Welcome!

@ThingsExpo Authors: Elizabeth White, Yeshim Deniz, Zakia Bouachraoui, Liz McMillan, William Schmarzo

Related Topics: @ThingsExpo, Agile Computing, @CloudExpo

@ThingsExpo: Blog Post

Blockchain: You Want Me to Trust a ‘Trustless Trust’ System? | @ThingsExpo #IoT

The level of trust we have with individuals, businesses, and technology affects our lives daily

Blockchain: You Want Me to Trust a ‘Trustless Trust' System?

(Note: This is part two in a series of posts dedicated to the topic of blockchain technology.)

Trust. It's a fundamental aspect of interaction in a civil society - its importance has been ingrained in us since childhood. And it's a concept that's deeply intertwined with our very nature.

The level of trust we have with individuals, businesses, and technology affects our lives daily. This is important to remember when discussing new technologies. For example, our level of trust is a critical factor when evaluating a new technology as a potential solution for providing business value.

This is no less true for blockchain technology. Blockchain has become a hot topic of discussion across several industries. In an earlier post, I discussed its close association with Bitcoin and how it's being looked at for a variety of applications - far beyond digital currencies. Yet, once you get past the Bitcoin association, another challenge arises. Trust.

Given the importance of trust, imagine one's reaction upon hearing that blockchain is a "trustless trust" system. On the surface, that does sound like an oxymoron. To understand how "trustless trust" applies to blockchain, and that "trustless trust" can actually be trusted, let's take a brief detour to visit a familiar literary character.

Ebenezer Scrooge and his ledger
Mr. Scrooge is, of course, the notorious money lender and miser from Charles Dickens' famous 19th century novella, A Christmas Carol. Many films have been based on this story. My personal favorite is "Scrooge," the musical, starring Albert Finney. In one particular scene, we follow Scrooge as he calls on several people to seek payment for the loans he's extended to them. As his debtors negotiate payment, he marks entries into a little black book. Then he requires that each entry be signed to acknowledge the transaction. Later, an employee (Bob Cratchit) would transcribe the transactions into a larger black book - Scrooge's ledger.

Ledgers like Scrooge's have been used for centuries as permanent, sequential records of value-exchange transactions that are maintained by a single, trusted authority. When the reach and volume of transactions continued to grow, so did the need for intermediaries. Having previously established these third-party trusted relationships, businesses would engage intermediaries to reconcile and confirm the validity and sequence of transactions in their ledgers.

Say, for example, Scrooge wanted to do business with a company in France with whom he'd never interacted - or established any level of trust. Both parties would record their business transactions in their own ledgers. Then they'd engage the services of a third party with whom they'd both previously established trust. That mutually trusted third party would reconcile the ledgers' transactions to ensure consistency and avoid potential discrepancies.

Of course, since the third party is also running a business, both Scrooge and the party in France would each pay a small fee for services rendered.

Fast forward to present day
Whether we realize it or not, ledgers continue to be a central part of our daily lives. Your bank maintains a ledger of your deposits and withdrawals. Your credit card company maintains a ledger of your charges and payments. Your local registry of deeds maintains a ledger of property ownership and transfer, such as your home. And your registry of motor vehicles maintains a ledger of vehicle ownership and title transfers.

We still use trusted central authorities to control our ledgers.

The only fundamental difference between Scrooge's ledgers and today's is technology. Ledgers today are stored digitally, but the process itself hasn't changed. Businesses still count on third parties to reconcile, ensure consistency, and ensure trust in the system.

You trust your bank to maintain its ledger. Your bank trusts the third-party clearing house it uses for clearing and reconciling transactions through their ledgers (to other banks and businesses and their ledgers).

What does all this have to do with blockchain?
Blockchain, at its simplest, is a ledger. What makes blockchain so different is that it's a fully distributed ledger, with no central governing authority responsible for it. Every participant in the blockchain network has a full copy of the ledger. These participants collectively validate updates to the chain.

Entries in the blockchain ledger are permanent and visible, with encryption technology and protocols effectively replacing third-party intermediaries. This is called a "trustless trust," since no trust is required between transaction participants. Because transaction histories can be seen but not modified, this shared, visible, immutable ledger enables us to "trust but verify."

To better understand how this all works, let's go back to Mr. Scrooge for a moment. In the description above, he executes transactions with individuals and has them sign the little black book to confirm those transactions. He knows his debtors, so he trusts the validity of their signatures.

The figure below illustrates the elements of a similar transaction in a blockchain system:

Trusting a "trustless trust" transaction
Remember, Scrooge validated the signature because he knew the individual. In the world of blockchain and encryption, "my public key" and "my private key" help create a valid signature without requiring that level of familiarity. My public key is my identity in the blockchain, which (in this case) could almost be considered my address. But my private key is known only to me.

Let's say I want to create a transaction in the blockchain and send something to Mr. Scrooge. I'd do the following:

  • Take the message I'm sending and create a unique signature using encryption technology and my private key.
  • Combine the message and the unique signature, then add my public key as well as Scrooge's (to whom I'm sending the message).
    • This message can represent any asset type, such as currency or other digital assets.
  • This transaction is then sent out into the blockchain world for validation and entry into the actual ledger.
    • The combination of the message, the unique signature, and my public key is validated by encryption technology.
    • If there's any attempt to modify the content of the message or the signature, the validation will fail - so I know I can trust the content.

At this point, I've signed Scrooge's little black book. Now I need to get the transaction recorded in the ledger.

Trusting a "trustless trust" ledger
In Scrooge's world, transactions are entered into his ledger by Bob Cratchit. Bob trusts Scrooge as the source of the transactions, and Scrooge trusts Bob to transcribe the transactions sequentially into his ledger.

In the blockchain world, not only does that relationship not exist, but the ledger exists on all participants' systems within the blockchain. The participants must reach a consensus on whether or not to add the transaction into the blockchain. This is accomplished through advanced cryptographic algorithms. Once consensus is achieved, the new block containing the transaction is added to the blockchain. Then it's encoded with a hashtag of the previous block to prevent attempts at modifying the sequence of entries into the ledger.

Since the entire ledger is distributed among all participants, any attempt to modify or change an entry within a copy (without consensus) will immediately be identified by the network and rejected.

A new trust paradigm
Blockchain's distributed ledger technology is definitely a new paradigm in how we deal with ledgers and trust. Trust is still involved, but it's provided by the technology's underlying cryptography and distributed consensus. It's up to us as technologists to be able to verify that trust and convey it to the business in terms of business value.

Eliminating the need for trusted third-party processing can affect anything from business transactions, to property ownership records, to health and student records. The important thing to remember is that no technology negates the need for good design and planning. For new, disruptive technologies like blockchain that is certainly true. Once we become comfortable with the technology's new trust paradigm, only then will we start to realize its true benefits.

More Stories By Ed Featherston

Ed Featherston is VP, Principal Architect at Cloud Technology Partners. He brings 35 years of technology experience in designing, building, and implementing large complex solutions. He has significant expertise in systems integration, Internet/intranet, and cloud technologies. He has delivered projects in various industries, including financial services, pharmacy, government and retail.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
Apptio fuels digital business transformation. Technology leaders use Apptio's machine learning to analyze and plan their technology spend so they can invest in products that increase the speed of business and deliver innovation. With Apptio, they translate raw costs, utilization, and billing data into business-centric views that help their organization optimize spending, plan strategically, and drive digital strategy that funds growth of the business. Technology leaders can gather instant recomm...
OpsRamp is an enterprise IT operation platform provided by US-based OpsRamp, Inc. It provides SaaS services through support for increasingly complex cloud and hybrid computing environments from system operation to service management. The OpsRamp platform is a SaaS-based, multi-tenant solution that enables enterprise IT organizations and cloud service providers like JBS the flexibility and control they need to manage and monitor today's hybrid, multi-cloud infrastructure, applications, and wor...
The Master of Science in Artificial Intelligence (MSAI) provides a comprehensive framework of theory and practice in the emerging field of AI. The program delivers the foundational knowledge needed to explore both key contextual areas and complex technical applications of AI systems. Curriculum incorporates elements of data science, robotics, and machine learning-enabling you to pursue a holistic and interdisciplinary course of study while preparing for a position in AI research, operations, ...
After years of investments and acquisitions, CloudBlue was created with the goal of building the world's only hyperscale digital platform with an increasingly infinite ecosystem and proven go-to-market services. The result? An unmatched platform that helps customers streamline cloud operations, save time and money, and revolutionize their businesses overnight. Today, the platform operates in more than 45 countries and powers more than 200 of the world's largest cloud marketplaces, managing mo...
I spend a lot of time helping organizations to “think like a data scientist.” My book “Big Data MBA: Driving Business Strategies with Data Science” has several chapters devoted to helping business leaders to embrace the power of data scientist thinking. My Big Data MBA class at the University of San Francisco School of Management focuses on teaching tomorrow’s business executives the power of analytics and data science to optimize key business processes, uncover new monetization opportunities an...
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud workloads, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and investigation, enabling better, faster protection. With more than 6,00...