Defining DLT Immutability: A Qualitative Survey of Node Operators
Alex Lynham, Geoff Goodell
TL;DR
Immutability in permissionless blockchains is not an absolute property; the authors introduce Practical Immutability, defined as immutability that is conditional on a network's legitimate governance. Using qualitative data from Cosmos node operators collected via surveys and semi-structured interviews, they apply thematic analysis to identify Legitimacy and Trust as core meta-themes governing when ledger state changes are considered acceptable. The study shows that governance-driven rewrites—rather than pure technical barriers—ultimately determine ledger state integrity, with instances like clawbacks, tombstonings, and forks illustrating conditional mutability. This work reframes immutability as a governance-enabled property, offering a framework for evaluating real-world resilience and trust in public, permissionless distributed ledgers.
Abstract
Immutability is a core design goal of permissionless public blockchain systems. However, rewrites are more common than is normally understood, and the risk of rewrite, cyberattack, exploit, or black swan event is also high. Taking the position that strict immutability is neither possible on these networks nor the observed reality, this paper uses thematic analysis of node operator interviews to examine the limits of immutability in light of rewrite events. The end result is a qualitative definition of the conditional immutability found on these networks, which we call Practical Immutability. This is immutability contingent on the legitimate governance demands of the network, where network stakeholders place their trust in the governance topology of a network to lend it legitimacy, and thus manage ledger state.