Hyperledger or Coco? What CIOs Need to Know About Blockchain Frameworks
With the announcement of Microsoft’s Coco Framework, technology professionals, CTOs and CIOs alike will be wise to keep tabs on this development as blockchain continues to make inroads into the enterprise sector. Coco is not technically a blockchain itself, but a framework that alters the design of other blockchains such as Hyperledger, Ethereum and Corda to include Trusted Execution Environments (also known as TEEs, which is Microsoft-speak for “other computers you completely trust”). This aspect of the Coco framework isn’t necessarily in line with decentralization, but it may have benefits for some use cases.
Microsoft’s demonstration of the Coco Framework makes it evident that Coco has the potential to bring the benefits of improved governance, security and scalability to large enterprises considering blockchain to improve their current business processes and IT infrastructure. While the Coco Framework is likely to offer several benefits to these users, key decision makers should evaluate whether Coco is appropriate for their specific needs versus other blockchain solutions.
When should an enterprise use Coco?
Scenario 1: When multiple counterparties have a high level of trust between each other and don’t require every piece of transactional data to be available on a blockchain.
If the level of trust between counterparties is high, then the Coco Framework and its associated TEEs may be a suitable solution. The retail space is a fitting example (no pun intended) where the Coco Framework would provide the benefit of scalability for large retail enterprises. Retailers and suppliers, who are direct counterparties, won’t gain much in the way of “trust” from decentralization, and retailers certainly don’t want one supplier to have access to information about another supplier. Coco is 100% built for this use case.
Scenario 2: When an enterprise conducts high volume, latency-sensitive transactions subject to oversight by multiple and disparate regulatory bodies (i.e. insurance and finance).
Given the computing resources needed to process high volume transactions in financial services, which may be governed by non-uniform rules established by multiple regulatory bodies, a flexible solution that can report to multiple agencies while retaining data privacy is crucial. Through the Coco Framework, a financial services company can choose what data it provides to whom, which could include counterparties, other financial institutions, self-regulatory organizations (SROs), state regulators and federal regulators. Each of these groups require different information from a financial services company, and Coco allows it to share unique information with each of them.
Trade spoofing is another example where the Coco Framework may be useful. Spoofing happens when a trader enters deceptive orders that are intended to trick the rest of the market. As illustrated in Bloomberg’s “How to Catch a Spoofer”, it can be challenging for regulators to identify spoofing, as it often occurs in short-but-high-volume time intervals. Financial services firms and SROs that need to analyze immense data sets to uncover the activity may benefit from the Coco Framework’s scalability and one-on-one data transmission capabilities.
SROs and financial services firms seem to be ideal users of the Coco Framework, particularly when it comes to reporting systems.
When should an enterprise use Hyperledger Fabric?
Scenario 1: When the disclosure of otherwise proprietary information is intended to benefit the consumer or to differentiate an enterprise.
For industries that have asymmetric information between participants, Hyperledger can make data transparent across an entire supply chain. For example, the Everledger initiative, which aims to bring transparency to the diamond industry, benefits from a fully shared ledger on every node so that responsibly-produced diamonds can be differentiated from diamonds sourced from unacceptable suppliers. A shared global ledger is vital to this system’s utility, as it produces verifiable trust for other parties in the diamond supply chain.
Another recent example is IBM’s consortium with Dole, Golden State Foods, Kroger, McCormick & Company, Nestlé, Tyson Foods, Unilever and Walmart, who together are using Hyperledger to bring end-to-end supply chain transparency to enhance food safety. Ambrosus, a blockchain company I personally advise, utilizes a public global ledger to create transparency in the global food and pharmaceutical supply chains as well. They recently announced a partnership with Trek Therapeutics that will enable consumers to verify the contents of their medications.
Unlike the Coco examples earlier, these applications require a global ledger in order to be useful. In cases where companies choose to share information publicly, Microsoft’s Coco Framework is too limiting to provide a trustworthy environment for public data.
Scenario 2: When custom, open source or non-Microsoft solutions are needed.
Hyperledger is a versatile framework that supports developers in building customized blockchain solutions. The Coco Framework, on the other hand, is centered around a more rigid implementation of the blockchain into enterprise systems. The partnership between Kbank and IBM is one example of this, where IBM delivered a blockchain solution that can support Letter of Guarantee transactions in Kbank’s proprietary technology systems. This integration also simplified Kbank’s internal processes through a conversion to paperless document solutions.
In most modern enterprise software development, it is not practical to assume a homogeneous infrastructure. In any implementation involving multiple unrelated corporations, this will be the case. Unless all parties desire the strict architectural requirements of Coco, most enterprises seeking blockchain solutions will gravitate towards Hyperledger.
Conclusion on Coco: Yeah or Nah?
Hyperledger remains the only established blockchain solution for enterprises, period. It will be up to Microsoft to deliver on Coco’s purported benefits when it releases in 2018. Even then, many will have issues with Coco’s reliance on TEEs and trusted counterparties. It is also pretty clear that Microsoft is creating this framework to sell its own software and services.
In my view, a better solution to the Coco Framework would revolve around a validating distributed hash table where each individual node enforces validation rules against the signed chains where the data originated, similar to the mechanics of Holochain. In this design, each node only needs to hold a portion of transactions rather than a full copy of a global ledger. This achieves a major benefit of Coco without relying on TEEs and trusted counterparties. I generally believe that this concept of a decentralized system without a global ledger is the future of blockchain.
