- The authors provide a structured methodology to determine whether blockchain is a suitable technical solution to a given real-world problem.
- Under that framework, solutions are divided into three categories: centralized databases, permissioned blockchains, and permissionless blockchains.
- The authors visited real-world use cases and analyzed them with the framework, including supply chain management, bank transactions, and DAOs.
What are the appropriate application scenarios for permissionless blockchain, permissioned blockchain, and traditional centralized database management?
Distributed ledger: A distributed ledger is a database that is consensually shared and synchronized across multiple sites, institutions, or geographies, accessible by multiple people.
Blockchain: The name of blockchain stems from its technical structure – a chain of blocks. Each block is linked to the previous block with a cryptographic hash. A block is a data structure which allows storing a list of transactions.
Permissionless Blockchain: Popular blockchains such as Bitcoin, Ethereum, Litecoin, Dash, and Monero fall under this category. Also known as public blockchains, they allow anyone to transact and join as a validator. Data on these blockchains are publicly available, and complete copies of their ledgers are stored across the network giving them censorship resistance and security. A permissionless blockchain has no centralized authority, and users can remain relatively anonymous as there is no need for identifying oneself to get an address or perform transactions.
Permissioned Blockchain: Also known as private blockchains, permissioned blockchains can be thought of as closed systems that require permission to access. Anyone interested in validating transactions or viewing data on the network needs approval from a central authority. This is useful for companies, banks, and institutions that need to comply with regulations or want complete control of their data. Ripple, Hyperledger Fabric, and R3 Corda are examples of permissioned blockchains.
Centralized database: A centralized database is basically a type of database that is stored and maintained at a single location only.
- The data traffic of centralized databases is more easily attacked or hacked.
- If any kind of system failure occurs at the centralized system, the entire data could be destroyed.
- Since all data is stored at a single location it is easier to access and coordinate it.
- The centralized database has very minimal data redundancy since all data is stored in a single place.
- It is cheaper and faster compared to all other databases available.
Trusted Third Party (TTP): In cryptography, a TTP is an entity that facilitates interactions between two parties who both trust the third party. The Third-Party reviews all critical transaction communications between the parties with an eye toward the ease of creating fraudulent digital content.
Blockchain scalability: In the blockchain, scalability refers to the capability of the blockchain network to handle large amounts of transaction data in a short span of time.
Blockchain decentralization: In the blockchain, decentralization refers to the transfer of control and decision-making from a centralized entity (individual, organization, or group thereof) to a distributed network.
Writers: Participants with write operation rights to a blockchain network.
Readers: Participants with read operation rights to a blockchain network.
Supply Chain Management (SCM): is the management of the flow of goods and services and includes all processes that transform raw materials into final products.
Demand Chain Management (DCM): The management of relationships between suppliers and customers to deliver the best value to the customer at the least cost to the demand chain as a whole.
Certificate authority: Authority that gives licenses to banks to participate in a blockchain system.
Internal banking: Internal banking aims at increasing financials generated from regular business activities. For this purpose, evaluation and control of costs are made, along with reviewing the budget. Moreover, the credit terms with customers are verified so as to effectively manage collection receivables.
External banking: External banking involves finances generated from outside sources of an organization. There are two types of external sources of finance: long term and short term, which can also be classified as equity financing and debt financing.
Parallel currency: Currencies that are issued by the state as an official second currency alongside legal tender currency.
Data structure: In computer science, a data structure is a data organization, management, and storage format that enables efficient access and modification.
Cryptographic hash: A cryptographic hash function is an algorithm that takes an arbitrary amount of input—a credential—and produces a fixed size of enciphered text called a hash value, or just “hash.”
Smart contracts: are executable code built on top of blockchains. They are extremely useful for executing agreements between untrusted parties and promise to be a key enabler of social automation in the 21st century.
Why are Blockchains Unique?
The author starts with common properties that differentiate blockchains and other centralized databases:
Public Verifiability: Blockchain allows any observer to verify the correctness of the state of a system, while different observers in a centralized system may have completely different views of the state.
Transparency: Due to Blockchain’s public verifiability, transparency of relevant data and processes is required.
Privacy: A key property of a system for guarding the identities of participants and the content of their transactions. Privacy is harder to achieve in a Blockchain system because transparency is required.
Integrity: Ensures that information is protected from unauthorized modifications. Integrity is closely linked to public verifiability, and compromised in a centralized system.
Redundancy: Data redundancy is achieved through replication across writers in blockchain systems, and by backups in different physical servers in centralized databases.
Trust Anchor: Represents the highest authority in a given system to grant or revoke read-write access to the system, and a key difference between blockchains and other centralized systems.
When does a Blockchain make sense?
- Generally speaking, using an open or permissioned blockchain makes sense when multiple incompatible parties need to interact but are unwilling to use a TTP.
- Traditional centralized databases offer much better performance in terms of latency and throughput when compared to blockchain systems, which is largely due to the fact that a blockchain’s consensus mechanism adds another layer of abstraction.
- Bitcoin allows only 7 transactions per second, while a centralized system such as Visa might allow 50,000 transactions per second. There is a tradeoff between decentralization and scalability.
- If no data needs to be stored, no database is required. If only one writer exists, a traditional centralized database is preferable due to the effectiveness of database throughput and latency.
- Where there is a TTP, there are two implications:
- If the TTP is always accessible, write operations and verification-of-state can be delegated to it.
- If the TTP is usually offline, the TTP can function as a certificate granting authority classifying blockchain writers.
- If both parties agree there are no malicious writers, a centralized database is an appropriate solution.
- If the set of writers is not fixed and identified, a permissionless blockchain is the preferred option.
To further illustrate the difference between the three, the authors included the table comparison below. The authors highlighted that permissioned blockchains can be made public if public verifiability is desired. (Table 1)
The authors analyze the properties of permissioned and permissionless blockchains in contrast to centrally managed databases. A methodology is proposed for deciding the appropriateness of each type of blockchain in domains including but not limited to supply chain management, interbank and international payments, and decentralized autonomous organizations.
Based on the proposed method, the authors evaluate the appropriateness of blockchains in several industries in terms of technical implementation, security, and privacy concerns.
Supply Chain Management
- Companies such as Skuchain, Provenance, Walmart, and Everledger advertise to provide blockchain-based solutions to improve the efficiency of supply chain management.
- Blockchain use may be the driving force of demand rather than supply due to greater flexibility of interactions with different markets and balancing price risks.
- Customer’s interest is at the core of demand chain management (DCM)
- DCM enables performant demands in the market by allowing real-time visibility of products in the supply chain.
- DCM’s information flow is pull-based rather than push-based since stakeholders can actively query the state of chain management.
- Therefore the stakeholders do not need to wait for notification but can actively query the state of the chain management.
- Provenance claims that under their technology, data can be accessed and verified by all actors. Even if they tried to hide an actor’s identity, business critical data such as production volumes are still leaked from other actors.
- Everledger claims to use a hybrid model between public and private blockchain to benefit from both permissioned and private blockchains. The Everledger blockchain is digitally certified and has permanently recorded over 1 million diamonds.
- Applying the authors’ methodology to SCM revealed that:
- Multiple writers involved in owning the final product moving through the supply chain
- Conventional supply chains require data storage.
- Conventional SCM can always just use online TTP. Skuchain saw the need for only a single source of truth for most business activities, removing the need for blockchain
- If there is no TTP, and all writers are known, then the choice comes down to using a permissioned blockchain or not using a blockchain at all.
- But can the writers be trusted? This remains an open question.
- Conventional SCM has interfacing problems between the digital and physical
- It requires trust in the individuals who enter data.
- If all writers can be trusted, a simple database will suffice.
- Companies finding ways of getting reliable data from trusted hardware may change their premise to trust between digital and physical input/output.
- Due to complexities across supply chains, a single blockchain is required for every supply chain a participant is involved in, deteriorating the performance of the solution.
Interbank and International Payments
Traditional methods of transferring money require multiple steps and a trust relationship between internal and external banks.
When banks don’t have correspondent banks in the currency of origin, these steps are even more costly.
The drawbacks of conventional banking are long transaction confirmation times, the cost of multiple steps, and the trust required between banks.
The Monetary Authority of Singapore (MAS), Bank of Canada, and Federal Reserve Board are working on solutions using distributed ledger technology.
- Money deposited in MAS receives the same amount in a distributed ledger which can be immediately used for transactions between banks.
Ripple is a global settlement network on a distributed ledger that partially replaces the banking system.
- Banks may continue to process payments when buying foreign currency at low rates.
- Multiple hops may be required if no trust exists between banks.
- Payment is atomic, meaning all or none of a payment is transacted.
- Ripple provides its own currency, XRP, that can be used as an intermediary.
- Ripple does not remove trust issues but shifts them to other parties.
- No transactional counterparty risk while other currencies are “issued” by gateways that require trust:
- That is, not all “on-chain” dollars have the same issuer backed by the central bank.
- On-chain US dollars are not real US dollars.
- Every issuer creates a new parallel currency.
- Using central banks as gateways would resolve trust issues for Ripple since the currencies issued would correspond to real currencies.
Banks are risk-averse and do not want to rely on assumptions, therefore blockchain technology is suitable for banking in general.
Referencing the authors’ prescribed methodology:
- Banks act as writers on the interbank payment system.
- Single currency systems have a TTP, the central bank.
- The central bank may not want to act as a verifier and may only act as a certificate authority for banks to participate.
- This suggests that all writers are known and that a permissioned blockchain is suitable.
- A blockchain can be either public or private.
Using cryptographic techniques to provide privacy while ensuring public verifiability may resolve banks’ transparency and privacy issues.
Research into banking models using blockchain technology for interbank payments with a centrally issued on-chain currency is underway.
Off-chain payment networks, hashed timelock contracts, or the use of blockchains as satellite chains may provide atomic cross-currency payments while removing trust requirements between bank to bank.
Decentralized Autonomous Organizations (DAOs)
- A DAO is a decentralized autonomous organization that uses a smart contract to facilitate its governance.
- As the system is required to catalog states and multiple mutually distrusting and unknown writers, a permissionless blockchain is a natural choice.
- A DAO may not require its own blockchain. It can be built on top of an existing one (i.e. Ethereum.)
- DAOs may also use a dedicated permissioned blockchain.
- They may also be targets of an attack, such as TheDAO Hack in 2017.
Proof of ownership for intellectual property
- The creator of a digital object may prove ownership at any time using a public blockchain by time-stamping it with their identity and publishing that commitment to the blockchain (generally by creating a Non Fungible Token).
- This does not fully prove ownership but does provide evidence of ownership in that no one else can show the object was previously published.
- TTP may also be used for proof of ownership (e.g., patent office).
- A public blockchain eases the process of providing proof without disclosing sensitive details.
- Privacy is required for votes to be anonymous to prevent coercion.
- Public verifiability is also required, otherwise e-voting solutions are easily compromised.
- Many parties involved do not trust each other.
- Blockchain may help achieve desired properties.
- No blockchain solution proposed so far has been secure, verifiable, and private.
- Per the authors’ methodology, TTP can always be used instead.
- It is possible that a state is trusted only for voter registration and not for recording and tallying votes.
- Offline TTP via public permissioned blockchain may fit this role as well.
- Political parties, NGOs, and other partially trusted organizations take roles as validators in a permissioned blockchain.
- Security depends on the distribution of validators and cares taken in assigning roles.
- No additional properties for trust are gained if the single party has a majority and if the system assigns validator roles proportional to the strength of parties.
Internet of Things
- IoT is inherently decentralized with entities that do not trust each other.
- The aim is to provide autonomous systems that pay for the resources they consume and get paid for resources that they provide.
- Blockchain in combination with a smart contract is suggested for IoT.
- As with conventional supply chains, interfacing between digital and physical realms will be an issue.
- Only automation is desired from the blockchain.
- Blockchain may not be necessary if there is a TTP.
- Trust assumptions need to be studied and evaluated to determine whether blockchain provides additional value.
- Blockchains cannot guarantee the correctness of data from sensors.
- Those who control the sensors need to be trusted.
- Blockchain may help provide transparency via public verifiability.
- Projects that are attempting to secure land titles using blockchains have been started.
- It is unclear whether these projects can sustain wider adoption.
- Trust issues in the digital and physical realm apply to both IoT and conventional supply chains.
- A public ledger may ensure that authorities cannot change land ownership in an undetected manner (but may only be trusted for enforcement).
- Land titles on blockchain offer methods of payments for smart contracts to buy/sell property.
- The blockchain use case depends upon the trust model and other capabilities that the system already offers.
Trading and fair exchange protocols
- The emergence of blockchains induced the design of a fair exchange protocol renaissance.
- TTP is still required in disputes involving physical goods.
- Blockchain seems appropriate for fair exchange as it inherently assumes mutually mistrusting anonymous parties.
- A permissionless blockchain is likely the best fit according to the proposed methodology.
Choosing between a centralized database and a permissioned or permissionless blockchain requires analysis. The authors propose a methodology for evaluating appropriate technical solutions for various application scenarios. This methodology factors in trust assumptions, application requirements, involved parties, and technical characteristics. Depending on the domain of implementation, blockchain or non-blockchain solutions can be considered.
New permissioned and permissionless blockchains are being created to fit various niche demands. Ethereum allows more expressive smart contracts, for example, while Zerocash improves privacy for its users.
Decentralized networks that use hashed timelock contracts, such as the Lightning Network, can further improve the throughput of blockchains and allow transactions between chains. As permissioned blockchains are generally simpler than permissionless settings, more efficient protocols are also becoming available for permissioned blockchains.
The authors illustrate a method for deciding whether a blockchain-based system is appropriate under various application scenarios. This method may be used to help evaluate whether the security and anonymity of a blockchain are worth the potential tradeoff in throughput and latency.