Welcome!

@ThingsExpo Authors: Yeshim Deniz, Pat Romanski, Liz McMillan, Elizabeth White, Zakia Bouachraoui

Related Topics: @ThingsExpo, Agile Computing, @CloudExpo

@ThingsExpo: Blog Post

Blockchain: You Want Me to Trust a ‘Trustless Trust’ System? | @ThingsExpo #IoT

The level of trust we have with individuals, businesses, and technology affects our lives daily

Blockchain: You Want Me to Trust a ‘Trustless Trust' System?

(Note: This is part two in a series of posts dedicated to the topic of blockchain technology.)

Trust. It's a fundamental aspect of interaction in a civil society - its importance has been ingrained in us since childhood. And it's a concept that's deeply intertwined with our very nature.

The level of trust we have with individuals, businesses, and technology affects our lives daily. This is important to remember when discussing new technologies. For example, our level of trust is a critical factor when evaluating a new technology as a potential solution for providing business value.

This is no less true for blockchain technology. Blockchain has become a hot topic of discussion across several industries. In an earlier post, I discussed its close association with Bitcoin and how it's being looked at for a variety of applications - far beyond digital currencies. Yet, once you get past the Bitcoin association, another challenge arises. Trust.

Given the importance of trust, imagine one's reaction upon hearing that blockchain is a "trustless trust" system. On the surface, that does sound like an oxymoron. To understand how "trustless trust" applies to blockchain, and that "trustless trust" can actually be trusted, let's take a brief detour to visit a familiar literary character.

Ebenezer Scrooge and his ledger
Mr. Scrooge is, of course, the notorious money lender and miser from Charles Dickens' famous 19th century novella, A Christmas Carol. Many films have been based on this story. My personal favorite is "Scrooge," the musical, starring Albert Finney. In one particular scene, we follow Scrooge as he calls on several people to seek payment for the loans he's extended to them. As his debtors negotiate payment, he marks entries into a little black book. Then he requires that each entry be signed to acknowledge the transaction. Later, an employee (Bob Cratchit) would transcribe the transactions into a larger black book - Scrooge's ledger.

Ledgers like Scrooge's have been used for centuries as permanent, sequential records of value-exchange transactions that are maintained by a single, trusted authority. When the reach and volume of transactions continued to grow, so did the need for intermediaries. Having previously established these third-party trusted relationships, businesses would engage intermediaries to reconcile and confirm the validity and sequence of transactions in their ledgers.

Say, for example, Scrooge wanted to do business with a company in France with whom he'd never interacted - or established any level of trust. Both parties would record their business transactions in their own ledgers. Then they'd engage the services of a third party with whom they'd both previously established trust. That mutually trusted third party would reconcile the ledgers' transactions to ensure consistency and avoid potential discrepancies.

Of course, since the third party is also running a business, both Scrooge and the party in France would each pay a small fee for services rendered.

Fast forward to present day
Whether we realize it or not, ledgers continue to be a central part of our daily lives. Your bank maintains a ledger of your deposits and withdrawals. Your credit card company maintains a ledger of your charges and payments. Your local registry of deeds maintains a ledger of property ownership and transfer, such as your home. And your registry of motor vehicles maintains a ledger of vehicle ownership and title transfers.

We still use trusted central authorities to control our ledgers.

The only fundamental difference between Scrooge's ledgers and today's is technology. Ledgers today are stored digitally, but the process itself hasn't changed. Businesses still count on third parties to reconcile, ensure consistency, and ensure trust in the system.

You trust your bank to maintain its ledger. Your bank trusts the third-party clearing house it uses for clearing and reconciling transactions through their ledgers (to other banks and businesses and their ledgers).

What does all this have to do with blockchain?
Blockchain, at its simplest, is a ledger. What makes blockchain so different is that it's a fully distributed ledger, with no central governing authority responsible for it. Every participant in the blockchain network has a full copy of the ledger. These participants collectively validate updates to the chain.

Entries in the blockchain ledger are permanent and visible, with encryption technology and protocols effectively replacing third-party intermediaries. This is called a "trustless trust," since no trust is required between transaction participants. Because transaction histories can be seen but not modified, this shared, visible, immutable ledger enables us to "trust but verify."

To better understand how this all works, let's go back to Mr. Scrooge for a moment. In the description above, he executes transactions with individuals and has them sign the little black book to confirm those transactions. He knows his debtors, so he trusts the validity of their signatures.

The figure below illustrates the elements of a similar transaction in a blockchain system:

Trusting a "trustless trust" transaction
Remember, Scrooge validated the signature because he knew the individual. In the world of blockchain and encryption, "my public key" and "my private key" help create a valid signature without requiring that level of familiarity. My public key is my identity in the blockchain, which (in this case) could almost be considered my address. But my private key is known only to me.

Let's say I want to create a transaction in the blockchain and send something to Mr. Scrooge. I'd do the following:

  • Take the message I'm sending and create a unique signature using encryption technology and my private key.
  • Combine the message and the unique signature, then add my public key as well as Scrooge's (to whom I'm sending the message).
    • This message can represent any asset type, such as currency or other digital assets.
  • This transaction is then sent out into the blockchain world for validation and entry into the actual ledger.
    • The combination of the message, the unique signature, and my public key is validated by encryption technology.
    • If there's any attempt to modify the content of the message or the signature, the validation will fail - so I know I can trust the content.

At this point, I've signed Scrooge's little black book. Now I need to get the transaction recorded in the ledger.

Trusting a "trustless trust" ledger
In Scrooge's world, transactions are entered into his ledger by Bob Cratchit. Bob trusts Scrooge as the source of the transactions, and Scrooge trusts Bob to transcribe the transactions sequentially into his ledger.

In the blockchain world, not only does that relationship not exist, but the ledger exists on all participants' systems within the blockchain. The participants must reach a consensus on whether or not to add the transaction into the blockchain. This is accomplished through advanced cryptographic algorithms. Once consensus is achieved, the new block containing the transaction is added to the blockchain. Then it's encoded with a hashtag of the previous block to prevent attempts at modifying the sequence of entries into the ledger.

Since the entire ledger is distributed among all participants, any attempt to modify or change an entry within a copy (without consensus) will immediately be identified by the network and rejected.

A new trust paradigm
Blockchain's distributed ledger technology is definitely a new paradigm in how we deal with ledgers and trust. Trust is still involved, but it's provided by the technology's underlying cryptography and distributed consensus. It's up to us as technologists to be able to verify that trust and convey it to the business in terms of business value.

Eliminating the need for trusted third-party processing can affect anything from business transactions, to property ownership records, to health and student records. The important thing to remember is that no technology negates the need for good design and planning. For new, disruptive technologies like blockchain that is certainly true. Once we become comfortable with the technology's new trust paradigm, only then will we start to realize its true benefits.

More Stories By Ed Featherston

Ed Featherston is VP, Principal Architect at Cloud Technology Partners. He brings 35 years of technology experience in designing, building, and implementing large complex solutions. He has significant expertise in systems integration, Internet/intranet, and cloud technologies. He has delivered projects in various industries, including financial services, pharmacy, government and retail.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...