AI Authorization Is Transaction Cost Design

Insight · Kai · · 16 min read

A Real Argument

Someone asked today: do you run Claude Code in a sandbox on your machine?

When Claude Code runs on your computer, it can execute commands and read/write files — pretty broad permissions. By default, it asks before every risky operation: "Can I do this?"

One person found the constant approvals annoying. His solution: put the AI in a sandbox, grant it full permissions, let it do whatever it wants. If it blows something up, no harm done — it's sandboxed.

Another person disagreed. He said this isn't about sandboxes. It's about management. You have an employee. Delegate too much and you're nervous. Delegate too little and they're asking permission for every little thing. What you should do is draw a clear line: out of 20 tasks, 3 require your sign-off. The other 17, let them run.

The second person saw something deeper. Something that economics figured out 89 years ago.

A 27-Year-Old Brit Asked a Dumb Question

In 1937, Ronald Coase published a paper called The Nature of the Firm. He was 27, still a lecturer.

He asked a question that every economist at the time thought didn't need asking:

If markets are so efficient, why do firms exist?

According to the textbooks of the day, markets automatically allocate resources optimally. Need something? Buy it on the market. Find the cheapest supplier. That's peak efficiency. So why do people start companies, hire employees, build hierarchies? Why not just transact deal by deal on the open market?

Coase's answer was one sentence: because using the market has a cost.

Transaction Costs

When you complete a transaction on the market, the actual cost goes far beyond the price of the goods. You also pay:

Cost Type What It Means Example
Search cost Finding the right counterparty Getting three quotes for a home renovation
Information cost Assessing quality and reputation Reading reviews, asking friends, visiting in person
Bargaining cost Negotiating terms Going back and forth on price and contract changes
Contracting cost Drafting and signing agreements Hiring lawyers, processing paperwork
Monitoring cost Ensuring compliance Checking progress, inspecting quality
Enforcement cost Dealing with breach Lawsuits, arbitration

Add them all up and you get transaction costs.

Every market transaction carries these hidden costs. If you're renovating once, you deal with it. But if you need work done every day — searching, negotiating, contracting, monitoring every single time — you'll lose your mind.

So you think: why not just hire someone? Sign one long-term contract. Have them work for you every day.

That's how firms are born. One long-term employment contract replaces countless market transactions.

Coase's Formula

Coase's core logic boils down to a simple decision rule:

When internal organization cost < market transaction cost, do it in-house. When internal organization cost > market transaction cost, outsource it.

A firm keeps expanding until the cost of managing one more thing internally equals the cost of handling that thing through the market.

In more precise terms:

Optimal firm boundary: MC_internal = MC_market

MC_internal = marginal cost of organizing one more transaction internally
              (communication, management, coordination, mistakes)
MC_market   = marginal cost of completing one more transaction on the market
              (search, negotiation, contracting, monitoring)

Too small a firm — everything outsourced, every task requiring search, negotiation, oversight — and transaction costs eat you alive.

Too large a firm — everything done internally, bloated hierarchy, management stretched thin — and organization costs eat you alive.

The optimum is in between. Do in-house what should be in-house. Outsource what should be outsourced.

This paper earned Coase the 1991 Nobel Prize in Economics and has over 59,000 citations on Google Scholar.

Why This Theory Emerged When It Did

The 1930s were a peculiar time. Free market economies were in the Great Depression — factories closing, unemployment soaring. Meanwhile, the Soviet Union was running a planned economy with rapidly growing industrial output.

The debate was fierce: is market allocation better, or central planning?

Coase noticed something everyone else had overlooked: even within free market economies, a massive amount of resource allocation happens through planning — it just happens inside firms. The boss tells employees what to do, employees do it. Isn't that central planning?

So the question wasn't markets vs. planning. It was: when do you use markets, and when do you use planning? The answer is transaction costs — whichever side is cheaper.

Oliver Williamson later built on Coase's foundation, identifying three key drivers of transaction costs:

  1. Bounded Rationality: People can't anticipate every scenario. Contracts are always incomplete.
  2. Opportunism: Counterparties may shirk, lie, or exploit loopholes.
  3. Asset Specificity: Once you invest in relationship-specific resources, you're locked in. Your bargaining position weakens.

Williamson won the 2009 Nobel Prize in Economics for this work.

Back to AI

When you use Claude Code, you're collaborating with a digital worker. Every time it asks "Can I run this command?", you have to stop, read what it wants to do, judge whether it's correct, and click approve. That's a transaction cost.

Three strategies, three cost structures:

Strategy 1: Approve Everything

Transaction cost: extremely high. Risk: extremely low. Efficiency: extremely low. You become a human rubber stamp.

This is like not hiring anyone — handling every task as a one-off market transaction. Safe, but exhausting.

Strategy 2: Sandbox + Full Permissions

Transaction cost: zero. Risk: high. Efficiency: uncertain. You have zero visibility. If it does something wrong, you won't know.

This is like hiring an employee and never checking their work. Low effort, but when things go wrong, they go really wrong. This isn't reducing transaction costs — it's avoiding them.

Strategy 3: Draw an Authorization Boundary

Transaction cost: low. Risk: controlled. Efficiency: high. Routine operations run autonomously. Critical checkpoints require your approval.

This is like building a company with clear governance. Day-to-day execution is delegated. Key decisions go through approval. This is the Coasian optimum — balancing transaction costs against organization costs.

Where to Draw the Line

In practice, it comes down to one question: which operations need your approval, and which don't?

Delegate Approve
Read files Delete files
Install dev dependencies Modify system config
Run tests Push to production
Format code Call paid external APIs
Search and query Operations touching sensitive data

Approve 3 out of 20 things. That's your optimal firm boundary.

In Claude Code, this is implemented through allowedTools, hooks, and permission configs. The technical mechanisms are tools. Authorization design is the core.

Sandboxing solves "if it blows up, I don't care." Authorization boundaries solve "should it blow up at all?" The first is physical isolation. The second is governance design. Coase said it in 1937: good organization isn't about eliminating costs — it's about spending them in the right places.

Reference: Ronald Coase, "The Nature of the Firm," Economica, 1937.

← Back to Frontier Insights