*Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
*ForgeRock Summits and UnSummits* are coming to
http://summits.forgerock.com/ *London and Paris!*
---------- Forwarded message ----------
From: Eve Maler
Date: Mon, Aug 15, 2016 at 1:06 PM
Subject: Brief writeup on blockchain technology
To: j stollman
Tell me what you think of this... I'm sure you will have many corrections!
What I was going for was a high-level value-based pocket explanation that
would mean a lot to a lot of different audiences. :-) I only recently stuck
the few links in there.
====
Following are the key elements of blockchain technology and their value.
Other technologies can be blockchain-like if they have some of these
elements, but are not considered true blockchains.
-
A tamper-evident “ledger” (linear, append-only) data structure
-
Valuable for recording events that definitely happened
-
Less valuable for recording any information that is uncertain or
required to be deleted (such as personal information for which a
“right to
be forgotten/right to erasure” has been established)
-
Autonomous, distributed, and possibly even decentralized (no node has
higher privileges) storage nodes
-
Valuable for architectures where trust in a central authority is
difficult or undesirable to establish (although trusted third parties do
play a role in some blockchain deployments anyway; see third bullet below)
-
Less valuable for recording sensitive information because of the
increased attack surface (every node has a copy of everything) and
resulting increased privacy considerations
-
Less valuable for recording voluminous information because every node
has a copy of everything
-
Mathematically based (algorithmic) consensus for contents of new ledger
entries
-
Valuable for incentivizing cooperative behaviors among node
participants about entry contents (“proof of work” as used in Bitcoin is
the most famous)
-
Less valuable if other parts of the “BLT sandwich”
(business-legal-technical) are not well controlled for through IAM, trust
frameworks, etc. -- e.g., multiple node participants can collude to game
the system -- but then decentralization goals can be compromised thereby
Blockchain technology is a platform, not a ready-made application. There
are “public blockchains” on which applications can be built; two of the
most well-known are Bitcoin and Ethereum. (N.B.: A recent (Jul-Aug 2016) hack
and fork
https://en.wikipedia.org/wiki/Ethereum#The_DAO_and_the_blockchain_fork
have left the Ethereum blockchain split into two, Ethereum and Ethereum
Classic, showing the extreme volatility of this space. See also the Blockchain
Graveyard https://magoo.github.io/Blockchain-Graveyard/ detailing the
many startups that have already died due to hacks.) These can be thought of
as being something like “public cloud services” for blockchain. There are
also open-source implementations of blockchain that can be deployed
internally within an organization; depending on how they’re deployed, they
can be thought of us being something like “private cloud” blockchains.
There are also many blockchain-related tools, SDKs, and app platforms that
ride on top of these base layers, much like other development platforms.
*Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
*ForgeRock Summits and UnSummits* are coming to
http://summits.forgerock.com/ *London and Paris!*
