Line 27: |
Line 27: |
| |}</div></div> | | |}</div></div> |
| | | |
− | {{TOCright}} | + | {{Delete|reason=Expired Content}} |
− | | |
− | == Distributed Ledger Technology and Blockchain Overview ==
| |
− | Ledgers have been used to record transactions since ancient times in order to document the exchange of an asset of goods for something of value. Ledgers record the transactions making difficult for participants to dispute the transaction. Ledgers have transformed from paper products to database applications to store and preserve transactional information. With the advent of blockchain techniques developed by Bitcoin, interest in blockchain for recording transactions within distributed, decentralized ledgers has exploded with over $1.1B in research and start-up funding. Underlying the distributed ledgers is the blockchain technology and a supporting peer-to-peer network that provides transactional computations and peer consensus.
| |
− | | |
− | A blockchain is a peer-to-peer distributed ledger of transactions (contained within chained blocks) forged by consensus, combined with a system for "smart contracts" and other assistive technologies. Together these technologies can be used to build a new generation of transactional platforms that establish trust, accountability, and transparency while streamlining business processes. Think of it as a value exchange network for marketplaces, data sharing, micro-transactions, and an enabler of peer-to-peer digital communities. It has the potential to vastly reduce the cost and complexity to getting this done in the real world. The image below depicts a simplified block chain.
| |
− | | |
− | <br>
| |
− | | |
− | [[File:Simplified Blockchain Example.PNG|centre|thumb|697x697px|Simplified Blockchain Example]]
| |
− | | |
− | <br>
| |
− | | |
− | The table below provides a description of the components that provide the capabilities in order to create a distributed ledger system using blockchain technology:
| |
− | | |
− | <br>
| |
− | | |
− | {| class="wikitable"
| |
− | ! style="background: #000000; color: #ffffff " |'''Component'''
| |
− | ! style="background: #000000; color: #ffffff " |Component Description
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Distributed Ledgers'''
| |
− | |A distributed ledger is a consensus of replicated, shared, and synchronized digital data geographically spread across multiple sites, countries, and/or institutions. The ledgers are decentralized as all miners have equal access to distributed ledgers and each miner may create a block independent of other miners.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Block Chain'''
| |
− | | style="background: #e5e5e5; color: #000000 " |A blockchain is a type of distributed ledger, comprised of unchangeable, digitally recorded data in packages called blocks. A blockchain is just one type of distributed ledger, not all distributed ledgers necessarily employ blocks or chain transactions. Blockchains may also be described as public or private. Public blockchains allow for anyone to participate in any capacity while private blockchains are restricted to authorized participants.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Distributed Ledger Technology Platforms'''
| |
− | |The IT/IS system that provides blockchain capabilities. These platforms may be public, private, cloud-based, or provided as a PaaS.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Value: Exchange Network'''
| |
− | | style="background: #e5e5e5; color: #000000 " |A set of network protocols designed to enable the exchange of assets for something of value over a peer-to-peer network referred to as a Value: Exchange Network.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Programmable Logic'''
| |
− | |Enables transactional conditions to be enforced and allows for the new capabilities to be added to existing business services and processes by instantiating new blockchain algorithms.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Transaction'''
| |
− | | style="background: #e5e5e5; color: #000000 " | Documents the exchange of an asset or goods for something of value.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Transaction Blocks'''
| |
− | |A set of transactions that are incorporated into a blockchain.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Transaction Address'''
| |
− | | style="background: #e5e5e5; color: #000000 " |A unique address of the requestor and/or recipient of the transaction.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Public and Private Infrastructure'''
| |
− | |Private and public keys are used by transaction requestors to submit transactions while preserving the true identity of the requestor.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Miners'''
| |
− | | style="background: #e5e5e5; color: #000000 " |Miners are individuals who run ledger platforms to repeatedly calculate hashes with the intention to create a successful block. Once a block has been created, other miners form a consensus that the block of transactions is valid. If consensus is not reached, the block is discarded.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Consensus Mechanism''' | |
− | |Process in which a majority (or in some cases all) of miners come to agreement on the state of a ledger. It is a set of rules and procedures that allows maintaining a coherent set of facts between multiple participating miners.
| |
− | |}
| |
− | | |
− | <br>
| |
− | | |
− | === ''Blockchain Concept'' ===
| |
− | The strength of the blockchain concept lies in its ability to preserve the integrity of transactions and the relationships between individual transactions. The integrity of transactions is based on the use of hashes and the complexity of computing and resolving hashes. In fact, as blocks are added to a blockchain, the hash calculations become more complex making it more difficult for adversaries to resolve the hashes and compromise the integrity of the transactions. The image below depicts the increasing hash complexity as more blocks are added to chain.
| |
− | | |
− | <br>
| |
− | | |
− | [[File:Increasing Hash Complexity.PNG|centre|thumb|898x898px|Increasing Hash Complexity]]
| |
− | | |
− | <br>
| |
− | | |
− | [[File:Consensus Polling.PNG|thumb|334x334px|Consensus Polling]]
| |
− | The root node of a Merkle Tree is a descendant of all the hashed pairs in the blockchain. Block headers must include a valid Merkle roots descended from all transactions in the blockchain. When a block of transactions is created, miners put it through a hashing process. Miners take the information in the block, and apply a mathematical hash algorithm to it, turning it into something else. That something else is a far shorter, seemingly random sequence of letters and numbers known as a hash. This hash is stored along with the block at the end of the blockchain at that point in time.
| |
− | | |
− | Hashes have some interesting properties. It is easy to produce a hash from a collection of data like a block, but it is practically impossible to work out what the data was just by looking at the hash. In addition, while it is very easy to produce a hash from a large amount of data, each has is unique. If you change just one character in a block, its hash will change completely. Miners do not just use transactions in a block to generate a hash. Some other pieces of are used too. One of these pieces of data is the hash of the last block stored in the blockchain. Because each block's hash is produced using the hash of the block before it, it becomes a digital version of a wax seal. It confirms that this block - an every block after it - is legitimate, because if it were tampered with, everyone would know.
| |
− | | |
− | The image on the right depicts the polling cycle in order to confirm the validity of the new block. Once Miner A has calculated the hashes for a new block, Miner A submits the Proof of Work to the mining community. The mining community individually validates the new block and polling is conducted based on a consensus mechanism. Consensus is determined based on the polling criteria. A simple majority may suffice or the polling criteria may require a 100% of miners to affirm the new blocks' validity.
| |
− | | |
− | === ''Blockchain Transaction Integrity'' ===
| |
− | As described above, the integrity of the blockchain increases as more blocks are added to the chain. Each block relies on the previous blocks to calculate hashes for the new block. If a transaction in a previous block is determined to be invalid the hash chain is broken and future blocks cannot trace the hash chain to the genesis or originating block, therefore compromising the hash chain.
| |
− | | |
− | The image below depicts the situation where a report has been made concerning improper transaction that occurred in Block 3. If the transaction is rolled back, the Block 4 and 5 hash chains are now invalid and cannot be traced back to the genesis block. In order to remove the improper transaction and re-establish the hash chain, a side chain is created. New hash calculations are made for Blocks 3, 4, and 5, and the side chain becomes the chain where new blocks are added. Miners subsequently rely on the side chain for adding additional blocks and the original chain is terminated.
| |
− | | |
− | <br>
| |
− | | |
− | [[File:Side Chain Creation.PNG|centre|thumb|835x835px|Side Chain Creation]]
| |
− | | |
− | <br>
| |
− | | |
− | === ''Blockchain Privacy'' ===
| |
− | As noted earlier, a distributed ledger relies on a peer-to-peer network of miners to calculate hashes and provide consensus on proposed blocks. This requires an open ledger system in which the privacy of the data cannot be guaranteed. One option to ensure privacy is to develop a closed ledger system where all miners are authorized to participate in the blockchain development.
| |
− | | |
− | Another approach is to create a permissioned system in which identity of users is whitelisted (or blacklisted) providing privacy for the user community. In contrast, a permission-less system is one in which identity of participants is either pseudonymous or even anonymous.
| |
− | | |
− | === ''Blockchain Example: Smart Contracts'' ===
| |
− | One of the major focus areas for the future of ledger-based systems is the applicability to the management of contracts, often referred to as "Smart Contracts". The image below depicts the Smart contracting concept whereby the contractor submits work completed as contractual events in exchange for value transaction.
| |
− | | |
− | <br>
| |
− | | |
− | [[File:Smart Contracting Concept.PNG|centre|thumb|654x654px|Smart Contracting Concept]]
| |
− | | |
− | <br>
| |
− | | |
− | The Smart Contract becomes an event-driven program that captures the state of the contract. The benefit is that both parties have access to the replicated ledger and understand the Smart protocols that lead to value exchanges. As the ledger is replicated, each party understands the state of the contract at any time. Once the last contractual event is submitted and a transaction payment ID made, the contract is considered complete and the ledger is archived. The idea of smart contracting is being extended to "Smart Property" wherein the blockchain becomes an inventory, tracking, and exchange mechanism for the management of hard assets or property.
| |
− | | |
− | <br>
| |
− | | |
− | == Using Distributed Ledger Technology ==
| |
− | The decision to implement a distributed ledger system is dependent on a number of factors including transactional performance in terms of transaction commit times and the size of the transactional community. The image below provides a decision tree in order to evaluate the implementation of a distributed ledger system.
| |
− | | |
− | <br>
| |
− | | |
− | [[File:Decision Tree for a Distributed Ledger-Based Platform.PNG|centre|thumb|963x963px|Decision Tree for a Distributed Ledger-Based Platform|link=http://www.gcpedia.gc.ca/wiki/File:Decision_Tree_for_a_Distributed_Ledger-Based_Platform.PNG]]
| |
− | | |
− | <br>
| |
− | | |
− | Because blockchained transactions are recorded using public and private keys, users can choose to remain anonymous while enabling third parties to verify that they digitally agreed on a transaction. The blockchain preserves the integrity of the transactional data and the real identity of the user. However, the transactional data is not confidential as all miners have access to the distributed ledger. The table below presents a number of security concerns related to distributed ledgers and blockchain. Please read Appendix A of the [http://www.gcpedia.gc.ca/gcwiki/images/9/99/GC_ESA_Description_Document_%28ESADD%29_-_ANNEX_B_DAT.pdf ESADD Annex B: Data Security (DAT)] document for additional information concerning the mechanisms of blockchain and the security concerns associated with distributed ledger systems.
| |
− | | |
− | <br>
| |
− | | |
− | {| class="wikitable"
| |
− | ! style="background: #000000; color: #ffffff " |'''Block Chain Security Concern'''
| |
− | ! style="background: #000000; color: #ffffff " |'''Security Description'''
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''New Code Base'''
| |
− | |Any new IT/IS platform will contain newly created code. Insecure coding practices will be tested by adversaries and data breaches are bound to occur and lessen over time with proper due diligence. It is critical to understand the underlying security coding practices and the code hardening testing that has been performed prior to the introduction of the platform to the production environment.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Transactional Confidentiality'''
| |
− | | style="background: #e5e5e5; color: #000000 " |Although blockchain provides for user identity confidentiality, the transactions in most distributed ledger systems are not confidential.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Crypto-Mechanisms'''
| |
− | |The hashing mechanisms used by blockchain platforms must be secure.
| |
− | |-
| |
− | | style="background: #727272; color: #ffffff " |'''Security Private Keys'''
| |
− | | style="background: #e5e5e5; color: #000000 " | Users have possession of their private keys. In the Bitcoin system, private keys are stored in "wallets" or are kept in password vaults. If an adversary gains access to the private key, the adversary may impersonate the user and commit malicious transactions.
| |
− | |}
| |
− | | |
− | <br>
| |
− | | |
− | For more information about blockchain and distributed ledgers, please read the [http://www.gcpedia.gc.ca/gcwiki/images/9/99/GC_ESA_Description_Document_%28ESADD%29_-_ANNEX_B_DAT.pdf ESADD Annex B: Data Security (DAT)] document.
| |
− | | |
− | <br>
| |
− | | |
− | == Distributed Ledgers and Blockchain Research Areas ==
| |
− | As the concepts underlying the Bitcoin ecosystem are extended to other marketplaces, funding into a variety of research areas are being established. The list below identifies some of the interesting concepts that are being perused.
| |
− | | |
− | === ''HYPERLEDGER Project'' ===
| |
− | A collaborative effort to advance blockchain technology by identifying and addressing important features for a cross-country open standard for blockchain technology. This is a [https://www.hyperledger.org/ Linux Foundation Collaborative Project] that focuses on a number of project areas, including:
| |
− | # '''''Fabric''''' is an implementation of blockchain technology that is intended as a foundation for developing blockchain applications or solutions. It offers a modular architecture allowing components, such as consensus and membership services, to be plug-and-play. It uses container technology to host smart contracts, called "chaincode", that comprise the application logic of the system.
| |
− | # '''''Sawtooth Lake''''' supports both permissioned and permission-less deployments. It includes a novel consensus algorithm, Proof of Elapsed Time (PoET). PoET targets large distributed validator populations with minimal resource consumption. Transaction business logic is decoupled from the consensus layer into Transaction Families that allow for restricted or unfettered semantics.
| |
− | Recently, the ISO has established the [http://www.iso.org/iso/home/standards_development/list_of_iso_technical_committees/iso_technical_committee.htm?commid=6266604 ISO/TC 307 Blockchain and electronic distributed ledger technologies technical committee] to provide a standard for blockchain and distributed ledgers.
| |
− | | |
− | <br>
| |
− | | |
− | For more information about blockchain and distributed ledgers, please read the [http://www.gcpedia.gc.ca/gcwiki/images/9/99/GC_ESA_Description_Document_%28ESADD%29_-_ANNEX_B_DAT.pdf ESADD Annex B: Data Security (DAT)] document.
| |
− | | |
− | <br>
| |
− | | |
− | == References ==
| |
− | * [http://www.gcpedia.gc.ca/gcwiki/images/9/99/GC_ESA_Description_Document_%28ESADD%29_-_ANNEX_B_DAT.pdf ESADD Annex B: Data Security (DAT) (Appendix A: Blockchain)]
| |
− | * [https://www.hyperledger.org/ HYPERLEDGER Project]
| |
− | * [http://www.iso.org/iso/home/standards_development/list_of_iso_technical_committees/iso_technical_committee.htm?commid=6266604 ISO/TC 307 Blockchain and electronic distributed ledger technologies technical committee]
| |
− | * [http://www.horizons.gc.ca/eng/content/blockchain-technology-brief Policy Horizons Blockchain Technology Brief]
| |