Registered versus Bearer Assets
Nothing in what I have said here is meant to take away from the inspired, brilliant solution that Satoshi implemented for censorship resistant digital cash. And, furthermore, that design goal is IMHO a worthy one. Society should have a digital cash that replicates the same anonymous and permissionless properties that we already enjoy with physical currency.
But a proof-of-work blockchain is only suitable as a distributed ledger for value that society is prepared to treat as a bearer asset. Physical cash is (almost) like this. A shop owner doesn’t due dil his customer to make sure that the £10 note the customer is about to hand over rightfully belongs to him. In practice, when it comes to physical cash, possession-is-ownership.
Ditto the bitcoin blockchain. Possession (of a private key) is ownership (at least in the anarchic, code-is-law jurisprudence of the bitcoin protocol), regardless of how one came into possession, for there is no way for the blockchain to discriminate among spend transactions of coins obtained through legitimate trade, defrauding a counterpart (eg, via a double-spend), or theft of someone’s private key.
But the proposition that security interests and other property titles should also be cast in the same bearer asset mould will go nowhere. Few actually want this, and, anyway, few jurisdictions will actually allow it. (In fact, it’s looking increasingly likely that few jurisdictions will even grant bitcoins bearer asset status.) This is not a serious idea.
Now, I am sure that the advocates of putting property titles on the bitcoin blockchain will object at this point. They will say that through meta protocols and multi-key signatures, third party authentication of transaction parties can be built-in, and we can create a registered asset system on top of bitcoin. This is true. But what’s the point of doing it that way? In one fell swoop a setup like that completely nullifies the censorship resistance offered by the bitcoin protocol, which is the whole raison d’etre of proof-of-work in the first place! These designs create a centralised transaction censoring system that imports the enormous costs of a decentralised one built for censorship-resistance, the worst of both worlds.
If you are prepared to use trusted third parties for authentication of the counterparts to a transaction, I can see no compelling reason for not also requiring identity authentication of the transaction validators as well. By doing that, you can ditch the gross inefficiencies of proof-of-work and use a consensus algorithm of the one-node-one-vote variety instead that is not only thousands of times more efficient, but also places a governance structure over the validators that is far more resistant to attackers than proof-of-work can ever be.