Occasionally during my long IT career, I have been exposed to a technology that has made me sit up and think, “Wow! This is going to change the way we do things; this is going to change society.”
The first such technology was Netscape Navigator, one of the first graphical user interfaces for the new-fangled ‘Internet’ that everyone at my university was getting lost in. Seeing a graphical, relatively easy-to-use interface to the Internet, I understood that this was the world at everyone’s fingertips. Things changed.
The second technology was Facebook. I was introduced to Facebook in 2007. I was working at a digital agency in Melbourne, and what I saw made me sit up and take notice. Facebook was the representative of the populist, stream-of-consciousness, post-to-feed, start of social media as we know it today. I was hooked. Things changed.
And now there is a new technology: blockchain. Perhaps not exciting for the everyday Joe Blow, but massively exciting for us tech nerds. Things are going to change and I am sitting up.
The existing solution space
The most common existing transaction validation mechanism involves the development of a single, centralised repository and associated application installation through which all new transactions are passed. In this centralised application and repository, the specifics of the atomic transaction are compared with highly secured and encrypted base data held against the individual transaction participants. This base information was previously obtained via a separate set of applications that seeded the repository for each participant and encrypted the data for subsequent use.
Large financial transaction clearing houses are a common implementation of the centralised validation model. When these centralised clearing house implementations are compromised and the encrypted base data is exposed, it immediately devalues and debases that entire repository and application that is the beating heart of the transaction validation mechanism. This allows for fraudulent transactions to be introduced and confidence in the entire solution is significantly reduced, if not destroyed. In some cases, the compromise may go unnoticed for a significant length of time causing monumental damage to the participants' financial or reputational state.
Blockchain technology removes many of the points of exposure that the centralised solution inherently contains.
What is blockchain?
“The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.” Don & Alex Tapscott, Blockchain Revolution (2016)
Blockchain is the term used to describe a stack of technologies that include a distributed ledger, facilitated by Smart Contracts, overlaid with Confidential Computing that uses Private Key and Homomorphic Encryption. Easy peasy!
A distributed ledger is a digital record of transactions that is shared instantaneously across a network of participants (nodes). It is ‘distributed’ because the record is held by each of the nodes on the network, and each node’s copy is updated with new information simultaneously. Blockchain can be a technical component of a distributed ledger but not all distributed ledgers use blockchain technology.
This means there is no one, central database location that everyone queries. Each node – or participant – has an exact same copy of the ledger. Each node of a distributed ledger can query the ledger, or data on any or all of the other participating nodes. These queries are referred to as ‘transactions’.
The nodes validate the transaction and the user’s status using known algorithms.
Transactions are executed and stored on the ledger as blocks. Each block has a timestamp and a link to a previous block. These blocks are linked together as a chain (hence the name “blockchain”). These blocks and the chain are immutable. They cannot be changed.
This is the first layer of security, and part of what makes the blockchain an obvious choice for the Financial Tech industry, and for tracking high worth assets such as diamonds, artworks, motor vehicles, boats, and any other asset that can be described, recorded, and tracked in a systematic way.
A change at any one of the nodes is replicated and stored on all of the nodes. Making data tampering almost impossible and highly traceable. Any attempt to corrupt and modify the data instantly raises a red flag, because the validity of the blockchain is constantly verified and corrected using cryptographic algorithms and multiple distributed data records.
What I have just described is the basic blockchain (distributed ledger) model. This model can be overlaid with additional layers including Smart Contracts and Confidential Computing to create even more data security. Allowing the participants to share and query sensitive data without being able to see each other’s data.
Given this high-security function, industry is investing heavily in blockchain to secure their digital future.
The perfect use for the blockchain is most definitely when there is an immutable ID on a device that cannot be changed and it is sitting within an immutable ledger. A company we are working with, EverLedger is using blockchain to record and track the provenance of diamonds (that have a laser-etched ID code), and is looking to expand the principle to a host of luxury goods.
The asset and all its characteristics are recorded on the blockchain. As the asset progresses through its lifecycle, new provenance-related data is entered onto the blockchain. This enables new owners of the asset to track the assets origin, authenticity, and provenance.
A smart contract is a computer program that is layered over the infrastructure of a distributed ledger. The terms of the contract are encoded as part of the computer program. The terms execute automatically on the occurrence of predefined and agreed triggers, negating the need to rely on third parties to enforce the agreement.
Smart contracts allow peers on a peer-to-peer (P2P) distributed ledger to transact directly with each other, in a predefined and agreed-upon way. Once the smart contract is agreed upon and entered onto the ledger, it will execute exactly as defined every time; and it cannot be changed or tampered with. Smart contracts cut out the need for a middle man, particularly in financial transactions, because trust is established directly between the peers by the smart contract.
Imagine that you could book an airline ticket without having to use a credit/debit card or PayPal. The act of you booking your airline ticket would set up a smart contract between you and the airline that would transfer money for payment from your bank account, on a predetermined date, without you having to provide the airline with any of your financial details.
Confidential computing is a way to analyse data without seeing all the data. It preserves privacy and confidentiality while enabling rich data insights to be derived. Confidential computing enables data across two or more distributed datasets to be analysed without any of the data having to leave its secure source. It uses homomorphic encryption to encrypt the data, then uses the encrypted data rather than the actual raw data for analysis.
Confidential computing is used to layer over a distributed ledger to enable sharing of personal or competitive data in way that ensures security, complies with regulatory and ethical requirements, and does not give away any competitive advantage. The data is encrypted using a private key, the encrypted data is released to the algorithmic engine, and only encrypted data is ever transacted. The result is an encrypted data set that is then utilised in a pre-prescribed way.
Smart Contracts are more often being used to define how data is transacted using confidential computing on distributed ledgers (with or without blockchain technology).
Distributed ledgers using blockchain technology and smart contracts, overlaid with confidential computing, provides a secure method for individual participants to securely share data, giving them greater access, which means better insights for decision making.
Why is blockchain so interesting to DB Results?
DB Results is involved in blockchain because it’s a security enabler for the Internet of Things and the digitisation of industries such as FinTech and HealthTech.
The technology secures IoT devices by providing blockchain-based identity and access management systems. This addresses the growing security gap in the objects connected as part of the IoT.
A private blockchain can be used to store cryptographic hashes of individual device firmware, creating a permanent record of device configuration and state. This record can be used to verify that the device hasn’t been tampered with, before allowing the device to connect to other devices or services. FinTech and HealthTech industries are using blockchain to create peer-to-peer, distributed transactional ledgers, that create a trusting environment for transaction of sensitive information.
Blockchain is an exciting, disruptive digital technology that is set to change the transactional landscape for many industries and applications. Digital Security is one of the main concerns that blockchain technology addresses and it is being used across a wide variety of applications, from the FinTech and HealthTech industries to the Internet of Things. But it is also powerful in enabling provenance and is creating new opportunities and disruption in areas such as tracking of diamonds, art, antiques, cars, boat, planes and any other object that can be marked, identified and tracked.
Things are changing and I continue to sit up...