Known by many as the technology underpinning the bitcoin digital currency, blockchain has acquired a new identity in the enterprise. At a time when companies face new challenges in data management and security, it’s emerging as a way to let companies make and verify transactions on a network instantaneously without a central authority. Today, more than 40 top financial institutions and a growing number of firms across industries are experimenting with distributed ledger technology as a secure and transparent way to digitally track the ownership of assets, a move that could speed up transactions and cut costs while lowering the risk of fraud. Some companies see an opportunity to use blockchain to track the movement of assets throughout their supply chains or electronically initiate and enforce contracts.
Blockchain remains in the experimental phase inside many large firms and there are few tested use cases, experts and analysts caution. Here’s a look at how this emerging technology works:
What is blockchain?
A blockchain is a data structure that makes it possible to create a digital ledger of transactions and share it among a distributed network of computers. It uses cryptography to allow each participant on the network to manipulate the ledger in a secure way without the need for a central authority.
Once a block of data is recorded on the blockchain ledger, it’s extremely difficult to change or remove. When someone wants to add to it, participants in the network — all of which have copies of the existing blockchain — run algorithms to evaluate and verify the proposed transaction. If a majority of nodes agree that the transaction looks valid — that is, identifying information matches the blockchain’s history — then the new transaction will be approved and a new block added to the chain.
The term blockchain today usually describes a version of this distributed ledger structure and distributed consensus process. There are different blockchain configurations that use different consensus mechanisms, depending on the type and size of the network and the use case of a particular company. The bitcoin blockchain, for example, is public and “permissionless”, meaning anyone can participate and contribute to the ledger. Many firms also are exploring private or “permissioned” blockchains whose network is made up only of known participants. Each of these blockchain implementations operate in different ways.
Guardtime, a company that sells blockchain-based products and services to enterprises and governments including Ericsson AB and the country of Estonia, explained its approach like this:
Assume an organization has 10 transactions per second. Each of those transactions receives its own digital signature. Using a tree structure, those signatures are combined and given a single digital fingerprint — a unique representation of those transactions at a specific time. That fingerprint is sent up the tree to the next layer of infrastructure, such as a service provider or telecom company. This process happens for every organization in the network until there is a single digital fingerprint that encompasses all the transactions as they existed during that particular second. Once validated, that fingerprint is stored in a blockchain that all the participants can see. A copy of that ledger is also sent back to each organization to store locally. Those signatures can be continuously verified against what is in the blockchain, giving companies a way to monitor the state and integrity of a particular asset or transaction.
Anytime a change to data or an asset is proposed, a new, unique digital fingerprint is created, Guardtime said. That fingerprint is sent to each client node for validation. If the fingerprints don’t match, or if the change to the data doesn’t fit with the network’s agreed-upon rules, the transaction may not be validated. This setup means the entire network, rather than a central authority, is responsible for ensuring the validity of each transaction.
Where did it come from?
Bitcoin was the first application built on top of blockchain, said Marley Gray, director of technology strategy for financial services at Microsoft In 2008, a person or group of people known as Satoshi Nakamoto published a paper describing bitcoin and how it could be used to digitally send payments between any two willing entities without the need for a third-party financial institution. Each transaction was recorded on the blockchain ledger, the newest block tied to the ones before it using a digital signature. To ensure trust in the ledger, participants on the network ran complicated algorithms to verify those digital signatures and add transactions to the blockchain.
The next few years for bitcoin were tumultuous, including the collapse of the prominent bitcoin exchange, Mt. Gox, and an increasingly sour reputation as the currency fueling the underground online drug bazaar Silk Road.
But many companies saw opportunity in the underlying technology – the blockchain – that made bitcoin’s existence possible.
Todd McDonald, co-founder and head of strategy at R3CEV LLC, a consortium of more than 40 financial institutions working to design and apply distributed ledger technologies to global financial markets, outlined three of a blockchain’s main components: a network of computers, a network protocol and a consensus mechanism.
A blockchain’s network can include everyone with a computer or a small group of known entities that agree to participate. Each computer in a particular network is called a node. In its ideal state, each node has a copy of the entire ledger, similar to a local database, and works with other nodes to maintain the ledger’s consistency. That creates fault tolerance, so if one node disappears or goes down, all is not lost. The network protocol governs how those nodes communicate with one another.
The consensus mechanism is a set of rules the network uses to verify each transaction and agree on the current state of the blockchain. For the bitcoin blockchain, the consensus mechanism is called proof of work, in which participants on the network run algorithms to confirm the digital signatures attached to blocks verify each transaction. In private or “permissioned” blockchain networks, the consensus mechanism may be less stringent since each participant is known. In those cases, “you don’t need the blockchain to establish trust, it already exists,” said Jamie Steiner, general manager for financial services at Guardtime. At this time there is no universally agreed-upon consensus mechanism.
A transaction manipulates ledger data based on rules described by business logic, said Arvind Krishna, senior vice president and director of IBM Research. After a transaction is executed on a node, the result is a proposed modification of the ledger’s data. Before committing the answers to a node’s ledger, the answer is validated locally with other nodes in the network, Mr. Krishna said. Approved transactions are packaged into a block and re-distributed to all the nodes in the network, which re-validate to ensure their records match. Typical transactions can execute in milliseconds, Mr. Krishna said.
Getting rid of the middleman
The blockchain architecture allows a distributed network of computers to reach consensus without the need for a central authority or middleman. A good example is in financial services, where trades are often verified by a central clearinghouse that maintains its own central ledger. Using that process, it can take days to settle a transaction, and the clearinghouse typically collects some kind of fee.
[Note to readers: For more on blockchain’s business implications, see the second half of our Special Report.]
Blockchain technology could eliminate that clearinghouse by giving each bank in the network its own copy of the ledger. A common network protocol and consensus mechanism would allow the participants to communicate with one another. Using this method, transactions could be approved automatically in seconds or minutes, significantly cutting costs and boosting efficiency.
Blockchain in the enterprise
Enterprises are experimenting with different kinds of distributed ledger technologies and applications, analysts and industry participants say, with financial services companies the farthest ahead. In the last year, more than 40 financial institutions said they were working with blockchain, and now other financial firms such as insurance companies are “calling up asking if it’s too late to join the blockchain party,” said Ray Valdes, an analyst with Gartner who covers blockchain technology.
One obstacle to widespread enterprise adoption of blockchain technology is the need to get the network of participants, all of which have their own mix of back-office systems, to agree on a common network protocol and technology stack, Guardtime’s Mr. Steiner said.
There are not yet clear standards to govern how blockchain will be implemented across the enterprise. Some companies may choose to use the bitcoin network, while others may opt for “permissioned” or semi-private blockchains. The development of the technology also will bring its own regulatory hurdles and potential cybersecurity threats, experts say.
Many questions around security and privacy still linger. In financial services, for example, it’s still unclear exactly how much information about a trade each participant needs to be able to see to verify a transaction while still keeping the contents of a particular trade private, R3’s Mr. McDonald said.
The blockchain ecosystem
A number of startups and industry groups are working at different levels of the blockchain, from underlying infrastructure to blockchain-based applications. Some companies continue to develop on the public bitcoin blockchain, but many also are exploring how they can deploy their own blockchain on smaller “permissioned” networks.
Financial institutions are experimenting with many different blockchain implementations from different vendors. Under the R3 consortium, a recent test of a private blockchain among 11 banks took place on a private instance of open-source blockchain technology from Ethereum and hosted on a virtual private network in Microsoft’s Azure cloud.
In December, the Linux Foundation, a nonprofit that champions open-source technologies, announced plans to create an enterprise-grade distributed ledger framework. Participants in the group include R3, Cisco Systems, International Business Machines Corp., Intel and VMware, among others. “We hope to become the default fabric people begin to use,” said IBM’s Mr. Krishna said. IBM said it plans to contribute tens of thousands of lines of code to the project.