This chapter will explain the principles underlying blockchain. A precise and concise definition is provided, distinguishing blockchain from blockchain architecture. Variations of blockchain are explored based upon the concepts of purpose and scope.

Game changers every decade

At this point, it goes without saying that major technologies regularly emerge that completely disrupt the tech environment. In fact, there has been at least one of these major “game changers” in every recent decade.

In the 1970s the mainframe was the game changer. This powerful computer allowed governments and large organizations to automate many tasks that were previously manual, and centralize, store, and access lots of data.

In the 1980s, it was the personal computer (PC) that rocked the tech world. The PC allowed both large and small organizations as well as households to automate many types of tasks and store and access much more data.

My first PC was the Commodore 64. 64 kilobytes of RAM—who would ever need more? I remember storing a set of instructions on a cassette for allowing a robot arm to move a penny from one pile to another. I felt as if I owned the most powerful computer in the world.

The technology game was changed yet again in the 1990s thanks to the web. Who would have thought that creating an intuitive graphical user interface over the Internet and virtualizing IP addresses into URLs would change the world? But it did. Now we can access data and services from computers all over the world.

Of course, at the turn of the century, we changed the game again by putting all of this into our pockets. Mobile computing ruled the 2000s as a disruptive force in technology. We could now access the services and data from computers all over the world anywhere we go.

Each of these technological “game changers” brings us closer to:

Getting the right information to the right people at the right time.

However, all of these previous game changers have enabled central power authorities to control the processes for getting the right information to the right people at the right time. If I want to purchase 100 shares of IBM, the Depository Trust Company (DTC) will control the process. If I want to download a Paul Simon song, iTunes will control the process. If I want to copyright this book, a government intellectual property agency will control the process.

This is where blockchain emerges as the next big game changer. It revolutionizes the rules of the game because it allows us to “get the right information to the right people at the right time” using shared responsibility instead of the central power authority. In fact, blockchain changes our maxim to:

Getting the right information to the right people at the right time, without relying on a central power authority.

Blockchain in three words

Before we get much further, let’s take a moment to clearly define just what blockchain is. At the most fundamental level, blockchain is an immutable shared ledger. Let’s look more closely at the terms ledger, shared, and immutable.

Ledger

Blockchain is a ledger. A ledger is a fancy word for a spreadsheet. The simplest form of a spreadsheet is a T-account, a two-column spreadsheet that maintains a list of credits and debits. For example, if I buy a new computer for $500, this could be both a debit to my assets and a credit to my liabilities:

A ledger can be any spreadsheet, simple or complex. A ledger can store the details of transactions, such as stock trades, insurance claims, or product orders. A ledger can store a list of inventory or assets owned by an individual or company. A ledger can even store a record of our life’s events, such as when we graduated high school, got married, or retired.

We can generalize a ledger to be any organized set of information. The information in a spreadsheet is described as “organized” because it is grouped into sets by column headings.

Blockchain ledgers are revolutionary because the data is not just organized into sets, but also captured by chronology, with each new row in the spreadsheet forever linked to the previous row.

Shared Ledger

Blockchain is a shared ledger. Instead of a business or government agency managing the process of making changes to or accessing the ledger, the responsibility is “shared.” Shared means the central power authority is replaced by multiple computers. Each computer maintains a copy of the ledger, and is often called a “recordkeeper.”

In the following figure, each cube represents a ledger; each disc underneath represents a computer playing the role of recordkeeper.

The recordkeepers communicate with each other to ensure that their ledgers remain current and accurate.

The relatively simple act of sharing blockchain ledgers is truly game changing, because it removes or minimizes the need for a central power authority, and instead allows the information to be recorded by chronology by multiple computers.

Immutable shared ledger

Blockchain is an immutable shared ledger. If you work in Information Technology (IT), you might be familiar with the acronym CRUD, which stands for Create, Read, Update, and Delete. CRUD means that within an application, data can be created and stored, read and used, updated, and eventually deleted.

In blockchain, we can only do the first two: Create and Read. We can never Update or Delete data once it has been saved to the ledger. The ledger exists to write and read only. Immutable means data cannot be changed; we cannot edit history. Once I purchased that computer for $500, that price can never be updated to $400 or $600.

Making shared ledgers immutable has been a game changer in terms of accountability and transparency. All of the information that has been written to the ledger is kept up-to-date and accurate by the recordkeepers, and provides a permanent history of events transpired—without concerns that someone can tamper with the data.

Blockchain architecture

I would like to give my brother $10 for his birthday. Okay, so I am not a generous brother, but it’s the thought that counts. There are a number of ways I can give the $10 gift:

• I can give it to him when I see him in person
• I can mail it to his address
• I can do a bank transfer from my account to his
• I can send through a service such as Western Union or PayPal
• I can send using a digital currency such as Bitcoin

If I give him the $10 in person or mail it to him, there most likely is no record that I have given such a generous gift. He might give me only $5 for my birthday, and there would be no proof that I gave him $10.

The bank transfers and services such as Western Union will provide a record of the transaction, but there are often hefty fees involved.

Let’s go for the digital currency option. Bitcoin is the first application to be built using blockchain. Bitcoin is one of many digital currency transfer applications. (We will revisit the word “application” shortly.) The transaction might be recorded in the Bitcoin blockchain ledger as:

This is just a single ledger, though. Blockchain requires multiple ledgers, each maintained by a recordkeeper. For this example, let’s say there are three ledgers and therefore three recordkeepers:

There are two questions at this point:

1. I don’t want the world to know that I, Steve, just gave my brother Gary $10. In addition to not letting the world know that I am a cheap brother, there’s also a privacy issue. How do I conduct this financial transaction anonymously?
2. There are three spreadsheets. How does the $10 transfer get recorded in all three? If I maintained these three spreadsheets manually, I could make the change to all three—I would likely make a mistake in one or more. And in the real world, maybe the “mistakes” could be intentional, like that Monopoly banker “forgetting” to give me $200 for passing Go. How do we ensure integrity in the system?

Let’s explore both questions.

How do we conduct business anonymously?

We wear masks when we conduct business on blockchain. For example, to protect my identity and my brother’s identity, I may wear a Darth Vader mask and my brother a Yoda mask:

This system works fine until someone else puts on a Yoda mask, and that $10 accidently goes to some stranger in Des Moines instead of to my brother.

This is where identifiers are useful. If there is a unique ID for me and one for my brother, and I know his unique ID, I can make the transfer knowing that it will go to him, and he will know that it comes from me. So if my unique ID is 123 and his is 789, our transaction would look like this:

The 123 and 789 are called “public keys” in blockchain. A public key is a unique identifier assigned to users of a blockchain application. “Public” means that anyone in the world can see it. The public keys identify the users in the blockchain ledger.

Public keys allow us to participate in processes anonymously, without exposing identifiers that have intrinsic value, such as credit card numbers or social security numbers.

How does the system know that 123 is me and 789 is my brother if our public keys do not contain any identifying information to tie them to us?

The actual, identifying keys are called “private keys” in blockchain. I know my private key, which has intrinsic value similar to a social security number, and my brother knows his private key.

Private keys are never exposed on blockchain. If someone learned someone else’s private key, they could perform any number of actions or initiate any transactions from this private key, which could lead to loss of money or identity. Private keys are often kept safe in special obscuring software called “wallets.”

We use our public key to conduct transactions, and the recordkeepers confirm the mapping back to our private key. A public key is created from a private key using a secret code. The technical name for this process is called asymmetric-key cryptography.1

As an additional layer of security, we often create “addresses” based upon our public keys. It would be difficult to crack the code to identify a private key from a public key. It would be next to impossible to crack the code to identify a public key from an address, and then the private key from the public key.

An address is created from a public key using a process called “hashing.” Hashing means creating a fixed-length code based upon some digital data. This code is called a “hash,” and is created with a complex formula that cannot easily be hacked. A hash is deterministic, meaning that the same input data will always produce the same hash.

A hash is a digital fingerprint of some digital data. Hashing is used in blockchain for obscuring not just public keys, but also for obscuring transactions and assets. If you would like to play with hashing, visit http://bit.ly/2HEHoR8.

There is a number of hash algorithms used in blockchain applications. One very common one is the Secure Hash Algorithm (SHA), which generates a 64-character code based upon any document or transaction or public key. Regardless of the size of the content being hashed, the hash code will always be a fixed length, such as 64 characters in the case of SHA. These long character codes become addresses in blockchain, and represent the digital fingerprints for the actual information being disguised.

The early adopters of blockchain quickly realized the importance of a complex hash, and adopted a very secure one. Blockchain’s hash algorithm is so tough that it requires very powerful computers to map an address back to a public key.

A person can own many private keys, and each private key is associated with one public key, and each public key may be associated with one or more addresses. Public keys are typically too long to memorize, so they are often copied and pasted, or associated with a QR code.

How do we ensure integrity in the system?

Now let’s return to our second concern about my very generous birthday gift to my brother. What if there is a data quality issue in the spreadsheets? I might have genuinely mistyped the financial amount, or maybe it’s that Monopoly banker again, trying to fudge numbers to make sure he or she wins the game. So how can we trust the system?

To understand how blockchain ensures integrity in the system, come back with me in time a couple of thousand years. There is a walled city in China besieged by a large army divided into ten groups, each controlled by a general.

The generals communicate with each through messengers on horseback. No smartphones.

If a majority of the generals attack with their men, they can defeat the city. However, if only one or two armies attack, there will be certain defeat.

The generals vote to decide whether to attack or not. If a majority votes to attack, they all attack and will most likely win. Even if six generals attack, they will win—as long as it is a majority.

The problem, though, is that the generals don’t trust each other. There are rumors about who is a traitor and who is loyal. So a general can send a soldier on horseback to a neighboring general communicating an attack, yet only that general has been given the signal. The general and his men might then attack, and being the only army that attacks, there is certain defeat for this one army.

So nobody knows for sure who is loyal and who is a traitor. How can they coordinate an attack if no one is to be trusted?

This classic challenge is called the Byzantine Generals’ Problem.

One solution to this challenge is to create a puzzle, also known as a cryptograph. Only those generals who are loyal would be able to solve it. As long as a majority of generals can successfully solve the puzzle, there will be a favorable outcome for the army.

The recordkeepers in blockchain are like the generals. A transaction which has been hashed becomes the puzzle to solve.

To solve the puzzle, the recordkeepers must “unhash” the hash; sometimes solving only part of the hash is sufficient.

The recordkeepers often work independently to “unhash” the hash, to solve the puzzle and confirm that a transaction is valid. For any given transaction, part of the hash coding involves the previously accepted block in blockchain. This allows blocks to be linked together into a “chain.” Hence the name “blockchain.” All hashes contain the most recently accepted block in blockchain, except for the first block, which is called the “genesis block.”

Media outlet CoinDesk explained this linking concept as follows: “Because each block’s hash is produced using the hash of the block before it, it becomes a digital version of a wax seal. It confirms that this block — and every block after it — is legitimate, because if you tampered with it, everyone would know.”2

The first recordkeeper that successfully solves the hash wins. There is often an incentive for winning, such as financial compensation. This recordkeeper then shares their solution with the other recordkeepers, who check the winning recordkeeper’s work. It is much easier to double-check a solved hash than to solve it from the beginning. As long as a certain percentage of recordkeepers are able to either solve or confirm the solution to the hash (usually a majority), the transaction is “validated” and recorded on the blockchain. This process of confirming the validity of a transaction is called “proof of work.”

Each validated transaction is added to a block in the blockchain. A block in blockchain can contain multiple transactions.

The recordkeepers create these puzzles and solve them by communicating with each other over a network, just like the generals using horses. The language the recordkeepers use over the network is called a “protocol.” The protocol allows the recordkeepers to communicate with each other, as the recordkeepers must work together to validate transactions.

There could be several, dozens, hundreds, or thousands of recordkeepers. The number of recordkeepers depends on many factors including security and performance. Performance in this context refers to the number of transactions that can be processed in a certain amount of time. For example, if 20 recordkeepers are needed to validate a transaction instead of 50 recordkeepers, each transaction can be completed faster taking less time, but the risk of a fraudulent transaction is greater (since fewer recordkeepers are monitoring it).

The protocol is also used to execute contracts. Executing contracts means running programming code when certain conditions are true. In other words, IF a certain condition becomes true, THEN execute code to do something (for instance, initiate a transaction). Such IF-THEN statements are common programming constructs, and are used frequently in blockchain applications. We will talk more about contracts and IF-THEN statements shortly.

The protocol is built on top of the ledgers. We can imagine something like this:

There are two levels here: the protocol and the ledger. Each level is also called a “tier.” The ledger is also known as the data tier, and the protocol tier is also known as the function tier.

This two-tiered environment allows for trusted communication among the recordkeepers and for the execution of contracts. Examples of different blockchain protocols include Bitcoin, Ripple, and Ethereum.

There is one more tier on top of the protocol, which is the application that automates the process. The blockchain architecture contains three tiers. “Blockchain” refers to the ledger (which is the first tier), and “Blockchain architecture” includes the application, protocol, and ledger.

The application tier automates one or more business processes and enhances a user experience. A blockchain application would appear to the user as any other typical application. That is, the application hides the protocol and recordkeepers from the user. The application tier is the third tier:

For example, I send the bitcoin equivalent of $10 to my brother using the Bitcoin application. The bottom tier contains three copies of all of the Bitcoin transactions—that is, three copies of the ledger.

The middle tier contains the Bitcoin protocol, which allows the recordkeepers to communicate with each other in order to solve the puzzles to validate transactions.

The top tier contains the application for the automated transfer process. For example, Steve sending Gary the bitcoin equivalent of $10, Mary sending me two bitcoins, etc.

The Bitcoin application accepts the transaction and the protocol validates it. If the puzzle is solved by consensus among the recordkeepers, the $10 transfer is recorded in each ledger and is completed successfully.

If I try to send that same $10 to two people at the same time, called double-spending, the recordkeepers will work on solving the puzzles for both transactions. As soon as one of the puzzles is solved, that transaction will be accepted and recorded in the ledger, and the second transaction will be ignored.

To see actual Bitcoin transactions in action, visit www.Blockchain.info for the Bitcoin blockchain.

Again, these transactions are encrypted using public keys, so no one knows I am a cheap brother. Transactions are written to the ledger and stored in groups called “blocks.” Each block is tied to the entry immediately prior to it—creating a chain. Hence the name “blockchain.”

These three tiers of application, protocol, and ledger represent the blockchain architecture.

Blockchain variations

Blockchain applications can be described in terms of purpose and scope.

Purpose

Any application we build must serve a purpose and address one or more business requirements. A blockchain application could support one or more of these three purposes: currencies, contracts, or claims.

Currencies

Blockchain applications that focus on currency are digital accounting systems – ledgers which record money we send and receive. In our earlier example, the $10 I sent to my brother was transferred via Bitcoin.

There are hundreds of digital currency applications built using blockchain. The most popular blockchain currency application was also the first: Bitcoin. “Satoshi Nakamoto” wrote a whitepaper on the concepts of blockchain in 2008 and developed Bitcoin very shortly afterwards. The first Bitcoin transaction took place on January 3, 2009.3

By the way, the reason Satoshi’s name is in quotes is because no one knows who Satoshi is, whether Satoshi is a male or female, in what part of the globe he/she resides, or even if Satoshi is one person or several. This is just one example of the mystique surrounding blockchain and digital currencies.

Recordkeeper computers in Bitcoin are called “miners.” The unit of currency in Bitcoin is “bitcoin,” or “coin” for short. To ensure bitcoins always have value, there is a finite number of bitcoins that can ever be mined. Similar to gold, having a finite supply means that if demand goes up, the price goes up too. We may not know how much gold is left in the earth to be mined, but we do know how many bitcoins.

Only 21 million bitcoins will ever exist. Why 21 million? Similar to the mystique behind Bitcoin’s founder, no one knows for sure why the number 21 million was chosen. Some believe 21 million is a convenient amount to mathematically determine the mining rate. Others believe this number was chosen to align with the quantity of gold that has been mined: roughly 174,100 metric tons of gold have been mined since 2009, which if formed into a cube, would be 21 meters on a side. Still others tie it back to the classic, “Hitchhiker’s Guide to the Galaxy,” which proclaimed “42” as the answer to Life, the Universe, and Everything. 21 is half of 42, and this factors into the mathematical process behind the mining, where bitcoin rewards are halved every four years.4

When a miner solves a puzzle, the person or organization who owns that computer receives monetary compensation in bitcoins. This is how bitcoins are “mined.” Tens of thousands of miners try to solve the cryptographic puzzles and there are incentives for doing so.

Contracts

Contract applications (also known as transactional applications) built in blockchain initiate and record transactions by invoking clauses in contracts. Agreements to purchase items or perform services are contracts. A purchase order for a book is a contract. If I agree to buy a book, there are payment and shipping transactions generated; all of these transactions can be stored in blockchain.

Blockchain applications invoke clauses in contracts through “smart contracts.” Smart contracts are self-executed IF-THEN statements which can perform calculations, store information, or initiate movements of digital assets. If we characterize the activities documented in a contract, they can all be generalized as “IF-THEN” statements. If something is true, then do something else. The IF-THEN statements in our book purchase example include:

• If Steve orders the book, then he needs to pay for it.
• If Steve pays for the book, then we must ship it.
• If we ship the book, then we need to send the shipment tracking information.
• If we send Steve the tracking information, then we might send him a survey for him to rate our services.
• If Steve completes the survey, then we might send him a 10% off promotion for his next purchase.

A very powerful protocol for creating smart contracts is Ethereum. Ethereum contains its own programming language for building blockchain applications, and is rapidly gaining popularity. Learn more at http://www.ethereum101.org/.

UBS built a blockchain application to enforce contract functionality in bonds. UBS records the bond’s issuance, interest calculation, coupon payments, and maturation processes. When a bond becomes mature, a smart contract initiates the principal payment to the bond holder.5

Claims

In this context, “claims” are not insurance claims, but instead ownership claims. We can record what people and organizations own, including:

• Intellectual property
• Homes and vehicles
• Achievements

For example, I manage a publishing company. It is a complex and expensive activity to register a book with the Copyright office. However, it is necessary because it stakes our claim to our work.

The US Copyright office could be considered one of those “central power authorities” we discussed at the beginning of this book. What if my publishing company wanted to avoid working with this monopoly of sorts? We could instead record the intellectual property rights using blockchain. We could take up to a 9-gig file representing our book and “hash” it into a 64-character blockchain address that is uniquely associated with that file. Since blockchain is immutable, once the hash was recorded at a certain time in blockchain, everyone would know that it was our intellectual property.

Creating an intellectual property registration system using blockchain might appear straightforward. However, there are other factors that need to be in place prior to making this registration process work. For example, can a copyright infringement case use a blockchain ledger as legal evidence? Widespread use of an intellectual property registration system using blockchain won’t be feasible without significant progress in legal and government domains.

Technically, we can register any asset in the blockchain, and we as the owners have a private key associated with the asset. Eventually we can sell the asset and record the transaction in blockchain, and then someone else will own the asset with their own private key. For example, here is a ledger that records who owns a particular car:

From the prior example, we know my public key is 123. If I sell my vehicle to Bob whose public key is 983, this transaction in blockchain would get recorded as:

Although I am only showing the first three letters of the VIN due to space on this page, and simplifying the sale using a minus sign, you can see that a transfer of ownership has taken place. There will need to be a money transaction that takes place before this transaction, however. I would need to first sell my car to Bob for $100:

Smart contracts would need to be used to determine whether the VIN gets transferred to Bob. For example, IF Steve receives $100 from Bob, THEN transfer ownership to Bob.

Once the car is sold to Bob, his public key is now associated with the car’s title and therefore the actual car.

“Attestation” refers to proof that something is true, including both “proof of existence” and “proof of ownership.” Blockchain is a great platform for attestation services.

For example, the website https://poex.io/ creates hashes for documents and records these hashes in blockchain. The following was recorded for an early version of this book:

a05aac5e3ec2da3425f9c86764aaadb07ffe8b4345c9aba423042afcac8c34a1

This website does not require copying or uploading the document, as that would be a security issue. Instead, the document is hashed locally on your computer. This hashed key is associated with this and only this document. Then this key is stored in blockchain along with a timestamp, forever staking your claim to this document.

Scope

There are public and private blockchains.

A public blockchain is open to the world and is often called “permissionless.” Anyone can view the ledger, use the application built on the ledger, and set up computers to act as recordkeepers for the ledger.

A private blockchain exists within an organization and is often called “permissioned.” The organization owns the ledger, protocol, and application. Therefore, only employees of the organization (or those non-employees given access by the organization) can use the application and write to the ledger. Sometimes private blockchains are visible to the public (read-only), because there are only public keys and addresses visible, and therefore no security risks. A private blockchain is comparable to any other internal application built by an organization.

A variation of the private blockchain is the consortium blockchain. Instead of a single organization controlling and writing to the blockchain, a group of organizations control and write to the blockchain. For example, there might be a consortium of 50 financial institutions; as long as at least 35 validate a transaction, that transaction is written to the ledger. Only those members of the consortium can write to the blockchain application, but often the public can read the ledger—as there are no concerns with privacy due to public keys.

Applications should be built upon public blockchains when there is no need or want for users to be protected or controlled by a central power authority. Because private blockchains are controlled by one or more organizations, this can put a real (or perceived) limit on the freedom given by blockchain. As such, build applications on public blockchains whenever possible.

Of course, this is not always possible. Applications should be built upon private blockchains when there is a need to:

• Know the users. There are situations where an organization or consortium has additional resources to confirm whether the data can be trusted. In these specific cases, it is not sufficient for the owner(s) to write the data to the ledger. The owners also need to validate the ledger against other internal data. For example, consider a blockchain application that is designed to settle equity trades among organizations in a certain consortium. In this case, one (or more) of the owning organizations must confirm that the person placing the trade has an account with one of the organizations in the consortium.
• Know the recordkeepers. If anyone can set up recordkeepers, anyone has the ability to own enough recordkeepers to form a majority. At this point, it becomes possible for someone to enter an invalid transaction, but own enough recordkeepers to have them approve it. Assume that someone owns 51% of the recordkeepers that validate a trade, and places a trade for 100 shares of IBM. With the majority in place, the owner can approve the trade—even though no payment was received.
• Perform. In private blockchains, fewer recordkeepers are needed to validate a transaction, because there is a greater degree of trust placed on the users. Fewer recordkeepers to validate a transaction means less time is needed to process a transaction, therefore leading to improved performance.
• Save the environment. Blockchain is very hard on the environment. Recordkeepers are computers that use electricity to power and cool; as such, thousands of recordkeepers can take a toll on the environment. For example, in the Bitcoin network, the combined electricity used by the miners is 350 megawatts—roughly equivalent to the electricity demand of 280,000 American households.6 With fewer recordkeepers in a private blockchain, less energy is used.

Summary

Many buzzwords in technology, including blockchain, carry ambiguous definitions. Sometimes the term “blockchain” refers to the actual ledger, sometimes to the protocol, sometimes to the application, and sometimes to all three tiers. In the spirit of precision, in this book blockchain is the ledger. The blockchain architecture refers to all three tiers of application, protocol, and ledger.

The ledger tier is managed by the recordkeepers. The protocol tier provides the language for transaction validation among recordkeepers and the invoking of smart contracts, which are IF-THEN statements. The application tier automates one or more business processes to enhance a user experience.

We can use blockchain applications without divulging private information about ourselves, through the use of public keys and addresses.

A blockchain application supports one or more of these three purposes: Currencies, Contracts, and Claims. Blockchain applications that focus on currency are digital accounting systems—ledgers which record money we send and receive. Contract applications built in blockchain initiate and record transactions by invoking clauses in contracts. Claims applications capture ownership.

There are both public and private blockchains. A public blockchain allows anyone to view the ledger, use the application built on the ledger, and set up computers to act as recordkeepers for the ledger. A private blockchain exists within an organization, and the organization owns the ledger, protocol, and application.

Now that the concepts of blockchain have been discussed, let’s move on to the principles of usage.