We recently looked at the considerations one has to take into account for choosing a technology stack for enterprise blockchain applications. We explained the reasoning behind the decisions taken by the Black Insurance team in the selection of tools for the hybrid private and public Black platform. In this article, we will look deeper at the technical requirements for enterprise applications and the platforms available.
Enterprise Blockchain Application Requirements
Public blockchains are great for many applications, in particular, B2C applications meant to be accessible to the general public. However, businesses were quick to realise that their applications have specific requirements that they cannot meet implementing them on a public chain. Of course, every enterprise has different requirements, but there are some issues that are common to most use cases:
· Privacy: The traditional blockchain paradigm is complete transparency. Business applications, however, need to meet certain privacy criteria. Not all transactions should be visible to everyone. The reason for this might be concerns of commercial confidentiality, but also regulatory and legal requirements. Regulations, such as Europe’s General Data Protection Regulation (GDPR), simply make it impossible for companies to make it necessary for companies to protect their client’s information. Thus, any enterprise blockchain platform should provide a rich set or privacy features.
- Security: Another requirement, closely related to privacy, is security. Businesses usually need to prevent data theft at all cost. They also need to make sure all the actors in their application are clearly identified. Again, this necessity might be imposed by the business use case or by regulations. Know Your Customer (KYC) and Anti-Money Laundering (AML) impose knowledge of real-world identities. Thus, enterprise blockchains need to implement authentication features and control who can participate in the network.
- Transaction throughput: Enterprise applications are usually transaction intensive and need to scale in terms of transaction throughput. At the other extreme, public blockchains need to scale in terms of the number of nodes that can participate in the consensus protocol. In most enterprise applications the number of validator nodes can be relatively small, for example, one representative per company participating in the consortium. Thus, transaction throughput can be prioritized.
- Transaction finality: An often-misunderstood concept is the way transactions are confirmed. In blockchains using Proof of Work consensus, we think of transactions as confirmed, once they are included into a new block. However, the chain may occasionally fork into conflicting versions. After a short time, this issue is resolved naturally, as the fork with the most support “wins”. This means that transactions can be discarded when a fork loses out. This is why we are generally advised to wait for six confirmations before trusting a Bitcoin transfer. Proof of Work consensus is probabilistic in the sense that the probability a transaction is undone reduces with every newly added block. In contrast, transaction finality means a transaction is considered confirmed at a concrete moment in time. This property, which is a common business requirement, can be achieved with alternative consensus protocols.
- Operational Cost: Businesses like their operational cost to be low, but more importantly predictable. Thus, enterprise blockchain applications should run on platforms with predictable and stable transaction fees, preferably no fees at all.
These requirements have led to the development of a number of blockchain platform specifically aimed at implementing permissioned blockchains for enterprise applications. Let’s look at some of the more popular platforms in more detail.
Enterprise Blockchain Platforms
Ethereum / Quorum
We will start our comparison with enterprise-ready adaptions of Ethereum. Whilst Ethereum is a public blockchain, it can also be used to implement permissioned blockchains. J.P. Morgan’s Quorum is probably the most usable enterprise version of Ethereum. Proof of Work consensus is replaced with two alternative choices, Raft and Istanbul BFT. Both protocols are very efficient in consortium blockchains with a small number of nodes and provide transaction finality.
In addition, Quorum provides authentication for nodes and private transactions between participants.
Probably, the biggest strong point of Quorum is the fact that it is compatible with Ethereum and its large support in terms of developer and user tools. The downside of this also provides Quorum with its biggest weakness: the Solidity programming language for smart contract development. Solidity is still highly experimental and suffers big changes with every release. It is also considered to be one of the reasons for poor smart contract security. For instance, in its current version, the language still allows uninitialized storage pointers to be written to, causing storage to be compromised. It is often argued that such low-level “features” have no place in smart contract programming.
Nevertheless, with powerful backers organized in the Enterprise Ethereum Alliance and the recently released EEA Specification 1.0, the enterprise-ready versions of Ethereum are clearly a space to watch the future.
Corda is a permissioned blockchain platform targeting financial applications. R3, the company behind Corda has recently launched its Corda Enterprise release, which adds an additional security layer, a so-called Blockchain Application Firewall.
Corda’s focus on financial applications is both its biggest strength and weakness. Contracts are modeled on traditional commercial contracts. In contrast to other systems, contracts are upgradable. Whilst the smart contract model is ideal for mapping real-world financial contracts, it can complicate the application’s coding model.
R3 has also been accused of a conservative banking attitude and holding back key code from its public open source version and is locked into a legal battle with Ripple.
In terms of privacy features, it is the most complete solution currently available, supporting private transactions, private channels, and zero-knowledge proofs. This gives developers a comprehensive toolset for easily implementing a variety of privacy policies.
These features, combined with Hyperledger Fabric’s modular design and large community, make it a solid choice for a large variety of enterprise blockchain applications.
A Crowded Space
In this article, we have only listed the three most popular platforms. The above figure shows a quick summary of the technical features. Of course, other issues, such as community support and future outlook, are as important, as mentioned above.
The fast-growing blockchain ecosystem includes many less commonly used options and not yet released platforms promising improvements. Future adaptations of third-generation public blockchains, such as EOS, might also provide interesting alternatives.
Black Insurance has chosen Hyperledger Fabric for its permissioned part of the platform, because of its modularity, tool support, and maturity. Nevertheless, the system also interfaces with the public Ethereum chain. This hybrid approach combines the advantages of both worlds and may become a role model for future interoperable multi-blockchain solutions.