And one more blockchain use case from the IEEE Computer July issue: tracking the provenance of pharmaceuticals [1].
The general problem is that drugs are rather easy to fake, hard for users to detect, there are huge financial stakes in such fakery, and the consequences of faked medicine are drastic. Furthermore, there is a long and complicated supply chain between the manufacturer and the ultimate consumer. Plenty of opportunity for “infiltration”.
The basic idea is to track the history of a given product in a way that dispensers and consumers can have confidence in the product. Currently, there are systems that attempt to do this, but they are vulnerable. And, as Nakamotoans are sure to note, a centralized authority is a “single point of failure”: hack the authority and you have hacked everything. With billions on the line, hacking is a realistic possibility.
The article discusses a blockchain-based system that tracks every transaction for a bar-coded (presumably tamper-proof) load of drugs.
Basically, it is assumed that drugs are handled in tamper-proof packages with identifying bar codes (this is standard practice). At the source, a record is created, cryptographically signed, and stored on the blockchain. Each transaction is recorded, including cryptographic signatures of the parties and the product, identified by the bar code. At any point, the barcode can be checked against the records on the blockchain to reveal the provenance of the specific item.
The records on the blockchain are highly tamper-resistant and relatively easy to access by anyone. A simple mobile app can scan the bar-code and access the blockchain, making it possible for everyone to check.
This solution is similar to many other supply chain applications, and I would think you could use a generic supply management tool to create the system, perhaps with custom mobile apps.
Of course, blockchain is solving only part of the problem (access to the data, and protection of the data). The tamper-resistant protocols, bar code management, and identification of legitimate parties are difficult problems, and the blockchain app reuses conventional solutions. The cryptographic protocols for registering transactions and managing signatures require very careful design—and are just as difficult with or without a blockchain. Note that it can be really difficult for an end user to validate the identities of other parties, blockchain or no.
One question that needs to be considered is how public the blockchain records should be. At each stage, the user needs to be able to confirm the validity of the product. But it may not be desirable for the entire supply chain to be visible to the entire world. Companies do not want their business records viewed by rivals, and patients’ privacy should be protected.
So how should this work?
If it is improper for the raw records to be exposed, then perhaps some form of summary record. For example, a shipment from a distribution center might have a record that shows “this shipment was validated by us”, without the precise path that it followed. So, the distributer needs to: 1) validate the received material and 2) create a signed record saying “we validated it”.
The researchers note that blockchains are not necessarily scalable to the level of all the drugs in the world. In this case, the transaction rate is less of an issue (you can probably wait a few minutes to validate a drug) as it is the volume. There are zillions of shipments everyday, which will overwhelm most blockchains, as well as making scanning the records hopeless. If I have to find the 5 hops my aspirin took on its way to me, my poor phone can’t scan all the drug shipments made anywhere in the world to find them. That can’t possibly work.
The great strengths of the blockchain are universal access and low cost. These supposed advantages should be examined closely, especially for distant and poorer parts of the world. The internet is not available everywhere, nor is it cheap everywhere. And these days, there are more and more jurisdictional barriers that could easily hamper the whole concept. If a manufacturer in China can’t access the public blockchain that I use to validate drugs, then the whole idea fails.
So yes, this is a plausible use case for blockchain. Of course, I would probably use a general purpose supply chain management system, because drugs are only one of many similar cases.
There is quite a bit of work to do on the protocols, especially to preserve privacy while enhancing validity checking.
- Neetesh Saxena, Ieuan Thomas, Prosanta Gope, Pete Burnap, and Neeraj Kumar, PharmaCrypt: Blockchain for Critical Pharmaceutical Industry to Counterfeit Drugs. Computer, 53 (7):29-44, 2020. https://ieeexplore.ieee.org/document/9130418
Cryptocurrency Thursday
Robert McGrath's Blog 