Azure Blockchain Workbench, no! PoA, Yes!

Today I tried to use Azure’s Blockchain Workbench. The experience was very average. Actually, quite bad. You can see this in this screencast:

Azure asked me to open and account and then names, addresses, and credit card numbers. They also gave me a $200 credit on the free account. Seems like a bargain right? No — I don’t like it at all. $200 might be as much as I’ve spent with AWS in years, and they give me those as starting credit? What will I have to pay to those folks? Scary!

After opening the free account, I had to repeat the process and fill forms for the Blockchain Workbench wizard. There were 6 forms. The first one was quite complex about Azure, where they asked me to type a password 4 times, as, two distinct sets of passwords, with different password policies! Wasted some time there. Then I pressed ok. The thing crashed in a non-obvious way. It didn’t even show an error message or something. Does this seem like an error message to you?

Those folks have a sense of humor. I thought it was processing something so I waited for a bit. Then I gave up and restarted the process. I filled that first form one more time. Then the second form came up. It asked for some “AD” — related stuff. I didn’t care a lot, so I put a random domain there. You know… foo-bar, till we get something interesting and blockchain related. It so happened that those “AD” stuff were about “Azure Active Directory” which somehow makes sense for Azure people, to be part of a blockchain product, and was quite significant. I’m sorry I didn’t pay enough attention.

After those two forms, we, at last, get to fill-in a blockchain-related form, which curiously, looked very generic to me, i.e., no choice of Ethereum or Hyperledger, PoW or PoA etc. I guess it’s all Ethereum for now and it’s ok.

Next form, again, Azure’s problems… asking if we want to monitor our nodes. Then a few forms about the summary, validation, and payment. The validation step took 30 seconds for no apparent reason. At the end the deployment process started.

After about five minutes I thought it completed. However, their UX is bad. I was often left wondering what should I do next, and this was one more of those times. It turns out that the first 6 minutes was an initial setup and then there was another step. This second step took another 20 or so minutes, to set up whatever it was setting up.

What was it setting up? Pretty much everything they have. SQL servers, virtual machines, load balancers, IAM authenticators, monitoring and, the weirdest thing — a thing called — service bus. It’s some queueing system with a bold name.

Long story short, what they require for you to use their Blockchain Workbench, is you, to create an enterprise architecture in Azure. This architecture as a side feature can connect to a blockchain. You can see what they have in mind in their Supply Chain Track and Trace. I’m sure that no matter what Blockchain problem you get to them, they will propose this architecture with slight changes.

This is not what I expected. I was expecting the blockchain to be at the center!

Blockchain is the single source of truth, as they also mention on their videos [1, 2]. All those SQL databases they have, should be, redundant. At very least, they should be secondary and listen, track and follow their “DLT Watcher” or “Event Grid”. Not, track the “Service Bus.” That’s how you know that your blockchain is the single source of truth. In their case, it’s a side-thought. Their infrastructure reports to the blockchain, whatever it wants to report.

If something doesn’t make it to the blockchain, it never happened

This is an essential premise of blockchain systems. On their architecture, tons of stuff happens before the blockchain. Their SQL databases will quickly be out-of-sync.

Another thing that annoyed me a lot is Microsoft making every related party log-in using Microsoft mechanisms. In this way, they push quite a few of their technologies. Identity management and authentication is one of the things that blockchain does well right now. On the videos they make fun of “having to remember my address” and I feel for them. But, if you want to provide identity in the blockchain, then partner up with a few leaders on the space and don’t try to push your (irrelevant) solution. Do I want my IoT devices to use Azure’s IoT Hub and everybody else authenticate via the Microsoft Active Directory? I don’t want that! My device should authenticate by giving proofs of their private key. Every Blockchain IoT solution should use open solutions for identity.

I think I can see where they’re coming from. The only real target group of Blockchain Workbench is traditional enterprises that already use Microsoft Azure for more or less everything. One day, one of those enterprises, either because it’s trendy, or because someone told them to, have to integrate with a blockchain. In this particular case, this architecture makes sense.

However, if I don’t use their stuff, and the first thing they propose me is something like that, I wouldn’t use their services, and I would become very suspicious of them.

Hosting a blockchain solution in a centralized environment is enough of a stretch for most blockchain developers. Trying to sell me all those irrelevant components, and especially SQL databases and Microsoft Authentication Solutions is a bit outrageous.

Finally, after spending half an hour to setup this Workbench, I try to find out (once again) what’s next. I clicked on every tab and link, and on the “App Services” tab, found something I could do that. A Swagger-based API (nice!) and the main Workbench app. I clicked on it and…

A wonderful landscape with some cryptic error messages. After some Googling, of course, the Active Directory bite me for ignoring their Majesty. To use the Workbench I would have to setup and AD somehow and then find the right place to hack it back to the system. Highly likely the easiest technically way to do that, for my level of expertise of their systems, is to re-deploy it. Another 30 minutes? Nah!

After watching their videos a bit, I noticed also that they’re very UI based.

You can also see this in the tutorial pages. Click here, click there. I think the industry moved away from such things. They’re supposed to make things easy for “business people” or some other kind of unknown species, but, please… You know that your system will be used by coders at the end. Please, don’t make us use our mouse.

Bottom line, I got rid of this Blockchain Workbench solution and deployed their Ethereum Proof of Authority system. You can see the tutorial here:

This was just the right thing for me. Easy to install, asked most of the right questions and didn’t ask more than it needed to ask. With the exception, of course, of asking my email (?!). That was to send me a “successful installation” email. According to their tutorials, it should include the endpoint URL, but it didn’t. In contrast, it gave me a link to the documentation that was out of date. In the end, I found the endpoint URL. Fair enough, I ended up with a nice two-node Ethereum set up, without me having to open any terminal! Their documentation and tutorial was a bit long but made sense. I used MetaMask to use the Proof of Authority ÐApp and it all looked good. I also managed to get a sense of the performance of PoA. Its latency is half a second, which is good. I also found this table in its performance benchmarking page:

Those are good numbers! It is a good starting point for implementing Ethereum Blockchain applications, to prove their functionality before they can run efficiently on the mainnet, when, if ever, its latency becomes lower. Great job!