Post on 31-May-2020
quocirca
Clarifying the business impact of technology ©Quocirca May 2017
Report Authors
Author Clive Longbottom
Tel: +44 118 948 3360
Email: Clive.Longbottom@Quocirca.com
Author Bob Tarzey
Tel: +44 1753 855794
Email: Bob.Tarzey@Quocirca.com
Commissioned By:
Will the real Blockchain please stand up?
Financial institutions have invested money looking at Blockchain. However, there are now quite a few
different approaches to Blockchain-based distributed ledgers. Which one is likely to be the best, and where
will distributed ledgers play most strongly?
Key Points:
• Bitcoin is not Blockchain – Bitcoin destroys the full audit capabilities of a distributed ledger through the use of (insecure) Wallets.
• Blockchain is not the only distributed ledger in town – which is good, as use cases should be rendered with more mature technology where possible.
• Organisations should prepare for the inevitability of a distributed ledger.
• Providers of the competing ‘next gen’ distributed ledgers must get their acts together to form a full end-to-end capability via a standardised
underlying fabric.
• The Linux Foundation Hyperledger Fabric framework is showing great strengths – and is being used in anger in the real world.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology ©Quocirca 2017 Page | 2
Notes to the report In this report, Bitcoin, Blockchain and Wallets have all been capitalised so as to
differentiate them from any other usage of the terms in common use, and to
differentiate Blockchain itself from the number of other distributed ledgers
available in the market.
Just what is Blockchain? itcoin. You, know – that subversive cryptocurrency that allows those
with nefarious ideas to gain money completely anonymously. Or,
Bitcoin, the cryptocurrency that works in a completely open and
transparent manner without the need for a government or corporate body as
an intermediary.
You pays your Bitcoin and get your prize – both of the above are, in some ways,
right and wrong.
Bitcoin works on top of Blockchain, a ‘distributed ledger’ that tracks every
action taken on a Bitcoin – every time a bitcoin is moved along a transaction
process; every move from owner to owner. In this way, Bitcoin is totally
transparent and open. It is also impossible to make a transaction that is not
logged. So how come that Ransomeware originators and other cybercriminals
insist on being paid in Bitcoin, believing that Bitcoin is untraceable?
It is the way that users ‘hold’ their Bitcoins where obfuscation and secrecy
comes in. Bitcoins are held in a ‘Wallet’. A Wallet can be set up on top of
Blockchain such that the wallet can use rolling anonymous identifiers. Single
Bitcoin transactions can be carried out using a single Wallet that can then
disappear once the transaction has happened. The underlying Blockchain still
records the fact that Bitcoins have moved from their point of origin into the
1 https://blockchain.info/charts/blocks-size
Wallet – but if the Wallet is not tied into a strong physical ID, then the chain of
transparency is broken – meaning that Bitcoin can be used in nefarious ways.
The Blockchain is immutable: every block has a crypto hash to the previous
block: it is, to all intents and purposes, impossible to traduce the chain.
So – let’s forget about the Wallet; forget Bitcoin itself. What’s left? The
Blockchain distributed ledger. And this is where things are getting very
interesting.
A key part to how distributed ledgers work is around their openness – they are
not (generally) ‘owned’ by any one entity.
Rather than operating as a centralised system owned by a single entity (such
as the way banks have traditionally operated in owning accounts and managing
all transactions around those accounts), a distributed ledger pretty much does
what it says on the tin.
Any computer connected to a distributed ledger is called a ‘node’. Most of
these nodes operate as ‘lightweight nodes’ which operate essentially as feeds
into the main backbone system. For a distributed ledger to work effectively, it
needs a number of what are deemed ‘full nodes’. Each of these nodes operates
as a peer, holding details of the distributed ledger. Each full node contains a
full copy of the ledger.
This is building up to be a major problem for distributed ledgers. Each ‘block’
within the ledger cannot be more than 1MB in size: therefore, even a small
desktop computer can hold a lot of transactions. For example, the whole
Blockchain distributed ledger, according to blockchain.info, is currently around
115GB in size1 – a small overall storage load with modern disk drives holding
several terabytes of data. However, growth is running at around 3-4GB per
month – and this is just for a relatively low-use Bitcoin system.
B
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 3
Introduce broad scale use, and the size of the ledger starts to become
appreciable – these full nodes now need to be run on a commercial basis,
rather than on the free basis currently operated under.
However, the use of a multi-full nodal system is key to the operation of a
distributed ledger. By having multiple full nodes across a distributed ledger
platform, should one or more of these go down, the distributed ledger
continues to operate. As such, even if an organisation involved in a distributed
ledger goes out of business, not only do all the transactions that involve that
business stay within the distributed ledger, but the whole chain continues and
can still expand to include new organisations with their own full nodes. If an
entity needs to create a transaction and their nearest full node is down – no
problem. The transaction can still be created in the distributed ledger and what
information is needed to be synchronised with the full nodes will be
synchronised when the full node comes back up or is replaced.
More to the point, as a complete set of pointers around all of the details around
all transactions is stored on every full node, it is a transparent system. Anyone
with the right security profile can see exactly how transactions occurred, who
they were between, when they took place and so on. Conversely, if you do not
have the right security privileges, you get to see nothing. In other words, as
long as privacy services are used correctly, the ultimate transparency of a
distributed ledger is controlled as each constituent of the chain requires.
Such granularity in what details are made visible to the constituents of the
distributed ledger chain is key to why they will be successful.
And yet, as the distributed ledger is distributed, should anyone with enough
security privilege try and do anything illegal, corrupt or silly, that will also be
logged – making a distributed ledger highly secure within itself.
This then brings us back to the concept of a ‘Wallet’: the distributed ledger
does not contain the physical item itself around which the transactions are
taking place. However, it is a waste of everyone’s time if the item itself is not
immutably linked to the transaction details. For example, if the actual money
being moved around can be taken out of the system outside of the distributed
ledger environment, then the nominally immutable distributed ledger details
prove little.
What is really needed is a means of matching physical or digital assets with the
distributed ledger – and this is where serial numbers and object-based
information storage systems come in.
The technology is now available to ensure that a physical object is immutably
linked to a digital asset base and that all transactions around that item are
logged in a controllable and unchangeable manner.
For all these reasons, distributed ledgers have garnered much interest – such a
secure, standardised and open system must be the Nirvana for any
organisation dealing with financial, or any process, matters.
Except, as we will see, this hasn’t necessarily been the case.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology ©Quocirca 2017 Page | 4
How does a distributed ledger work? Figure 1 gives a basic overview of how a Bitcoin transaction is executed using a distributed ledger. In this example, one person
wants to send money via Bitcoin to another. For the people concerned, the activity is simple: underneath the covers, though, the dependency on the distributed
ledger becomes apparent
Figure 1: A simple Bitcoin transaction
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology ©Quocirca 2017 Page | 5
The Deal-Breaker with Blockchain? There have been lots of headlines in the press about Bitcoin being
compromised – Bitcoins going missing due to fraudulent activity by failing
companies such as Flexcoin, Vault of Satoshi and Mt. Gox; investigations of
Bitcoin companies such as GAW Miners, EgoPay and Paymentbase.
You may also have seen the news about how the underlying Blockchain is facing
problems – it is not scalable and, as such, is deemed as unfit for purpose by
many in the industry.
All this is true. However, the scams and frauds being perpetrated by the
companies have little to do with the underlying Blockchain technology – these
scams have been carried out through misuse of Wallets, through making the
most of gaps in the knowledge of non-Bitcoin savvy investors and so on.
The problems with the scalability of Blockchain are far more real, however.
When Blockchain was first developed, it was never envisaged that it would be
used widely – it was purely there as a low-transaction volume logging
mechanism. A maximum block size was agreed at 32MB. This led to a lot of
wasted space and poor architectural design, and the maximum block size was
reduced to 1MB. As each block only carries basic metadata around the
transaction and the cryptohashes required to secure each block’s position in
the chain, this was seen as being a good compromise. However, this is now
causing problems – according to Tradeblock, the size of blocks has been
growing steadily and is now often hitting the 1MB size limit. Due to
architectural constraints with Blockchain, it is difficult (near to impossible) to
increase the block size without needing to migrate existing blocks into a new
chain – something that is seen as breaking the immutability of the chain itself.
This has led to the formation of multiple camps. There are some who believe
that everything should stay as it is, and it is up to those using Blockchain to
work around the constraints. There are those who want a brand new
distributed ledger that does away with the existing block size constraint via
what is known as a ‘hard fork’ (i.e. a new product with no compatibility with
Blockchain), and then there are those somewhere in the middle who want a
‘soft fork’ (i.e. a new system that increases block size while maintaining a high
level of compatibility with Blockchain).
The problem for many in the soft fork camp is that their proposals, such as
Segregated Witness, will only postpone the pain of scalability to a later date.
The hard fork camp is the one that can ensure that there is long term scalability
and consistency for distributed ledgers.
This has led to several battles being waged – and for many to shy away from
taking the first steps into the use of Blockchain or any other distributed ledger
until the arguments are perceived to be over – or at least less vitriolic.
This should not be a deal-breaker, though. If an organisation accepts that a
distributed ledger is the way forward, then there are plenty of choices in the
market.
The FinTech – distributed ledger love/hate-fest here has been a lot of interest from the financial technology sector
(FinTech) as to how distributed ledgers can be used as a standardised
global means of managing financial transactions. The use of a
distributed ledger was, at first, seen as more of a threat than an opportunity
to the traditionally secretive and self-perceptively powerful financial sector.
The initial interest in Blockchain (driven by the media-driven frenzy around
Bitcoin) was therefore more around how to gain control of Bitcoin and any
other cybercurrencies that succeeded, bringing them back into the fold of the
control of banks themselves.
T
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 6
However, it did not take the emerging FinTech sector long to realise that there
was so much more to a distributed ledger than a ‘pure’ Blockchain and a set of
cybercurrencies. The underlying distributed ledger was key – and the new
focus became what could the distributed ledger offer to the financial sector.
One of the major issues within the financial sector is in tracking what has
happened. Old, highly proprietary systems can and do go wrong. Generally
speaking, when such errors occur, the fault is minor and the monetary impact
is low. However, occasionally, as in some of the more visible insider trading or
major computer glitch problems – the impact can be severe.
Identifying what happened and where things went wrong can be difficult – in
some cases, almost impossible. A prime (sic) example here would be in the
pre-2008 days where toxic loans (such as sub-prime mortgages) were packaged
up and sold on to underwriters multiple times, with the result that some
financial institutions found themselves underwriting their own risk without
knowing it.
However, if everything takes place through a distributed ledger, then the
transaction process is all there – logged for eternity, yet secure from prying
eyes through the use of applied privacy services.
Overlaying Figure 1 against this process, replace Bob and Alice with banks. A
financial transaction is made into one bank and is immediately logged within
the distributed ledger. Every time those funds are moved, the ledger is
updated. No matter where the funds move, as long as it is between institutions
that participate in the relevant distributed ledger, the funds are fully traceable.
Money laundering becomes more difficult – the bad guys then need to find a
bank that will take funds transfer that are part of the distributed ledger, but
are also then willing to transfer the funds out of the control of the distributed
ledger into an uncontrolled environment. Essentially, this bank is acting as a
Wallet: it provides the obfuscation over the visibility that the distributed ledger
enforces.
This is then dangerous for that bank. It moves from being a trusted entity into
one that is presumed to be highly compromised. Why would it enable funds to
be moved away from the distributed ledger? If there is a trace put on those
funds and it is found that they were being moved illegally, it can pretty much
be guaranteed that the said bank would be held accountable for the funds.
Every other constituent in the chain can prove that it knows where the funds
came from and where they went. In this example the bank can only prove
where they came from – it has failed in maintaining the chain of forensic
accountability.
So, is the use of a distributed ledger an opportunity or a threat overall?
Certainly, for those financial institutions that want to be able to show that they
had taken all steps possible to avoid an illegal or misguided situation, such
transparency is key. For those to which the very thought of openness and
transparency is anathema – well, maybe not quite so good. Many banks make
a lot of money through turning a blind eye: a distributed ledger would make
this harder to do.
Many banks also lose a lot of money through poorly enacted audit processes.
The financial sector itself calculates this as being around 20% of their cost base
– yet a distributed ledger can get rid of a lot of the costs of tracking processes
and reconciling payments. Overall, it would seem that a distributed ledger
would be a good thing for the banks and insurance companies.
It is becoming apparent that distributed ledgers will either have to be
implemented by the financial sector voluntarily, or that it will find one being
enforced by global, regional and/or national regulators. Surely, it is better to
put distributed ledgers in place on the financial sector’s own terms, rather than
for the move to be politically driven?
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 7
Hence, there has a surge in technology companies looking at providing their
own versions of a Blockchain distributed ledger to better meet the needs of the
financial community.
Distributed ledgers – it’s not all about money Cryptocurrencies and tracking monetary transactions is still only a very small
part of the overall possibilities for distributed ledgers to provide value across
the general markets – from consumers through retailers to legal and citizen
services.
A good example of this is UK-based company Everledger. Currently with a focus
on the gemstones market (specifically diamonds), Everledger is showing the
way forward in how to enforce traceability in such high-value items that are
too often sourced from areas of strife where they are sold to raise funds for
armaments – the so-called ‘blood diamond’ trade.
There are lots of problems with the trade in diamonds. ‘Conflict stones’ (those
that are traded to support wars and other actions counter to good governance
within a country) should not be traded (indeed, it is illegal in many countries to
do so), yet it is too easy to move them across borders to make them appear as
coming from somewhere else, so obscuring their original source.
Manufactured diamonds are becoming increasingly difficult to tell apart from
natural diamonds, without expensive optical testing systems. Putting in place
a system of trust based on provenance is needed.
The Gemological Institute of America (GIA) is responsible for the widely used
grading scales of diamonds – the ‘C’s of carat, clarity, colour and cut. It has
now extended its function to providing a means of identifying diamonds as they
move through the market.
Every modern cut and polished GIA-Certified diamond has a laser-etched serial
number on the girdle of the stone. This is then associated with the 4 Cs of the
stone in a database owned and managed by the GIA. The serial number can be
read by anyone with a strong enough magnifier and can be compared to the
GIA’s log which will provide a full description and history of that diamond.
However, using this serial number as an identifier within a distributed ledger
creates an immutable reference for the stone. As the serial numbers are
unique, once the stone is registered, it cannot be entered again. If an attempt
is made to register one that is not on the GIA’s register, it will be immediately
flagged as a possibly fraudulent event. Everledger tracks the stone’s
movements along the transaction process, creating a trail of provenance that
exists beyond the diamond itself, but is inextricably linked with it.
Everledger is using aspects of the Linux Foundation Hyperledger Fabric
framework using IBM as a partner – it operates 9 full nodes shared across the
diamond trade’s major stakeholders, including Everledger itself, De Beers, the
London Diamond Exchange and others.
Let's take this a little further. Just dealing with rough, cut and polished
diamonds is like having one domino, standing it on its edge and knocking it
down. It falls, but doesn’t do a great deal else. Instead, let's consider
something that is more like a domino rally.
The diamond is mined, sold, cut, polished and sold again. All of this is already
within Everledger’s purview. Now, that buyer of the polished gem could well
be a jeweller, who brings together many different stones of different types
along with gold, platinum and silver to create a single piece (or set) of jewellery.
The multiple different identifiers for all these components can be pulled
together through the distributed ledger to become a super object that can then
be tracked as a whole and as a set of different pieces.
The jeweller sells the jewellery on to a retailer, who then sells it on to a
customer.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 8
But that does not mean that Everledger is just going to remain focused just on
single diamonds, nor just on the gemstone market alone.
Consider any high value item – designer watches, artworks, antiques,
investment wine, cars. Any of these hold enough value so that a company such
as Everledger can make money from providing services to its customers.
For example, an Everledger customer registers all their high value items with
the company through its distributed ledger. The customer provides all the
items required to support the provenance of the item – receipts for amounts
paid, serial numbers, etc. Once due diligence has been carried out to ensure
that the item is what the customer says it is, it is then irrevocably logged within
the distributed ledger. The customer needs to insure the item – the
provenance and value of the item can be shown via the distributed ledger. If
the item is stolen, all the details that the police and the insurance company
need are already available – there is no need to be scrabbling around looking
for the paper receipts or credit card records and then arguing with the
insurance company as to whether these applied to the actual item.
Fraud becomes far more difficult – a person ‘losing’ an item and claiming for it
while selling it on or adapting it in a new format will find this difficult (or
impossible, as long as the distributed ledger company has done its work
properly) as the details of each part of the item have been logged and tracked.
Beyond the gemstones But, you say, you are not in the jewellery business. Let’s consider a few other
possible ideas, then.
Any process that involves the movement of digital or physical goods can benefit
from the use of a distributed ledger.
As previously mentioned, high-value goods are an obvious target – for
example, fine art, which can be dealt with in the same way as gemstones.
The Convention on International Trade in Endangered Species of Wild Fauna
and Flora (CITES) governs the movement and sale of live animals, ivory, animal
hides and so on. The market for investment antiques, fine wines, cars and so
on would all benefit from better governance. All of these can be dealt with in
the same manner, maximising profit for those concerned in the distributed
ledger process while maintaining full compliance with legal obligations – and
adding value for customers.
Everything does not have to originate from the same source: high value
collections of such goods could be registered by the collector, creating a full
record that can be used at any time to show ownership, and when combined
with other information, eventually a trail of provenance.
Another area is in the farm-to-fork food chain. Here, Quocirca carried out
research in late 2016 around the issues that those responsible for food quality
(via hygiene and pest management) saw as being issues and opportunities.
The biggest issue identified by respondents was around the end-to-end
tracking and traceability of foodstuffs. Through linking the foodstuff itself to
unique identifiers managed through a distributed ledger system, problems
such as the UK’s 2013 horsemeat scandal could have been avoided.
Supply and demand Indeed, any supply chain can benefit (see figure 2). From the original request
from a prospect to the market for information (via digital requests for
information, RFIs), through contract negotiations to the physical delivery,
maintenance and end of life of goods, distributed ledgers can ensure that
everything is effectively and efficiently logged.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 9
Figure 2: Simple logistics chain
In certain industries, this is becoming of paramount importance. For example,
there is a market for spares in industries such as nuclear, oil and gas, and
aeronautics where the provision of fakes is big business. This can have
disastrous consequences. Between 1973 and 1996, the US Federal Aviation
Authority identified 174 serious aircraft issues that could be linked to the use
of counterfeit parts, resulting in 17 deaths and 39 injuries2.
In 2016, the Sellafield nuclear reprocessing facility in the UK identified a need
to source some out-of-production microcontrollers. They found a trusted
supplier, but had some worries when the delivery arrived and many of the chips
looked ‘different’. Although all the markings were correct, there were
2 http://www.finnegan.com/resources/articles/articlesdetail.aspx?news=532cc266-560e-4756-9b93-2ecff11c6ada
differences in the texture and thickness of the surface of the chips. It
transpired that different chips had been taken, sanded down and then
repainted with all the right marks3.
In South Korea, four different nuclear reactors have had to be shut down due
to counterfeit parts – in one case, forged quality control certificates meant that
parts had to be replaced, in another, counterfeit wiring needed to be replaced4.
If all of these items had been micro-identified via laser etching, near-field
communication (NFC) or radio frequency identification (RFID) tagging linked
through to a distributed ledger, such fraud through counterfeiting could have
been identified and prevented. Indeed, if the distributed ledger is used
correctly, the nominal specification of each item can be held within the system
and compared to the stated incoming details and easily checked against the
real physical data.
Problems can be identified; remedial steps taken; problems avoided. Supply
chains become an environment where anyone can participate without having
dependencies on the software applications being used by anyone else, or in
depending on one entity having full control of all the information involved in
that supply chain. A supplier may own a distributed ledger full node, but all
the supply chain information is distributed amongst all the other nodes as well.
No one company has overall control; no entity has full access to all the data –
no matter how hard it tries. As long as the participant’s credentials are kept
secure (which can best be done through two-factor authentication, 2FA), what
needs to be secret is kept secret; what needs to be shared is shared.
The levels of granularity controlled via privacy setting in a distributed ledger
come into play again – for example, should a supplier have preferential rates
3 http://www.sellafieldsites.com/wp-content/uploads/2016/02/Sellafield-Ltd-Quality-CFSI-presentation.pdf 4 https://www.rt.com/news/south-power-reactors-nuclear-869/
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 10
for a specific customer, or has tiers where customers get better deals when
they achieve certain sales volumes, this can all be held in the distributed ledger
– and only target customers can see the special terms.
It is more likely to be about you and me How about the consumers? This could be where distributed ledgers could offer
the greatest value – and be the biggest driver for adoption.
Wouldn't it be nice to be able to have a totally secure place to lodge property
deeds, copies wills, powers of attorney, photos of your family and so on? At
first glance, this may not appear to be so highly valuable intrinsically, as it
seems to be nothing more than a secure document vault, and there are plenty
of alternative free consumer options for that.
However, the long-term certainty that many of these consumer services for
holding such documents and information will be around for the long term –
and here, we are talking about a full human lifetime – is pretty low. However,
a distributed ledger is, as the name suggest, distributed; it does not have to be
beholden to one organisation, but can be operated as a shared resource
amongst many of them. Therefore, if one part of the conglomeration of
companies operating a distributed ledger fails, the distributed ledger itself
continues.
This begins to add a high degree of personal value – would you be interested
in paying a few pounds per annum to store such items in a system that is
guaranteed to be around even if large parts of it go under? Maybe not – is
there enough value overall in such a system to pay for it?
People tend to move house several times in their lifetime – and this is becoming
more of a chore. A distributed ledger can help in making it a case of input once,
share as necessary: all those details that are now required to be provided to
any prospective purchaser can be put into the distributed ledger and made
electronically available through a simple code provided to the prospect.
Should they prove to be just time wasters, that access can be immediately
revoked, and if they were only provided with read access, they lose all visibility
of such information – unless they have gone to the trouble of photographing,
screen grabbing or manually copying the information.
Once a sale is agreed, no more waiting for conveyancers to move documents
around manually: create a record of all documents that are required and
provide access to the record for the buyer’s and seller’s conveyancers.
How about if a set of policies could be defined that deal with required
processes? For example, when the worst comes to the worst and you die, what
if your next of kin could input a code into a distributed ledger environment
which would not only give them access to certain documents that they may
need, but also kick off a series of processes that remove a lot of the stresses
they could do without at a time of grief? For example, being able to stop all or
certain direct debits from leaving a bank account; being able to send certain
documents to a solicitor so that probate can be rapidly agreed.
Wouldn’t that be worth a small amount of money being invested in such a
service?
Big Brother, or Helping Hand? For governments, distributed ledgers open up a completely new means of
enabling citizen services. Each person could be allocated their own partitioned
area within a distributed ledger at birth, linked to their National
Insurance/Social Security number or other unique identifier. The citizen’s
driving licence, passport details, criminal records bureau (CRB) checks,
anything, can all be held.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 11
The citizen can add all their own information as required – and can ensure that
even though it is in the Government-supplied distributed ledger, it is secure
from being accessed by the government itself through the use of privacy
services. As such, house deeds can be held within the system. Utilities
companies can send their bills via the distributed ledger – and payments can
be made through the system. With all this information held in one, secure
place, the individual can more easily apply for loans, bank accounts and other
services where multiple proofs of identity are required. Moving to a new house
becomes simple – a change of address logged via the distributed ledger, and all
dependent services can be automatically updated.
The government can send requests to the distributed ledger – things like tax
returns, voting registrations, payments for council tax and so on. It can push
out information that it needs to make sure has been delivered – and read.
Remember, the distributed ledger can track every action on an item. As such,
it can be sure that the item was delivered to the individual, and that the
individual opened it. Sure, it cannot be definitely stated that the person fully
read it, but the presence of selection boxes throughout any document that the
citizen has to tick can at least show that they paged through it.
Bureaucracy can be minimised; trust can be built back up between the
government and the citizen; a common platform can be provided that helps
every element of the citizen’s life.
Stripping out the content? However, a distributed ledger should never be the ultimate store of actual
content. If it was, the size of the ledger would increase to the point where few,
if any, organisations would want to operate a full node. However, by tying the
distributed ledger to object-based storage, immutable data on actions that
have been carried out on the content itself can be held in a streamlined and
long-term flexible yet secure manner.
The use of object-based storage systems is growing. Many cloud services, such
as AWS and Azure are underpinned by object stores. Modern information
management systems, such as M-Files, also use object-based architectures to
hold information.
These object-based systems operate on a premise that an item should not be
stored as a stream of data, but as a single entity. Through doing this, any
actions carried out on the object itself can be logged and audited. By
maintaining an index of metadata, the item itself can reside anywhere across a
storage environment, and its physical location managed and accessed via what
is termed as a global name space.
For a distributed ledger, this becomes very important. The actual content can
be stored in a secure manner as objects, and can be made immutable through
the use of linked metadata between the object store global namespace and the
distributed ledger.
As such, the next generation of distributed ledgers could be far more
streamlined. Rather than the content following the ledger; the ledger follows
the content. Anything that a user creates remains where it is – at least where
there is a suitable object-based store behind it. This store maintains the fidelity
of the information – it cannot be changed without the action being logged by
the system, which is then synchronised at the metadata level with the
distributed ledger itself. Any access to the data is predicated through the
distributed ledger, which uses the metadata to identify where the information
is physically stored and passes the request for suitable access through to the
object-based store.
Upsides, downsides What downsides are there for distributed ledgers? The most obvious one is
seeing it as a universal panacea. It is not the right solution for every problem,
but it has enough promise that it is likely to be seen increasingly in everyday
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 12
life. The second problem is around forking: the Linux Foundation Hyperledger
Fabric framework project has headed off some of the forks that were
threatening to occur, but there are plenty of other distributed ledger projects
and products, such as Ethereum, MultiChain and BitFury. A more complete list
of startups and more mature companies in the distributed ledger space can be
found here.
This growth in different distributed ledger projects is worrying. The key is
around a distributed ledger having a single underlying (albeit shared) block
store. If there are multiple ones, then any transaction that crosses over
between one distributed ledger and another will inevitably face issues in
proving end-to-end transaction fidelity. Sure, over-reaching facilities can be
put in place to essentially stitch information from multiple systems together –
but this is still not the same as having a single, provable process trail in place.
This may well require all the competing projects to come together and figure
out what would be the best way to deal with such problems.
The overall ledger size that needs to be held on full nodes is also a major issue.
For example, should the banks decide to operate a shared distributed ledger,
millions or even billions of transactions per day will need to be logged through
the system. Even if each of these transactions resulted in blocks of say, 500kb
in size, each full node will have to store a large ledger.
As such, there will be a need for full node providers: these will need to charge
the banks (in much the same way as Swift does at the moment) to fund the
running of the full nodes.
There is a possible way around this: rather than full nodes carrying a full copy
of the ledger, a sharding approach could be used. As an analogy, in storage,
erasure coding provides high availability for data by taking an item of data and
breaking it up into multiple pieces (‘shards’), where only a small number of
5 http://quocirca.com/article/san-nas-or-time-try-something-new
these shards is required to rebuild the whole item itself. For example, HGST
uses an 18/5 sharding approach: the item is broken up into 18 different pieces,
with only 13 of them required to rebuild the actual full item5. This allows for
the failure of any 5 parts of the storage infrastructure – while minimising the
storage overheads by sharing data across many systems.
The same could be done with a distributed ledger. Each ‘full node’ carries a
subset of the overall data: if there are 18 nodes and the ledger is shared across
them in an equivalent 18/5 mode, then 5 nodes can go down and the total
ledger would still be available to all parts of the distributed ledger itself.
However, this would be likely to ignite another religious war within the
distributed ledger community – it is far more likely that the full node provider
model will win through.
The last issue is around general acceptance. Will consumers trust a distributed
ledger when there is so little trust around? Certainly, any strategy driven by
government is likely to fail, as we have seen repeatedly in areas such as digital
identities and other large projects. Likewise, any strategy drive by a single
vendor is also likely to struggle, as they will not have the scale to be able to
implement and run the overall infrastructure for a broad scale distributed
ledger. A broad consortium of organisations where the customer/user can see
specific value to their needs stands a much better chance of working.
How about businesses? Is it really in the best interests of financial institutions
to implement a full distributed ledger underpinning all their and their
customers’ transactions? In many ways, it makes sense. As previously covered,
money laundering becomes far harder. The fraudulent movement of funds
becomes almost impossible. What’s not to like about it? Possibly that the
banks know that they are still making a lot of money by turning a blind eye to
certain actions carried out by their customers.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology © Quocirca 2017 Page | 13
Making a start A leap into the dark by organisations could also destroy trust in distributed
ledgers. Quocirca advises that organisations look for a small, self-contained
project to start off with – maybe something along the lines of dealing with
contract details between the organisation and major suppliers. See what
works, and what is problematic. Work with the other parties to see where they
see strengths – and weaknesses. Get such a project working first – and then
build on the same distributed ledger platform to expand into other areas.
Such traceability could also be a worry for a large, multinational company.
Many of these have spent a lot of time and money setting up incredibly
complex webs of shell companies through which they move their money to
minimise tax bills. A mandated distributed ledger would lay all these webs bare
– there would be nowhere to hide. For such organisations, they are likely to
fight the use of distributed ledgers in this way to their dying breath. A brave
government wanting to ensure that such companies pay a fair share of the
overall tax bill should be lobbying other governments to make sure that it does
happen.
These same brave and clever governments may start to mandate the use of
distributed ledgers anyway. Suppliers to the public sector may need to start
operating contracts under such a fully auditable means. All movement of
public funds – whether to suppliers, as foreign aid or whatever – could be fully
audited. Organisations that governments want to check to make sure that they
are paying the right amount of tax may find that any transfer of funds into or
out of a country may have to be operated under a distributed ledger.
Even when it comes to national security, it may be that distributed ledgers
come into play. The current drive for ‘back doors’ into apps such as WhatsApp
and other secure communication tools should not and is unlikely to happen. If
instead, the companies behind the apps were mandated to hold in a distributed
ledger the originating and receiving IP addresses (or other identifying data) for
an interaction, it could be made available to authorities who have the right
paperwork from a court or other body. The key here is that it is only that
information – for example, the authorities would have to state that they want
the details of a call that was made from this certain device at this specific time
using this specific app. Due to the granular nature of the distributed ledger,
the authorities can be issued with credentials that allow them access just to
that data – they have no visibility of the call that happened two minutes before
or two minutes afterward.
Finally, the hunt for the perfect distributed ledger should not become an ivory-
tower argument. There will be those who will believe that their chosen
distributed ledger is the best – and they may be right. However, if the
arguments are all around whether distributed ledger A is more ‘pure’ than
distributed ledger B, then the wrong people are involved. Which distributed
ledger meets the business’ immediate requirements? Which one has bought
into the need to adhere to a common set of fabric standards, so that their
system can work with other systems if necessary?
Decisions need to be made on business needs, backed up with what the
chances are of the longevity of the chosen technology and any need to swap
from one underlying system to another in the future.
Watch this space – Bitcoin may end up as a struggling system that is a solution
looking for a problem. Blockchain may end up as a postscript in the history of
technology. However, distributed ledgers are here to stay – and will only grow
in usage.
Will the real Blockchain please stand up?
quocirca
Clarifying the business impact of technology ©Quocirca 2017 Page | 14
Conclusions Distributed ledgers are happening now – and have the promise to change how personal, government and commercial business is carried out on a global basis. Organisations should be investigating where a distributed ledger holds the most promise for them, and should also be looking for the small, quick-win projects that can help them familiarise themselves with the technology and prove its worth. However, the market is currently at an early stage: cryptocurrencies are not the long-term future for a distributed ledger, and there are too many vendors in the market who have a belief that their version of the technology can be the ‘one chain to rule them all’. Standards will be of ultimate importance to ensure that different systems can operate well together: no general ledger provider’s longevity is currently guaranteed.
The main reasons to use a distributed ledger are:
• To provide a secure, immutable means of tracking any asset – physical or digital – along any process.
• To enable highly granular privacy services that enable different entities to see different elements of information about what is going on in the chain.
• To have a highly availability, permanent record of transactions – even when a participant of the chain goes out of business.
• To enable faster and more accurate external audit alongside internal governance, risk and compliance (GRC) processes.
• To provide better services to customers through fully traceable sales and aftersales service.
• To prevent fraud and lower the volume of disputes over transactions.
Other reasons are more specific to the vertical an organisation is involved in: for example, governments should be looking at using a distributed ledger to rebuild
citizen trust and automate more services.
However, there are still issues around the use of distributed ledgers. There are still religious wars around whether the original Blockchain, a modified Blockchain or
a different approach should be taken. There are arguments around how important interoperability between competing approaches should be. Many of the existing
start-up companies will not survive; some will die, others will be acquired. These issues are common with an immature market: they should not be seen as
showstoppers preventing an organisation from investigating the use of a distributed ledger.
Even so, now is the time to look at what a distributed ledger can do for your organisation, and to take that first dip into using the technology for a small but useful
project. Leaving it until it becomes mainstream may just be too late.
Will the real Blockchain please stand up?
quocirca Clarifying the business impact of technology
© Quocirca 2017
About Quocirca
Quocirca is a research and analysis company with a primary focus on the European market. Quocirca produces free to market content aimed at IT decision makers and those
that influence them in business of all sizes and public sector organisations. Much of the content Quocirca produces is based on its own primary research. For this primary
research, Quocirca has native language telephone interviewing capabilities across Europe and is also able to cover North America and the Asia Pacific region. Research is
conducted one-to-one with individuals in target job roles to ensure the right questions are being asked of the right people. Comparative results are reported by geography,
industry, size of business, job role and other parameters as required. The research is sponsored by a broad spectrum of IT vendors, service providers and channel organisations.
However, all Quocirca content is written from an independent standpoint and addresses the issues with regard to the use of IT within the context of an organisation, rather
than specific products. Therefore, Quocirca’s advice is free from vendor bias and is based purely on the insight gained through research, combined with the broad knowledge
and analytical capabilities of Quocirca’s analysts who focus on the “big picture”. Quocirca is widely regarded as one of the most influential analyst companies in Europe.
Through its close relationships with the media, Quocirca articles and reports reach millions of influencers and decision makers. Quocirca reports are made available through
many media partners.
To see more about Quocirca's analysts, click here
To see a list of some of Quocirca's customers, click here
To contact Quocirca, please click here.