Blockchain Basics

Understanding Distributed Ledgers and Security

Things and concepts and stuff

The blockchain is an invention of the person, or group of people, who published the original specifications under the pseudonym of Satoshi Nakamoto. It was originally intended to support the digital currency known as bitcoin, but has since evolved into something with possible uses and implications on par with, or more substantial than, digital currencies. There is no one particular blockchain, comparable to one particular thing known as “the internet”, but multiple possible implementations of blockchain technology on any number of independent public and private networks. Although “the internet” is not actually a particular thing, but an abstract concept composed of numerous interrelated things, a blockchain is a specific coherent and identifiable thing, upon which any number of things may depend and interoperate with.

Is that clear?

A simple blockchain use case

But in all seriousness, the philosophical abstractions, the math, the encryption, and all of the related hot buzzwords surrounding blockchain are all terribly interesting, but what does it really look like for a UX designer or technologist within the context of an application?

The best way to explain in real world terms would be a use case such as:

1. A user requests a transaction. This would usually happen via some sort of API call. For example, a user may submit checking account information as part of their new employee onboarding experience.
2. The API would broadcast data to a P2P network consisting of one more computers, which are known as nodes on the network.
3. The network of nodes validates the transactions and user’s status.
4. A verified transaction could involve cryptocurrency, contracts, or in the case of an onboarding experience, a user’s bank account information.
5. Once verified, the transaction is combined with other transaction to create a new block of data for the shared, decentralized ledger we call a blockchain.
6. When this new block of data is added to the blockchain, it is permanent and unalterable.
7. The transaction is complete.

There are two key concepts which underlies the blockchain concept, and explains how and why this all works: the distributed ledger and security.

The Distributed Ledger

In order to understand the distributed ledger, let us talk about the fictional island of Amathon. On this island, a paleolithic people live who use large, immovable round stones as currency. They are chiseled out of the side of a mountain and are placed at various places on the island. Each stone belongs to at least one member of the island of Amathon. Some own one or two, some people own many. When people make transactions, such as to buy or sell plots of land on the island, the stones change ownership. But the people of Amathon don’t actually physically move them from place to place. They have a ledger to track ownership. It is not written down, because they don’t have a written language, but is communicated verbally amongst members of the island.

There are two ways they could do this — firstly, they could put someone in charge of keeping track of ownership. An elder could keep a mental record of all the transactions for the islanders. There are some dangers associated with this though. What if this monopoly on this ledger lead the person to make up special rules to control how transactions happen, which just so happened to benefit their friends? Or, what if they started to charge a fee to keep track of transactions? This centralized record keeper could also lead the whole system to be very vulnerable — what would happen if that person unexpectedly died?

The islanders could potentially have multiple parties disputing ownership and the history of transactions if this person was a poor administrator — or worse — dishonest. The problems are numerous, and wouldn’t necessarily be reduced if you added a second or third person to this task of recording stone ownership. Costs would increase for the small group of elders who had to make sure their individual records were always in sync. There would be disputes that would have to be adjudicated if the records were not identical. By having two or three elders keep track of the stones, small problems could be larger. And in time, this monopoly power could give that group of elders the ability to run the entire island!

But that isn’t how things are done on the island of Amathon. Actually, what happens is that every single person on the island keeps an identical copy of the ledger in their head. When one member of the Amathon tribe transfers ownership of a stone to another member, the stone isn’t actually moved, but the information is announced and verbally communicated to all other traders on the island. If someone were to try to fraudulently alter records pertaining to stone ownership, any other member of the tribe could step forward and provide their own accounting, and every other member of the tribe could also step forward and validate that person’s claim because they too would have a record. If one member of the tribe moves away, or dies, the ledger would still remain in tact since every other member also has a copy. And, even in a situation where a stone were to, let’s say, fall into the lagoon and essentially be lost, the ledgers could account for it, and consider ownership, despite it physically being gone.

And that is how a distributed ledger works, but instead of Amathons keeping the ledger, nodes on a P2P network do. And, instead of a record of transactions pertaining to stone being held in someone’s head, they are stored in an unalterable form, in blocks, on something called a blockchain.

Security

Modern commercial jet plans often require very little human intervention. There is software that does things like control the positioning of wings. If there is software that controls the positioning of wings, then there can be hackers who alter the software that controls the positioning of wings. Securing this software could be a very important and difficult task.

As you might imagine, this software could contain a large number of characters and symbols that could run the length of multiple phone books. What if you wanted to ensure that, upon each take-off, the software was not altered? You could count the number of characters, but what if some clever hacker was able to alter the code in such a way as to produce new software with an identical number of characters? Another option would be to compare the software to some centralized copy and ensure the characters are identical. But what would happen if someone were able to maliciously access that centralized copy and alter that first? And, if these two copies were to be compared, there obviously would be communication going on, thus giving a hacker the ability to alter both while they were in transit?

The solution to this problem would be to employ a mathematical function where, executed against the airplane’s source code, a completely unique 20-digit code would be produced. And this code would be completely different if even so much as a single character were changed. This sort of mathematical function, called a cryptographic hash function, could be used to do things like ensure you and your landlord are signing the exact same lease. Imagine if you could perform this function on each contract and if there was a single comma out of the place, you would end up with two completely different set of characters as a result. Or, the same for the software that controls commercial planes.

We could even take this whole thing further. You can use functions like this to obscure your identity. You could combine personal, unique information about yourself, then perform the function on that data, and produce a unique 20-digit code, which you could call a public key. If you later wanted to prove that you indeed sign a contract, you could prove this by providing the unique information, which would be fed to the cryptographic function, and recreate that 20-digit code.

The Distributed Ledger + Cryptographic Hash Functions

When we have an application that requires the sharing of digital assets, we use both a shared ledger and cryptography to reduce the risks and costs of a centralized database, and we do that using well-known, solidly tested algorithms. Using a private key, we can potentially anonymize our transactions on the network and we would appear as a random 20-digit code, not really associated with any particular person. Blockchain uses public-key cryptography to secure data in a manner just as described. Each public key is an address on the blockchain. Each block is signed, and contains a pointer to a record transacted both before and after itself. Records posted to the network belong to that address, and a user can prove the ownership of that address by providing the personal details used to produce that 20-digit code.

Not only can you prove the individual blocks on the blockchain, using your own personal key, the full copy that is distributed across each node on the blockchain can also be verified by using the cryptographic function on the entire ledger to produce a 20-digit code, which must be accepted by every other node on the network to be valid. So in order for your individual block of data to be maliciously altered, it would not only have to be altered on one node, it would have to be altered on literally every single node in the network. To date, this has proved to be a very effective means of securing a blockchain, such as if you are in the business of storing employee’s personal data, and you wish for it to neither be altered, nor accessible by people who are not supposed to have access.

Conclusion

Of course, with any sort of technology that has to scale and become more complex to suit business needs, there will be many caveats, corollaries, what-have-yous, outliers, edge cases, and scenarios that make the whole thing seem more complicated than what it really is. But whether you are managing the end-to-end workflow that is at the foundation of the diamond trade, or building out a global supply chain for aircraft manufacture, or managing real estate transactions in a country with little to no previous history of consistent and stable record keeping, at the heart of blockchain is the distributed ledger and how it is secured. In coming articles on the topic, I will explore some use cases and hopefully shed some light on how UX designers and technologists can expect to be impacted by this rapidly emerging technology.