Re: [Hyperledger Project TSC] IBM whitepaper
benedikt herudek <benedikt.herudek@...>
Hi Chris,toggle quoted messageShow quoted text
excellent paper !
Below two remarks / questions around Identity Management vs Consensus and one suggestion concerning data privacy on permissioned blockchains.
Interested in anyone's view.
1st remark: Chain Language, Turing halting problem & native currency:
Understand, you don't introduce a native OBC currency. It seems you might introduce a native OBC language in the future. But at the moment, you support existing languages like go. https://github.com/openblockchain/obc-docs/blob/master/FAQ/chaincode_FAQ.md
Without a native currency, but with a full turing complete language, how will you address someone introducing mailicious code running through endless loops and eating up ressources ? Ethereum wants to address this with the notion of gas, so transactions running too long and not having the ressources will just get halted and rolled back. That is inherently connected to having participants pay for transactions. Hence, having a native cryptocurrency as part of a blockchain seems to offer a good mechanism to block such attacks.
Is the implicit assumption here that enterprise permissioned blockchains have a lesser risk of such intruders and hence, if we establish identity of blockchain participants and have auditors over the network, we would get on top of such intruders anyways ?
2nd remark: Trusted Ledger: Identity Management & Consensus Mechanism:
The OBC you suggests offers participants to plug in their own consenus mechanism. It seems one could even use the OBC architecture without a consensus mechanism:https://github.com/openblockchain/obc-docs/blob/master/FAQ/consensus_FAQ.md
In that case it might be (see 1st remark) the implicit assumption is we establish identity of participants in blockchains to restrict access and audit members and with ensuring this, we have eventually only trusted members (we dont let others in or remove them) in the network. The need for 'unbreakable' consensus mechanisms like bitcoin proof of work for a permissionless network (everyone can plugin) might become lesser of a concern.
One might think Identity Management introduces a notion of centralization (you also address this point here: https://github.com/openblockchain/obc-docs/blob/master/FAQ/identity_management_FAQ.md) into a blockchain. But for enterprise transactions, having identity management is just indispensable.
My concern would however be to overstress Identity Management compared to consensus as the underlying mechanism to ensure we have trusted data in a shared ledger. Having Consensus optional and Identity Management mandatory might allow 'abuses' of the architecture as a simple 'inter - enterprise - B2B - platform'. Maybe it could be useful to default a minimal consensus mechanism and give (minimal) criteria to replace the default consensus mechanism you suggest. Having a consensus mechanism enforced, it could also be useful having a lightweight or no-identity management option as part of the OBC for 'bitcoin like' usecases, where participants might not want to reveal their identity.
A Suggestion for Data Privacy on (permissioned) Blockchains
Placing certain data on a shared ledger will be a hard sell too many, who dont sleep well over hearing concepts like 'distrubuted shared ledger' and 'health and financial data' in one sentence. It will be difficult to overcome such concerns with a treatise on the strength of cryptography and frankly, there are ongoing discussions how secure crypto is and will be with more (quantum) computing power in the future.
A pragmatic solution could be placing 'really sensitive data' outside the blockchain, link the data and keep only e.g. a (partial) fingerprint on the blockchain. You mention someting similar in a different context and purpose for files.
https://github.com/openblockchain/obc-docs/blob/master/whitepaper.md (section Architecture / Blockchain) : Large files (documents, etc.) are stored in off-chain storage, not on the Ledger. Their hashes can be stored on-chain as part of the transactions, which is required to maintain the integrity of files
This could be a general and optional feature: One should be able choosing to have 'really sensitive' data in a permissioned database in one's regular enterprise network. The Blockchain transaction (cryptograhically secured) would contain:
On 18.02.2016 18:55, Duc Trinh via hyperledger-tsc wrote: