In 2008, the author using the pseudonym Satoshi Nakamoto wrote a white paper describing a new decentralized cryptocurrency, Bitcoin. In the past, people's attempts to develop cryptocurrencies have relied on pre-established trusted entities to maintain the normal operation of the system, while Bitcoin is designed to run on the open Internet, without the person in charge, while maintaining high security. Although the elements that make up Bitcoin are nothing new, combining these attributes into the same system is a significant contribution, and Bitcoin has become the first cryptocurrency to receive widespread attention.
After Bitcoin's success, people quickly analyzed this technology to understand its working principles and new features. Its most innovative component is named blockchain technology, which is a decentralized mechanism for participants to reach consensus on data and calculations.
Technology news often brings an inspiring impression, telling people that blockchain technology reduces or even completely eliminates the need for trust. This innovative use case extends the boundaries of imagination. But sometimes there are voices of opposition.
The truth is that trust is a complex thing. Blockchain technology does eliminate some specific and narrow dependencies on trust, but it also requires some new assumptions; for specific use cases, these assumptions may be better or worse. Therefore, when it comes to the efficiency, security, and cost of blockchain technology, it is difficult to give an accurate summary in one sentence.
Obviously, this technology needs more in-depth discussion. Business executives, government leaders, investors, and researchers often ask the following three questions:
1. What exactly is blockchain technology?
2. What features does it provide?
3. What kind of application is a good application?
The purpose of this article is to thoroughly answer these questions, proceed from reality, strip the hype information, provide an overall overview of blockchain technology, and give a set of keywords to discuss future blockchain technology details.
The first major category in the concept of blockchain technology is technical attributes, which are divided into three key groups: shared governance and operations, verifiable status, and ability to resist data loss.
Figure 1 shows the relationship between them.
Shared governance and operations
Blockchain technology solves the problems faced by the following scenarios: a collection of entities (such as some individuals or companies) want to participate in a public system, but there is no trust relationship between each other or any third party, and the entire system cannot be operated by a single entity. If participants reach consensus on the details (governance) of the system and then deploy networked devices (called "miners") to run the system, each entity can confirm that the system is operating correctly.
If a small number of miners are attacked (even if there are only minor changes), unattended miners can reject the malicious measures taken by the attacked miners and keep the system running properly.
In this way, blockchain technology provides a decentralized trust relationship, and the system trusts a collective of miners. People often refer to this relationship as "no trust", which is wrong-trust still exists, but it has been dispersed.
Shared operations are based on a "consensus agreement", which is used by miners to agree on which operational operations the system will perform (called "transactions"). The operation of trading is sometimes like a financial transaction, as it is literally, it transfers units of value from one account to another; but in a broader sense, it is a set of Input to perform a function (it may itself be stored in a blockchain system).
The form of shared governance depends on the nature of the effective transaction (for example, the transaction is digitally signed by the sender) and how the system operates (for example, the size and number of operations in the transaction are limited to a certain range).
Shared operation means that each miner will verify the transaction and use consensus between miners to ensure that only the correct output of valid transactions is written to the blockchain system (one can propose invalid or execute incorrect transactions, but the miners refuse them).
We can classify blockchain systems based on the "choose who acts as a miner" rule:
Open governance (ie, a blockchain system without permission). As long as they are willing, anyone can participate in the consensus agreement, regardless of their identity. To prevent witch attacks (the attacker creates multiple identities to influence the outcome of the consensus protocol), the consensus protocol that the open governance system relies on requires miners to prove that they own and/or spend some expensive limited resources.
Proof of work (to prove ownership of computing resources) and proof of ownership (mortgage of digital assets owned on a blockchain system) are two common methods.
Alliance governance (that is, a licensed blockchain system). The participants in the consensus protocol are limited to miners approved on the whitelist defined during system initialization. If this setting is never changed, the system is called a "static federation." Another form is called "Agile Alliance", in which the composition of miners changes over time according to system rules (such as random selection) or through the consensus of existing miners.
Since each miner in the alliance is mapped to a known identity, traditional Byzantine fault tolerance protocols (from distributed systems) can be used. This avoids the wasted resources of protocols like proof of work against witch attacks.
Each type of governance needs to reward correct participant behavior. The first incentive is "internal", which means that the miners will maintain the system faithfully because they use the system to gain value. Second, the blockchain system can provide miners with direct benefits to reward their loyal execution (such as minting money and giving it to miners). This is the "on-chain incentive" measure.
Finally, there are “off-chain incentives”, which are incentives that are not managed by the blockchain system, such as contractual obligations or personal reputation. Importantly, off-chain incentives apply only to consortium governance, as they must understand the identity of the miners.
Entities use blockchain technology because they want the trust to be rooted in the system (that is, the current state of the system accurately reflects the transactions that the consensus protocol allowed to execute in the past). In order to achieve this trust, miners write all transactions in password-validated additional-only ledgers, provide a complete system traceability history, and allow miners (or outsiders) to review the current status and past operations of the system.
In many systems, including bitcoin, this ledger is commonly known as "blockchain" (we avoid using this term for the ledger to avoid confusion with the terminology of blockchain technology at the macro level). In the ledger, all transactions are strictly ordered, and after a consensus is reached (as long as the consensus continues to exist), this ordering will not change and transactions will not be deleted.
Therefore, all miners starting with the first entry (called the "genesis block") will process all transactions in the same order, and eventually, the entire system reaches the same current state.
Protect against data loss
If the ledger is stored in a single location, all parties can detect the deletion or modification of the data, but there is no guarantee that the data will be recoverable if the data is lost. With the help of blockchain technology, the contents of the ledger can be copied between all miners to solve this single point of failure. When data does need to be recovered (such as when a single miner's ledger is damaged or a new miner joins), the copied data can be verified to ensure that it correctly represents the state of the system.
Some blockchain systems attempt to segment data and assign miners to handle governance and operations only for a subset of the system, thereby limiting the amount of data that any given miner needs to replicate. This is called "sharding" and a segment of data is called a shard. Sharding can greatly reduce the amount of data that miners need to store, and can also improve the performance of consensus protocols, which are usually extended based on the number of miners. Sharding also adds complexity when auditing the entire system.
In addition, sharding reduces the number of miners responsible for any given transaction, which also reduces the number of miners that adversaries need to deceive end customers (misleading their perception of whether a transaction exists).
Capabilities define advanced functions that can be implemented in the system design using blockchain technology. The previous section described the three core functions of blockchain technology:
(1) Shared governance and operation;
(2) Verifiable status;
(3) Ability to resist data loss. In specific programming work, we identified 11 additional capabilities.
(In Figure 2, these capabilities are color-coded: purple for capabilities; blue for technical attributes; green for technical primitives. The object pointed by the arrow depends on the object where the arrow's starting point is located.)
Source and audibility
The blockchain system provides a complete history of all transactions approved by the consensus process (i.e. the source of the complete system). Miners can use this information to audit the system and ensure that it always follows proper rules. In addition, non-miners can use this information to verify that the system is properly governed and operated.
If you use transactions to store information about digital or real-world resources, you must "staple" the resources to an on-chain identifier. The source information of the blockchain system can also be used to provide audit information for these resources. This can be used to track off-chain physical assets (such as for supply chain management), off-chain digital assets (such as copyrighted digital media) or on-chain digital assets (such as cryptocurrencies or data files).
Access control and anonymity
There may be some restrictions on the data stored in the blockchain system so that users can use them as input to a transaction or modify it as part of a transaction. For example, a financial asset can only be a valid input for a transaction if its owner approves its use. One way to provide this is to store access control lists (ACLs) in the ledger and have the appropriate users prove their identity to the miner (for example, using Kerberos or OAuth 2.0) as part of the transaction verification process.
More commonly, access control in blockchain systems is implemented cryptographically: data is associated with a public key when it is created, and only users who can prove that they have knowledge of the corresponding private key (for example, by generating a The public key of the data verifies the signature) can be authorized to use or modify the data as part of the transaction. Data can be associated with a new public key to extend or transfer ownership of the data.
Key-based data ownership (as opposed to ACL-based) has another advantage: it allows anonymous ownership and anonymous data use. Nevertheless, careful attention needs to be paid in system design to use appropriate encryption techniques (for example, zero-knowledge proofs, hybrid networks, or secure multiparty computing) to avoid linking individuals in the real world to their keys and actions. This issue is yet to be resolved.
Automatic execution (smart contract)
In a universal blockchain system, a transaction that stores a set of function codes and the initial state of the contract can be used to deploy a smart contract or decentralized application (DApp). These functions can then be called in subsequent transactions. These functions are executed by the miners themselves, and the output is verified by a consensus protocol. Any entity can execute any function, but if the conditions for calling the function are not what the designer expected, this function may encounter a program failure.
The computing power of scripting languages that can be used to specify functions varies from system to system, and there are many fine-grained rules that ensure that each miner determines and executes the function in a timely manner. Bitcoin is known for its very limited scripting language, which can be used almost exclusively for financial transactions; Ethereum pursues rather lengthy code for general-purpose computing.
If users are allowed to read any record stored in the blockchain system, then users can search for records they are interested in. This ability is nothing more than providing a read-only data lake, but there is still a lot of literature discussing this.
Challenges and limitations
Our analysis reveals several major challenges to consider when developing a system that uses blockchain technology.
Scalability and performance
Decentralized governance and operations will generate three forms of overhead:
(1) need to run consensus protocols before status updates;
(2) need to store complete system sources, and
(3) each miner needs to store the entire ledger.
In addition, most of today's open governance blockchain systems are based on proof of work, which brings more challenges. Users must purchase hardware and consume power in order to participate in the consensus mechanism, which may mean high costs in the real world. For example, it is estimated that as of April 2018, the energy consumed by Bitcoin miners alone is equivalent to the electricity consumption of nearly 5.5 million American households.
All executable code has errors, and smart contracts are no exception. The immutability of the blockchain ledger will prevent the rollback of state changes (even if the state changes are obviously malicious), further exacerbating this challenge. Failure to take action on this can be costly (such as a DAO attack), but canceling transactions can also cause huge losses. If a miner decides to roll back the ledger to clear a wrong transaction, the user may lose confidence in the entire blockchain system.
The rollback system must be carefully designed, otherwise there is a risk of further exploitation. Or, if miners cannot reach a consensus on how to deal with wrong transactions, it may lead to "forking": that is, creating two competing blockchain systems.
Many blockchain systems use digital identifiers, also called "tokens", to represent off-chain assets on the chain and manage them. The main challenge for these applications is to ensure consistency between the on-chain state and the off-chain state it represents. When dealing with digital assets, consistency can be maintained through code; for example, smart contracts can track the ownership transfer process of digital media licenses. For physical assets, real-world processes must be introduced to ensure consistency. These processes are clearly the obvious point of failure, as they rely on "the correct execution of trusted parties" (which is exactly what many blockchain systems want to eliminate).
End-users must also be trusted because they can strip tokens and sell them while retaining assets, allowing tokens to be attached to an invalid asset (such as fakes in the luxury market).
Similar challenges are encountered when blockchain systems must track real-world events and information, such as sports scores and web requests. Although such information can be provided by "off-chain authority" sources, these trusted entities are difficult to audit.
Due to its decentralized nature, blockchain systems may be vulnerable to multiple security threats. The collaborative attack of most (or often only a few) miners can reorder, delete, and change transactions on the ledger. In addition, blockchain systems are vulnerable to traditional cyberattacks, such as the denial of service or partition attacks. This type of attack is designed to reduce the number of participating miners or disrupt the network of miners to prevent them from reaching consensus, lowering the threshold for attacks, or creating inconsistent states.
Privacy and Anonymity
For verification purposes, the data in the blockchain ledger is public (at least for all miners), which means that sensitive data is naturally non-private. A reference monitor can be used to provide confidentiality, which restricts access to non-miners based on access control lists stored in the ledger, but this introduces a trusted entity (reference monitor). Or you can use advanced encryption technology to encrypt the data, which allows miners to verify the correctness of encrypted transactions (such as zero-knowledge proof, secure multiparty computing, and functional encryption), but encrypted data limits auditability and shared governance Ability.
Extra care must be taken when trying to build an anonymous blockchain system. Although many existing blockchain systems provide a concept of "pseudonyms" in which users provide identification through their cryptographic keys instead of their real-world names, this does not provide true anonymity because an attack would Associate transactions with the same pseudonym with other external data, effectively breaking the anonymity of the blockchain system.
Ease of use
The availability of user-friendly development tools varies greatly depending on the maturity of the blockchain platform. Some projects such as Ethereum have mature tools, while others have almost no corresponding support. Many blockchain platforms are aimed at expert users, and the lack of tools that focus on the user experience makes it difficult for non-expert users to use.
A related challenge is that some blockchain systems require users to store, manage, and protect encryption keys. As everyone knows, this requirement is a major obstacle for most users.
Legality and regulations
Some of the benefits claimed by the blockchain system cannot be attributed to its underlying technology, but are achieved by circumventing supervision and supervision, which will slow down existing systems (relevant examples are international payments, or to investors Sell virtual assets to raise funds). As regulatory policies improve, compliance becomes a priority. Blockchain technology itself is not directly regulated; companies are regulated based on the specific way they use this technology.
The most discussed regulatory areas are taxation, audited financial statements, transaction reporting (know your customer / anti-money laundering / counter-terrorist financing), securities law, banking, and custody. The extreme case of regulatory action is the prohibition of cryptocurrencies or blockchain assets.
Industries and governments can apply blockchain technology in many use cases that require shared governance, verifiable state, and/or resilience to data loss recovery.
Financial use cases
Electronic money and payments
As we all know, blockchain technology can be used to build cryptocurrencies. Bitcoin is a viable example. Blockchain technology makes electronic transactions flexible, even when large amounts of money are involved. Bitcoin has obvious disadvantages, including low scalability, high energy consumption, and a limited degree of privacy protection. The use of consortium-managed payment systems can address the first two key challenges.
Financial markets allow asset exchange. This behavior often involves many intermediaries, such as exchanges, brokers and dealers, depositors and custodians, and clearing and settlement entities. Blockchain-based assets have either intrinsic value or claims on off-chain assets (physical or digital assets), so they can be traded directly between participants, and can be provided for custody, and require less financial market infrastructure Smart contracts to manage.
The two main challenges are:
(1) Binding tokens representing things off-chain (such as a company's equity or debt instruments); and
(2) Government regulation and compliance.
Markets and auctions
The core component of asset trading is the market itself, which is the market where buyers and sellers look for each other, exchange assets, and provide price information to observers. Auctions are a common mechanism for setting fair prices; this includes double-sided auctions, such as order books commonly used in financial transactions. The main challenge of a decentralized market is that transactions must be broadcasted in accordance with consensus protocols, so they cannot be kept secret, which will undermine privacy and lead to head-shot transactions.
Insurance and Futures
Blockchain systems can arrange transactions based on future time or events. For example, purchase assets at a fixed price, pay insurance for a fire or take action against a loan default at some future time.
The key challenges include:
(1) identifying trusted authorities to report relevant off-chain events, such as fires, exchange rates, etc. (or limiting contracts to on-chain events);
(2) locking enough collateral to address all possible What happens, or the counterparty promises to fulfill its obligations, but there is a "counterparty risk" where the counterparty is unwilling to perform the obligation-the system design needs to strike a balance between these two scenarios.
Penalties, remedies and sanctions
The legal contract anticipates possible violations in the future and provides for a range of penalties or remedies. With the help of blockchain technology, the possible outcomes can be programmed (the programming can be overturned by traditional litigation in the future). As with the insurance and futures sections, authority and counterparty risk are the main challenges here.
Data storage and sharing use cases
Blockchain technology can be used to track globally distributed, valuable, proven material assets. These include stand-alone items such as art and diamonds, certified items such as food and luxury, scattered items such as convoys, and packages that require multiple hands during long-distance transportation. This asset also includes components of complex equipment from different companies.
For heavily regulated industries such as the aviation industry and military/intelligence application scenarios, it is important to determine the source of each part used and the maintenance history (ie, its source). Blockchain technology provides a universal environment in which no company has outstanding capabilities and control over a database that tracks this information.
The key challenges here are the reliable binding, confidentiality of data, and the requirement to join all necessary companies into the same blockchain system.
Identity and key management
Identity and cryptographic proof of these identity attributes (for example, over 18 years of age, have a driver's license, have a specific cryptographic key) can be maintained on the blockchain system. This is a special case of asset tracking, where "asset" is a person. The key challenges here are the same as in the previous section.
Tamper-resistant record storage
The blockchain-only additional ledger can be used to store documents, including the change history of those documents. This use case is best suited for storing valuable records (such as certificates and government licenses), which have a small amount of data and are publicly available (because all miners will make a copy). If large and/or confidential documents need to be stored, the blockchain system may store the document's security pointers (such as binding/hiding promises), while the document itself is stored in other systems.
Other use cases
Electronic voting is a challenging issue, and it is generally considered to benefit from the properties of blockchain technology. Shared governance can be used to ensure that multiple stakeholders (governments, NGOs, international oversight agencies, etc.) can work together to ensure that elections are legal. Auditability can be used to provide voters with evidence that elections are fair.
Finally, the elasticity of blockchain technology can be used to defend against cyberattacks against voting systems. However, there are many challenges to vote on the blockchain system:
(1) the blockchain system does not provide native support for anonymous voting;
(2) voting can be changed by the device that submitted the electronic vote (if it is a secret ballot, Then such a change cannot be found);
(3) the encryption key can be sold to the bribe chooser;
(4) a key recovery mechanism needs to be established for the lost key.
Gambling and games
Gambling has become very popular on Bitcoin and Ethereum. Players can review the contract code to ensure the fairness of execution, and the contract can use cryptocurrencies to handle finances (including custody of funds to a third party to prevent losers from withdrawing before payment). This use case is best suited for gambling games that do not require knowledge of randomness, private state, or off-chain events.
Regardless, blockchain technology is not a panacea, but it can be a useful tool when system requirements exceed its application costs. A good starting point is to ask the following questions:
Does the system need shared governance?
Does the system need to share operations?
If the answer to both questions is negative, then there is no need to bear the overhead of blockchain technology. If both answers are yes, then this technique is suitable. If only one answer is yes (only shared governance or shared operations are needed, not both), then two other questions should be considered:
Is it necessary to audit the source of the system?
Is it necessary to prevent malicious data deletion?
If auditability and data replication are critical, you should consider using blockchain technology. This is because meaningful shared governance and operations require miners to audit other people's actions and be able to recover data that malicious miners might attempt to delete.
Although blockchain technology cannot solve all problems as its proponents advertise, it is still a meaningful technology that will continue to be used in the industry and deserves further research and experimentation.