Asking Permission: What's the Difference Between a Public and Private Blockchain?

  • Report
  • July 21, 2016

When it comes to who has access, not all blockchains are the same. This article explains the differences between permissioned and permissionless chains.


Not all blockchains are the same, particularly when it comes to who has access. In this article, we will discuss the concept of public or permissionless blockchains v. private or permissioned blockchains. [1]

Permissionless Blockchains

One of Bitcoin’s most striking features is that anyone with an internet connection can use it. No one needs to register anywhere or provide identification: anyone can easily create a bitcoin address and convince someone to send money to it.[2] Anyone can also become a miner to create new blocks and contribute to the network: all one needs is the hardware, an internet connection, and a decent amount of technical knowledge to set up the miner. Similarly, anyone can download the entire blockchain to become a full node, to analyze it, or simply for novelty. The underlying code is open-source, widely published, and hotly debated. Anyone can build services on it, including wallets, payment processors, and even other blockchains.

In many ways, it is ‘public’: open to anyone at any time. No one needs permission. In Bitcoin, there’s no one who would even give permission, because the network is a collection of thousands of users who don’t know each other and weren’t even involved in Bitcoin’s creation. Many cryptocurrencies that have followed Bitcoin adopted this feature – people can remain anonymous or pseudonymous to be a miner, a staker, a node, or an entrepreneur.

This openness comes with risks that are part of operating in an environment where you don’t know and can’t trust other users.

  • It can be used for anything, including scams, money laundering, and buying contraband.
  • You need financial incentives to keep validators maintaining the blockchain while also keeping it economically infeasible to gain control of the network,
  • Introducing changes is hard, because 51% of the network needs to agree—and it could fork,

This ultimately makes public/permissionless blockchains frightening for many people—and exciting for others.

Permissioned Blockchains

To minimize or remove these risks while retaining some of the benefits of blockchains, people began introducing private blockchains, which users need permission to access. The most notable permissioned blockchain is Ripple, which is being used by R3 banks around the world to send money across borders.

Most private/permissionless blockchains are actually private consortia blockchains: they aren’t controlled by one entity but rather a consortia of entities who give others permission to use it. Everyone who operates on it has been ‘vetted’ to some degree.

Permissioned blockchains address many of the risks created by public blockchains. Many are based on the fact that people in the network can be trusted to some degree.

  • You can blacklist users, such as terrorists and scammers
  • Blockchain protocols can be optimized for specific uses that the consortia members agree on (such as cross-border payments)
  • The cost of verifying transactions is generally lower because you have trusted validators instead of a distributed community of miners/stakers
  • Updating the protocol is much easier: users who don’t agree lose permission
  • Nodes are well known and not at risk of going down
  • You can more easily control things like privacy

Ultimately, many see permissioned blockchains as the future that banks, regulators, and other established players will embrace. They provides more control and can be adapted to existing regulations and business processes. Their strongest argument is that permissionless blockchains simply present too much risk.

Permissionless blockchains are much more disruptive and difficult to fit into existing legal and business frameworks. Their strongest argument is that blockchains are like the Internet: they need to be open to benefit from innovation.

Further Reading

[1] Bitfury has argued that public v. private is not the same as permissioned v. permissionless. We retain some of their reasoning, but we consider them to be equivalent.

[2] A variety of bitcoin services do require registration and proof of identity, but these are not required to use Bitcoin—they are required for the service itself to operate as a legally recognized business.