Discussion
A BRIEF INTRODUCTION TO BLOCKCHAIN
“BLOCKCHAIN” HAS MANY MEANINGS
“To understand the power of blockchain systems, and the things they can do, it is
important to distinguish between three things that are commonly muddled up, namely
the bitcoin currency, the specific blockchain that underpins it and the idea of
blockchains in general.”
The Trust Machine, THE ECONOMIST, Oct. 31, 2015
“BLOCKCHAIN” HAS MANY MEANINGS
Phone
• The idea of a
phone network
• A specific phone
network (e.g.,
AT&T)
• A specific use of
the phone network
(e.g., fax)
Blockchain
• The idea of
blockchain
• The specific
blockchain that
underlies Bitcoin
or another coin
offering
• Bitcoin or an
other
cryptocurrency
WHAT IS BLOCKCHAIN?
A technology that:
permits transactions to be
gathered into blocks and recorded;
allows the resulting ledger to be
accessed by different servers.
cryptographically chains blocks
in chronological order; and
WHAT IS A DISTRIBUTED LEDGER?
Centralized Ledger
Bank
Client A
Client
C
Client D
Client
B
Distributed Ledger
Node A
Node B
Node CNode D
Node E
• There are multiple ledgers, but Bank holds the “golden record”
• Client B must reconcile its own ledger against that of Bank, and
must convince Bank of the “true state” of the Bank ledger if
discrepancies arise
• There is one ledger. All Nodes have some level of access to that
ledger.
• All Nodes agree to a protocol that determines the “true state” of
the ledger at any point in time. The application of this protocol is
sometimes called “achieving consensus.”
WHAT IS A DISTRIBUTED LEDGER?
Single Entity Multiple Entities
HOW MIGHT A DISTRIBUTED LEDGER WORK?
Users initiate
transactions
using their Digital
Signatures
Users Broadcast
their
transactions to
Nodes
One or more
Nodes begin
validating each
transaction
Nodes aggregate
validated
transactions into
Blocks
Nodes Broadcast
Blocks to each
other
Consensus
protocol used
Block reflecting
“true state” is
chained to prior
Block
WHERE MIGHT BLOCKCHAIN USE CRYPTOGRAPHY?
• Digital Signatures
• Private/Public Keys
Initiation and Broadcasting
of Transaction
• Proof of Work and certain alternativesValidation of Transaction
• Hash FunctionChaining Blocks
THE POWER OF DISTRIBUTED LEDGERS
BLOCKCHAIN
It can be used to allow
owners of assets to
exercise certain rights
associated with
ownership, and to
record the exercise of
those rights.
•Proxy Voting
It can be used to
record those
transfers of value or
ownership of
assets
•These records may be
very difficult to alter,
such that they are
sometimes called
effectively immutable
It can be used to
transfer value or the
ownership of assets
•A human being or a
Smart Contract can
initiate the transfer
It can be used to
create value or issue
assets
It can be used without a central
authority by individuals or
entities with no basis to trust
each other
The degree of trust between users determines the technological
configuration of a distributed ledger.
HOW MIGHT DISTRIBUTED LEDGER PROPOSALS DIFFER?
Participation Open Closed
Permission Permissionless Permissioned
Ledger Design One ledger One ledger or Segregated ledgers
Validation Methodology depends on degree of trust between nodes. Where there is no basis
for trust, may be achieved through proof of work, which requires the algorithmic
solving of a cryptographic hash.
Consensus Mechanism Mechanism depends on degree of trust between nodes. Where there is no
centralized authority, consensus may be determined algorithmically.
References
• Stoyanovich, M., & Tanz, F. E. (2019). Coming to Grips with Blockchain. Benefits Magazine,
56(5), 20-25. Retrieved from http://search.ebscohost.com/login.aspx?
direct=true&AuthType=shib&db=f5h&AN=135900272&site=eds-live
• Waldo, J. (2019). A Hitchhiker’s Guide to the Blockchain Universe. Communications of the
ACM, 62(3), 38–42. Retrieved from https://doi.org/10.1145/3303868
• Burns, S. (2019). Blockchain: Hype Vs Reality. Computer Weekly, 21-24. Retrieved from
http://search.ebscohost.com/login.aspx?
direct=true&AuthType=shib&db=f5h&AN=138564674&site=eds-live
• Tarzey, B. (2019). Inside Blockchain and Its Various Applications. Computer Weekly, 16-20.
Retrieved from http://search.ebscohost.com/login.aspx?
direct=true&AuthType=shib&db=f5h&AN=138681123&site=eds-live
• Carson, B., Romanelli, G., Walsh, P., & Zhumaev, A. (2018). Blockchain beyond the hype:
What is the strategic business value? McKinsey Quarterly, (4), 118–127. Retrieved from http://
search.ebscohost.com/login.aspx?
direct=true&AuthType=shib&db=buh&AN=133693412&site=eds-live
- A Brief Introduction to Blockchain
- “blockchain” Has many meanings
- “Blockchain” has many meanings
- What is Blockchain?
- What is a Distributed Ledger?
- What is a distributed ledger?
- How might a distributed ledger Work?
- Where might Blockchain use cryptography?
- The power of Distributed ledgers
- How might distributed ledger proposals differ?
- Questions?
Impact of Blockchain on IT Audit
Blockchain Technology Overview
Three Levels of Blockchain, Tokens
Alliances and Industry Adoption
Smart Contracts
Identity Management
Criticism and Challenges
Impact on the IT Audit Function
Learning and Engagement
Agenda
*
Blockchain technology is a digital innovation that is poised to significantly alter financial markets within the next few years, within a cryptographic ecosystem that has the potential to also significantly impact trusted computing activities and therefore cybersecurity concerns as a whole.
Blockchain Overview
.
*
How many of you:
Have heard of bitcoins?
Own cryptocurrency?
Feel you understand the underlying blockchain technology?
Feel you can summarize for us the benefits of the “trust economy”?
Are involved in projects that involve blockchain technology implementation or related activities?
Student Exposure
*
Where It All Started
Blockchain technology was first introduced in a whitepaper entitled: “Bitcoin: A Peer-to-Peer Electronic Cash System,” by Satoshi Nakamoto in 2008.
No reliance on trust
Digital signatures
Peer-to-peer network
Proof-of-work
Public history of transactions
Honest, independent nodes control majority of CPU computing power
Nodes vote with CPU computing power
Rules and incentives enforced through consensus mechanism
https://bitcoin.org/bitcoin
*
Cryptocurrency Summarized
Bitcoin was the first digital, i.e., cryptocurrency
A maximum of 21 million Bitcoins can be generated
Just as with real world mining, energy must be invested to solve complex mathematical problems by which systems earn Bitcoins
https://www.cryptocoincharts.info/coins/info claims to be indexing 4,220 cryptocurrencies
Most circulated: Bitcoin, Ethereum, Litecoin
*
The Technology Behind Bitcoin
Think of Bitcoin as an electronic asset (as well as a digital currency)
A network of computers keeps track of Bitcoin payments, and adds them to an ever-growing list of all the Bitcoin payments that have been made, called “The Bitcoin Blockchain”
The file that contains data about all the Bitcoin transactions is often called a “ledger”
Bitcoin value is created through transaction processing, referred to as “mining,” which is performed by distributed processors called “nodes” of the peer-to-peer network
A Gentle Introduction to Bitcoin by Antony Lewis, https://bravenewcoin.com/assets/Reference-Papers/A-Gentle-Introduction/A-Gentle-Introduction-To-Bitcoin-WEB
*
Mining Evolution
Mining is the process whereby value is created through transaction processing that occurs on nodes of the network.
In 2009, one could mine 200 Bitcoins with a personal, home computer. In 2015, it would take about 98 years to mine just 1 Bitcoin.
Today there is almost no money to be made through traditional home mining.
ASIC (Application Specific Integrated Circuit) has been designed strictly for mining Bitcoins.
Groups of miners have formed mining pools, with each being paid their relative share for their contribution to the work performed.
My Dirty Little Bitcoin Secrets by Ofir Beigel, www.99bitcoins.com
*
Storage for digital records
Exchanging digital assets (called tokens)
Executing smart contracts
Ground rules – Terms & conditions recorded in code
Distributed network executes contract & monitors compliance
Outcomes are automatically validated without third party
Tech Trends 2017, The Kenetic Enterprise, “Blockchain: Trust economy”, Deloitte University Press, 2017
Three “Levels” of Blockchain
*
A broader use is supported by the digital infrastructure introduced through Bitcoin, as represented by “tokens”.
A “token” can be defined as a “scarce digital asset based on underlying technology inspired by Bitcoin.”
Tokens may use similar codebases but different blockchain databases.
Ethereum was Bitcoin-inspired but has its own blockchain and is engineered to be more programmable. Tokens can be issued on top of the Ethereum blockchain.
Token buyers are buying private keys, which are similar to API keys, but can be transferred to other parties without consent.
“Thoughts on Tokens”, Balaji S. Srinivasan and Naval Ravikant
A General Discussion about Tokens
*
Tokens have a value and therefore a price.
Tokens are a new model for technology and can be an alternative to equity-based financing.
Tokens do not dilute capital. They introduce a huge increase to buyer base and time-to-liquidity.
Token launches differ from equity sales; however, they can be issued as a way to share profits.
Tokens can be sold internationally over the internet and are always open for business.
Tokens decentralize the process of funding technology.
Thoughts on Tokens, Balaji S. Srinivasan and Naval Ravikant
Tokens, continued
*
Tokens enable a better-than-free new business model.
Tokens will introduce the rise of the “tech savvy senior executive.”
Tokens accommodate immediate custody without an intermediary.
Tokens can be extended to hardware, as part of the internet of things.
Thoughts on Tokens, Balaji S. Srinivasan and Naval Ravikant
Tokens, continued
*
Smart Contracts
Consensus protocols are key to determining the sequence of actions resulting from the contract’s code. This enables
peer-to-peer trading of everything from renewable energy to automated hotel room bookings.
“Contracts Get Smarter with Blockchain”, CIO Journal, The Wall Street Journal, World Trade Organization, International Trade Statistics 2015, 2015, p. 41.
Current paper-based systems drive $18 trillion in transactions per year.
*
Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration, hosted by The Linux Foundation, including leaders in finance, banking, IoT, supply chain, manufacturing, and technology.
Business Blockchain Frameworks are hosted with Hyperledger.
Hyperledger addresses important features for a cross-industry open standard for distributed ledgers. The Linux Foundation hosts Hyperledger as a Collaborative Project under the foundation.
To learn more, visit: https://www.hyperledger.org
/.
www.hyperledger.org
Hyperledger
*
Hyperledger Projects
A few of the Hyperledger Projects include:
Hyperledger Burrow – Permissible smart contract machine with a modular blockchain client, built in part to the specification of the Ethereum Virtual Machine (EVM)
Hyperledger Fabric – Foundation for developing plug-n-play solutions within a modular architecture
Hyperledger Iroha – Simple and easy blockchain framework designed to be incorporated into infrastructure projects requiring distributed ledger technology
Hyperledger Sawtooth – A modular platform for building, deploying, and running distributed ledgers
*
Ethereum is a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud, or third party interference.
The Ethereum project was bootstrapped via an ether pre-sale during August 2014 by fans all around the world. It is developed by the Ethereum Foundation, a Swiss nonprofit, with contributions from individuals and organizations across the globe.
www.ethereum.org
Ethereum Alliance
*
Several Ethereum offerings include:
The Ethereum Wallet, which is a gateway to decentralized applications on the Ethereum blockchain, allowing users to hold and secure ether and other crypto-assets built on Ethereum, as well as write, deploy and use smart contracts
Design and issue your own cryptocurrency/traceable token
Kickstart a project with Crowdsale
www.ethereum.org
Ethereum Tools
*
Ether is the crypto-fuel for the Ethereum network.
Ether is a necessary element – a fuel – for operating the distributed application platform Ethereum. It is a form of payment made by the clients of the platform to the machines executing the requested operations, functioning as the incentive that ensures that developers will write quality applications, and that the network remains healthy.
The total supply of ether and its rate of issuance was decided by the donations gathered on the 2014 presale.
Developers who intend to build apps that will use the Ethereum blockchain need ether.
Users who want to access and interact with smart contracts on the Ethereum blockchain also need ether.
www.ethereum.org
What is Ether?
*
Cross-Industry Adoption
Sectors leading the way in blockchain implementation:
Consumer products
Manufacturing
Technology
Media
Telecommunications
Health care
Life sciences
Thirty-nine percent of the senior executives at large U.S. companies initially surveyed indicate they have little or no knowledge about blockchain technology. Many deemed it to be crucial for their companies and industries. Forty-two percent believe it will disrupt their industries.
“Blockchain Adoption Varies by Industry”, CIO Journal, The Wall Street Journal
*
Financial Services Industry
As noted by A. Michael Smith in “Creating Assurance in Blockchain,” trust and efficiency are the main value drivers for any use case. The finance world is driven by technology.
Tracking risk and monitoring compliance with laws and regulations within an increasingly complex cybersecurity environment requires considerable time and resources.
The financial services industry immediately saw opportunities in blockchain and has been investing heavily in its usage, primarily as a part of private implementations.
Creating Assurance in Blockchain, Volume 2, 2017, by A. Michael Smith
Banking on change: How to respond to new expectations for audit committees by PWC Internal Audit Foundation, Douglas Anderson, CIA, CRMA, Cassian Joe, and Klaas J. Westerling
*
Identity Management
The IT audit is broadly concerned with identity management concerns.
Protecting access to data, and the systems that are in place to process, store, and report on that data, requires ongoing resource dedication.
Multiple solutions are available, all of which require configuring and managing multiple identifiers for an individual’s various identities.
Identity management is an area that will certainly be impacted by widespread use of private keys to secure transactions.
*
Distributed Access Management
Creating an identity on blockchain can give individuals greater control over who has their personal information and how they access it
Areas impacted include passports, e-residency, birth certificates, wedding certificates, IDs, online account logins, etc
Digital ID’s can provide digital watermarks that can be assigned to every online transaction of any asset
“21 Companies Leveraging Blockchain for Identity Management and Authentication” by Elena Mesropyan, https://letstalkpayments.com/22-companies-leveraging-blockchain-for-identity-management-and-authentication/
*
Protecting Private Keys
Within the blockchain, trust relies on the safekeeping of private keys, in support of a truly distributed identity management
Ultimately, that safekeeping resides with the actions taken by individuals to secure their private key
For cryptocurrency traders, one frequently sees the recommendation to write one’s private key down on a piece of paper and put it up for safekeeping in, for example, a safe deposit box
*
Digital ID Solutions
May 24, 2017, saw the release of a Digitial ID solution by Netki, a California blockchain startup
Released at Consensus 2017, this is a highly-anticipated Digital ID smartphone app that uses Hyperledger blockchain to provide decentralized, open-source identity management
Approved by governments, fully Anti-Money Laundering (AML) and Know Your Customer (KYC) inclusive
https
://bravenewcoin.com/news/netki-launches-digital-id-solution-which-bitt-is-using-with-central-banks-in-the-caribbean/
*
Criticism and Challenges
Critics have cited the following blockchain challenges:
Nascent technology
Uncertain regulatory status
Large energy consumption
Control, security and privacy
Integration concerns
Cultural adoption
Cost
Challenges associated with audit, taxes, and compliance
Creating Assurance in Blockchain, Volume 2, 2017, by A. Michael Smith
Deloitte’s Blockchain technology: 9 benefits & 7 challenges,
https://www2.deloitte.com/nl/nl/pages/innovatie/artikelen/blockchain-technology-9-benefits-and-7-challenges.html
*
An area of heavy criticism has to do with the vast amounts of energy necessary to process and store transactions, especially as the use of blockchain technology increases
The Bitcoin blockchain network’s miners are attempting 450 thousand trillion solutions per second in efforts to validate transactions, using substantial amounts of computer power
Note that there are also opportunities to decentralize the energy grid
Wasted resources: Mining Bitcoin wastes huge amounts of energy ($15million/day)
Deloitte’s Blockchain technology: 9 benefits & 7 challenges,
https://
www2.deloitte.com/nl/nl/pages/innovatie/artikelen/blockchain-technology-9-benefits-and-7-challenges.html
Blockchain in the Energy Sector: Institutional Disruption? By Marius Buchmann
http://www.theenergycollective.com/enerquire/2402120/blockchain-energy-sector-institutional-disruption
Energy Consumption
*
Summary
Although the technology is still in its infancy, boundless usage opportunities exist
The identity management landscape is likely to shift dramatically
There is sure to be evolution within IT audit as various use cases unfold
Features that create trust could drive unachievable overhead costs
Compliance burden should eventually be eased as the technology is adopted, but this requires regulatory updates, which could take a while
Tech Trends 2017, The Kenetic Enterprise, “Blockchain: Trust economy”, Deloitte University Press, 2017
*