We've recently had a spike in our sprint to check out blockchain technology. The goal was to assess it and check potential use in our FinTech scenarios rather than implement anything. We obviously started with bitcoin - blockchain's No 1 implementation.
There are many resources on the Web explaining how it works (starting with their WIKI). It requires some time to understand it but it's not a rocket science. One of our younger team members managed to go through it without problems and effectively explained it to the rest of the team.
Knowing building blocks of bitcoin (such as mining, proof of work) we quickly realized that permissionless DLT (Distributed Ledger Technology) approach is not something we can use in our scenarios. As regulatory reporting is our main area of expertise, we came to conclusion that private blockchain might be much more useful for us and acceptable by our clients.
Within the boundaries of financial system, we may encounter different architectures for transactions handling. There are centralized (or distributed) internal databases, secure middleware (e.g., SWIFT) or third parties (clearing houses). And there is also the blockchain. It can be treated as some sort of distributed database. The main difference between the two is the level of trust. In distributed database scenario you need be sure of every node in your setup. In case of blockchain - 51% is enough.
Let's assume there is a bank association containing one sneaky entity capable of altering its reports for private gain. If data (reports) are kept internally - it's possible. But if we had applied blockchain solution then such vital data would be sent to blockchain and shared between all the nodes. It would require for the sneaky bank to gain control over 51% active nodes in the system to be able to influence the distributed consensus and effectively gain control over the network. Therefore, whenever there is a problem of trust within the boundaries of your system - blockchain is a possible solution.
Permissioned DLT may have different "flavors". You can use one of the open-source technologies designated for permissionless DLT. Ethereum is a potential tool of your choice. Then we may have platforms designed for certain domains (e.g. forex) or general-purpose solution which can be tailored for you scenarios. There are already a few tools which gained attraction from "big players". We looked into Chain, Corda, Hyperledger and Multichain. The tool which gained biggest attraction in my team is BigchainDB. It joins advantages of blockchain and traditional distributed database.
Some challenges when adopting blockchain may include:
- Scalability issues. However, most of the modern tools address this problem. It's more a problem for bitcoin (although also discussed) rather than private blockchains.
- You should not use blockchain when you need real-time speed.
- Cybersecurity - as we are dealing with fragile data, we should always design such system carefully. There is a nice report about it made by European Union Agency For Network And Information Security (ENISA).
- Legacy systems - you need to build a protocol to be able to communicate with your legacy infrastructure. Depending on your environment and system you are dealing with - this can be quite challenging. Very rarely you can just replace existing solution.
- S-curve adoption - there is an initial investment you need to make (knowledge, infrastructure) to have gain in the future.
There is also another concept closely related to blockchain. Namely smart contracts, which can help us to avoid middleman services such as lawyers, real estate agents, taxi companies, etc. It works based on If-Then premise. Each agreement between parties is published to blockchain. If contract if fulfilled, then assets can be released. As it's blockchain technology everything is transparent (although documents themselves are encrypted), backed-up across the network, automated and autonomous (no need for brokers, lawyers). There are plenty of potential open-source adoptions of smart contracts. Some examples include automatic sending of information about surgery to your insurance company or voting systems. While such open-source solution may hit the wall of governments regulatory the private approaches can be very useful. You can imagine supply chain working on If-Then premise or an internal business process coded into blockchain ledger which can give us instant audit/regulatory view on the system.
*Blockchain was reasearched by Szymon Matwijów