Nearly every introduction to blockchain mentions that it is immutable. This reference is often made with little clarification of what immutability really means. Given that it’s the primary security advantage that decentralized ledgers have over centralized ones, the concept is important to understand.
The Google dictionary defines immutable as ‘unchanging over time or unable to be changed’. However, the idea is relative and sits on a spectrum. Nothing is truly unchangeable. Some things are more permanent than others.
The blockchain, a shared public ledger on a peer-to-peer network, occupies a position at the far end of the spectrum where things are hardest to change.
Concerns about immutability
Some say the term immutability in regard to blockchain is overused, misused or that it is a complete misnomer. In an article titled ‘The Blockchain Immutability Myth’, which went viral in May 2017, Coin Sciences founder and CEO Gideon Greenspan argued that changeability can be a good thing, rather than something to be avoided at all costs.
According to Greenspan, sometimes it may be better to have room to make changes, including to transaction history. He explains:
‘In blockchains, there is no such thing as perfect immutability. The real question is: What are the conditions under which a particular blockchain can and cannot be changed? And do those conditions match the problem we’re trying to solve?’
In June 2016, the second largest public blockchain, Ethereum, went through a hard fork to reverse transactions initiated by a hacker. The person was able to steal 3.6 million ether from a venture capital fund built on top of the blockchain and known as The DAO (Decentralized Anonymous Organization).
The hard fork resulted in two independent chains—Ethereum (ETH) and Ethereum Classic (ETC). It also raised concerns about the immutability of the blockchain and any smart contracts deployed on it.
Some thought the hard fork negated the immutability of blockchains. Charles Hoskinson, one of the original founders of the Ethereum project, said days before the hard fork, ‘When you start intervening, it kind of diminishes the entire purpose of these types of systems in general’.
Stephan Tual, a co-founder of the DAO project, disagreed. He didn’t see the hard fork as a compromise. He wrote in a blog post:
‘Hard forks are seen by some as the arbitrary manipulation of the blockchain state to either revert, or outright rewrite smart contracts and their data by parties unknown. … Except, that’s not what hard forks are at all. Quite the opposite in fact. Hard forks are the most democratic means of consensus on earth today. They are the ultimate referendum mechanism’.
At the centre of the confusion is the question of what exactly secures the blockchain. A misconception exists that the ledger is immutable simply because it is public and therefore anyone can access it and witness arbitrary attempts to change it.
These features, including public access to any changes made to the protocol, only make a blockchain tamper evident. They only reveal when arbitrary changes have been made, but they don’t prevent someone from making them.
If evidence of tampering were the only feature of a public blockchain network, such as Bitcoin, then the blockchain would not function without enforcement in the way it does. There would be a strong need for a law enforcing authority, to which anyone who noticed records tampering could report and request restoration of the integrity and validity of the ledger.
Nothing like central law enforcement exists on public blockchains, for good reason. That would make the systems centralized.
To be immutable, a public blockchain needs to be tamper proof—a feature to prevent bad actors from harming it. The first blockchain, Bitcoin, has been running since January 2009 and has never experienced a successful attempt to change its historical records, despite the fact that it’s public and permissionless, meaning no one needs permission to interact with it.
Arbitrary changes to the Bitcoin blockchain would be near impossible to implement. This level of security comes thanks to the consensus protocol, or the rules that guide how the network comes to an agreement on the status of the ledger.
The Bitcoin and Ethereum protocols use a proof-of-work (PoW) consensus mechanism, which requires the use of electric power to write data to the ledger. PoW also requires a special transaction identification based on past transactions—meaning that changing any single piece of the records requires changing the entire ledger, which would require additional electric power.
To make edits without following protocol rules would require someone to have access to an energy source and to computer power that exceeds that of the entire network, which would be almost impossible. Also, such changes would be ignored by the network and the instigator would not be compensated for their efforts, as they would for a legitimate transaction.
Ethereum is in the process of moving their validation process from PoW to Casper, a version of proof of stake (PoS) where miners must stake a portion of the coins they hold. Casper will make the Ethereum blockchain more tamper proof by taking away all or part of the stake held by malicious players.
Public blockchains get their immutability or tamper protection from consensus protocols like proof of work. Tamper evidence or immutability adds user confidence, but it’s not infallible.