ProvenDB and Amazon QLDB compared
Today Amazon announced the general availability of its Quantum Ledger DataBase (QLDB). QLDB is a database service that shares many of the ambitions and objectives of ProvenDB. In general, we endorse the ambitions of QLDB and think it helps validate the Blockchain database market. However, the implementation of QLDB differs significantly from the implementation of ProvenDB. Consequently, each system entails different trade-offs and strengths.
In this blog post, I’ll compare the two systems and explain how they differ and when it matters.
Shared Objectives
It’s fair to say that both QLDB and ProvenDB are intended to satisfy a broadly similar objective: to provide cryptographic certainty of integrity and history while maintaining the functionality and performance characteristics of existing databases. In Amazon’s words (from their press release):
QLDB provides a high-performance, immutable, and cryptographically verifiable ledger for applications … QLDB offers familiar database capabilities that make it easy to use.
From the ProvenDB press release:
ProvenDB makes it easy for developers to build cutting-edge apps which leverage the immutable public Blockchain. The MongoDB-compatible database service adds the ability to maintain multiple versions of data and anchor these to the Blockchain. The resulting database versions are tamper-proof, immutable, and cryptographically provable.
So, it’s easy to see that the two systems are somewhat in the same technology category. In particular, both solutions support the following features:
- You can view previous versions of documents and data elements.
- You can validate that an element has not been tampered with using cryptographic techniques.
However, under the hoods, these two systems have very different architectures and philosophies. In particular, they have a very different approach to the use of external Blockchains, compatibility with existing systems, and the way in which they manage performance tradeoffs.
Public Blockchain
ProvenDB posts proofs of database state to a public Blockchain — Bitcoin or Ethereum. Entries on these Blockchains are the most cryptographically secure data elements on the planet. Between the two Blockchains, there are over $200 billion of cryptocurrency assets protected. The architecture of these Blockchains — the Proof of Work algorithm in particular — allow us for the first time to have absolute certainty that a data element has not been overwritten.
In contrast, QLDB stores its cryptographic proofs in their own proprietary Datastore within the Amazon AWS cloud. The professionalism and competence of the Amazon AWS team are without question. Nevertheless, it is not at all true to claim that these entries are completely immune from tampering. Cryptographic proofs from QLDB could theoretically be falsified by a privileged Amazon employee or by a hacker. Amazon concedes that QLDB digests need to be stored on something like a public blockchain at the time of their creation in order to constitute irrefutable proof.
QLDB clearly offers a higher level of cryptographic proof than a non-cryptographic database such as MySQL. However, it does not offer the ultimate level of cryptographic proof provided by a public Blockchain and therefore by ProvenDB.
Compatibility
We chose to make ProvenDB compatible with MongoDB. Our thinking was that the MongoDB document model was the most appropriate model for developing cryptographic proofs because it’s possible to anchor a document in its entirety to a Blockchain proof, while in a relational database one would need to assemble data from multiple tables and somehow anchor those in one operation. We also observed that MongoDB was the fastest-growing database solution, especially for “Next Generation” solutions. We think that by making ProvenDB compatible with MongoDB we make it very easy for existing developers to get started with the solution, and for existing applications to migrate to the solution.
Amazon QLDB is a ledger database built from the ground up and with its own drivers and APIs. Consequently, there is a learning curve and less compatibility with existing frameworks and solutions. Indeed, at the moment there is only a Java driver available for QLDB, while ProvenDB supports the full range of MongoDB drivers for Java, JavaScript, Go, Python, C, etc. On the positive side, QLDB supports a variant of SQL (PartiQL) which for some users is very desirable.
Performance trade-offs
Both QLDB and ProvenDB attempt to overcome performance bottlenecks inherent in native Blockchains.
QLDB does so by avoiding interacting with a public Blockchain and instead leveraging an internal Blockchain-like structure managed within AWS. This provides substantial performance advantages over an existing Blockchain. As we discussed above, the primary compromise here is that the proofs are based on trust of Amazon, not trust of Blockchain technology.
ProvenDB solves the performance dilemma by anchoring many thousands of database transactions to the Blockchain in a single operation. A Merkle Tree of the current state of the database is created, and the root hash of that state pinned to the Blockchain. ProvenDB keeps all the versions of the database state inside the database but does not automatically attach these to the Blockchain. Instead, the anchoring happens on demand. As a result, the database can run at speeds more comparable to that of native MongoDB than to a Blockchain. The compromise is that transactions are not automatically secured on the Blockchain — this only happens at user-defined intervals or on-demand.
Conclusion
I’ve long been a believer in the idea that Blockchain technology is a revolution in data integrity and data management that will have wide ranging impacts across the DBMS landscape. So I’m glad to see Amazon’s release of QLDB. I think it helps validate the Blockchain database market and is a valid and significant contribution to the AWS portfolio.
I’m obviously not an unbiased observer as the creator of ProvenDB. However, I would say that in choosing between QLDB and ProvenDB, the following are key considerations:
- If you are heavily invested in the Amazon AWS ecosystem and believe that Amazon security measures are sufficient to provide definitive proof of integrity, then QLDB may be for you.
- However, if you want the cryptographic certainty that can only be provided by a public Blockchain, then ProvenDB is a better solution.
- If you want compatibility with MongoDB or existing development frameworks that support MongoDB, then ProvenDB is a good choice.
- If you must have a SQL interface then you may be more attracted to QLDB.
ProvenDB integrates MongoDB with the Bitcoin Blockchain. Immutable versions of database state are anchored to the Blockchain, delivering an unparalleled level of data integrity. ProvenDB allows MongoDB developers to build high-performance applications that include cryptographic proof of data integrity and provenance without having to understand blockchain programming complexities.
