Blockchain for Business, opportunities beyond the hype. On Truth
As we explained in the first part of the article, Bitcoin demonstrated that it’s possible to exchange value without the intervention of any trusted third party. We broadly spoke of how data in the Bitcoin blockchain is practically — not theoretically — immutable, and how such a temper resistance property can actually be replicated also in other forms of blockchain, even permissioned and not based on Proof Of Work.
When we try to imagine the utility of Trustless Trust concept applied to other than cryptocurrency we actually refer to two core properties of transactions recorded in a blockchain: immutability and truth.
We discussed about immutability but we did not really focused on truth of the data written on the blockchain. This is probably one of the most dangerous and leveraged misunderstanding in the blockchain space. As we all know, immutability and truth are very different concepts, blockchain technology is not capable of any magic trick on such a separation.. other than perceptionwise of course.. Garbage IN Garbage OUT
Transactions on cryptocurrency blockchains are true by construction: there’s no such a thing as a fake transaction written on the blockchain.. there are specific formal rules that prescribe how to generate a transaction. If account private key holder of public address A wants to generate a transaction towards public address B he can do that as long as the ledger says that account A has funds >= of the transaction itself + network fees. That’s it that’s all.. All the transactions written on the blockchain are true because has been generated following the blockchain rules, it’s an auto-referential system. You may have noticed that I did not refer to the owner of the private key or public address, I referred the holder of the private key.. and there’s a reason for that: transactions generated by a hacker who stole your private keys are as good as transactions that are generated by you in the blockchain space, the system does not care if the transaction corresponds to the will of the owner of the public address. This will probably resonate with the formalist DAO hack accident interpretation described before. We can discuss for pages on the fact that the transaction is true but not authentic since it does not transpose the will of the owner to the ledger and so on… but this is not the scope of the article. What I want to point out is that when we say that transactions on cryptocurrency blockchains are immutable and also true, we’re talking about something very different from what we commonly mean using concepts like true or authentic.
Now let’s try to bring this truthfulness/authenticity problem down to the physical and business world, how can we possibly ensure that informations from the physical or institutional world gets transposed faithfully in the eternal ledger of the blockchain?
Well let’s face it, there is no way to do that in a totally trustless fashion, we always need to trust the information provider, even if we use temper-resistant hardware for reporting on physical world we need to trust hardware manufacturer since hardware is definitely not as inspectable as open-source software is.
What we can do it’s reframing the problem in a blockchain compliant fashion: did entity A corresponding to the public address xyz signed this specific piece of data with his private key on that specific date? As you may notice this reframed problem does not tell anything on the authenticity of the data in the exact same way as when a transaction is included in the Bitcoin blockchain the system does not care who is the real owner other private key and if the generated transaction — the data — corresponds to his will.
As already mentioned, companies does not operate in a pseudonymous landscape as cryptocurrency users does. A public address can well be associated to a specific company or even process or worker of a company, this means that while the reframed authenticity problem does not help us in establishing if the reality gets faithfully transposed to the blockchain it can permanently and reliably tell us who created the specific piece of information an when did it happen.
Is this something useful? Definitely, having a database that no single actor can tamper with has standalone huge benefits, every change in the data has a responsible and a timestamp. More importantly there’s no single underpaid system administrator that can modify the data leaving no trace in exchange for n times his yearly wage..
Does this ensures us that the information reported in the blockchain is faithfully transposing the reality? Of course theoretically not, but it creates a very powerful disincentive to report fake informations limiting the need for trust between parties and that does reduces risk and costs.
The argument is very similar to the one used to demonstrate that Bitcoin, despite being pseudonymous, is not a good mean for illegal transactions: even if your account is pseudonymous would you ever make an illegal transaction knowing that his trace is impossible to delete? What if later or before you inadvertently link your true identity to the pseudonymous address? Better use cash!!! In the case of companies, participants identities should always be known, the fact of creating a trustless public trace of what you reported does not guarantee the authenticity of data but greatly disincentive bad behaviours.
There is one more aspect that should be factored in when we think about the possibility of reporting untrue data on a blockchain: data sequentiality. That is not always the case but in many of the possible applications of blockchain technology to business, data points are not independent, the existence or the manipulation of a piece of information relies of the existence of a previous piece of information created by another known entity. In such cases reporting untrue data requires a mass collusion or a sequential fraud between participants. Imagine a value chain were each actor transforms the input from his supplier: if Actor0 introduces fake data in the blockchain, than Actor1 — who transforms Actor0 inputs — needs to collude with or be fooled by Actor0 in order to propagate forward the received fake information and so on with the following actors. It’s possible but very unlikely for fake data to propagate in such a system.
Finally let’s explore an example involving authenticity of real goods. It’s very difficult to guarantee authenticity of a physical asset, we can create a fancy code representing a specific asset but that can always be copied.. Blockchain technology offers a solution to this problem. Imagine we have a luxury brand who wants to use blockchain technology to ensure the authenticity of the product to the final client. For simplicity we will assume using a public blockchain — such as Ethereum — in this example but as mentioned before, we can achieve the same result with a permissioned blockchain taking snapshots of his blocks headers to a public one.
We have 4 actors:
A) the luxury brand who manufactures the final good
B) the distributor
C) the retail shop
D) the final client
Identity of public addresses owners A,B,C are known.
A — the manufacturer — after transforming the raw material in final product creates a univocal code, prints it inside his product and creates a Non Fungible Token (NFT) including the product code. Finally A ships the goods to B and transfers the the NFT to B public address
B — the distributor — delivers the product to C and transfers the NFT to C public address
C — the retail shop — sells the product to the final client and transfers the NFT token to D — the final client — public address.
Multiple exact fake physical copies of the final good and of his univocal code can be re-produced, but there cannot be any copies of the NFT containing that specific univocal code originated by luxury brand’s public address. When the final client receives the final good and the NFT with corresponding univocal code he can be sure that the product is original as long as the luxury brand’s public address is known. It can be argued that actually the shop owner could deliver the final client a fake physical item while transferring the actual NFT to the client’s address. Again that is possible but the trick can be played only once, moreover the fraudulent shop owner would remain with an original physical item with no digital possibility to proof it’s authenticity. On contrary a potential new client could easily see that the retail shop owner is trying to sell him an item that has already been sold… would the client trust the shop owner?
But what about the ‘D’ word?
Do we really need a blockchain for this? Can’t we actually use a less cool but much more efficient and battle tested Database instead?? The result of obtaining a univocal electronic code that cannot be duplicated can well be obtained using the fashion brand’s database as unique source of certification, no doubt about that. But what about security, responsibility and complexity? Creating such a system with a centralized database means actually mapping and updating the ownership of the asset during the whole journey form the production up to the retail shop and final sale. Why should a company take the burden of managing such a complexity while also creating redundant copies and protecting his database from hackers when it could much more simply just publish a transaction on a blockchain? And finally, using a blockchain means renouncing to the possibility to modify the data once published, that is a very strong signal on your own reliability which a simple database cannot deliver.