Designing a Blockchain Model for the Paris Agreement’s Carbon Market Mechanism

: This paper examines the benefits and constraints of applying blockchain technology for the Paris Agreement carbon market mechanism and develops a list of technical requirements and soft factors as selection criteria to test the feasibility of two different blockchain platforms. The carbon market mechanism, as outlined in Article 6.2 of the Paris Agreement, can accelerate climate action by enabling cooperation between national Parties. However, in the past, carbon markets were limited by several constraints. Our research investigates these constraints and translates them into selection criteria to design a blockchain platform to overcome these past limitations. The developed selection criteria and assumptions developed in this paper provide an orientation for blockchain assessments. Using the selection criteria, we examine the feasibility of two distinct blockchains, Ethereum and Hyperledger Fabric, for the specific use case of Article 6.2. These two blockchain systems represent contrary forms of design and governance; Ethereum constitutes a public and permissionless blockchain governance system, while Hyperledger Fabric represents a private and permissioned governance system. Our results show that both blockchain systems can address present carbon market constraints by enhancing market transparency, increasing process automation, and preventing double counting. The final selection and blockchain system implementation will first be possible, when the Article 6 negotiations are concluded, and governance preferences of national Parties are established. Our paper informs about the viability of different blockchain systems, offers insights into governance options, and provides a valuable framework for a concrete blockchain selection in the future.


Introduction
With the global gap between national emission targets committed and actually achieved emission reductions widening, there is a need for new incentive mechanisms to accelerate climate action [1]. Acknowledging the problem "that an UN-centralized governance resulted in a process that was too bureaucratic and not flexible enough to recognize the needs of individual parties" [2] a bottom-up approach was applied in the creation of the Paris Agreement. The Agreement representing a global consensus of limiting global warming to well below 2°C can only be reached collectively. Parties to the Agreement contribute Nationally Determined Contributions (NDCs). To achieve these NDC targets, Parties have the ability to bilaterally collaborate through market mechanisms, as described in Article 6 of the Paris Agreement [3]. Article 6.2 introduces a new market mechanism design that is aligned with the bottom-up and decentralization ethos of the Paris Agreement. At the time of the research, the participating Parties under the Paris Agreement have yet to agree upon a final design of Article 6.2. Hence, the proposal text by the President-developed in Katowice [4] was used as a research basis. In the assessment, we considered all design options outlined in the proposal to ensure that the proposed blockchain solution is feasible for every negotiation outcome. Carbon markets are widely regarded as an incentive mechanism that can achieve global emission reductions in a cost-effective way [5]. However, thus far, a number of problems have hampered the implementation of such a market mechanism that successfully reduced global greenhouse gas (GHG) emissions. To enable the successful implementation of the Article 6.2 mechanism, enhanced transparency is key to safeguard unit quality and environmental integrity of the certificates generated. Blockchain is an innovative technology, offering functionalities and attributes that could enhance the transparency of national climate action, and address some of the barriers experienced in previous carbon markets [5][6][7][8]. It is a decentralized ledger system that enables the exchange of data within a network of participants. In addition, blockchain encompasses the same decentralization and bottom-up ethos as the Paris Agreement.
Despite the blockchain's acknowledged potential, there are, to our best knowledge, no studies examining concrete design options for a blockchain-based Article 6 market mechanism. This study seeks to address this research gap by comparing the suitability of two different blockchain platforms, Ethereum and Hyperledger Fabric. With this study, we aim to create a new research field by providing a first detailed analysis of the technical and political requirements. The benchmark criteria are derived from the Paris Agreement negotiation text and reported weaknesses of the Kyoto Protocol. Through this, the study expands the current discussion and raises critical design questions for policy and decision makers regarding the Article 6.2 mechanism. To make this possible, we combined political, social, and technical knowledge with on-going discussions in the same fields.
In sections 2 and 3, we provide a brief introduction of the blockchain technology options relevant to the carbon market application. In section 4, lessons learned under the Kyoto Protocol are gathered. Section 5 defines technical and, section 6, non-technical system requirements under the Paris Agreement and discusses how the two blockchain systems could address those. In section 7, we provide a comparison between possible system designs with Hyperledger Fabric and Ethereum. The paper concludes in section 8 with an overview of the research findings and a collection of follow-up research fields.

Presentation of Article 6.2 and Feasibility Analysis of a Blockchain System
Before comparing different blockchain architectures for the use case, it has to be determined if a blockchain solution is even relevant for an Article 6.2 application. A blockchain itself has certain attributes, e.g., immutability, and requirements, e.g., tradeable assets, which can be mapped against the different requirements stemming from Article 6.2. For the evaluation of fundamental blockchain requirements, we used multiple blockchain decision frameworks [9][10][11]. These frameworks consist of a list of classifiers to assess the applicability of a blockchain system. In this section, we are discussing three specific classifiers that are relevant for the development of the selection framework: (i) There has to exist a network of actors with distinct interests; (ii) there must be at least one common asset, which can be traded; and (iii) an immutable record should be beneficial.
A blockchain can only function, if there exists a network of different actors, which store a copy of all transactions and participate in the different activities upon the chain. There are three categories of actors involved in the process of Article 6.2: the UNFCCC secretariat, technical experts, and the participating Parties [12] (see figure 1). These Parties need reading and writing access to track their mitigation activities. According to Article 6.2, the secretariat has to maintain a database with records of the mitigation activities. As the secretariat only has to verify the entries, it only needs a reading access to the data [4].The technical experts have to validate the mitigation projects of the countries. Hence, an active network exists for the system. Second, the network has to trade at least one common asset, which can be digitally represented. Without an asset, there would be no advantage in using a tracking and verification system like a blockchain. Article 6.2 concerns projects between different Parties exchanging internationally transferred mitigation outcomes (ITMOs) [2,3]. These ITMOs can be traded between Parties to achieve national climate targets, the so-called Nationally Determined Contributions (NDC). National Parties can generate ITMO credits by reducing national GHG emissions compared to a baseline scenario and sell these ITMOs to another national Party that invests these ITMOs toward their own NDC targets [2]. The procedures and requirements for generating and transferring ITMOs are currently negotiated [13,14]. Once these procedures and requirements are in place, ITMOs could be the common digital asset traded in the blockchain-based system. Furthermore, ITMO tokens could be used as documentation to ensure the quality of the mitigation activities. For this purpose, metadata, e.g., the issuing country, the project name, and the year generated, could be stored on each ITMO token.
The central attribute of a blockchain is being an immutable record, offering the advantage of bringing transparency into the history of an asset, e.g., an ITMO. Criticism against the mechanisms under the Kyoto Protocol included the lack of transparency during the implementation and validation of mitigation activities [15][16][17][18][19]. This led to the creation of the transparency framework-Article 13 of the Paris Agreement-an increase in demanded validation activities, and the discussion for a new record system to improve tracking and immutability of transactions [19]. Hence, a permanent and immutable record is beneficial to make the activities of countries retraceable and to enhance transparency.
In conclusion, a blockchain-based system seems overall suitable for Article 6.2.

Blockchain Technology Background
Depending on the use case characteristics, the most suitable blockchain architecture needs to be defined. A blockchain stores information of records in interlinked blocks in a decentralized network of nodes. The blockchain should be able "to record all transactions that happen in the system, and it is open to and trusted by all system participants" [20]. In each block, transactions are stored, and detailed information is secured through cryptography. Over the interlinkage of the blocks, traceability and transparency are established. This makes blockchains especially suitable as tracking systems [21][22][23].
Actors in a blockchain system are represented and connected to the crypto-network over nodes [24]. A network participant can choose between storing the history of all transactions and enforce the consensus protocol (full node), or to just have the functionality of sending and receiving tokens over a light node. Providing a full node results in several costs. The Ethereum blockchain has a size of over 130 gigabytes [25] and is growing constantly. Therefore, the full node operator has to provide enough storage for the current and future blockchain. Due to Hyperledger Fabric being a private blockchain, there is no external and previous transaction history, that has to be taken into account when creating a new blockchain system. However, regardless of the type of blockchain, the storage of transactions requires an adequate amount of space. Another financial aspect of running a full node are computational expenses Last, the full node has to be created and be continuously connected to the internet. In comparison, a light node does not store the blockchain and does no computations. Hence, a light node can also be stored on devices such as smartphones [29]. Consequently, a light node has to be connected with a full node to interact with the blockchain.
To further add functionalities to the blockchain, smart contracts can facilitate interaction between different Parties. A smart contract ʺis a computer program that is stored and executed on a decentralized systemʺ [30]. It is the digital representation of governance rules and verification guidelines for the management of digital assets. Smart contracts trigger automatic execution of transactions in case predefined criteria are fulfilled.
An essential component of a blockchain system is its ability to transfer digital assets, also called "tokens". The Ethereum Foundation uses "ether" as a common financial token. "Ether" are divisible and thus a "fungible token". In contrast, "non-fungible tokens" are not divisible and are unique [31,32]. An example of non-fungible tokens are digital-represented cat collectibles called "CryptoKitties" [33].
Blockchain systems can be categorized as public or private. A public blockchain is a blockchain without any restrictions to participate in the network. In a private system, only predefined users receive access to the network, or have to register sharing predefined information with the system owner [12,[34][35][36]. Furthermore, blockchains can be divided into permissioned and permissionless. The distinction is based on the accessibility of the consensus protocol. The consensus in a blockchain network is about agreeing upon the sequence of transactions going into the ledger. This sequence is then accepted as the true global state of the network, and the account balances of each network user. A malicious attack against the system could be to double spend on assets, i.e., "transferring the ownership of the same digital asset more than once to two different accounts" [30]. If there are no limitations regarding who can be a miner and act as a network validator, a consensus protocol is permissionless. Through this open design, a larger number of full nodes are actively storing the blockchain, which increases the systems resilience to node failures. However, resilience depends on the sufficient incentivization of users setting up and maintaining full nodes. Due to the pre-selection of validating nodes by a network authority, the protocol becomes permissioned [12,[34][35][36]. With a reduced number of full nodes, the system is generally less resilient against node failures. However, through the prior selection and agreement between the network operators, there could be a contractual binding for the facilitation of multiple full nodes per operator to increase the system stability.
Ethereum is a public permissionless blockchain and currently uses the Proof of Work (PoW) consensus protocol. Their smart contracts are written in "Solidity". A public and permissionless blockchain like Ethereum requires a consensus protocol, which works with a high amount of (malicious) participants, is resilient to node failures, and network latencies. In Proof of Work, all miners compete against each other for creating the next block. This requires high computational power and causes high energy consumption [37,38]. To solve this problem of Proof of Work, several new concepts were developed. So-called Proofs of X (PoX) are all about finding a scalable and less energy-intensive alternative to Bitcoin's PoW. One consensus protocol which is currently seen as the best substitute to PoW is Proof of Stake (PoS). While the election of the new block producer in PoW is probabilistic, in PoS the new block creator is selected randomly out of a list of existing stakeholders [24,39]. To become a stakeholder, an in-bound investment with tokens used by the network is obligatory. PoS has a significantly lower energy consumption and promises greater scalability compared to PoW. Ethereum has taken steps to transition to PoS, with the Istanbul hard fork as an initial step in January 2020 [40,41]. For the Article 6 market mechanism, the high energy consumption and low scalability of PoW rules out such a blockchain architecture. However, there are, at the time of writing, no reliable information available regarding the Ethereum PoS system. Hence, in this study, Ethereum is analyzed considering both PoW and PoS.
In contrast, Hyperledger Fabric is a private permissioned blockchain and uses the consensus protocol Kafka [42,43]. In Kafka, the overall consensus mechanism consists of different categories. This study concentrates on the part of Kafka, which decides about the order of transactions in the blockchain and uses the so-called Practical Byzantine Fault Tolerance (PBFT) protocol. PBFT was developed for asynchronous networks, e.g., the internet, by Castro and Liskov [44]. PBFT uses an election to determine a leader for the agreement process of a new block. The leader forwards the shared transaction request to all other nodes in the network. If more than half of the nodes agree on the same value and return it to the leader, the agreed result is taken by the network. To establish communication between the nodes, the validators must be fully listed, removing the anonymity of the validators. Due to the frequent communication between the validators, PBFT is incompatible for a large number of full nodes. Furthermore, node failures could bring the system to a halt. However, through the reduced amount of full nodes, its scalability is better [35] and has no energy consumption conflicts. Hyperledger Fabric is a blockchain framework developed by The Linux Foundation in cooperation with member organizations [45]. It uses container technology to easily spin up business networks across different organizations and dissociate key functionalities such as transaction execution, consensus building, or storing the system state. Smart contract logic is implemented as "chaincode" within Hyperledger Fabric. It has no native currency and no transaction fees. Further, it is the first blockchain allowing for the development of smart contracts in standard programming languages, e.g., Java, Node.js and Golang [46].

Lessons Learned under the Kyoto Protocol
To examine the advantages of the two blockchain platforms for the Article 6.2 mechanism, lessons learned from the Kyoto Protocol were gathered. These lessons are used to define system requirements and to distinguish between Hyperledger Fabric and Ethereum.

Administrative Costs
As emission reduction mechanisms under the Kyoto Protocol, the first major concern of using CDM (Clean Development Mechanism) and Joint Implementation (JI) were the high administrative costs and transaction fees for projects. Administrative costs for Joint Implementation projects in New Zealand made up 78% of project costs [47]. In the Netherlands, transaction costs accounted for almost 25% of the nominal price. According to Mehling [48] one reason for high transaction costs are centralized approvals. A blockchain solution should help decreasing transaction costs significantly. Following an overview of transaction costs by Michaelowa [49], blockchain and smart contracts could reduce administrative costs in two areas: First, there are project approval costs. These costs occur during the authorizations of project parties. The process can be substituted through a smart contract. This minimizes unnecessary paperwork and communication because all actors have access to the latest version of the contract. When a final version of the contract is created, it could be digitally signed and automatically stored in the blockchain. This makes it accessible to all Parties simultaneously. There is no requirement to request documentation or validate the received information. Moreover, real-time data can be gathered. The blockchain serves as a communication tool, omitting additional costs stemming from otherwise needed monitoring tasks.
Second, there are costs associated with the issuance of emission reduction certificates. At the time of writing, it is not clear who will hand out ITMO certificates [4]. The current formulation implies that the involved parties decide when a project is finished and how many ITMOs are transferred. Creation and issuance of a certificate can be automated through a smart contract with a signature of the responsible Parties. After that, the digital certificates are transferred to the new owner.
However, there are also costs associated with applying a blockchain solution. Public permissionless blockchains, like Ethereum, incur transaction costs that are paid to the miners as a reward for validating network transactions. These transaction costs are currently $0.15 on average . However, since Ethereum is run by public consensus, other users are participating in the consensus. Hence, the Parties would lose their exclusive decision-making authority. This can be an advantage to further reduce system costs by totally excluding the Parties from the validation process. By handing over the responsibility for the consensus protocol to external validators, the system would fully embody the bottom-up approach of the Paris Agreement. However, the UNFCCC and participating Parties would also lose total control over the basic system functionalities. Moreover, in a public blockchain system, the UNFCCC is not the only user submitting transactions. In other words, transactions of Parties could be halted in a pending transaction queue [60].
On a blockchain, all full nodes store a copy of the data. As a result, each full node has to be able to store and execute smart contracts. Similar to requesting a transaction fee for sending tokens over the network, there is a price for the required computational power of smart contracts. This so-called "gas" is an additional fee besides transaction fees. "If transaction execution 'runs out of gas', all state changes revert-except for the payment of the fees, and if transaction execution halts with some gas remaining then the remaining portion of the fees is refunded to the sender" [61]. For example, the global variable storage of a string is more expensive than saving it as an integer [62]. A contract deployment costs can vary, e.g., between $0.0041 [62] to $3.21 [63], depending on the required number of transactions and calculations. Regarding Article 6.2, where there will be only one resulting transaction and computational inexpensive comparisons, gas costs can be neglected at the current point. In the case of Hyperledger Fabric, there are no reported execution costs for smart contracts [64].
In the case of permissioned and private blockchains, e.g., Hyperledger Fabric, there are no transaction fees, because the network nodes are owned by the Parties participating in the network. This means that all Parties run one or multiple full nodes (see section 5). Furthermore, because the size of a private system is generally smaller than a public one, it implies a more cooperative approach, in which each entity has to participate in the overall processes to keep the system running.
Overall, blockchains can lead to administrative cost savings, but also cause operating costs. Based on the presented calculation, the transaction fees can be expected to be lower than with the current costs of the ITL. In addition, blockchains increase the speed of transactional flow and enhance transparency, but are difficult to quantify, and thus not considered in the present cost calculations.

Unit Quality and Information Asymmetry
Lessons learned from the Kyoto Protocol stress the importance of using methods that ensure unit quality and prevent information asymmetry [18,65]. Unit quality is achieved when an issued emission reduction unit, e.g., 1 tCO2e, is equal to the actual emission reduction. To ensure unit quality, robust accounting is a key prerequisite (Obergassel and Asche, 2017). With the representation of ITMOs as a token upon the blockchain, it is possible to trace back the origin of each token. To encourage sustainable development, mitigation activities shall follow the 17 Sustainable Development Goals (SDGs) [66]. While the focus of NDCs is to reduce GHG emissions (SDG 13), the implementation and development of activities could also positively influence other goals, e.g., research in alternative energy could indirectly improve gender equality (SDG 5). The positive impacts for each goal could be represented in the token and increase the overall quality of corresponding adjustments. The information could be either stored as metadata [67], or by using non-fungible tokens. Recent discussions on how to measure and quantify the different SDG impacts [48,68,69] may create the foundation for such information to be added to a digital information system like blockchain.
Under Kyoto, information asymmetry often resulted from incomplete or not existing project documentation, such as monitoring and verification reports [18,65]. This information asymmetry between project proponents, regulators, and auditors altered the accreditation of emission reduction units [48,65]. Since the blockchain is a distributed ledger, the immutable stored data is shared between all participants simultaneously. Hence, as long as there is equal data accessibility for all Parties, information asymmetry is eliminated. By forcing the Parties to commit all required information, the quality and transparency of documentation is increased, and unit quality can be easily verified. Nevertheless, definite quality assurance of projects and the validation of unit quality demand the help of qualified experts, also when a blockchain system is used. At a later stage, the Internet of Things (IoT), e.g., smart meters, might be a meaningful substitute. Currently, the application of these IoT devices is frequently limited by a lack of skilled people and limited internet access in rural areas [8]. However, a combination of smart contracts and IoT devices could automate bookkeeping and validation processes and, thus, reduce data collection costs and execution delays [70].

Definition and Governance Mitigation Commitments
Another problem under Kyoto was the definition of mitigation commitments and used methodology [18,65]. For the development of a blockchain system, definitions and processes have to be defined in advance, as changes to the Protocol require acceptance of the majority of network participants, which is difficult to achieve. In contrast to the enforcement of laws and rules in a social system, the blockchain can enforce the rules on the chain automatically, but has no power outside of digital activities. Enforcing correct conduct outside the system is important for the successful implementation of the system, but can only indirectly be influenced by the blockchain system, e.g., by improving transparency and trust between Parties. Consequently, a blockchain-based system can improve and enforce methodology and governance, but only upon the system.

Technical Requirements
The technical structure of a blockchain has a profound influence on the usability of the use case. Hence, the blockchain choice has to be determined through using the case requirements and specifications as benchmarks. Requirements include the number of users and their rights upon the system. We compare the established market mechanism requirements with the two blockchain platforms, Ethereum and Hyperledger Fabric.

Number of Users
First, the number of full and light nodes of the network must be defined. We approach this issue by assessing for whom it would be of interest to have a full node.
The UNFCCC secretariat has to date around 450 staff members [71]. These members do not all execute tasks in the scope of Article 6.2. Hence, two full nodes should be sufficient to ensure continuous connection to the network and to maintain a second record copy in case of node failure. Each full node could be connected to several light nodes of UNFCCC secretariat members. To estimate the number of necessary nodes for the technical experts, we resort to the experience from the Kyoto Protocol [72]. Similar to the process under the Kyoto Protocol, we expect that the secretariat selects 150 technical experts. The task of these experts is to review ITMO documentation of the participating Parties. These reviews are either carried out remotely or in-country at the project level. There are two lead reviewers to guide the reviewers. Using the most complex scenario, it is assumed that a final validation has to be done by one of these two reviewers, who are representing the technical experts. Due to their important role in the network, each lead reviewer should have a full node. The remaining 148 experts could access and transfer relevant data via a light node. This makes it possible for the review teams to handle transactions at the project implementation level. At the time of writing, 187 of 197 Parties have ratified the Paris Agreement [73]. Calculating each European country separately results in 214 countries. Each Party needs a full history of all transactions and has an active role in the consensus protocol. To increase the network requirements and provide a back-up, each country could have two nodes. In total, this would make 428 full nodes. The distribution of nodes also leads to a distribution of power and ownership, as each country has equal rights and the same responsibility in the network. In the aggregate, this results in a maximum amount of 432 full nodes and 148+ light nodes (see figure 2). The light nodes would be connected with at least one full node to send and receive transactions over the blockchain.
There are various possibilities of how these full nodes could be created. One approach for the UNFCCC would be to test the current system infrastructure for its applicability as full nodes. Furthermore, pre-configured hardware, e.g., AVADO or DAppNode, could be used. Depending on the hardware requirements, they cost between $800 and $2000 [27,28]. A total of 432 full nodes would approximately cost $605,000. The Parties could also rely on cloud instances from Microsoft [74], Amazon [75], or IBM [76]. Especially the first option should be considered during the development of a first prototype (see section 8).
There are only a few precedents on Hyperledger Fabric with over 400 full nodes [77], or applications on Ethereum with over 500 registered public addresses [78]. The scalability of such a system may thus become an issue [35, 79,80]. To overcome this scalability problem, it would be required to use other blockchain technologies, i.e., side chains.

Blockchain Integration and Project Chains
To use a blockchain system, it is not necessary to develop a new system, but rather to use a blockchain to interconnect with the existing systems. Over APIs, Ethereum and Hyperledger Fabric can be interlinked with existing system architectures [81,82]. Under the Kyoto Protocol, countries already established national registries and the UNFCCC has the existing knowledge and technology to create and manage databases and registries [83]. Furthermore, according to the current status, it is desired by the Conference of the Parties of the Paris Agreement (CMA) to further use national registries and a database as system infrastructure [4]. The blockchain would be used as a process layer, interconnecting the existing system parts, and ensuring immutability, consistent states, and transparency.
To use a blockchain as transaction layer, it must be able to handle the necessary amount of transactions. In order to assess the potential transaction amount under the Paris Agreement, we resort to transaction experiences under the Kyoto Protocol. As the infrastructure design under the Kyoto Protocol does not deliver concrete values for transactions per second, we define the peak transaction volume under Article 6.2 to be equivalent to the highest annual transaction-over 106, 438 transactions between 2011 and 2012 [53]. As a conservative estimate and to be able to integrate transactions from other Articles (like Article 6.4) of the Paris Agreement, we estimate that the transaction volume will triple. Rounded up, this results in a required transaction volume of 319,314 transactions per year, or approximately 875 tx/day.
In comparison, the transaction rate of Ethereum is lower than that of Hyperledger Fabric, which has an average number of transactions per second of 7. 3 [84]. This is sufficient for the expected 875 tx/day under the Paris Agreement. However, because Ethereum is a public blockchain system, there will be transactions of other users. Moreover, the increasing interest in blockchains and Ethereum increases the number of transactions, leading, on average, to 544 transactions per second, pending to be validated [60]. The duration of a transaction is pending to be validated and is unpredictable. With the Proof of Stake and the Plasma update, the transaction rate will surely improve. So-called Plasma chains are additional chains connected to the main chain [85]. While being connected to the main chain by submitting periodic updates and increasing security, Plasma chains can have separate consensus protocols [86]. According to Ethereum's founder, Vitalik Buterin, the Plasma chains will give an increase by a factor of 100 or more [87,88]. In addition, this will improve the scalability of the number of users upon Ethereum. As a consequence of Plasma chains, Article 6.2 could be implemented upon a Plasma chain with a practicable consensus protocol. However, the official release date for Plasma has yet to be decided [41,89].
With the expected volume of above 319 thousand transactions per year and the average transaction size, we can calculate the required storage for full nodes. In Hyperledger Fabric, a transaction has a size of approximately 3 KB [42] Hence, each full node has to store 0.96 GB per year. In case of Ethereum, a simple ether transaction has approximately a size of 0.2 KB [90][91][92]. For the Paris Agreement, this would make a total of 0.63 GB per year. However, since Ethereum is a public blockchain, there are other transactions to be stored. For example, in 2018, there have been over 251 million transactions, resulting in approximately 8 MB of blocks [90,92], or over 115 GB in total [93]. In a blockchain system, all nodes have a copy of all transaction data and smart contracts. The resulting redundancy is a security mechanism but results in high storage overloads. Therefore, it is recommended to store only little and small-sized numerical data on the blockchain [61,94]. Furthermore, computational costs and transaction validations must be compensated with transaction fees (like, e.g., gas). In case of mitigation activity validation through the technical advisors, there might be a demand to store larger documents, images, and files. The Inter Planetary File System (IPFS) could be used as an off-chain and decentralized storage network for these larger documents. IPFS is based on a decentralized system in which each user node holds a portion of a data file. A hash of each file can be created and stored in a smart contract or in a blockchain transaction as a reference. Through the hash, each user can validate the originality of the file. Another approach to reduce onchain storage, is by using off-chain data storage nodes. This makes the stored data unavailable for other users in the blockchain system and requires the owner of the off-chain node to do any necessary computations. Furthermore, the blockchain is relieved from computationally intensive tasks and increases privacy [95]. However, this approach requires trust in the quality in and origin of the offchain data, because it cannot be verified by other actors in the network.
Private and permissioned blockchains like Hyperledger Fabric-with the ability to handle 3,500 tx/sec [42]-process far more transactions and fulfil the transaction volume requirements. Moreover, Hyperledger Fabric has already the functionality of channels [96]. Channels are, like Plasma chains, additional chains for more private transactions. Differently to Plasma chains, there is no periodical communication between the additional chain and the main chain. When the channel is closed, the last state is transferred to the main chain [42,96]. Ultimately, it is imaginable to handle mitigation activities on channels, but not the whole Article 6.2.

Soft Factors
Soft factors are attributes which are not based on concrete (quantitative) values, but on political preferences. In this study, three soft factors are analyzed: privacy, security, and blockchain community.

Privacy
The term privacy comprises two aspects: The privacy of the network users' identities and the privacy of data inside the network. Identity privacy is about the degree of anonymity of a user in a digital network. The anonymity of participating Parties under Article 6.2 is contradictory to the Paris Agreement ideas of bringing transparency in voluntary contributions. Contrary to identity privacy, data privacy is especially important in the context of the Paris Agreement, as sensitive country data is stored on the blockchain. Privacy of data combines the control of the visibility and the data itself. Furthermore, the system needs to ensure secure communication and data exchange. Article 6.2 implies NDCs of each country to be published publicly [3,4], allowing for the public tracking of NDC progress publicly in the form of a balance. The Parties are obligated to submit different annual and biannual emission reports. Furthermore, the participating Parties shall publish information of corresponding adjustments on the UNFCCC website. Hence, at least information on finished adjustments and the resulting ITMO tokens can be published on the blockchain and be publicly visible. On Ethereum, it would be possible for everyone to see real-time updates of projects and adjustments, tipping this balance towards full transparency. With Hyperledger Fabric, only predefined users could access the transaction record. However, the blockchain could be connected to the UNFCCC website to establish external transparency.
Despite the agreed transparency, it is conceivable that not all countries will accept a software solution, which does not guarantee a certain control over the participants and/or the consensus process. An approach to protect sensitive information in a transparent system are private chains. Ethereum is currently implementing a type of side chains, also called Plasma chains [86,87]. Hyperledger Fabric uses similar private chains, which are called channels [96]. In general, the additional private chains are connected to the main chain. Depending on the approach, more or less information is synchronized between the main chain and the private chain. While Plasma chains shall periodically transfer transactions to the main chain, only the final values of channels are transferred. A possible approach is to allocate each corresponding adjustment to a private chain, i.e., a projectchain. To maintain transparency, corresponding countries and technical advisors have to be added to the project-chain.
To ensure the privacy of data, a permissioned consensus protocol is advised, in which only predefined actors can validate. This prevents automatic leakage of information and increases privacy vis-à-vis third parties, while ensuring a common global state. This is a key benefit of Hyperledger Fabric. To follow the ethos of Article 6.2, a public and mainly permissionless system like Ethereum is necessary. However, this reduces the integrity of the data, because external actors are involved in the validation process and have copies of the data.

Security
The Paris Agreement is a consensus between the participating Parties and builds on the sharing of political and sensitive data to create an accountability and incentive mechanism. Therefore, it is essential to assure data security and integrity. This is done in each blockchain through hash functions-to ensure the authenticity of data-and Secure Shell (SSH) key encryption-to ensure only the owner of a token can transfer and claim ownership [24].
Another area of security is the safety of the consensus protocol against attacks. In theory, Proof of Work is the most secure consensus protocol, as long as the miners are distributed and independent. Otherwise, it is susceptible to a 51%-attack [24]. Currently, to participate in the mining competition and have a chance of winning, high investments in hardware are necessary, followed by running costs, e.g., electricity. However, due to the technical structure of PoW, PoS, and a public system, Ethereum is highly vulnerable to forks. Forks lead to inconsistent states of the network and data status.
To prevent forks and increase security, decentralization has to be limited by increasing the control over the network. This is the case of permissioned protocols like Practical Byzantine Fault Tolerance (PBFT) used in Hyperledger Fabric because it has a predefined set of validators and steps, ensuring the correct order of system updates [44]. By reducing the number of nodes, the degree of system centralization increases. Hence, validators do not have to compete against each other creating the next block. However, this makes the network more vulnerable to node failures, i.e., malfunctioning of the hardware, because the network of validators is limited. The impact on security is low; while node failures slow down the network, the failing node could be directly identified.
One disadvantage of Hyperledger Fabric's consensus mechanism PBFT is that the healthy ratio demands a high number of healthy nodes compared to the number of malicious ones, i.e., three times or more honest than malicious ones [97]. The security of the system depends upon a multitude of different, overlapping quorum slices to vote on the validity of transactions. In the case of Article 6.2, there is the theoretical option that some Parties try to act maliciously, but it is unlikely that the number of these malicious Parties will exceed more than one-third of all network participants. Hence, the security barrier of PBFT should not pose a problem.
Due to Parties acting as consensus validators, the system has to be resilient to arising political conflicts. PBFT has the advantage to support a system with equal rights and powers, due to the random election of a leader per validation round and the mandatory feedback of the majority of the system nodes. This makes it resilient to the political developments outside of the system. However, this requires the equal distribution of administrative rights between the Parties. Under PoS, the only political conflict is the entry barrier in the form of an inbound investment. This conflict could be solved by distributing the same value of the network token to each entity that is participating in the consensus process. Then, all have the necessary stake, and the consensus protocol could automatically choose a different validator for each round. In the case of Ethereum, the stagnation of the system because of political issues is less likely, as external validators are included as well. However, if the countries want to participate in the validation process in a public system, they will need to buy tokens of the network, e.g., ether for Ethereum. Depending on the volatile price development, this could be cost-intensive.

Blockchain Community
The next soft factor is concerned with the size and supportive attitude of the blockchain community and the quality of the programming languages. Especially, the attitude and perception of the community is important. In public systems with undefined validators, attacks against the system or refusals against the validation of transactions under the Paris Agreement are possible. In general, public and permissionless blockchains are larger than private ones. Moreover, there are higher chances in a public system of sub-groups not being supportive of the Paris Agreement application.
Ethereum is the most active smart contract platform [98]. Most new tokens of the top 100 are built upon Ethereum [99]. Due to the large community size-422k builders on Reddit [100]-there are a lot of resources (188 repositories on GitHub (Ethereum, 2019b)) and numerous forums. Smart contracts are written in solidity, which has been created solely for Ethereum and is hence, not as widespread and functional as other conventional programming languages, e.g., C++. Furthermore, it is not a fully developed programming language. On GitHub, a solidity repository has over 500 reported issues (Ethereum, 2019c) and there are several articles about security flaws of solidity [87,101,102]. Furthermore, there are fears that the release of Casper with PoS could split the community [103]. Several associations and foundations develop first prototypes upon Ethereum for the energy sector. The Energy Web Foundation tries to digitalize the energy infrastructure over the blockchain [104]. The Blockchain for Climate Foundation implements a first prototype of the Paris Agreement upon Ethereum [105]. Despite the public structure of Ethereum, several countries started researching usage possibilities with Ethereum [106,107]). Hence, Ethereum as a public and permissionless blockchain offers the advantage of a large community with early indications of acceptance by users in the relevant field. However, software and community stability are limited.
Being a project of The Linux Foundation, the Hyperledger Fabric community consists of public and industry supporters. Members include IBM, Cisco, and Accenture [45]. Despite the cooperation with companies, Hyperledger Fabric remains independent from any organization. It has around 9000 commits on GitHub [108]. The overall project Hyperledger has 1900 subscribers on Reddit [109]. With version 1.4 of Hyperledger Fabric, long-term support (LTS) was introduced, which ensures updates of the blockchain infrastructure [110]. Smart contracts can be developed in Node.js and Java, which are two common programming languages. A permissioned and private blockchain system brings transparency into internal processes, but not to anyone outside the system. As a positive result, there are no conflicts with the external community, e.g., external validating nodes ignoring transactions of countries. However, a permissioned system is in conflict with the bottom-up approach of Article 6.2 and the Paris Agreement.

Comparison of Ethereum and Hyperledger Fabric for System Design
Overall, there are three possible designs for a blockchain-based solution: First, a public and permissionless blockchain system using Ethereum, second, a private and permissioned system with Hyperledger Fabric and, third, a hybrid approach by implementing Article 6.2 on a Plasma chain, which is connected to the Ethereum network. Each of these approaches present advantages and disadvantages, which need to be considered when choosing a blockchain system design for Article 6.2.
At the time of writing, the usage of a public and permissionless system like Ethereum is partly speculative due to a number of uncertainties. First, it does not have private chains implemented (yet) and can therefore neither scale to a sufficient rate, nor create the required degree of privacy to protect sensitive data. Second, with Proof of Work, the transaction throughput is not sufficient and the transaction fees are too high. However, with the announced release of Ethereum 2.0 these current limitations should be overcome. Furthermore, Ethereum is worth considering, as it constitutes the largest smart contract blockchain with several reported energy and governmental projects. Adding to its attractiveness, it has a large developer community, which actively contributes extensions and secures the robustness of the underlying technology.
The main advantage of a public permissionless system like Ethereum is the inclusion of public ownership, leading to strong transparency, accountability, and credibility. Each interested person could create a light node to track the development of projects and the mitigation activities of countries. Citizens or NGOs can follow the decisions made and track them if promises are actually fulfilled. As it would be possible to gain first-hand information, the system would embody the bottom-up characteristic of Article 6.2. This is another advantage related to the security of the system, which is established by decentralized and external full nodes. This would allow the Parties of the Paris Agreement to eliminate server costs with the downside of committing to transaction costs. To store sensitive information, side chains could be used. This would create privacy, while still ensuring data validity. Furthermore, side chains provide extra scalability to accommodate an increasing amount of transactions and users.
In future steps, the development of a new involvement system of non-state actors is imaginable to enable inclusion, e.g., through voting for mitigation activities. With a large community and a variety of existing projects, experiences can be exchanged. The UNFCCC could use synergies with external foundations and associations for the development of the application. This could recover some of the lost time of ongoing negotiations.
On the downside, an open approach with Ethereum could lead to disagreements with countries which are not interested in sharing detailed information with actors outside the Paris Agreement. Different from PoW, under PoS, the validators are not doing difficult computations to create the next block. Therefore, validators can work on different blocks simultaneously. Furthermore, it is in their economic interest, because it increases the possibility of receiving the reward for creating the next block. As a result, the number of forks is increased, resulting in several different statuses of the network, which again could lead to double-spending. Ethereums change to PoS, also called Casper, will choose the main chain based on the number of previous activities upon each chain [79]. A chain with more forks indicates that more independent validators were active. On the other hand, a chain without any forks suggests a single validator, or validators that agreed upon the block sequence. This approach can work, but it is not guaranteed. In addition, even if the Parties want to participate in the consensus process, there will be other validating nodes transferring and validating the input data. Hence, the security and integrity of the data are no longer a given.
Lastly, the Article 6.2 system depends on the general development and existence of the Ethereum architecture and the Ethereum currency. System problems because of unrelated reasons, e.g., dissatisfaction and dissent inside the community, would also have an impact on the Article 6.2 blockchain. This dependency also includes the price of transaction fees. It is, at the time of writing, not clear how the transaction fees will change with Casper, but it is certain that they will continue to exist. Hence, countries would need to handle not only official currencies, e.g., Dollar and the ITMO token, but also ether and gas. Ether has, further, a volatile price development, because of its dependence upon the market demand. This can lead to additional conflicts and financial problems.
Some of the downsides of a public system could be prevented by using a hybrid approach. In a hybrid approach, a subsystem would be created on a Plasma chain. It would be interlinked to the main chain to increase security but could use pertinence consensus protocols like Proof of Authorities (PoA). PoA is a permissioned consensus protocol in which a set of authorities secure the network [111]. The full nodes listed earlier could be the defined authorities and would ensure data integrity. However, this would mean that the Parties would have to purchase the necessary IT infrastructure for servers to store the blockchain and validate transactions. Like in the public approach, project chains could be used for currently implemented mitigation activities. This would create a certain degree of privacy.
An alternative approach is offered by Hyperledger Fabric, a permissioned and private blockchain. The main focus of a closed blockchain system is data security and privacy. What makes the system permissioned and private is that the creators define who is eligible for the consensus process. Due to nodes exchanging and approving the information before the state can be changed, the possibility of forks is negligible. Additionally, due to the closed structure and strong dependency between the network users, there are no transaction fees reducing the overall transaction costs. Another advantage of a closed system is that only predefined tokens are interchangeable upon the network. Hence, the handling of different currencies is easier and not influenced by the market development of cryptocurrencies. Regarding the development of smart contracts, a variety of different programming languages could be used for the creation of smart contracts. With long-term support (LTS), the CMA and UNFCCC receive system updates without the need to change the whole blockchain version. Besides improving the privacy, the data integrity and storage security are easier to guarantee in an independently administered system. Further, privacy between the Parties is established through channels in which predefined users track their mitigation activities. A closed system does not imply automatically that information is not visible outside of the blockchain. To fulfil the demands of Article 6.2, interfaces can be used to display regular updates of data, for example on the UNFCCC website. External users could receive access through user accounts. They would be represented as light nodes, could participate in predefined tasks (e.g., project documentation or project voting), but would not have any influence on the consensus protocol. However, it is not to be expected that the CMA or UNFCCC will agree upon the development of citizen participation tools. Therefore, the system itself would stay isolated.
With respect to community acceptance and learning from past experiences, it must be noted that Hyperledger Fabric has, to date, not attracted the same amount of trials and implementations in the energy field. In addition, it is complicated to get concrete information-not to mention code-about the projects, because of the closed structure of Hyperledger Fabric and the contributing companies. Hence, the potential is low for the usage of synergies and exchanges with external foundations. Despite being deployed on the servers of the CMA and UNFCCC there is-notably with the usage of LTS-a dependency still given for the development of improvements and error handling, especially, if there is no other source of technical research accessible. Due to the isolation of the system, there will be higher fixed and variable costs. Fixed costs implicate the first creation of the infrastructure to run the blockchain. Besides the improvement of the running system, variable costs further consist of server management and the development of new security measurements. Moreover, depending on the server usage, the system loses its decentralized character, increasing its vulnerability to attacks.
In conclusion, both presented blockchains have advantages and disadvantages. If a more closed and secure approach is preferred, Hyperledger Fabric is recommended. If more transparency and the integration of external actors are prioritized, Ethereum is the more suitable blockchain. In the end, it is a weighing of interests to make the final decision, and regardless of the system choice, all actors have to agree on the usage of a blockchain system to make the system work.

Conclusion and Future Research
Our work is an initial proposal for a blockchain-based carbon market mechanism as outlined in Article 6 of the Paris Agreement. We seek to initiate a discussion and raise awareness about the potential of different blockchain applications and their limitations in this context. In this paper, we described the past and present barriers that prohibit a successful carbon market mechanism implementation. Blockchain technology acts as a transparency platform to facilitate and display climate actions of national Parties. Besides transparency, blockchain technology increases efficiency and addresses barriers of the past and present carbon market mechanisms. The comparison of the advantages and disadvantages of the two blockchain applications is summarized in Table 1.
The advantage of using Hyperledger Fabric is that the network authority of the UNFCCC and CMA can maintain control over the technological infrastructure. As a public blockchain, Ethereum embodies the decentralization character of the Paris Agreement and could encourage bottom-up and democratic system governance through public transparency.
Further research on the governance of this market mechanism is required. To decide the mechanism and governance design, it will be important to receive feedback from the national Parties and other critical actors like the UNFCCC and the CMA. Stakeholder consultations, workshops and seminars will be useful to raise awareness and understand preferences. Furthermore, the development of a prototype blockchain would be beneficial to stimulate detailed design feedback from all stakeholders. During this, a more detailed analysis of different implementation approaches and the resulting costs is of interest.
An evaluation of regulatory barriers and opportunities is another important field of research. A part of this is the missing regulatory classification around ITMOs.
Last, fields of applications and their implementation of IoT and Machine Learning could be researched. In the case of IoT, the usage of smart meters and smart sensors is of interest. It could further automate the process, reduce costs and improve the transparency of the unit quality. Machine Learning could be used to do trend analyses and risk calculations with the collected data. Furthermore, it might be possible to support the technical expert team in finding loopholes in the data.
In conclusion, the adaption of blockchain technology enhances the transparency and efficiency of mitigation activities under the Paris Agreement. Both blockchain systems offer advantages for the carbon market mechanism. With this work, we conduct a first feasibility analysis of blockchain technology for carbon market mechanisms and outline important blockchain selection criteria. Due to the distributed and decentralized nature of the technology, new blockchain features, designs and infrastructures are emerging on a daily basis. Hence, there will be new and perhaps more suitable blockchain solutions evolving in the future. The selection criteria and evaluation process presented in this paper can be used as an initial feasibility assessment framework for future blockchain system analyses and as inspiration for other research fields.