> Of course old-school financial institutions get hacked too; blockchains have some features (good cryptography, distributed ledgers) that make them harder to hack, and some features (anonymity, irreversibility) that make them easier to hack. But I've said before that the main advantage of the blockchain over other ways to store financial information is not so much technological as sociological: It's not that it was technologically impossible to quickly settle financial transactions using shared computer databases before; it's that no one cared enough to do the work of coordinating a bunch of banks to set up the databases. The word "blockchain" has managed to make that boring back-office coordination work sexy, which means that it might actually get done.
If someone socially engineers a bank employee to transfer money in a bank's computer, the transaction can be reversed if the bank decides it was fraudulent. You can't reverse blockchain transactions without one of: (1) the other party agrees to return the money or (2) a majority of the people controlling the blockchain agree to fork the blockchain.
Wouldn't a bank be able to do a hard fork a la ethereum? Since it would be a completely private system, they would have total control and it seems this would fulfill (2) in your comment. Or am I confusing the purpose of the technology?
I don't know how they plan to run this thing. If it's owned and operated by a single bank and just acts as an API to the bank, they can hard-fork it every day. But that doesn't seem useful. If they plan to create a system where they don't own a majority, they lose the ability to hard-fork.
When someone empties your bank account there's no way to reverse the transaction. Maybe "easier to hack" isn't the best description, but security-wise it means if there's a successful attack by any method, you can't exactly restore your money from a backup.
- Because private blockchains are a solution to a network problem, unless everyone is working on something similar you end up back in the problem space we are in now where everyone is using different technologies
Why did they release it?
- It's a similar approach to what IBM is doing with Hyperledger, but producing and releasing the blockchain they're hoping to position themselves as the consultants that know everything about implementing this private blockchain.
> Because private blockchains are a solution to a network problem
Would someone mind explaining more specifically how private blockchains do anything that a traditional shared database or network doesn't already do? Without the incentives, distributed computing power, and public participation in a blockchain like Bitcoin, what does a private blockchain actually do?
If it's "private", does that imply that, like Ethereum, the blockchain could be forked at any time by those who claim ownership of it? Doesn't that essentially undermine the validity of many of the selling points associated with blockchain technology?
I've heard cases made about things like smart contracts, cryptographic authentication, and other "exciting applications", but I don't understand how these are any more effective in the context of a private blockchain than they would be directly relying on certain cryptographic primitives and traditional networks - especially in the absence of a public, globally distributed network with incentives that are aligned with improving the strength of the blockchain itself.
>Without the incentives, distributed computing power, and public participation in a blockchain like Bitcoin, what does a private blockchain actually do?
Proof of Work, public networks make most sense for low trust scenarios where you wish to move actual money with people you don't know or trust at all. There are other scenarios however.
A few examples:
Scenario 1: Large Banks eliminating middlemen and making settlement for more cost effective
Quoting from another comment I made:
> It takes some financial assets 3-5 days to settle after the initial transaction goes through, weaving its way through many database systems (some many decades old) and middlemen who each take a cut, e.g. clearing houses. Any established industry has lots of cruft that builds up.
> For this reason Santander estimates that banks can save $15-20bn per year collectively by using blockchain technologies to make their infrastructure more efficient[1][2]
> Since with a private banking settlement blockchain you know in advance who the players are (individually-invited banks) you can give them a percentage of the network and have each node verify the transactions across the network. You could even give nodes to regulators or consumer advocacy groups to achieve regulatory compliance or consumer oversight if required.
> As for cost, you could technically run a PoS node with a raspberry pi, a large USB drive, a wifi connection, powered by a solar panel and an old car battery on the roof of a building. Proof of stake only needs minimal computing power and a persistent internet connection.
Saving billions in costs at a time when banks are struggling to increase revenues is a powerful incentive to consider blockchains. You don't need a public blockchain because you know in advance who the players are.
Scenario 2: Streamlining KYC data, therefore improving data quality and massively reducing costs
I sat at a presentation where a startup outlined a product roadmap being offered to large financial institutions such as banks or insurance companies. A big problem is KYC data gathering- often the customer data goes stale, therefore data quality is poor, and it's expensive, costing about €200 per account to process.
In the proposed product, a private blockchain is implemented to gather and manage customer data, hosted collectively by the institutions that are interested in cost savings and efficiency improvements. The customer decides when, with who and how their data is managed - a big improvement over today. If you update your address for Bank A - then your insurance company, your second bank, etc all get your updated, verified address. If your car insurance is a 12 month contract, you can terminate access to your personal data after the contract is up. If you decide to get car insurance with a second company, you grant permission to that company, who then doesn't need to see any form of ID because your identity is cryptographically verified (technically they don't even need to know your name!)
The cost to gain access to the customer data is borne by the company getting access, a fee which they're happy to pay because it's vastly cheaper to pay that rather than gathering and securing customer data themselves, paying a company to verify your ID, and so on.
These are the early days of blockchain technology. There's lots of potential advantages of a distributed database over a SQL database, and we're only starting to figure out what those are, and what scenarios where is doesn't make sense.
> It takes some financial assets 3-5 days to settle after the initial transaction goes through, weaving its way through many database systems (some many decades old) and middlemen who each take a cut, e.g. clearing houses. Any established industry has lots of cruft that builds up.
Yes, but centralized databases are a solved problem. It doesn't take 3-5 days for Amazon to process an order, or for github to process a pull request. The problem is here:
> weaving its way through many database systems (some many decades old)
Right, so you could replace the entire thing with a single centralized database, and cut the processing time to ~0. And you wouldn't need to develop any new technology to do it.
> For this reason Santander estimates that banks can save $15-20bn per year collectively by using blockchain technologies to make their infrastructure more efficient
Assuming that is correct, that implies you could save even more money by using existing database technology. Right? What I'm looking for isn't an argument about why banks need to update their technology (they do), or why the existing system is almost unbelievably archaic and inefficient (it is).
What I'd like to know is why blockchains are the correct upgrade path when they appear to be strictly inferior to other existing technologies along the dimensions that banks are currently struggling with.
Of all the places blockchains make sense, an industry with universally used, completely trusted, and heavily regulated central clearing houses seems like the worst possible case. No?
True, the KYC makes slightly more sense. Even there I have to wonder though. If I was hired as the CTO for an industry consortium to design a secure way of allowing customers to store, manage, and share their PII, I can see a lot of potential problems, but none of them feel like something a blockchain would help solve.
Or to put it another way: How come Amazon never talks about using private blockchains to manage inventory or payments to their sellers? Wouldn't all the arguments in favor of blockchains among banks apply even more strongly to using them within Amazon?
It comes down to speed. We expect money to move as fast as information, but instead it moves like products.
In meat space it's OK to work with batched 30-60 day pay cycles.
But finance needs to move faster.
The complexity and cost is in verification. Electronic records have to be verified against paper records which have to be verified against records in other systems, which have to be compared between institutions. Additionally there are many instruments with varying characteristics, and all of it has to flow in real time.
It might be unsolvable without technological innovation like blockchain.
That is partially because of the unpermissioned nature of the consensus mechanism. With a closed system, you don't need to worry about such issues. Banks mostly trust each other.
> Yes, but centralized databases are a solved problem. It doesn't take 3-5 days for Amazon to process an order, or for github to process a pull request. The problem is here:
With the current state of the art[1], it takes several days to settle a transaction. In 2016, this is really not ideal.
> Right, so you could replace the entire thing with a single centralized database, and cut the processing time to ~0. And you wouldn't need to develop any new technology to do it.
I could think of several problems, mainly around trust. Who hosts it? How is access managed? A regular SQL database makes sense if it's within a single institution, because presumably you trust your own employees to enter trade data with the best of intentions, but this trust isn't there for external parties.
It's not the storage which is the issue, it's the verification. If you are (made up example) JP Morgan, and you've sold $500m in bonds to a mutual fund, both parties know for sure that everything went smoothly if their copy of the blockchain tells them that it went ahead (just like you know that your Bitcoin wallet contains x bitcoin, and if you send that balance to an address, that transaction is absolutely confirmed beyond doubt). The transaction and settlement happen at the same time, instead of a 3 day process which is the situation today (for stocks). They don't need an expensive, external authority to tell them that everything went smoothly, they can confirm it themselves much faster and cost effectively.
Here's a presentation by UBS, exploring possible use cases for what they call "smart bonds": https://www.youtube.com/watch?v=jgJxEHwj-XU (around 4:00 he speaks about the benefits of smart bonds)
> Of all the places blockchains make sense, an industry with universally used, completely trusted, and heavily regulated central clearing houses seems like the worst possible case. No?
I could be wrong, but I think what's being proposed with these private blockchains is that the central clearing houses' role would be reduced to being an arbitrator in the case of disputes between industry players, e.g. in a proof of stake network, the own enough % to confirm a transaction or roll it back (maybe their role is even eliminated entirely). Whether or not this actually happens will depend on legislation of course, not technology.
> Or to put it another way: How come Amazon never talks about using private blockchains to manage inventory or payments to their sellers? Wouldn't all the arguments in favor of blockchains among banks apply even more strongly to using them within Amazon?
Probably because Amazon is a hugely powerful entity, and it's sellers have no power to demand equal access to a shared database. All (most of?) the large, important transactions happen on an Amazon database, which isn't the case in the financial sector. Plus Amazon is a growing business, whereas in investment banking growing revenue is a huge struggle post-2008 with newer regulations so there is a rush to cut costs and inefficiencies.
Disclaimer: I'm not an expert, this is based on what others have told me, and research papers I've read.
> I could think of several problems, mainly around trust.
And this is the problem that blockchain+proof-of-work solves so well.
Financial companies are however different beasts. They are not and do not want to be anonymous. While they don't fully trust each other, they do have significant trust in each other and they are typically regulated by a central authority. The blockchain-based solutions advocated by R3 seem to have a number of services that must be trusted by all participants, including time stamping.
Traditionally when coordination has been required between the banks (e.g. fast clearing solutions for retail banks), a new company is created that is joint owned by the members, and is therefore trusted enough by the members to run the centralized database.
To avoid the single-point of failure aspect you can run a distributed database across multiple nodes.
I still haven't heard a good explanation of why solutions like those aren't adequate.
> It's not the storage which is the issue, it's the verification. If you are (made up example) JP Morgan, and you've sold $500m in bonds to a mutual fund, both parties know for sure that everything went smoothly if their copy of the blockchain tells them that it went ahead (just like you know that your Bitcoin wallet contains x bitcoin, and if you send that balance to an address, that transaction is absolutely confirmed beyond doubt). The transaction and settlement happen at the same time, instead of a 3 day process which is the situation today (for stocks). They don't need an expensive, external authority to tell them that everything went smoothly, they can confirm it themselves much faster and cost effectively.
That isn't what clearinghouses do in a legal/functional sense for participants.
Regarding more effective settlement and cutting out middlemen:
I believe dperfect is asking why a blockchain is technically necessary for this. Why can't the large banks cut out the clearing houses by dealing with each other directly?
Is this really about the blockchain technology, or is it more about political cover to push for big changes in how business is done, eliminating legacy systems and killing some industries currently providing services to banks?
It's because they don't fully trust each other, after all, in a single transaction you could be talking hundreds of millions, or billions of dollars changing hands. With a blockchain, the transaction is virtually impossible to fake, and it's verified without involving costly middlemen and large delays - which is the situation today. The link I posted from Santander above contains more details as to the motivation behind it.
I don't think what you're saying here is correct. 'fake' transaction problem between counterparties aren't an issue and as I replied to your comment on the 1-5day settlement period in the GS r3 thread
>> It takes some financial assets 3-5 days to settle
That 1-5 days to settle isn't due to slow and disconnected systems though, which is what many looking from a tech perspective believe. Most financial transactions are matched in settlement systems the same day they are traded. The 3-5 days is for prefunding of underlying accounts, tear ups and other asset class idiosyncratic reasons.
See, this is what I don't understand. They don't have to trust each other to use traditional consensus protocols.
What does it mean to fake a transaction?
What does it mean to verify a transaction? With Bitcoin it's possible to do because the balances are public. But once you start making transactions private that deal not in value that exists on chain, but are merely promises for some externally held value, then who can verify its legitimacy?
It's the difference between double entry bookkeeping and single entry bookkeeping.
By providing a common ledger that can be used when you desire single entry bookkeeping you don't necessarily need all the backchecking as you're using a smart contract to ensure upfront that when the money is settled the assets move.
Additionally if by 'traditional consensus protocols' you mean proof of work, you do realise it currently uses more power than Ireland to perform ~100MM transactions a day and that number is only going to incrase
The question is: "Who owns and operates the central database?"
There is little trust between organizations. Both from ethical and technical perspectives, I wouldn't trust anyone to run a central clearing database for anything. I spent 10 years in the finance industry, overconfidence caused by incompetence is the hallmark of engineers in finance.
Blockchain solves this problem by letting everyone participate in the infrastructure, and to violate the legal and ethical agreements, a majority of parties would need to collude.
> It takes some financial assets 3-5 days to settle after the initial transaction goes through, weaving its way through many database systems (some many decades old) and middlemen who each take a cut, e.g. clearing houses. Any established industry has lots of cruft that builds up.
This is not just "established" players however. This is something anyone that has ever transferred money via PayPal knows as well. A transfer can also take 3-5 days. And PayPal wasn't an entrenched player originally although you could argue now though that they are.
Its kind of absurd that an online transaction should take this long and this is with "known" parties on both sides of the transaction many times., i.e I transfer my buddy money to pay for a concert ticket.
What I have heard many times is that this is by design and these companies are merely playing the "float" with this artificially long turn around time.
I would be curious to hear anyones feedback/take on this.
Well yes, both of those questions, but why JP Morgan?
As a Chase bank customer, I thought most of their software people were involved in banking software and online checking.
This is, basically, a crazy moonshot for my personal (if not giant) bank to make--investing time in crypto currency and block chain software development.
I can't imagine the majority of users are criminals.
I've recently tried it out as a means of receiving payment for completely legitimate work. The client was in a different country. The contract was signed in USD. Client sends half at then exchange rate, which arrived very fast. After accepting the delivered work the client sends the other half, which was less BTC because the price went up by that point. But it didn't matter because the first half I was holding appreciated so it's all the same. Turned out one of my vendors likes Bitcoin so I used some of it to settle an outstanding bill with him, then sold the rest at an exchange. Opening that account for the company was a pain in the ass, though less painful that opening a typical brokerage account. I had to pay a fee to the exchange to sell and another fee for them to wire the funds to my bank. It was faster and cost less than a credit card. It was more expensive than a check, but way way way faster. It was cheaper than SWIFT overall, but a few dollars more expensive to me because I bore the costs of selling while the client only bore the tiny costs of the Bitcoin transaction fees. If the contract was for a much larger amount then SWIFT would have been better. For accounting purposes I'm just treating BTC as a foreign currency. I would accept it again, it's great to actually receive payment that fast.
> I can't imagine the majority of users are criminals.
The overwhelming majority use of bitcoin is speculation on Chinese exchanges - 95% of blockchain activity. Even drug users and ransomware are sideshows.
1. You have no definitive proof for that. If you do, please present it.
2. The amount of Futures contract in Okcoin is around $120million (that's not even capital, but the amount of leveraged futures). The total market cap of bitcoin is $12Bn which 100 times higher than that.
3. GBTC has a market cap of $190m with a 50% premium on bitcoin price. So clearly it's not only the chinese who drives the bitcoin price/economy.
I'm using Bitcoin to get paid, withdraw to ATM/Bank accounts, hold wealth (yes in Bitcoin) and actively day trade. I also use it purchase stuff online on sites that accept bitcoin.
I don't want to get into this discussion but everything is an asset. Bitcoin is an asset, so is the coffee you bought today at starbucks. It doesn't really matter as long as you can bridge it for your needs.
It does? I am hoping I'll be able to use it as a public, distributed ledger, and so, too, are many major financial institutions — if they can be said to "hope".
Ethereum worked very well with the DAO...for the hacker that stole several million and that forced them to fork.
I will never trust a system where they can decide arbitrarily to void all the transactions that everyone made after several days.
The way I recall it, they didn’t void past transactions; they added “irregular state changes” that would “return” the “stolen” funds to their “legitimate“ owners. Nor were they forced to fork; it was a voluntary decision of a group of people with enough social power over the platform.
Now this is more a matter of dispute, but I wouldn’t say the hacker stole the funds. They simply followed the DAO contract (not the “smart-contract”, mind you, but the one put forward by the Slock.it team on their page), according to which everything that went on the blockchain according to the DAO code was legitimate.
>Now this is more a matter of dispute, but I wouldn’t say the hacker stole the funds...
Verification is Ethereum's Achille's heel. Everyone seems to trust that someone else will verify that the contracts they participate in will work securely as intended, and the DAO showed how well that works.
If Ethereum ever gets used as its proponents imagine, with multiple interacting contracts in progress at any given time, rolling back an error will not be nearly as easy as it was in the DAO case (and that was not particularly easy.)
The point is that in Ethereum's case, the extent of the problem is vastly underestimated by almost all of the participants. In most other cases, it is a risk that can be mitigated or accepted, but in Ethereum's case, it undermines the fundamental premise ('trustless' contracts.)
I think Ethereum users will mostly converge on a limited set of useful cookie cutter contracts and simple combinations thereof. New types of contracts will hopefully be received with skepticism, as "The DAO" should have been. So the premise isn't really undermined. It's just that the focus on writing custom contracts in a programming language will diminish as the basic framework matures.
There was always a pretty limited range of basic use cases for smart contracts: crowdsales, auctions, debt registries, currency tokens, multisig wallets, etc.
As people begin to use Ethereum for real-world organizations, they will of course prefer to use popular, tested, verified implementations of these basic contract types.
I'm not sure what vision you refer to, but anyway, original visions aren't binding!
>they will of course prefer to use popular, tested, verified implementations of these basic contract types.
That worked out so well with the DAO. There was, of course, at least one person who did take the trouble to do his own investigation of its security ;-)
Perhaps you could point us to some verified implementations of these basic contract types (together with the arguments for their veracity, of course.)
I think it's unlikely that scamming will be the biggest opportunity in the long run, given how unsustainable it is. Mutually beneficial uses will predominate over time because that's the only way to get repeat users.
Unless an effective defense is developed, scamming can be continued as long as attempts at legitimate use are being made. Whenever activity ticks up, scammers will be attracted by it.
Scammers are fighting a losing battle against better security technology. They can only capitalize on insecurity. They cannot prevent people from developing and adopting more secure products/services/technologies.
Nobody forced anything. A bunch of people agreed to use new rules with old data, which is why the new chain is in common use. Democracy in action. The same could happen to literally any cryptocurrency you could think up, unless you can come up with a way of invalidating past state to a point where nobody can use it with a new set of rules - which is impossible unless you can somehow cryptographically encode the rules into the chain to a point where you can't access the data without adhering to the rules. (I think a zkSNARK could help with this if it's something that people actually desire.)
For a weird definition of "democracy" where one person has 25% of the votes and the vote itself is badly/too quickly announced and organized to the point where almost no one votes. This doesn't even take into account the incredible amount of shitty actions or plain incompetence from the Ethereum Foundation guys at that time or since then.
People could've kept using a continuation of the old chain without breaking anything. In fact, some did - see Ethereum Classic. People decided to use the forked Ethereum because they believed it was the correct choice, not because someone made them.
Oh, absolutely. I'm still an interested watcher/user of ETC. And indeed, people "voted" in the end with their mining power (which is why the original chain hasn't disappeared).
I just believe that their actions basically destroyed any future that ETH (and likely ETC too) might've had - it's dead; if the initial hard fork wasn't enough to remove all credibility in the project, the circus since then (subsequent forks, attacks, incredibly mismanaged communication...) certainly is.
Frankly, the DAO fiasco killed Ethereum for most people on its own, everything else was icing on the cake. This was Ethereum's first real "smart contract" that did something you couldn't really do without it, and it failed quickly and miserably, showing most reasonable people that they can't trust smart contracts to do what even their creators believe that they do. At least with a legal contract, the intent of the people agreeing on it matters.
I never heard that all the transactions in the world got rollbacked after days, and I don't think it is even technically possible.
Doing that in ethereum and all the other similar currencies is as easy as pressing a button.
> Doing that in ethereum and all the other similar currencies is as easy as pressing a button.
The rollback was (and still is) very controversial. It required the agreement of the large mining pools to support the fork, which they eventually agreed to. It wasn't quite as simple as "pressing a button".
