Blockchain – it’s either the greatest technological advance since hypertext transport protocol (http, the protocol of the world wide web) or the biggest technological hype since FDDI and ATM were touted to be the 100 mbps protocol of the future some 20 years ago.
In reality, both might be true. Certainly “blockchain” is being invoked by dozens and dozens of startups looking for (and getting) funding. On the other hand, blockchain is the foundation for Bitcoin, which may yet revolutionize banking, finance, trade and all other monetary transactions.
The key is security, which can be both the saving grace for blockchain as well as the stumbling block for those looking to exploit it in other areas. First, though, some technical background.
Blockchain is another form of database, but one that’s been around longer, even, than SQL. It’s a linked list, a type of structure from computing’s earliest days. Each record in a linked list contains two pointers: one to the previous record and one to the subsequent one. The last link in the chain will point back to the first. Early linked lists had little need for more security as only nodes attached to the mainframe on which the database was stored were able to access it. It was easy to compromise the linked list – just create a record and either plug it into the end of the chain, or change the pointers in the middle of the chain to point (both forward and backward) to the new link you’ve created. As instituted for Bitcoin, this is seemingly impossible.
Bitcoin’s blockchain is distributed. That means the chain exists on multiple computers (thousands, even) and if any show a discrepancy with the others, the blockchain represented on a majority of the nodes is the one that’s recognized as legitimate. These nodes, called “miners” in the Bitcoin system use a method called “proof of work” to verify new links in the blockchain. The miners must complete a proof of work (generally, a piece of data which is difficult – costly and/or time-consuming – to produce but easy for others to verify) with the first miner achieving the correct result being rewarded with newly generated Bitcoin. All of this insures the “immutability” (a favorite word of blockchain proponents) of the chain. In reality it insures that unwarranted changes will be quickly detected, thus preserving as unchanged the data in the blockchain. The “work” that is required by the proof of work is so chosen (automatically, I might add) so that the rate of adding links to the chain is approximately 1 every 10 minutes and that, its acknowledged, is the “weak link” in the blockchain’s use for other purposes.
Something like a stock exchange, which would seem an ideal candidate for an immutable database, typically has thousands, even hundreds of thousands of transaction per minute. If each needed 10 minutes to be entered into the electronic ledger, then within days the system would be months behind in updates.
Proposals to overcome this time lag include suggestions that “proof of work” be replaced, such as with the Classical Byzantine Fault Tolerant (BFT) consensus algorithm. Simplified, this means that an algorithm deployed on multiple nodes can recognize that other nodes have either failed or have been compromised and can do so in a miniscule amount of time. There is no reward for the nodes as there is in the proof of work system but it’s suggested that the nodes in the system be owned by named entities (in Bitcoin, the miners are anonymous) who put up collateral in order to participate (This derives from the Etherium – the other major digital currency model – method called “Proof of Stake). “Rogue” nodes can be identified and their owners’ made to pay a price. Of course, traditional security is also needed to keep unregistered nodes from infiltrating the system.
Another suggestion is the so-called “private” blockchain. This is a linked list owned by a single entity, or controlled by a very small group of organizations. In effect it’s no more and no less than a simple shared database which requires an inordinate amount of expense to be secured (just as, say, a public SQL system would).
In the end, there may well be numerous different systems sharing the name “blockchain”. For sure there will be at least two divergent systems – the Bitcoin-style blockchain which is tremendously secure, but slow; and the Etherium model which is much quicker but requires extra security. The “Blockchain as a Service” offerings from the likes of Microsoft, IBM, Amazon and others could also play a big role. Systems wherein writes are less frequent than reads (such as land records) would benefit from the Bitcoin model. Systems needing many writes and fewer reads would benefit from the Etherium model. Systems needing a linked-list ledger without a lot of overhead could benefit from the BaaS model. In the end, it’s not really a competition; there’s plenty of opportunity for all of these – and more. What is needed is a way to insure the integrity of whichever model is chosen and that’s an on-going task.
Dave Kearns is Senior Analyst at KuppingerCole and focuses especially on the future trends around authentication and authorization and therein on risk-/context-based authentication and authorization. He attended Carnegie Institute of Technology (now Carnegie Mellon University), leaving to help found the first on-line banking system in the US, with Pittsburgh‘s Dollar Savings Bank. Dave Kearns gave up computers to spend 15 years in the wine & spirits trade, only to come back to technology with the advent of local area networks in the mid 80‘s. He spent 10 years as a network manager, ending up as Information Services Manager for the former Thomas-Conrad Corporation (now part of Compaq). In 1987, he was a founding SysOp of Novell‘s Novell Support Connection service on Compuserve and served as the first president of the Association of NetWire SysOps. Dave Kearns was formerly Technical Editor of Networking Solutions magazine. He‘s written, edited and contributed to a number of books on networking and is a frequent speaker before both trade and business groups.
