My keynote, tomorrow #Computing2018: "No, let’s not put it on the blockchain".
"To carve out some scenarios where blockchain optimist narratives fall short, & specific properties of distributed ledgers & blockchain work against requirements. Includes GDPR, but no 20M fines."
"To carve out some scenarios where blockchain optimist narratives fall short, & specific properties of distributed ledgers & blockchain work against requirements. Includes GDPR, but no 20M fines."
#blockchain Keynote was well received.
The scenarios in this thread, link to slides at the end.
1. Short-term information of any value. Everybody will have to keep it forever and you can't get rid of it.
The scenarios in this thread, link to slides at the end.
1. Short-term information of any value. Everybody will have to keep it forever and you can't get rid of it.
2. Information that will remain valuable over a longer period.
Of course you encrypt, it but while it's forever on the blockchain, the crypto may be proved broken, Moore's law may cause key to be too short, or quantum may happen (yeah right). I said "crypto", I meant it :)
Of course you encrypt, it but while it's forever on the blockchain, the crypto may be proved broken, Moore's law may cause key to be too short, or quantum may happen (yeah right). I said "crypto", I meant it :)
For the same reason, if I owned a digital copy of my DNA, I wouldn't send it through HTTPS either now, as somebody could store it in encrypted form and it will be privacy-invasive long after my death.
3. Data that is sensitive to fraud. If it's worthwhile fraudulently changing the data now, this merely changes the attack model to fraudulently entering data on blockchain. Maybe maybe very rare items with unique fingerprints (diamonds?) stand a chance. But not eco-sensible cod.
4. Personal data. Superficially from rights: right to erasure means consent can't be the legal basis! Real reason is relevance principle: need to stop storing once data becomes irrelevant, can't. Pseudonyms are personal data.
Odd scenario of data subject storing their data on blockchain and them being only party with the pseudonym-decoding "additional info". That particular idea + question of who the data controller is the only aspect in which #GDPR possibly "outdated" - but hypothetical, see above.
Storing only pointers to personal data on the blockchain isn't a blockchain. If there's enough trust to store data in a centralised database, maybe you don't need the trustless highly redundant data structure anyway.
5. Successful applications - ones that lead to many transactions, maybe even ones that lead to many participants. It doesn't scale: broadcast of candidate transactions and new blocks, and the history of the universe in any node.
Reducing participants not an option: trust invested in gatekeeper and achieved through authorisation means you don't need the trustless infrastructure. On scaling I'm being optimistic and excluding proof of work. Applications excluded: e.g. micropayments (micro means many), IoT.
Not 6: Not considered: real-time (blocks may be generated at speed of candidate transactions in a better blockchain), crypto-currency (someone may invent one that works), apps that require a robust consensus algorithm (non-centralising ones resistant to 52% attacks may be found).
End. Didn't get as much disagreement from audience as expected even though ~10 said blockchain enthusiasist at start.
drive.google.com/file/d/1lwvOis…
drive.google.com/file/d/1lwvOis…
What I read on #blockchain recently: @davidgerard's book, stuff by @dgwbirch including latest book (share his enthusiasm for pseudonyms but can't square it with above yet), "Blockchain and the law" @yaoeo @awrigh01 but too much "could" and "would" & errors in technical details.
