Foreword: As a practitioner and investor in the blockchain industry, we have always been inspired by blockchain technology. So what do we think if someone is not so cold about blockchain technology? Bruce Schneier, a security technology expert at Harvard's Kennedy School, believes that there is no reason to believe that blockchain technology can make a real difference. His main logic is that the blockchain cannot completely solve the problem of "trust". At the social level of human beings, there are many centralized ways to give people more "trust." From the current practice, Bitcoin has been in operation for more than ten years. Ethereum smart contracts have also played an intermediary role without trust. Of course, cryptocurrencies have the problem of private key self-protection, and smart contracts have code security issues. Consensus algorithms and governance also have potential centralization issues. But it provides an alternative to people. In addition to the current mode of trust operation, there is a new type of trust operation mode. Can not be a mythical blockchain, think that decentralization can be omnipotent, which is not in line with human logic and the logic of human social operation. But the role of the blockchain cannot be denied. This article was translated by "Cipher" of "Blue Fox Notes".
In the Bitcoin white paper first proposed in 2008, the pseudonym Nakamoto said: "We proposed an electronic trading system that does not rely on intermediary trust." He refers to the blockchain, the system behind the bitcoin cryptocurrency . Avoiding trust is a great promise, but it is not. Yes, Bitcoin eliminates certain trusted intermediaries inherent in other payment systems such as credit cards. But you still have to trust Bitcoin – and everything about it.
There have been many writings about blockchain and how it replaces, reshapes or eliminates trust. However, when you analyze blockchain and trust, you quickly realize that hype is much higher than value. Blockchain solutions tend to be worse than the ones they are replacing.
- One article about Ethereum's "Ice Age": this could be the last delay
- Essentials of "2019 Global Blockchain Industry Application and Talent Cultivation": Four levels, insight into industrial applications
- UAV plant protection, multispectral imaging, blockchain technology, farmer's uncle's farming "black technology"
- Blockchain Finance: Rewriting the history of accounting, sad "consensus" off | Zinc
- Can't beat Bitcoin in 2019, where is the strength of Ethereum in 2020?
- Report | 2018-2019 China Blockchain Business Environment Assessment Annual Report
The first thing to be reminded is that the blockchain I refer to refers to very specific things: the data structures and protocols that make up the public blockchain. They have three basic elements. The first element is a distributed rather than a centralized ledger (Blue Fox notes: there are multiple copies in a distributed, centralized only one ledger), which is a way of recording what happened and the order of things. This book is open, that is, anyone can read it, and it is immutable, that is, no one can change what happened in the past.
The second element is the consensus algorithm, which is a way to ensure that all copies of the ledger are the same. This is often referred to as mining, and a key part of the system is that anyone can participate. It is also distributed, which means you don't have to trust any particular node in the consensus network. It can also be extremely expensive, both in terms of data storage and the energy required to maintain data storage. Bitcoin has the most expensive consensus algorithm in the world to date.
Finally, the third element is money. This is a valuable digital token that is publicly traded. Currency is an essential element of the blockchain to coordinate all participants. These token transactions are stored on the ledger.
The private blockchain is completely meaningless (I mean a system that uses a blockchain data structure but does not have the above three elements). In general, they have some external restrictions on who can interact with the blockchain and its functions. These are nothing new; they are distributed, append-only data structures that contain a list of individuals to which the authorization is added. The consensus protocol in the field of distributed systems has been studied for more than 60 years, as is the only data structure that can be attached. As far as I know, they are just nominal blockchains. The only reason to use private chains is to use blockchains for speculation.
All three elements of the public blockchain are combined to form a network that provides new security attributes. The question is: Is this really good? This is all about trust.
Trust is vital to society. As a species, humans connect through trust. Without trust, society can't work, and most of us don't even think about it. This shows that the current trust-based system works well.
The word "trust" has many meanings. There is trust between people close to you. When we say that we trust our friends, we mean to believe in their intentions and to know the actions brought about by these intentions. There is also a trust in people who are not very close – we may not know a person or their motives, but we can believe in their future behavior. Blockchain makes this trust possible, for example, we don't know Bitcoin miners, but we believe they will follow the mining agreement and make the entire system work.
Most blockchain enthusiasts have an unnatural narrow definition of trust. They like to use some buzzwords such as "In code we trust", "In math we trust" and "In crypto we trust". The trust here actually exists as a verification. But verification is not the same as trust.
In 2012, I wrote a book about trust and security called "The Liar and the Outsider." Among them, I have listed four very common systems that are systems that humans use to inspire trustworthy behavior. The first two are moral and reputational. The problem is that they are only effective in people of a certain size. The original system is good enough for small communities, but larger communities require commissioning and more formalism.
The third is the institution. Institutions have rules and laws that induce people to act in accordance with group norms and impose sanctions on those who do not. In a sense, the law formalizes reputation. Finally, the fourth is the security system. These are the various safety technologies we use: door locks and tall fences, alarm systems and guards, forensics and auditing systems.
These four elements work together to achieve trust. In the banking industry, for example, financial institutions, businesses, and individuals care about their reputation, which prevents theft and fraud. Laws and regulations around all aspects of the banking industry keep everyone compliant, including alternatives to control risk in the event of fraud. From anti-counterfeiting technology to Internet security technology, people have many security systems.
In his 2018 book, The New Structure of Blockchain and Trust, Kevin werbach outlines four different "trust architectures." The first is peer trust. This is basically equivalent to the "moral and reputation system" I mentioned: a pair of people who trust each other. The second thing he said was Leviathan ("Cipher of Blue Fox Notes" Note: Leviathan, the mythical giant monster, here refers to the large organization) trust, which corresponds to the institutional trust I mentioned. You can Seeing this in the human contract system, the contract system enables parties who do not believe each other to sign an agreement because they believe that the government system will help resolve the dispute. The third one he mentioned is intermediary trust. A good one. An example is a credit card system that allows buyers and sellers who do not trust each other to engage in business activities. The fourth trust architecture he says is distributed trust. This is an emerging type of trust, especially in certain security systems, which is a block. chain.
What the blockchain does is shift some of the trust in people and institutions to trust in technology. You need to trust cryptography, protocols, software, computers and networks. You need to trust them absolutely, because they tend to be single-point failures (Blue Fox notes cipher note: here is the failure of a link that causes the entire system to fail).
When this trust proves to be wrong, there is no recourse. If your Bitcoin transaction is hacked, you may lose all your money. If your Bitcoin wallet is hacked, you will lose all your money. If you forget your login credentials, you will lose all your funds. If there is an error in your smart contract code, you will lose all your money. If someone successfully breaks the blockchain security, you will lose all your money. In many ways, trusting technology is more difficult than trusting people. Do you believe in the human legal system or believe in the details of the computer code (and you have not professionally audited the code)?
Blockchain enthusiasts point out that more traditional forms of trust are costly – such as bank fees. But the cost of blockchain trust is also high; only this cost is hidden. For Bitcoin, this cost is the cost of mining, transaction costs and huge waste of resources.
Blockchain does not eliminate the need for trust institutions. There will always be a huge scope that cannot be solved by technology alone. People still need to be in control, and they always need to be governed outside the system. This is evident in the debate about bitcoin block size, or in the repair of DAO attacks against Ethereum. We always need the ability to overturn rules under certain conditions, and we always need the ability to modify permanent rules. As long as the hard fork is possible—when someone outside the system tries to change it—people need to be in control.
Any blockchain system must coexist with other more traditional systems. For example, the design of modern banking is reversible. Bitcoin is not. This makes the two difficult to be compatible and the result is often unsafe. Steve Wozniak was defrauded of $70,000 in bitcoin for forgetting this.
Blockchain technology is often central. Bitcoin may theoretically be based on distributed trust, but in reality, this is not true. Almost everyone who uses Bitcoin must trust a small number of wallets and use a small number of available exchanges. People must trust software and operating systems and computers, all the services that Bitcoin needs to run. We saw attacks on wallets and exchanges. We have seen Trojans, phishing and password guessing. Criminals even use the opportunity to fix defects in the mobile phone system to steal bitcoin.
In addition, in any distributed trust system, there is a backdoor approach that is centralized to sneak into the system. In the Bitcoin system, only a few miners control most of the computing power, and only one company provides most of the mining hardware, and only a few exchanges account for the vast majority of transactions. For most people, interacting with Bitcoin is through these centralized systems. This also makes it possible to launch attacks on the blockchain system.
These issues are not errors in current blockchain applications, they come from the way the blockchain industry inherently operates. Any assessment of the security of its system must consider the entire social technology system. Too many blockchain enthusiasts focus on the blockchain's own technology, ignoring other social technology systems.
To some extent, people don't use bitcoin because they don't trust bitcoin. This is not related to cryptography or protocols. In fact, in this system, if you forget the private key or accidentally download the malware and lose your life savings, then perhaps this system is not particularly trustworthy. At this time, how to explain how SHA-256 prevents double flowers does not help.
Similarly, to some extent, people use blockchains because they trust blockchains. People decide whether or not to own Bitcoin based on the reputation of Bitcoin; even those who own Bitcoin are the same. They own Bitcoin because they think Bitcoin will make them rich overnight. People choose a cryptocurrency wallet, or exchange, based on their reputation. We even evaluate and trust cryptography that supports blockchain based on algorithmic reputation.
To understand that this may fail, take a look at the various supply chain security systems that use the blockchain. Blockchain is not a necessary feature of any of them. They succeed because everyone has a single software platform to enter their data. Although the blockchain system is based on distributed trust, people do not necessarily accept this. For example, some companies don't trust the IBM/Maersk system because it's not the company's own blockchain.
Irrational? Maybe, but trust works like this. It cannot be replaced by algorithms and protocols. It also contains many complex factors at the social level.
Still, the idea that blockchain can somehow eliminate trust is still there. Recently, I received an email from a company that used blockchain to implement secure messaging. The message says: "As we did, the use of blockchains eliminates the need for trust." This sentiment suggests that the author misunderstood the role of the blockchain and how trust works.
Do you need a public chain? The answer is almost certainly no, you don't need it. The blockchain may not solve the security problem that you think can be solved. The security issues it solves may not be the problem you are experiencing (manipulating audit data may not be your primary security risk). False trust in the blockchain itself can be a security risk. Inefficiency, especially in terms of scale expansion, may not be worth it. I've studied a lot of blockchain applications, all of which can implement the same security attributes without using blockchains – of course, they won't have cool names.
Honestly, cryptocurrencies are of little use. They are only used by speculators who seek to get rich quickly, and who don't like legal currency and who trade on the black market.
To answer the question of whether we need a blockchain, ask yourself: Is the blockchain changing the trust system in any meaningful way, or is it just a transfer? Is it just trying to replace trust with verification? Is it to strengthen existing trust relationships or is it trying to oppose it? How does trust be abused in the new system, is this better or worse than being abused in the old system? Finally: If you don't use blockchain at all, what would your system look like?
If you ask yourself these questions, you will most likely choose a solution that does not use a public blockchain. This will be a good thing – especially when the hype is dissipating.
Risk Warning: All articles in Blue Fox Notes do not constitute investment recommendations . Investment is risky . Investment should consider individual risk tolerance . It is recommended to conduct in-depth inspections of the project and carefully make your own investment decisions.