Monday, 19 September 2016

The immutable blockchain. No, wait...

Now we all know what the bitcoin blockchain is, don’t we? It’s a particular kind of shared ledger that uses a particular kind of communications protocol to obtain a particular kind of consensus about a particular kind of content. Right? And it’s just one particular version of the general class of blockchains, which share the characteristics that data is stored in blocks and because of some cryptographic jiggery-pokery the blocks are chained together, so that you can’t go back and change the contents of a block without having to then change the contents of every subsequent block. And depending on the consensus protocol that is used, you can’t change the blocks without everyone else agreeing to let you do it.

Whereas auditing at present entails the confirmation of transactions and balances on a company’s accounting ledger at the end of the period, a transaction on the blockchain would provide a permanent and immutable record of the transaction almost immediately.

From Blockchain and the Auditing Revolution – Real Time Audit within the Capabilities of Blockchain | Fintech Schweiz Digital Finance News – FintechNewsCH

The reason that this kind of structure is called immutable is that people imagine it to be computationally infeasible to go back post-consensus and make a change. In theory you could. If you had enough computational power, more than half of the “hashing power” in the case of bitcoin, you could in theory go back to the very first block, change it to send the bitcoins in it to yourself, and then go forward rewriting all of the subsequent blocks. You could treat all of the bitcoin transactions up until now as the wrong side of a fork. As my good friend Gideon Greenspan pointed out to me, just because you could see that corrupt agents were rewriting history in this way it doesn't mean that you could stop them.

If you had a different kind of blockchain, however, you could design it work in a different way. This is what some researchers in the US and Italy did in a paper called “Redactable Blockchain, or Rewriting History in Bitcoin and Friends” (5th August 2016). Giuseppe Ateniese, Bernado Magri, Daniele Venturi and Ewerton Andrade say: 

We put forward a new framework that makes it possible to re-write and/or compress the content of any number of blocks in decentralized services exploiting the blockchain technology. As we argue, there are several reasons to prefer an editable blockchain, spanning from the necessity to remove improper content and the possibility to support applications requiring re-writable storage, to “the right to be forgotten”.

Our approach generically leverages so-called chameleon hash functions (Krawczyk and Rabin, NDSS ’00), which allow to efficiently determine hash collisions given a secret trap- door information. We detail how to integrate a chameleon hash function in virtually any blockchain-based technology, for both cases where the power of redacting the blockchain content is in the hands of a single trusted entity and where such a capability is distributed among several distrustful parties (as is the case in Bitcoin). 

Thus, you can use some clever maths to rewrite a block without having to go forward and rewrite all subsequent blocks. The well-known and well-respected outsourcing company Accenture has filed a patent on this idea with Professor Ateniese.

By allowing a central administrator to amend or delete information stored on a blockchain, the [outsorucing company, Accenture] says that its prototype will make the technology more attractive to the financial services industry.

From Accenture to unveil blockchain editing technique - FT.com

This announcement was met with widespread derision on social media, and I can understand why. The whole point of blockchain technology in financial services is to make an immutable record of transactions. If you can go back and edit it, then it’s not really a blockchain any more, just another kind of database. Now, I can see why some people might want an accounting system that works this way (see, for example, the case of Kingfisher Airlines in India) but I wouldn’t have thought that society wants accounting systems that work this way at all.

But what is the requirement? Why would you want a ledger that can be amended by some central authority? I can think of a few reasons, but none of them make any sense.

The financial services industry needs to face the question of how to balance the appeal of pristine accounting with the demands of the real world, where some things simply need to be struck from the records.

From Downside of Bitcoin: A Ledger That Can’t Be Corrected - The New York Times

Nothing ever needs to be “struck from the records”. If a bank makes a mistake — let’s say it accidentally open a couple of million bogus accounts — then it can’t just go back and scrub the backup tapes and pretend it never happened. The way to correct a wrong debit is with a correct credit. The Financial Times quotes blockchain entrepreneur and serious player Blythe Masters, the former JPMorgan banker running Digital Asset Holdings, as saying of Accenture's approach that “we think it is innovative and can strike the right balance between preserving blockchain’s key features and adapting it for real-world requirements within some permissioned systems.” But what requirements are these? My reading of the paper from an amateur and inexpert perspective, is that it does not deliver against real-wrold requirements for permissioned systems in financial markets.

The use cases that are set out in the paper are the need to remove child pornography from a public blockchain, the “right to be forgotten” and the need to consolidate records financial transactions.

As for the first use case, this is not something that our clients need consider since none of them are proposing to implement critical national financial infrastructure on a public blockchain with arbitrary content controlled by unaccountable consensus group. If, for example, a stock exchange were to implement a blockchain settlement system, it would not be of such a type as to allow members of the general public to store child pornography on it (or at least it wouldn’t be if it had people such as Consult Hyperion designing it).

What’s more, if a stock exchange were implemented in this way, it would be utterly chaotic since at the execution of any transaction, no-one could be certain about the state of the ledger since it would be possible for some future intervention to change it. My granny dies and leaves me IBM shares. I sell you my IBM shares. I use the money to buy a car. Then a decade later a court order overturns my granny’s will as it turns out she had a son that we’d never heard of. So we go back and change the blockchain so that the IBM shares belong to him instead of me. So now I didn’t have the money to buy the car. So I have to give the car back. But the car was scrapped… and so on. Interstellar overdrive… then I go back five years later because it turns out he wasn’t her son at all and now I want the blockchain changed to give me my IBM shares…

Richard Lumb, global head of financial services at Accenture, told the Financial Times that financial institutions and regulators would need a means to quickly correct errors on the blockchain before using it in securities markets. He gave the example of a “fat finger” trading error, or a trade assigned to the wrong counterparty.

From Accenture to unveil blockchain editing technique - FT.com

That’s not how you correct errors, by just rubbing out mistakes. These are regulated financial institutions, not the mafia. No-one is going to build a financial services market on top of a mutable blockchain. In one of the comments I saw about this proposal, someone said that it would be OK because the market participants would keep and audit log of the changes and who agreed them. I thought that perhaps such an important log might need to be stored on an immutable ledger. Uh oh, blockchain Inception

As for the next use case, I am not a lawyer, but I think that the paper misinterprets the so-called “right to be forgotten”. However misguided the European Court’s decision on this might be, it does not demand the rewriting of history. If you publish an article about me that I don’t like, and I manage to persuade Google that it should be harder to find, then the article is not deleted. The link to the article is removed from Google search results but the article is still there. Newspapers are not required to go back and tear out articles from their archives, they are exempt (but in Europe, Google opted not to be regulated as media company so is not exempt). And I’m sure none of us what would to live in a world where politicians could obtain court order to go back a change the historical record!

The third use case, the consolidation of financial records is not clear to me at all. Since the invention of double-entry bookkeeping, the whole point of keeping a ledger has been that you have a record of all of the credits and debits that contribute to the current world view.

No comments:

Post a Comment