This article explores the meaning, use cases, and advantages of permissioned blockchains and how they differ from permissionless networks.
Did you know that 81 of the world’s top 100 public companies have blockchain as part of their technology stack?
Blockchain technology is impacting industries worldwide, given the transparency, immutability and decentralisation it brings. However, the level of scalability, control, and efficiency permissioned blockchains bring to sectors like finance, supply chain, and data privacy, is unmatched and far superior to that of a permissionless blockchain.
Become a part of the community
Subscribe to our newsletter to be in-loop with all news from the crypto world
But how is a permissioned blockchain different from a permissionless one?
Is a private network similar to a permissionless network?
Why are governments and enterprises embracing permissioned networks lately?
Let’s answer each question one by one.
_________________
Interesting Fact: The idea of blockchain stems from a 1991 paper authored by Stuart Haber and W. Scott Stornetta named “How to Time-Stamp a Digital Document.”
_________________
Among the many financial services companies, BlackRock and JP Morgan (JPM) are some of the biggest users of blockchain technology. BlackRock recently used Ethereum to launch its BUIDL fund, which crossed $500 million in July 2024.
JPM is one of the earliest banks to use blockchain to manage day-to-day operations. By 2023, Onyx, JPM’s blockchain, had processed $700 billion in transactions. It processes an average of $1 billion each day. Even Goldman Sachs, DBS Bank, and BNP Paribas use Onyx.
Both financial companies use blockchain technology, but there’s a difference.
You can access the BUIDL fund on Ethereum, but you cannot access JPM’s Onyx or Quorum chains.
For business professionals and tech enthusiasts, it is necessary to understand what sets permissioned networks apart from permissionless ones: the enterprise-level use cases of the former in finance, supply chain, and data privacy.
This article explores the meaning, use cases, and advantages of permissioned blockchains and how they differ from permissionless networks.
In a permissioned blockchain, you require ‘permission’ to access the network. The permission can be in full or for specific roles within the network. The permission is granted by the central authority or network administrators controlling the blockchain operations.
A permissioned blockchain is not accessible to everyone, unlike a public or permissionless blockchain where the access control is in no one’s hands. In permissioned blockchains, the access control lies with a central authority that validates/verifies the network participants before granting them access.
The access control here implies that only those with permission from the administrators can perform any kind of action on the blockchain.
The access control layer in permissioned blockchains makes them closed networks. There are two things to note:
A permissioned blockchain is not a private network that is highly centralised and restricted. It is more like a custom, do-it-yourself network where the administrators can choose the level of decentralisation and make it fully centralised or partially decentralised. The administrators are also free to determine the consensus mechanism that would be used to validate the transactions.
Read: Public, Private, and Permissioned Blockchains Compared
Some examples of permissioned blockchains include names like Hyperledger, Corda, Ripple, Quorum, etc.
____________________
Interesting Fact: Cosensys acquired Quorum from JP Morgan in 2020. Quorum is an enterprise variant of the Ethereum blockchain.
___________________
Governance structures (centralised or consortium-based)
The governance structure of a permissioned blockchain is usually centralised or consortium-based. Centralised governance is where a central authority approves the validators who oversee all the transactions and their verification. In the case of JPM’s Onyx, Siemens, Goldman Dachs, DBS Bank, ans BNP Paribas use Onyx blockchain for cross-border transfers, check processing, digital assets, and multi-currency assets overseen by JPM.
Consortium-level governance is applicable when the permissioned blockchain is used by a group of two or more members. Hyperledger is an enterprise blockchain with a consortium-based governance model.
The image above represents a consortium-based governance model for an E-governance system. Entities participating in a consortium pool resources but are otherwise only responsible for the obligations set out in the consortium's agreement.
Consensus Mechanisms
Permissioned blockchains deploy consensus mechanisms, such as Practical Byzantine Fault Tolerance (PFBT), Federated Byzantine Consensus (FBC), and round-robin consensus. These mechanisms are distinct from those of permissionless blockchains.
Access control mechanisms
The main differentiator for a permissioned blockchain is access control. Permissioned blockchains allow granular control over permissions, the scope of validator roles, and access to blockchain data.
Permissioned blockchains have several access control features to control who participates in what capacity within the network. First, a central authority grants permission to nodes to join and become part of the network.
Participants are then identified and vetted before being assigned roles. These roles determine what information they can access and what tasks they can perform. The approved validators need to authenticate themselves using digital signatures or certificates.
Role of trusted entities and validators
The trusted centralised authority manages the access control layer. The blockchain operators can choose the level of decentralisation in their blockchain and define the validator roles accordingly.
The selected participants approve and validate transactions using a consensus mechanism. Anonymity, or, in blockchain terms, pseudonymity, isn’t a feature of permissioned blockchains. There is a complete lack of anonymity, and the identity of every validator is known.
Security features
Security features like KYC and identity verification are a part of permissioned networks. In permissioned blockchains, the members need to be verified and vetted before becoming a part of the network. The administrators have complete information on each participant.
This helps to ensure accountability and a provable chain of custody. Since every change made to the blockchain is recorded in the blockchain history, the administrators know instantly who has made changes to the system and how.
Permissioned blockchains are based on distributed ledger technology (DLT) and are a hybrid of private and public blockchains. Hence, they offer privacy and scalability while allowing for decentralisation and transparency. Enterprises and governments can exercise complete control over who participates in the network and to what extent.
Given their ability to custom-fit processes, permissioned blockchains are suitable for enterprise-level use cases. Enterprises and governments can use permissioned blockchains for data safekeeping, data validation, value exchange, real-time settlements, identity management, monitoring, and much more.
Permissioned blockchains provide highly secure environments for fast transactions at scale. We find varied use cases of permissioned blockchains in sectors such as banking, supply chain management, retail, healthcare, data security, and governance.
A permissionless or public blockchain has no access control layer, so anyone can join the blockchain. Permissionless blockchains are decentralised, and no central authority controls them.
Bitcoin was the first decentralised blockchain. After that, open-source, public blockchains like Ethereum, Solana, Cardano, Tron, etc., were born. Anyone can become a validator on the Ethereum and Bitcoin blockchain and contribute to their ecosystem.
Like permissioned blockchains, permissionless blockchains allow peer-to-peer transactions, transparency, immutable records, and security. However, some characteristics set permissionless blockchains apart from permissioned networks.
Decentralised governance
Permissionless blockchains like Bitcoin are fully decentralised. As of February 2024, 18,000 nodes, geographically dispersed, are running on the Bitcoin network. No central party controls the network’s access, verification, and governance.
______________
Interesting Fact: Recently, a stash of emails between Bitcoin’s pseudonymous creator, Satoshi Nakamoto and Hashcash inventor Adam Back was submitted in a lawsuit in the UK. The never-seen-before correspondence reignited the debates around the ever-elusive identity of the Bitcoin creator.
____________
Public access without restrictions
Anyone can become a part of a permissionless blockchain. You can access and view the database, become a validator, mine/stake tokens, or use the network to exchange bitcoins. Unlike permissioned blockchains, no central authority or administrator approves and verifies your identity before you become a part of the network. In a crux, there’s no access control layer in public blockchains.
Pseudonymity and transparency
Most people consider transactions on a public or permissionless blockchain to be anonymous. However, that’s not true. Transactions on a public blockchain are pseudonymous. Pseudonymity implies that though your identity remains hidden, each transaction can be traced back to the wallet from where it originated.
Transaction history, wallet addresses, and other data related to the permissionless blockchain are available for public scrutiny. Permissionless blockchains are transparent, decentralised, and traceable.
Consensus mechanisms like Proof of Work (PoW) and Proof of Stake (PoS)
Permissionless blockchains are truly decentralised. The validator nodes approve the transactions via a consensus mechanism. These consensus mechanisms can differ from blockchain to blockchain.
Bitcoin uses a Proof of Work (PoW) consensus mechanism where validators need to solve complex mathematical problems to find the address for the next block. Whoever gets the address first also gets the chance to mine or approve the validator block (after being verified by 2/3rd nodes) and win newly mined bitcoins.
PoW is highly energy-intensive and requires large ASICs, which consume high amounts of electricity. Globally, many mining firms commercially mine bitcoins.
Proof of Stake, or PoS, is a much faster and less energy-intensive mechanism than PoW. Here, the validators need to stake or lock a fixed amount of tokens to become eligible for the validator role. There are no computations involved. The validators are then selected randomly to approve a transaction and are compensated through transaction fees, etc.
Learn more about consensus mechanisms in this article by NFT.EU: Consensus Mechanisms in Blockchain — How They Power Cryptocurrency
Most of the popular blockchains today are permissionless blockchains, including Bitcoin, Ethereum, Solana, Tron, SUI, and Polkadot. You can become a part of any of them by fulfilling the requirements.
Bitcoin is the first-ever permissionless blockchain birthed in 2009. It has a market cap of over $1 trillion and dominates the crypto market. Ethereum is the second-largest blockchain and the largest network for decentralised applications (dApps), decentralised finance (DeFi), Web3 games, non-fungible tokens (NFTs), tokenised real-world assets (RWAs), and other applications.
The total value locked in Ethereum currently stands at $44.58 billion. Ethereum is highly programmable due to smart contracts, which are self-executing contracts automatically triggered once predefined conditions are met.
Learning the difference between the two kinds of blockchain becomes more significant given the benefits permissioned blockchains give over permissionless blockchains, despite permissionless blockchain being a more trustless, decentralised network, as per purists.
Let’s understand the difference between the two, using Bitcoin as an example of a permissionless blockchain and Hyperledger as an example of a permissioned blockchain.
Level of Decentralisation: Bitcoin is completely decentralised. Each node in the Bitcoin network has a copy of the transaction database against which they must verify new transactions.
Hyperledger is an open-source project by the Linus Foundation, which controls the affairs of Hyperledger. It has no fixed decentralisation. It is an umbrella platform that enterprises can use to develop blockchain-based solutions.
Consensus Protocol: Bitcoin uses the PoW consensus mechanism to validate transactions. Miners or nodes need to solve complex mathematical problems and verify transactions via a 2/3rd consensus.
Hyperledger uses multiple consensus mechanisms, including PFBT, Kafka consensus, Raft Ordereder, Solo Orderer, and Ordering Service Nodes. Users can choose one that best fits their use case.
Customisations: The Bitcoin network isn’t programmable. It uses a simple programming language to set transaction rules. These rules only say who can spend the Bitcoin and when.
However, lately, we are seeing Ordinals and BRC-20 token standard, BItcoin’s standard for building tokens on its network.
Hyperledger is built to be customised and configured to suit business processes. Users can use it to develop highly personalised blockchains for their organisations. It has multiple enterprise-ready permissioned blockchains for perusal.
Security: Bitcoin is the most secure blockchain in the world, given its decentralisation and security mechanisms like SHA-256, private-public keys, and cryptography. Bitcoin is even secure from 51% attacks.
Hyperledger, being a customisable distributed database with varying levels of decentralisation, might sometimes be prone to attacks. Some security mechanisms can help strengthen the network.
Privacy: Bitcoin is an open network where you can remain pseudonymous but every transaction is available for public scrutiny. Bitcoin isn’t a private network.
Hyperledger provides distributed databases that support privacy. Enterprises require privacy and high performance, which Hyperledger provides.
Speed: Since Bitcoin is highly decentralised, every transaction on the network must be validated by the majority of the nodes. The computations and consensus involved in validation don’t allow Bitcoin transactions per second to exceed 7–12.
Hyperledger can process up to 20,000 transactions per second. Since there is a limited set of validators, the transactions are approved quickly.
Use cases: Bitcoin is essentially a payments network. It is used majorly as a store of value and a medium of exchange.
Hyperledger can be used in various use cases, such as healthcare, banking, supply chain management, trade finance, etc.
Security and Privacy
Permissioned blockchains allow high levels of privacy and security for enterprise-level use cases. No one can access the blockchain or any information stored without verified credentials.
These blockchains add privacy to help secure user data and trade secrets. Enterprises can maintain regulatory compliance and adherence to laws such as the General Data Protection Regulation (GDPR).
Scalability
Permissioned blockchains are highly performant and scalable due to the limited number of validators that approve transactions. Due to a closed network, permissioned blockchains can handle massive transaction volumes. Businesses can scale up without worrying about transactions getting slower.
Customisation
Permissioned blockchains can be designed to suit the requirements of different businesses, including banking, supply chain management, data security, etc., and processes, such as identity management, transaction validation, data storage, real-time analysis.
For instance, a business wants to improve the accuracy of its accounting process and financial books. The organisation can rent permissioned blockchain services as Blockchain-as-a-service (BaaS) and use it as an interface to automate the recording, verification, and consensus of transactions by end users.
Control: Who owns the data, and how is it managed?
Permissioned blockchains are also flexible regarding the level of decentralisation. You can opt for a fully centralised blockchain or have incremental decentralisation. This gives businesses more freedom to perform their operations without being bogged down by speed or scalability issues.
Similarly, since the identity of all the participants on the network is known and their transactions can be traced, regulatory requirements such as KYC and Anti-Money Laundering (AML) can be met with ease.
Higher implementation and maintenance costs
Permissioned blockchains may be costly as they need to be customised and built natively as per the business’s requirements. A better option is to hire blockchain services from BaaS vendors. However, in the case of sensitive and vulnerable operations like banking and supply chains, in-house ledgers over a blockchain are advisable.
Centralisation Concerns — risk of power concentration
Most of the centralisation risks with permissioned blockchains depend on how they are configured. Since there are a limited number of nodes or validators, there is a greater chance of hacks and malicious attacks. There are also risks of corruption as the control lies in a few hands. Security concerns are a risk factor in any application connected to the internet, and blockchains are no anomaly.
Lack of decentralisation
Permissioned blockchains may be against the ethos of decentralised and open networks for which blockchain became a disruptive force soon after Bitcoin’s launch in 2009.
What users need to understand is that decentralisation and open-source code isn’t inherently a virtue. It is the advantages it brings to various applications. For instance. Bitcoin allows P2P cross-border payments because it’s decentralised. But is the Bitcoin network apt for everyday use in finance and supply chain?
The simple answer is no. A payment network like Visa can handle 65K transactions per second, but Bitcoin can handle only 7 TPS. Similarly, a supply chain on Ethereum won’t serve the purpose. Ethereum is open source, and the organisation needs to maintain a certain level of privacy, hence requiring a private network.
A blockchain-enabled banking system can gain in effectiveness, security and innovation provided it uses a permissioned network accessible to only a select few. In this case, the access control would lie with the bank employees and higher authority.
Permissionless blockchains were built to democratise access by removing middlemen, third parties, or central authority and facilitating the direct exchange of value. They are truly decentralised in that no central authority oversees their affairs, and anyone can become a part of the network in the capacity they prefer.
Also, permissionless networks are free from government censorship or inflationary forces. No central authority or external entity can come and prevent you from taking part in the network. And since transaction history is traceable, trustlessness and transparency are ensured.
However, public or permissionless blockchains like Bitcoin and Ethereum suffer from their own challenges. Firstly, public networks are energy-intensive and slow. Permissionless blockchains are also not fit for enterprise-level use cases since they lack privacy, scalability, and performance, which are needed in cases involving mass adoption.
Ethereum and Bitcoin have earned the repute of being veterans in space, with better and faster blockchains gaining popularity lately. Ethereum has an entire ecosystem of proficient layer-2 solutions like Polygon, Arbitrum, Optimism, etc., that move transactions off-chain, validate them, and update Ethereum’s network state, reducing the transaction load on Ethereum mainnet. Lately, Bitcoin is also seeing an influx of L2s with the promise of adding speed and scalability.
Banks were some of the earliest adopters of blockchain technology. They use permissioned blockchains to streamline cross-border transactions, improve the efficiency of operations, secure user data, and manage intra-bank transfers.
For instance. JP Morgan uses Quorum to secure transactions and Onyx to exchange digital assets. BBVA and Red Eléctrica Corporation recently facilitated a syndicated loan with MUFG and BNP Paribas at record speed on BBVA's blockchain platform.
Italian bank Intesa Sanpaolo uses a permissioned blockchain to validate trading data in partnership with Deloitte and Eternity Wall. UK's second-largest bank, Barclays, uses blockchain to streamline fund transfers and KYC processes.
Permissioned blockchains are finding increasing utilities in verifying suppliers in drug supply chain management, insurance claim handling, appointment scheduling, and patient data management. In clinical trials, blockchain can help in data sharing, data privacy, and enrolling patients.
Some real-world examples of permissioned blockchain adoption among healthcare companies include Akiri, BurstIQ, Medicalchain, Guardtime, Avaneer Health, and Chronicled. Akiri operates a network-as-a-service to help protect the exchange of patient health data. MediLedger is a leading blockchain protocol that helps companies across the prescription drug supply chain verify the authenticity of medicines.
Permissioned blockchains find some of the biggest use cases in supply chain management (SCM). Major use cases include ensuring food safety, verifying product authenticity, traceability and anti-counterfeiting.
Blockchains can also be useful in tracking sustainability initiatives like tracking waste, emissions and environmental impact at every phase of the supply chain. Walmart uses blockchain to manage its suppliers of leafy greens.
_______________
Interesting fact: Nestle used blockchain to strengthen its image in the Chinese market. They used blockchain to record the journey of baby formula on its way to the supermarket shelf. With a mobile phone, a consumer could scan the package to see the ingredients, their source, and which companies produced them.
_______________
Global states and governments have been pioneers in blockchain experiments. Estonia uses a permissioned blockchain solution to secure e-voting and to provide “the ability to 100% trust government data in any situation.”
Some other use cases at the administrative level include digital currency/payment verification, land registration, identity management, legal identity management, supply chain traceability, health care, taxation, and corporate registration.
Now that you understand the difference between a permisioned and a permissionless blockchain, it is pertinent that we resolve your dilemma — how to choose which blockchain suits best a given process or use case.
Here are a few decision criteria that can come in handy.
Industry needs: Sectors like DeFi, NFTs, RWAs, dApps, Web3 games, etc., require open networks, and permissionless networks work best for these. Meanwhile, permissioned blockchains work best for enterprises and organisations that require business-specific personalisation, speed, and privacy.
Sectors like supply chain and finance cannot use a public database for record-keeping. Finance and banking require the safety of Personally Identifiable Information, and supply chains require organisational-level transparency but inter-level privacy to protect trade secrets from competitors and for compliance.
While use cases such as DeFi, gaming, NFTs, etc., can be served best via public blockchains where users collectively partake in the platform activities, use cases in healthcare, SCM, cybersecurity, banking and finance require some level of privacy, customisation, and speed to be able to make permissioned blockchain viable.
Regulatory and compliance requirements: Many business processes, such as identity verification banking or even supply chains, require adherence to certain regulatory measures. Cryptocurrency transfer trading and staking are bound by a different set of regulations.
Level of decentralisation needed: As discussed earlier, decentralisation isn’t a virtue in itself. A more decentralised solution is preferable if your business requires better transparency, such as in e-voting. However, a centralised or less decentralised blockchain solution would also work if the task involves monitoring a supply chain or transacting payments, where some control is required.
Scalability and transaction speed: Payments and trade finance cannot do without high transaction speed and execution times. A permissioned blockchain with a limited set of validators and a fast consensus mechanism is more suited for the task.
However, if the use case involves storing healthcare records, a decentralised blockchain infrastructure that enables inter-organisational data sharing via tokenisation could be a great solution.
As enterprises and governments discover the virtues of permissioned chains, we will see even greater adoption. Already, the world’s top companies deploy their processes on a blockchain infrastructure. With the integration of technologies like Artificial Intelligence and Internet of Things, the efficacy of blockchains is bound to grow manifold.
However, despite the wider scope for adoption and growth, even permissioned blockchains need to work towards interoperability, where organisational processes can communicate without any security risks or friction. Given the climate change threats, sustainability and energy efficiency will remain the focus of blockchain and tech development.
Meanwhile, choosing a blockchain for your enterprise should be done with the utmost care, as it will form a part of your tech stack and interact with the rest of the software solutions. Any friction shouldn’t be neglected, and only the blockchain that best suits the above criteria should be chosen.
Businesses should explore permissioned blockchains as a prospective tech for their solutions. This will allow them to enjoy the ideals of blockchains with convenience and choice of customisation.
Discover. Learn. Profit
Subscribe to our newsletter to be in-loop with all news from the crypto world
What is the difference between a public and permissioned blockchain?
The main difference between a public and a permissioned blockchain is access. A public blockchain is accessible to anyone, while a permissioned blockchain is accessible only to pre-approved users.
Can permissioned blockchains be hacked?
Permissionless blockchains are also vulnerable to hacks and malicious attacks, and social engineering attacks impact them the most.
Why do enterprises prefer permissioned blockchains over public ones?
Permisisoned blockchains perform better in speed, scalability, and programmability than permissionless blockchains. They provide close networks with distributed databases, allowing for selective access, better control, role-based access, and privacy.
Is Bitcoin a permissioned or permissionless blockchain?
Bitcoin is a permissionless blockchain. You can even become a part of the network as a user, node operator, miner, or holder.
