Will the real Blockchain please stand up? - EM360 · Will the real Blockchain please stand up? Financial institutions have invested money looking at Blockchain. However, there are

quocirca

Clarifying the business impact of technology ©Quocirca May 2017

Report Authors

Author Clive Longbottom

Tel: +44 118 948 3360

Email: [email protected]

Author Bob Tarzey

Tel: +44 1753 855794

Email: [email protected]

Commissioned By:

Will the real Blockchain please stand up?

Financial institutions have invested money looking at Blockchain. However, there are now quite a few

different approaches to Blockchain-based distributed ledgers. Which one is likely to be the best, and where

will distributed ledgers play most strongly?

Key Points:

• Bitcoin is not Blockchain – Bitcoin destroys the full audit capabilities of a distributed ledger through the use of (insecure) Wallets.

• Blockchain is not the only distributed ledger in town – which is good, as use cases should be rendered with more mature technology where possible.

• Organisations should prepare for the inevitability of a distributed ledger.

• Providers of the competing ‘next gen’ distributed ledgers must get their acts together to form a full end-to-end capability via a standardised

underlying fabric.

• The Linux Foundation Hyperledger Fabric framework is showing great strengths – and is being used in anger in the real world.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology ©Quocirca 2017 Page | 2

Notes to the report In this report, Bitcoin, Blockchain and Wallets have all been capitalised so as to

differentiate them from any other usage of the terms in common use, and to

differentiate Blockchain itself from the number of other distributed ledgers

available in the market.

Just what is Blockchain? itcoin. You, know – that subversive cryptocurrency that allows those

with nefarious ideas to gain money completely anonymously. Or,

Bitcoin, the cryptocurrency that works in a completely open and

transparent manner without the need for a government or corporate body as

an intermediary.

You pays your Bitcoin and get your prize – both of the above are, in some ways,

right and wrong.

Bitcoin works on top of Blockchain, a ‘distributed ledger’ that tracks every

action taken on a Bitcoin – every time a bitcoin is moved along a transaction

process; every move from owner to owner. In this way, Bitcoin is totally

transparent and open. It is also impossible to make a transaction that is not

logged. So how come that Ransomeware originators and other cybercriminals

insist on being paid in Bitcoin, believing that Bitcoin is untraceable?

It is the way that users ‘hold’ their Bitcoins where obfuscation and secrecy

comes in. Bitcoins are held in a ‘Wallet’. A Wallet can be set up on top of

Blockchain such that the wallet can use rolling anonymous identifiers. Single

Bitcoin transactions can be carried out using a single Wallet that can then

disappear once the transaction has happened. The underlying Blockchain still

records the fact that Bitcoins have moved from their point of origin into the

1 https://blockchain.info/charts/blocks-size

Wallet – but if the Wallet is not tied into a strong physical ID, then the chain of

transparency is broken – meaning that Bitcoin can be used in nefarious ways.

The Blockchain is immutable: every block has a crypto hash to the previous

block: it is, to all intents and purposes, impossible to traduce the chain.

So – let’s forget about the Wallet; forget Bitcoin itself. What’s left? The

Blockchain distributed ledger. And this is where things are getting very

interesting.

A key part to how distributed ledgers work is around their openness – they are

not (generally) ‘owned’ by any one entity.

Rather than operating as a centralised system owned by a single entity (such

as the way banks have traditionally operated in owning accounts and managing

all transactions around those accounts), a distributed ledger pretty much does

what it says on the tin.

Any computer connected to a distributed ledger is called a ‘node’. Most of

these nodes operate as ‘lightweight nodes’ which operate essentially as feeds

into the main backbone system. For a distributed ledger to work effectively, it

needs a number of what are deemed ‘full nodes’. Each of these nodes operates

as a peer, holding details of the distributed ledger. Each full node contains a

full copy of the ledger.

This is building up to be a major problem for distributed ledgers. Each ‘block’

within the ledger cannot be more than 1MB in size: therefore, even a small

desktop computer can hold a lot of transactions. For example, the whole

Blockchain distributed ledger, according to blockchain.info, is currently around

115GB in size1 – a small overall storage load with modern disk drives holding

several terabytes of data. However, growth is running at around 3-4GB per

month – and this is just for a relatively low-use Bitcoin system.

B

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 3

Introduce broad scale use, and the size of the ledger starts to become

appreciable – these full nodes now need to be run on a commercial basis,

rather than on the free basis currently operated under.

However, the use of a multi-full nodal system is key to the operation of a

distributed ledger. By having multiple full nodes across a distributed ledger

platform, should one or more of these go down, the distributed ledger

continues to operate. As such, even if an organisation involved in a distributed

ledger goes out of business, not only do all the transactions that involve that

business stay within the distributed ledger, but the whole chain continues and

can still expand to include new organisations with their own full nodes. If an

entity needs to create a transaction and their nearest full node is down – no

problem. The transaction can still be created in the distributed ledger and what

information is needed to be synchronised with the full nodes will be

synchronised when the full node comes back up or is replaced.

More to the point, as a complete set of pointers around all of the details around

all transactions is stored on every full node, it is a transparent system. Anyone

with the right security profile can see exactly how transactions occurred, who

they were between, when they took place and so on. Conversely, if you do not

have the right security privileges, you get to see nothing. In other words, as

long as privacy services are used correctly, the ultimate transparency of a

distributed ledger is controlled as each constituent of the chain requires.

Such granularity in what details are made visible to the constituents of the

distributed ledger chain is key to why they will be successful.

And yet, as the distributed ledger is distributed, should anyone with enough

security privilege try and do anything illegal, corrupt or silly, that will also be

logged – making a distributed ledger highly secure within itself.

This then brings us back to the concept of a ‘Wallet’: the distributed ledger

does not contain the physical item itself around which the transactions are

taking place. However, it is a waste of everyone’s time if the item itself is not

immutably linked to the transaction details. For example, if the actual money

being moved around can be taken out of the system outside of the distributed

ledger environment, then the nominally immutable distributed ledger details

prove little.

What is really needed is a means of matching physical or digital assets with the

distributed ledger – and this is where serial numbers and object-based

information storage systems come in.

The technology is now available to ensure that a physical object is immutably

linked to a digital asset base and that all transactions around that item are

logged in a controllable and unchangeable manner.

For all these reasons, distributed ledgers have garnered much interest – such a

secure, standardised and open system must be the Nirvana for any

organisation dealing with financial, or any process, matters.

Except, as we will see, this hasn’t necessarily been the case.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology ©Quocirca 2017 Page | 4

How does a distributed ledger work? Figure 1 gives a basic overview of how a Bitcoin transaction is executed using a distributed ledger. In this example, one person

wants to send money via Bitcoin to another. For the people concerned, the activity is simple: underneath the covers, though, the dependency on the distributed

ledger becomes apparent

Figure 1: A simple Bitcoin transaction

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology ©Quocirca 2017 Page | 5

The Deal-Breaker with Blockchain? There have been lots of headlines in the press about Bitcoin being

compromised – Bitcoins going missing due to fraudulent activity by failing

companies such as Flexcoin, Vault of Satoshi and Mt. Gox; investigations of

Bitcoin companies such as GAW Miners, EgoPay and Paymentbase.

You may also have seen the news about how the underlying Blockchain is facing

problems – it is not scalable and, as such, is deemed as unfit for purpose by

many in the industry.

All this is true. However, the scams and frauds being perpetrated by the

companies have little to do with the underlying Blockchain technology – these

scams have been carried out through misuse of Wallets, through making the

most of gaps in the knowledge of non-Bitcoin savvy investors and so on.

The problems with the scalability of Blockchain are far more real, however.

When Blockchain was first developed, it was never envisaged that it would be

used widely – it was purely there as a low-transaction volume logging

mechanism. A maximum block size was agreed at 32MB. This led to a lot of

wasted space and poor architectural design, and the maximum block size was

reduced to 1MB. As each block only carries basic metadata around the

transaction and the cryptohashes required to secure each block’s position in

the chain, this was seen as being a good compromise. However, this is now

causing problems – according to Tradeblock, the size of blocks has been

growing steadily and is now often hitting the 1MB size limit. Due to

architectural constraints with Blockchain, it is difficult (near to impossible) to

increase the block size without needing to migrate existing blocks into a new

chain – something that is seen as breaking the immutability of the chain itself.

This has led to the formation of multiple camps. There are some who believe

that everything should stay as it is, and it is up to those using Blockchain to

work around the constraints. There are those who want a brand new

distributed ledger that does away with the existing block size constraint via

what is known as a ‘hard fork’ (i.e. a new product with no compatibility with

Blockchain), and then there are those somewhere in the middle who want a

‘soft fork’ (i.e. a new system that increases block size while maintaining a high

level of compatibility with Blockchain).

The problem for many in the soft fork camp is that their proposals, such as

Segregated Witness, will only postpone the pain of scalability to a later date.

The hard fork camp is the one that can ensure that there is long term scalability

and consistency for distributed ledgers.

This has led to several battles being waged – and for many to shy away from

taking the first steps into the use of Blockchain or any other distributed ledger

until the arguments are perceived to be over – or at least less vitriolic.

This should not be a deal-breaker, though. If an organisation accepts that a

distributed ledger is the way forward, then there are plenty of choices in the

market.

The FinTech – distributed ledger love/hate-fest here has been a lot of interest from the financial technology sector

(FinTech) as to how distributed ledgers can be used as a standardised

global means of managing financial transactions. The use of a

distributed ledger was, at first, seen as more of a threat than an opportunity

to the traditionally secretive and self-perceptively powerful financial sector.

The initial interest in Blockchain (driven by the media-driven frenzy around

Bitcoin) was therefore more around how to gain control of Bitcoin and any

other cybercurrencies that succeeded, bringing them back into the fold of the

control of banks themselves.

T

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 6

However, it did not take the emerging FinTech sector long to realise that there

was so much more to a distributed ledger than a ‘pure’ Blockchain and a set of

cybercurrencies. The underlying distributed ledger was key – and the new

focus became what could the distributed ledger offer to the financial sector.

One of the major issues within the financial sector is in tracking what has

happened. Old, highly proprietary systems can and do go wrong. Generally

speaking, when such errors occur, the fault is minor and the monetary impact

is low. However, occasionally, as in some of the more visible insider trading or

major computer glitch problems – the impact can be severe.

Identifying what happened and where things went wrong can be difficult – in

some cases, almost impossible. A prime (sic) example here would be in the

pre-2008 days where toxic loans (such as sub-prime mortgages) were packaged

up and sold on to underwriters multiple times, with the result that some

financial institutions found themselves underwriting their own risk without

knowing it.

However, if everything takes place through a distributed ledger, then the

transaction process is all there – logged for eternity, yet secure from prying

eyes through the use of applied privacy services.

Overlaying Figure 1 against this process, replace Bob and Alice with banks. A

financial transaction is made into one bank and is immediately logged within

the distributed ledger. Every time those funds are moved, the ledger is

updated. No matter where the funds move, as long as it is between institutions

that participate in the relevant distributed ledger, the funds are fully traceable.

Money laundering becomes more difficult – the bad guys then need to find a

bank that will take funds transfer that are part of the distributed ledger, but

are also then willing to transfer the funds out of the control of the distributed

ledger into an uncontrolled environment. Essentially, this bank is acting as a

Wallet: it provides the obfuscation over the visibility that the distributed ledger

enforces.

This is then dangerous for that bank. It moves from being a trusted entity into

one that is presumed to be highly compromised. Why would it enable funds to

be moved away from the distributed ledger? If there is a trace put on those

funds and it is found that they were being moved illegally, it can pretty much

be guaranteed that the said bank would be held accountable for the funds.

Every other constituent in the chain can prove that it knows where the funds

came from and where they went. In this example the bank can only prove

where they came from – it has failed in maintaining the chain of forensic

accountability.

So, is the use of a distributed ledger an opportunity or a threat overall?

Certainly, for those financial institutions that want to be able to show that they

had taken all steps possible to avoid an illegal or misguided situation, such

transparency is key. For those to which the very thought of openness and

transparency is anathema – well, maybe not quite so good. Many banks make

a lot of money through turning a blind eye: a distributed ledger would make

this harder to do.

Many banks also lose a lot of money through poorly enacted audit processes.

The financial sector itself calculates this as being around 20% of their cost base

– yet a distributed ledger can get rid of a lot of the costs of tracking processes

and reconciling payments. Overall, it would seem that a distributed ledger

would be a good thing for the banks and insurance companies.

It is becoming apparent that distributed ledgers will either have to be

implemented by the financial sector voluntarily, or that it will find one being

enforced by global, regional and/or national regulators. Surely, it is better to

put distributed ledgers in place on the financial sector’s own terms, rather than

for the move to be politically driven?

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 7

Hence, there has a surge in technology companies looking at providing their

own versions of a Blockchain distributed ledger to better meet the needs of the

financial community.

Distributed ledgers – it’s not all about money Cryptocurrencies and tracking monetary transactions is still only a very small

part of the overall possibilities for distributed ledgers to provide value across

the general markets – from consumers through retailers to legal and citizen

services.

A good example of this is UK-based company Everledger. Currently with a focus

on the gemstones market (specifically diamonds), Everledger is showing the

way forward in how to enforce traceability in such high-value items that are

too often sourced from areas of strife where they are sold to raise funds for

armaments – the so-called ‘blood diamond’ trade.

There are lots of problems with the trade in diamonds. ‘Conflict stones’ (those

that are traded to support wars and other actions counter to good governance

within a country) should not be traded (indeed, it is illegal in many countries to

do so), yet it is too easy to move them across borders to make them appear as

coming from somewhere else, so obscuring their original source.

Manufactured diamonds are becoming increasingly difficult to tell apart from

natural diamonds, without expensive optical testing systems. Putting in place

a system of trust based on provenance is needed.

The Gemological Institute of America (GIA) is responsible for the widely used

grading scales of diamonds – the ‘C’s of carat, clarity, colour and cut. It has

now extended its function to providing a means of identifying diamonds as they

move through the market.

Every modern cut and polished GIA-Certified diamond has a laser-etched serial

number on the girdle of the stone. This is then associated with the 4 Cs of the

stone in a database owned and managed by the GIA. The serial number can be

read by anyone with a strong enough magnifier and can be compared to the

GIA’s log which will provide a full description and history of that diamond.

However, using this serial number as an identifier within a distributed ledger

creates an immutable reference for the stone. As the serial numbers are

unique, once the stone is registered, it cannot be entered again. If an attempt

is made to register one that is not on the GIA’s register, it will be immediately

flagged as a possibly fraudulent event. Everledger tracks the stone’s

movements along the transaction process, creating a trail of provenance that

exists beyond the diamond itself, but is inextricably linked with it.

Everledger is using aspects of the Linux Foundation Hyperledger Fabric

framework using IBM as a partner – it operates 9 full nodes shared across the

diamond trade’s major stakeholders, including Everledger itself, De Beers, the

London Diamond Exchange and others.

Let's take this a little further. Just dealing with rough, cut and polished

diamonds is like having one domino, standing it on its edge and knocking it

down. It falls, but doesn’t do a great deal else. Instead, let's consider

something that is more like a domino rally.

The diamond is mined, sold, cut, polished and sold again. All of this is already

within Everledger’s purview. Now, that buyer of the polished gem could well

be a jeweller, who brings together many different stones of different types

along with gold, platinum and silver to create a single piece (or set) of jewellery.

The multiple different identifiers for all these components can be pulled

together through the distributed ledger to become a super object that can then

be tracked as a whole and as a set of different pieces.

The jeweller sells the jewellery on to a retailer, who then sells it on to a

customer.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 8

But that does not mean that Everledger is just going to remain focused just on

single diamonds, nor just on the gemstone market alone.

Consider any high value item – designer watches, artworks, antiques,

investment wine, cars. Any of these hold enough value so that a company such

as Everledger can make money from providing services to its customers.

For example, an Everledger customer registers all their high value items with

the company through its distributed ledger. The customer provides all the

items required to support the provenance of the item – receipts for amounts

paid, serial numbers, etc. Once due diligence has been carried out to ensure

that the item is what the customer says it is, it is then irrevocably logged within

the distributed ledger. The customer needs to insure the item – the

provenance and value of the item can be shown via the distributed ledger. If

the item is stolen, all the details that the police and the insurance company

need are already available – there is no need to be scrabbling around looking

for the paper receipts or credit card records and then arguing with the

insurance company as to whether these applied to the actual item.

Fraud becomes far more difficult – a person ‘losing’ an item and claiming for it

while selling it on or adapting it in a new format will find this difficult (or

impossible, as long as the distributed ledger company has done its work

properly) as the details of each part of the item have been logged and tracked.

Beyond the gemstones But, you say, you are not in the jewellery business. Let’s consider a few other

possible ideas, then.

Any process that involves the movement of digital or physical goods can benefit

from the use of a distributed ledger.

As previously mentioned, high-value goods are an obvious target – for

example, fine art, which can be dealt with in the same way as gemstones.

The Convention on International Trade in Endangered Species of Wild Fauna

and Flora (CITES) governs the movement and sale of live animals, ivory, animal

hides and so on. The market for investment antiques, fine wines, cars and so

on would all benefit from better governance. All of these can be dealt with in

the same manner, maximising profit for those concerned in the distributed

ledger process while maintaining full compliance with legal obligations – and

adding value for customers.

Everything does not have to originate from the same source: high value

collections of such goods could be registered by the collector, creating a full

record that can be used at any time to show ownership, and when combined

with other information, eventually a trail of provenance.

Another area is in the farm-to-fork food chain. Here, Quocirca carried out

research in late 2016 around the issues that those responsible for food quality

(via hygiene and pest management) saw as being issues and opportunities.

The biggest issue identified by respondents was around the end-to-end

tracking and traceability of foodstuffs. Through linking the foodstuff itself to

unique identifiers managed through a distributed ledger system, problems

such as the UK’s 2013 horsemeat scandal could have been avoided.

Supply and demand Indeed, any supply chain can benefit (see figure 2). From the original request

from a prospect to the market for information (via digital requests for

information, RFIs), through contract negotiations to the physical delivery,

maintenance and end of life of goods, distributed ledgers can ensure that

everything is effectively and efficiently logged.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 9

Figure 2: Simple logistics chain

In certain industries, this is becoming of paramount importance. For example,

there is a market for spares in industries such as nuclear, oil and gas, and

aeronautics where the provision of fakes is big business. This can have

disastrous consequences. Between 1973 and 1996, the US Federal Aviation

Authority identified 174 serious aircraft issues that could be linked to the use

of counterfeit parts, resulting in 17 deaths and 39 injuries2.

In 2016, the Sellafield nuclear reprocessing facility in the UK identified a need

to source some out-of-production microcontrollers. They found a trusted

supplier, but had some worries when the delivery arrived and many of the chips

looked ‘different’. Although all the markings were correct, there were

2 http://www.finnegan.com/resources/articles/articlesdetail.aspx?news=532cc266-560e-4756-9b93-2ecff11c6ada

differences in the texture and thickness of the surface of the chips. It

transpired that different chips had been taken, sanded down and then

repainted with all the right marks3.

In South Korea, four different nuclear reactors have had to be shut down due

to counterfeit parts – in one case, forged quality control certificates meant that

parts had to be replaced, in another, counterfeit wiring needed to be replaced4.

If all of these items had been micro-identified via laser etching, near-field

communication (NFC) or radio frequency identification (RFID) tagging linked

through to a distributed ledger, such fraud through counterfeiting could have

been identified and prevented. Indeed, if the distributed ledger is used

correctly, the nominal specification of each item can be held within the system

and compared to the stated incoming details and easily checked against the

real physical data.

Problems can be identified; remedial steps taken; problems avoided. Supply

chains become an environment where anyone can participate without having

dependencies on the software applications being used by anyone else, or in

depending on one entity having full control of all the information involved in

that supply chain. A supplier may own a distributed ledger full node, but all

the supply chain information is distributed amongst all the other nodes as well.

No one company has overall control; no entity has full access to all the data –

no matter how hard it tries. As long as the participant’s credentials are kept

secure (which can best be done through two-factor authentication, 2FA), what

needs to be secret is kept secret; what needs to be shared is shared.

The levels of granularity controlled via privacy setting in a distributed ledger

come into play again – for example, should a supplier have preferential rates

3 http://www.sellafieldsites.com/wp-content/uploads/2016/02/Sellafield-Ltd-Quality-CFSI-presentation.pdf 4 https://www.rt.com/news/south-power-reactors-nuclear-869/

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 10

for a specific customer, or has tiers where customers get better deals when

they achieve certain sales volumes, this can all be held in the distributed ledger

– and only target customers can see the special terms.

It is more likely to be about you and me How about the consumers? This could be where distributed ledgers could offer

the greatest value – and be the biggest driver for adoption.

Wouldn't it be nice to be able to have a totally secure place to lodge property

deeds, copies wills, powers of attorney, photos of your family and so on? At

first glance, this may not appear to be so highly valuable intrinsically, as it

seems to be nothing more than a secure document vault, and there are plenty

of alternative free consumer options for that.

However, the long-term certainty that many of these consumer services for

holding such documents and information will be around for the long term –

and here, we are talking about a full human lifetime – is pretty low. However,

a distributed ledger is, as the name suggest, distributed; it does not have to be

beholden to one organisation, but can be operated as a shared resource

amongst many of them. Therefore, if one part of the conglomeration of

companies operating a distributed ledger fails, the distributed ledger itself

continues.

This begins to add a high degree of personal value – would you be interested

in paying a few pounds per annum to store such items in a system that is

guaranteed to be around even if large parts of it go under? Maybe not – is

there enough value overall in such a system to pay for it?

People tend to move house several times in their lifetime – and this is becoming

more of a chore. A distributed ledger can help in making it a case of input once,

share as necessary: all those details that are now required to be provided to

any prospective purchaser can be put into the distributed ledger and made

electronically available through a simple code provided to the prospect.

Should they prove to be just time wasters, that access can be immediately

revoked, and if they were only provided with read access, they lose all visibility

of such information – unless they have gone to the trouble of photographing,

screen grabbing or manually copying the information.

Once a sale is agreed, no more waiting for conveyancers to move documents

around manually: create a record of all documents that are required and

provide access to the record for the buyer’s and seller’s conveyancers.

How about if a set of policies could be defined that deal with required

processes? For example, when the worst comes to the worst and you die, what

if your next of kin could input a code into a distributed ledger environment

which would not only give them access to certain documents that they may

need, but also kick off a series of processes that remove a lot of the stresses

they could do without at a time of grief? For example, being able to stop all or

certain direct debits from leaving a bank account; being able to send certain

documents to a solicitor so that probate can be rapidly agreed.

Wouldn’t that be worth a small amount of money being invested in such a

service?

Big Brother, or Helping Hand? For governments, distributed ledgers open up a completely new means of

enabling citizen services. Each person could be allocated their own partitioned

area within a distributed ledger at birth, linked to their National

Insurance/Social Security number or other unique identifier. The citizen’s

driving licence, passport details, criminal records bureau (CRB) checks,

anything, can all be held.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 11

The citizen can add all their own information as required – and can ensure that

even though it is in the Government-supplied distributed ledger, it is secure

from being accessed by the government itself through the use of privacy

services. As such, house deeds can be held within the system. Utilities

companies can send their bills via the distributed ledger – and payments can

be made through the system. With all this information held in one, secure

place, the individual can more easily apply for loans, bank accounts and other

services where multiple proofs of identity are required. Moving to a new house

becomes simple – a change of address logged via the distributed ledger, and all

dependent services can be automatically updated.

The government can send requests to the distributed ledger – things like tax

returns, voting registrations, payments for council tax and so on. It can push

out information that it needs to make sure has been delivered – and read.

Remember, the distributed ledger can track every action on an item. As such,

it can be sure that the item was delivered to the individual, and that the

individual opened it. Sure, it cannot be definitely stated that the person fully

read it, but the presence of selection boxes throughout any document that the

citizen has to tick can at least show that they paged through it.

Bureaucracy can be minimised; trust can be built back up between the

government and the citizen; a common platform can be provided that helps

every element of the citizen’s life.

Stripping out the content? However, a distributed ledger should never be the ultimate store of actual

content. If it was, the size of the ledger would increase to the point where few,

if any, organisations would want to operate a full node. However, by tying the

distributed ledger to object-based storage, immutable data on actions that

have been carried out on the content itself can be held in a streamlined and

long-term flexible yet secure manner.

The use of object-based storage systems is growing. Many cloud services, such

as AWS and Azure are underpinned by object stores. Modern information

management systems, such as M-Files, also use object-based architectures to

hold information.

These object-based systems operate on a premise that an item should not be

stored as a stream of data, but as a single entity. Through doing this, any

actions carried out on the object itself can be logged and audited. By

maintaining an index of metadata, the item itself can reside anywhere across a

storage environment, and its physical location managed and accessed via what

is termed as a global name space.

For a distributed ledger, this becomes very important. The actual content can

be stored in a secure manner as objects, and can be made immutable through

the use of linked metadata between the object store global namespace and the

distributed ledger.

As such, the next generation of distributed ledgers could be far more

streamlined. Rather than the content following the ledger; the ledger follows

the content. Anything that a user creates remains where it is – at least where

there is a suitable object-based store behind it. This store maintains the fidelity

of the information – it cannot be changed without the action being logged by

the system, which is then synchronised at the metadata level with the

distributed ledger itself. Any access to the data is predicated through the

distributed ledger, which uses the metadata to identify where the information

is physically stored and passes the request for suitable access through to the

object-based store.

Upsides, downsides What downsides are there for distributed ledgers? The most obvious one is

seeing it as a universal panacea. It is not the right solution for every problem,

but it has enough promise that it is likely to be seen increasingly in everyday

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 12

life. The second problem is around forking: the Linux Foundation Hyperledger

Fabric framework project has headed off some of the forks that were

threatening to occur, but there are plenty of other distributed ledger projects

and products, such as Ethereum, MultiChain and BitFury. A more complete list

of startups and more mature companies in the distributed ledger space can be

found here.

This growth in different distributed ledger projects is worrying. The key is

around a distributed ledger having a single underlying (albeit shared) block

store. If there are multiple ones, then any transaction that crosses over

between one distributed ledger and another will inevitably face issues in

proving end-to-end transaction fidelity. Sure, over-reaching facilities can be

put in place to essentially stitch information from multiple systems together –

but this is still not the same as having a single, provable process trail in place.

This may well require all the competing projects to come together and figure

out what would be the best way to deal with such problems.

The overall ledger size that needs to be held on full nodes is also a major issue.

For example, should the banks decide to operate a shared distributed ledger,

millions or even billions of transactions per day will need to be logged through

the system. Even if each of these transactions resulted in blocks of say, 500kb

in size, each full node will have to store a large ledger.

As such, there will be a need for full node providers: these will need to charge

the banks (in much the same way as Swift does at the moment) to fund the

running of the full nodes.

There is a possible way around this: rather than full nodes carrying a full copy

of the ledger, a sharding approach could be used. As an analogy, in storage,

erasure coding provides high availability for data by taking an item of data and

breaking it up into multiple pieces (‘shards’), where only a small number of

5 http://quocirca.com/article/san-nas-or-time-try-something-new

these shards is required to rebuild the whole item itself. For example, HGST

uses an 18/5 sharding approach: the item is broken up into 18 different pieces,

with only 13 of them required to rebuild the actual full item5. This allows for

the failure of any 5 parts of the storage infrastructure – while minimising the

storage overheads by sharing data across many systems.

The same could be done with a distributed ledger. Each ‘full node’ carries a

subset of the overall data: if there are 18 nodes and the ledger is shared across

them in an equivalent 18/5 mode, then 5 nodes can go down and the total

ledger would still be available to all parts of the distributed ledger itself.

However, this would be likely to ignite another religious war within the

distributed ledger community – it is far more likely that the full node provider

model will win through.

The last issue is around general acceptance. Will consumers trust a distributed

ledger when there is so little trust around? Certainly, any strategy driven by

government is likely to fail, as we have seen repeatedly in areas such as digital

identities and other large projects. Likewise, any strategy drive by a single

vendor is also likely to struggle, as they will not have the scale to be able to

implement and run the overall infrastructure for a broad scale distributed

ledger. A broad consortium of organisations where the customer/user can see

specific value to their needs stands a much better chance of working.

How about businesses? Is it really in the best interests of financial institutions

to implement a full distributed ledger underpinning all their and their

customers’ transactions? In many ways, it makes sense. As previously covered,

money laundering becomes far harder. The fraudulent movement of funds

becomes almost impossible. What’s not to like about it? Possibly that the

banks know that they are still making a lot of money by turning a blind eye to

certain actions carried out by their customers.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology © Quocirca 2017 Page | 13

Making a start A leap into the dark by organisations could also destroy trust in distributed

ledgers. Quocirca advises that organisations look for a small, self-contained

project to start off with – maybe something along the lines of dealing with

contract details between the organisation and major suppliers. See what

works, and what is problematic. Work with the other parties to see where they

see strengths – and weaknesses. Get such a project working first – and then

build on the same distributed ledger platform to expand into other areas.

Such traceability could also be a worry for a large, multinational company.

Many of these have spent a lot of time and money setting up incredibly

complex webs of shell companies through which they move their money to

minimise tax bills. A mandated distributed ledger would lay all these webs bare

– there would be nowhere to hide. For such organisations, they are likely to

fight the use of distributed ledgers in this way to their dying breath. A brave

government wanting to ensure that such companies pay a fair share of the

overall tax bill should be lobbying other governments to make sure that it does

happen.

These same brave and clever governments may start to mandate the use of

distributed ledgers anyway. Suppliers to the public sector may need to start

operating contracts under such a fully auditable means. All movement of

public funds – whether to suppliers, as foreign aid or whatever – could be fully

audited. Organisations that governments want to check to make sure that they

are paying the right amount of tax may find that any transfer of funds into or

out of a country may have to be operated under a distributed ledger.

Even when it comes to national security, it may be that distributed ledgers

come into play. The current drive for ‘back doors’ into apps such as WhatsApp

and other secure communication tools should not and is unlikely to happen. If

instead, the companies behind the apps were mandated to hold in a distributed

ledger the originating and receiving IP addresses (or other identifying data) for

an interaction, it could be made available to authorities who have the right

paperwork from a court or other body. The key here is that it is only that

information – for example, the authorities would have to state that they want

the details of a call that was made from this certain device at this specific time

using this specific app. Due to the granular nature of the distributed ledger,

the authorities can be issued with credentials that allow them access just to

that data – they have no visibility of the call that happened two minutes before

or two minutes afterward.

Finally, the hunt for the perfect distributed ledger should not become an ivory-

tower argument. There will be those who will believe that their chosen

distributed ledger is the best – and they may be right. However, if the

arguments are all around whether distributed ledger A is more ‘pure’ than

distributed ledger B, then the wrong people are involved. Which distributed

ledger meets the business’ immediate requirements? Which one has bought

into the need to adhere to a common set of fabric standards, so that their

system can work with other systems if necessary?

Decisions need to be made on business needs, backed up with what the

chances are of the longevity of the chosen technology and any need to swap

from one underlying system to another in the future.

Watch this space – Bitcoin may end up as a struggling system that is a solution

looking for a problem. Blockchain may end up as a postscript in the history of

technology. However, distributed ledgers are here to stay – and will only grow

in usage.

Will the real Blockchain please stand up?

quocirca

Clarifying the business impact of technology ©Quocirca 2017 Page | 14

Conclusions Distributed ledgers are happening now – and have the promise to change how personal, government and commercial business is carried out on a global basis. Organisations should be investigating where a distributed ledger holds the most promise for them, and should also be looking for the small, quick-win projects that can help them familiarise themselves with the technology and prove its worth. However, the market is currently at an early stage: cryptocurrencies are not the long-term future for a distributed ledger, and there are too many vendors in the market who have a belief that their version of the technology can be the ‘one chain to rule them all’. Standards will be of ultimate importance to ensure that different systems can operate well together: no general ledger provider’s longevity is currently guaranteed.

The main reasons to use a distributed ledger are:

• To provide a secure, immutable means of tracking any asset – physical or digital – along any process.

• To enable highly granular privacy services that enable different entities to see different elements of information about what is going on in the chain.

• To have a highly availability, permanent record of transactions – even when a participant of the chain goes out of business.

• To enable faster and more accurate external audit alongside internal governance, risk and compliance (GRC) processes.

• To provide better services to customers through fully traceable sales and aftersales service.

• To prevent fraud and lower the volume of disputes over transactions.

Other reasons are more specific to the vertical an organisation is involved in: for example, governments should be looking at using a distributed ledger to rebuild

citizen trust and automate more services.

However, there are still issues around the use of distributed ledgers. There are still religious wars around whether the original Blockchain, a modified Blockchain or

a different approach should be taken. There are arguments around how important interoperability between competing approaches should be. Many of the existing

start-up companies will not survive; some will die, others will be acquired. These issues are common with an immature market: they should not be seen as

showstoppers preventing an organisation from investigating the use of a distributed ledger.

Even so, now is the time to look at what a distributed ledger can do for your organisation, and to take that first dip into using the technology for a small but useful

project. Leaving it until it becomes mainstream may just be too late.

Will the real Blockchain please stand up?

quocirca Clarifying the business impact of technology

© Quocirca 2017

About Quocirca

Quocirca is a research and analysis company with a primary focus on the European market. Quocirca produces free to market content aimed at IT decision makers and those

that influence them in business of all sizes and public sector organisations. Much of the content Quocirca produces is based on its own primary research. For this primary

research, Quocirca has native language telephone interviewing capabilities across Europe and is also able to cover North America and the Asia Pacific region. Research is

conducted one-to-one with individuals in target job roles to ensure the right questions are being asked of the right people. Comparative results are reported by geography,

industry, size of business, job role and other parameters as required. The research is sponsored by a broad spectrum of IT vendors, service providers and channel organisations.

However, all Quocirca content is written from an independent standpoint and addresses the issues with regard to the use of IT within the context of an organisation, rather

than specific products. Therefore, Quocirca’s advice is free from vendor bias and is based purely on the insight gained through research, combined with the broad knowledge

and analytical capabilities of Quocirca’s analysts who focus on the “big picture”. Quocirca is widely regarded as one of the most influential analyst companies in Europe.

Through its close relationships with the media, Quocirca articles and reports reach millions of influencers and decision makers. Quocirca reports are made available through

many media partners.

To see more about Quocirca's analysts, click here

To see a list of some of Quocirca's customers, click here

To contact Quocirca, please click here.