I’ll Raise You a Panacea

By Rob Seger

In my previous post, Blockchains suck — here linked by title mostly because my editor really hates it — I offhandedly mentioned a few of the reasons why, well, blockchains suck. In this post I’d like to focus on one in particular: the wasted resources necessary to write to the chain. It’s an existential problem too often ignored.

The consensus protocol, how the network decides what really happened, for public blockchains is necessarily wasteful. There has to be waste in order to prevent someone from simply writing a whole new valid chain and submitting it as The Real Chain¹. And this makes them wholly unsuitable as a global financial infrastructure.

To give an idea of the gap between state-of-the-art blockchain networks and real life requirements of financial infrastructure, one might look at high frequency trading where working at 2/3rds the speed of light is fast becoming unacceptably slow. That’s a pretty insane world though so let’s instead focus our attention on what a single payment processor’s North American division needed to handle in 2010². Seems like two thirds of a decade later, cutting edge financial technology should be able to address that.

The requirement then is an average of 2,000 transactions per second. We’ll ignore daily peaks, holidays, denial-of-service attacks, and the real world, for clarity. Bitcoin is laughably slow. With an average settlement time of ten minutes, each block would need 1.2 million transactions. Or, more transactions than there are bytes allowed in the block. Ouch.

Ripple is the only public blockchain network within an order of magnitude of this requirement, but even in the most generous stress test environment it can’t fulfill even half of those transactions.

Enter the panacea for the panacea: tokenization.

The idea here is pretty straightforward. Rather than recording the actual transaction on the blockchain, you just record the hash of what happened on the chain. So you do everything the normal way, except, at the very end you make a hash of it³ and store that hash on the blockchain. Now, if you ever want to prove that you did everything the right way, you can just recreate the hash and point to it on the blockchain.

Now, don’t get me wrong, tokenization is amazingly powerful. But in this case it’s being used to drive a wedge between the actual financial ledger and the benefits of a blockchain. The token becomes a massive vulnerability for the entire batch of transactions it represents. Far from increasing the overall security of the ledger, it instead introduces an attack surface which renders the entire concept useless from a practical perspective.

Take those 1.2 million transactions from above, for example. Our hypothetical blockchain-enabled system executes all of those transactions just like any normal 2010 technology would. Except now we make a hash of all that activity and store that in the bitcoin blockchain. Now along comes a spider and changes a single bit in any one of those transactions.

The hash doesn’t match anymore, so…now what?

The principled thing would be to reject all 1.2 million transactions as no longer valid. I mean, that was the purpose of the blockchain in the first place, right? Proof that everything was valid? The practical answer is to hope you have a backup without the corruption and, if not, quietly sweep that bad boy under the rug. The blockchain didn’t provide anything a journaling file system and an adequate backup strategy doesn’t trivially provide on its own.

If the blockchain’s too slow, and tokenization doesn’t have any practical benefits, aren’t we done here? Mostly, yeah. But, if that perfect audit record is important, and one is willing to accept some form of centralization, there are options. Manifold has just such an option⁴ in its Multi-Chain technology.

Requiring only a hash calculation, offering the ability to independently prove the integrity of an entity’s transactions, without having to share every transaction in the system to do it, and all with no limits on what can be stored within a block. A shame though, all the details are in my next post.


1. Oversimplified because cryptographic algorithms aren’t “exciting”.
3. See #1. grumble grumble

Rob Seger is CTO and Co-Founder of Manifold Technology. Rob has two decades of experience focusing on security, network and cryptographic exploitation. Rob began his career in the government before becoming CTO of Morta Security, later acquired by Palo Alto Networks.