Last month Anthony Lewis wrote about the important use case for blockchain technology, as “activity registers”. This is a good point, but he appears to misunderstand the role of various technologies in this use case.
In Nakamoto style cryptocurrencies, the blockchain serves the role of a ledger, with each transaction cryptographically signed and “timestamped” in an immutable order. The former means that the content of the transaction cannot be tampered with or forged without detection, the latter assures that everyone agrees on the order of events (i.e., A paid B, then B paid C, then C paid A). Not that the “consensus” process is mainly about the timestamp, and serves the role of a notary: public witness to the sealing of the record.
Lewis points out that many other use cases use the same blockchain to post records other than transactions. Classic examples include certificates and receipts (e.g., Ascribe), assertions about provenance (e.g., Provenance.org), or diplomas (e.g., U. Cyprus). In these cases, the data is an assertion about some event, which is cryptographically signed and timestamped. But what do these two functions mean in this case?
The cryptographic signatures prevents the record from being tampered with or forged (at least once it is on the blockchain), and the timestamp establishes the date of the assertion and witnesses the seal on the record (on the blockchain). Again, this function is very similar to the classic role for a notary, to witness and date the signatures on a record.
There is little question that notarization is a useful service, and one can easily make a case for the value of a lightweight, fast digital notary service.
My question is, what is the Nakamotan blockchain, per se, contributing to solve this problem?
First of all, we have to note that the blockchain, like a human notary, is no guarantee against theft, fraud, or forgery. “Garbage in, Garbage out” still applies to the blockchain. If the records are wrong or deceptive, as long as they have the right format, they will be stored on the blockchain just the same—and stored forever, with no way to remove them, to boot!
What matters, of course, is how the records are created, which is reflected in the digital signatures. You will trust records that are signed by authorities you trust, others you should not trust. Cryptographic signatures in themselves do not solve this problem, they mast be deployed in a framework and protocol of trust.
In other words, the records on the blockchain themselves are nothing other than representations of processes that have nothing to do with the blockchain. In fact, pretty much anyone can generate records on the blockchain, for whatever purpose, through any process. In this, the blockchain is much weaker than a human notary, who at least applies some commonsense filtering.
The second feature of the blockchain is a witness to the date of the posting. The great contribution of Nakamoto is this distributed timestamp protocol, which solved the difficult problem of assigning an order to records without a central clock or counter. For financial transactions, this feature is essential, because the order matters, and we must all agree. For other records, the timestamp is less critical, but still needed. The date that a deed is recorded is necessary, but the effective date can be encoded in the record itself, so the date of the public record doesn’t have to be the only word on that subject.
So what is the function of the blockchain in these cases? It is essentially a public bulletin board, where you can post notice of whatever you want. Is this the only way to accomplish this goal? Of course not.
First of all, let me repeat again that the “immutability” of the records is achieved by cryptographic signatures, and the records can be stored and shared in many ways besides via the blockchain. I have seen so many people excited by blockchain technology who were mainly excited by digital signatures, which are truly cool and transformative, but can be used in lots of ways besides with a blockchain.
Second, any use of cryptographic signatures requires protocols and carefully secured systems. The records are assertions about the state of the world, and they are only as good as the source of the assertion, and they are valid only if they are securely created and transmitted. These are hard problems, and the blockchain does not address any of these problems, except the last link of publishing what may or may not be trustworthy records.
Third, the “consensus” features of the blockchain do solve the problem of misbehavior by publishers. If the local notary and registry of deeds cannot be trusted to properly record contracts, that is a problem. And you could end run around that failure by creating your own registry. The blockchain is one way to do that, though you have to have the rest of a trustworthy protocol in place. And, if I trust the software that creates the records, wouldn’t I trust it to also publish them? Is the blockchain helping? I dunno, it’s not obvious that it is.
Finally, the blockchain has two significant weaknesses in this use case.
First, the whole blockchain is visible to the whole network. This is called “transparency”, but it also precludes privacy, or even embargo of sensitive information. This is a huge issue for many kinds of agreements which need to be confidential until completed, or which might involve trade secrets, for instance.
Sure, you can encrypt and mask the content of assertions on the blockchain, if you have a layer of (trusted) protocol to unpack and verify the records you need to verify. (I.e., in order to confirm the record, you need to somehow securely get a key to decipher it.)
Second, the blockchain and the consensus protocol has no way at all to validate the content of the records. Anyone can post anything, true or false, to the blockchain. It will be sealed and published, the bad with the good.
Worse, the blockchain really is “immutable”. Once on the chain, there is no way to correct or remove mistakes, lies, forgeries, spam or any other bad data. For use as an activity register, this is definitely a bug, not a feature. Any realistic system will have to work by only using records signed by trusted authorities, and using protocols that include records that say “never mind”, and cancel or modify earlier records. This places considerable trust in those authorities, who are subject to misbehavior or attack the same as any other entity.
Lewis comments that many organizations are exploring “private blockchains”, which operate on a limited, presumably trusted network. In this case, my intuition is that there is even less reason to use a blockchain, because you already have a trusted network, so what do you need the open consensus protocol for? Maybe the distributed timestamp is valuable, maybe not. If you have some easier way to distribute a timestamp, then maybe you don’t need a blockchain at all.
In summary, from an end-to-end analysis, I think there are very significant questions about the benefits of blockchain technology for anything other than financial ledgers.