*Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl *ForgeRock Summits and UnSummits* are coming to <http://summits.forgerock.com/> *London and Paris!* ---------- Forwarded message ---------- From: Eve Maler <eve.maler@forgerock.com> Date: Mon, Aug 15, 2016 at 1:06 PM Subject: Brief writeup on blockchain technology To: j stollman <stollman.j@gmail.com> Tell me what you think of this... I'm sure you will have many corrections! What I was going for was a high-level value-based pocket explanation that would mean a lot to a lot of different audiences. :-) I only recently stuck the few links in there. ==== Following are the key elements of blockchain technology and their value. Other technologies can be blockchain-like if they have some of these elements, but are not considered true blockchains. - A tamper-evident “ledger” (linear, append-only) data structure - Valuable for recording events that definitely happened - Less valuable for recording any information that is uncertain or required to be deleted (such as personal information for which a “right to be forgotten/right to erasure” has been established) - Autonomous, distributed, and possibly even decentralized (no node has higher privileges) storage nodes - Valuable for architectures where trust in a central authority is difficult or undesirable to establish (although trusted third parties do play a role in some blockchain deployments anyway; see third bullet below) - Less valuable for recording sensitive information because of the increased attack surface (every node has a copy of everything) and resulting increased privacy considerations - Less valuable for recording voluminous information because every node has a copy of everything - Mathematically based (algorithmic) consensus for contents of new ledger entries - Valuable for incentivizing cooperative behaviors among node participants about entry contents (“proof of work” as used in Bitcoin is the most famous) - Less valuable if other parts of the “BLT sandwich” (business-legal-technical) are not well controlled for through IAM, trust frameworks, etc. -- e.g., multiple node participants can collude to game the system -- but then decentralization goals can be compromised thereby Blockchain technology is a platform, not a ready-made application. There are “public blockchains” on which applications can be built; two of the most well-known are Bitcoin and Ethereum. (N.B.: A recent (Jul-Aug 2016) hack and fork <https://en.wikipedia.org/wiki/Ethereum#The_DAO_and_the_blockchain_fork> have left the Ethereum blockchain split into two, Ethereum and Ethereum Classic, showing the extreme volatility of this space. See also the Blockchain Graveyard <https://magoo.github.io/Blockchain-Graveyard/> detailing the many startups that have already died due to hacks.) These can be thought of as being something like “public cloud services” for blockchain. There are also open-source implementations of blockchain that can be deployed internally within an organization; depending on how they’re deployed, they can be thought of us being something like “private cloud” blockchains. There are also many blockchain-related tools, SDKs, and app platforms that ride on top of these base layers, much like other development platforms. *Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl *ForgeRock Summits and UnSummits* are coming to <http://summits.forgerock.com/> *London and Paris!*