When Facebook launches its cryptocurrency Libra in 2020, it will need a public-facing blockchain network for consumers who purchase items using digital wallets and a private blockchain network for the banks backing the new digital currency.
The concept of setting up "hybrid blockchains," where one is public or consumer-facing and the other is permissioned for corporate transcations behind the scenes, is expected to become a mainstay as the business of blockchain matures.
Calibra, Facebook's digital wallet, will store Libra, Facebook's digital currency. A Facebook user would download the Calibra digital wallet application, purchase the Libra digital currency through a private financial network, and then perform peer-to-peer digital money transfers through Calibra as a stand-alone app. A user could also do the same thing through Facebook's most popular, public communication platforms: WhatsApp and Messenger.
For ecommerce sites, hybrid blockchains are expected to bring benefits, such as cost savings through the use of peer-to-peer networks and distributed apps (dApps) and/or new revenue models. The technology can also create differentiation for customers, enabling new businesses services. "That's another way to create value," according to Jorden Woods, a managing partner with consultancy DoubleNova Group.
"This is something that in surveying the industry we're seeing people interested in," Woods said. "There are already quite a few pilots."
Blockchain has also resonated with consumers who are familiar with the term, Woods said. It can even be a technology "differentiator" reassuring the public that information stored on the immutable ledger is trustworthy.
"That's rare and a commodity," Woods said. "Early tests have shown consumers will pay more for product [listed] on a blockchain.
"You might have Ethereum or Steller on [the] front end or Hyperledger or Corda on [the] backend – not that the consumer will care," Woods continued. "Consumers will learn blockchain means trust."
For example, Singapore-based VeChain created a permissioned blockchain-based supply chain called VeChainThor Blockchain that offers up to 10,000 transactions per second between businesses while consumers can also observe products as they move along from manufacturer to store shelf. Once on the shelf, consumers can scan a QR code and obtain a product's origin, authenticity and added value along the way, allowing them to base purchases on that information.
The track-and-trace functionality on the VeChainThor Blockchain is enabled by RFID chips that transmit data along the way.
Earlier this year, Walmart China announced its meats and produce Blockchain Traceability Platform built on the VeChainThor Blockchain. Walmart's China Blockchain Traceability Platform was introduced with 23 product lines, but the platform is expected to scale by another 100 product lines by the end of the year; it covers more than 10 product categories, including fresh meat product, rice, mushrooms and cooking oil.
Walmart China's traceability system envisions traceable fresh meat accounting for 50% of the total sales of packaged fresh meat, traceable vegetables accounting for 40% of total sales of packaged vegetables, and traceable seafood accounting for 12.5% of the sales of seafood by the end of 2020.
Public versus permissioned, which is more secure?
While permissioned blockchains limit who can participate, public blockchains are considered more secure because they require hundreds or thousands of nodes to create a consensus on adding new ledger entries. For example, Bitcoin blockchains have about 9,000 computer nodes participating in the consensus algorithm and at least 51% have to agree on new network transactions.
A so called "51% attack," where one entity gains control of 51% of the validating nodes on a blockchain is rare, but they have occurred on smaller public blockchains. On larger ones, it is simply too expensive to game the system by trying to take over a majority of the network's nodes.
"Public blockchains remain the most secure because they can't be captured by governments or corporations," said Joel Weight, chief operating officer of Overstock.com's venture capital arm, Medici Ventures. "Legal pressure, applied correctly, could cause any permissioned blockchain to shut down."
A permissioned blockchain is typically run by a single entity – the one that created it for its group of users or industry partners. For example, Ripple determines who can join its real-time gross settlement network and currency exchange. TradeLens, a global supply chain project being piloted by Maersk and more than 20 port and terminal operators, runs on IBM's Hyperledger cloud service.
"There are two different worlds. You have business-to-business [B2B] transactions and business-to-consumer [B2C] transactions. If you look at B2C, many times people will substitute convenience for privacy," Woods said. "This is one of the big issues we have in today's world, where all these tech giants are out there in social media and consumers will say, 'I'll give my personal information away to Facebook, Google, Apple or Amazon and they'll give me services in return.'"
Much in the same way IT shops control which employees can access sensitive information within a business through rights management and permissions, businesses want to segregate information they may not want rivals to see. In the B2B world, where privacy and confidentiality are prized over convenience, companies don't do business with partners they don't know – hence a permissioned blockchain.
"So, if you look at the B2B environment for blockchain, it pretty much looks the same way. You need to be permissioned and everyone needs to know everyone else," Woods said. "All companies go through know-your-customer and anti-money laundering processes to ensure all players are who they say they are. Businesses do business based on trust."
The same structure is mirrored in a permissioned blockchain. When a company joins a permissioned blockchain, say a supply chain ledger, they are granted access via certain rights and roles. Not so on a public blockchain, where users set up user names and passwords, verifying only that they have the funds to pay for bitcoin or other cryptocurrencies.
"Hybrid blockchains are often viewed as a way to maintain security while allowing more transaction throughput. This often takes the shape of a public main chain with private or permissioned side-chains anchoring to the main chain," Weight said. "In this way, the side chains can reach consensus faster, allowing more transactions. It also allows for multiple side chains, which further scales transaction rates. These side chains could be segregated by industry, geography, currency, or other factors."
All of the benefits and detriments of the chosen consensus model for the side chains still apply, but some may be mitigated by anchoring into, and leveraging the security of, the main chain. That makes a re-write attack on the side chain much more difficult because the attacker would have to compromise the side chain and the main chain, Weight explained.
Interoperability remains an issue
Permissioned blockchains can also interact with the public through distributed applications that pull data in the blockchain and present it to a consumer. Or they can interact through smart contracts, self-executing, business automation software that runs on the decentralized network. While the blockchain acts as a database, confirming that transactions have taken place, smart contracts execute pre-determined conditions; think about a smart contract as a computer executing on "if/then," or conditional, programming.
So, for example, once a product has arrived at a location, the smart contract could trigger an alert allowing a consumer to know it's available for purchase.
One issue blockchain faces, however, is interoperability. Permissioned and public blockchains don't necessarily talk to each other. They're based on software from developers who live in different worlds.
"Blockchain is not just any database. The analogy of blockchain as a database goes only to a certain extent. It's a database but you cannot put information into it until you get consensus from members, and once data is there, you can't unconfirm it; it's an immutable entry forever," Woods said.
In other words, just because one blockchain records data, that doesn't necessarily mean an adjacent blockchain will record the same information, because both are based on consensus mechanisms and both must have a majority of nodes in agreement.
"The consensus should say the same thing, but in some cases it doesn't agree. This is the fundamental issue that has to be worked out for interoperability. We need a standardization of consensus protocols," Woods said. "If the consensus was the same in both systems, you may not have 100% guarantee the information would be committed to both blockchains, but it would be a much higher probability. The problem now is there are different approaches in two different systems."
While public and permissioned blockchain have been in use by enterprises in plots and proofs of concept for several years, the technology is still nascent.
"It's something that will be worked out over time," Woods said.
While Facebook hasn't confirmed whether it will use a hybrid blockchain, it will at least need to integrate public-facing apps with a permissioned blockchain handling business transactions in the background.
"For Libra to grow to Facebook scale – multiple billion users – they are going to have to get creative," Weight said. "Time will tell how they get to that scale and if it's truly blockchain or merely blockchain inspired. Their own whitepaper recognizes that the technology for the scale, security, and stability required to support a global currency doesn't exist and they are looking to researchers to figure it out over the next few years."
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.