There's a lot going on in the world of decentralised networking and not just the daily rollercoaster ride of the cryptocurrency markets. A decade after the mysterious Satoshi Nakamoto first unleashed Bitcoin on an unsuspecting world, the blockchain has grown and branched out and now a thousand flowers blossom, some of them rather peculiar blooms indeed.
Look around and you'll see that blockchains are apparently the answer to every problem. From replacing the global banking system to guaranteeing the provenance of diamonds to paying your dentist - there's a blockchain for that.
Overhyped they may be, but blockchains actually are a big deal and they will get bigger. Their potential for secure 'trustless' interchange is too great to ignore and once the silliness has died down inevitably some serious use cases will emerge.
Indeed that's already starting to happen, hence this blog. We'll be updating this page every few days to reflect the serious innovations bubbling up in this most interesting and volatile of spaces. (Also check out our rolling 5G coverage.)
15/08/2018 Blockchain-based smart contracts present a unique risk, and companies should be wary of deploying them for anything with serious real-world repurcussions. That's according to code verification and programming language expert Grigore Rosu, professor of computer science at the Univerity of Illinois.
Smart contracts are small programs coded on top of a blockchain that run automatically as soon as conditions are right. An example might be an insurance payout after extreme weather, or a machine ordering its own consumables once stocks decline to a certain level.
Nothing new in that, you might say, but smart contracts have the potential for automating such conditions-based transactions on a massive scale, removing the need for a trusted human third party, even in white collar sectors such as law and finance.
Smart contracts are immutable; they're validated by multiple parties and can't be changed or corrupted. This is at once their strength and their weakness.
"There are two big problems with smart contracts," said Rosu. "One is that the code is public so you can work out how to attack it. Secondly, once you have a smart contract - that's it. It deploys and you cannot change it. So if you find a bug you can't fix it, you have to deploy a different version of the contract in a different account and exchange it with the old one which is a very heavy process."
He points to the example of the now-defunct cryptocurrency Beautycoin (BEC), which was killed off by a so-called batch overflow attack in April.
Two attackers, presumably having studied the code and spotted an eventuality the designers hadn't thought of, initiated simultaneous transactions using input parameters chosen to create a sort of feedback loop. Unprepared, the smart contract went beserk, generating tokens that were ostensibly worth more than five octodecillion dollars (five and eighty zeros). While no-one had to pay back that impossible sum, the coin was dead and worryingly it took two days for the hack to even be discovered.
Blockchain enthusiasts, it seems, suffer from a form of myopia; because of all that energy burned in proof of work they believe their beloved innovation is all but impregnable. But it turns out cryptocurrencies - which are after all basically just transactions stored on a blockchain - are plagued by glitches, as the number of crypto exchange hacks makes clear.
Recently, MIT researcher Corey Fields discovered a flaw in the signature verification code that would have been fatal to Bitcoin Cash had it been exploited. "The threat of software bugs is severely underestimated in the cryptocurrency world," he said.
Bugs and vulnerabilities can pop up all over the place, including the code of the smart contract itself, the programming language it's written in and the compiler that translates that code into machine-readable language.
"I'm scared because these languages are not very well designed. If a language is poorly designed then as a developer of smart contracts on a blockchain you may struggle to understand what your program actually does, and then the compiler can add its own bugs, and then the program itself may have bugs such as buffer overflow and all sorts of programming language-specific errors," Rosu said.
"Compilers also have bugs, and if you understand how the compiler works as a hacker you can exploit those."
Human verifiers are are worthless in this regard since a flawed compiler produces corruptions in the bytecode, which is only really readable by machines.
However, there are proven mathematical means of verifying the ‘correctness' of the machine code. While time-consuming, these techniques can be applied to smart contracts since they tend to consist of just a couple of hundred lines of code. Indeed, for the sake of us all, they should be said Rosu, who came up with the K-framework described as a 'rewrite-based executable semantic framework in which programming languages, type systems and formal analysis tools can be defined using configurations, computations and rules", fifteen years ago (It should be pointed out that Ruso has a vested interest here. His K-framework has been monetised via a business spun out of the University of Illinois called Runtime Verification).
While a smart contract might take two weeks to audit mathematically at the bytecode level and more complex code such as the CASPER consensus algorithm six months, most of that time is spent in specifying what the code is meant to do, said Rosu.
"If you make a mistake in the specification level then no matter what you do the proof is meaningless because the specification was wrong."
Given the complex mix of ethical and technical considerations, the specification of algorithms will require intensive human input for the foreseeable future. Coding, on the other hand, could perhaps be better done by machines. For safe smart contracts, the ultimate aim should be schematic-based compilation, or code that generates itself automatically based on what it's supposed to do, Rosu said.
"The question that many people in the blockchain space should ask themselves is why should we even write code at all? We should generate code that's automatically correct by construction, from the formal specification. This is feasible, and we are working on it."
Have we reached peak blockchain hype? How much further can the bubble of expectations continue to inflate? Calling the top of any hype cycle is a finger-in-the-air exercise at best (unless you happen to be holding a pin behind your back), but there are signs that rationality may be taking hold.
Analyst firm Forrester reports that many blockchain pilot projects are being wound down having failed to come up with any persuasive use cases. Early adopter Nasdaq, which had high hopes for blockchain for managing shareholder meetings and issuing stock has not seen ideas come to fruition as quickly as it had envisaged two years back, according to Bloomberg.
"The disconnect between the hype and the reality is significant - I've never seen anything like it," said Gartner analyst Rajesh Kandaswamy. "In terms of actual production use, it's very rare."
Certainly, the number of organisations actively adopting blockchain is vanishingly small - just one per cent of CIOs surveyed by Gartner put themselves in that category, while 80 per cent had no interest whatsoever.
This could spell bad news for platform providers such as IBM and Microsoft which made most of the early running, although one would suspect they would have factored the hype cycle into their strategies.
The biggest hurdle is compatibility between alternative blockchains. Companies don't want to be locked into one platform at this early stage of development and are playing a game of wait-and-see. Then there are the familiar problems of scalability and throughput - all of which are being worked on but with few mature solutions to show for these efforts as yet.
That said, blockchain investment in the first half of this year has already exceeded that for the whole of 2017 with fintech applications a particular focus of that investment, according to a report by KPMG. The closed pilots may simply demonstrate a growing understanding that blockchain is not the answer to every problem after all, but could be a game changer for some.
24/07/2018 Google Cloud is nailing its colours to the blockchain mast, partnering with a couple of startups, Digital Asset and BlockApps. More details will be revealed today at the Google Cloud Next 18 event in San Francisco in a session covering Google Cloud's approach to distributed ledger technology (DLT) partnerships.
"Customers can now explore ways they might use distributed ledger technology (DLT) frameworks on GCP [Google Cloud Platform] with launch partners including Digital Asset and BlockApps, and try open-source integrations for Hyperledger Fabric and Ethereum later this year in our GCP Marketplace," Google says in a perfunctory paragraph in its cloud partnerships blog.
Google has been slower off the mark than rival cloud vendors. Microsoft Azure, Amazon AWS and IBM have had blockchain partnerships for a couple of years now and are beginning to boast of real-world projects.
Google doesn't go into a lot of detail in its blog, presumably not wanting to spoil the fun for paying delegates, but its chosen partners are more effusive.
"Google's entrance into the blockchain space is a landmark event for the growing blockchain ecosystem and cements the continued investment in blockchain solutions for Enterprises," says BlockApps on its website.
"As GCP adoption grows, the developer-friendly BlockApps STRATO platform enables more enterprises the ability to test and implement blockchain application solutions across any business sector,"
STRATO is a blockchain-as-a-service platform which the company claims lowers the barriers to creating decentralised applications (dApps) as it offers a RESTful API to communicate with the blockchain backend. The company is based in New York.
Digital Asset is also headquartered in New York. It provides a distributed ledger platform and smart contract modelling language called DAML.
"In collaboration with Google Cloud, Digital Asset has expanded its developer program to include the DAML Platform-as-a-Service (PaaS) on Google Cloud Platform. The DAML PaaS is a fully-managed solution that developers can use to test and deploy DLT applications, accessible through Google Cloud's Orbitera application marketplace technologies. Combined with the DAML SDK, developers now have an end-to-end toolkit to build and deploy sophisticated distributed applications," the company says in a press release.
17/07/2018 Consortium-based efforts to rationalise supply chains are perhaps the main real-world use cases for blockchains to emerge so far, outside of the world of cryptocurrencies. Another such venture was unveiled this week when consultancy Accenture and defence firm Thales announced a blockchain-based system to secure and improve the efficiency of aerospace and defence (A&D) supply chains at the Farnborough Air Show on Monday.
The system, which is based on the Linux Foundation's Hyperledger blockchain framework, also uses Thales's "physically unclonable function (PUF) solution for silicon chips and Chronicled's tamper-proof cryptoseals" in order to keep track of parts and materials used in aircraft manufacture, where counterfeit components have been a cause for concern, according to Accenture's website.
"Identifying counterfeit and grey-market goods in the A&D supply chain can be challenging," said Gareth Williams, vice president for secure communications and information systems at Thales UK.
"Using blockchain in combination with cryptoseals and physically unclonable functions allows you to build a trusted history behind parts. This demonstration builds on the strong relationship Accenture and Thales have created developing innovative digital solutions for a variety of industries."
Like similar systems being developed by the likes of FedEx and Maersk, the system is designed to provide transparency to all participants in the supply chain, as well as creating an immutable record of all transactions in the supply chain.
"The aerospace and defence industry has one of the world's most vast and complex supply chains. Blockchain technology offers a new, elegant and secure way for the industry to track and trace myriad components while deterring counterfeiting and improving maintenance capabilities," said John Schmidt, the head of Accenture's A&D unit.
"Used in combination with technologies like digital twins and digital threads, blockchain could ultimately be a game-changing innovation for this sector."
03/07/2018 A consortium of European banks has announced the first commercial trades on its blockchain-based we.trade platform.
The we.trade platform is a collaborative effort that was kicked off by a consortium of seven banks: Deutsche Bank; HSBC; KBC; Natixis; Rabobank; Societe Generale; and UniCredit. They were later joined by Santander and Nordea. we.trade is headquartered in Dublin.
The consortium announced Tuesday that seven commercial trade transactions have now been completed by 10 companies on the platform across five countries.
"We are delighted to have launched for the first time in the world, a blockchain-based platform that enhances the overall customer experience, when trading internationally. The next step will be getting buy-in from additional banks and their customers in Europe and further afield", said we.trade COO Roberto Mancone in a statement.
By directly connecting all the parties - the buyer, the buyer's bank, the seller, the seller's bank and transporter - in a domestic or transnational transaction in a way that covers all of the governance rules and regulations that apply to the individual banks, we.trade aims to make trades more straightforward. Presently it covers 11 European countries: Belgium, Denmark, Finland, France, Germany, Italy, Netherlands, Norway, Spain, Sweden and the UK.
we.trade is built on the IBM Blockchain Platform and based on Hyperledger Fabric, the open-source blockchain framework implementation hosted by The Linux Foundation.
Hyperledger Fabric is designed to simplify the act of developing blockchain-based applications and smart contracts by allowing components such as consensus and membership services to be plug-and-play. Originally introduced by IBM and Digital Asset, many of the banks that make up the we.trade consortium are also members of the Hyperedger project.
"As we.trade has moved from pilot applications to conducting live transactions across borders, it has demonstrated the power of blockchain technology in an enterprise setting," said Parm Sangha, GBS blockchain leader at IBM.
"To convene a large network of regulated banks and demonstrate how blockchain technology can help them gain efficiencies and provide greater transparency in live transactions is a disruptive model that has the potential to reshape the future of global trade finance."
The consortium aims to move outwards from its base of founding members, offering the service to other banks by making we.trade available on a licence-type basis in order to expand the platform as quickly as possible.
29/06/2018 UK blockchain-as-a-service firm Stratis has unveiled programmable sidechains as an alpha release.
A sidechain is a blockchain that's based on the core code of the main chain and is interoperable with it, but which allows for bespoke operations without affecting the main branch. This allows companies to experiment with creating blockchain applications without risk of adversely affecting the main chain or compromising privacy by making data public. At the same time, any updates to the main blockchain code are propagated down to the sidechains.
"Stratis sidechains have been designed so that in the future enterprises can run smart contracts on sidechains, opening up a wide range of use case such as exchanging documents between a range of companies within an industry, for example invoices or order forms," lead developer Jeremy Bokobza told Computing, adding that the sidechain can be customised by changing parameters like block interval and block size.
"One of the main advantages of sidechains are the ability to improve scalability for applications like payments and IoT, which could be hundreds of thousands of transactions."
The Stratis blockchain runs on the Microsoft .Net framework and is written in the familiar C# rather than using a specialist language and environment, a decision the company took to make creating decentralised applications and smart contracts more accessible to enterprise developers. It says it will soon provide support for Microsoft's functional programming language F# which is particularly popular in the financial sector, the main area of focus for the London-based firm.
Stratis is based on the Bitcoin blockchain but with the Proof-of-Work consensus mechanism (essentially security through burning electricity) replaced by Proof-of-Stake (decision-making powers dished out according the stake - e.g. number of coins - held by each player) to increase scalability in the enterprise setting. It is designed to support smart contracts, enabling actions to be undertaken without human intervention once predefined conditions are met.
Among the use cases for the programmable blockchain, the company lists auctions and peer-to-peer lending to investment funds, insurance settlements, real estate transactions, domain name registries and digital copyright.
The sidechains will increase the flexibility of deploying smart contracts and decentralised applications, according to CEO Chris Trew.
"As an example, if an enterprise wants to improve efficiency by moving invoicing or asset tracking to a blockchain solution, it's likely that they will not want to publicise that data. That's when a private sidechain becomes a flexible solution that's quick to test and deploy, as well as easy to maintain," he said.
"Sidechains are a critical step in making blockchain accessible to enterprises wanting to benefit from blockchain while retaining full control of their business processes and privacy."
As essentially restricted private blockchains, each sidechain would be overseen by those using it, said Bokobza.
"Sidechains are governed by a foundation which is made up of say a group of banks or a group of automotive firms that wish to collaborate on a blockchain cross-industry project. Or more simply, a collection of senior managers from an individual organisation that make decisions on the direction the sidechain takes."
26/06/2018 Some of the world's biggest food producers have come together to build a blockchain-based system for tracking the provenance of food items.
The ability to trace food through the supply chain is particularly important in the event of contamination. An outbreak of E. coli in the US involving romaine lettuce that began in April has killed five people to date with almost 200 cases reported across 35 states. The source has been tracked down to an area of Arizona, although no individual farm has yet been identified.
The complex nature of the supply chain makes it very difficult for the authorities to trace dangerous or contaminated food quickly. Each company in the chain is required to record only a small fraction of the overall steps and the authorities must reproduce the full picure from a disjointed and often incomplete set of records. In cases such as the above such delays can be fatal.
Ten companies Walmart, Nestlé, Dole Food, Driscoll's, Golden State Foods, Kroger, McCormick, McLane, Tyson Foods and Unilever have come together to create a consortium called the Food Trust which aims to reduce the product recall time using a blockchain architecture. It should also improve the efficiences in other areas of the supply chain.
Built in partnership with IBM, the system has been in development for a year and is still pre-release. The blockchain currently contains information about one million food products, and initial tests have been encouraging, reports the WSJ.
"You're capturing real-time data at every point, on every single food product," said Frank Yiannas, vice president of food safety at Walmart, adding: "It's the equivalent of FedEx tracking for food."
Yiannas said that in tests, a consignment of Mexican mangos sold in a US Walmart store was traced back to its supplier in 2.2 seconds. Using the traditional method with barcodes and paper receipts it took a week.
22/06/18 London-based professional services giant EY and Microsoft have teamed up to launch a blockchain that's designed to simplify the fiddly and time-consuming business of managing digital rights and royalties.
Intellectual property (IP) owners such as authors, songwriters, artists, production houses, developers and others will be able to track how their creations are used and monitor revenues coming in from partnerships and licencing arrangements in near real-time.
Built on the Quorum blockchain developed by investment bank JP Morgan, the EY press release says it's designed to increase efficiencies in the system. Calculations about what is owed to whom currently tends to be a manual process, it notes, and generally managed via offline data sources.
Since it will provide visibility of sales transactions as they happen, content providers will be able to react quickly to market demand, claims EY. This is made possible by smart contracts that are written into the blockchain.
"The embedded smart contract architecture is designed to enable accurate and real-time calculation of each participant's royalty position, providing enhanced visibility for recording and reconciling of royalty transactions," the blurb says.
JP Morgan's Quorum is based on Go Ethereum, an implementation of the Ethereum blockchain written in the Go language, but with a few tweaks. The first is that it's permissioned (private), meaning that only approved nodes can join it. Because of this, it can use a simplified consensus mechanism that relies on a majority vote, which also makes transactions significantly faster than Ethereum, which is a public or unpermissioned blockchain. And since it is designed to manage financial transactions more privacy is built in.
The new rights and royalties management solution runs on Microsoft Azure cloud. It has already been rolled out to a few games producers that use Microsoft's platform, among the first being Ubisoft, which is currently testing the system. It will later be extended to other gaming companies and eventually to authors and musicians and other creative types too.
While the EY press release doesn't actually give the new system an official name, Redmond seems to have already dubbed it the 'Microsoft Rights and Royalties blockchain network' with no mention of EY in the title. Now, how to manage who gets naming rights?
Next page: Blockchain doubts voiced by bankers; Microsoft's BaaS customers; EOS mainnet launch; China bigs up blockchains; Maidsafe's PARSEC consensus algorithm
Trump reverses Obama-era policies on the use of cyber weaponry
Scottish Government deploys Pure Storage to support Agricultural & Rural Economy Directorate VDI environment
All-flash array storage has slashed build times for developers and cut downtime
291,000 now work in app development in the UK, according to Apple
Investment in STEM education sees rise in number of students taking the subjects, though proportion of A* grades falls