This post intend is to help you to decide if blockchain is the right technology for your problem. It is not going to explain the technical details of the blockchain technology, instead it will shed a (different) light on some blockchain claims and questions you should ask yourself when going to build an blockchain application.
Let’s first debunk some myths.
Myth: blockchain displaces trust
Full article of Bruce Schneier on Wired.com
Trust is essential to society. As a species, humans are wired to trust one another. Society can’t function without trust, and the fact that we mostly don’t even think about it is a measure of how well trust works.
In 2012, Bruce Schneier wrote a book about trust and security, Liars and Outliers. In it, he listed four very general systems humans use to incentivize trustworthy behavior. The first two are morals and reputation. The problem is that they scale only to a certain population size. The third is institutions, having rules and laws that induce people to behave according to the group norm. Fourth is security systems, security technologies we employ such as door locks, alarm systems, guards, forensics and audit systems, encryption, and so on.
Much has been written about blockchains and how they displace, reshape or eliminate trust. However, if you analyze both blockchain and trust, you quickly realize that there is much more hype than value. Blockchain solutions are often much worse than what they replace.
Myth: Data on a blockchain is always correct
The reasoning is that data on a blockchain is correct because it cannot be changed. It is almost unimaginable that normally gifted people make this kind of mistake, but it happens. Of course, incorrect data can be placed on a blockchain. The only thing that is guaranteed (but not absolute) is that the data once captured cannot be overwritten. Everything that is placed on a blockchain remains there forever. Whether what is there is correct must be guaranteed by procedures outside the blockchain.
Myth: Blockchain applications are transparent
Private blockchains such as Hyperledger, also known as ‘permission’ blockchain applications, are not transparent. If the application is private, there are insiders and outsiders by definition.
Private means that neither the code nor the data on the blockchain can be viewed by outsiders and that those outsiders cannot participate, as is the case with a public blockchain such as Bitcoin and Ethereum.
If you are an outsider, then the evaluation is finished. The question whether there is a blockchain application and how secure it is can only be answered by insiders in the case of a private blockchain.
Myth: Blockchain are good to store personal data
If a blockchain is not private and therefore the data on the blockchain can be viewed by anyone, as with Bitcoin and Ethereum, then this is the first question that should be asked. If the answer is yes, then it is triple game over. Personal data should not be publicly accessible. It must be possible to correct incorrect personal data. Personal data that have been recorded without reason must be erased. All this is not possible on a public blockchain, and whoever implements such an application can count on claims.
Myth: Blockchain are good to store sensitive data
We already saw that personal data on a blockchain are legally a no-go. But the privacy issue is broader. Even in a trivial application within one company, not every employee has access to all data. And blockchain almost always involves independent parties that have a certain relationship with each other.
Myth: Blockchain should store “pointers” to classic data sources
An extremely tempting “solution” to the problem of sensitive data is of course not to put that data on the blockchain at all. Instead, a link can then be included to a protected data source. This is not only a drag of a solution, but also almost the ultimate recognition that blockchain in business applications is outrageous nonsense. After all, without complex extra measures, the referenced data can simply be mutated, so why should anyone trust the links on that blockchain? No, it is very difficult to think of a business case in which you, as a collaborating party, would still want to set up a blockchain application when you could also use a distributed append-only structure like a log file.
Myth: Blockchain can handle many transactions
The decentralized and consensus nature of the blockchain algorithm makes transaction capture extremely slow. The mother of all blockchains, Bitcoin, reportedly cannot process more than seven transactions per second, and scaling up is out of the question. Depending on how much you want to pay in transaction fees, processing a Bitcoin transaction can take a lot of time. If throughput or information in (near) real-time is important, then blockchain is not a solution. Of course, you can solve this problem by choosing a private blockchain with very few nodes, ideally only one! But as we already saw, for outsiders, a private blockchain is almost synonymous with fraud. A public blockchain that can handle serious numbers of transactions does not exist.
Myth: Blockchain is secure
A real blockchain is completely open (public) and resistant to cheaters (many nodes). The guarantee for integer and honest data comes from the illustrious Proof of Work (PoW) mechanism. PoW cost energy, and when many decentralized parties (nodes) are involved, it takes an insane amount of energy (cost). With Bitcoin, efforts are therefore being made to replace the PoW blockchain with another algorithm called Proof of Stake (PoS), or by virtually booking transactions as “processed” and only putting them on the blockchain later. Apart from the question whether there is still a real blockchain, there are serious security problems with both approaches.
Myth: Blockchain is truly decentralized
Proponents of blockchain technologies often tout the decentralized nature of the blockchains, but I have to raise a warning, there are also technologies built atop of blockchains to make them useful. The data on the blockchain itself is quite decentralized, at least on the popular blockchains, but that’s about where the decentralization ends. If someone wants to build a dApp on a given blockchain, they usually use one of a handful of APIs built by companies like Alchemy to read and write to their blockchain of choice. If someone wants to pull information about a user’s crypto holdings for a finance platform, they use one of a handful of other APIs, and one only needs to look at the ripple effect of a recent CoinMarketCap glitch to see how widely these data sources are used. An enormous amount of trust is being placed in the relatively few platforms through which blockchain data is being funneled, nullifying many of the supposed benefits of the decentralization of blockchains in the first place, be aware of this.
Another example, for users, there are a few dominant, centralized products. If they want to exchange currencies, they probably use Binance or Coinbase that have their platform code running on their servers. If they want to buy or sell NFTs, they probably use OpenSea. December 2021, the self-described “world’s leading decentralized exchange”, dYdX, went down during a widespread Amazon Web Services (AWS) outage.
Senior Executive at Papyrus Software