Attack of the 50 Foot Blockchain
Page 12
(The proposed soft fork solution was to blacklist transactions whose result interacted with the “dark DAO” the attacker had poured the funds into. This would have allowed a fairly obvious denial-of-service attack: flood Ethereum with costly computations that end at the dark DAO. In computer science terms, this approach could only have worked by first solving the halting problem: you would need to be able to determine the outcome of any possible Ethereum program without actually running it and observing the result.361)
The DAO was shut down soon after, and on 20 July the Ethereum Foundation – several of whose principals were curators of The DAO362 and/or heavily invested in it – changed how the actual code of Ethereum interpreted their blockchain (the “immutable” ledger) so as to wind back the hack and take back their money. The blockchain was “immutable,” so they changed how it was interpreted. The “impossible” bailout had happened.
This illustrated the final major problem with smart contracts: CODE IS LAW until the whales are in danger of losing money.
Ethereum promptly split into two separate blockchains, each with its own currency – Ethereum (ETH), the wound-back version, supported by the Ethereum Foundation, and Ethereum Classic (ETC), the original code and blockchain – because all this was too greedy even for crypto fans to put up with. Both blockchains and currencies operate today. Well done, all.
Apologists note that The DAO was just an experiment (a $150 million “experiment”) to answer the question: can we have a workable decentralized autonomous organization, running on smart contracts, with no human intervention? And it answered it: no, probably not.
Chapter 11: Business bafflegab, but on the Blockchain
If you’re a business guy you could look at the current construct versus the new construct and say ‘aren’t you just building a big database?’
– Charley Cooper, R3 Blockchain Consortium
You can replace the term “distributed ledgers” with “shared Excel sheets” in about 90 percent of talk about blockchain and finance.
– Tracy Alloway363
As Bitcoin became more famous, its dubious nature became increasingly obvious to mainstream observers. So the buzzword of choice shifted from “Bitcoin” to “the blockchain”, or just “Blockchain”.
They really meant the Bitcoin blockchain, as the goal was to get interest up and the price with it. This particularly picked up around late 2014,364 when the Bitcoin price had cratered. The value proposition was that Bitcoin was the most secure chain as it had the most hashing power, so everyone wanting a blockchain should use that one. However, the limit of 7 transactions per second worldwide, blocks being too full for transactions to get through anyway, and that your Internet of Things light bulb was profoundly unlikely to add enough flash memory for 120 gigabytes of SatoshiDice gambling spam were all a bit too obvious to the prospective customers.
But by late 2015, “Blockchain” hype had taken on a life of its own as a business buzzword. If in a manner somewhat uncomfortable with its Bitcoin origins. This has been further euphemised to “distributed ledger technology,” which would on the face of it include shared Excel spreadsheets.
In the real world, nobody outside the cryptocurrency subculture uses blockchains proper, because they are ridiculously impractical and the most prominent one uses as much electricity as all of Ireland. This means their fantasy life is rich indeed.
Repeat to yourself: if it sounds too good to be true, it almost certainly is.
What can Blockchain do for me?
The key problem with blockchain proposals for business are:
Decentralisation is very expensive and doesn’t get you much, at the loss of efficiency and control. Recentralising immediately makes the system much more efficient.
Your problem is pretty much always sorting out your data and formats, and blockchains won’t clean up your data for you.
If you start with “… but with Blockchain!”, then putting lots of different words before “but” isn’t likely to result in something that’s actually useful and practical.
Transaction ledgers in tamper-evident chains and trees of hashes are a good idea, and businesses are about to discover how to use them for tamper-evident ledgers. These will likely be branded “Blockchain,” whether or not the product has anything else to do with blockchains.
If you have programmers, they probably save their code in Git, which is the closest I can think of to a useful blockchain-like technology: it saves individual code edits as transactions in Merkle trees with tamper-evident hashes, and developers routinely copy entire Git repositories around, identifying them by hash. It’s a distributed ledger, but for computer programs rather than money. What it doesn’t have is the blockchain consensus mechanism – you take or leave the version of the repository you’re offered. (I have had one “distributed ledger technology” developer admit his product was basically a simplified version of Git.)
Git was released in 2005 and was based on work going back to the late 1990s; Merkle trees were invented in 1979. The good bits of blockchain are not original, and the original bits of blockchain turn out not to be much good. But if you use Git, you can tell your management “oh yes, we’ve been using blockchain-related technologies for years now …”
Business Blockchain marketing claims are rarely this grounded, however. They’re largely divorced from tawdry considerations of technical or economic feasibility, mathematical coherency or logical consistency. Normal people hear these nigh-magical claims, see obvious uses for them in their own business and are left with the impression “Blockchain” can get them these things.
Some of the claims are sort of true in some sense, but most are completely fanciful. Many start from a hypothetical use case – often lifted directly from the wildest Bitcoin advocacy – then tout the hypothetical as if it were an existing and practical technology. This includes claims made for “distributed ledger technology,” which also mostly originate in Bitcoin advocacy.365
IBM’s promotional e-book Making Blockchain Ready for Business366 is a good example. It sells vague and implied future potential – “discover what new business models could emerge if trust & manual processes are eliminated”; “how might a faster, more secure, standardized, and operationally efficient transaction model create new opportunities for your business?” Almost every solid-looking “is” statement concerning blockchains – “an enterprise-class, cross-industry open standard for distributed ledgers that can transform the way business transactions are conducted globally”; “highly secure blockchain services and frameworks that address regulatory compliance across financial services, government, and healthcare” – is really a “might” or “could”; no blockchain has all the claimed abilities in the present day, and certainly not Hyperledger, the basis of IBM Blockchain.
I sat in on one presentation by a Big Four accounting firm on the Blockchain in health care: three blokes (one with a tie, two without) talking about the hypothetical possibilities a blockchain might offer health care in the future, all of which was generic extruded blockchain hype, and much of it Bitcoin hype with the buzzword changed. When an audience member, tiring of this foggy talk, asked if there was anything concrete that blockchains could offer the NHS, they responded that asking for practical uses of Blockchain was “like trying to predict Facebook in 1993.” The main takeaway for the health care sector people I was with was swearing never to use said accounting firm for anything whatsoever that wasn’t accounting.
A sure tell of a reality-free writeup, completely detached from earthly considerations, is when a writer talks about “Blockchain”, capital B, no “the”.367 You should try mentally replacing the word “Blockchain” with “Cloud” and see if the article seems eerily familiar. Also try the previous business technology buzzwords “big data”, “NoSQL”, “SaaS” and “Web 2.0,” and see how it works with those.
But all these companies are using Blockchain now!
They almost certainly aren’t.
/> Blockchain marketers consistently claim some prominent company “is using” a blockchain when there’s just been a press release that they’re running a vendor trial, or “investigating” running a future trial. This is because an “investigation” is cheap – this book is a legitimate business expense for this purpose, by the way – and worth the PR value in showing you’re fully up to date with current buzzwords. “Researching the opportunities” could mean anything, but almost certainly does mean nothing.
The Bitcoin press is composed of advocacy blogs enthusiastically promoting anything to do with cryptos, because what their readership wants is reassurance that this is the future (and that their Bitcoin holding will go to the moon). Even when covering actual news, the journalism tends to be ridiculously sloppy. (In using these as sources for this book, I’ve had to carefully double-check any given claim isn’t aspirational rubbish, and I’ve probably missed a few.) They write articles about things that have not happened yet and probably won’t. “Talking about” becomes “considering doing,” becomes “will do,” becomes “is doing.” Even if a given blockchain trial does in fact happen, later failure is not documented.
The mainstream press assume this is specialist press rather than boosterism, and run stories taking all this at face value. As the buzzword “Blockchain” has gained currency, they have tended to run blockchain marketers’ press releases barely edited, assuming there must be something to all of this. (IBM have put out a lot of these lately.)
As one otherwise very blockchain-positive paper, TechUK’s “Industrialisation of Distributed Ledger Technology in Banking and Financial Services,” puts it:368
There is currently no commercially available proven technology platform tested for enterprise class volume, security, reliability and regulations yet. This is one of the key factors holding back the productive implementation of the use cases. To date for conducting POCs,369 banks have used available open source or vendor technologies. Several compromises or assumptions can be made at POC stage but these cannot be carried on to production systems.
If you see a use case that catches your attention, a web search on the company names and the word “blockchain” will often track down the original press release. Check very carefully which details are clearly substantiated in the present tense, and which are aspirational.
Blockchains won’t clean up your data for you
When blockchain schemes do promise some specific outcome, it’s usually the magic of full availability of properly cleaned up and standardised data. The actual problem is cleaning up the data in the first place, or getting legacy systems talking to each other at all.
In finance in particular, the back-office systems are decades old and won’t interoperate without tremendous effort. For all the considerable effort at computerisation, there’s still too much paper and human effort. Settlements can still take days. Wall Street was very receptive to the blockchain pitch.370
The blockchain proponents’ business goal is to become the organisation controlling the new data standard, with a monopoly maintained by network effect. The barrier that such efforts founder on, over and over – and did before anyone tried adding blockchains to the idea – is that no industry’s players want to create a new central octopus.
Examples include:
Blem Information Management, an insurance software company, posit putting all documents on a blockchain so smart contracts can speed up payouts. The problem this claims to solve is insurers deliberately altering or losing documents: “There have always been suspicions that insurers could change the data on what the situation was in the past.”371 It’s not explained how an insurer prepared to commit blatant fraud could be trusted to pay a claim anyway.
Assessing claims is in fact the hard part, and claims adjustment is done by humans talking to humans. The proposal uses smart contracts to speed up processing claims – which just moves all the back-office computing from the insurer to the miners of the blockchain in question.
Land title registers on a blockchain solves no part of the actual problem with land title registry: parcels of land that have an owner but have escaped being put on the existing official register.372 Storing the official register on a blockchain offers no advantage over having it in an ordinary database (which you can already distribute authenticated copies of), and no digital record will enforce land use for you.
Supply chain provenance is a perennial proposal. Provenance, Inc. proposes putting tuna catches on the Ethereum blockchain. They claim to offer supply chain transparency to all participants, and this will reveal illegal overfishing or fishing that involves human rights abuses.
The data would still be entered by local humans under the auspices of “trusted” local NGOs who pay monthly for the software. The assumption seems to be that commercial operations engaging in illegal overfishing or human rights abuses will carefully document their illegal activities on the blockchain and not just lie, or bribe the “neutral” inspectors or adjudicators – as happens in current supply chain monitoring.373
The main byproduct is a monopoly for the traceability provider, i.e., Provenance. Their own white paper simultaneously claims the system is “decentralized” but with a centrally-controlled “Provenance-validated chain of custody.”374 The actual present-day problem turns out to be no agreement on what data to collect or what to do with it.
Almost every proposed music industry case (see next chapter).
These also have a galloping case of the “oracle problem”: getting good real-world data into the blockchain in the first place requires human judgement.
(Some blockchain hype talks about “artificial intelligence on the blockchain.” If someone tries this one, drill down for details of their artificial intelligence product.)
If your big goal is cleaned-up and standardised data across multiple organisations, the only approach likely to get you there is creating a data schema that is so obviously and elegantly the right thing that everyone just adopts it themselves as the de facto standard, and a standards body or regulator eventually says “hey, use this one.” Note lack of blockchains. (This is the usual approach in computing, though even there companies routinely try to set themselves up in the role of central octopus.) And obviously, the blockchain won’t replace your back-office systems without as much work, time and money as any other software replacement project would be.
Getting funding at long last to clean up your data and formats may be worth saying the word “blockchain.” Matt Levine from Bloomberg notes: “The word ‘blockchain’ has managed to make that boring back-office coordination work sexy, which means that it might actually get done.”375 This, rather than anything blockchains themselves offer, seems to be the most productive result of business blockchain trials to date. Once that’s in place, you can increase efficiency markedly by taking the blockchain bit out.
Six questions to ask your blockchain salesman
If someone is trying to sell you on blockchains, the obvious skeptical questions will get you a long way:
Are they confusing “might” and “is”? (Almost all business blockchain claims are full of “might” and salespeople talking about “the possibilities.”) Do they have present-day working blockchains that do every one of the things they’ve claimed you can get from blockchains? If not, which ones are missing?
Will the system scale to the size of your data? How?
How do you deal with human error in the “immutable” blockchain or smart contracts?
If this is for working with people you trust less than the people you deal with now, how are they assuring the security of the chain – what’s the security threat model? (Get your system administrator along to ask pointed questions.)
If it’s for working with people you can already trust to that degree, why are you bothering with a blockchain?
What does this get you that a centralised database can’t? How, precisely? (Drill down.)
Security threat models
If you want to work with people you trust less than those you trust now, you will need to be absolutely clear on how your blockchain is secured against attackers, both internal and external.
What is your threat model? What attacks from the outside world do you need to protect against? What attacks from your fellows on your blockchain do you need to protect against? What do your security-conscious IT staff think of all this?
Attacks may include:376
The usual human problems in cryptographic key management. Ordinary employees just trying to do their jobs are really bad at security thinking. What can someone do as “you” if your company’s keys leak, or if someone clicks the wrong link in a phishing email?
If you have enough hashpower on a Proof of Work chain, from 25% up you can conduct an attack on the system, as described in the Bitcoin mining chapter. In Bitcoin, this attacks the transaction ledger; in a business blockchain, the integrity of the information.
On an invitation-only permissioned blockchain, you don’t have to control a large chunk of the hash power – you just need to compromise a single member.
The miner gets to choose which transactions they write to the next block. What could they write, or decline to write, to the chain that would be adverse to you? What if some other members of your chain decide they don’t like you?
Blockchain promises that it will let people who don’t trust each other work together. The trouble is that it does this only approximately, with startling inefficiency, and in a way that naturally recentralises to one or a few winners, as happened with Bitcoin. The usual proposal to avoid this is to just start with central authority, at which point you probably shouldn’t be using a blockchain.