How companies can overcome the 'trust problem' when using blockchain

How companies can overcome the 'trust problem' when using blockchain

2017 saw a major rise in awareness by the general public of blockchain-enabled cryptocurrencies. While cryptocurrencies and ICOs have grabbed headlines, they’re best seen as a technique built on blockchain’s foundation — which is about collaboration and agreement across companies and individuals. As businesses increase their understanding of the technology, they recognize business scenarios where blockchain can remove inefficiency, add transparency, and promote direct collaboration.

All blockchain and distributed ledger technologies balance trust, performance and confidentiality to enable multiple parties to work together. Understanding the tradeoffs made by different protocols is fundamental to determining which best apply to requirements of specific scenarios, either to make its use of blockchain more efficient, or sometimes to make blockchain the right approach.

The problem of trust

The main goal of blockchain systems is to address the problem of multi-party trust. Two organizations may be able to dramatically improve their joint business through collaboration, but they often struggle to work together efficiently because they don’t feel they can completely trust each other. For example, banks currently rely on trusted intermediaries to handle inter-bank payments, reconciliation, and other processes.

Rather than use intermediaries to broker trust, blockchain creates trust with technology, which is both more efficient and scalable than the traditional labor-intensive approaches. Blockchain networks combine a variety of cryptographic and distributed systems algorithms with financial incentives that promote good behavior, incentives that are often supported by cryptocurrency. The resulting systems give participants confidence that the information they see on the network is genuine and is the same that all other participants see. That shared source of truth removes the chief obstacle that companies face in multi-party processes and collaboration today, cutting out middle-men and speeding business processes on top of a secure foundation.

The challenge of confidentiality

While many enterprises are excited by blockchain’s ability to streamline business processes that involve multiple parties, they don’t want sensitive data used in transactions with one party to be exposed to other, uninvolved parties. That concern is especially pronounced for business processes that are heavily regulated, and many cases can dramatically raise the complexity of a blockchain solution, or rule blockchain out altogether.

Confidentiality presents several challenges to blockchain implementations, mainly because of the mechanism on which public blockchain networks base their security. For example, when a user publishes a contract a blockchain network like Ethereum, every machine in the network must be able to execute the contract’s code to validate its adherence to the network’s rules and to verify the resulting output. In a completely trustless environment like a public network this is a reliable way for keeping each machine on the network honest. However, this approach doesn’t help with confidentiality, since all information is available to every participant on the network.

Enhancing Confidentiality

Although the original blockchain protocols rely upon data transparency to operate securely, innovations in applied cryptography have made it possible to run code on a blockchain network without revealing the data it processes. These solutions can provide confidentiality for public blockchain networks because they are designed for decentralized, trustless environments. For example, the cryptocurrency Z-Cash uses zero-knowledge proofs to shield the sender and receiver of a transaction. While these techniques show promise, current implementations are complicated to implement, slow and resource-intensive, limiting the scenarios to which they can be applied.

Other approaches to confidentiality in blockchain networks are partial ledger visibility and state channels. In these techniques, only the parties of a contract can see and validate the correctness of transactions that affect them. While the rest of the consortium members can’t access the underlying data, they can attest that any parties affected by a transaction have signed off on the changes that it makes. Ledgers like Corda, Quorum, Ripple and Parity use partial ledger visibility or state channels. A downside to these techniques is that private transactions are more easily corrupted than transactions on fully transparent ledgers, since not all consortium participants validate every transaction. Another is that they often require parties to commit resources to a confidential relationship, preventing them from being used in other transactions.

Trusted execution environments

Trusted Execution Environments (TEEs) are another technology that can provide confidentiality.  TEEs are like black boxes, where nothing outside the box can see the data being processed inside, or tamper with the code that’s processing the data. In the context of a business process, like one executed on a blockchain, TEEs are like an incorruptible third-party, whose actions are agreed upon in advance by all the network participants. Last August, we announced the Microsoft Coco Framework for Blockchain, an open-source technology that can give blockchain networks confidentiality and performance, while reducing complexity and limitations. The Coco Framework for Blockchain is showing promise for enterprise blockchain scenarios. 

Road ahead

As the market matures, businesses are increasingly looking beyond cryptocurrencies to see the true value that blockchain-based systems can deliver for their multi-party business processes. As a result, we expect a growth in production blockchain systems launched this year, and with advances in blockchain confidentiality and performance technologies, to spread into more business processes. Those applications and networks will balance trust, performance and confidentiality to drive a digital transformation both inside and between industries, and we’re excited to help our customers capitalize on that wave.

Mark Russinovich is CTO of Microsoft Azure.