There's a lot going on in the world of decentralised networking and not just the daily rollercoaster ride of the cryptocurrency markets. A decade after the mysterious Satoshi Nakamoto first unleashed Bitcoin on an unsuspecting world, the blockchain has grown and branched out and now a thousand flowers blossom, some of them rather peculiar blooms indeed.
Look around and you'll see that blockchains are apparently the answer to every problem. From replacing the global banking system to guaranteeing the provenance of diamonds to paying your dentist - there's a blockchain for that.
Overhyped they may be, but blockchains actually are a big deal and they will get bigger. Their potential for secure 'trustless' interchange is too great to ignore and once the silliness has died down inevitably some serious use cases will emerge.
Indeed that's already starting to happen, hence this blog. We'll be updating this page every few days to reflect the serious innovations bubbling up in this most interesting and volatile of spaces. (Also check out our rolling 5G coverage.)
Computing's Cloud & Infrastructure Summit Live returns on Wednesday 19 September, featuring panel discussions with end-users, strategic and technical streams and a session with guest speaker Inma Martinez. The event is FREE to qualifying IT leaders and senior IT pros, but places are going fast. Register now!
11/09/2018 Blockchain-based driving licence trial rolled out by Australian state
The Australian state of New South Wales is to extend its trial of blockchain-enhanced digital driving licences.
Changes to NSW state law in May allow drivers to use their digital licence for proof of identity and proof of age in place of a physical document for renewing fishing licences, buying alcohol, as proof of responsible gambling behaviour - and for police checks.
The licences already incorporate a number of methods to protect against ID fraud; these will soon be joined by a blockchain-based system called TrustGrid developed by Australian firm Secure Logic, an incumbent supplier to Australian government.
"The Digital Driver Licence has a range of security technologies protecting the integrity of the system and privacy of a customer's identity," a NSW spokesperson told iTNews.
The aim of the scheme is to use a blockchain-based system to secure and authenticate the information held on the licences, allowing users to validate themselves via a smartphone app without requiring further checks. The app also allows users to renew their licence or amend their details without recourse to the authorities.
The blockchain trial started last year in the town of Dubbo. 1,400 volunteers signed up for a three-month trial, using their digital licence as proof of identity and age in pubs and clubs. It will soon be expanded to 140,000 users in Sydney before an expected statewide rollout by the end of 2019.
Secure Logic CEO Santosh Devaraj is (understandably) keen to push the wider implications of the trial for government services.
"The era of standing in line to file government paperwork is coming to an end, as is our reliance on physical identification cards to establish your identity or proof of age with law enforcement or at licensed venues. These are mistake prone, time-consuming, expensive, and impractical ways to offer services," he said.
24/08/2018 Soluna plans clean energy option for crypto-miners
Blockchain has a big energy problem. To remain secure, blockchains such as Bitcoin rely on the Proof-of-Work (PoW) consensus mechanism must burn a colossal amount of energy. Just a decade old, Bitcoin already consumes as much energy as Ireland and will hit Austrian levels by the end of this year.
Bitcoin miners tend to hunker down where energy is cheap. This means Iceland, where cryptocurrencies are already using more of the country's geothermal supplies than consumers, or places like China where electricity comes from cheap but highly polluting coal.
There are less energy-intensive alternatives to PoW such as Proof-of-Stake, Proof-of-Capacity and Proof-of-Resource, but the blockchain that powers Bitcoin and related currencies is the big one and will remain so for the foreseeable future. And of course blockchain's potential is far wider than cryptocurrency - as use cases increase so will power consumption.
Now an energy and technology firm is looking to provide a dedicated renewable resource for crypto-mining. Soluna plans to build a windfarm in one of the windiest onshore locations in the world in the Moroccan Sahara. It predicts the 15,000-hectare site will generate up to 900 megawatts - or about a third of the current energy demands of the Bitcoin blockchain. Electricity will be supplied to a high-density data centre dedicated to cryptocurrency mining at a price equivalent to or even lower than cheap Chinese coal, around US $0.03 per kilowatt-hour.
"Soluna's mission is to power the crypto-economy with clean, low-cost renewable energy. To do this, we are building a blockchain infrastructure and cryptocurrency mining company that owns its own renewable energy resources," the company says in its brochure.
Money generated from the crypto-mining will pay for further renewable development including supplying Morocco's electricity grid, the firm says. It anticipates connectivity to the main grid to be available next year.
"Soluna will provide computing power for whatever is most beneficial for its business, whether that's cryptocurrency mining, distributed graphics rendering, file storage, machine learning, AI or other services of the decentralised cloud of blockchain technologies that have yet to be invented," says Soluna. "We are prepared to foster this future innovation. Green, renewable, low-cost power will serve as a key component."
Soluna has partnered with German wind power firm Altus AG and has approached vendors of chipsets and ASICs to equip its modular data centre ‘pods'. The windfarm and the data centres will be built using a phased approach, adding additional modules as capacity increases. The firm aims to have 36 megawatts of capacity operational by 2020 with the full 900 megawatts ready in five years.
Sounds promising, but a possible downside could be the exacerbating the problem of centralisation of mining power to a small number of locations thereby making the blockchain more vulnerable to attack.
20/08/2018 UEFA's blockchain powered ticketing app
All of the tickets for the August 15th UEFA Super Cup final match between Real Madrid and Atlético de Madrid in Tallinn, Estonia were distributed through a mobile app connected to a blockchain.
"UEFA chose a blockchain-based ticket distribution system combined with mobile Bluetooth devices at the stadium entrances," says UEFA on its website.
Tickets for major football matches have long been subject to touts and fraud, and this is UEFA's attempt to tackle the problem. The Bluetooth devices installed at the gates to the Le Coq Arena to were used to validate the tickets held on Apple and Android phones.
This is the first time that all publicly available tickets have been distributed this way. UEFA [Union of European Football Associations] piloted the system at a number of events, including most recently the 2017/2018 UEFA Europa League final between Atlético de Madrid and Marseille in Lyon, France in May. Half of the tickets sold for that match were distributed by the blockchain-based system, which has since undergone some fine tuning.
UEFA says it will "continue to develop the system further, with the aim of using it at future events."
The Super Cup final finished 4-2 to Atlético, with Costa netting two.
15/08/2018 The security risks of smart contracts
Blockchain-based smart contracts present a unique risk, and companies should be wary of deploying them for anything with serious real-world repurcussions. That's according to code verification and programming language expert Grigore Rosu, professor of computer science at the Univerity of Illinois.
Smart contracts are small programs coded on top of a blockchain that run automatically as soon as conditions are right. An example might be an insurance payout after extreme weather, or a machine ordering its own consumables once stocks decline to a certain level.
Nothing new in that, you might say, but smart contracts have the potential for automating such conditions-based transactions on a massive scale, removing the need for a trusted human third party, even in white collar sectors such as law and finance.
Smart contracts are immutable; they're validated by multiple parties and can't be changed or corrupted. This is at once their strength and their weakness.
"There are two big problems with smart contracts," said Rosu. "One is that the code is public so you can work out how to attack it. Secondly, once you have a smart contract - that's it. It deploys and you cannot change it. So if you find a bug you can't fix it, you have to deploy a different version of the contract in a different account and exchange it with the old one which is a very heavy process."
He points to the example of the now-defunct cryptocurrency Beautycoin (BEC), which was killed off by a so-called batch overflow attack in April.
Two attackers, presumably having studied the code and spotted an eventuality the designers hadn't thought of, initiated simultaneous transactions using input parameters chosen to create a sort of feedback loop. Unprepared, the smart contract went beserk, generating tokens that were ostensibly worth more than five octodecillion dollars (five and eighty zeros). While no-one had to pay back that impossible sum, the coin was dead and worryingly it took two days for the hack to even be discovered.
Blockchain enthusiasts, it seems, suffer from a form of myopia; because of all that energy burned in proof of work they believe their beloved innovation is all but impregnable. But it turns out cryptocurrencies - which are after all basically just transactions stored on a blockchain - are plagued by glitches, as the number of crypto exchange hacks makes clear.
Recently, MIT researcher Corey Fields discovered a flaw in the signature verification code that would have been fatal to Bitcoin Cash had it been exploited. "The threat of software bugs is severely underestimated in the cryptocurrency world," he said.
Bugs and vulnerabilities can pop up all over the place, including the code of the smart contract itself, the programming language it's written in and the compiler that translates that code into machine-readable language.
"I'm scared because these languages are not very well designed. If a language is poorly designed then as a developer of smart contracts on a blockchain you may struggle to understand what your program actually does, and then the compiler can add its own bugs, and then the program itself may have bugs such as buffer overflow and all sorts of programming language-specific errors," Rosu said.
"Compilers also have bugs, and if you understand how the compiler works as a hacker you can exploit those."
Human verifiers are are worthless in this regard since a flawed compiler produces corruptions in the bytecode, which is only really readable by machines.
However, there are proven mathematical means of verifying the ‘correctness' of the machine code. While time-consuming, these techniques can be applied to smart contracts since they tend to consist of just a couple of hundred lines of code. Indeed, for the sake of us all, they should be said Rosu, who came up with the K-framework described as a 'rewrite-based executable semantic framework in which programming languages, type systems and formal analysis tools can be defined using configurations, computations and rules", fifteen years ago (It should be pointed out that Ruso has a vested interest here. His K-framework has been monetised via a business spun out of the University of Illinois called Runtime Verification).
While a smart contract might take two weeks to audit mathematically at the bytecode level and more complex code such as the CASPER consensus algorithm six months, most of that time is spent in specifying what the code is meant to do, said Rosu.
"If you make a mistake in the specification level then no matter what you do the proof is meaningless because the specification was wrong."
Given the complex mix of ethical and technical considerations, the specification of algorithms will require intensive human input for the foreseeable future. Coding, on the other hand, could perhaps be better done by machines. For safe smart contracts, the ultimate aim should be schematic-based compilation, or code that generates itself automatically based on what it's supposed to do, Rosu said.
"The question that many people in the blockchain space should ask themselves is why should we even write code at all? We should generate code that's automatically correct by construction, from the formal specification. This is feasible, and we are working on it."
06/08/2018 Has the blockchain bubble burst?
Have we reached peak blockchain hype? How much further can the bubble of expectations continue to inflate? Calling the top of any hype cycle is a finger-in-the-air exercise at best (unless you happen to be holding a pin behind your back), but there are signs that rationality may be taking hold.
Analyst firm Forrester reports that many blockchain pilot projects are being wound down having failed to come up with any persuasive use cases. Early adopter Nasdaq, which had high hopes for blockchain for managing shareholder meetings and issuing stock has not seen ideas come to fruition as quickly as it had envisaged two years back, according to Bloomberg.
"The disconnect between the hype and the reality is significant - I've never seen anything like it," said Gartner analyst Rajesh Kandaswamy. "In terms of actual production use, it's very rare."
Certainly, the number of organisations actively adopting blockchain is vanishingly small - just one per cent of CIOs surveyed by Gartner put themselves in that category, while 80 per cent had no interest whatsoever.
This could spell bad news for platform providers such as IBM and Microsoft which made most of the early running, although one would suspect they would have factored the hype cycle into their strategies.
The biggest hurdle is compatibility between alternative blockchains. Companies don't want to be locked into one platform at this early stage of development and are playing a game of wait-and-see. Then there are the familiar problems of scalability and throughput - all of which are being worked on but with few mature solutions to show for these efforts as yet.
That said, blockchain investment in the first half of this year has already exceeded that for the whole of 2017 with fintech applications a particular focus of that investment, according to a report by KPMG. The closed pilots may simply demonstrate a growing understanding that blockchain is not the answer to every problem after all, but could be a game changer for some.
Next page: Google joins the party; Accenture and Thales create aerospace and defence supply-chain blockchain; European banks' we.trade platform; the Stratis sidechain; Microsoft and EY track rights and royalties; Walmart's food supply system.
Defining DevOps as a term is hard; defining the process is even harder
DevOps teams need to share the secrets of their successes before the methodology is rolled out, says Rob Vanstone of XebiaLabs
Aubrey Stearn, interim head of DevOps at the Solicitor's Regulation Authority explains how to ensure your DevOps culture results in secure releases
Switching to the cloud has lowered wait times, increased visibility and freed up resources at Stockport County Council
The SCC service desk gets about 5,000 tickets a month, and going online has saved time for customers and agents