The Security Properties of Verifiable Append Only Ledgers

Ben Laurie
Aug 22, 2018 · 3 min read

It is a widely held misconception that verifiable append only ledgers[1] will magically save us from all possible badness and will transport us into a wonderful world of instant, guaranteed transactions, free of all regulation.

I’ve got bad news for you, people. Listen up.

There is nothing. Literally nothing, that can save us from badware — ultimately, you have to trust the hardware your device is made from, the firmware running on all that hardware, the OS running on top of that, and the software you run. And that’s before you start worrying about unsupported devices, malware on your phone, shitty TCP/IP stacks, out-of-date OSes, and all that. But even when we deal with that, there’s supply chain attacks, still malware on your phone, hardware and software vendors acting, shall we say, not entirely in your best interests, still out-of-date hardware (a lot of which is out-of-date software masquerading as hardware) and so on. In the face of this, blockchain cannot save you. Ah, but, proof of work, you say … you can’t fake that. But you can. I’ll give you two scenarios:

  1. You are put in a bubble, by the OS, say, where Bitcoin has turned to shitcoin, the value is close to 0, and mining has slowed to a vaguely sane rate.
  2. The hardware subverts your hash calculations and makes it look like work has been done.

And I’m just getting warmed up.

However, I also have good news.

Of course your vendor can fake all the root certs and give you a poisoned OS that keeps you in a fake cryptobubble. But the price the vendor pays is that you can produce the device as evidence against them. It will contain cryptographic, hardware and software evidence of the badware. Once that happens, it’s presumably game over for the manufacturer in a world where trust is rooted in verifiable ledgers.

If you get as far as trusting your hardware, and maybe you can, the story gets better. Now the attacker has to produce a forked version of a verifiable log. As soon as they do this, you have cryptographic evidence of their wrongdoing. In order to stop that leaking out, they have to keep you in a bubble that only knows about this fork, not the public one. That’s some feat, in a pervasive verifiable log world.

If verifiable logs are pervasive, the obvious countermeasure to such subterfuge is for logs to store the hashes of other logs. In order to maintain a fork, you’d have to (eventually) make one for every log.

So what is the price of such evidence, showing that you haven’t obeyed the rules of the game[2]? Experience so far (with Certificate Transparency) shows the price is high: logs get struck off, CAs have gone out of business.

Getting back to the original question: the most important security property of a verifiable append only ledger is that if it ever deviates from that guarantee, the victim has cryptographic evidence. It does not mean you will not be a victim, it means you will be able to prove you were.

By the way, on regulation. Regulation exists for a reason, and that reason is there are evil bastards out there who will strip you of every penny given half a chance. OK, some regulation is just friction, to the advantage of various parties. You don’t want no regulation, I promise you. If history teaches us nothing else, it teaches us that.

See also, provably being a victim.

Anyways, in a pervasive verifiable log world, it becomes very expensive to defect. Of course, you can, but you pay a high price if caught. And thus you can rely on distributed (but not decentralised) logs to give you the strongest security guarantees you can reasonably expect.

So, forget proof of work, proof of stake, decentralisation of any kind. Leaving aside the fact it can’t work, it isn’t needed. Centralised, distributed, but verifiable logs are just fine.

A guy can dream, right?

________________
[1] Also known as “the blockchain”, only without all the cryptocurrency bullshit.
[2] “The game” being not just the verifiable ledgers, but also conformance to whatever rules govern whatever is in the ledgers.

Ben Laurie

Written by

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade