Why Blockchain? Why Permissioned Blockchain? & How to Implement It.

Note: last update in 2019 March; not all contents are up to date

5 Min Quick Read to Understand Block and Chain

In a not so scientific summary, blockchain is a shared network made of distributed and encrypted ledger.

Start with the concept of the distributed ledger:

Assume we have 3 persons A, B and C and they all agreed they will record transactions occurring among them regardless of whether they are the transacting parties or not. As such, A will record, on A’s ledger, that B paid 10 dollars to C in addition to B and C’s ledgers. A’s work can be used to audit B and C’s ledgers and vice versa. A, B and C’s ledgers make up a classic distributed ledger network.

Now, the concept of blockchain:

Let’s call the first transaction/record among A, B and C as a block from the previous example. As a result, we have a genesis block.

In addition to recording the transaction data within the subsequent blocks, we now make a rule in the distributed ledger network that all ledgers have to list transactions in a timely manner (timestamp) and the subsequent blocks have to include encrypted information about the previous block (cryptographic hash of the previous block).

By now, we have chained all the blocks in a shared distributed ledger – a blockchain network. If you want to know a little more, in reality, all 3 elements (transaction data of the current transaction, hash of the previous transaction and the timestamp) are saved in a block’s header.

Some add-ons (not necessary for this article):

Soon A, B, and C do not see a need to actually pay the dollars to each other because they know all the transactions and know who owes to whom how much. As such, a concept of the token is introduced to the network to replace dollars. Therefore, we have Bitcoin and ETC, etc. A, B and C later on decided that they do not want to record the ledgers themselves but they do need the proof of work done by someone else – thus they invited other people to join the network to perform the recording in exchange of token rewards – hence we now have Bitcoin and ETC miners.

Features, Challenges, and Application of Blockchain

Features

1. Shared Network – note I am very particular not to say “de-centralized” throughout the article despite de-centralization is the original fundamental design in blockchain and cryptocurrency. The difference between a true “decentralization” like Bitcoin network vs a limited “decentralization” like Corda is really about how deep the “sharedness” is built in each network. Regardless, it is all about disseminating information in a shared way.

2. Transparency – except for the encrypted information about the transacting party (if choose to do so), all transactions are transparent and traceable in the shared network by all participants.

3. Independent Availability - once rules and protocols are set, a blockchain network can run on its own in the shared network (there is an exception in a hard fork case – readers do not need to know for this article).

4. Security and Integrity – way more enhanced security with the independent multi-nodes structure in any blockchain (private blockchain included) when compared with a typical centralized design. Complete destruction of one or a few nodes causes little or no damage.

5. Anonymity – as mentioned in #2, the transacting party’s information is encrypted and hidden if choose to do so. As a result, almost perfect privacy protection is formed for each transacting party.

6. Inexpensiveness – b/c of lack of a central governance structure, the transacting fee is trivial when compared to a typical banking transaction (e.x. credit cards, etc.).

7. Speed - the transacting speed is almost instant when compared to traditional T+1 and T+2, etc.

Blockchain Challenges

If so good, how come Blockchain is still not widely used?

Let me speak of three common reasons:

1.   Cryptocurrency steals the blockchain win. I often mock this: if you can print money, why try to build a business making money? The amount of money raised in fraudulent ICOs has been so damaging that common folks started losing faith in blockchain for some time. This is ironic because blockchain is invented to solve the “trust” issue.

2.   It is against the intuition. It is like ski – in order not to fall down the hill, one has to lean forward. Since blockchain is a deeply shared network no single node can control everything, people do not feel comfortable in losing control for their business processes.

3.   It is against the law. The origin of “blockchain” or the original blockchain mission of “de-centralization” is anti-government. However, in reality, the law is the minimum requirement that all businesses should uphold and respect. The anonymity that a typical blockchain network provides goes against a lot of AML and KYC requirements internationally. The fact that Bitcoin is so widely used in human trafficking, darknet, drug and firearm dealing exactly illustrates this.

Nevertheless, it is still a very promising technology based on its features demonstrated above. The supply chain has gone furthest on the blockchain path so far. People often have the misconception that blockchain mostly handles financial data or can mostly be used for creating a token or a cryptocurrency. This is only partially right. Block, in a chained environment, can save a lot of information. Let me go over one important blockchain use case below.

Blockchain Application

A lot of people go against the idea of nuclear power plants, for logical reasons. One important reason is that current nuclear fission is not a complete “combustion” of uranium dioxide – this is why when an accident happens, a failed nuclear power plant causes longer-term damages than an atomic bomb. A proof exists today that while Hiroshima and Nagasaki are already populated, Chernobyl is still inhabitable. The majority of anti-nuclear power plant lobbyists are actually not afraid of nuclear technology - they are afraid of the greed of corporations combined with a non-transparent government.

Today, we have a monitoring mechanism in place for a nuclear reactor. USNRC (United States Nuclear Regulatory Commission), for example, publishes a series of reports to provide public knowledge over current nuclear plant operations. Feel free to check the website below:

https://www.nrc.gov/reading-rm/doc-collections/event-status/prelim-notice/2018/

According to one of the notices, on 11/14/2018, for the Palisades Nuclear Plant, a through-wall leak was identified on a reactor vessel head nozzle.

So, readers: How many of you know about this leak, even though it is public information? Do you know Palisades is in very close proximity to the very populated Lake Michigan area including Chicago, Milwaukee, and Grand Rapids? Do you have any real-time updated public information how is the repair going since November 2018? Finally, do you feel comfortable to have a nuclear power plant close to your backyard?

Imagine this. What if all nuclear power plant operational data can be seamlessly published on a public network where multiple agencies like USNRC, IAEA (International Atomic Energy Agency) and nuclear scientists across the globe can monitor real-time? Logistically, we need to implement a blockchain network as below:

1.   Each nuclear power plant will be considered a node and host a node terminal

2.   On a scheduled basis, the power plant is configured to re-route its key operation data from its central monitor to the node terminal and broadcast such to the blockchain network, creating a block.

3.   If desired, each power plant can build a subnet blockchain network across multiple monitoring devices below the central monitor.

4.   All power plants across the U.S. can then broadcast such information constantly in real-time based on a set schedule. Agencies, scientists and frankly everyone can then join this public blockchain network as participants to freely observe the data published in each block.

Some outright benefits from this structure:

1.   This is an effective way to share real-time information at little cost among agencies, engineers, scientists, and the public.

2.   Once data are published, by definition, blocks cannot be overwritten or manipulated, providing better public confidence in such crucial data. No government or corporation can alter the data once published – responsibilities can be clearly traced.

3.   Any node does not publish such data on time automatically alerts the general public and regulatory agencies, prompting JIT (Just-In-Time) investigations.

4.   Data shared among scientists can be easily AI modeled to better predict operational outliers and proactively manage risks.

5.   Afraid of terrorists targeting specific power plant after observing such data? Remember, the participants can be totally anonymous in the network – only US agencies need to know which ID represents which plant.

Here is one add-on:

Some auditor friends concerned whether they would lose jobs if data integrity is assured all along. Blockchain, at its current stage, can protect data integrity during information transmission or dissemination but not at the data origin. We still need auditors to provide assurance over the source data. That is if a power plant is configured to broadcast manipulated/tainted data in the first place, it does not matter how perfect the chained communication network is.

Permissioned Blockchain – A Necessary Compromise to A Blockchain Betterment

Permissioned Blockchain Autopsy

Just like the nuclear power plant use case, because of the blockchain “decentralized” design, it is natural to implement blockchain tech in many public affairs.

What about a reasonable and practical private business use case? This is hard to come up with because of the challenges we discussed earlier – 1) lack of control and 2) weak compliance. Most businesses and even those sophisticated technology organizations are pondering at this step.

To solve this, let us revisit our easiest A, B and C example and assume each represents a corporation. Ask yourselves this question: can we simply keep the network limited to these three corporations (by building a permissioned access layer) and not invite others to perform proof of work? Absolutely. Simply just keep recording the ledger by themselves – hence we have a permissioned blockchain or specifically a permissioned consortium blockchain: a multi-governor blockchain needs permission to get in. In this case, only A, B and C can transact using their network token and A, B and C each serve as a node.

If we assume A, B and C are nodes owned by one company, then we have a permissioned private blockchain network – basically a network controlled by one entity (totally against the “decentralized” design on paper).

Many consider that private blockchains that do not use any proof of work (blockchains without mining) are not blockchains at all, but simply shared ledgers. This can be a correct statement but, in my argument, as long as you have a block and a chain connecting blocks, it is blockchain technology.

Features

Permissioned blockchain inherits almost all blockchain features in a modified version (we will use private blockchain as a further illustration):

1. Shared Network – in a private blockchain, the network owner can establish network nodes on its will and allow others to join, not as nodes, but merely as participants with transacting capabilities. This is still a shared network and only the controlled nodes can record ledgers – in other words, participants do not even realize they are part of a private blockchain.

2. Transparency – except for the encrypted information about the transacting party, all transactions are transparent and traceable in the shared network by all participants if configured so. A private blockchain owner can disable this and only allow itself to see all transactions and related histories.

3. Independent Availability - once rules and protocols are set, a blockchain network can run on its own in the shared network. A private blockchain, in addition to the enhanced availability through multi-nodes, can also set its rules and protocols almost at any time as it wishes.

4. Security and Integrity – A private blockchain is less secure than a public blockchain but is still way more secure with independent multi-nodes structure when compared with a typical centralized design.

5. Anonymity – as mentioned in #2, the transacting party’s information is encrypted and hidden if choose to do so. However, there is no anonymity to the private blockchain owner.

6. Inexpensiveness – for the blockchain owner, it is slightly more expensive to maintain a multi-nodes structure when compared to a traditional centralized design. However, the additional costs for multi-nodes are offset by additional security and business continuity costs that would be otherwise required for a central design.

7. Speed - the transacting speed (of a private blockchain) is even faster than a public blockchain network like Bitcoin, etc. because network validation only goes through a limited number of nodes in a private blockchain.

8. Exchangeability (additional) – it is easier in private blockchains to set up an exchange mechanism to exchange one token on one private blockchain with another token on another private blockchain, via a. notary schemes or b. sidechain. Also, it can easily be translated into other currencies.

How Permissioned Blockchain Tackles Blockchain Challenges

Before we visit permissioned blockchain applications, let us re-visit the previously listed blockchain challenges and see how permissioned blockchain handles such:

1.   Cryptocurrency – the creation of cryptocurrency is not required in permissioned blockchain. Block can be manipulated to save any information such as the creation of a smart contract. People often argue that we can host smart contract solutions in a public blockchain network. In my mind, this is technologically feasible but practically utopian. To make a smart contract network credible, one would need a credible entity back it up. Thus by design, a smart contract network fits best for a permissioned blockchain (either consortium or private blockchain network). Below is an example of a smart contract network from blockchainhub.net so I do not have to re-create wheels:

https://blockchainhub.net/smart-contracts/

If a token is deemed required for a permissioned blockchain network, a so-called “stablecoin” can be created. Permissioned blockchain network owner(s) can mandate each coin’s value (typically 1:1 to USD or other functional currency). This way, users of the stablecoin can avoid the risk of public cryptocurrency value/price fluctuation, which is affected by purely supply and demand.

2.   The issue of control – a permissioned blockchain takes a step backward from a public blockchain and added a permission layer to the network. Rules and protocols can be self-managed by businesses just like terms and conditions currently agreed by customers for commercial websites.

3.   The issue of compliance – because the network is under control of permissioned blockchain owner(s), compliance efforts can be easily implemented as there is no anonymity that exists in owners’ perspective. KYC and AML requirements can be easily enforced. In fact, it is easier to meet AML requirements in a permissioned blockchain network than traditional eCommerce because the permissioned blockchain network can trace all transactions in a very clear, timed and systematic manner.

In the following, we will see some permissioned blockchain applications.

Permissioned Blockchain Application

Permissioned Consortium Blockchain (B2B application is not the focus of this article so I will be short and precise here)

Permissioned consortium blockchain has evolved for quite some time. The best application today is R3 Corda Consortium. Hundreds of major banks and financial services firms have joined this consortium hoping to push B2B transactions to an effortless, costless, and more secure level. One modification to a distributed ledger network R3 implemented is that instead of broadcasting ledgers to the network, communication between nodes is P2P (point-to-point) and encrypted. This means, back to our A, B and C scenario, A will not know nor record transactions between B and C (no proof of work) - R3 designed its consortium network to be partially shared, also as demonstrated in the below chart from the R3 technical document:

https://docs.corda.net/key-concepts-ledger.html

Here is what a partially shared distributed ledger means: facts 1 and 7 will only be known by Alice and Bob. Fact 3 will be known by Demi, Ed, and Carl, etc.

For transactions, using chains and timestamp, R3 Corda tracks the commercial state of a transaction as below (new information overrides the old):

https://docs.corda.net/key-concepts-states.html

If we take a look inside the node, the node will maintain all histories to the transactions it knows and keeps the most current/relevant in its database:

 https://docs.corda.net/key-concepts-states.html

While R3 Corda is definitely one of the leading tech fronts for financial firms in a B2B setting, I will stop here and let us focus on the B2C private blockchain below because B2C is the foundation of all businesses.

Permissioned Private Blockchain

Chase has led the trend in private blockchain after launching Chase coin using the Ethereum-based Quorum solution. However, in my mind, the extent of Chase coin functionality is limited to B2B at this stage. There is nothing fancier than our A, B and C scenario above - Chase is using its permissioned private blockchain ledger to keep track of balance transfers within the bank's business and internationally between institutional clients. There is no confirmation from Chase that Chase coin will be used in its retail business, at least not for the near term.

So how we get there? How can business leverage permissioned private blockchain to handle B2C transactions and add value to the business? Let us go over the below private blockchain use case of Customer Blockchain Value Account Creation.

Value Account Definition: Businesses often maintain customer account where the pre-paid value (e.x. gift card balance, reward points, etc.) can be stored and later used in subsequent customer purchases. There are two major benefits for establishing a value account – A. encourage customer loyalty (if you have money in the account, you are more likely to make the next purchase) and B. subsequent purchases out of a value account can circumvent typical transaction fees charged by online payment processing services or credit card companies ranging 2% to 5% in addition to the financial gains generated by the unused balances in value accounts (e.x. breakage and interest).

Problem Statement:

1.   Payment processing fees are hard to avoid in current scenarios:

a.   Gift card sale often has to be heavily discounted by sharing a margin with retailers on top of payment processing fees at the time of customer checkout.

b.   Payment processing fees are unavoidable when a customer chooses to fill up a value account balance online using credit/debit cards.

c.    Even in the case of reward points redemption, b/c reward points can hardly fill the entire order in most cases, payment processing fees will still occur for the remaining balance.

2.   The operation and maintenance of a customer value account can be burdensome. A lot of online retailers choose not to have a value account despite the two major benefits listed above because they do not believe the benefits will exceed the costs. This is very true considering the following costs:

a.   Workforce and technology needed to maintain a customer balance: a business will need more support center operation specialists to handle support requests from a customer value account. Multiple back-end databases and front-end architecture will also be required to operate such accounts along with technology owners.

b.   Traditional value account has significant Account-Take-Over risks from an enterprise’s side: as long as criminals have a perception that a customer has value left in his/her account, criminals will always want to take the account over to exploit financial or other benefits. Businesses spent tons of millions every year to enhance security measures around the centrally managed customer accounts but are still being hacked all the time, losing millions of dollars and more importantly customer loyalty and faith.

c.    Accounting and finance management of a value account is not easy. Accounting for breakage resulted from customer value account is very complicated. Same complication exists for financial management of value account – corporations need to make sure they have allocated enough resources when customers all redeem values in their accounts (e.x. when all/significant amount of value accounts are redeemed, does a corporation have enough cash on hand to purchase inventories to satisfy redeemed purchases?).

3.   Customer Value Account is not appealing to customers for lack of following functions:

a.   Lack of refund capability – the primary reason why people do not buy a gift card for own usage is that gift cards can barely be refunded as cash.

b.   Lack of cross-platform exchange mechanism – you fill up some value in your Amazon account and want to use that to purchase a trip on Expedia?

c.    Lack of global application – even today and even for Amazon, you cannot use your US Amazon account balance in Amazon Japan.

Permissioned Private Blockchain Value Statement (How Does Permissioned Private Blockchain Handles Challenges Above):

1.   Tackle payment processing fees for your business:

a & b above – issue a private blockchain token/coin in the network and simply offer the customer to purchase via fee-free channels after signing up an account. ACH is one of the fee-free options to transfer funds to a business in exchange for a respective number of coins. Because transaction fees can be avoided (and business can save huge opportunity interests on the money collected upfront), a business can pass down the savings back to customers at check out (e.x. check out using the network token will save additional 2-5% of the total purchase).

c above – instead of giving reward points, one can simply issue a respective token, which can be transferred among customer accounts by design in a private chain network (e.x. imagine a flight traveler can transfer any amount of unused mile rewards in a token form to anyone he knows without a fee).

2.   Tackle O&M of customer value accounts:

a.   It is actually not very hard to implement a private blockchain. The owner can establish whatever number of nodes on its will and once rules and protocols are set and configured, the system will largely run on its own.

b.   A private blockchain can actually relieve the burden of the enterprise security department due to its distributed and duplicate structure. Unless more than 51% of the nodes are compromised at the same time by the same hacker, the account take over risk from the business side is not huge.

c.    Once the value accounts are filled with tokens, financial planning becomes much clear with customer value accounts. The company, can act as a federal reserve on its own, makes sure it has proper reserve coverage for token redemption (either refund in cash or used in purchases) using proper financial models. Because a token can be built as a stablecoin in a private permissioned blockchain network, the accounting value in each customer account is crystal clear.

 3.   Tackle limited functionality issues:

a.   The refund issue with the customer’s value account is by design can be solved with a private blockchain. Customer ACH in for coins and business can ACH out to give back cash. People may argue the business will lose the benefits of breakage in this way, which is very wrong. Remember this: customer breakage is never a good thing for any business. This article is not about marketing so I will not elaborate on why customer breakage is bad.

b.   A private blockchain can easily implement a sidechain to go across the platform. This is huge because soon Facebook will have its own private blockchain coin and the same probably with Google, Amazon, etc. Customers will not want to have some tokens that cannot transfer into other tokens. In other words, permissioned private blockchain is almost inevitable.

c.    A private stablecoin can be tackled with one functional currency that the network owner dictates and the private blockchain network can simply translate the coin value real-time into other currencies based on the public exchange information. There is something better out of this: foreign exchange fee does not even exist anymore because people are using exchanged tokens to transact.

Permissioned Private Blockchain Design

Again, there is not much more complication in a private blockchain design than a traditional design. To summarize it in a not so scientific way again, it is simply to expand the existing centrally managed transaction process to multiple nodes.

Below is a very high-level comparison between a traditional transaction architecture vs a private blockchain:

I strongly recommend using Hyperledger Fabric to establish a private blockchain for customer value accounts due to many technical reasons (sorry Quorum), even though Hyperledger is not initially designed to solve token issues.

Let’s examine the typical types of participants in a private blockchain network as shown below.

https://mastanbtc.github.io/blockchainnotes/blockchaintypes/

https://mastanbtc.github.io/blockchainnotes/blockchaintypes/

Let’s also examine the typical components of a private blockchain network as shown below.

https://mastanbtc.github.io/blockchainnotes/blockchaintypes/

Note Hyperledger Fabric 1.0 is recently launched in 2017 and a typical flow is slightly different from other Hyperledger approaches:

https://www.hyperledger.org/wp-content/uploads/2017/08/Hyperledger_Arch_WG_Paper_1_Consensus.pdf

Many people who are familiar with Hyperledger Fabric may wonder that how does Hyperledger Fabric 1.0 solves customer value account problems since it was initially designed for smart contracts instead of tokens/cryptocurrencies. Most people do not realize that we can simply borrow Ethereum’s logic to build one or more token(s) using Hyperledger Fabric by initiating a token smart contract. It is really a matter of how to code the contract to perform the token functions similar to ERC-20: issuance of coins, transfer, balance check, account freeze, additional coin issuance, and network freeze, etc. Refer to an example of token smart contract coding using Hyperledger Fabric, written by Netkiller on his blog (https://www.netkiller.cn/blockchain/hyperledger/fabric-sdk-node/chaincode.file.html). 

Conclusion:

Hopefully, by now, you have a good grasp of blockchain and permissioned blockchain – they are real technologies can make our lives easier and lead our businesses onto a brighter path. Private blockchain customer value account use case is very close to token/cryptocurrency and hope this can provoke some discussions in your businesses to save some money – and do not forget to pass down some savings to your customers!