Well, that was the fun. The nice people at the Meaning Conference gave me 13 minutes to try to explain what a blockchain technology is, what blockchains might do, and what the implications might be, to an audience of largely creative people. Quite a challenge.
Since they were creative types, I thought I ought to frame my explanations with poetry rather than mathematics. I decided to start with the Ur-statement of ordered immutability, the Rubiyaat of Omar Khayyam (1048-1131):
“The Moving Finger writes; and, having writ,
Moves on: nor all thy Piety nor Wit
Shall lure it back to cancel half a Line,
Nor all thy Tears wash out a Word of it.”
You can see a revised version of the slide deck here (we accidentally sent the wrong version on the day, but it really didn’t matter). It sets out the revised “4x4x4” model of shared ledgers, so that there is context for talking about the blockchain, and then quickly works through how there are different kinds of blockchains (and bitcoin is only one) and then gets to what I think will be the lasting impact: ambient accountability and new kinds of transaction environments where traditional auditing and policing are taken care of by the environment itself.
In order to explain my focus on ambient accountability, we went back to poetry, this time with T.S. Eliot and choruses from The Rock (1934).
“They constantly try to escape
From the darkness outside and within
By dreaming of systems so perfect that no one will need to be good.”
The point here is to frame shared ledgers as as much of a regtech as a fintech. The technology may well not cut the cost of financial transactions at all — as I constantly point out, when people tell me about bitcoin’s incredible ability to move money around the world instantly and for free, the blockchain isn’t instant and it isn’t free — but it has the potential to cut the cost of regulating financial transactions substantially. We can, I think, see ways to dissolve traditional notions of auditing and replace them with infrastructure that embodies auditing instead. If there’s no way that your view of the ledger and my view of the ledger can differ, then there’s no need to reconcile them.
You can watch the presentation here on YouTube (where it takes 19 minutes – I failed). They were kind to me with their feedback, although going back over the presentation I’m a little disappointed with it. I think I can do better to bring the new world of the shared ledger to the general audience. So I’d appreciate your feedback on two elements of the presentation. First, does the “real world ledger” model help with the discussion or is it an unnecessary complication and second do the example ledgers presented across those six layers make sense? I want to quickly show the different types of ledger in one slide, so I want a decent graphic comparing Bitcoin, Ethereum, R3, Hyperledger, DAH and so on. If someone has one I’d love to use it (fully credited, of course).
On a cold and foggy December morning I set off for the Mother of Parliaments. As I had contributed to the Parliamentary Office of Science and Technology (POST) work on shared ledger technologies (SLTs), I had been invited to the House of Lords for a slap-up full English and a discussion on the topic with assembled Lords and Commons. Very exciting for a lad from Swindon.
Once I reached the Palace of Westminster I went straight for the Black Rod’s garden gate.
But this turned out to be the exit, not the entrance. I went back round to the entrance and found a queue of blockchainafficionadospatiently awaiting the constable in charge of opening the gate at 8am sharp. I told the assembled throng (from the STFC) that I was there to lobby parliament to have THE BLOCKCHAIN accepted as a religion, like Scientology, and to have all associated tax breaks and other privileges. They think I’m joking, but they are not entirely sure. They are planning to put physicists on theblockchain, so I am a little suspicious of them.
At 8am on the dot the boys in blue let us in. They put my bag and coat and things through an X-ray machine, even though I told them that I had noblockchainsabout my person, and then we were inside the hallowed halls. I began the search for the elusive darkblockchainwith the help of the STFC chaps. No luck.
The breakfast was held in the Attlee Room. This is named after Clement Attlee, who led the post-war Labour government in Britain. The picture on the wall behind me is by “Michael Hestletine”, although it wasn’t clear to me whether it was by a Michael Hestletine or by the Michael Hestletine. Much like the distinction between the blockchainand a blockchain, it is rather important in my opinion.
I have to say that the slap-up full English was top notch. Two things I particularly liked: they didn’t use cheap sausages (skimping on the sausages ruins a full English in my opinion) and they served the baked beans in a separate little pot (is it called a “ramekin”?) which I really appreciated because I don’t like the beans mixing with the scrambled eggs and tomato. Anyway, to move on, Stephen Metcalfe MP, chair of the Science and Technology Committee, and Sir Mark Walport, the Government’s Chief Scientific Adviser (GCSA), opened the proceedings. Sir Mark had published a report on the technology earlier in the year.
The British Government’s Chief scientific adviser, Sir Mark Walport, has published his Government Office for Science report on “Distributed Ledger Technology: beyond blockchain”.
He said that the goal of the POST reports is to demystify technology for policy makers although I have toreport that in his closing remarks he said that we had not been entirely successful in this enterprise and I fully concur with his opinion.
Sir Mark comes from the medical profession and he used a pharmacological analogy to introduce the topic to the group, saying that new drugs tend to go through a familiar cycle of “miracle cure” to “wouldn’t give it to a dog” on to “is good for X, Y and Z under certain conditions”. I think he was asking the expert speakers to explain what the X, Y and Z might be and under which conditions. In which case, and I am not casting the first stone here, we failed.
Sir Mark, as you might recall, was kind enough to the use the Consult Hyperion model of SLTs in his report mentioned above, gave a couple of examples that – and I say this in a spirit of enquiry and integrity – I just don’t buy. He specifically mentioned the example of constraints on the spending of welfare payments. Now, while I think this is a bad idea, I can think of far easier ways to achieve it (MCC restriction, for example) than tracking everything that welfare recipients spend on a blockchain. I can certainly seethat in the coming world of smart money (i.e., money that is transferred between ~smart ~contracts) it will be possible to constrain, restrict or censor transactions, but who and why are more important questions than how. In any case, who would mine this blockchain? The Department of Work and Pensions and… well, I think I wouldneed to see a more fully-developed architecture to comment.
My old friend Simon Taylor from 11:FS had also been asked along to provide input to the discussion and he tried a different set of metaphors relating to the confirmation of events from multiple sources but it was notclear to me that he was able to help Lord Birt and others to understand the key issues.
After a while, the discussion moved on to the Estonian electronic identity system. I expressed some scepticism as to whether the Estonian electronic identity system was on a blockchain. The conversation continued. Then to my shame I lost it and began babbling “it’s not a blockchain” until the chairman, in an appropriate and gentlemanly manner, told me to shut up. At this point, Simon and I got into an excellent twitter debate about what might constitute a distributed ledger and whether you need some particular combination of characteristics in order to claim that a system is a distributed ledger and whether, irrespective of the blocks and chains, the blockchain is a sensible description of certain systems.
I noted that someone nearby was looking at me with a slightly quizzical expression that I took to be some questioning of my ability to comment on the topic. Well, I went all “don’t bring your knife to my gunfight” on twitter. First of all, one of the first podcasts I ever recorded (a decade ago) was with Tarvi Martens, one of the architects of the scheme. Tarvi kindly contributed a case study on thescheme to my 2007 book “Digital Identity Management” (available from all good bookstores).
Forum friend Tarvi Martens presented a case study from Estonia on population-scale identity cards. This had been updated from the original case study that Tarvi kindly contributed to both the Digital Identity Forum and Digital Identity Management. The first card was issued back in 2002 and by October 2006 there were a million cards in circulation.
Hence I couldn’t resist asking their Lordships whether the transport secretary’s announcement on this very same day of some sort of national travel smart card today was an attempt to introduce an identity card by the back door…
So. The Estonian ID card, which was first issued in 2002, has nothing to do with distributed ledgers or blockchains or any similar technology. End of.
When it came time for my two-pennyworth around the table, I said that it wasn’t atall clear to me that it was accurate to describe Bitcoin as a decentralised system since almost all of the hashing power resides with a very small number of unaccountable mining pools based in China but, more importantly that
It seems to me that many of the efforts to move shared ledgers into the marketplace have concentrated on shaping shared ledgers to emulate existing solutions in the hope that SLTs will be faster, higher or stronger. These are all unproven assertions. It is possible that a shared ledger replacement for RTGS might be cheaper, or more resilient or more functional that the currency centralised solution, but who knows?
The transparency of the shared ledger, the aspect that most doesn’t work for current solutions in current markets, may well turn out to be the most important characteristic because it allows for ambient accountability and therefore opens up the potential for new kinds of markets that are far less costly and complex to regulate, manage, inspect and audit. This is the “shared ledger as regtech not fintech meme” that I am rather fond of.
Just as the invention of double-entry bookkeeping allowed for the creation of new kinds of enterprise, so it seems to me that the shared ledger will similarly lead to new kinds of enterprise that use the shared ledger application (the SLAPP) as the engine of progress and the focus of innovation. I assume that there are kids in basements experimenting with SLAPPs right now and that this is where the breakthrough use case will come from. As I said last year in a discussion about shared ledgers for land registry, turning the ledger into a platform may be the most important reason for shifting to this implementation.
The ability to execute general purpose code on the consensus computer means that, just as the ability to executer general purpose code on conventional computers did, people will create some amazing things that we can’t imagine right now.
This will, in the long run, turn out to be much more important than creating a new kind of database.
When I wrote this I was thinking that the ideas for these new kinds of applications can only come from fresh perspectives, but I have changed my opinion on that having seen some of the work already going on the field. Maybe some of us old hands still have something to offer when it comes to rethinking the ways markets can work. All in all, a very interesting start to the day. Incidentally, the only people around the table who made complete sense, as far as I could tell, were Professor Vili Lehdonvirta from the Oxford Internet Institute (who talked about the need for control and governance) and Calogero Scibatta of Everledger who, of course, actually already has a business that depends on shared ledgers. Here I am with Calogero on the way out, still discussing whether the ontological classification of Bitcoin recapitulates its phylogeny or whether it should be re-classified according to external definitions unrelated to its history and development. In other words, just because it was designed to be decentralised doesn’t mean it is decentralised.
Oh, I also told the assembled Lords that most of the stuff I read every day about “the blockchain” is rubbish. It’s become a meaningless chromewash term. Here is a real conversation that took place with a blockchain vendor in the presence of a client recently:
Vendor: We are using the blockchain to revolutionise [redacted].
Me: What’s in the blocks?
Vendor: We don’t need to use blocks westore each transaction in such a way that only the parties to the transaction can see it.
Me: Who forms the consensus?
Vendor: It’s a master-slave consensus so the purchaser has a master record and the suppliers have a copy of it.
Me: How are the transactions chained together?
Vendor: They store the transaction but we also store the hash of each transaction.
Vendor: Because blockchain (I’m paraphrasing).
If Roger Ver is the undisputed Bitcoin Jesus, then I claim that after yesterday’s performance my position as the Blockchain Meldrew is now unassailable.
Well, the paper that Richard Brown of R3, my colleague Salome Parulava and I put together what seems like an age ago (a year is a long time in fintech) has finally been published! Hurrah! Here’s the reference for you:
Birch, D., R. Brown and S. Parulava. Towards ambient accountability in financial services: shared ledgers, translucent transactions and the legacy of the great financial crisis. Journal of Payment Strategy and Systems10(2): 118-131 (2016).
The paper itself is not online (you have to subscribe to the Journal for that) but I’m sure that the fine people from Henry Stewart Publications will have no objection to me reproducing the abstract for you here:
The consensus in the finance sector seems to be that the shared ledger technology behind Bitcoin, the blockchain, will disrupt the sector, although many commentators are not at all clear how (or, indeed, why). The blockchain is, however, only one kind of shared ledger and the Bitcoin blockchain works in a very specific way. This may not be the best way to organise shared ledgers for disruptive innovation in financial services. So what is? And why would financial services organisations want to do exploit it?
This paper sets out a simple shared ledger taxonomy and layered architecture designed to facilitate communication between technologists, businesses and regulators in the financial services world and explains why the various forms of shared ledgers might be attractive to financial services organisations, borrowing the phrase “ambient accountability” from architecture to suggest a new way to organise a financial sector.
The paper sets out the “4×4” model that we have used for exploring shared ledger technology with a variety of clients (and have found it to be a very useful tool to help clients develop their strategies around shared ledgers) and then uses this model to discuss the application of shared ledgers to financial services.
We finish by putting forward the idea that the legacy of the great financial crisis of the last decade might be the creation of more transparent financial markets. Our focus on transparency was reinforced by the discussions at Money 2020 in Copenhagen, where I think I detected the emergence of “regtech” as a distinct from “fintech” as a paradigm and organising principle. I spoke to a few people about this during the course of those sessions and it seems to me that for many of the financial services delegates their number one problem, the place where costs are out of control and apparently growing without limit, is compliance not technology. Yes, there is great new technology out there but it can’t help unless it has a regulatory context in which to flourish. The idea that there might be new categories of technology (and actually I think that the shared ledger might be one of them because of its potential for a new kind of transparency and a regulatory win-win) where the impact is to reduce the cost of complying with regulation rather than to reduce the cost of delivering a functional service sounds is potentially revolutionary.
What would transparency mean in our context? We envisaged a new kind of financial marketplace where “translucent” transactions that are clear to counterparts, clear in outline to regulators and opaque to others might allow us to set up a transactional environment with ambient accountability. We use the “glass bank” example to create a narrative, and it’s an example that I’ve used before to illustrate the relationship between transparency and trust. Here’s something about it from six years ago:
Transparency increases confidence and trust. I often use a story from the August 1931 edition of Popular Mechanics to illustrate this point.
The legacy of a crisis is often regulation. If we view the shared ledger not only as a fintech (a technology that changes the cost/benefit landscape around financial services) but also as a regtech (a technology that changes the cost/benefit landscape around the regulation of financial services) then we might be able to make the legacy of the last crisis a better and more effectively regulated financial services sector that is a platform for radically new products and services. At a time when so much money is going on compliance and so much momentum is going into “legacy” regtech we realise that the use of shared ledgers may seem radical, but we are convinced that it is time for a new approach.
When people say “blockchain” they mean different things. And some of the things they mean are just absolutely, categorically different. Implications of public open blockchain designs and private blockchain designs vary drastically. I emphasis this distinction because it is key – the different designs assume and imply totally different things.
Both types are important but for different reasons, for different markets and for different use cases. I think we have passed the time when “Bitcoin bad – Blockchain good” seemed an eye opener. What this kind of argument did is it drew the attention of financial incumbents from the Bitcoin-like permissionless space to the private, permissioned space. Which makes sense for their business models. But I think they are not paying enough attention to the permissionless space. I think you are not either!
I bet you hadn’t anticipated such a steep rise of Ethereum (the price of native Ethereum currency soared 10 times from the beginning of 2015 and Ethereum’s market cap reached 1.5 billion dollars). You may have even missed the creation of the first human-free organisation. Even if you try to keep an eye on the public blockchain world, you only get reminded of its existence when Bitcoin price surges to its 2-year high (it now trades at over 700$) and all the mainstream media cover this.
Both public and private shared ledgers (Blockchains) are essentially shared book-keeping (and computing) systems, one class – open for everyone to use (public), another – restricted to a certain group of members (private). And this is it. Open for everyone to use means lower entry barriers, it means identity-free and regulation-free shared book-keeping (and computing). What could be restricted by identity policies and financial regulations goes around this. You can, say, restrict a person from buying bitcoins by setting high KYC requirements to online exchanges (for users not to be able to change dollars for bitcoins if they are not KYC’d). You can even cut his or her internet connection. You can issue a court order to close a business that accepts bitcoins as money. And so on and so forth.
A lot of this effort looks similar to trying to stop the Internet, but I suppose the regulators can dream!
Public technology service and native digital rights
“Proof-of-work is inefficient”. So what? Let it go! Think of what’s the idea behind it and what it tries to achieve, regardless of this inefficiency. Regardless – because even if proof-of-work is not ideal, there are other permissionless technologies already developed and many more that are work in progress. Some of best minds in the world are looking to provide the benefits of permissionless shared ledger environment without the drawbacks of original Bitcoin’s proof-of-work. Just assume that they will solve that problem and move your thinking on.
What the blockchain delivers is permissionless book-keeping (and computing) public technology service (with the unchangeable and transparent transaction history as an incredibly valuable side effect). When I say “public service”, I do not mean that a company or public organisation provides it, I mean technology itself and collaborative user effort provide it. In a sense – everyone and no one. The protocol acts as the service provider.
And this is crucial. In traditional financial world, the basic value transfer layer that cryptocurrencies (i.e. everyone and no one) provide as a public technology service, is provided by companies – service providers, and is not accessible to anyone. For example, PayPal provides digital value transfer service.
Here I want to make a point that permissionless cryptocurrency systems have a promise of a digital environment in which value transfer is intrinsic, embedded on the protocol level – and so, for users the ability to make a transfer could become what I call a native digital right. Just to give you an analogy (it’s not a very accurate analogy but you’ll like it!) – take a guess what you see on the picture below. Well, it’s a standard residential elevator in my mother country Georgia, where you need to pay every time you use it! Up and down. Every time up, every time down!
So maybe we all (all internet users) live in our kind of Georgia, where every time we want to make a deal (economic agreement) in the online world we have to go through a cumbersome process and pay an unreasonable fee (each time!) for it. We need to get our bag out, fill in our card details, merchant’s acquirer (if it’s a merchant – even more obstacles with peer transfers) needs to send a request, card issuer needs to approve the transaction etc. Our today’s economic life online is based on this very complex e-commerce domain. And to me, it looks a lot like Georgian elevator. Think about it: on top of the obvious, that elevator only accepts certain denominations of Georgian coins – very specific, and is broken every once in a while – so even if you want to use a paid elevator sometimes you just can’t. So familiar.
How great would it be if we had a native digital right to make a value transfer online that noone could take from us (or grant us!), on a protocol level. How many applications could be built on top (at Consult Hyperion we call them SLAPPs -shared ledger applications)!
Persistence of permissionless
At the heart of the public shared ledgers is value transfer. This is because in order to assure the liveliness and self-sufficiency of the system, while providing non-restricted access to it, there needs to be an intrinsic economic incentive for those who maintain it. In other words, there should be a positive value to maintaining consensus. Most public shared ledgers for this reason can be described as currencies (decentralised cryptocurrencies) because they provide this incentive as a reward on the ledger in the ledger’s own “money”.
The canonical example of such a decentralised cryptocurrency is, of course, Bitcoin (remember, there are hundreds of them though!). As Bitcoin was intended to exist and evolve out of the reach of regulatory, corporate or any other centralised command, the technology includes mechanisms that ensure it persistently “survives” and proves its robustness and self-sufficiency. (Disclaimer: I’m not a Bitcoin maximalist)
This persistence is a differentiating characteristic of a public shared ledger system. The technology does not need people at tables making decisions in order to survive, it is “permissionless” (nevertheless, the way it evolves to an extent is influenced by “people at the tables” – just different people).
Potentially the principal implication of this persistence is the permissionless ascent of alternative virtual economy on top of decentralised protocols. Cryptocurrencies are not just a new form of payment – but rather, it’s a potential foundation for a new virtual economy, with new forms of economic interactions coming into place. When I say “new”, I don’t mean substitutive – I mean additional.
Virtual economic activity could become something fundamental to the Internet. Similar to the way the ability to communicate transformed into the ability to communicate over the Internet – it could grow into the ability to make friction-less economic arrangements (“economically” communicate) in the virtual world.
Thanks to the shared ledger technology and “smart contracts” innovation, not only the emergence of alternative economy is permissionless (and so – non-stoppable), but if it happens at certain scale, the very nature of economic relationships in this economy could be drastically different from what we are used to. A good depiction of such transformation is content monetisation on the web through the use of “invisible” micropayments. Another good example is seamless online payments in video games:
Breakout Coin provides for seamless in-game payments anywhere in the world, while the blockchain technology behind it, Breakout Chain, uses smart contracts and sidechains to enforce these financial agreements between parties.
Shared ledger technology could even turn our things (as in “Internet of Things”) into active economic agents through smart contracts.
Public shared ledger technology may help to turn a big part of our (as it seems) non-economic life into an economic activities.
Although there are many “if” in that, we should not dismiss this possibility quite yet and keep an eye on the permissionless space. You can observe or get involved, but it would be a mistake to put your head in the sand and deny that something incredible is happening.
Okay let’s continue the experiment of thinking out loud about putting “identity” on the “blockchain”. Just to recap, in Part One we identified a specific identity problem that might be solved using shared ledger technology, in this case the problem of KYC for financial services. In Part Two we identified a useful and consistent model for digital identity that seemed powerful enough to encapsulate a solution to the problem. In Part Three we worked out which identity transactions we wanted to store in our shared ledger, and we decided that the history of transactions involving a particular virtual identity could serve a useful function as the reputation of that identity. Today, will move the thought experiment on to actually implementing the shared ledger.
Now without thinking about it for too long, it seems to me that there are three options for implementing the Shared Ledger of Identity Transactions that we intend to use to facilitate reputation-based interactions. Let’s call this the SLIT for short. We could implement the SLIT using conventional database technologies and either construct a centralised database for all financial services participants to share all we could have databases held by financial services participants interoperable through some form of federation, as we discussed in Part One. However, as I will return to the end of this piece, that implementation wouldn’t give us access to the likely source of genuine revolution in this space, which I think is the use of shared ledger applications (otherwise known as “smart contracts”) to deliver radically new products and services. Hence, I think we should dismiss the traditional implementation and look at implementations based on the new generation of shared ledger technologies.
I can see two ways of doing this. First would be to implement the SLIT using any one of a number of Practical Byzantine Fault Tolerant (PBFT) technologies that are out there right now. The other possibility, rather as Blockstack have done, is to implement the SLIT as a virtual ledger and build the applications on top of that, then map the virtual ledger to an actual ledger implementation. I tend to favour this latter approach, for the simple reason that it is not at all obvious to me (with the obvious caveat that I know literally nothing about cryptography) which is the best shared ledger implementation. It could be that implementing the virtual ledger on the Bitcoin blockchain is the best possible way of doing things (as shown in the diagram below). On the other hand, it could be that implementing the virtual ledger on an Ethereum blockchain built specifically for the purpose is the best way forward. On the other hand, it may be that not using a blockchain at all and implementing the virtual ledger on some other PBFT platform is the best way forward. As any of our consultants would say when dealing with this problem for a client, it depends. Until we know what the prioritised requirements, constraints and goals for the system are is not possible to say which is the best solution.
So let’s go down this route. We define the SLIT and agree who has access to the SLIT. We define the financial services passport that we spoke about in Part One as a particular kind of virtual identity with some agreed fields. Now we can see how it might work in practice. I go to my bank to open a bank account. The bank does all of the necessary KYC checks and creates a digital identity. The private key associated with this identity is stored safely in the bank and a copy is downloaded to the bank application on my phone and safely tucked away in tamper-resistant memory (inside the SIM card or the secure enclave or wherever). The bank creates a virtual identity using the public key from the digital identity and adds a set of standard fields (name, address and so on and so forth) as required by the regulators. It then adds a digital signature using its own private key. A pointer to this virtual identity along with necessary descriptors is then added to the SLIT.
Now imagine that I go to appoint a new financial adviser. A financial adviser needs to see my financial services passport so I run the bank app my phone and select the option to provide my identity or however the marketeers dress it up. A copy of the ledger entry is sent to the financial adviser. Now he or she (or more likely their app) can go to the SLIT and look at all subsequent entries for that same virtual identity (in particular to see whether it has been revoked or not). The virtual identity looks okay, so now the financial adviser needs to know that the virtual identity belongs to me so his app takes the public key from virtual identity, encrypts a challenge and sends it to my app which decrypts it (because it has the associated private key) and responds. Now the financial adviser can either use that virtual identity or in the more general case use it to generate a financial advice virtual identity which is then stored in the ledger itself.
All of the financial services participants in this ledger can now have access to all of the virtual identities. I think, although I may need to think about this more! Anyway, we now have a problem, an identity model, identity transactions and a ledger to store them in. We’re nearly there.
What is crucial is to implement the virtual ledger using a technology that allows for shared ledger applications, and this is where we’ll continue with the final part of our thought experiment tomorrow.
I’ve said a few times that I think the Internet of Things is where mobile was a couple of decades back. Some of us had mobile phones, and we loved them, but we really didn’t see what they were going to turn in to. I mean, I was always bullish about mobile payments, but even so… the iPhone 6s that’s next to me right now playing “Get Out Of Denver” by Eddie & the Hot Rods out through a Bluetooth speaker is far beyond anything that I might have imagined when dreaming of texting a Coke machine to get a drink. We’re in the same position now: some of us have rudimentary Internet of Things bits and bobs, but the Internet of Things itself will be utterly beyond current comprehension.
Specialized elements of hardware and software, connected by wires, radio waves and infrared, will be so ubiquitous that no one will notice their presence
That was Mark Weiser’s prediction of the Internet of Things from 1991. It seems pretty accurate, and a pretty good description of where we are headed, with computers and communications vanishing from view, embedded in the warp and weft of everyday life. What I’m not sure Mark would have spent much time thinking about is what a total mess it is. Whether it’s wireless kettles or children’s toys, it’s all being hacked. This is a point that was made by Ken Munro during his epic presentation of smart TVs that spy on you, doorbells that give access to your home network and connected vibrators with the default password of “0000” at Consult Hyperion’s 19th annual Tomorrow’s Transactions Forum back in April. I’d listen to Ken about this sort thing if I were you.
Speaking during a Q&A session for the upcoming CRN Security Summit, Ken Munro, founder of Pen Test Partners, claimed that security standards are being forgotten in the stampede to get IoT devices to market.
We’ve gone mad connecting stuff up, just because we can, and we don’t seem concerned about the nightmare in the making. I gave a talk about this at Cards & Payments Australia. The point of my talk was that I’m not sure how financial services can begin to exploit the new technology properly until something gets done about security. There’s no security infrastructure there for us to build on, and until there is I can’t see how financial services organisations can do real business in this new space: allowing my car to buy its own fuel seems a long way away when hackers can p0wn cars through the interweb tubes. I finished my talk with some optimism about new solutions by touching on the world of shared ledgers. I’m not the only one who thinks that there may be a connection between these two categories of new, unexplored and yet to be fully understood technology.
Although I’m a little skeptical of the oft-cited connection between blockchains and the Internet of Things, I think this might be where a strong such synergy lies.
The reason for the suspicion that there may be a relationship here is that one of the characteristics of shared ledger technology is that in an interesting way it makes the virtual world more like the mundane world. In the mundane world, there is only one of something. There’s only one of the laptops but I’m writing this post on and there’s only one of the chairs that I’m sitting on and there is only one of the hotel rooms that I’m sitting in. In the mundane world you can’t clone things. But in the virtual world, you can. If you have a virtual object, it’s just some data and you can make as many copies of it as you want. A shared ledger technology, however, can emulate the mundane in the sense that if there is a ledger entry recording that I have some data, then if I transfer the data to you, it’s now yours and no longer mine. The obvious example of this in practice is of course bitcoin where this issue of replication is the “double spending problem” well known to electronic money mavens.
The idea of applying the blockchain technology to the IoT domain has been around for a while. In fact, blockchain seems to be a suitable solution in at least three aspects of the IoT: Big Data management, security and transparency, as well as facilitation of micro-transactions based on the exchange of services between interconnected smart devices.
The idea of shared ledgers as a mechanism to manage the data associated with the thingternet, provide a security infrastructure for the the thingternet and to provide “translucent” access for auditing, regulation, control and inspection of the thingternet strikes me as an idea worth exploring. That’s not to say that I know which shared ledger technology might be best for this job, nor that I have any brilliant insight into the attendant business models. It’s just to say that shared ledgers might prove to be a solution a class of problems a long way away from uncensorable value transfer.
To make a very great generalisation, there are two ways to get the kind of security that we need to do clever transaction stuff. We have a tamper-resistant hardware in the loop (like the chip on your EMV card or the SIM in your mobile phone) or we have to have some complicated software. This is true in the world of secure ledgers just as much as everywhere else. The obvious example is bitcoin which, since it does not use secure hardware, uses the innovative blockchain and proof-of-work consensus protocol to prevent double-spending.
Speaking at the Tomorrow’s Transactions conference in London this week, Kelly Olson, director of the distributed ledger technology group at Intel, discussed ways it is possible to use a “secure enclave”, similar to what Apple uses for its Touch ID, to increase blockchain security.
Kelly was kind enough to mention Consult Hyperion’s work for Intel on this project. We couldn’t tell you about it before, because it was confidential until very recently, but I hope Kelly won’t mind me saying that Intel’s foresight in starting this project some time ago is impressive. There are a great many people who think that blockchains are a useful way to implement a shared ledger but who don’t want the large-scale inefficiency of proof of work.
The Intel “Sawtooth Lake” project provides two consensus protocols with different performance trade-offs. One of these is “Proof of Elapsed Time” (or PoET), a lottery protocol that needs hardware security in the form of a Trusted Execution Environment (TEE). An example of such is the Secure Enclave mentioned above, another is Intel’s SGX. The other consensus protocol, Quorum Voting, is an adaptation of the Ripple and Stellar consensus. Alex Batlin from UBS provides a handy write up of these and highlights the key point about PoET:
it acts much like Bitcoin’s Proof of Work lottery consensus, but does not require nearly as much electricity expenditure. Participants can either enter low power mode whilst TEE is generating PoET and save on costs, or perform other functions if part of a cloud compute environment.
So if there are lots of things out there with chips in them, PoET provides a more efficient consensus protocol. Is it better than the bitcoin blockchain? Well, that depends on what you want to use it for. As we have explained to our clients, the blockchain is only one way to implement a shared ledger and it is not at all clear to me that it’s the best way to implement a shared ledger for most of the applications that they are interested in. There are a growing number of other blockchain and other shared ledgers (e.g., the R3 consortium’s Corda). On the other hand, we should ignore either private or public blockchains and, in particular, the world of permissionless innovation around the blockchain deserves attention as it may be the source of radical new approaches that we can all learn from. It’s a wonderful time to be in this space and I’m looking at all of the different
Which is why I’m at Consenus 2016 in New York this week. This new classes of technologies and the new business models that it creates are of great interest to so many of our clients, and I want to learn from leaders in the field. I will, naturally, tweet my way through to show how thinking is evolving. And if you’re going to be there, I’ll be chairing the session on “Reimagining Identity” at 10.30am Monday 2nd (5th Floor, Westside Ballroom 1&2) and my colleague Salome Parulava will be chairing the session on “Preventing the Next Lehman Brothers” at the same time, same place, on Tuesday 3rd. See you all here!
For reasons that are genuinely too boring to recount, I was flicking through New Scientist magazine over the weekend. I read the magazine very throughly, so I’m a little behind on issues at the moment, which is why I have only got as far as 29th November 1956. This issue happens to have a very interesting article on the digitisation of banking, a subject of great current interest. It also has a very useful diagram for those of us who wonder how exactly it is that banks manage customers’ accounts using computers and such like.
I think this is pretty much what it looks like round the back at NatWest, although I think Fidor may have opted for a different architecture. Anyway, the article explains the basics of digitisation, which it turns out are all to do with something called “ledger management”.
If now, when a bank clerk first accepts a cheque, he prints on it with something like a typewriter a note of the amount in magnetic ink, all subsequent operations—sorting, listing and entering in ledgers—can be done without human assistance.
Reading further on, I discovered that you can have different kinds of ledgers that work in different ways.
This only one way of ledgering automatically. The choice of a system depends on how far was is prepared to go: whether automatic book-keeping is to be done only at head office, whether in this case the accounting for all the branches, or whether branches will have their own equipment or to be grouped around sub-centres.
The article goes on by noting that banks do not seem to be making as much of new technology as they might and that “what may prove to be more serious is the determination to cling to time-honoured procedures”. Well, yes indeed. This is just what Anthony Jenkins meant when he said that banks had yet to be disrupted by new technology (shortly before he was fired as Barclays CEO). The 1956 New Scientist article was written by Nigel Calder, who concluded:
Unprejudiced scientists who have questioned fundamental assumptions have achieved seemingly impossible improvements in operations.
Interesting. I think Nigel might be suggesting that disruptive innovation comes from applying some different thinking to a problem and so we shouldn’t be at all surprised that banks didn’t invent P2P lending. Fast forward 60 years from 1956 to 2016 and we find, indeed, that bankers didn’t invent the shared ledger technology (SLT) that does indeed question fundamental assumptions about banking (and about regulation), but there is at least the possibility that SLT will indeed achieve impossible improvements in banking operations. However, it is another question entirely about whether those operations will be inside banks or not. There is a counter-argument that the new technology means that market participants can do without intermediaries, of which banks are but one example. And it is certainly a possibility that banks could be left to be nothing more than heavily-regulated, capital-intensive pipes while all the value-added stuff goes elsewhere. This isn’t the view of techno-centric hype-merchants (e.g., me). It is Citi who think this is a possibility.
[Citi] presents three arguments as to why, two of which hold up and one that seems a little suspect.
Actually, having read through Citi’s arguments, I have to say that I completely disagree with them on this analysis. On the contrary, I think the first two arguments are suspect and it’s the third one that has the key to survival hidden within it. Let’s look at the first two to begin with.
First, Citi says “banks have a very valuable asset in the form of their large identifiable customer-base.” That’s true. It’s much harder to win new customers than it is to keep them and the banks will work very hard to keep their customers.
Well, as many people have observed, so what. Zopa isn’t stealing my current account, or for that matter my savings account. It is however, stealing my savings away from under the bank’s nose, meaning that they are now spending money to support a virtually empty account. The Fintechs are not tempting away customers, they are tempting away the profit pools. It is certainly true that banks ought to be able to use their vast customer base and unparalleled knowledge of the customers to build new businesses, but it’s not easy for them to do so.
Secondly, banks have “unmatched experience when it comes to handling burdensome financial regulation.” Again, that’s certainly true. Many fintech companies benefit from the fact that they are currently unregulated or too small to face any meaningful regulatory burden. But if the sector is to thrive and grow it will have to come to terms with regulation — something banks have been doing for years.
In Europe, the new 2nd Payment Services Directive (PSD2) will have precisely the opposite impact. The Fintechs will create lightly-regulated Account Information Service Providers (AISPs) and Payment Initiation Services Providers (PISPs) and leave the banks with the heavily-regulated infrastructure and onerous “basic banking” obligations. I have thought for some time that banks ought to have created their own Payment Institution (PI) subsidiaries to take advantage of the lightened regulatory burden and to create a space for innovation.
But Citi’s third argument is that “banks benefit from a relatively strong track record of safekeeping assets, and therefore have earned a certain amount of trust and credibility.” Given that banks are still fessing up to billion pound fines almost weekly, the words trust and credibility are probably not the first you’d associate with large banks these days.
Whatever you think about bank incompetence and the astonishing events of the great financial crisis, most people still trust banks to look after their assets (partly because of stringent regulation, partly because of deposit insurance, partly because of reputation). But if my money is in Zopa, exactly what asset of mine is it that Barclays can protect, tend, nurture and add value to?
If banks don’t want to be dumb pipes, then they must exploit an asset that generates value for others in the new economy. As I suggested some time ago, reshaping our view of banks so that we see them as enablers of the new economy might help them to develop constructive strategies that are based around more than transaction fees and interest foregone. In a new world of blockchain-enabled transparency, the role of banks as providers of identity, privacy, reputation could be essential in forming a platform for new businesses to build on. More on this soon.
The British Government’s Chief scientific adviser, Sir Mark Walport, has published his Government Office for Science report on “Distributed Ledger Technology: beyond blockchain”. In his report, Sir Mark focuses on a particular kind of distributed ledger, the bitcoin blockchain, and attempts to explain it to the general reader and then explore some of the potential uses. I’m particularly interested in his ideas about where it might be used in government, so I took the time to read through the report to examine, and learn from, his exploration.
A new report from the UK Government Office for Science has recommended a broad government effort to explore and test blockchain and distributed ledger technology.
Personally, I found the report slightly confusing because it was jumping between ledgers, blockchains, the bitcoin blockchain and bitcoin almost on a paragraph by paragraph basis. I realise that I read the document from a very technical perspective and that I may see some of these things therefore in the wrong context, but I prefer Richard Brown’s term “shared ledger technology” as a starting point because I feel that the fact that multiple organisations share the ledger is more important than its architecture. I think the report might have benefited from some more description of shared ledgers, and the reasons why Moore’s Law and falling communications costs have made the core idea of everyone storing every transaction a plausible architecture. Here’s the way that we think about these things.
To be completely honest, I think our way of thinking about shared ledger technologies works well for a general audience. We use this layered approach to explain the key components of a shared ledger and then develop ideas around different choices in those layers. Different choices in consensus technology, for example, lead to a variety of different possibilities for implementing a shared ledger. In order to help categorise these possibilities, and narrow them down to make useful discussions between the strategists and technologists, we use a taxonomy that distinguishes between public and private ledgers. Rather flatteringly, Sir Mark uses a simplified version of the Consult Hyperion model of ledger technology (on page 19). However I think the report simplification is misleading in its classification and I’ve already had a couple of comments about this so I thought it would be useful to present the original model that we put forward one of the workshops that were input to the report. Here it is.
It might be considered reckless to disagree with the Chief Scientific Adviser, but on one matter I certainly do as the report refers a number of times to the use of bitcoin in a payments context but I just do not see this and, as I’ve written before, I certainly do not see cryptocurrency as a sensible government option for digital currency. Sir Mark says that permissioned ledgers (i.e., not the bitcoin blockchain) are appealing for government applications and I’m sure he’s right about this, although I am sceptical about some of the suggested government uses that are based on costs or efficiency. I think that his suggestions around applications that focus on transparency are the more interesting areas to explore in the short term and they would be my focus if I were looking to start exploratory or pilot projects in the field. I share the Open Data Institute’s view on this:
We agree that blockchains could be used to build confidence in government services, through public auditability, and could also be used for widely distributed data collection and publishing, such as supply chain information.
Anyway putting my nerdy criticisms to one side, Sir Mark’s conclusions (which are essentially that the technology is worth exploring in government contexts) are surely correct: shared ledger technology is a genuinely new way of doing things, and it will certainly lead to new solutions for the government just as much as for business. As for the government applications, there report focuses on five areas: protecting critical infrastructure, welfare, international aid, innovation and VAT. As I mentioned before, I am not sure that the areas that relate to payments should be the immediate focus. I can see that using replicated distributed shared ledgers would add robustness to critical infrastructure and there are certainly applications where a robust and immutable public record is highly desirable. I was fortunate to be asked to chair techUK’s “Blockchain 101” session last week, for example, where John Sheridan, the Digital Director at the National Archives explored just this point.
Payments stuff is less clear to me. When it comes to VAT, for example, the report also mentions machine learning and quantum computing as techniques to reduce VAT fraud. I am in no position to judge but I would have thoughts that getting rid of cash would be a decent first step in closing the tax gap while we wait for quantum computing to track down the builders’ baksheesh. I do agree with the point about transparency though because sharing ledgers with regulators (and tax collectors) could help in a number of different ways.
When it comes to welfare I think that’s some of the ideas mentioned relating to digital identity are well worth exploring. There is a clear relationship between social and financial inclusion and this pivots on having a better identity infrastructure in place. It is entirely plausible that some form of bottom-up digital identity infrastructure that is built on shared ledgers could deliver better results than the identity infrastructure that we have at the moment or another attempted a top-down national identity system (while I am wholly in favour of a national entitlement system, that’s another topic).
When it comes to international aid, I suspect that once again the transparency aspect is of more practical use than the payments possibilities although obviously the high cost of international payments is an area where shared ledger technology could make a difference even if bitcoin does not. The idea of some form of cryptocurrency as a financial inclusion mechanism I think is something of a red herring. For the majority of the world’s population, M-PESA and TigoPay, AliPay and Zaad are much better ways to bring financial services to the excluded. Shared ledgers might have more of a role to play in the background, bringing interoperability into this space, something my colleagues have explored in this past.
But on to the last and most important point. Where I do strongly agree with the report is when it talks about market friction and innovation. Sir Mark highlights the potential around smart contracts and asset registration, and in our work for a number of clients (not only in financial services) this is the area that we have identified as most likely to be subject to longer term and more disruptive innovation. Remember the “4Cs” layer model at the beginning of the post? That top layer, the “contracts” layer, is where the unknown unknown lay. The work being done by companies such as Ethereum and Eris is only just beginning to explore the new domain of distributed, trusted applications and I don’t see why the government won’t be able to take as much advantage of this as anyone else.
So. In conclusion. Take the time to read the report (which kindly references my recent book “Identity is the New Money”, but that’s not why I think you should read it). There’s a lot of good stuff in there and it touches on many areas where the thinking is only just beginning. It’s great to see the technology being explored and taken seriously. Oh, and by the way, I wrote a piece called “it’s time to take stand against all the blockchain crap out there” for Finextra today, so read that too!
Subscribe to our newsletter
You have successfully subscribed to the newsletter
There was an error while trying to send your request. Please try again.