Public vs Private Blockchains for the Enterprise
When it comes to Blockchain & Distributed Ledger platforms in 2019, there are so many options. For an enterprise or consortium of businesses, it can be quite daunting and confusing to delve into the world of blockchain and DLT, with so many platforms available to look into, all offering a range of different features. From things like security, privacy, consensus mechanisms, access control, and economical models, its no wonder why there is such a large barrier to adoption. These businesses are used to choosing between 2 or 3 different available products (all of which have similar feature sets), so its completely understandable that they are hesitant to invest time and money into these new, highly technical, yet to be proven and often difficult to understand platforms.
One of the earliest and most important questions that should be asked is “public or private” blockchain, because it essentially halves your choices depending on the answer. But what does this actually mean? Actually, instead of debating “public or private”, the question should really be “permissioned or permissionless”. But why should a business or consortium of businesses care? What implications does the choice have on the businesses going forward? And what is the best choice to make for an enterprise use case?
Definitions
Blockchain & Decentralization
A blockchain is a cryptography based, tamper proof distributed ledger that stores data in a consensus driven, peer to peer network.
Decentralization is the means in which the network is actually distributed, both from an architectural perspective as well as a political perspective. Architectural decentralization relates to how many physical computers is a platform made of, where are they located, and how many computers can the platform tolerate breaking down at a point in time. Political decentralization relates to how many individuals or organizations ultimately control the computers that the platform is made up of. [1]
Permissioned ledger
A permissioned or private ledger requires participants to be known to each other, and access to the network is restricted (i.e invite only). Transactions on a permissioned ledger are usually processed by selected nodes via fast and efficient consensus protocols such as Byzantine Fault Tolerance, which usually provides absolute transaction finality (ie one block confirmation, no chance of a fork in the ledger), and usually there are various security and access protocols and features in place that can restrict what transactions each participant can see or access. Permissioned ledgers have high levels of governance, due to the many different processes that must be defined, eg on-boarding and removing participants.
Permissionless ledger
A permissionless or public ledger does not require participants to be know to each other, and access to the network is unrestricted, ie anyone can join or leave at will. Transactions on a public ledger are usually verified by all nodes on the network using highly secure but inefficient consensus protocols such as Proof Of Work, which does not offer 100% transaction finality (ie multiple confirmations required, ledger can be split into multiple ‘forks’, with the fork containing the most effort ends up winning), and transactions are usually all public and visible to all participants in the network.
Why enterprises should care?
The biggest benefit of DLT for the enterprise is the fact that businesses can interact with eachother on a shared single point of view ledger in a trust minimized manner, removing the need for trusted third parties and unnecessary data duplication. But businesses also have specific needs in regards to security, privacy, data integrity, and they also need to ensure the way they do business is compliant with regulations and legal frameworks. Permissioned & Permissionless platforms often differ greatly in many aspects, so businesses that aspire to leverage DLT need to understand these nuances to avoid costly mistakes down the road. A blockchain is not like a normal IT system or combination of software and hardware. It can’t be easily converted or significantly modified once it’s running, and it’s because of this exact reason that Satoshi Nakamoto put in some basic scripting functionality into the Bitcoin protocol before it went live, to handle future (yet to be implemented) transaction types such as escrow transactions, bonded contracts, third party arbitration, multi-party signature etc.
Implications
The technological world is moving towards a public, open and decentralized or distributed world, with the modern internet being a great example of this. However business use cases are not always the same, so each blockchain nuance needs to be looked at in isolation before determining what is the best fit.
Identity
In a permissioned blockchain, all participants are known from the beginning, which includes identities transacting on the network as well as identities that take part in maintaining the network via running a node or participating in consensus. In addition to this, there is an process required to on-board a new participant to the network, with strict governance in place to say what they can and can’t do when they join.
In an enterprise use case such as blockchain for supply value chains, because each individual is known, what organisation they’re associated with and what their role is, it can be assumed that they’re going to act fairly, because if not, the malicious actor(s) can be easily identified, and appropriate action can be taken.
In the permissionless blockchain, identity between parties is not known by default. That’s not to say that you can’t build a identify solution on a permissionless platform if required.
Governance
Blockchain and DLT has the ability to change the way a business works as much as the internet did when it first came in the 90s. And when it comes to governance, it’s quite different when comparing permissionless and permissioned blockchains. In the permissioned world, governance is largely decided and agreed upon by the members of the blockchain network. Economic incentives, code quality, code changes, and processes among peers are based on the business dynamics and the common purpose for which the network has been designed and built. This allows companies to move quickly and in ways that best fit their business needs. Public or permissionless ledgers essentially do not support many of the processes and systems used to facilitate decision making that a permissioned ledger offers, so governance is not as strongly defined, and is mostly contained within the network protocol (ie code is law).
But which is the best use case from a governance perspective? Some might argue that the strong governance of a permissionless ledger is more beneficial, but we’re all slowly coming to realization that a permissionless network is better from a governance perspective. The concept of a select group of entities or businesses controlling the governance of a blockchain network make it inherently centralized, and this need for centralized parties to establish and maintain control over the decentralized systems is actually detrimental to enterprise blockchain adoption. They decide who has permission to join the network, control the IP, and could potentially create back doors to benefit themselves. It’s obvious to see why companies would want to avoid joining a private permissioned blockchain network setup by their competitors, as is the case with the IBM & Maersk joint venture, which is struggling to get other shipping carriers to join the network. A permissionless network gives businesses confidence that they can join and participate in a network in a truly decentralized and trust minimized way.
Economic models
Both permissioned and permissionless ledgers offer different economic models for the network. In permissionless or public ledgers, there are usually economic incentives to maintaining and securing the network via the consensus mechanism, with a form of digital asset being rewarded or used as ‘gas’ to power transactions. Permissioned or private ledgers usually do not have economic incentives for maintaining consensus, nor do they usually have transaction fees. So which is better?
One may argue that an economic model or digital asset adds an unnecessary complication, and that the network should focus purely on doing what it needs to do, without transaction fees or incentives for securing the network. This is the approach that permissioned ledgers take. Permissionless networks usually have an economic model, with at least one digital asset used to power transactions (transaction fees), as well as economic rewards for participants securing and maintaining the ledger. While this does add an extra aspect to the blockchain platform, it can be argued that having an economic model with all it’s associated incentives and fees helps maintain stability, security & integrity of the network. A digital asset used in transaction fees and incentives discourages participants from spamming the network or acting maliciously, and incentivizes consensus nodes to participate in honestly maintaining the ledger. In a permissioned ledger participants don’t have the costs associated with transaction fees, but they have large costs in other things that don’t apply to a permissionless platform such as setting up and maintaining the network.
Privacy
Data Privacy is extremely important for enterprises. Public or permissionless ledgers usually do not usually support hiding or masking transactions, so this would need to be built on top of it. Permissioned ledgers usually offer multiple forms of data privacy, in the form of private ledger channels, zero knowledge proofs and private data sets. For any platform to gain widespread enterprise adoption it will need to ensure the data privacy and confidentiality needs of enterprises are met. This is currently being addressed in many Permissionless platforms, such as Ernst & Young recently unveiling Nightfall, a protocol for the Ethereum permissionless platform that allows private transactions via the use of Zero Knowledge Proofs.
Performance & Transaction Finality
Permissioned blockchains use consensus mechanisms that are computationally inexpensive (when compared to most public ledger consensus mechanisms such as proof of work). Therefore, they enjoy substantially better scalability and performance than their permissionless counterparts. Blockchains such as Hyperledger Fabric offer additional innovations with respect to the roles of the nodes, including peers (that maintain state/ledger) and orderers (that consent on the order of transactions included in the ledger).
Transactions are processed by selected nodes in the blockchain.
From a performance perspective, this is where having only a few nodes process transactions vs thousands of nodes in a public permissionless ledger can really create a performance gain around latency and transaction speed.
In addition to this, many enterprise use cases want transaction finality, ie once a block is proposed there can be no chance of another block taking its place. This is something that permissioned platforms can usually offer, they can deploy Byzantine Fault Tolerant consensus mechanisms which provide this feature, and perform and scale much better than public ledger consensus mechanisms such as Proof Of Work. However take note that there are also some permissionless platforms that make use of these fast byzantine fault tolerant consensus mechanisms. They choose to prioritize speed and transaction finality over having a more secure and architecturally decentralized network, which makes them a strong candidate for enterprise adoption where enterprises are looking for a permissionless platform with high performance and transaction finality/zero chance of forks. One good example of this is the NEO platform.
Decentralization & Security
In a permissioned ledger employing a Byzantine Fault Tolerant (BFT) consensus mechanism, participants are trusting that at most, one third of the consensus participants are not acting maliciously at any given time, so at most there can be 33% of the network acting maliciously and the network will still be able to maintain its security without being compromised. With Proof Of Work on a public ledger, network participants are assuming that at least 51% of the network that is participating in consensus is not acting maliciously, so at most 49% of the network participants may be acting maliciously at a given time and the network would still be able to maintain its security without being compromised. Based on this, it becomes obvious that a permissionless ledger running a consensus algorithm such as Proof Of Work is generally more secure and tamper proof than a platform running a BFT type consensus mechanism.
Some may argue that permissioned platforms are still decentralized politically and architecturally, but this is not true decentralization when looked at from the outside in. Take a supply chain example, where a permissioned consortium is formed between a number of suppliers, ports and retailers. Then say one of the retailers biggest competitors wants to join the consortium. They may not like the fact that their biggest competitor needs to grant them access to the private permissioned network, and has a say in the governance of how they join and participate in the network. Also they may not like the fact that their biggest competitors may be validating their transactions.
A truly trust minimized and decentralized blockchain platform does not enforce rules and governance on who may or may not participate in transactions. It ensures no collusion between people or entities is possible, and that the network participants validating transactions and adding to the ledger have no affiliation or relationship (political, adversarial etc) with the transaction, or its participants. Only a permissionless platform can meet this set of criteria.
In addition to this, if you look at the majority of implementations and proof of concepts, you will see almost all of them are using some sort of cloud hosting for nodes. But what if the cloud provider has an outage? Or if a number of cloud accounts running nodes are compromised? Just because each participant in the consortium is running a node on Amazon Web Services under separate accounts, doesn’t mean it’s politically decentralized, and it’s definitely not architecturally decentralized.
Enterprises are now moving away from owning and running physical servers, which is fair enough. Using cloud infrastructure means they can meet their IT needs for a lower cost rather than buying, running and maintaining these expensive servers that depreciate in value and become obsolete over time. When it comes to blockchain, the best and ‘lowest cost approach’ goes one step further. Instead of paying for a cloud provider to run your node (and essentially the whole blockchain), the best approach is to let a highly distributed and decentralized international platform run your nodes and manage the blockchain for you. So instead of paying monthly hosting, storage & data fees, all you need to pay is transaction fees.
Security and trust are the biggest selling points for using a blockchain over existing centralized solutions. A decentralized public blockchain that is secured by thousands of nodes around the world provides maximum immutability and is more secure than a permissioned platform.
Conclusion
At the moment it’s clear that most enterprise use cases are focusing on permissioned blockchain platforms. The technology is still in it’s early stages, scaling has not been properly addressed yet, and transaction privacy is not fully matured in popular permissionless platforms. Permissioned solutions ensure data privacy, strong identify management and governance, higher performance and scalability, but it provides this at the cost of decentralization and security, which are blockchains biggest selling features and reasons for migrating away from the systems of today. By utilizing permissioned platforms, enterprises can form consortia and ‘dip their toe’ into this new technology and new radical way of doing business, however they won’t truly realize the potential of DLT & blockchain until they move onto a permissionless platform.
As time goes on, the technology will improve, and solutions will continue to come up for existing problems. Eventually permissionless platforms will have the performance, scalability and data privacy features that a permissioned platform offers, all without sacrificing things like security and decentralization.
Distributed Ledger Technology & blockchain promises to fundamentally change the way enterprises do business in a trust minimized manner, all the while reducing costs and increasing data security and integrity . However for this to be realized and adoption to truly occur, all the features and advantages that blockchain offers need to be properly implemented into the solution, otherwise you’re left with a ‘half baked’ platform that’s no better than what’s used today.
“By 2020, the concept of public versus private blockchain networks will be relegated to a historical footnote. We will not pit public networks against private networks. Instead there will be public transactions and private transactions, confidential contracts and open contracts, and they will coordinate their scope across bilateral, multilateral and public environments depending on the needs of users — just as messages today pass between private and public environments using common Internet protocols.” [2]
References
1 - https://medium.com/@VitalikButerin/the-meaning-of-decentralization-a0c92b76a274
