Understanding Hyperledger Fabric — Byzantine Fault Tolerance
Kynan Rilee

Distributed Ledgers and the Hyperledger Fabric

I live on an Island where most of our imported lettuce is Romaine lettuce.

The recent E. Coli outbreak has left us with only ice burg lettuce.

Reading that Walmart was using the Hyperledger fabric for supply chain tracking caught my interest, not only as a computer scientist, but as a consumer of imported produce.

One of the first things that you encounter when you read about the Bitcoin blockchain is the issue of verification. For any distributed ledger, verification and resistance to fraud is at the very core for any useful distributed ledger.

The Bitcoin and Etherium and other distributed ledgers have all been successfully targeted by hackers who have stolen huge sums. Clearly protecting against bad actors and fraud is not easy.

This post notes that Hyperledger does not have a single consensus and trust algorithm engineered into it, as Bitcoin does. That’s a nice engineering feature, but it just pushes off the problem.

If there is a supply chain distributed ledger, how can fraud and attacks be made as difficult as possible.

I have not seen much information on how the IBM implementation of the Hyperledger fabric protects against fraud in the Walmart supply chain. Even if suppliers entering transactions into the distributed ledger are vouched for by people who know them, how can it be guaranteed that the distributed ledger is not modified to some nefarious purpose?

There is also the issue of the cost of verification. Verification cost is key to the Bitcoin and Etherium block chains. How is verification paid for in the Walmart network?

Perhaps Walmart pays for the cost of the network. But if this is the case, then the network is not really a distributed ledger, but a centralized ledger with public access. This raises the suspicion that the Walmart supply “block chain” is nothing more than hype by Walmart and IBM.

This issue of distributed trust and verification is so central to a distributed ledger that it should be an important part of the Hyperledger documentation. Yet all we see is “you can plug in your own trust and verification algorithms”. That’s a bit like writing “I will give you a car, but you have to provide the engine and transmission”. Yeah, the car body is an important starting point, but the engine and transmission are the hard part.

Any real supply chain distributed ledger solution should be able to support a supply chain where the are strong incentives for fraud and attack by bad actors. A good example of such a supply chain would be a supply chain for diamonds or other gem stones (emeralds or rubies).

Historically diamonds have been a popular method for moving value covertly across borders to launder money.

Diamonds have also been mined under morally unacceptable conditions by African warlords who have used slave labor or violence to obtain the diamonds. Diamonds from such a source have been referred to as “blood diamonds”, since they are metaphorically the product of human bloodshed.

A diamond supply chain should guarantee that the diamonds that move from an approved mine to cutter to wholesaler to end purchaser are from criminal activity. The diamond supply chain should be able to resist those who attempt to fraudulently sell their diamonds from unapproved source by committing fraud in the distributed ledger.

A similar case exists for emeralds and rubies. High quality synthetic stones can be created in “the lab”, but there is a premium for stones that are “natural” (e.g., mined).

A distributed supply chain should be able to assure the buyer that the stone they purchase was actually mined and not grown in a lab. As with diamonds, there is a financial incentive to commit fraud in the supply chain so that lab grown stones can be sold at the higher price of mined stones.

A supply chain for diamonds, emeralds, rubies or romaine lettuce must be able to do the following:

  1. Verify suppliers. There must be some way to determine that a diamond comes from a morally acceptable source or that the lettuce is being grown in a way that protects it from E. Coli infection.
  2. There must be a way to guarantee that fraud is not committed in the distributed ledger. For example, the supply chain distributed ledger should make it very difficult to insert or delete amounts in the ledger.
  3. There must be a method to pay for the computational cost of verification.
  4. The ledger must truly be distributed so that anyone can download a copy of the ledger, examine transactions and, if they are a verified provider, enter transactions. If the ledger is not truly distributed then it is yet another centralized database and it’s identification as “block chain” is just marketing hype. This also glosses over the question of what a “verified provider” means. A nefarious diamond supplier might be able to bribe or threaten people or organizations to vouch for them.
  5. The distributed ledger should be scalable so that it can handle the transaction flow that would be needed to support a significant supply chain. Supporting scalability and security against fraud is the core problem of distributed ledgers. Note that Bitcoin is not scalable and transaction flow is largely handled by centralized clearing houses like Coinbase.

As I understand the Byzantine consensus algorithm, this algorithm is not a solution to the issues of trust and verification, but a way to arrive at consensus once you have a valid trust algorithm (like proof of work or proof of stake).

Hyperledger technology is nothing more than a car body, without an engine and transmission without real solutions to the issues I’ve listed above.