Sometimes I should have more courage in my convictions.
A bit over a year ago, I had some energetic discussions with a lawyer who is a top pro in her area of expertise but sometimes overestimates her knowledge of related areas. She’d just been at a conference where she had run into someone at one of the TBTFs who was in charge of blockchain, specifically, of bringing it to that bank’s phone banking app.
I proceeded to describe why that didn’t make any sense, and without going into details, Clive confirmed my reflexes and added some reasons of his own. My friend was very insistent, despite my explaining the frequency of banks setting up serious-looking little or even not so little initiatives that are sure to go nowhere in response to some fad or consultant hype. This phenomenon was so well known that at one bank, they called it “The Hall of Hollow Mandates.”
Expectations for the use of blockchain in banking are finally starting to deflate to more realistic levels. From a new story in Reuters, Wall Street rethinks blockchain projects as euphoria meets reality:
Reuters has found several blockchain projects launched by major financial institutions that have been shelved, as development of the technology enters a hype-meets-reality phase.
The casualties include projects by the Depository Trust & Clearing Corporation, BNP Paribas SA (BNPP.PA) and SIX Group, Reuters has found.
These were among the wave of blockchain tests touted by the financial industry over the past few years, as firms bet the new technology would displace much of the sector’s infrastructure, cutting out middlemen, speeding transactions and reducing costs for things like securities and payments processing…
DTCC, known as Wall Street’s bookkeeper, recently put the brakes on a blockchain system for the clearing and settlement of repurchase, or repo, agreement transactions, said Murray Pozmanter, head of clearing agency services at the DTCC.
The project, which had successfully tested with startup Digital Asset Holdings (DA), was shelved because banks and other potential users believed the same results could be achieved more cheaply using current technology, he said.
“Basically, it became a solution in search of a problem,” he said.
The article fails to give an adequate explanation as to why blockchain is coming up short, resorting to the handwave, “It’s still new”. No, it isn’t. It’s been around for over a decade.
We have to turn to a 2016 article from Constellation Research to understand why the promise of blockchain is limited at best:
The blockchain only does one thing (and it doesn’t even do that very well). It provides a way to verify the order in which entries are made to a ledger, without any centralized authority. In so doing, blockchain solves what security experts thought was an unsolvable problem – preventing the double spend of electronic cash without a central monetary authority. It’s an extraordinary solution, and it comes at an extraordinary price. A large proportion of the entire world’s computing resource has been put to work contributing to the consensus algorithm that continuously watches the state of the ledger. And it has to be so, in order to ward off brute force criminal attack.
How did an extravagant and very technical solution to a very specific problem capture the imagination of so many?…
From a design perspective, the most troubling aspect of most non-payments proposals for the blockchain is the failure to explain why it’s better than a regular database. Blockchain does offer enormous redundancy and tamper resistance, thanks to a copy of the ledger staying up-to-date on thousands of computers all around the world, but why is that so much better than a digitally signed database with a good backup?
Remember what blockchain was specifically designed to do: resolve the order of entries in the ledger, in a peer-to-peer mode, without an administrator. When it comes to all-round security, blockchain falls short. It’s neither necessary nor sufficient for any enterprise security application I’ve yet seen. For instance, there is no native encryption for confidentiality; neither is there any access control for reading transactions, or writing new ones. The security qualities of confidentiality, authentication and, above all, authorization, all need to be layered on top of the basic architecture. ‘So what’ you might think; aren’t all security systems layered? Well yes, but the important missing layers undo some of the core assumptions blockchain is founded on, and that’s bad for the security architecture. In particular, as mentioned, blockchain needs massive scale, but access control, “permissioned” chains, and the hybrid private chains and side chains (put forward to meld the freedom of blockchain to the structures of business) all compromise the system’s integrity and fraud resistance.
And then there’s the slippery notion of trust. By “trust”, cryptographers mean “out of band” or manual mechanisms, over and above the pure math and software, that deliver a security promise. Blockchain needs none of that – so long as you confine yourself to Bitcoin. Many carefree commentators like to say blockchain and Bitcoin are different things, yet the connection runs deeper than they know. Bitcoins are the only things that are actually “on” the blockchain. When people refer to putting land titles or diamonds “on the blockchain”, they’re using a short hand that belies blockchain’s limitations. To represent any physical thing in the ledger requires firstly a schema – a formal agreement about which symbols in the data structure correspond to what property in the real world – and secondly a process to bind the owner of that property to the special private key (known in the trade as a Bitcoin wallet) used to sign each ledger entry. Who does that binding? How exactly do diamond traders, land dealers, doctors and lawyers get their blockchain keys in the first place? How does the world know who’s who? These questions bring us back to the sorts of hierarchical authorities that blockchain was supposed to get rid of.
And before you start hyping the virtues of “smart contracts,” first, it was already effectively addressed above. Go read the extract again if you managed not to grasp that point. Moreover, Clive shellacked that nearly two years ago, in Ethereum and Smart Contract Unicorn Woo-Woo – There Should Be a Law Against It. Warning: I will come down hard on anyone who brings up that topic in comments and makes clear that they have not read Clive’s post in full.
And as we’ve also been discussing at some length, Bitcoin and its kin aren’t very useful for their supposed original purpose of payments. They are trading sardines whose value needed to be translated back into real world currencies, with the result being huge volatility, a very unattractive attribute in something you billed as a store of value. Transaction costs are high. You need to keep track of your profits and report them to the IRS and pay taxes on them. Transactions are irrevocable, which is generally a bad feature in the world of commerce. And cryptocurrencies are less secret than cash, since the blockchain records the wallet, and more and more authorities are pushing to get access to who the wallet owner is (see the recent Coinbase case).
So this sort of comment from insiders, which Lambert featured in Water Cooler, should come as no surprise:
1/ Suffering from disorientation and cognitive dissonance around blockchain and Bitcoin. It’s time to stop the craziness.
— Tim Bray (@timbray) February 12, 2018
8/ So, if it’s actually generally useful, someone somewhere should be getting dramatically good return on these investments, seeing hockey-stick revenue ramps. Where? *crickets*.
— Tim Bray (@timbray) February 12, 2018
10/ I believe there may well be some good blockchain apps out there. But if it were an ubiquitous wave-of-the-future thing, that wave would have started to come ashore.
— Tim Bray (@timbray) February 12, 2018
Without belaboring the topic further, what amounts to a newfangled way to do a database does not solve the problem of data integrity. In fact, that is almost certainly more easily addressed (as in cleaned up over time) with traditional databases. Yet many of the hoped-for solutions, like in trade, act as if blockchain can solve the data accuracy problem, which exists independent of tampering risk. The reason parties use documentary letters of credit is to assure the buyer that when he releases the funds, the cargo is what it is supposed to be. They also serve to make it hard for buyers to reject cargo shipped around the world just because they had a change of heart. Blockchain won’t solve the problem of “how do I know what is really in the container?”
So again, that does not mean there won’t be some solid commercial uses for blockchain. But they aren’t going to be a game-changers.