In 2015, the Ethereum public mainnet launched, followed by a raft of
private blockchain offerings targeting the enterprise. This opened the
floodgates on companies prioritizing collaboration, funding long-overdue
digitization efforts, and extending business processes across corporate
borders.
Today, a new epoch of system integration is underway. However,
efforts to make blockchain technology enterprise-friendly split the
community into two camps: public networks versus private networks. The
dichotomy was wrong-headed from the start, making it easy to believe
that public blockchain networks shouldn’t be used in confidential
business operations and that private networks were safe and secure.
The first belief is wrong, and the second is dangerous.
It’s true that the consensus mechanism of a private blockchain can
make it difficult to tamper with information, assuming that the
companies maintaining the ledger don’t share a common motive to alter
records. But such private blockchain networks are not particularly
secure against data breaches, because they must protect many identical
copies, each controlled by a different company. That’s a hacker’s dream.
This can be managed, and the risk can be worth it, but to say that
private blockchains are secure is specious.
Hacking notwithstanding, not everyone in a consortium should know
about every transaction or agreement between others operating in that
network, even among a tight group of permissioned partners. Private
platforms like Hyperledger Fabric try to compartmentalize information
inside a permissioned network, but it’s not what blockchain technology
was designed to do.
Consequently, they add an immense amount of complexity, and
complexity is the enemy of security. The good news is that there is a
way to use blockchain technology that reduces system integration
complexity, increases security, and improves both resilience and
interoperability. And this approach doesn’t require companies to replace
internal systems or build “consortium blockchains” that recreate the
same old information silos that already plague the business.
Enterprise blockchain must face the following conundrum: on the one
hand, we want information transparency across business networks to
improve outcomes like food safety and reduce fraud, but on the other
hand, we need compartmentalization of information to ensure privacy and
encourage companies to participate.
A Common Challenge
This puzzle appears in every kind of business. Advertising. Finance. Manufacturing.
Consider a case from the automotive industry. Say a car part fails
and causes a crash. It turns out that the part was made by a machine
that happened to malfunction during only one production run. The run
made just 50 parts, twenty of which were sent to the maker of the
crashed car and the remainder to another car company. It would be great
if the investigator of the crash could instantly access the data from
the machine that made the parts, know the information had not been
altered, and trace the 50 bad parts to each installed car.
That’s a 50-car recall, not a million-car recall. But there’s a
problem. The parts manufacturer will not put its internal machine
telemetry in a database controlled or viewable by anyone else, certainly
not one accessible to competitors. And even if one car maker set up a
database and convinced suppliers to use it, the other car maker wouldn’t
use it.
A third party that everyone trusts to store their data, manage
workflows, and compartmentalize information could handle this scenario.
The problem is that it gives someone a lot of power to soak the firms
for fees. And inevitably more than one such provider pops up, usually
generating incompatible factions that foil standardization.
We could put the whole thing on a blockchain, but then everyone would
see all the data, or at least everyone would be executing the code that
embodies business agreements between the different companies. And that
can give away sensitive strategies, tactics and relationships to other
network participants to exploit, even if the information itself is
encrypted.
In the end, what makes sense is letting each party manage their own
private systems with their own private data, running their own protected
functions – but integrating them in such a way that allows them to
coordinate where appropriate, quickly track down problems, and ensure
everyone is playing by the rules.
To integrate different systems this way requires a common frame of
reference. We need a way to pass messages between functions running on
separate systems, so that they can work together without having to
expose the underlying data or business logic indiscriminately. Using a
common frame of reference isn’t a new idea. Publishing messages to a
common bulletin board, a magic message bus, is a classic pattern for
making system integration more manageable and resilient.
You can buy expensive middleware to do the job right now. And you can
pay a system integrator a king’s ransom every time you need to connect
one company or department to another with it.
What’s new is the notion of using the Ethereum mainnet as a global
integration hub serving systems that work together without revealing
private data or confidential business logic, even to partners. One might
be tempted to use a private blockchain network for this. But as Paul
Brody, global leader of blockchain for Ernst & Young, explains, this
is a bad idea for real business:
“One day you get a call from a very large buyer saying,
‘Would you like to join my private blockchain?’ You say, ‘Okay.’ And
then you get the same call from your wholesaler, your suppliers, your
shipper, your insurance company and maybe even your bank…or several of
each of these! Suddenly you are spending all your time – and a lot of
money – juggling dozens of blockchains. When the next partner calls, you
say, ‘Just fax me the order.'”
Brody asserts that this is why the enterprise blockchain consortium
approach doesn’t scale organizationally, and his argument makes a lot of
sense. It looks like the same siloed mess we’ve lived with for decades.
But by using a mainnet like Ethereum 2.0, we will be able to treat
business integrations more like workgroups and channels on Slack: easy
to create, combine and recombine. Your SAP inventory management system,
your supplier’s JD Edwards ERP system, and your fancy fintech partner’s
blockchain thingamajig can work together in a consistent, repeatable
manner without having to set up new infrastructure to accommodate each
set of partners.
Who’s Working on It
Venerable firms like Microsoft and Ernst & Young, and projects
like Chainlink and the Enterprise Ethereum Alliance’s Trusted Compute
working group, are already ahead of this.
The recently released Trusted Compute specification will, for
example, allow an automobile safety inspector to query a parts
manufacturer, spot a problem with a production run, and be confident the
answer is based on authentic information generated by systems free from
tampering – without forcing the company to expose their internal data.
The Nightfall project, developed by Ernst & Young, uses the
mainnet to post cryptographic proofs for system integration and
compliance. The fact that a 150-year-old accounting firm like EY is
using the public mainnet this way speaks volumes. And it puts the lie to
the notion that you can’t use the mainnet in business. What company
could be more cautious about managing private, confidential information
than one of the Big Four accounting firms?
In 2015, the enterprise had no real interest in blockchain. Then
suddenly, it decided to use private versions of it for jobs that often
were a better fit for traditional systems. Now, with the benefit of
almost five years of experience, smart businesses are discovering that
the real job is putting an end to a half-century of brittle, balkanized
and bespoke system integration.
And the right tool for that job is the mainnet.
source link
