Is blockchain here just for PR and hype?
Recently, Renaissance Insurance published an article in which it talked about a software product for cargo insurance. We developed this product based on the Hyperledger Fabric platform. Around the article, discussions broke out between crypto skeptics and crypto enthusiasts, people raised a number of urgent questions - why did they need a blockchain, do non-public blockchains have the right to life, what is Hyperledger good for and the like. I want to comment on these issues today.
“Blockchain is here only for PR and hype”This is probably the first thing any developer of a product that uses blockchain applies to cryptocritics today:
"Why is it needed here, because the same task can be solved by conventional means, without blockchain."
Yes, we really can solve the same problem without blockchain. But if we start trying to satisfy all the requirements related to information security, trust each other and so on, including such requirements as an electronic signature, then we ... will write our own almost-blockchain slowly.
Suppose the participants tell us that we do not have the opportunity to replace something, because the participants want to trust us. In addition, it would be good to ensure the consistency of data, as they say, “out of the box”, resistance to failures of a distributed system, recovery methods. How can I do that? For example, we take a set of transactions, sign it, get a hash and use it to sign the next set of transactions, and so on. The result is a chain of pieces of data within which it is impossible to change anything. By and large, this is the very blockchain.
There are companies that went by writing their own similar system from scratch, but we do not see the point.
“Non-public blockchain is not a blockchain at all”The second group of questions comes from crypto enthusiasts who are focused on the use of public blockchains, primarily Ethereum. These questions were provoked by the words that when choosing a blockchain platform we needed:
- serious supplier
- community support for professional developers
- Ethereum independence
- lack of communication with ICO
Of course, this set of criteria is somewhat provocative, because it might seem as if we are saying that non-professional developers are participating in ICO projects. And of course, we were blamed for the fact that, “the non-public blockchain cannot be considered blockchain at all”.
Firstly, there is an obvious logical discrepancy: publicity (in the broad sense) is in no way a condition for the blockchain. Moreover, all the formal criteria for the blockchain in Hyperledger are quite present.
And by the way - this solution is supported by the Linux Foundation, and there they don’t support anyone. In this sense, the Linux Foundation can be considered a mark of quality. Of course, errors are found in any product, and in the Fabric sources we also found them. But there are errors in any product, especially a developing one.
“We need to use proven public blockchains”Proponents of this opinion come from an ideal idea of public blockchain networks.
Each node has a bunch of connections with others, the network is resistant to any adversity, beauty. You can even meet such an impressive scheme:
But the real situation with networks is somewhat different. The Internet itself consists of large segments that are connected to each other not by a huge number of connections, but by a small number of trunk channels that are served by several companies. For example, the Rostelecom network looks like this:
For example, Kaliningrad is connected to the world with only two channels belonging to Rostelecom and Balttelecom. And it only depends on the will of the conditional “man with the switch” whether this segment of the Runet will be connected with the rest of the network, and in particular with the Ethereum network. Imagine the situation: the traffic exchange of some Runet segment with Ethereum masternodes was turned off by simply blocking TCP / UDP 30303 (or even easier - temporarily restricting discovery, but this is only UDP), and while there was no “connection”, they managed to mine several blocks, making deals: for example, Vasya bought a car from Petit for 10 eth. What will happen if there is enough time to “hold” such a state for a subnet with masternodes, and then return everything “as it was”? It is clear that there are public explorers, but this is more of a control than a defense.
In addition, even in 2019, a 51% attack is possible, as, for example, recent cases of BTC.com and BTC attacks on Bitcoin Cache, or, more dangerous, an unconfirmed attack on Ethereum. We understand that for the crypto community, the priority is now to develop public infrastructure, and this may be at variance with the daily interests of real companies. Consortium-type networks are used by large companies, banks, insurance organizations, and for them the current state of public blockchain systems does not yet allow them to be used in the interests of real business, and not for prototypes or systems that duplicate real processes.
The second drawback of public blockchains is paid transactions. Take the same Ethereum: not a single Russian accounting department can buy gas; there simply are no legal ways. In addition, the cost of gas is tied to the Ethereum exchange rate, which, as you know, can fluctuate in a huge range. Business does not like such uncertainty.
“But how can users of your Hyperledger control information on the blockchain?”
The answer is very simple. Any participant can fully analyze all transactions in the channels available to him, both using Hyperledger Explorer and using our system, gaining access to the contents of peers located in the participant’s own infrastructure. We will not make the system public for several reasons, among which, mainly, information security requirements of participants.
Architecture management
Another reason that we used Hyperledger Fabric is that we built an architecture consisting of several channels (a channel, in Hyperledger terminology, is a separate registry, a blockchain with various rights, linking only those participants who participate in a particular business process). We can manage the system from the point of view of connecting new participants, but we cannot individually influence, for example, the rules for calculating insurance rates. Tariffs are agreed by all participants with access.
Alternatives?
If we talk about alternatives to Hyperledger, then we seriously considered only the R3 Corda. This is not quite a blockchain, but an easier solution, which is now quite actively used by banks and other financial organizations.
Public Ethereum, as an alternative, is not suitable for the reasons described above. We have a rather fresh, and therefore poor language for developing smart contracts Solidity, a small number of libraries, the ability to work with external systems through Oraclize. In addition, very big questions arise from the point of view of information security: smart contracts are executed on third-party nodes - for example, in China. That is, from China or Ukraine, a request for service in the company should come, to which access should be provided from everywhere. For the security of a bank or insurance company, this is unacceptable. In addition, it must be understood that the activities of insurance companies are regulated by the Central Bank of the Russian Federation.
In our case, there is only one way to use public networks - anchoring. In this case, the public network is used exclusively to confirm integrity, and all other mechanisms are classic, or the same consortium-Hyperledger Fabric. Perhaps, after some time, we will do anchoring in the same Ethereum if the business sees the point (and opportunity) in this.
* * *
Summing up, what advantages do we see in Hyperledger, because of which we use this solution in our projects for insurance and financial companies?
- A rich language for writing chaincode (smart contracts) (Golang, and now Java).
- Independence from external factors. At least external factors can be controlled.
- The ability to select and use a large number of external libraries.
- The availability of tools for all participants to view and analyze the blockchain.
- Flexible architecture management.
- The entry of the project into the Linux Foundation, as a quality mark and a sign of a serious approach.