To participate in today’s global economy, ordinary people must accept an asymmetrical bargain: their lives are transparent to states, banks and corporations, whereas the behavior and inner workings of the powerful actors are kept hidden. The boundaries between the consumer and the citizen have irreversibly blurred. Harvard University social scientist Shoshana Zuboff has called this one-sided, extractive interaction “surveillance capitalism,” and it is a major structural issue. The very institutions whose charter is brokering social trust—banks and governments—have in many parts of the world spectacularly failed to do so, especially during the lifetimes of those younger than 35.

The 2008 financial crash and its aftermath gave shape to a kind of ambient helplessness. Of the legal cases that were brought to court, most were settled at shareholders' expense rather than resulting in jail time for high-ranking bankers, which convinced many that the wealthy and powerful collude for their own benefit. The issues run much deeper than the fallout from bad mortgages. An analysis of a 2007 database listing 37 million companies and investors across the world yielded the conclusion that 1 percent of these companies control 40 percent of the network, and most of the 1 percent are financial institutions. Over the past three decades investment earnings have become the chief source of economic growth in most countries, far outpacing income growth and making the top tier of wealthy people even wealthier. In the meantime, two billion people are still unbanked, excluded even from a far from perfect network that in principle facilitates access to capital. There is no agreement about whether or how these trends should be transformed to promote greater economic equality and inclusion without compromising individual autonomy.

That brings us to a historic moment in which mistrust of authority in the forms of power and wealth grows against a background of economic life that is inescapably global and mobile. If there's an impulse to retreat from it all in protest, there's also an acknowledgment that doing so is a recipe for economic self-sabotage. These constraints have led technologists around the world to imagine alternatives that simultaneously scale trust while making it more intimate and reciprocal. It's no coincidence that the world's first successful digital currency, Bitcoin, emerged on the scene in 2009: it represents a reaction to this growing desire for transparency, access and empowerment.

Bitcoin, of course, is a currency that is transacted via a blockchain—a new digital infrastructure that functions as a distributed ledger of transactions, validated according to mathematical consensus rather than by humans. It is revolutionizing the possibilities for direct exchange and individual ownership, not only of money but of any digital asset.

Bitcoin—and blockchains in general—is often referred to as “trustless.” But this isn't quite accurate. Rather trust has been shifted away from human actors and toward a cryptographic system, with material incentives for participating in the network. In other words, trust is being depersonalized. At first, this may seem like a paradox. Haven't all forms of trust relied on humans to some extent? Throughout history, the momentum of global migration and commerce has driven trust networks to scale from the small group of people any given person knows to communities largely made of strangers and enemies. To expand across the earth, feed growing populations, wage wars, build empires and engage in knowledge exchange, people have used trust technologies that evolved out of one another in a more or less overlapping sequence: kinship and gift giving, division of labor, account keeping (the origin of credit and debt), hierarchy, currency, universalizing religions and, most recently, banking.

At the beginning of the 21st century, trust is undergoing yet another stage of evolution. The very banks that underwrote modern capitalism by acting as secure brokers of trust have in many ways become an impediment to its development. In our current financial system, policy and law tend to disincentivize exploitative practices through punishment. In the future, blockchains could simply design those practices out of the picture.

Building from A Blockchain

Bitcoin's consensus protocol, which sets out the incentives and requirements that frame participation in the network, is exceptionally good at maintaining a distributed, open, peer-to-peer system of governance. Its transactions are public, though pseudonymous, and its code is open-source and maintained by a global network of volunteer core developers. The Bitcoin blockchain also doesn't store identity data; it uses public/private key pairs, rather than accounts, as addresses.

But blockchain-based transactions are more traceable than cash, which means that once a key pair is tied to a known identity, network analysis can, for example, aid police in tracking down criminal actors. This reality runs counter to the assumption that cryptocurrencies are more suited to criminal activity than other types of currency. In fact, it reintroduces the specter of surveillance capitalism. Interestingly, blockchains have properties that lend themselves both to human emancipation and to an unprecedented degree of surveillance and control. Whether they end up being used for the former or the latter depends on how the architecture of the “software stack”—the blockchain protocol and the application layer—handles digital identity.

When it comes to protocol, it's important to understand that there is more than one way to design a blockchain. Generally, “blockchain” is used to describe a type of system in which a single, universal record of transactions is replicated, although there is no absolute agreement on a set of necessary characteristics. Countless chains have now been introduced, and they are built to solve different things.

Take Ethereum, a public blockchain that aims to be a global, distributed computer called the Ethereum Virtual Machine. Its chain stores smart contracts that are executed when the conditions they specify are met. Unlike Bitcoin, the users most highly invested in the network—determined via cryptocurrency security deposits—get to collectively validate new blocks. Misbehaving users have their crypto-currency automatically confiscated.

Some blockchains are designed for communities with a higher level of trust among their users. These “permissioned” chains generally rely on a central authority that grants specific users access to the system so they can serve as transaction validators. To make sure everyone behaves, permissioned chains tend to rely more on disciplining by the central authority rather than automated material incentives. One major example is Ripple, a blockchain designed specifically to serve as a settlement network for transactions between banks. Similarly, the Enterprise Ethereum Alliance is made up of nearly 200 corporate members who are building an open-source tool kit so businesses can design their own permissioned versions of the Ethereum blockchain.

Still other blockchainlike initiatives are referred to as distributed ledgers because they may lack one or all of the underlying features of blockchains. They are generally permissioned, with many of their transactions also kept private. A major distributed ledger is R3 Corda, developed by a consortium of banks to facilitate consensus regarding financial agreements.

Permissioned blockchains and distributed ledgers arose in part to include some type of identity vetting for validators and transactors on the network. (By design, there is no native identity validation in the Bitcoin blockchain protocol.) The field of identity is the terrain on which the emancipatory or oppressive characteristics of blockchains will be socially realized. The easier it is to tie someone's transactions to an identity—and the more centralized and externally controlled an individual's digital identity becomes—the more the possibilities for abuse multiply.

Promise and Peril

The average person cannot use any blockchain directly, in the same way that the Internet cannot be used directly. Rather the individual uses applications that make use of the underlying blockchain in one way or another. The application layer is where untold confusion and often outright bad faith can reign. The history of Bitcoin, for example, is littered with cryptocurrency exchanges and wallet providers who left gaping security flaws in their applications, leading to high-profile hacks and accusations of embezzlement. In the case of the Ethereum network, vulnerabilities have resulted in the theft or loss of millions of dollars in its Ether cryptocurrency, with virtually no recourse for users. In general, using any application built by a trusted third party to hold your blockchain-based digital assets is still a highly insecure proposition.

This is the crux of blockchain's catch-22: the public won't use blockchains without user-friendly applications. But user-friendly applications often achieve that ease through centralization, which replicates the conditions of control that blockchains sought to circumvent.

If blockchains are to become widely useful, though, some correlation of identity with transactions is necessary. Perhaps identity will not require a full disclosure of who you are. As some in the Bitcoin community have argued, the current fixation on identity verification is largely misplaced; generally, what people want to know is whether a particular claim about you is true: Are you over 21? Did you really get a Ph.D. from M.I.T.? Are you a U.S. citizen? We are habituated by the incentive structures of surveillance capitalism to believe that giving up sweeping personal data is necessary to get by in the world. Changing that presupposition is one of the most radical influences that blockchain technologies may have.

Imagine, for instance, a future of digital voting. An election board must be able to correlate the casting of a vote to a registered voter so that person's vote is marked as “spent.” But that process doesn't necessarily have to identify the individual to the board: it could simply verify that the voter is registered to participate in that election and record that he or she has cast a ballot after that person has done so—all without correlating the vote to the voter.

Projects that minimize the dispersal of so-called personally identifiable information are still rare, in part because they are not easy to monetize—either in financial currency or in the “currency” that is personal data. One example is Blockcerts, a series of free reference libraries developed by the M.I.T. Media Lab and Learning Machine, where I work. Blockcerts allows individuals to hold their digital assets in a private wallet that is hosted on their own device. The documents issued to a person are not associated with any identity profile unless the recipient chooses to do so. All the code is open-source, so it can be inspected for integrity and used by anyone to build his or her own applications for sending, storing, sharing and verifying official documents. This claims-based approach is a step toward what some in the digital identity space have called “self-sovereign identity,” which means that individuals have administrative control over their own data.

Blockchains are indeed a disruptive trust technology. But if blockchain-based applications are not designed with a commitment to digital self-sovereignty, there is nothing, in principle, preventing human beings from being treated as so many objects in a supply chain, with every movement and activity recorded, perhaps permanently. Creating digital identities whose existence is independent from governments and corporations is the next grand challenge that blockchains both pose and could help solve.