(Forget about the Drugs and Rock & Roll… it’s all about the SECS.)
Blockchain technology could change the world as we know it, or so the hype would have us believe. Is blockchain technology really all that it’s hyped up to be? Let’s compare the traditional centralized technology approach with the new kid on the block(chain), FinTech Distributed Ledger Technology (DLT) aka Decentralized database technology. To put things into a more balanced perspective, let’s focus on some basics – specifically, the SECS: S (Security), E (Efficiency), C (Costs/Compliance), and S (Speed).
The proponents of a DLT approach claim that their systems are more secure than traditional centralized systems, largely due to the immense mathematical processing efforts that would be required to fool the system and then allow for spurious entries/double-spends etc., to be committed to the block. This is somewhat true. For example, the Bitcoin system (as far as the network/software and database accessibility are concerned) has never been hacked per se.
However, the Ethereum platform has certainly had its problems, and a number of cryptocurrency exchanges and digital wallet providers – both essential component entities of DLT systems supporting crypto-assets – have had to deal with the ignominy of several security embarrassments, including:
- In February 2014, 850,000 Bitcoins (worth $450 million) went “missing.” When the dust settled, the Mt. Gox Bitcoin Exchange was totally put out of business.
- The Silk Road affair showed how the new technologies can be forced to deal with the demands of the FBI and IRS. In addition to having certain assets seized, they were forced to cooperate with the authorities to assist in identifying the beneficial owners of the crypto-assets. So much for anonymity!
- The Parity Technologies affair showed how accidental (or otherwise) deletion of code can compromise digital wallets, making customer cryptocurrency funds inaccessible – possibly permanently – to the tune of $150,000,000.00.
In reality, if a cryptocurrency user loses their digital credentials (imagine a lost or stolen PC with no back-up), then their asset balances are gone forever, unlike with a traditional fiat currency-based bank. There’s no way you can generate new passwords/private keys for a lost digital wallet.
Ironically, some of the traditional banks out there have been actively considering providing “safe custody” type services to customers, in order to better safeguard their crypto-assets access rights. But, isn’t this at odds with the oft-heralded “anonymity” supposedly proffered by the DLT providers?
If you wanted to make decentralized applications more efficient and user-friendly, you could, for example, centralize all users’ cryptographic signing keys (i.e., gain effective control of their coins) via a trusted entity. But then we’re pretty much back to square one, and would be better off using a service that is centralized.
Finally – when it comes to security and encryption of a Hash on the Bitcoin system (they currently use the SHA-256 algorithm standard), will we need to completely re-write everything when and if quantum computing matures to the point where it can be used break this level of encryption?
The DLT purists will argue that that their approach is more complete and tamper-proof than relying on compiling and comparing data from various centralized systems provided by different entities. With Blockchain, each and every transaction (from the creation of an asset tied to the initial owner, and every transaction to transfer ownership to other owners) is meticulously recorded and time-stamped as part of the block.
DLT systems are simply not currently capable of handling large numbers of transactions in an efficient and timely manner. The fact that Ethereum’s current script for executing Smart Contracts cannot handle the use of decimal points is simply one point to consider.
By default, as more blocks get added to a DLT system, they get tied to all the other preceding transactions. As a result, the amount of data in the system progressively gets larger, impacting the speed and responsiveness of the system.
The apparent potential in cost savings of using DLT approaches seems to be significant. It’s possible that some existing Intermediaries might get displaced. For example, ESCROW Account service providers could see their business processes being automated and replaced by Smart Contracts for far lower fees than currently is the case. However, how much money savings can in fact be realized?
What about the hidden, less obvious costs? Are Smart Contracts governed by laws, inasmuch as they become legally enforceable? Does new/immature code really properly protect parties when transactions are conducted in this way?
Banks currently have laws and procedures and, more importantly, tried and tested mechanisms to compensate and protect their customers’ deposits (FDIC, etc.). How are consumers going to feel if their digital wallets get raided/nullified and they’re potentially left with nothing, and with no legal recourse to reclaim at least some percentage of their loss?
What recourse does a business have when something goes awry? Do you sue the providers of the DLT Platform service, insist that they introduce forks to rectify the issues? Who is liable? Who is authorized to make awards and recompense innocent parties? And what are the likely costs of committing to a major re-write of such systems?
On the compliance side, which regulatory bodies and/or laws pertain to DLT technology? The hype suggests that we need not worry about such things; because everybody can see (at least on a public blockchain system) exactly who did what, with whom, and when; there’s complete transparency. But there are certain transactions for which users may not want such a full and open audit trail. For example, does a business really want competitors to view transactions that clearly show who their customers are, which suppliers they deal with, and on what terms?
The relative immaturity of DLT-based offerings and the often-overlooked possible side effects should be a concern for all.
Customers today increasingly demand “instant” reactions to their queries/transactions etc. It can be argued that, especially when it comes to speed, centralized systems are more efficient than the DLT type approach. Why?
Blockchain requires that each new record must be serialized – which makes it slower than centralized database systems which can update data in parallel. The fact is that some transactions (particularly those that do not involve paying a transaction fee, and are therefore less valuable to the miners) can take hours to be confirmed and committed to the block.
Compare this to front-end trading and/or payment systems, where 30,000 messages per second are considered quite usual. Are our customers going to be patient and wait and wait and wait to learn that their transactions have been confirmed? Or, will they prefer to hear within seconds that their payment has been successfully processed?
Also consider what will happen if you need to append other files types (images etc.) to complete your DLT type transactions? How much additional storage capacity will you need to allow for these data types? Will an inefficient node on the chain – one that struggles to replicate things in a timely fashion – affect overall throughput performance?
In short, centralized systems are more efficient at handling tasks where time is of the essence.
Indeed, the very nature of public blockchains – whereby supposedly “anybody” can join – means that, in order to protect against potentially malevolent actors, the system and its processes need to serialize every transaction. This approach is so much slower than the parallel processing afforded by centralized approaches that it doesn’t make sense to spend time and money for no tangible gain or benefit.
Where we go from here
To be fair, FinTech just offers us too much potential value for us to turn our backs on it; it’s too sexy (SECSy?) to ignore. But, as I have always said, until some serious questions are answered to a certain level of satisfaction, uptake is going to lag, especially in mainstream finance.
Regular Planet Mainframe Blog Contributor
Allan Zander is the CEO of DataKinetics – the global leader in Data Performance and Optimization. As a “Friend of the Mainframe”, Allan’s experience addressing both the technical and business needs of Global Fortune 500 customers has provided him with great insight into the industry’s opportunities and challenges – making him a sought-after writer and speaker on the topic of databases and mainframes.