The blockchain emperor has no clothes

The blockchain emperor has no clothes

Now I’ve been vaguely uncomfortable about blockchain for some time but never sat down to think about it – until now.

What is blockchain, anyway?

It’s a specific example of a more general concept, the distributed ledger. But since all the distributed ledger projects I know are actually based on blockchain, I use them interchangeably. I shouldn’t really. Also this article is about blockchain, not bitcoin or crypto currencies. The blockchain architecture underlies bitcoin but we are talking here about the commercial application of blockchain databases. [Incidentally, what do I think about cryptocurrencies? See Matthew 26:52.]

OK, so a blockchain is a kind of distributed ledger. What does that mean? A ledger stores transactions. Records of commercial activity of some kind.  A typical commercial ledger, like a sales ledger, will have BUYS and SELLS of products, at a date, with a price, quantity, the parties to the transaction, etc. Your bank statement is another kind of ledger: it shows payment into your account, and payments out. Date, how much, who to, and so on. The blockchain concept is not specific to any particular kind of ledger except of course it is digital i.e. stored and processed on computers.

What is special about it are three things:

1. Everybody who uses a particular instance has their own version of the ledger. Not a copy. There is no master ledger. The architecture is “peer to peer” (P2P). Every version of the ledger should be identical at all times. Hence the ledger is “distributed”.
2. Transactions in the ledger(s) are kept in sequential blocks. Each block contains a clever summary or in computer terms “hash” of the preceding block, so that if someone was able to corrupt or overwrite a previous block – even by one single bit – recalculation of the hash would yield a different result to the hash stored. Essentially the ledgers are immutable – it’s as if they were chiselled in stone.
3. When someone (a computer process) wants to add a transaction, they cannot do so unless everyone or at least a majority of users agree to add it. If they do, then every ledger is updated. This is the consensus process, which varies from one blockchain implementation to another in complexity and security.

All this clever security was invented by the inventor of cryptocurrencies. He was trying to find a way that cryptocurrency transactions could be recorded so no-one could steal money without everyone else in the community knowing about it. His design has some additional complexity specific to that problem.

Real life applications for blockchain technology

Crypto aside, what else can blockchain ledgers be used for?

I set aside some research time. I cruised. I visited IBM and Microsoft and Accenture and PWC and.… wow! According to Cognizant, “Blockchain is a generational technological transformation akin to the importance of the advent of the Internet for how businesses transact with one another”.

And the accounts of the business problems that have been or will be solved with blockchain technology are astonishing.

Did you know that IBM has created a blockchain system in business financing that has saved 75% of the time IBM used to spend on transaction disputes? The grocery giant Walmart has created a supplier blockchain. Now you can tell where a mango comes from in 2.4 seconds, and it used to be days…

A system called Everledger provides a distributed ledger that assures the identity of diamonds, from being mined and cut to being sold and insured. “In a market with a relatively high level of paper forgery, it makes attribution more efficient, and has the potential to reduce fraud and prevent ‘blood diamonds’ from entering the market”.

Did you know (this is from an excellent report by the UK Government Chief Scientific Advisor) that the capital markets still rely on paper records to reconcile a trade between counterparties. A blockchain solution could provide transparency between the parties and keep the regulators happy as well.

In financial terms, the most striking claims revolve around the settlement of “stocks and shares.” For example, Autonomous Research suggested that blockchain could take 30% out of the estimated $54 billion spent annually on securities processing, giving savings of $16 billion. By 2021!

Blockchain may have a role to play, I read, in solving that nemesis of big IT projects, the national patients’ record scheme. And just in the last few weeks, the UK Chancellor of the Exchequer has speculated that the blockchain technology may help solve the intractable issue of the day, the Irish border question.

Everywhere you look, the hype-sphere is ringing with astonishing claims of efficiency, cost saving and elimination of fraud.

These examples are all bogus. No, I don’t mean that the benefits haven’t or couldn’t be realised. They may have been, they may still be. They are bogus because the use of a distributed ledger is irrelevant to the business benefit gained. In fact, using a distributed database greatly increases the complexity and risks of such projects.

Let’s dwell on this sentence a iittle. Take any business process. Imagine for example a Walmart fruit buyer checking the age of a mango.  This system could have been implemented using a conventional database and tooling to look and feel the same, and provide exactly same functionality to its users. If there were middlemen, agents, exchanges or hustlers to be cut out of the process, the same results could have been achieved with a single ledger. Without blocks.

Blockchains are not magical or telepathic. They are not AI. A blockchain based application cannot DO THINGS that a conventional system cannot. (Although the hype may encourage adventurous collaborations which would otherwise never have seen the light of day).

And on the face of it, blockchain based solutions look complicated, hugely duplicative in processing (and hence requiring lots of hardware), dramatically unscaleable and expensive. So, like the ridiculously long tail feathers of a bird of paradise, there has to be SOMETHING ELSE that makes blockchain worthwhile.

I have asked my friends. I have scoured the net, I have filled my laptop with white papers. I have found five areas where the proponents of blockchain claim that it is uniquely potent. Let’s examine each one of the five areas and see if it justifies the length of the tailfeathers.

1. The ledgers are distributed

Distributed. Having multiple copies of the same ledger, the same transactions, in different places. Why is this a good idea?

It is in on the face of it a very bad idea. Not only bad, but unnecessary. Consider this:

The story of young Albert and the Swiss clocks

In the little Swiss village of Edelweiss, the people are passionate about time-keeping and punctuality. Over the stove in every house is a wonderful clock. Everybody can check the time, just by looking up from the table. But sadly, the clocks don’t always tell the same time. Some run faster than others. Sometimes they break, or run down. So the mayor has a competition to synchronise all the clocks.

The clockmakers guild is in a state of high excitement. The clockmakers get together and create a blueprint for the CLOCK CHAIN, a system for synchronising all the clocks in Edelweiss. This is a tremendous challenge and requires many cogs, gears, shafts and jewelled bearings to solve.

Picture of the underside of the village. Each clock has a shaft going down under ground. Each shaft has a wheel on the end of it, and chains and ropes joining the wheels together. There are elaborate consensus mechanisms, to determine what time to use when the clocks disagree.

The clockmakers’ guild presented the mayor with a bill. When she saw it, she went white. “Why,” she said, “it will take years of austerity to pay for this.”

“Well, it’s a big problem. It will require a huge amount of digging and lots of cogs,” replied the guild meister.

“Does anyone have a better idea?” asked the mayor, in desperation.

In the silence that followed, little Albert spoke up. “I do.”

They all smiled. “Well,” said the mayor, “tell us little Albert, what will your idea cost?”

“Nothing,” replied the child, and they all laughed.

“And how long will this nothing take?” asked the mayor, not unkindly.

“You can have it tomorrow,” said little Albert, and they all laughed even louder, especially the clockmakers. But not when they woke up the next day.

During the night, little Albert and his friends had carried his family clock and put it in place of the statue in the town square.

“Now,” said Albert, “there is only one time and you can all see it from your kitchen windows.”

What works in a Swiss village works just as well across the globe. I don’t need to have the database in my office or in my datacentre to use it. We have the web and other networks, we have browsers, we have encryption and https. We can sit anywhere and interact with any application running anywhere. And be guaranteed to see the same information as everyone else.

So it’s not necessary for me to have my own ledger to see what’s going on; I just need a view into the one and only ledger. Not only is it an unnecessary idea, it is also a bad idea.

Distributed information is a headache, especially when it is peer-to-peer i.e. anyone can claim to be the master. There is instant complexity around versioning, about timing, about reconciling differences and how to recover from outages.

It is not for nothing that every Finance departments has a project called “Single General Ledger,” somewhere in their portfolio. That’s why every Operations departments has a project called “The Golden Source” or suchlike. If you only have ONE copy of something, there is nothing to reconcile, nothing to adjust. Integrity and consistency are guaranteed.

So what is so great about distributed (i.e. having MY copy of the ledger)? I have yet to find a decent explanation in the hype-sphere, except for this: resilience. In other words, being able to cope with the destruction of one copy of the ledger, maybe by a fire in my datacentre.

If ledgers were books, with transactions written on paper, keeping copies ‘somewhere else’ is a good idea. If I have a fire in my office, I can get my ledger back by copying someone else’s ledger. Is that a good idea for electronic ledgers as well? And it is, and you can. Modern infrastructure and modern system design provides replication at several levels. You can have replicated disks and databases. You can have distributed self-repairing databases. This stuff works. We don’t need to create a cumbersome and complex layer of distributed business transactions to ensure that critical data is bombproof in its datacentres.

OK. So blockchain isn’t required to improve the resilience of the ledger. Maybe it’s not bombs or fires that we should worry about. Maybe it is cybersecurity. This is the second area that distributed ledger enthusiasts talk about.

2. Blockchain ledgers are proof against cyber attacks. 

Cyber threatens our world in many ways. In relation to data, there are two things that keep many of us awake at night:

1. Data breach: my data is still there but someone has hacked in and copied it.
2. Data manipulation: someone has changed my data. For example, changing the destination on a payment instruction. Changing the amount in a wallet.

So the question is, will I sleep easier if I know my application has a blockchain architecture?

Let’s start with A. Data breach. If I’m worried about some hacker copying my data, is it better to have many ledgers, held by different players, all containing the same data? Is that more secure from cyber prying eyes?

Surely not! I mean, you have no control over other people’s ledgers. Who knows how good their cybersecurity is? And remember, they’ve got YOUR DATA, the same data as you have in your ledger. Do you feel good about that? Definitely not. So I’m wide awake and worrying at this point.

Hype-sphere alert: See the whitepaper from Microsoft and the Digital Chamber of Commerce:

“…blockchains may contain multiple layers of security – both at the network level and installed at the level of each individual participant. Finally, blockchains hosted on a cloud platform, such as Microsoft Azure, feature even greater cybersecurity protections due to the platform’s access controls and many other protections.” 

Ask yourself, don’t all these protections apply to any system, blockchain or no? Of course they can. This paragraph is just an advertisement for Microsoft security products.

So, on to B. Data manipulation. Here’s the argument, from Microsoft et al:

“…consensus among network participants is a prerequisite to validating new blocks of data, and mitigates the possibility that a hacker or one or more compromised network participants can corrupt or manipulate the ledger.”

I agree with this. It is extremely hard to imagine how a hacker could at the level of the blockchain database itself propose a new transaction, or amend an existing transaction without falling foul of the consensus checking and hashing algorithms. The equivalent hack on a conventional database would require privileged database access and the hacker would have to update the myriad of subsidiary tables, status and counters which make up the database of any real world application.

If you have ever experienced a database corruption issue, you will know that the very last thing – the digital equivalent of jumping out of the plane holding the parachute – the very last thing you want to do is to manually intervene at the database level. I have been there, several times. It rarely ends well. You need to get back to a known good state and then use the proper functions of the system to insert the missing or corrupted transactions.

Which is the point. Hackers – for example the folks who stole $101 million from Central Bank of Bangladesh’s account at the US Federal Reserve in 2016 did not hack the Federal Reserve’s database. They gained access to the Swift terminal of the Bangladeshi bank and sent payment instructions to the Federal Reserve to pay out the money. Had the Fed’s database been a blockchain database, the money would still have gone because the proposed transactions – namely funds transfer instructions – were perfectly valid, if large.

Financial fraud is rife, but – unlike data theft (see above) – it is not typically carried out by hacking databases. It is carried out by subverting systems or tricking humans to pay out money, and the nature of the underlying database is irrelevant.

Let’s say this another way: yes, it’s true that it’s extremely hard to directly overwrite or corrupt a blockchain ledger. It is also hard to directly overwrite or corrupt a conventional ledger. Real ledgers, real databases are mindboggling in their complexity. Hackers don’t hack databases directly; they hack the front end or the business application that uses the ledger – or even subvert the humans who use those applications – and create the transactions that “send them the money”.

So let’s move on from cyber considerations. They are not conclusive.

What’s next?

3. Blockchain ledgers are Immutable (and hence auditable)

Another puzzle. On the face of it, we don’t want any system to be immutable, from a business perspective. Mistakes happen! Or you decide to cancel the order, or the seller offers you a better price. The supplier has changed the part number. You want it delivered to a different address.

If business transactions were actually immutable, the system would be a disaster.

But blockchain transactions are immutable, so how does one amend or cancel a transaction? By entering a new transaction which reverses the old one, and then a second transaction which is the “amended” one. This is the way, incidentally, that old banking and securities platforms used to handle changes, and in many accounting systems today, this is how one amends a transaction from a closed period.

But still, the sentiment in favour of immutability is clear: for a ledger to be trustworthy, it must keep a full and accurate record of everything that ever happened, including the cancellations and amendments. It must be impossible to erase or change history.

And it is true that there are millions of systems around today which don’t do this. Systems in which one can delete an entry and it’s gone forever. They are called spreadsheets and yes, auditors hate them.

But all industrial grade commercial systems are immutable in this sense. Immutability goes back a long way. It’s the reason why book-keepers write in pen and ink. I have never come across a banking platform outside the spreadsheets which did not keep an absolute and immutable record of all transactions.

So… what’s the advantage of blockchain? We come to a concept that hasn’t yet been mentioned.

4. Smart contracts

The concept is nebulous but the general intent is to allow automatic i.e. software driven execution of contracts, avoiding lawyers and execution of “paper” contracts, courts, even the human aspects of default and non delivery.  The smart contract is a child of the Internet and in fact pre-dates blockchain by more than a decade. Nick Szabo coined the term in 1994.

You can’t really have smart contracts unless one party can pay another…within the ecosystem in which the smart contract operates. So in a cybercurrency environment, in which payment is in cryptocoin, smart contracts are easy to visualise.

What about those of us who use Paypal and debit cards? I can sit at my desk in London and book rooms on Airbnb in Nagasaki, Japan. I can book the flights on Expedia. And hire a Zipcar. I can buy a suitcase on Amazon to carry my luggage. Each transaction involves at least four parties. Each creates new contracts and specifies complex behaviours. If my suitcase weight too much, I will be automatically penalised. If I don’t leave the Airbnb apartment tidy, penalised again. Crowdsourcing websites like Mechanical Turk provide a marketplace for bidding and awarding contracts for microtasks. Outsourcing small tasks is only possible because bidding and awarding the contract, and then delivering and paying for work done under it is highly automated. Are these not smart contracts?

Functionally yes, but strictly speaking, no.  Implicit in the idea of a smart contract is the elimination of intermediaries. There is a passionate tradition running through the blockchain literature, keynote speeches and TEDx talks that blockchain technology can simplify the world, improve efficiency and reduce costs by disintermediating the middleman. Not just the traditional agencies like banks, brokers, lawyers and real estate agents, but their 21st century versions: Amazon, Airbnb, Uber and the like. Middlemen take a cut, increase costs and complexity and slow things down. The distributed trust which blockchain creates enables these undesirables to be taken out of the transaction, leaving behind a simple world of peer-to-peer interactions governed by smart contracts.

So perhaps the characteristic which justifies blockchain is not the smart contract as such, but the possibility of eliminating the man in the middle? Let’s consider this, using a real life example.

5. Elimination of the middleman

we.trade is a cross border trade financing platform, owned by a consortium of 9 banks and IBM.

What kinds of costs has this consortium incurred?

1. System design and implementation
2. Infrastructure (Hyperledger/IBM Cloud etc)
3. Marketing (to prospective banks and SMEs)
4. Support and maintenance
5. Ongoing development

Is there some magic about blockchain costs? Do we think the business analysts and solution architects work for free? Does IBM provide a Cloud environment (and one node of the blockchain per participant) for free? There must be an onboarding team and a helpdesk, who pays for them? There is no free lunch. The consortium have set up a “not for profit” company, which will either need to be funded by its shareholders or charge its customers to recoup its costs.

The truth is, there are two “middlemen” in this set up. One is IBM, and the other is the joint venture set up by the consortium. How is this different from Amazon, Uber etc?

And how is it going to cost less? Let’s remember that precisely the same functionality – cross border trade financing – could have been created using a conventional database and a single ledger, into which every participant has a view (whatever view they are permissioned to have.) But in this system, we would need nine identical ledgers, one for each participating bank. How can that cost less, in terms of Cloud capacity, than a single conventional ledger? Not long ago another three banks joined the consortium. So another three ledgers are needed? What kind of network traffic is required to synchronise the ledgers?

But why stop here? Blockchain wisdom says that everyone should have their own (copy of) the ledger so they can control what gets added through the consensus process. So one would expect every participating SME (and not just the consortium banks) to have their own copy of the ledger? Which might be several hundred. Or thousand. But if not, why not? Logic would suggest that either there should be one ledger per SME and bank, or just one ledger which everyone can see.

Conclusion

I believe that:

1. Anything functionally that you can do with blockchain, you can do with conventional technology
2. Both are resilient against data centre disasters and physical attacks
3. Blockchain ledgers are more vulnerable to data breach by virtue of their multiplicity i.e. there are lots of copies of the data out there
4. Block ledgers are less vulnerable to direct data manipulation but most fraudulent activity doesn’t involve directly writing to the database
5. Both architectures support immutability, strong audit trails and smart contracts
6. Distributed ledgers are expensive and hard to scale

The story of the Emperor’s clothes and the fawning courtiers is a perfect metaphor for what is going on with blockchain. If I can’t see his clothes, I must be one of the stupid courtiers and I don’t want to make a fool of myself. So I say nothing. In fact, I throw a few chips on the table, just in case.

Some of those who know the Emperor has no clothes – virtually all IT vendors and consultants – are economically compromised. This is a money tree, just like Y2K, Sarbanes-Oxley, Dodd Frank, MiFiD and GDPR. Practitioners – corporate IT departments – are scratching their heads but, what the heck, what harm can it do to have a chip on the board? The rest of the world doesn’t understand it and like my friend Stephen, is afraid to ask.

The only, tangential benefit that I can see from this invention is that the hype around it has encouraged folks to think out of the box and across the supply chain and geographical borders. So there are lots of adventurous, cross-industry initiatives starting up that wouldn’t otherwise. But they stand more chance of delivering if they hold onto the vision and drop this ridiculous architecture.

What am I missing?

By Dr Stephen Norman,
banking technologist turned crime writer,
and a Banking Technology Awards judge

This article was originally posted on LinkedIn.