Decrypting distributed ledger design—taxonomy, classification and blockchain community evaluation

More than 1000 distributed ledger technology (DLT) systems raising $600 billion in investment in 2016 feature the unprecedented and disruptive potential of blockchain technology. A systematic and data-driven analysis, comparison and rigorous evaluation of the different design choices of distributed ledgers and their implications is a challenge. The rapidly evolving nature of the blockchain landscape hinders reaching a common understanding of the techno-socio-economic design space of distributed ledgers and the cryptoeconomies they support. To fill this gap, this paper makes the following contributions: (i) A conceptual architecture of DLT systems with which (ii) a taxonomy is designed and (iii) a rigorous classification of DLT systems is made using real-world data and wisdom of the crowd. (iv) A DLT design guideline is the end result of applying machine learning methodologies on the classification data. Compared to related work and as defined in earlier taxonomy theory, the proposed taxonomy is highly comprehensive, robust, explanatory and extensible. The findings of this paper can provide new insights and better understanding of the key design choices evolving the modeling complexity of DLT systems, while identifying opportunities for new research contributions and business innovation. Supplementary Information The online version contains supplementary material available at 10.1007/s10586-021-03256-w.


I. INTRODUCTION
Over 1000 systems have emerged in recent years from distributed ledger technology (DLT), raising $600 billion in investment in 2016 [1]. They power a large spectrum of novel distributed applications making use of data immutability, integrity, fair access, transparency, non-repudiation of transactions [2] and cryptocurrencies. These applications include improving supply-chains [3], creating self-sovereign identities 1 [4], establishing peer-to-peer energy markets [5], securing digital voting [6], [7] and enabling international financial transactions [2]. The most well-known DLT system is Bitcoin, featuring a novel consensus mechanism 2 and a cryptoeconomic design 3 (CED), which enables untrusted parties to reach consensus [8]. Bitcoin is the first public DLT system, which prevents double-spending 4 and Sybil attacks 5 [9].
A distributed ledger (DL) is a distributed data structure, whose entries are written by the participants of a DLT system after reaching consensus on the validity of the entries. A consensus mechanism is usually an integral part of a distributed ledger system and guarantees system reliability: all written entries are validated without a trusted third party. Distributed ledgers are usually designed to support secure cryptoeconomies, which are capable of operating cross-border, without depending on a particular political structure or legal system. These cryptoeconomies rely on digital currencies referred to as tokens and cryptographic techniques to regulate how value is exchanged between the participating actors [10], [11]. The options and choices of a cryptoeconomy are referred to as cryptoeconomic design (CED) and this plays a key role in the stability of a DLT system in terms of convergence, liveness, and fairness [8]. Nevertheless, making system design choices in this rapidly evolving technological landscape to meet the requirements of a broad spectrum of distributed applications is complex and challenging. The lack of a common and insightful conceptual framework for DLT has been cited as a significant barrier in this regard [12]. Moreover, the system configuration space of distributed ledgers and the cryptoeconomies they support is large, which has implications on the applicability as well as cost-effectiveness of DLT systems in real-world applications [2]. To date, these configurations have not been rigorously formalized to guide researchers and practitioners on how to design DLT systems [8], [13]. In particular, the broad spectrum and complexity of key design choices have not been determined. It has been argued that this lack of a clear positioning of DLT systems leads to a fragmentation in the blockchain community and a duplication of effort [14]. The significance of this challenge is reflected in the recent taxonomies of distributed ledgers [2], [14], [15], [16], [17]. This paper derives a useful 6 taxonomy of DLT systems from a novel conceptual architecture. This taxonomy is then utilized to classify 50 viable and actively maintained DLT systems. In contrast to earlier work, a novel evaluation methodology is employed that solicits feedback from the blockchain community and constructively uses it to validate and further improve the proposed taxonomy and classification. Moreover, the classification data are utilized to reason about key design choices in the observed DLT systems, which then, in turn, determine a design guideline for these systems.
The contributions of this paper are outlined as follows: 1) A conceptual architecture that models DLT systems with four components. The architecture ( Figure II) defines minimal and insightful design elements to illustrate the inner mechanics of distributed ledgers and the interrelationships of their components. 2) A taxonomy of distributed ledgers that formalizes a set of 19 descriptive and qualitative attributes, including a set of possible values for each attribute. They illustrate the four DLT components in more detail ( Figure 2) and provide deeper insight into cryptoeconomic concepts such as utility token, public blockchain, etc. 3) A classification of 50 DLT systems, including Bitcoin and Ethereum, backed by an extensive literature review. 4) A taxonomy evaluation criterion referred to as 'expressiveness' derived from earlier theory on taxonomies. 5) Crowdsourced feedback from the blockchain community to further assess and improve the taxonomy and classification. 6) Design guideline for DLT systems (Figure 11), which is constructed by reasoning based on empirical data of viable, actively maintained and academically referenced DLT systems. This guideline structures the modeling complexity of DLT systems by grouping similar attribute values of the taxonomy into a characteristic design choice. This paper is organized as follows: In Section II, terminology and recent taxonomies for DLT systems are discussed. A conceptual architecture for DLT systems is introduced in Section III, while a taxonomy is outlined in Section IV. Thereafter, Section V illustrates the methodology of the conducted experiments and Section VI presents the evaluation. Section VII summarizes the findings and derives based on these a design guideline for DLT systems. Finally, in Section VIII a conclusion is drawn and an outlook on future work is given.

II. BACKGROUND AND LITERATURE REVIEW
DLT systems use different types of distributed ledgers as data structures. In particular, the literature distinguishes between distributed ledgers (DL) and blockchains [2], [13], the latter representing one way to implement the former. Another type of distributed ledger is the directed acyclic graph [15].
The entries of a distributed ledger contain transactions. Any type of transaction can be stored, ranging from cryptographically signed financial transactions, to hashes of digital assets, and Turing-complete executable programs [2], i.e. smart contracts. DLT systems often provide access rights to these transactions, which determine who can initiate transactions, write them to the distributed ledger, and read them again from the ledger [2]. In addition, DLT systems utilize socalled tokens [16], which are defined as a unit of value issued within a DLT system and which can be used as a medium of exchange or unit of account (see Section IV-D). These tokens span a multi-dimensional incentive system via which they can promote self-organization [24] and thus lead to benefits in society [25], such as contributing solutions for the UN Sustainable Development Goals (SDGs) [26]. Hence tokens are identified as another key component of DLT systems in addition to the distributed ledger [27]. These components can be modeled independently, resulting in systems that do not necessarily maintain a native distributed ledger. In such cases, a token is defined while another system is used to provide the infrastructure for a distributed ledger. For instance, the Aragon system does not maintain a natively developed distributed ledger [28].
The ability to define the type of transactions, access rights and tokens is used to regulate the behavior of users, i.e. by limiting and granting access rights to system services or by incentivizing specific actions with tokens. These socioeconomic choices not only influence aspects of the system stability, such as the correctness, liveness and fairness of the consensus mechanism [8], but also determine how complex cryptoeconomies emerge [10], [11]. In other words, cryptoeconomic design (CED) plays a key role in enabling DLT systems to reach stability and underpin how the economies form.
A DLT system has to reach consensus before a transaction can be permanently written to its ledger [16]. This consensus mechanism is a functional element of any DLT system [13], as it enables a decentralized network to take decisions about the validity of entries in the distributed ledger [29]. In particular, in the context of DLT systems, consensus prevents token units from being spent twice [30] and Sybill attacks [9], which is where fake identities are used to inject false information into the distributed ledger.
Recent ontologies and taxonomies have been proposed to structure the design space of DLT systems. A comparative summary of earlier work is shown in Table I. Column 3 of that table depicts if the paper utilizes a conceptual architecture to construct the taxonomy. Nickerson et al. [18] suggest to conceptualize the domain of interest for which a taxonomy is developed. In such a conceptual architecture, the attributes of a taxonomy should be positioned such that these are mutually exclusive and collectively exhaustive [18]. Nevertheless, only Paper 4 and 8 in Table I provide a conceptual architecture (Column 3 in Table I) that determines the choice of some of the attributes. For instance, Paper 4 distinguishes between onchain and off-chain components [16]: attributes of the DLT system, which exist on the distributed ledger (e.g. permission Taxonomy theory identifies, that a useful taxonomy should be concise and robust [18], hence using a limited number of attributes, which differentiates the objects of interest. The number of attributes listed in the papers varies considerably, from 4 to 30 (Column 4 in Table I). One explanation is that the papers focus on different aspects of DLT systems and thus study different (sub)sets of attributes. For instance, Yeow et. al [15] (Paper 5 in Table I) focus on Internet of Things applications of DLT systems and only use four attributes, whereas Tasca et. al (Paper 1 in Table I) design a taxonomy to model all types of DLT systems and hence use 30 attributes [14]. Nevertheless, none of the papers justifies the number of selected attributes. In particular, their impact on conciseness and robustness of the taxonomy is not evaluated. Also, several of the attributes potentially overlap with each other conceptually due to the aforementioned lack of a conceptual architecture.
Consensus is identified as a core feature of DLT systems [29] and as such, it is incorporated in all papers listed in Table I. For this reason, it is omitted from this table. Nevertheless, just four papers consider schemes to incentivize participation in the consensus mechanism (Column 5 in Table  I).
Seven papers include cryptoeconomic design in their taxonomy (Column 7 in Table I). In particular, six papers consider access rights to transactions (Column 8 in Table I). Only Paper 1 and 7 derive a taxonomy, which includes tokens and their properties (Column 9 in Table I).
Paper 5 and 8 illustrate a classification of DLT systems based on their proposed taxonomy (Column 10 in Table I). For instance, Paper 5 illustrates the classification of 28 DLT systems. The authors rely on three attributes: data structure, scalable consensus ledger, and transaction model [15]. However, neither of the two papers introduces a formal methodol-ogy to select the classified DLT systems, which lowers their objectivity. Also, without a formal selection methodology it is not guaranteed that the taxonomy enables a comprehensive classification of all known DLT systems, which is a quality criterion of taxonomies [18].
The usefulness of a taxonomy depends on qualitative criteria studied in taxonomy theory [18]. An approach to assess the usefulness of a taxonomy is to utilize crowdsourced community feedback and thus the wisdom of the crowd. This is particularly relevant in the case of DLT systems and the blockchain community. As the community shapes the blockchain landscape, soliciting their feedback can provide both, invaluable new insight into the design of DLT systems and increase the usefulness of a taxonomy. Nevertheless, such an endeavor has not been pursued until nowadays, as shown in Column 11 of Table I. Finally, a quantitative evaluation and analysis of taxonomy and classification elements by means of statistical or machine learning methods have not been performed so far (Column 12 in Table I). This is a missed opportunity, as such an approach can provide more objective insights into the usefulness of taxonomies and identify key design choices in DLT systems that structure the modeling complexity of these systems at design phase, as demonstrated in this paper (Section VI-B).
The most comprehensive taxonomy, as defined by Nickerson et. al [18] and introduced by Tasca et al. [14], is worth a brief discussion. This taxonomy for DLT systems consists of eight components encompassing a total of 30 attributes. It includes a CED with three components: native currencies/tokenization, identity management, and charging, as well as a reward system. In particular, the access rights to transactions and the properties of tokens are discussed. Access rights to participate in the consensus mechanism and the incentivization of this mechanism are also illustrated. Despite extensively covering many relevant concepts, this taxonomy lacks a conceptual architecture to connect the various elements, i.e. no information is given about how the eight components relate to each other. Moreover, it remains unclear what explicit criteria the authors use to decide upon these eight components and 30 attributes. In particular, as the amount of attributes is four times larger than the average in the other papers (on average 7.4 attributes, Column 3 in Table I) it is unclear if the proposed taxonomy is concise as defined in the context of taxonomy theory [18]. In addition, no distinction is explicitly made between CED and DL, or between on-chain and off-chain aspects. In particular, this taxonomy does not differentiate between different types of distributed ledgers. This limits its ability to provide a more granular differentiation of distributed ledgers, which is a quality indicator for taxonomies [18].
In summary, a few observations can be made about current DLT system taxonomies. First, they predominantly focus on the DL and consensus mechanisms, while largely missing the role of cryptoeconomics and token design, despite their significant influence on system stability [8]. Second, the interrelationships between the different components as well as the choice of attributes are usually not based on an overarching conceptual architecture. Third, only two of the papers classify real-world DLT systems. Nevertheless, these papers neither utilize a rigorous scientific methodology nor quantitatively analyze their classification. As a result, classification is usually not formally validated and the identification of design choices is limited to qualitative criteria. Last but not least, none of the proposed taxonomies are systematically refined based on feedback from blockchain practitioners. This complementary external validation process promises to produce more unbiased taxonomies.
This paper addresses all of the aforementioned limitations identified in the literature and contributes a useful taxonomy as defined in earlier taxonomy theory [18], built on a solid conceptual architecture, assessed via classifications and validated by both, feedback from the blockchain community and machine learning methods. Moreover, the quantitative analysis of the classification is utilized to identify key design choices in observed DLT systems.

III. CONCEPTUAL ARCHITECTURE
By studying 50 DLT systems (see Table 1 in Supplementary Material for an overview of these systems), a conceptual architecture is introduced in this section. The architecture is composed of a set of four key components and shows, how they relate to each other as well as how they are positioned in the distributed ledger design space. The architecture is depicted in Figure II. The four components are illustrated in the rest of this section.
Action component. A human or machine performs an action in the real world (Arrow A in Figure II), for example planting a tree or carrying out a monetary transaction. Here, at the border between the real world and digital world, the action is represented digitally, and is referred to as claim.
Consensus component. Claims are broadcast to all nodes in the network that can participate in the consensus mechanism (Arrow B). These nodes (referred to as miners in Bitcoin or minters in Peercoin) collect these claims to write them to the distributed ledger.
Distributed ledger component. Participants in the consensus mechanism combine these claims into entries (referred to as blocks in Bitcoin) and write them to the distributed ledger (Arrow C). This representation of the claim on the distributed ledger is called a transaction. Transactions and their containing objects (e.g. smart contracts) that exist on the distributed ledger are referred to as on-chain, in contrast to off-chain objects, which exist on the Consensus or Action component.
Token component. The way token units are created depends on whether an incentive system is part of the DLT system. If it is, there are two options: token units are given as rewards to nodes for either participating in the consensus mechanism (Arrow D) or carrying out an action (Arrow E). While the inherent properties of such tokens (e.g. whether supply is capped or not) are determined by the design of the DLT system, the value of the token units is backed by underlyings, which are cryptoeconomic assets that reside on-chain (Arrow F, for example other tokens or executable code) or off-chain (Arrow G, for example goods, services or commodities). In particular, it has been noted, that the value of cryptoeconomic tokens is important for the ecosystem to be robust [24].
Example Ethereum. In the case of Ethereum, one type of action involves deploying a piece of code (Arrow A in Figure  II), such as a smart contract. These actions are collected by miners (Arrow B) and written as a block to the Ethereum distributed ledger (Arrow C). A miner who successfully writes a block obtains Ether, which refers to newly created units of a token that serves as an incentive to mine (Arrow D). The Ether token has inherent properties, e.g. it has uncapped supply. It also has value because it enables its owner to access the onchain computational power of the Ethereum network (Arrow F).

IV. TAXONOMY
Based on the conceptual architecture of Section III, a taxonomy is designed, using the method proposed by Nickerson et al. [18]. The goal of the taxonomy is to enable a comprehensive classification of DLT systems that enable the quantitative derivation of key design choices in these systems. For this, the taxonomy illustrates both, the distributed ledger technology (DLT) and the cryptoeconomic design (CED) of academically relevant DLT systems. For this, the taxonomy positions the four components from Section III across two dimensions ( Figure 2). The first dimension concerns aspects of the system design related to distributed ledger technology (DLT) -Distributed Ledger component, Consensus component -, while the second dimension concerns aspects pertaining to cryptoeconomic design (CED) -Action component and Token component.

A. Distributed Ledger
Definition 1. A distributed ledger is defined as a distributed data structure, containing entries that serve as digital records of actions. In the Bitcoin system, an entry in the data structure is called a block. In the IOTA system, it is called a bundle. An entry contains a set of transactions ( Figure II, DL component). In Bitcoin, these transactions represent the exchange of cryptocurrency value. The attributes of the distributed ledger are type, origin, address traceability and Turing completeness. 1) Type: denotes the data structure of the distributed ledger and can be one of the following: blockchain, directed acyclic graph (DAG) or other.
The most well-known type is the blockchain; an immutable and append-only linked list, which has a total order of elements. Several systems use blockchains, such as Bitcoin [2], Ethereum [31] and Litecoin [32]. In contrast to these systems, IOTA uses a directed acyclic graph [15]. This data structure is no longer a linked list, but a directed graph with no cycles, leading to a partial order of elements. Moreover, Ripple neither uses a blockchain nor a directed acyclic graph but instead operates on other consensus-based accounting mechanism [33].
2) Origin: refers to who maintains the distributed ledger. The attribute value can either be native, if the distributed ledger is maintained by and for the system itself or external, if the system uses a distributed ledger from another DLT system or hybrid if the systems maintain their own distributed ledger in combination with a distributed ledger of another DLT system.
The level of maintenance varies between different DLT systems. Bitcoin develops and maintains its distributed ledger natively, as does NXT [16]. In contrast, Aragon [28], Augur [34] [33] and Counterparty [15] does not maintain a native distributed ledger, opting to use the Ethereum or Bitcoin infrastructure instead. Systems can use a hybrid approach. Factom combines a natively developed blockchain and its own consensus mechanism with the Bitcoin blockchain [2].
3) Address traceability: denotes the extent to which different transactions, which originate from or arrive at the same chain identity, can be linked together. The value can either be obfuscatable, if the distributed ledger has mechanisms in place to hide such links or linkable, if these links can be inferred with some computational effort.
The level of address traceability varies between the differ-ent DLT systems. Zcash [2] and Monero [14] are so-called privacy coins, which perform advanced measures to unlink transactions [8]. Hence, the on-chain identities of the actors remain obfuscated. Bitcoin has linkable address traceability [8]. In theory, transactions cannot be linked to a particular chain identity, but it has been shown that this can actually be achieved with some computational effort [2]. The same applies to Ripple [35]. 4) Turing completeness: refers to whether a Turing machine can be simulated by the DL and can either be Yes or No.
Some DLs, such as Ethereum, can execute Turing machines. This allows Turing complete smart contracts to be stored and executed [16], in contrast to the Bitcoin blockchain [8].
5) Storage: denotes whether additional data can be stored on the distributed ledger beyond the default transaction information. The attribute value can either be yes if data can be stored or no, if additional data cannot be stored.
The distributed ledger of Bitcoin allows arbitrary data to be stored inside transactions. This allows Bitcoin to be used as a base layer for other DLT systems, such as observed in the Counterparty system [15]. In contrast to Bitcoin, IOTA does not allow additional data to be stored [36].

B. Consensus
Definition 2. Consensus is the mechanism through which entries are written to the distributed ledger, while adhering to a set of rules that all participants enforce when an entry containing transactions is validated.
The attributes of consensus are finality, proof, write permission, validation permission and fee. Due to the scope of the taxonomy to enable a comprehensive classification of all components of a DLT system ( Figure II), more granular consensus attributes such as verification speed are not considered. Nevertheless, detailed consensus attributes can be found in [30], [37].
1) Finality: refers to the guarantee that past transactions can not be changed or reversed. Its value is deterministic if consensus is guaranteed to be reached in finite time, or probabilistic if there is some uncertainty over whether consensus can be reached.
Most DLT systems use the Nakamoto consensus [2], which is a Byzantine Fault Tolerance (BFT) algorithm. These types of algorithms tolerate a class of system failures that belong to the Byzantine Generals Problem [38]. In particular, a consensus algorithm that has this property prevents under some guarantees 7 [8] consensus participants from writing a false transaction to the distributed ledger.
In contrast to other BFT algorithms, the Nakamoto consensus is probabilistic. This type of algorithm validates each new entry using the entire history of previous entries: An entry is accepted if there is a certain number of new entries referencing it [8]. For instance, in the case of Bitcoin, a writer validates a transaction by considering the whole blockchain and then including the transaction in a new block. As soon as this block is referenced by six other blocks, it is confirmed, as the probability that a second chain of six blocks referencing each other, but not referencing this block, is low [2]. Similarly, the directed acyclic graph of IOTA confirms an entry when it is referenced by a significant number of new entries [15]. On the other hand, Ripple does not use a Nakamoto consensus algorithm and it is guaranteed that consensus can be reached in a finite period of time [29].
2) Proof: is the evidence used to achieve consensus. The value can either be proof-of-work (PoW), if consensus is achieved using the processing power of computers; proof-ofstake (PoS), if it is achieved through voting processes linked to (economic) power in the system; hybrid, if it is a combination of the previous two or other, if another form of proof is required.
Participants in the consensus mechanism require proof before accepting the validity of an entry. Bitcoin uses a proof-ofwork [16], which is the solution to a mathematical puzzle that requires computational processing power. A proof-of-stake is used by Ardor [14], which is the approval of a randomly selected consensus participant who must hold a stake in Ardor token units.
3) Write permission: denotes who is allowed to write entries to the distributed ledger. The value can either be restricted, if participation is restricted or public, if it is not.
The Bitcoin consensus mechanism is public [16], meaning that it allows everyone who has computing power to participate [29]. Conversely, the consensus mechanism of Ripple is restricted [16], meaning that only a few trusted institutions can participate [15].

4)
Validate permission: signifies who is allowed to validate claims before they are written to the distributed ledger. The value can either be restricted, if participation is restricted or public, if it is not.
In the case of Bitcoin, writers validate the correctness of claims before writing them to a block: hence, the validation permission is public. In contrast, in the case of IOTA, a central entity, the coordinator, validates transactions before they are collected in an entry and written to the directed acyclic graph [15].

5) Fee
: denotes whether participants in the consensus (writers and validators) are paid a fee for validating new entries and writing them to the distributed ledger. The value can either be yes or no.
In contrast to Bitcoin, where writers/validators are rewarded with fees [29], IOTA writers and validators receive no fees [15]. In the case of Ripple, consensus participants are not rewarded with fees, although actors need to pay a fee [39]. This system layout is captured by the fee attribute in the Action component (Section IV-C).

C. Action
Definition 3. An action is one or more real-life activities, which can be digitally represented by a DLT system as a transaction.
In this sense, a transaction represents digitally a real-life action. The attributes of action are actor permission, read permission and fee.
1) Actor permission: denotes who can perform an action. The value can either be restricted if actors have to fulfill special requirements before performing actions or public, if anyone can perform actions.
Bitcoin allows everyone to create a private key to send and receive token units [14]: hence, it has a public actor permission. Ripple uses restricted access rights. In order to comply with regulations (e.g. know-your-customer), actors need to register [14].
2) Read permission: refers to which actors can read the contents of transactions from the distributed ledger. The value can either be restricted, if preconditions need to be fulfilled before permission is granted, or public, if permission is not restricted.
Most DLT systems have public read access in the sense that everyone can read the content of the actions, which have occurred, e.g. the number of bitcoins transferred [14]. Systems utilizing privacy coins often restrict read access to the actors involved in a transaction (e.g. Zcash [2]), usually by making an effort to hide the number of token units transferred [8].
3) Fee: denotes whether an actor has to pay a fee for performing an action that is unrelated to the consensus. The values are yes or no.
Some DLT systems require actors to pay a fee, which is unrelated to the consensus before they can store an action on the distributed ledger. For instance, actors have to pay a fee in Augur, which is not distributed to consensus participants [34] but given to actors providing services in the system. In the case of Bitcoin, no additional fee is required to perform an action, except the fee paid to the consensus participants. Ripple also requires actors to pay a fee for each action, which is not paid to consensus participants but is subsequently destroyed [39].

D. Token
Definition 4. Token is a unit of value issued within a DLT system and which can be used as a medium of exchange or unit of account.
The associated attributes are supply property, burn property, creation condition, unconditional creation and underlying.
1) Supply property: refers to the total quantity of token units made available. The value can either be capped, if the total supply is limited to a finite number or uncapped otherwise.
If demand increases for a token, a capped supply can cause the perceived token value to appreciate and corresponds to a deflation in prices nominated in this token. Moreover, it can result in an appreciated exchange rate with other tokens, which in turn, increases the stability of a DLT system [8]. Bitcoin has a capped supply of 21 million units [14], whereas Dodgecoin does not have an upper limit [8].
2) Burn property: denotes whether token supply is reduced by removing token units. The values are yes or no.
Some DLT systems destroy token units in a process referred to as 'burn'. If demand remains constant, this decrease in the money supply causes token units to appreciate and hence, results in a better exchange rate with other tokens. For example in the case of Ripple, paid fees are removed from the total supply and are not returned [39]. In contrast, Bitcoin has no inherent mechanism to destroy token units.
3) Transferability: refers to whether the ownership of a token unit can be changed. The value can either be transferable, if the token can be transferred, or non-transferable otherwise.
Bitcoin token units can be transferred between different actors. Akasha plans to use non-transferable reputation tokens, so-called Mana and Essence [40].
4) Creation condition: denotes whether the creation of new token units is linked to the incentivization of the consensus mechanism and/ or an action. The value can either be consensus, if creation is linked to the consensus mechanism, action, if creation is linked to an action, both, if creation is linked to the consensus mechanism as well as an action, or none otherwise.
In the case of Bitcoin, new tokens are created to incentivize the consensus mechanism [2]. Other systems create new tokens to incentivize an action. For instance, Steemit creates new steem to incentivize content creation on the platform (e.g. writing blog articles) [41]. Moreover, Ripple does not use its token to incentivize the consensus mechanism or an action [42]. Furthermore, hybrid versions are possible, where new tokens are created to incentivize both the consensus mechanism and an action. For instance, newly created token units in the DASH system are awarded to both the consensus participants and the master nodes, who perform actions such as mixing transactions to enable obfuscatable address traceability [43]. 5) Unconditional creation: refers to the number of new token units that can be created, which do not serve to incentivize the consensus mechanism or an action. The value can either be partial, if some tokens are created unconditionally, all, if all tokens are created unconditionally (e.g. 100 % pre-mined tokens), or none otherwise.
At the genesis of the Bitcoin system, no token units had previously been mined and all tokens come into existence by incentivizing the consensus [8]. On the other hand, all Ripple tokens were created during the genesis of the system. In the case of Augur, some tokens were created during the genesis of the system [34]. 6) Underlying: denotes the source of a token value and what it consists of.
The value can either be token, if the token grants access to another token; distributed ledger if the token grants access to the distributed ledger, e.g. if the token is needed in order to use the storage or computing capacity of the distributed ledger; consensus, if the token grants access to the consensus mechanism, e.g. in a proof-of-stake type system; action, if the token grants access to perform or receive actions, goods or services in the real world; or none, if the token has no underlying.
The first two values (distributed ledger and token) are considered to be on-chain and the latter two are considered to be off-chain underlyings of a token unit (as depicted in Figure II).
The Ethereum token allows everyone to store data or smart contracts on-chain [2] and to access in this way the distributed ledger of the network. Hence, the source of value of Ether token units is that they grant access to the processing power of the distributed ledger. In contrast to Ether, the Golem network token units allow holders to access off-chain computations [33]. Thus, its underlying is action as the token provides access to a service in the real world (Action component). The Storj Token allows users to access off-chain storage [14], which again resides in the Action component. Siacoin allows for the storage of arbitrary data on both its distributed ledger [44] and its off-chain network [45]. Hence its underlyings reside in the DL and Action components.

V. EXPERIMENTAL METHODOLOGY
Based on the introduced taxonomy, 50 DLT systems are classified. The taxonomy and classification are evaluated by (i) the blockchain community via a survey and (ii) a quantitative analysis of real-world data. Furthermore, the quantitative analysis of the classification by the means of machine learning methods identifies key design choices in the observed DLT systems that structure modeling complexity at design phase. In the following, the methodologies of the classification (Section V-A), the blockchain community feedback (Section V-B) and the machine learning analysis (Section V-C) are illustrated.

A. Classification
The scope of the classification is to comprehensively capture the CED and DLT of viable, academically referenced and actively maintained DLT systems. Moreover, the classification aims at capturing the current state of a DLT system. In particular, features that are about to be released in the future are not considered. Finally, in the case that a system is 1 st layer (utilizing a native distributed ledger, e.g. a mainchain) and 2 nd layer (utilizing an external distributed ledger, e.g. sidechains), only the 1 st layer is classified. Likewise, if a system utilizes more than one token, only the main token is classified.
In order to guarantee reproducibility, objectivity, and comprehensiveness, a system selection process for the classification is designed. Figure 3 depicts this process and visualizes the number of remaining systems per refinement step. Two websites are used: • Coinmarketcap.com: Central point of information inquiry in the cryptoeconomics field, listing DLT systems by their market capitalization. The rationale is that the economic value of a system is a good proxy for its viability. Hence this source provides a ranked list of viable DLT systems.
• coincodecap.com: This site lists Github indicators of DLT systems. In particular, it contains information about the number of code commitments, Github stars, and contributors to a DLT system. These indicators capture an active development of a system. The limitation of these data sources is that they only list systems that maintain a native cryptoeconomic token. Hence, Blockchain-as-a-Service systems 8 , such as Hyperledger Fabric are not considered. Moreover, depending on the development strategy of a system, commits might be merged externally and only pushed occasionally as major updates to Github. This may result in a lower rank of a DLT system, despite being actively maintained. This limitation is considered in the proposed ranking function (1).
Snapshots of the sources were taken on the 17 th April 2019 and are merged based on the systems acronym 9 . In order to account for academic relevance, the selection of the systems is enhanced with the number of mentions of DLT systems in Elseviers ScienceDirect database 10 and then filtered based on the criterion of whether systems are actually mentioned in literature (#mentions > 0). For the database search, the following search string is utilized on the API field qs 11 : "PROJECT NAME" AND (Blockchain OR Ledger).
The remaining systems are ranked based on the following ranking function 8 These are systems not utilizing a native distributed ledger, as defined in Table 2 of the Supplementary Material. 9 A three-letter code identifying the token of a system. 10  where m cap is the rank based on the market capitalization of a system i, c commit the commitment rank and c contr the contributers rank. The weights are chosen to account for the limitation of the Github activity to be a proxy for active system maintenance, hence the lower weights. The top 50 systems are then classified, based on an extensive literature review performed by the first author and checked independently by the co-authors and the blockchain community. Sources for the classification are academic literature, DLT systems websites, and whitepapers. An overview of the final classified systems can be found in Table 1  1) Classification: In the first part of the survey, the participants were shown the classification of the four components and 19 attributes of the DLT system to which they contribute. Consult Figure 2 for an overview of the attributes and Tables 3-6 of the Supplementary Material for the classification ratings. The participants had the option to agree, disagree or state that they were uncertain about the classification. They could always comment on their decision, irrespective of their choice.
In order to calculate the consistency with which participants rated the classification of the same system, the consistency per attribute is calculated as follows: Assuming equidistance in the likert scale [46], the participant responses are represented by a linear scale whereby 0 denotes disagreement, 0.5 denotes uncertainty, and 1 denotes agreement. Then, for each DLT system from which more than one response was obtained as illustrated in Table II, the consistency of responses is calculated for each system and attribute with the mean absolute error between the responses. Then, the average consistency for each attribute over all DLT systems is obtained by calculating the weighted average value of the previously calculated mean absolute errors.
2) Taxonomy: In the second part of the survey, the blockchain community is asked to evaluate the taxonomy. 12 Available at https://github.com (last accessed: July 2019).
Nickerson et al. propose five criteria to assess the usefulness of a taxonomy [18]. Namely, a taxonomy is • explanatory, if it contains object attributes that do not model every possible detail of the objects but, rather, provide useful explanations of the nature of the objects under study or help to understand future objects. The literature review (Section II) reveals differences regarding how many attributes should be included in a robust taxonomy of DLT systems. Also, the scope of the classification is to comprehensively classify the CED of all academically relevant systems. Thus, considering these two points, the taxonomy is evaluated using the robustness and comprehensiveness criteria of Nickerson et al. [18]. To this end, this paper introduces the concept of expressiveness: Definition 5. A taxonomy is expressive when it is robust and comprehensive.
where a robust and comprehensive taxonomy are given by Nickerson et. al [18].
The perceived expressiveness of the developed taxonomy can be determined by asking the survey participants for each component and attribute: This formulation neither exposes survey participants to the theory of expressiveness, comprehensiveness and robustness nor overloads them with a high number of questions.
The consistency calculation for the taxonomy feedback follows along the lines of the classification (Section V-B1): Despite utilizing a five-point Likert scale (from very nonexpressive to very expressive) to create values ranging from zero to one, the calculation of consistency remains the same as the one for the classification.

C. Machine Learning Analysis
In order to mine the key design choices in the classified DLT systems, two unsupervised machine learning methods are applied to the classified systems: 1) Mulitple Correspondence Analysis (MCA) is a statistical method that is widely used in the social sciences. It can analyze data without a priori assumptions concerning the data, such as data falling into discrete clusters or variables being independent [47] [48]. It is a generalization of the principal component analysis (PCA) for categorical data coded in the form of an indicator matrix or a Burt matrix [49], which aims at summarizing underlying structures in the fewest possible dimensions [50]. In particular, it identifies new latent dimensions, which are a combination of the original dimensions and hence can explain information not directly observable [51]. Moreover, similar to PCA, these dimensions are ordered by their importance to explain the amount of variance in the data [48]. 2) Kmeans [52] for varying k is applied on the classification to cluster the DLT systems based on their attribute values. The optimum number of clusters is derived by both, performing a bootstrap evaluation that determines the stability of the clusters [53] and by two well-known cluster evaluation metrics: Silhouette and Calinski-Harabasz [54].

VI. EXPERIMENTAL EVALUATION
The evaluation aims to identify key design choices that govern the modeling complexity of DLT systems at design phase. In order to base these insights on a strong footing, first, the taxonomy and classification are validated by feedback from the blockchain community (Section VI-A). Then two machine learning methods are applied on the classification to mine the design choices on a quantitative basis. (Section VI-B).

A. Blockchain Community Feedback
The taxonomy (Section IV) and classification (Table 3-6 of the Supplementary Material) are evaluated using feedback from the blockchain community. 1) Demographics: Table II shows the demographics of the survey participants. In particular, it shows participants specific roles for the systems and their experience. The 50 participants work in (core) technical (25 developers) and strategic (7 Project leads) positions. Moreover, 15 participants have more than three years of experience, 29 participants have worked one to three years, and 6 participants have worked for less than a year in the field of DLT systems. Moreover, Table II illustrates that the participants are involved in 33 out of the 50 classified systems.    Figure 5 illustrates the acceptance level for each attribute of the four components. It is noteworthy that the average approval rating over all components is 83.7%. Five attributes are above 90%: transferability (96.2%), origin (92.0%), DL type (97.8%), creation condition (90.0%) and unconditional creation (90.0%).
In order to investigate the consistency of the responses, the weighted consistency averages for each attribute are depicted in Figure 7. The overall consistency is on average 89.9%. The lowest consistency measured relates to the consensus type (79.2%) and action fee (82.4%), correlating with the higher degree of disagreement observed earlier. The highest consistencies are observed for the DL type (100.0%), origin (97.3%), actor permission (96.4%), supply property (95.8%), creation condition (95.6%) and unconditional creation (95.6%) attributes.
In a nutshell, the acceptance level of 83.7% over all com-    3) Taxonomy: Figure 4(b) depicts the expressiveness of the four components as perceived by the survey participants. The Consensus component is seen as the most expressive (92.0%), followed by Distributed Ledger (90.0%), Token (70.0%) and Action component (64.0%). The highest uncertainty relates to the Action (24.0%) and Token (22.0%) components. The Action component consists of the lowest number of attributes, which may decrease its perceived expressiveness. In particular, the reduced number of attributes seems to hinder differentiation between DLT systems. Moreover, the literature review reveals, that Consensus is included in all taxonomies (Section II). Thus this component might have been the most familiar to the participants resulting in higher expressiveness.
15 participants commented on the expressiveness of the components. They stated that a component depicting the governance of a system should be illustrated by the taxonomy (26.6%) 13 , including the funding of a DLT system. Three participants (20%) mention that the Action component is not expressive enough to illustrate specific features of a system, such as the distribution of actors. Similar statements were made about the Token component (20.0%). In particular, it has been stated, that inter-token dynamics should be covered and that further attributes are required to illustrate the creation conditions and 1 st and 2 nd layer tokens (20.0%). Moreover, the quality of code implementation, type of programming language, strategy of code development and scalability of the system has been mentioned (26.6%) as expressive attributes missing in the taxonomy. One participant stated, that the underlying attribute should be more sharply defined 14 , and another used the opportunity to further elaborate on the sys-tem functioning. Finally, some participants made statements endorsing the construction of the taxonomy (13.3%). Figure 6 depicts the perceived expressiveness of the 19 attributes. The five most expressive attributes are deemed to be transferability (88.5%), read permission (86.0%), origin (84.0%), actor permission (82.0%), write permission (82.0%) and DL type (82.0%). Action fee (26.0%), storage (23.1%), consensus type (22.0%) and burn property (22%) raise the highest degree of uncertainty. The least expressive attributes are deemed to be the consensus proof (14.0%), burn property (14.0%) and Turing completeness/ unconditional creation (each 12.0%) attributes. Despite the Action component being the least expressive component, two of its attributes are amongst the top five most expressive attributes. This supports the consideration to extend the action component by adding further attributes. A similar observation is made for the Token component: transferability is the most expressive attribute, but the perceived expressiveness of its component is lower than for the DL and Consensus components, which suggests extending the attributes of the Token component.
The assessment of the feedback regarding the attributes provided by the survey participants during the first recruitment phase lead to an inclusion of further attributes into the taxonomy. The nature and reasoning of these adjustments can be found in Section B of the Supplementary Material. This inclusion of new attributes indicates that the taxonomy is extensible [18]. Figure 7(b) depicts the consistency with which the participants evaluated the expressiveness of the taxonomy attributes. The average consistency over all attributes is 85.5%, meaning that survey respondents from the same DLT systems rated the expressiveness of the taxonomy similarly to each other. In particular, they diverge from each other just 14.5% on average, that is less than one choice difference on the aforementioned Likert scale.
In a nutshell, the average expressiveness rating of 79% over all components and the average consistency of 85.5% indicates that the taxonomy is expressive.

B. Machine Learning Analysis
The multiple correspondence analysis is utilized to identify underlying design choices in the classified systems. In particular, the method identifies new latent dimensions, which are a combination of the original attributes of the taxonomy. In Table III these twelve latent dimensions and their contribution to the explained variance in the data after applying Benzceri (optimistic) and Greenacre (pessimistic) corrections are depicted in decreasing order of importance. The first four dimensions account for 96.2% of total variation (for the Benzecri correction) and thus are considered significant to explain the variance in the data.  • Dimension 2: Illustrates the participation level in a system. In particular, the degree of openness is represented ranging from permissioned (e.g. restricted Actor permission) to permissionless systems.
• Dimension 3: Illustrates the capability to stake, e.g., if the system utilizes a PoS typical layout such as a token providing access to participate in the consensus.
• Dimension 4: Illustrates the level of cryptoeconomic complexity. The values range from complex (e.g. token interactions) to simple (e.g. tokens not burnable).
The second, third and fourth dimensions are not trivially determined by studying the classified systems visually, as the determining attribute values span over several components. Moreover, the differentiation between permissioned and permissionless systems [55] [56] and the degree of staking capability [57] [58] reflect ongoing discussion of the community on the effective design of DLT systems. The actor permission attribute contributes significantly to the construction of the permissionless dimensions, as depicted in Figure VI-B, and hence this dimension extends the permissionless concept from the consensus to the Action component. Neither Bitcoin nor Ethereum contributes significantly to the construction of the new dimensions, despite being studied the most in academic literature (588, respectively 296 citations in Elsevier's Sci-enceDirect database). This might be due to other systems adopting the design of these well-known DLT systems and hence their design does not contribute significantly to the variance in the data. Additionally, observing the systems, which contribute the most to the 4 th dimension (level of cryptoeconomic complexity), one notices that these are systems, which address a specific domain, respectively address a particular challenge and hence require an elaborated CED: PVIX and Zcoin are privacy chains; Komodo and Bancor use token interactions and a creation condition requiring actions; Factom and Komodo utilize a hybrid system layout consisting of a natively maintained distributed ledger and an external one. Figure 9 depicts the 50 DLT systems in the new dimensions. A strong clustering of systems can be observed for the first two dimensions (Figure 9(a)), and a weaker for the 2 nd and 3 rd dimensions (Figure 9(b)), which is explained due to to the lower explained variance in the data by the latter dimension. Table IV outlines the cluster stability and the number of dissolved clusters when applying k-means for various k on the classified attribute values of the 50 DLT systems. Comparing the bootmean 15 (cluster-wise average Jaccard similarity) and bootbrd (cluster-wise number of times a cluster is dissolved) identifies three clusters as the most stable separation of the classification. This is further validated by the Silhouette and Calinski-Harabasz score, which identify two or three clusters to be optimal, as depicted in Figure 4 of the Supplementary Material.
In Figure 9, the DLT systems are labeled based on these clusters. One notices, considering the distribution of labels  in Figure 9(a), that the three clusters can be identified as 2 nd layer systems, permissioned systems, and permissionless systems. Likewise, utilizing the same labeling in Figure 9(b), it is noticed that these three clusters form distinct groups: 2 nd layer systems being in the center, followed by permissionless and permissioned systems. Figure 10 depicts the number of new systems per year and cluster. The number of newly introduced systems peaked in 2014, when in total 15 of the 50 systems were intro-duced. This high number is mainly due to the introduction of permissionless systems. In recent years, the probability of introducing a permissioned or permissionless system is equal, while introducing a 2 nd layer system has been lower.
The analysis concludes, that two key design choices in DLT systems are identified method-independently: layering and participation level. Moreover, staking capability and cryptoeconomic complexity are identified by MCA. The key design choices are not apparent in the taxonomy but are still captured by a combination of attribute values, which is an indication of the rich information the taxonomy can encode and explain. Hence, those findings support the explanatory capacity of the taxonomy as defined in earlier taxonomy theory [18]. Moreover, the combination of attribute values into key design choices identified by the analysis limits the system configuration options and as a result reduces modeling complexity of DLT systems at design phase.

VII. SUMMARY OF FINDINGS: A DESIGN GUIDELINE FOR DISTRIBUTED LEDGERS
The key findings of the performed experiments are summarized as follows: • The proposed taxonomy is useful, as defined in earlier taxonomy literature [18]. In particular, the blockchain community validates the taxonomy as robust and comprehensive (on average 79% expressiveness, Section VI-A). Moreover, the taxonomy is extensible (Section VI-A) and explanatory (Section VI-B), as found by analyzing the blockchain community feedback and applying machine learning methods on the classification.
• The classification of 50 viable and actively maintained DLT systems is accepted by the blockchain community (on average 83.7% acceptance over all components, Section VI-A2).
• The quantitative analysis of the classification identifies four key design choices that structure the modeling complexity of DLT systems at design phase (Section VI-B). Each of these choices combines several attribute values and thus reduces the configuration complexity of DLT systems. Based on these findings, a design guideline is derived, which is depicted in Figure 11. The key design choices are determined quantitatively by applying machine learning algorithms on empirical data. The order is determined by the level of explained variance, as calculated by MCA. Each question corresponds to a binary design decision. For each decision, the six attribute values, which contribute the most to this design choice are illustrated. Moreover, for each choice, the systems, which match best the attribute value configuration are depicted. The significance of this approach lies in the fact, that the design guideline is derived quantitatively by reasoning based on validated empirical data: the viable and actively maintained DTL systems classified according to the taxonomy.
The findings demonstrate that the contributions of this paper support system designers to research and design DLT systems: The conceptual architecture and taxonomy map the space of possible design configurations and thus assist researchers to position a system in the DLT landscape. Finally, the quantitatively derived guideline determines which design choices are key for a DLT system. Therefore such a guide can provide a more tailored understanding of the DLT architectural elements and limit the modeling complexity of DLT systems at design phase. The identified key design choices are the ones with the impact of having been derived from existing viable and actively maintained DLT systems.

VIII. CONCLUSION AND FUTURE WORK
This paper concludes that the evolving complexity of distributed ledgers can be better understood via a proposed taxonomy of DLT systems of high usefulness [18]. This is feasible by validating the classification of DLT systems into the taxonomy using wisdom of the crowd and machine learning methods fed with real-world data. Ultimately, data from the classification encode information with which a novel design guideline is derived that identifies key design choices that govern the complexity of distributed ledgers. This guideline can explain and provide new insights for researcher, practitioners and entrepreneurs about which possible design choices have the highest impact, where there is space for innovation and which systems have competitive features or shared functionality.
The results point to various avenues for future research. Firstly, the findings of this paper suggest that the taxonomy can be further extended with additional Action and Token attributes. Also, a component modeling the governance of the systems may become critical in deciding if a system has a decentralized organization (e.g. no trusted party).
Secondly, although the taxonomy represents the current state of viable and actively maintained DLT systems, the proposed methods to evaluate its usefulness are general. Hence, future research can quantify with the introduced methodology the extent to which the suggested extensions affect the usefulness of the proposed taxonomy.
Thirdly, the initial cluster analysis demonstrates that key design choices can be derived quantitatively by analyzing empirical data of viable and actively maintained DLT systems. This suggests to extend the classification in future work (e.g. with Blockchain-as-a-Service systems) or to apply different statistical methods to the data in order to validate and further identify key design choices. In addition, the authors would like to thank Michael Noack, Qusai Jouda and Max Roessner for their support in the Fig. 11. A design guideline of the key design choices in DLT systems, suggesting an order with which a designer may determine system configuration. The questions, attribute values, example systems, and order are a result of analysis conducted using real-world data and machine learning methods (Section VI-B). For each design decision, based on the MCA analysis, attribute values and the corresponding example systems are stated, which match best the respective design decision. questionnaire development and the proofreading of the classification. Moreover, the authors would like to thank Coinmonks and CoinCodeCap.com for access to their data and code.

B. Incorporating Blockchain Community Feedback
In the initial taxonomy and classification in the first phase of the survey, the underlying attribute was replaced with the on-chain underlying and off-chain underlying attributes to illustrate in finer detail the source of value of a token. In particular, in this version the underlying specifies the concrete object of value (e.g. storage or computation) and where it resides (on-chain or off-chain). Nevertheless, these attributes obtained the lowest acceptance level of all attributes ( Figure  2). Detailed feedback regarding the attributes is summarized in the following and illustrated in the greater detail in Section -C. Namely, the main areas of disagreement or uncertainty are: 1) Not distinguishing between on-chain and off-chain underlying 2) Not distinguishing the underlying from services which can be assessed in the DLT system 3) Mixing up the underlying with the possibility to use a token as a currency 4) Considering future or past features of the DLT systems 5) Rejecting on-chain storage of hashes as storage Based on this feedback, three changes have been made to the taxonomy.
First, in order to reduce the ambiguity regarding the difference between on-chain underlying, off-chain underlying and other services in the system (and hence addressing point one and two of the previous summary), the token underlying has been more clearly mapped to the components of the conceptual framework (Figure 1 in Paper). To achieve this, the off-chain and on-chain underlyings have been merged into one attribute and their values have been abstracted to include values from the framework where the underlying resides, as described in Section IV-D-6 of the paper. For instance, in the case of the Ethereum token, instead of expressing that the token grants access to the on-chain underlying computation, the token is now said to provide access to the distributed ledger, which in turn implies granting access to computation, because Ethereum has a Turing complete distributed ledger.
Second, to emphasize the option to store arbitrary data on distributed ledgers (e.g hashes), which, for instance, enables Bitcoin to function as the overarching infrastructure for other systems, the storage attribute has been added to the Distributed Ledger component. This addresses point number five.
Third, in order to address point number three, the transferability attribute has been added to the Token component, which emphasizes the possibility to use the token as a currency.
Finally, as the scope of the classification is to capture the current state of DLT systems and not future possible extensions or past configurations, point number four is not addressed.
The new transferability attribute is considered as the most expressive amongst all attributes by the community ( Figure  6 in Paper). Moreover, the restructuring of the underlying attribute and the inclusion of the storage attribute improves the underlying assessment by the community significantly. These findings justify the modifications to the taxonomy. Also, the inclusion of new attributes into the taxonomy indicates that the taxonomy is extensible as defined in earlier taxonomy theory [?].

C. Detailed blockchain community feedback on previous underlying attributes
After the first two-month phase in which participants obtained the survey, the feedback has been analyzed which lead to changes in the taxonomy, as summarized in Section B. The detailed feedback is illustrated in the following.
When examining the comments provided by the participants who disagree with the classification of the on-chain underlying  attribute 1 , it is noteworthy that these respondents do not regard 1 In brackets are depicted the percentage for which this responds type accounts for the overall disagreements. Please note, that the percentages do not add up to 100% as a survey participant could state several reasons for disagreement the on-chain storage of hashes as storage (22.2%). In some cases, respondents make contradictory comments about the onchain value of their system token (11.1%). Some participants mix up the on-chain underlying of the token with the overall services that the DLT system provides (22.2%), which do not necessarily require to be accessed via the token. Some participants disagree with the classification because it does not consider plans to implement on-chain underlyings in the future (33.3%). Finally, some mix up the on-chain underlying with the off-chain underlying (11.1%).
Among respondents who express uncertainty, some do not distinguish between their current implementation of on-chain underlyings and possible or planned future implementations (50.0%), which are not in the scope of the classification. Other respondents mix up the possibility to use a token as a currency with its underlying (25.0%). Some state that the question is not formulated clearly enough (25.0%).
In the case of the off-chain underlying, a similar picture can be observed. In the following, the responses expressing disagreement and uncertainty are combined. Some respondents disagree with the classification because it does not consider past and future off-chain underlyings (30.0%). Some understood the off-chain underlying to be an exclusive right conferred by the token (10.0%). Moreover, as in the case of the on-chain underlying, some participants link the possibility to use the token as a currency to its underlying (20.0%). Some participants mix up on-chain and off-chain value (10.0%), others do not understand the question (10.0%) or do not respond (20.0%). Table I depicts the classified DLT systems in the new latent dimensions as identified by MCA (Section VI-B in Paper). The cluster associations are identified by k-means (Section VI-B in Paper). Figure 3 illustrate the classified DLT systems in various combinations of the latent Dimensions, as identified by MCA (Section VI-B in Paper). Figure 4 illustrates the Silhouette and Calinski-Harabasz scores when applying k-means for varying k on the classified systems (Section VI-B in Paper).

E. Cryptoeconomic Reasoning using Boolean Algebra
The taxonomy introduced in Section IV of the paper allows a number of widely used terms in the field of DLT systems to be more systematically defined by combining the values of specific attributes with operators from Boolean algebra. As demonstrated in Table II, which features an illustrative subset of these terms, this method enables the delineation of terms such as permissioned/ permissionless blockchains, as well as asset/utility tokens. In particular, the latter pair has been identified by the Swiss Financial Market Supervisory Authority (FINMA) as important for determining whether a token should be classified as a security token. This is of interest to market participants because it has regulatory implications [?].     If you disagree or are not sure please explain why: These page timer metrics will not be displayed to the recipient. If you disagree or are not sure please explain why: Qualtrics Survey Software https://ethzurichenv.eu.qualtrics.com/Q/EditSec...