they don’t have command control power but only influence interpretation, which is model for soft power. They are there as long as they follow what the majority of the community wants. Following that rough consensus approach that is common in open source communities. This is pretty decentralized. And of course we can keep exploring models of decentralized governance. This technology enables us to experiment that, in particular “Peer to peer models”, the project that I’m working on right now tries to facilitate that, the explanation and piloting of multiple ways of decentralizing governance. But it just still an open question. We need more research.


Can we trust this emerging technology?

Well, when you trust blockchain you are trusting basically two points. You are trusting the developing algorithms and the community of developers that is building it. Can we trust cryptography? Well in the short term yes, definitely.

We use cryptography for multiple of things all the time. Each time we buy on any online platform, we are using HTTPS so that some sort of cryptographic algorithm is working there with an exchange of certificates. So we are trusting cryptography everyday. We are also trusting open source communities all the time. We are using Android phones, many of us are using Linux, and more and more large platforms that we are using everyday, like Google or Twitter, are using open source software in all their services except the application layer. So I wouldn’t be so scared of trusting things that we have been trusting for quite a long time.

Are there any risks of hacking and manipulation and how can they be be mitigated?

Well, there is nothing 100% secure. Whoever says that is lying. So of course there will always be risks of hacking and manipulation. They can be mitigated and this is what blockchain is trying to accomplish. I mean, traditionally we had the problem of the double spend, that there was no way of avoiding spending twice a coin in a decentralized currency and blockchain enables that securely. Bitcoin has been around for quite a bunch of years already, more than 10 years in fact, and people have not hacked it. I mean there is a lot of incentive to hack it, to break the algorithm, to be able to basically get rich, and yet the algorithm itself has not been hacked. There have been a lot of hacks of, for example, providers of cryptocurrencies or people sharing incorrectly their private key, but in general the blockchain community is pretty obsessed with security. So I think they are already working on mitigating those problems. Another thing would be that humans using it of course can be deceived. A controller of one of these blockchains or one of these projects can fool you, which has happened a lot, in investing in their project and then running away with their money. This happens all the time. So I wouldn’t magnify it related with blockchain or not. In general, it is more difficult because of what we were saying before about the peer to peer network and the cryptographic algorithms, it is more difficult to manipulate the blockchain than a traditional database. But definitely, it is not impossible. And if we have hybrids mixing centralized with a centralized systems, it will be easier. 


Regardless of how secure this internalized blockchain network is, it is still necessary to develop, fund and implement new security features and updates. How can governments stay up to date?

If we are relying on an open source software, it’s always needed to develop, fund and implement security features and updates. It happens with every software. It sometimes happens transparently to the user, when you are using online platforms like Airbnb, and it happens when you are hosting the software. And of course if we are trusting software with our money then we need to do to be in a constant awareness of having to upgrade these systems. I mean and both by government and standard users. There is a general lack of awareness concerning security and therefore hackers or crackers can use that to get into the Smart TV that you have at home or the citizens database that the government has. How governments can keep up is not that difficult. They know how to keep updated. We have very good channels for security updates. We have good regulations around that. We have very good practices and the InfoSec community has very good protocols for dealing with this. So it’s not that difficult to stay up to date.


Delayed transaction makes blockchain solutions cumbersome for industries that require rapid transactions. The cost also rises as more data gets stored on a blockchain. Could a simple database do the job faster and cheaper?

Well definitely yes. I mean blockchain has some studies where it works well and other cases where that makes no sense. So for those that don’t make sense, you can use other more traditional database systems, but also federated systems that decentralize power on top of traditional databases, which definitely would be faster and cheaper than blockchain systems, even in the case of payments. Still, there are some solutions for improving the speed of transactions and scalability of blockchain. The most famous will be the lightning network that tries to do a sequence of payments outside of the blockchain and records the result afterwards on the blockchain and therefore if it’s off blockchain, you can do it pretty fast, which would increase the speed of the Bitcoin network.  They were saying grandiose statements like “blockchain then is the new database lets trash everything and rebuild it”. Well, actually no. Blockchain is perfect from some applications and terrible for others.


One of the benefits of blockchain is that anything of value can be transferred and saved confidentially. Can this anonymity be used to a hacker’s advantage?

Well, typical blockchains like Ethereum or Bitcoin are not anonymous. They, I’d say pseudonymous which is pretty different and there are already methods for monitoring these blockchains to try to identify who’s using them. On the other hand, there are some initiatives like Monero or especially Zcash that try to provide through anonymous transactions to the blockchain. Can they be used to a hackathon advantage? Well, yes, of course. The same way as the Tor network is being used by, for example, a journalist that wants to work in an authoritarian regime, Tor helps anonymize your connection, but it is also used by multiple criminals to communicate in a way that is more difficult to be persecuted. We already see with the use of data currencies in transactions that there’s anonymity and pseudonymity in those that are legal or criminal, related to hacking or not. So yes, definitely it can be used for the advantage of bad actors. At the same time, it can also be beneficial for the public in general. There are bigger concerns around the importance of privacy in this age of big platforms, and these new systems can provide a higher level of privacy than what we are used to.


Blockchain means there will no longer be a need for intermediaries such as banks or lawyers, but many people are currently employed as intermediaries. How does the future of work look for these people?

I don’t believe that we will suddenly have no banks or no lawyers. Especially, I don’t think that we will get rid of lawyers. I don’t think that we want to anyway. I do think that this intermediation can be pretty positive and that it’s going to shake the current ecosystems that we are used to having as central players all the time. And more decentralization of power, less concentration of power I think it can be positive for the multi political systems that we are interacting with everyday. At the same time it is true that automation challenges the future of many jobs. Regardless of whether we are talking about AI, autonomous cars, IOT (Internet Of Things) or blockchain, these technologies, especially combinations of them can make the future of work challenging. At the same time, the jobs that are being threatened are not so much highly specialized jobs like lawyers, but it’s more manual jobs like driving a truck. We see more individual contractors versus people hired for their benefits within companies, like in the case of Uber or similar startups. So definitely the future of work is something that we need to consider, and how universal basic income could help. I wouldn’t worry that much about banks or lawyers.

I would worry more about this: if the potential of blockchain concerning decentralized autonomous organizations really flourishes, in the midterm we could really have much less managers or paper pushers or bureaucrats needed in multiple institutions. At the same time we are seeing precarious jobs around the AI systems used in large platforms like in Facebook. This ghost work as Mary Gray likes to put it, is creating multiple new jobs with bad conditions that are not highly specialized or qualified. And then we could see people turning toward these jobs that technology creates and then running away of the destruction of jobs in the future of work scenario. I don’t know what will happen with this, I definitely think that it’s a problem that we should tackle as a society, soon.

Blockchain transactions are irreversible and lost accounts are irretrievable. What are the possible consequences?

Well, I think the more real, mature use cases are implemented and elaborated with blockchain, the more blockchain will need to provide solutions for these kinds of cases. Mistakes happen. We cannot trust that the code implemented is always right because there are always bugs, there might be a problem or an injustice that has to be corrected. We have seen that happening already. And we already see some solutions, how to have multiple blockchains in parallel, how to have blockchains that can be validated only if after some period of time just in case something is wrong. We have technical solutions, but of course most of the technical considerations that we have, require centralization. So there are already people working on trying to find decentralized solutions for these challenges. Even in that worst case, we could have some well-controlled central points to validate these things, to make sure that the consequences are not terrible for the end user.