IBM retired theirs and now Microsoft. It blows my mind that anyone in their right mind would ever make a blockchain using these companies’ proprietary implementations.
Not that I understand the other blockchain projects, but it seems even crazier to use a proprietary company’s solution.
> Blockchain offers the capacity to create a “digital birth certificate” for every part and update it each time the part moves through the supply chain or is installed on a plane. The part’s status also gets updated every time the plane is serviced or inspected by a technician.
They think it's better to use a blockchain for this instead of a spreadsheet.
Blockchain allows multiple parties to amend data using distributed and untrusting infrastructure, in a tamper proof way. The problems addressed are a bit more involved than a spreadsheet.
This is classic blockchain handwaving. If you’re an airplane manufacturer sourcing parts, you’re going to be placing a hell of a lot of trust in your partners. Jumping through all the hoops of blockchain gets you very little, if anything, net of cost.
The only time in which you would need blockchain over a centralized DB is when everyone needs access to the DB, but no one trusts each other. Like if you needed to store healthcare information for multiple people which theoretically could be accessed by multiple competing hospitals or something. It's a lot of overhead to legitimize not just using a centralized DB for most applications.
For most applications, yes. But the "multiple people which theoretically could be accessed by multiple competing hospitals" is actually a real use case too. In many fields competitors could benefit from having access to the same curated, real time dataset. For example, a list of pharmacies or local insurance policy plans if you're a hospital. The problem is that none of the players in the game are incentivized to build this service because it requires someone to host the server on their infrastructure - and if you don't host it yourself, what happens if/when your partner decides to shut it down, or cut you out, or serve you false information? With a small blockchain each competitor can host their own version of the data and share new rows in an auditable, traceable, and permanent way (such that another user cannot go in and delete anything).
It's easy to get lost in the hype, but peer to peer applications always serve valid use cases. A peer to peer database is no different even if it's enamored by cryptobros and scammers.
How would this solve anything? Competing for what? If a bunch of people are competing on say, price, then what's stopping them putting any number they want into the system, or similarly just rejecting every number anyone else puts into the system? They have no aligned interests in the blockchain, and outside of it the legal system already defines their responsibility (i.e. prices must be advertised accurately).
"Blockchain" aka a Git repository is only useful when multiple trusted parties are trying to coordinate a central source of truth without inadvertently removing each others changes.
At which point we can dispense with anything that sounds like cryptocurrency because it's all just signed commits.
If you have one trusted party that can run a database with permission system and audit trail, then you don't need a blockchain. But if no one trusts each other, but you still require everyone to have the ability to update some data, then a blockchain becomes useful
My multiple healthcare providers use OAuth and the electronic medical record system made by Epic to exchange my medical records, no blockchain required. Apple Health obtains access to all of the data at various providers through the same mechanism.
At a higher level, if you’re willing to do business with someone, and you’re providing or accepting fiat, goods, or services, there is a baseline level of trust between parties and an understanding that any breakdowns in trust will be resolved by contract law and courts.
Replying to my own comment as the edit window has timed out.
Apple has coincidently released functionality as part of iOS 15 for verifiable health records data. Note the use of digital signature crypto primitives.
> Find out how you can securely request access to someone's verifiable health records and incorporate that data safely into your app. The Health app helps people download, view, and share their health records, including their COVID-19 immunization and test results — and iOS 15 brings support for the Smart Health Card, a verifiable health record that incorporates the FHIR health data standard. We'll show you how your app can go about requesting access to this record and how you can verify the signature of the file using CryptoKit and the issuer's public key.
That use case is highly suspect. The reason sharing medical records is difficult is because medical records are sensitive information. Blockchain technology does not solve this problem, and in fact makes it worse. By the very nature of blockchain every single hospital would now need to store all of the medical information of everybody in the country. That means if a single hospital is compromised (which is inevitable) the medical history of every single person in the country will be leaked. At that point, you might as well just place everybody's medical records online for all to see, the end result will be very similar.
Hospitals could encrypt this information inside the blockchain, but then they would need to contact each other for the keys, which defeats the entire point of the blockchain. At that point they might as well contact each other for the data, after all.
Using blockchain technology also means you cannot abide by GDPR's right to forget. That means storing any personal information in a blockchain is a legal liability, at least in the EU, which limits its potential use cases even further.
> Using blockchain technology also means you cannot abide by GDPR's right to forget. That means storing any personal information in a blockchain is a legal liability, at least in the EU, which limits its potential use cases even further.
Yes indeed, blockchains aren't suitable for storing personal data. No public decentralised network is. IPFS wouldn't be either for instance. By nature such networks assume no one peer can be trusted. Not the sort of thing you want to trust with confidential information.
This openness is often sold as a feature, for example running your supply chain through a blockchain means there is a publicly auditable ledger of every step, so a company claiming to have an ethical supply chain could theoretically point to that blockchain as proof. This is potentially interesting imo.
Most enterprise blockchain solutions I've seen are hybrid ones. A business can store personal data in a regular database and have non-sensitive data on a blockchain (as per the example above). The advantage of this (outside of the above use case) being that you can run SQL queries on large data sets much faster if that data is stored on a distributed ledger.
(Note: this is what the companies selling those solutions claim. I don't have first hand experience with blockchains in an enterprise context so I couldn't tell you if this is true - I imagine it'd depend on the database and blockchain in question.)
Final point though, these aren't necessarily proprietary blockchain solutions as such. They're more like SDKs businesses can use to build their own blockchains, code their own smart contracts, etc.
Whether this is actually useful for enterprise... I honestly couldn't tell you. I do think the supply chain stuff is interesting. I also think using it as a system to detect counterfeit items is another good use case for businesses. In the past, companies have created apps where you can scan a QR code and it confirms the legitimacy of the product, but counterfeiters just made QR codes that tricked the app. If each unit is tracked on a public blockchain, it should be possible to verify legitimacy with near 100% certainty.
> It can not be spoofed due to having been signed by a verified key
Let's say I have a Rolex watch. This "item" has an entry in a publicly available blockchain available to everyone. Who's to stop anyone from producing a "Rolex" watch pointing to the exact same entry on the blockchain?
> The link/hash can of course also be encoded in a QR code.
Indeed. So how exactly does blockchain protect against counterfeit goods?
> Who's to stop anyone from producing a "Rolex" watch pointing to the exact same entry on the blockchain?
No one. But only one is signed by Rolex's keys, and therefore considered legitimate.
> Indeed. So how exactly does blockchain protect against counterfeit goods?
It depends on who you are if it does or not. It can 1) prevent inconsistencies in different databases in different orgs, 2) prevent companies trying to hide their tracks or muddy the waters, 3) provide near-instantaneous settlement and coordination
Let me ask you this; if you buy a Rolex watch on eBay that includes a QR code as proof of authenticity, how can you be confident that the same QR code has not been included with 100 other duplicate watches otherwise?
(I had this happen with fake Bose headphones, BTW. A correct blockchain implementation would have allowed me to spot that within minutes of receiving the package as well as irrefutable proof to present to eBay/law enforcement, as opposed to months later when they failed and vague evidence)
> Let me ask you this; if you buy a Rolex watch on eBay that includes a QR code as proof of authenticity, how can you be confident that the same QR code has not been included with 100 other duplicate watches otherwise?
I can't be confident. So, once again, how does blockchain help?
> A correct blockchain implementation would have allowed me to spot that within minutes of receiving the package as well as irrefutable proof to present to eBay/law enforcement
- What's a "correct blockchain" and who implements it?
- How would it help if both watches/headphones/whatnot point to the same record in the ledger?
> How would it help if both watches/headphones/whatnot point to the same record in the ledger?
The watch has an ID/serial number. The record on the ledger is transferred to the new owner. If both new owners check the ledger, only one of them will have been assigned the watch with the corresponding SN.
the payment could even be done atomically with the assignment of the (authentic) watch. As long as the buyer validates it, the only one who could forge watches would be Rolex.
It sounds like you need to review some blockchain fundamentals. None of the above should be unclear in any way if you have a basic understanding. I could go on and try to address your questions, but really, at this point you may as well just be trolling. The way you have been strongly arguing above is not founded on reality if your last questions are honest.
Whenever the key is checked, the software that checks the key creates an entry in the blockchain.
Using your example of a Rolex, the code can be scanned by the authorised dealer and buyer. Those events are then stored in the blockchain next to the cryptographic hashes of both entities.
Any authorised dealer who buys one for resale would scan the QR code so ownership can be transferred in the same way on a public ledger.
If there's a public record that this Rolex has been purchased already and you scan it, this record would show up. It could even show exactly where and when it was purchased.
Clearly, for someone to put a real cryptographic key on a fake Rolex, they need to have taken it from a real one.
So if someone tries to sell you a "Rolex" and you scan it, you'll have the history of the watch right there. If they try to claim it's new, you'll know that's a lie. If they try to sell it to an authorised dealer, they'll get caught.
This could still leave space for fake Rolexes to be sold as used on eBay or something of course, but then if you buy a "Rolex" on eBay from a random seller (not an AD) you kind of know what you're getting already don't you?
(Although even in those situations, knowing exactly when and where the real watch was last purchased makes it easy to just make a phone call and get a better idea of legitimacy. Currently, even ADs send the watches to Rolex for verification because the fakes are so good.)
Your example seems to be mostly coordinated through Rolex and authorized dealers, so what is the advantage of a blockchain? Why not just have Rolex keep track of who owns a watch through e.g. a web interface tied to a serial number + username/password combination, that also allows transferring of the ownership of a watch to a different user? This would be much more user friendly, since you could have features such as "forgot my password" which are (by design) impossible to implement on top of a blockchain.
> Whenever the key is checked, the software that checks the key creates an entry in the blockchain.
Right. So on top of a blockchain there's some software that inputs something on the blockchain.
What's to stop me from creating software that won't create those events, but will still check the key?
> Any authorised dealer
> so ownership can be transferred in the same way
Curioser and curioser. So now there are centralised dealers that can transfer ownership. So only selected few can create events on the great decentralised blockchain. Tangential question: if I want to give the watch as a gift, do I have to have Rolex's blessed authorised software to do that?
Also, if "authorised dealers" have the power to do this, it means they have the cryptographic keys. This also means that the rest of the world has them.
> So if someone tries to sell you a "Rolex" and you scan it, you'll have the history of the watch right there.
Indeed. So, the counterfeit watch comes up with a real history. Rolex produces almost a million watches a year. It will be ridiculously easy to pick up numbers for the counterfeit watches that are new.
Those that are not "new" can be sold at second hand markets.
> but then if you buy a "Rolex" on eBay from a random seller (not an AD) you kind of know what you're getting already don't you?
Ah. And here it is: "blockchain can help verify authenticity with near 100% certainty" devolves into "you know what you're getting into" in the span of three comments.
> No. A company can point at an entry that claims to be from an ethical supply chain. It's not proof that that entry actually represents reality.
Sure, simply writing metadata that says "we promise we did this" into a blockchain doesn't automatically make it proof.
But that's not what anyone talks about when they discuss this.
The point is each company down the supply chain is recorded on the blockchain. The companies used to provide raw metals to the companies that run the factories to the distributors, all cryptographically sign the blockchain throughout production.
What you get at the end of that is cryptographic assurance that each party is who they claim to be and they publicise their practices.
If a someone in the supply chain is found to be using unethical practices, and the company using this approach makes a public statement promising they will use a more ethical supplier, this would be verifiable by any member of the public.
And of course all the actual software backing this would be in smart contracts meaning the source code of the actively running software on the blockchain can also be verified by anyone. This is like having reproducible open source builds but for real life objects.
TL;DR: Quite obviously, a blockchain doesn't magically turn everything ethical, but it is a tool that could well be used for that purpose if utilised correctly and combined with other public knowledge such as public audits of factories and mines and increasing regulations enforcing supply chain transparency reports etc.
It's a piece of the larger puzzle that means when a company claims to be ethical you can see for yourself instead of taking their word for it.
> Because a publicly available hash on a publicly available blockchain is different from a QR code and cannot be spoofed... how?
If the entire supply chain and the code managing it is on a public ledger, so is a log of every unit produced. Blockchains carry cryptographic proofs, so a business can use a cryptographic signature to allow a buyer to verify an item's authenticity. The signature could still be on a QR code to make it easy for the end user, but it'd be a lot lot harder to fake if backed by tried and trusted cryptography.
> Sure, simply writing metadata that says "we promise we did this" into a blockchain doesn't automatically make it proof.
But that's not what anyone talks about when they discuss this.
And then you immediately go and say exactly this:
> If a someone in the supply chain is found to be using unethical practices, and the company using this approach makes a public statement promising they will use a more ethical supplier, this would be verifiable by any member of the public.
What you're basically saying is: "If a company somehow records their PR stunt on the blockchain, they are immediately bound by it because public record, and blockchain, and smart contracts".
> And of course all the actual software backing this would be in smart contracts meaning the source code of the actively running software on the blockchain can also be verified by anyone.
And how would software running inside some other software would actually verify that a company is ethical? Or that it properly labels its products? Or that it adheres to standards? Or...
> combined with other public knowledge such as public audits of factories and mines and increasing regulations enforcing supply chain transparency reports etc.
All this is already being done, and without blockchain. What exactly does blockchain bring into the equation?
I mean, TIR has been around since 1975, to give just one example [1]
> If the entire supply chain and the code managing it is on a public ledger, so is a log of every unit produced.
1. Almost everyone already logs every unit produced. Even now you can probably trace an random individual apple from a supermarket to where it was produced. What does blockchain add to this?
2. As all logs, it doesn't log "every unit produced". It logs whatever is input into the log. If someone inputs "eco bananas", but instead ships radioactive slime, what good is blockchain?
Oh, and before you start with "audits" and all that. The supply chain isn't "producer -> consumer". It's "producer -> dozens of intermediaries -> consumer". And everything depends on what those intermediaries input. And there are already laws, practices and audits in place that ensure that you get your eco bananas instead of radioactive slime.
Or, lets use a more realistic example: 20% of seafood in restaurants is mislabeled, https://www.rd.com/article/restaurants-serve-fraudulent-fish... Every single item there can already be traced to origin, passes multiple inspections etc. How does blockchain help?
Having a database that can run through multiple nodes should be very enticing given the recent ransomware attacks that ground centralized databases to a halt. Instead of waiting days to restore their billing system, Colonial could have just brought in more nodes under a blockchain system and sacrificed the ransomware'd ones. As long as one survived with the data intact, all other nodes would have been able to get the data from it while verifying lack of tampering (something your backups can't tell you without lots of hard work).
Don't we argue against centralization on HN all of the time? There's so many good arguments against putting everything you rely on onto one server that can get bopped by random Ukrainian teenagers.
Where would the data have survived? Colonial would have to be paying someone to hold their extra nodes, in which case....they could've just paid to hold backups anyway.
> Colonial could have just brought in more nodes under a blockchain system
How is that different from having backup copies with a third party? Organizations really need to learn how to make ransmoware-proof backups. Blockchain has many uses but by itself won't protect anyone against ransomware attacks.
> Don't we argue against centralization on HN all of the time?
No, we argue the right paradigm for the right use case. Both centralization and decentralization have their pros and cons. But the blockchain decentralize-all-the-things group think is just people who don't quite grasp the tech being blinded by the hype.
What you've described (adding more nodes) is just classic DR: spin up your infra from append-only backups in a warm site, or better yet, failover to a hot site with minimal downtime.
How much value do you give to being tamper proof, to having multi party untrusting infrastructure, to being decentralized? How much do those add up to in your net cost calculation? How do achieve for these with your alternative solutions? What does that cost?
The airplane manufacturer doesn't want to expose their database to their partners. They also don't want to write bespoke applications and services with their partners and doesn't really expect them to adapt to those interfaces that in turn front the database. None of this helps reconcile wtf happened across systems when sides disagree.
Having a common distributed way to share a ledger is a valid problem to have and a blockchain is a valid way to solve that problem. Contracts further sweeten the pot.
I guess you haven't work at a large corporation that thinks it's a tech company then. I worked at a large insurance company and, while I was there, machine learning and AI were the strongest buzzwords going. Blockchain was just starting to emerge. If you were doing any project at all you could get automatic thumbs up from senior level execs if you name-dropped machine learning or AI. They'd enthusiastically nod their heads upon hearing it. I think this was supposed to convey "great application of this technology I understand!" but once you saw through that it really meant "I've heard of that!"
A bunch of talking heads went on CNBC over the past 5-10 years and talked about how existing cryptocurrencies like bitcoin were outlaw non-starters, but that "blockchain technology" was novel and here to stay, provided that governments and big banks would be able to retain control.
Those people were and still are idiots, but there were enough of them to catch the attention of unimaginative MBAs at big unimaginative places like Microsoft and IBM -- to spawn products like these.
Microsoft announced that they are retiring their blockchain project about two weeks before they announced Azure SQL Database ledger. So a centralised solution where parties are trusted - I think.
It's funny how true this may actually be. I had a 5 minute discussion with KOLs at my company back when etherium launched trying to square peg-round hole something in the business to run on it. We didn't have any luck. Ultimately, we wanted to own the database/data and if someone wanted to purchase from us/use our services they would have to trust us.
Who knows? Perhaps they thought it would be spelled more similarly to aluminium, ammonium, auditorium, calcium, compendium, cranium, delirium, emporium, encomium, equilibrium, eulogium, exordium, geranium, gymnasium, medium, millennium, odium, omnium, opium, opprobrium, pandemonium, potassium, premium, radium, sodium, tedium, uranium...
People are realizing what blockchain technology actually is now. When those ibm commercials came out promoting blockchain it felt awkward to watch like why are they talking like this
They're geared for enterprise so they're not exactly something you'd look to for "interesting projects."
If you look at the smart contract platforms built on top of various cryptocurrencies, however, you will find plenty of active projects. Whether or not they're interesting to you, I can't promise anything. But there's plenty of use cases being explored from simple games to tokenised art to decentralised DNS replacements.
Where I live, the tertiary institutions place your degree on a blockchain. TBH I have know idea why a simple digital signature would not suffice but I guess blockchain sounds cooler.
true. i think that many of these L1 theoretical usecases should move to L2s of existing blockchain(s). this way you dont have to built your own incentive structure (mining) and you inherit security of base layer.
anyway, still think that most usecases dont really need decentralised structure at all. definitelly anything that is natively non-digital.
> true. i think that many of these L1 theoretical usecases should move to L2s of existing blockchain(s).
This is basically the current trend. DApps being developed on existing blockchains instead of new blockchains being invented for each use case.
The only reason L2 blockchains are even so big (e.g. Matic) is because of Ethereum's insane gas fees and the never ending delays in rolling out Eth2. Otherwise there'd be no real need to even have L2 blockchains, you can just run your smart contract directly on the L1 blockchain if it's efficient enough to scale properly.
Trust in people cannot be replaced. Blockchain is achieving exactly the opposite of that, it tells us that trust and legal arrangements should be encoded into software instead of being put into effect with software.
eg, NFTs are fungible in so much that machines care about precision, whereas only an autist would notice of you modified a few pixels to change a hash.
people based products need more fuzzy logic than hashes.
There's a load of DApps using the blockchain. These are obviously built on top of cryptocurrency blockchain platforms, but they are not themselves cryptocurrencies and do run on top of blockchains.
The most obvious (because it's currently very well publicised) example is NFTs and the markets they're sold on through smart contracts.
I'm not making any comment on the value of NFTs themselves here, simply pointing out they have become a popular use case for blockchain technology that isn't cryptocurrency.
I've also read about blockchain managed supply chain solutions including in distribution of Covid vaccines. Currently this isn't a common use case but it seems to be one that's getting pushed hard recently.
IBM has their "TradeLens" [0] (ironically unreachable at the time of posting) product [1], which was developed for Maersk and seems to have been adopted by a few global logistics providers.
Have you worked in these industries? Irrevocable timestamps and ordering for cryptographic signatures provide a level of audibility and traceability that wasn't there before.
History can be rewritten opaquely in non-blockchain ledger systems.
If all stakeholders can fully trust everyone involved (and their security), your point may hold, but that is not always the case.
> History can be rewritten opaquely in non-blockchain ledger systems.
Ah yes. As if re-writing history was the primary major concern.
Let's say I'm a malicious actor. I say I shipped 1 ton of gold bricks, and entered that on the blockchain that "provide a level of audibility and traceability that wasn't there before". Only one single brick reaches the final destination. No history was overwritten.
Easy: the malicious actor has zero chance of arguing that port authority XY messed up the paperwork or that the documentation said it was 1 brick all along.
Sure, there is the oracle problem, but that's not what the blockchain (not a public BC by the way, it uses a fixed number of trusted nodes) tries to solve.
The issue is often patchy documentation and lack of traceability. BC is only one tool of many here and the major improvement is digitalisation of the entire supply chain.
I worked on a project in wholesale logistics several years ago and you wouldn't believe how many parts of the delivery system are still handled using literal paperwork. Coffee stains and manual "corrections" are daily occurrences and because of that, resolving irregularities way too often comes down to his/her words against theirs.
A fully digital supply chain with every step and update permanently recorded in a cryptographically secured manner, helps immensely with these kinds of issues.
BC is just one part of it and doesn't aim to solve everything, but it's a huge improvement. The distributed nature of the ledger provides an incentive for all participants to take part in it, because it reduces trust issues that might arise if all trust is to be put into a single party.
I'm not knowledgeable enough to tell whether a more conventional distributed database system would've sufficed, and what the pros and cons of either approach are in detail, but BC is a viable solution.
The malicious actor insists they shipped 1 ton of bricks, and that the port authority is lying or stole the remaining ones. The blockchain says they shipped 1 ton of bricks, after all.
I'm actually kind of bullish on blockchain for these sorts of scenarios, because yes, the malicious actor can claim that someone else in the chain screwed up, but all parties involved can verify all claims that were made in the entire chain. In other words, the malicious actor can't destroy or modify the paperwork and then claim something different.
Malicious actors don't have to "destroy or modify paperwork". Paperwork is very rarely "destroyed or modified". It is usually already kept/entered as modified (and there's potentially an entirely separate and isolated paperwork trail for the actor's own accounting purposes, but that one by definition won't be on a blockchain).
> Malicious actors don't have to "destroy or modify paperwork"
Sure, they don't have to, but it eliminates one possible source of malicious behavior. I'm not saying that using a blockchain will eliminate all malicious behavior, so I'm not sure what you're getting at.
> but it eliminates one possible source of malicious behavior.
Why is it that every single discussion about blockchain starts with "it opens up unprecedented opportunities never seen before and will disrupt eveyrthing" and ends with "well, it will maybe perhaps help in some minor way"?
In this discussion:
How it started: "irrevocable timestamps and ordering for cryptographic signatures provide a level of audibility and traceability that wasn't there before."
How it's going: "it eliminates one possible source of malicious behavior"
I didn't say anything about disrupting everything shrug. I just said I'm kind of bullish on it for this use case.
That being said, "it eliminates one possible source of malicious behavior" is exactly derived from "irrevocable timestamps and ordering for cryptographic signatures provide a level of audibility and traceability that wasn't there before." so I'm not sure what your complaint is there. The auditability and traceability are exactly what eliminates that avenue of malicious behavior. Again, it's not going to revolutionize everything, but it seems useful here.
> I didn't say anything about disrupting everything
I didn't mean you specifically. It's the flow of every single discussion about blockchain.
> it eliminates one possible source of malicious behavior
> Again, it's not going to revolutionize everything, but it seems useful here.
So, in order to eliminate one source of malicious behaviour (that is even unlikely to be a major source of problems) we can of course use a very inefficient append-only distributed log that solves (maybe) only this one problem, and does nothing for everything else :)
Because the data is entered into the blockchain by automated systems and can be verified with cryptographic keys.
You seem to have invented a strawman system in which a blockchain replaces a spreadsheet and a human can type whatever they like into it.
This is not the suggested use case for blockchains at all, not in enterprise and not anywhere else. The allure is blockchains is in automated smart contracts that don't rely on human honesty and aren't as prone to human error.
(I say as prone because, obviously, as with any code, humans still have to write the smart contracts. Security audits are extremely important here especially for enterprise critical applications. But the end result is a publicly accountable ledger and that includes the smart contracts themselves too. So your hypothetical would be impossible unless you hired a black hat. Even in the worst case scenario of a malicious smart contract, however, you'd have permanent public logs of exactly what was done, how, and when, and when its code written by an employee of yours, that makes it quite easy to work out who.)
> This is not the suggested use case for blockchains at all, not in enterprise and not anywhere else. The allure is blockchains is in automated smart contracts that don't rely on human honesty and aren't as prone to human error.
This is a bunch of words that have no relation to reality.
What is the connection between a smart contract and an actual physical good that is being transported?
How does a "smart contract" verify any of the following:
- that the goods are what they are (eco bananas, not green slime)
- that the goods are in the quantity described (1 ton of gold bricks, not 1 kilo)
- that the actual provenance of the goods as stated (that country of origin labelling required in the EU is accurate and reflects the actual country of origin)
- that the goods have actually been transported as required (refrigerated, heated, on time, within a time range etc.)
At every single point in this process you will either have people entering data manually or dozens, if not hundreds, of different systems scanning and entering data.
Smart contracts are perhaps the most oversold part of the whole block chain concept.
What works for digital products (service contracts, financial transactions, data delivery) cannot always be mapped to the physical world.
There are some interesting concepts that deal with trust and verifiability of data entry, scanning, and sensors, though. They just don't have anything to do with smart contracts or block chain per se, though they borrow some high-level ideas from it.
But this an area where block chain in general has no place and other mechanisms (simple rule-based plausibility checking, automated anomaly-detection, etc.) are much more helpful. The physical world requires different approaches.
Hashed-block chains can be used to prove data history has not been tampered with, i.e. an audit log is true. If you change something in the history/audit the related blockchain from that point in time onwards becomes invalid.
There needs to be some 3rd party interaction to completely believe what this chain of block hashes tells you, as someone editing history in a DB could in theory replay all other transactions and recreate the ledger from that point onwards to remove evidence of the modification.
Search for "ledger tables" and "distributed ledger" for more info. The idea pre-dates cryptocurrencies by quite some time. I've seen small scale implementations of it, and talks about MS researching the area in relation to SQL Server and similar offerings.
Honestly, that Azure Ledger SQL idea makes more sense for today's enterprise systems than a decentralised blockchain. Not because "blockchains are bad" which unfortunately is what most of the comments have turned into, but rather because it makes a lot more sense in a business context.
Azure's main competition is obviously AWS. And AWS already offer a cloud-based blockchain service used by many big names.[1] Seems to me that Microsoft is just following in their footsteps with that new approach of centralising the ledger. Basically the same thing Amazon's main offering does.
Most large enterprises right now are turning to centralised cloud solutions, that's just the way the market is right now, companies just want to stick their entire businesses on hyperscalers. It's simply easier and cheaper to move an on-prem database to a cloud service than it is to create and maintain a decentralised network.
Taking the blockchain's data integrity features and adding them to existing cloud services therefore makes a lot more sense for actual enterprise use today when you want to compete with AWS and sell cloud subscriptions which Azure does.
I do believe decentralisation in general will mature over time, and certainly many arguments can be made in its favour including for enterprise. I do find it concerning that virtually every big company and even government organisations run everything on AWS, GCP, Azure. And once you have everything running in one of those bubbles there's lock-in.
I'm sure most of us would agree that's hardly ideal. But at the end of the day if you're catering to enterprise and enterprise is saying "we want to throw everything on your servers and have you manage it for us" you have to listen to the market.
Note I'm not trying to argue one way or another about intrinsic value or any type of moral value or any of the other unrelated tangents I often see discussions about NFTs turn into.
But objectively, as a product that exists solely on top of blockchains, NFTs are very very successful. Something that has allowed multiple individuals to auction off artworks for upwards of $60m cannot be called a failed use case.
If your metric for success is simply how much money is being pumped through it, then in a sense NFTs are successful (although NFT prices and volume have been plummeting recently [0]).
However, I believe that the majority of people driving the popularity of NFTs fall into two overlapping camps: people who are simply trying to make money, and people who misunderstand or are otherwise oblivious to how the technology works and its limitations. To me it just seems more like a gold rush situation and does nothing to inspire confidence in the underlying technology.
Certainly there are people out there trying to leverage NFTs for more legitimate purposes - such as digital rights management and virtual items for video games - and those applications may be dubious enough by themselves. In the way they are generally being used, though, I wouldn't call NFTs a "success" any more than the South Sea Bubble was.
Bitcoin and Etherium's use cases are still just limited to providing means of bypassing regulation and being a ponzi scheme. NFTs are just the latest iteration on that.
The most obvious and widespread use of the concept of block chains in my opinion is git.
It’s quite literally a distributed, unforgeable crypto-ledger of changes to common codebases that can be edited by multiple untrusted parties (open source).
That's not a block chain, though. A distributed ledger is one thing. A block chain is a specific technology to implement a distributed ledger. A block chain is specifically a linked-list-esque data structure with immutability through some irreproducible "cost," e.g. proof of work, proof of stake, etc, which in turn serves as the mechanism for arriving at a distributed consensus. Git histories are fully mutable, and adding to the ledger is still controlled by gatekeepers. I guess you could argue that forks allow it to bypass gatekeepers, but it really just moves gatekeepers from one place to another.
Git histories are only as immutable as the signatures applied to them. There are plenty of git repositories that follow rebase only "linked-list" history policies and require commits to be signed and through distributed consensus agree on what is the most recent commit to next commit against to keep the history a straight line.
On the other side, forks happen in block chains all the time and it is an illusion that a block chain is only ever a "linked-list". It's just as much of a DAG at a technical level. The "cost" mechanics create a marketplace distinction between forks (branches in the DAG) far more than any technical distinction between them can possibly exist.
Well you cannot change a git history without completely changing the hashes. Which is similar to blockchain.
I see it as similar to CBC in crypto, where the previous block’s value plays a huge role in the next block’s encrypted value. Change one and you change the entire chain after that “block”
If you expand the system-under-definition to all the git repositories for a particular project, the proof of work function is the social dynamics (via PR/review/email) of getting changes accepted by other repositories.
There are multiple reward functions that apply to git. One particular example is a lot of developers compete for Proof of Clout (PoC) and all the green they can light up in the GitHub activity graph.
There are multiple large entities who use it for industry manufacturing and supply chain in production (under NDA and don't want to ask if I can name any names but you'd recognize some)
Tracking and tracing it from procurement as it's flowing (transported) through containers and vehicles. There are multiple companies involved and prior to this, trust issues have made any kind of automated, efficient and consistent end-to-end tracking system difficult to introduce.
Whose servers would a non-blockchain solution run on and how could all stakeholders trust the design, implementation and operations? Blockchain makes this transparent, trustless, and auditable for everyone involved.
With the new system, feedback times goes from weeks to minutes.
I mean, technically, the industry got by fine prior to IT as well, relying on pen and paper and telephone. Real problems are being solved, though.
You seem a bit antagonistic/skeptic; I'm just answering the question for some examples of use-cases the technology is applied to today.
Consider distributed databases - unless you hit a certain scale or availability requirements, you could argue that a single centralized Postgres can solve anything and that they provide no value. You could have a successful and advanced career as a data engineer never having to touch one. Yet, in certain organizations and scenarios they are a game-changer and enabler. Just because you don't see value in them does not mean that the people who do are deluded.
> Whose servers would a non-blockchain solution run on and how could all stakeholders trust the design, implementation and operations?
Ah yes, unlike with blockchain where they have to trust the design and implementation of a blockchain by some third-party.
> Blockchain makes this transparent, trustless, and auditable for everyone involved.
Until someone comes along and says "we don't like TransportBlockhain designed and implemented by IBM, we are forming a separate coalition that uses ProcurementBlockchain designed and implemented by Tencent". Then what?
> I mean, technically, the industry got by fine prior to IT as well, relying on pen and paper and telephone. Real problems are being solved, though.
Ah yes. How could I forget: there are only two steps in the evolution of industry: pen-and-paper and blockchain (where blockchain somehow equals all of IT).
> You seem a bit antagonistic/skeptic
I am. Because every single argument for blockchain immediately devolves into heavy handwaving and "this will work because blockchain", while completely ignoring all of reality.
> Yet, in certain organizations and scenarios they are a game-changer and enabler.
Why is it when you ask people how exactly they change the game and enable anything, all descriptions are, at best, "there's no info, but it works because blockchain". And any available info shows that blockchain brings literally nothing to the table and solves none of the listed problems.
The best/only one I can come up with is DNS. It requires complete global state, benefits from having a history of changes, increased distribution/decentralization makes it faster and more reliable, and it could encapsulate the economic parts of buying and selling domain names.
It's not hypothetical. Although you are correct it's not standard, there are multiple projects doing exactly this at various stages of development, some of which have been around for years.
Handshake [1] is still very much beta but aims to replace DNS with decentralised nodes.
There are also projects like Unstoppable Domains [2] and Ethereum Name Service [3] which work right now if the browser supports them. They both use the Ethereum blockchain to sell domains as NFTs. In fact the ENS was around long before the NFT hype of today.
106 comments
[ 4.7 ms ] story [ 161 ms ] threadNot that I understand the other blockchain projects, but it seems even crazier to use a proprietary company’s solution.
They think it's better to use a blockchain for this instead of a spreadsheet.
It's easy to get lost in the hype, but peer to peer applications always serve valid use cases. A peer to peer database is no different even if it's enamored by cryptobros and scammers.
"Blockchain" aka a Git repository is only useful when multiple trusted parties are trying to coordinate a central source of truth without inadvertently removing each others changes.
At which point we can dispense with anything that sounds like cryptocurrency because it's all just signed commits.
Certainly there is a huge financial incentive to run a 51% attack on Bitcoin or Ethereum but thus far no one has managed it.
How is that not solved by a layer of permissions?
At a higher level, if you’re willing to do business with someone, and you’re providing or accepting fiat, goods, or services, there is a baseline level of trust between parties and an understanding that any breakdowns in trust will be resolved by contract law and courts.
Apple has coincidently released functionality as part of iOS 15 for verifiable health records data. Note the use of digital signature crypto primitives.
> Find out how you can securely request access to someone's verifiable health records and incorporate that data safely into your app. The Health app helps people download, view, and share their health records, including their COVID-19 immunization and test results — and iOS 15 brings support for the Smart Health Card, a verifiable health record that incorporates the FHIR health data standard. We'll show you how your app can go about requesting access to this record and how you can verify the signature of the file using CryptoKit and the issuer's public key.
https://developer.apple.com/videos/play/wwdc2021/10089/
Hospitals could encrypt this information inside the blockchain, but then they would need to contact each other for the keys, which defeats the entire point of the blockchain. At that point they might as well contact each other for the data, after all.
Using blockchain technology also means you cannot abide by GDPR's right to forget. That means storing any personal information in a blockchain is a legal liability, at least in the EU, which limits its potential use cases even further.
Yes indeed, blockchains aren't suitable for storing personal data. No public decentralised network is. IPFS wouldn't be either for instance. By nature such networks assume no one peer can be trusted. Not the sort of thing you want to trust with confidential information.
This openness is often sold as a feature, for example running your supply chain through a blockchain means there is a publicly auditable ledger of every step, so a company claiming to have an ethical supply chain could theoretically point to that blockchain as proof. This is potentially interesting imo.
Most enterprise blockchain solutions I've seen are hybrid ones. A business can store personal data in a regular database and have non-sensitive data on a blockchain (as per the example above). The advantage of this (outside of the above use case) being that you can run SQL queries on large data sets much faster if that data is stored on a distributed ledger.
(Note: this is what the companies selling those solutions claim. I don't have first hand experience with blockchains in an enterprise context so I couldn't tell you if this is true - I imagine it'd depend on the database and blockchain in question.)
Final point though, these aren't necessarily proprietary blockchain solutions as such. They're more like SDKs businesses can use to build their own blockchains, code their own smart contracts, etc.
Whether this is actually useful for enterprise... I honestly couldn't tell you. I do think the supply chain stuff is interesting. I also think using it as a system to detect counterfeit items is another good use case for businesses. In the past, companies have created apps where you can scan a QR code and it confirms the legitimacy of the product, but counterfeiters just made QR codes that tricked the app. If each unit is tracked on a public blockchain, it should be possible to verify legitimacy with near 100% certainty.
No. A company can point at an entry that claims to be from an ethical supply chain. It's not proof that that entry actually represents reality.
Same for every other entry in the supply chain.
> you. I do think the supply chain stuff is interesting.
It's not. For the reason above.
> If each unit is tracked on a public blockchain, it should be possible to verify legitimacy with near 100% certainty.
Because a publicly available hash on a publicly available blockchain is different from a QR code and cannot be spoofed... how?
It can not be spoofed due to having been signed by a verified key (a signature could of course be encoded in a QR code as well!)
It can not be redacted, or retroactively inserted at a later point in time. The link/hash can of course also be encoded in a QR code.
Let's say I have a Rolex watch. This "item" has an entry in a publicly available blockchain available to everyone. Who's to stop anyone from producing a "Rolex" watch pointing to the exact same entry on the blockchain?
> The link/hash can of course also be encoded in a QR code.
Indeed. So how exactly does blockchain protect against counterfeit goods?
No one. But only one is signed by Rolex's keys, and therefore considered legitimate.
> Indeed. So how exactly does blockchain protect against counterfeit goods?
It depends on who you are if it does or not. It can 1) prevent inconsistencies in different databases in different orgs, 2) prevent companies trying to hide their tracks or muddy the waters, 3) provide near-instantaneous settlement and coordination
Let me ask you this; if you buy a Rolex watch on eBay that includes a QR code as proof of authenticity, how can you be confident that the same QR code has not been included with 100 other duplicate watches otherwise?
(I had this happen with fake Bose headphones, BTW. A correct blockchain implementation would have allowed me to spot that within minutes of receiving the package as well as irrefutable proof to present to eBay/law enforcement, as opposed to months later when they failed and vague evidence)
How do you sign a physical watch with keys?
> Let me ask you this; if you buy a Rolex watch on eBay that includes a QR code as proof of authenticity, how can you be confident that the same QR code has not been included with 100 other duplicate watches otherwise?
I can't be confident. So, once again, how does blockchain help?
> A correct blockchain implementation would have allowed me to spot that within minutes of receiving the package as well as irrefutable proof to present to eBay/law enforcement
- What's a "correct blockchain" and who implements it?
- How would it help if both watches/headphones/whatnot point to the same record in the ledger?
- more in two comments to this: https://news.ycombinator.com/item?id=27435785
The watch has an ID/serial number. The record on the ledger is transferred to the new owner. If both new owners check the ledger, only one of them will have been assigned the watch with the corresponding SN.
the payment could even be done atomically with the assignment of the (authentic) watch. As long as the buyer validates it, the only one who could forge watches would be Rolex.
This. How does this magical transfer happen? The moment you say "authorised resellers", please read comments to this: https://news.ycombinator.com/item?id=27435785
> the payment could even be done atomically with the assignment
What's to stop an automatic payment with the assignment of the counterfeit watch?
> As long as the buyer validates it, the only one who could forge watches would be Rolex.
Why?
Using your example of a Rolex, the code can be scanned by the authorised dealer and buyer. Those events are then stored in the blockchain next to the cryptographic hashes of both entities.
Any authorised dealer who buys one for resale would scan the QR code so ownership can be transferred in the same way on a public ledger.
If there's a public record that this Rolex has been purchased already and you scan it, this record would show up. It could even show exactly where and when it was purchased.
Clearly, for someone to put a real cryptographic key on a fake Rolex, they need to have taken it from a real one.
So if someone tries to sell you a "Rolex" and you scan it, you'll have the history of the watch right there. If they try to claim it's new, you'll know that's a lie. If they try to sell it to an authorised dealer, they'll get caught.
This could still leave space for fake Rolexes to be sold as used on eBay or something of course, but then if you buy a "Rolex" on eBay from a random seller (not an AD) you kind of know what you're getting already don't you?
(Although even in those situations, knowing exactly when and where the real watch was last purchased makes it easy to just make a phone call and get a better idea of legitimacy. Currently, even ADs send the watches to Rolex for verification because the fakes are so good.)
Right. So on top of a blockchain there's some software that inputs something on the blockchain.
What's to stop me from creating software that won't create those events, but will still check the key?
> Any authorised dealer
> so ownership can be transferred in the same way
Curioser and curioser. So now there are centralised dealers that can transfer ownership. So only selected few can create events on the great decentralised blockchain. Tangential question: if I want to give the watch as a gift, do I have to have Rolex's blessed authorised software to do that?
Also, if "authorised dealers" have the power to do this, it means they have the cryptographic keys. This also means that the rest of the world has them.
> So if someone tries to sell you a "Rolex" and you scan it, you'll have the history of the watch right there.
Indeed. So, the counterfeit watch comes up with a real history. Rolex produces almost a million watches a year. It will be ridiculously easy to pick up numbers for the counterfeit watches that are new.
Those that are not "new" can be sold at second hand markets.
> but then if you buy a "Rolex" on eBay from a random seller (not an AD) you kind of know what you're getting already don't you?
Ah. And here it is: "blockchain can help verify authenticity with near 100% certainty" devolves into "you know what you're getting into" in the span of three comments.
Sure, simply writing metadata that says "we promise we did this" into a blockchain doesn't automatically make it proof.
But that's not what anyone talks about when they discuss this.
The point is each company down the supply chain is recorded on the blockchain. The companies used to provide raw metals to the companies that run the factories to the distributors, all cryptographically sign the blockchain throughout production.
What you get at the end of that is cryptographic assurance that each party is who they claim to be and they publicise their practices.
If a someone in the supply chain is found to be using unethical practices, and the company using this approach makes a public statement promising they will use a more ethical supplier, this would be verifiable by any member of the public.
And of course all the actual software backing this would be in smart contracts meaning the source code of the actively running software on the blockchain can also be verified by anyone. This is like having reproducible open source builds but for real life objects.
TL;DR: Quite obviously, a blockchain doesn't magically turn everything ethical, but it is a tool that could well be used for that purpose if utilised correctly and combined with other public knowledge such as public audits of factories and mines and increasing regulations enforcing supply chain transparency reports etc.
It's a piece of the larger puzzle that means when a company claims to be ethical you can see for yourself instead of taking their word for it.
> Because a publicly available hash on a publicly available blockchain is different from a QR code and cannot be spoofed... how?
If the entire supply chain and the code managing it is on a public ledger, so is a log of every unit produced. Blockchains carry cryptographic proofs, so a business can use a cryptographic signature to allow a buyer to verify an item's authenticity. The signature could still be on a QR code to make it easy for the end user, but it'd be a lot lot harder to fake if backed by tried and trusted cryptography.
And then you immediately go and say exactly this:
> If a someone in the supply chain is found to be using unethical practices, and the company using this approach makes a public statement promising they will use a more ethical supplier, this would be verifiable by any member of the public.
What you're basically saying is: "If a company somehow records their PR stunt on the blockchain, they are immediately bound by it because public record, and blockchain, and smart contracts".
> And of course all the actual software backing this would be in smart contracts meaning the source code of the actively running software on the blockchain can also be verified by anyone.
And how would software running inside some other software would actually verify that a company is ethical? Or that it properly labels its products? Or that it adheres to standards? Or...
> combined with other public knowledge such as public audits of factories and mines and increasing regulations enforcing supply chain transparency reports etc.
All this is already being done, and without blockchain. What exactly does blockchain bring into the equation?
I mean, TIR has been around since 1975, to give just one example [1]
> If the entire supply chain and the code managing it is on a public ledger, so is a log of every unit produced.
1. Almost everyone already logs every unit produced. Even now you can probably trace an random individual apple from a supermarket to where it was produced. What does blockchain add to this?
2. As all logs, it doesn't log "every unit produced". It logs whatever is input into the log. If someone inputs "eco bananas", but instead ships radioactive slime, what good is blockchain?
Oh, and before you start with "audits" and all that. The supply chain isn't "producer -> consumer". It's "producer -> dozens of intermediaries -> consumer". And everything depends on what those intermediaries input. And there are already laws, practices and audits in place that ensure that you get your eco bananas instead of radioactive slime.
Or, lets use a more realistic example: 20% of seafood in restaurants is mislabeled, https://www.rd.com/article/restaurants-serve-fraudulent-fish... Every single item there can already be traced to origin, passes multiple inspections etc. How does blockchain help?
[1] https://en.wikipedia.org/wiki/TIR_Convention
Don't we argue against centralization on HN all of the time? There's so many good arguments against putting everything you rely on onto one server that can get bopped by random Ukrainian teenagers.
How is that different from having backup copies with a third party? Organizations really need to learn how to make ransmoware-proof backups. Blockchain has many uses but by itself won't protect anyone against ransomware attacks.
No, we argue the right paradigm for the right use case. Both centralization and decentralization have their pros and cons. But the blockchain decentralize-all-the-things group think is just people who don't quite grasp the tech being blinded by the hype.
What you've described (adding more nodes) is just classic DR: spin up your infra from append-only backups in a warm site, or better yet, failover to a hot site with minimal downtime.
The airplane manufacturer doesn't want to expose their database to their partners. They also don't want to write bespoke applications and services with their partners and doesn't really expect them to adapt to those interfaces that in turn front the database. None of this helps reconcile wtf happened across systems when sides disagree.
Having a common distributed way to share a ledger is a valid problem to have and a blockchain is a valid way to solve that problem. Contracts further sweeten the pot.
Those people were and still are idiots, but there were enough of them to catch the attention of unimaginative MBAs at big unimaginative places like Microsoft and IBM -- to spawn products like these.
https://techcommunity.microsoft.com/t5/azure-sql/announcing-...
If you look at the smart contract platforms built on top of various cryptocurrencies, however, you will find plenty of active projects. Whether or not they're interesting to you, I can't promise anything. But there's plenty of use cases being explored from simple games to tokenised art to decentralised DNS replacements.
Whenever I tried to find some all I can find is proof of concepts, or new projects to evaluate the technology, but they never seem to consolidate.
I feel like there should be more tangible and clearly successful examples by now, if the technology was really promising.
Ten years in, nobody has come up with a use for blockchain: https://medium.com/@kaistinchcombe/ten-years-in-nobody-has-c...
And the followup, Blockchain is not only crappy technology but a bad vision for the future https://medium.com/@kaistinchcombe/decentralized-and-trustle...
This is basically the current trend. DApps being developed on existing blockchains instead of new blockchains being invented for each use case.
The only reason L2 blockchains are even so big (e.g. Matic) is because of Ethereum's insane gas fees and the never ending delays in rolling out Eth2. Otherwise there'd be no real need to even have L2 blockchains, you can just run your smart contract directly on the L1 blockchain if it's efficient enough to scale properly.
people based products need more fuzzy logic than hashes.
The most obvious (because it's currently very well publicised) example is NFTs and the markets they're sold on through smart contracts.
I'm not making any comment on the value of NFTs themselves here, simply pointing out they have become a popular use case for blockchain technology that isn't cryptocurrency.
I've also read about blockchain managed supply chain solutions including in distribution of Covid vaccines. Currently this isn't a common use case but it seems to be one that's getting pushed hard recently.
defi is recreating traditional banking. Plenty of ways to stake USD & get loans.
nfts allow artists to monetize their efforts.
bat redefines how internet monetization can work, based on swarm intelligence and micropayments.
audius is enabling musicians to share their creation.
tokenization is a way to represent any divisible effort. Perfect for sharing ownership in a company, home, etc.
There are a bunch more, way more than I'm able to keep track of.
But the biggest use case of blockchain is still, imo, p2p electronic cash.
[0] https://www.tradelens.com
[1] https://docs.tradelens.com
History can be rewritten opaquely in non-blockchain ledger systems.
If all stakeholders can fully trust everyone involved (and their security), your point may hold, but that is not always the case.
Ah yes. As if re-writing history was the primary major concern.
Let's say I'm a malicious actor. I say I shipped 1 ton of gold bricks, and entered that on the blockchain that "provide a level of audibility and traceability that wasn't there before". Only one single brick reaches the final destination. No history was overwritten.
So, how does blockchain help?
Easy: the malicious actor has zero chance of arguing that port authority XY messed up the paperwork or that the documentation said it was 1 brick all along.
Sure, there is the oracle problem, but that's not what the blockchain (not a public BC by the way, it uses a fixed number of trusted nodes) tries to solve.
The issue is often patchy documentation and lack of traceability. BC is only one tool of many here and the major improvement is digitalisation of the entire supply chain.
I worked on a project in wholesale logistics several years ago and you wouldn't believe how many parts of the delivery system are still handled using literal paperwork. Coffee stains and manual "corrections" are daily occurrences and because of that, resolving irregularities way too often comes down to his/her words against theirs.
A fully digital supply chain with every step and update permanently recorded in a cryptographically secured manner, helps immensely with these kinds of issues.
BC is just one part of it and doesn't aim to solve everything, but it's a huge improvement. The distributed nature of the ledger provides an incentive for all participants to take part in it, because it reduces trust issues that might arise if all trust is to be put into a single party.
I'm not knowledgeable enough to tell whether a more conventional distributed database system would've sufficed, and what the pros and cons of either approach are in detail, but BC is a viable solution.
Sure, they don't have to, but it eliminates one possible source of malicious behavior. I'm not saying that using a blockchain will eliminate all malicious behavior, so I'm not sure what you're getting at.
Why is it that every single discussion about blockchain starts with "it opens up unprecedented opportunities never seen before and will disrupt eveyrthing" and ends with "well, it will maybe perhaps help in some minor way"?
In this discussion:
How it started: "irrevocable timestamps and ordering for cryptographic signatures provide a level of audibility and traceability that wasn't there before."
How it's going: "it eliminates one possible source of malicious behavior"
Color me not impressed.
That being said, "it eliminates one possible source of malicious behavior" is exactly derived from "irrevocable timestamps and ordering for cryptographic signatures provide a level of audibility and traceability that wasn't there before." so I'm not sure what your complaint is there. The auditability and traceability are exactly what eliminates that avenue of malicious behavior. Again, it's not going to revolutionize everything, but it seems useful here.
I didn't mean you specifically. It's the flow of every single discussion about blockchain.
> it eliminates one possible source of malicious behavior
> Again, it's not going to revolutionize everything, but it seems useful here.
So, in order to eliminate one source of malicious behaviour (that is even unlikely to be a major source of problems) we can of course use a very inefficient append-only distributed log that solves (maybe) only this one problem, and does nothing for everything else :)
Yeah, still not impressed :)
Because the data is entered into the blockchain by automated systems and can be verified with cryptographic keys.
You seem to have invented a strawman system in which a blockchain replaces a spreadsheet and a human can type whatever they like into it.
This is not the suggested use case for blockchains at all, not in enterprise and not anywhere else. The allure is blockchains is in automated smart contracts that don't rely on human honesty and aren't as prone to human error.
(I say as prone because, obviously, as with any code, humans still have to write the smart contracts. Security audits are extremely important here especially for enterprise critical applications. But the end result is a publicly accountable ledger and that includes the smart contracts themselves too. So your hypothetical would be impossible unless you hired a black hat. Even in the worst case scenario of a malicious smart contract, however, you'd have permanent public logs of exactly what was done, how, and when, and when its code written by an employee of yours, that makes it quite easy to work out who.)
This is a bunch of words that have no relation to reality.
What is the connection between a smart contract and an actual physical good that is being transported?
How does a "smart contract" verify any of the following:
- that the goods are what they are (eco bananas, not green slime)
- that the goods are in the quantity described (1 ton of gold bricks, not 1 kilo)
- that the actual provenance of the goods as stated (that country of origin labelling required in the EU is accurate and reflects the actual country of origin)
- that the goods have actually been transported as required (refrigerated, heated, on time, within a time range etc.)
At every single point in this process you will either have people entering data manually or dozens, if not hundreds, of different systems scanning and entering data.
What works for digital products (service contracts, financial transactions, data delivery) cannot always be mapped to the physical world.
There are some interesting concepts that deal with trust and verifiability of data entry, scanning, and sensors, though. They just don't have anything to do with smart contracts or block chain per se, though they borrow some high-level ideas from it.
But this an area where block chain in general has no place and other mechanisms (simple rule-based plausibility checking, automated anomaly-detection, etc.) are much more helpful. The physical world requires different approaches.
There needs to be some 3rd party interaction to completely believe what this chain of block hashes tells you, as someone editing history in a DB could in theory replay all other transactions and recreate the ledger from that point onwards to remove evidence of the modification.
Search for "ledger tables" and "distributed ledger" for more info. The idea pre-dates cryptocurrencies by quite some time. I've seen small scale implementations of it, and talks about MS researching the area in relation to SQL Server and similar offerings.
Edit: reading further down the comments, it looks like MS's work has recently left the research stage and is being offered as an alpha product in some Azure regions: https://techcommunity.microsoft.com/t5/azure-sql/announcing-...
Other comments below mention similar ledger features in other products/services too.
Azure's main competition is obviously AWS. And AWS already offer a cloud-based blockchain service used by many big names.[1] Seems to me that Microsoft is just following in their footsteps with that new approach of centralising the ledger. Basically the same thing Amazon's main offering does.
Most large enterprises right now are turning to centralised cloud solutions, that's just the way the market is right now, companies just want to stick their entire businesses on hyperscalers. It's simply easier and cheaper to move an on-prem database to a cloud service than it is to create and maintain a decentralised network.
Taking the blockchain's data integrity features and adding them to existing cloud services therefore makes a lot more sense for actual enterprise use today when you want to compete with AWS and sell cloud subscriptions which Azure does.
I do believe decentralisation in general will mature over time, and certainly many arguments can be made in its favour including for enterprise. I do find it concerning that virtually every big company and even government organisations run everything on AWS, GCP, Azure. And once you have everything running in one of those bubbles there's lock-in.
I'm sure most of us would agree that's hardly ideal. But at the end of the day if you're catering to enterprise and enterprise is saying "we want to throw everything on your servers and have you manage it for us" you have to listen to the market.
[1] https://aws.amazon.com/blockchain/
Note I'm not trying to argue one way or another about intrinsic value or any type of moral value or any of the other unrelated tangents I often see discussions about NFTs turn into.
But objectively, as a product that exists solely on top of blockchains, NFTs are very very successful. Something that has allowed multiple individuals to auction off artworks for upwards of $60m cannot be called a failed use case.
However, I believe that the majority of people driving the popularity of NFTs fall into two overlapping camps: people who are simply trying to make money, and people who misunderstand or are otherwise oblivious to how the technology works and its limitations. To me it just seems more like a gold rush situation and does nothing to inspire confidence in the underlying technology.
Certainly there are people out there trying to leverage NFTs for more legitimate purposes - such as digital rights management and virtual items for video games - and those applications may be dubious enough by themselves. In the way they are generally being used, though, I wouldn't call NFTs a "success" any more than the South Sea Bubble was.
[0] https://en.cryptonomist.ch/2021/04/30/prices-nfts-dropping/
Is that really a success?
It’s quite literally a distributed, unforgeable crypto-ledger of changes to common codebases that can be edited by multiple untrusted parties (open source).
On the other side, forks happen in block chains all the time and it is an illusion that a block chain is only ever a "linked-list". It's just as much of a DAG at a technical level. The "cost" mechanics create a marketplace distinction between forks (branches in the DAG) far more than any technical distinction between them can possibly exist.
I see it as similar to CBC in crypto, where the previous block’s value plays a huge role in the next block’s encrypted value. Change one and you change the entire chain after that “block”
Undoubtedly git's implementation is very similar to current blockchains but it's missing a reward function (PoS, PoW).
So I would argue it's not a blockchain because of that.
Also oil and gas.
> Also oil and gas
What about oil and gas?
Whose servers would a non-blockchain solution run on and how could all stakeholders trust the design, implementation and operations? Blockchain makes this transparent, trustless, and auditable for everyone involved.
With the new system, feedback times goes from weeks to minutes.
I mean, technically, the industry got by fine prior to IT as well, relying on pen and paper and telephone. Real problems are being solved, though.
You seem a bit antagonistic/skeptic; I'm just answering the question for some examples of use-cases the technology is applied to today.
Consider distributed databases - unless you hit a certain scale or availability requirements, you could argue that a single centralized Postgres can solve anything and that they provide no value. You could have a successful and advanced career as a data engineer never having to touch one. Yet, in certain organizations and scenarios they are a game-changer and enabler. Just because you don't see value in them does not mean that the people who do are deluded.
Ah yes, unlike with blockchain where they have to trust the design and implementation of a blockchain by some third-party.
> Blockchain makes this transparent, trustless, and auditable for everyone involved.
Until someone comes along and says "we don't like TransportBlockhain designed and implemented by IBM, we are forming a separate coalition that uses ProcurementBlockchain designed and implemented by Tencent". Then what?
> I mean, technically, the industry got by fine prior to IT as well, relying on pen and paper and telephone. Real problems are being solved, though.
Ah yes. How could I forget: there are only two steps in the evolution of industry: pen-and-paper and blockchain (where blockchain somehow equals all of IT).
> You seem a bit antagonistic/skeptic
I am. Because every single argument for blockchain immediately devolves into heavy handwaving and "this will work because blockchain", while completely ignoring all of reality.
> Yet, in certain organizations and scenarios they are a game-changer and enabler.
Why is it when you ask people how exactly they change the game and enable anything, all descriptions are, at best, "there's no info, but it works because blockchain". And any available info shows that blockchain brings literally nothing to the table and solves none of the listed problems.
Handshake [1] is still very much beta but aims to replace DNS with decentralised nodes.
There are also projects like Unstoppable Domains [2] and Ethereum Name Service [3] which work right now if the browser supports them. They both use the Ethereum blockchain to sell domains as NFTs. In fact the ENS was around long before the NFT hype of today.
[1] https://handshake.org
[2] https://unstoppabledomains.com
[3] https://ens.domains
Also, decentralized != blockchain.