The Digital Asset Creator’s First Commandment: Thou Shall Not Speak Blockchain Gobbledygook
Unraveling the Intricacies of Blockchain Terminology: A Deep Dive into Public Keys, Private Keys, the Ethereum Account Model and the Language-Barrier of Tokenization
Oh? you might think, isn’t that a bit ‘over the top’ in terms of language for some blockchain articles. If you have been following this blog, there is a chance that you have seen a reference to the ‘Digital Asset Creator’ with the tagline “Genesis Story.” So this should not come as a surprise. Furthermore, Genesis simply means the beginning and doesn’t necessarily relate to religious ideas. Darwin used the term, and genetics is closely related.
However, there is of course the Book of Genesis, which among other things, tells the story of how the Israelites received a set of instructions on how to live their lives. For me, that word ‘Genesis’ encapsulates both the idea of advancement in science and a strong notion of spirituality. But I don’t want anyone to think I am making fun of religion when I use this reference, so I thought it was important to clarify that.
The Digital Asset Creator deals with the question of defining tokenisation in the context of, broadly speaking, financial markets and what is lacking right now to make this work. It has an Origin Story that might start like this:
string memory creation = "In the beginning was Code, and the Code was Blockchain."But we can skip ahead to one issue that is often brushed aside and ignored: the correct terminology for blockchain terms in relation to established financial terms. Tokenisation suffers from a translation challenge, and I am not very hopeful that this will be resolved quickly since I do recognise that this problem statement is not widely acknowledged and everything I say in this article could be entirely inconsequential.
My last blog included a reference to the term "native and non-native assets" and why the banker definition, which is the opposite of the technical blockchain definition, creates, in my opinion, misleading ideas about the subject.
And I thought I would share a few more examples, but let's start with something easy and seemingly uncontroversial to show you how illogical and incorrect the terms are being used. As always, Greek philosophy aligns with my stance: Aristotle emphasised the importance of clear definitions and systematic classification in his works.
And very quickly, I want to mention 'Novum Organum' by Francis Bacon. He is often regarded as one of the founders of modern scientific methodology and a very relevant inspiration if one wants to get to the truth of things. He served as Attorney General and Lord Chancellor, so I suppose he knew something about finance and law. Maybe that combo made him so insightful because, if I didn’t know better, one might think he was writing about tokenisation:
‘It would be madness and inconsistency to suppose that things which have never yet been performed can be performed without employing some hitherto untried means.’
If you consider tokenisation as a ‘thing’ that has never yet been performed, then it is quite relevant even though it was written 400 years ago.
He also found very expressive language to advocate for the importance of the scientific method:
‘For men imagine that their reason governs words, while, in fact, words react upon the understanding. [...] Words are generally formed in a popular sense, and define things by those broad lines which are most obvious to the vulgar mind; but when a more acute understanding or more diligent observation is anxious to vary those lines, and to adapt them more accurately to nature, words oppose it.’
But it's never so simple to say we can agree on anything since Bacon also wrote ‘Aristotle [...] corrupted natural philosophy by logic.’ Although not everything he wrote. So let’s leave it at that.
I wanted to mention three simple examples of how ‘words oppose our mind’ and why that is detrimental to the tokenisation efforts.
A “public key [...] acts like a bank account number”
Source: GFMA as an example. They didn’t necessarily ‘start’ this problem. The same caveat applies for the other sources given below.
“A private key is like a password [...]”
Source: Coinbase
You have probably heard this before, and I have probably used those explanations myself, although I hope not. But they are fundamentally wrong when considering what a bank account or a password login for online banking entails. Considering these things as related, comparable, or even similar leads to, in my view, incorrect assumptions about what these blockchain terms actually signify and thus perhaps inappropriate rules, policies, or even legal requirements.
And I want to mention another idea of the ‘vulgar mind’ which is saying that Ethereum is account-based based on the fact that there is a thing in Ethereum that calls itself an Externally Owned Account (EOA). That may be so, but it should not entice us to conclude it is an account-based system similar to traditional systems. So here is a good example:
“To design a transaction processor, we have to make a choice about how the users’ funds are represented in the system. The two most common ways are the account balance model and the UTXO model [...] The simplest way to implement a payment system is using balances. The system can store unspent funds as balances associated with unique identifiers, and a user can make a payment by issuing a request to the transaction processor to transfer balance to another identifier. Traditional payment systems choose this approach and manage authorisation by storing identifiers under user accounts, usually accessed via a username and password. Traditional payment systems could use public key cryptography and digital signatures instead of passwords for authorisation, but this is not widely used in practice outside of cryptocurrency. Several cryptocurrencies, like Ethereum, choose this data representation.”
Source: Boston Fed Whitepaper Project Hamilton
All these three statements are misleading in a way that I think we should all stop saying. No more, thou shalt not say:
Public key is like a bank account number
Private key is like a password
A blockchain like Ethereum is account-based or an account balance model
Saying these things are not considered ‘deadly sins,’ so the Digital Asset Creator doesn’t sanction false teachings and non-compliance. No worries.
Explanation
The meaning of many words can vary depending on the context. Therefore, a definition is not inherently right or wrong; rather, the appropriateness of using a term is determined by its suitability within the given context. However, I would caveat that statement insofar as the terms and the definitions should preferably be congruent. For instance, if a new discovery is made concerning the properties of light and the theory defines white particles as dark and black particles as bright, this would be an example of a definition where the term being defined is not coherent with the content of the definition.
Addresses Are Like Bank Account Numbers (or not)
A bank account number is the main identifier representing the party in the real world who owns the funds. In contrast, a public key, by definition, is designed to disguise the real party's identity. This is most evident with deterministic wallets that generate a new public key for each transaction, making it difficult to trace back to the owner.
In terms of current financial markets, a more appropriate analogy for a public key would be a reference number, such as a trade reference or an invoice number—something that uniquely identifies a transaction or event, explaining why a payment occurred.
It so happens that the invoice number and account number are identical in a blockchain transaction, but the purpose is to allocate the funds of this unique event and not to identify the party. This analogy better describes the nature and function of public keys in blockchain systems.
Another important aspect to consider is the origin of these identifiers. Invoice numbers, for example, are not governed by any laws and are freely chosen by the issuing party. Similarly, a private key in blockchain systems is also freely generated by the user, pointing to another critical difference.
Providing a valid bank account number presupposes the existence of a regulated bank and specific controls to allocate it following an onboarding process. This makes a bank account number valuable information because it allows for the verification of certain claims related to that number. In contrast, presenting a wallet address does not offer the same level of validation or regulatory assurance.
Why This Distinction Matters
If one perceives the quality of a wallet address as similar to that of an invoice number, rather than a bank account number, it raises important questions about the effectiveness of anti-money laundering (AML) provisions and the sanction compliance ecosystem. Providers like TRM and similar entities rely on the assumption that these data elements are robust or at least sufficiently meaningful or can be made meaningful through data analysis. However, since wallet addresses lack the regulatory oversight and validation inherent in bank account numbers, their utility in AML and compliance efforts may be significantly reduced, and this limitation cannot be materially changed.
These comments specifically relate to the comparison of wallet addresses to account numbers. Calling a wallet address an account or similar to an account is also misleading, but for different reasons.
A Private Key is Like a Password (or not)
Nope! The private key is more akin to a bank account number in the sense that it identifies the party who controls the funds. However, unlike a bank account number, it also serves the function of a password because it is used to authorize transactions. Since cryptography is used, the private key itself provides both identification and authorization without the need for a separate password.
In traditional systems, a central authority ensures the uniqueness of identifiers (e.g., usernames or account numbers). This central actor manages the allocation and verification of these identifiers. Uniqueness in blockchain systems is achieved through the vast number space. For example, Ethereum addresses are derived from 160-bit hashes, providing 2^160 possible combinations. I can’t imagine what that number means, to be honest, but what it means is that the chance of guessing right is so small that it is at least as secure as online banking logins. The chance of correctly guessing a 160-bit address is so small that it is practically impossible. The number of possible combinations is 1.46×10^48, making brute-force attacks infeasible with current technology, assuming keys were chosen with sufficient randomness.
One Difference Remains
If I guess your account number and password correctly (let’s assume nothing else is required for login), I don’t become the ‘co-owner’ of the funds because the account is associated with a person. And since the chance of guessing right exists in blockchain, what would be the legal consequences to the property that is affected? To me, it is still very unclear if the present arrangements of public chains have sufficient functionality to record ownership, whether crypto or tokenized instruments, in the absence of certainty.
It’s a bit like playing the lottery, but there are no physical lottery tickets. Instead, you say, "Please store my virtual ticket with my secret code: 123." Lottery numbers are drawn, you win the jackpot, and all you need to do is walk to the lottery agent and say, "123," and they give you the money.
However, if the person in the queue ahead of you overhears you on the phone saying, "I won the lottery, my code is 123," and they go to the agent and say, "I want to pick up my lottery win, my code is 123," the only thing the lottery agency knows is that "123" is the winning code. They don't know who the actual winner is.
Is this enough? Or are we saying the law doesn’t need to address it because it's almost impossible for it to happen? And of course, this is different from the question of unlawful computer hacks that don’t require digital assets to have the full status of being legal property to make the hack unlawful.
Ethereum is Account-based (or not)
This topic always confuses me, hence why I am writing this more for my own benefit so that I won’t forget, which I surely will, because it’s confusing.
One of the defining characteristics of an account in traditional banking is that it has an opening balance. Transactions occur (i.e., a credit or debit), leading to a closing balance in a given period, and this closing balance becomes the opening balance for the next period.
In Ethereum, wallet addresses are used to designate where funds should be sent. A wallet address is a unique identifier derived from a user's public key, typically a 42-character hexadecimal string starting with "0x". These addresses identify an Ethereum account, an abstraction representing a user or smart contract on the Ethereum network. An Ethereum account includes a wallet address, balance, nonce, and possibly smart contract code and storage. The balance is checked to determine if an account has sufficient funds to make a transfer request as part of the validation process. This state is maintained and updated directly with each transaction on the blockchain’s global state.
Understanding "On-Chain" Storage
So why is this not an account in the way bankers understand what an account is? It comes down to what is meant by storing information on-chain. What does that actually mean?
The entire Ethereum state is distributed across the network, which includes the balance (state) of all accounts. The state trie itself is not directly exchanged between nodes. Instead, the state trie is a data structure that each node independently constructs and maintains based on the transactions included in the blocks and the rules of the Ethereum protocol.
How Nodes Maintain and Verify State
Nodes exchange block data, including transactions, the previous block hash, the state root hash, and other metadata. Each block contains a list of transactions and the root hash of the state trie after those transactions are applied.
Nodes use the state root hash to verify the integrity and correctness of the state trie they have constructed. If a node's computed root hash matches the root hash in the block header, it confirms that the node has the correct state.
Implications for Account Balances
This means the state trie is not directly stored on the blockchain; instead, nodes store the state locally and use the state root hash to ensure consistency.
This has important consequences. Trying to reconcile this balance, which is what bankers want to do with account balances, is challenging because the balance you get is calculated, and there is no single place where the correct number is stored. Ethereum simplifies querying information without calculating the entire transaction history by linking the blocks in a Merkle tree structure. However, this arrangement does not follow a traditional account structure because the records we have (transaction blocks) don’t store that info.
The so-called account-based model of Ethereum differs significantly from traditional banking accounts. The decentralized and distributed nature of the state, the way transactions are processed and stored, and the use of cryptographic methods to ensure consistency all contribute to a fundamentally different system. And we should use language to reflect these differences to make sure the right decisions are made.
