You remember our recent material about the basic principles of blockchain, don't you? If this is the first time you are reading about the subject and you want some basic knowledge about it, we advise you to close this gap by referring to it. Today we shall concern ourselves with why, when discussing the level of innovation, people venture to compare the arrival of blockchain with that of the internet, what Blockchain 2.0 is, and how these things are connected.
The original use of blockchain for transfer of money demonstrates its potential as a means of transferring value; this is quite a niche already, but certainly not comparable to the invention of the internet, is it? Why so much noise then? In my opinion, we are looking at two critical avenues of blockchain development, which account for the focused attention and stormy responses from investors and visionaries:
- Evolution of blockchain as a platform(Blockchain 2.0);
- Synergy with other up-and-coming trends.
But what is Blockchain 2.0 anyway? Blockchain2.0 is in effect a mechanism allowing programmable transactions (transactions modified by a condition or a set of conditions). Sound simple enough, but in Ethereum network, for example, the language used to write such scripts is aTuring complete one (that is, allowing to implement any computable function). This enables a number of interesting concepts, which are adding value to the platform and causing a stir across theIT community.
As you have already guessed, blockchain uses are not limited to transactions: they enable plenty of brand new economic opportunities previously unavailable on the world web. These include:
- Decentralized exchange;
- Creating and transferring digital assets;
- Smart contracts
Smart contracts are scripts executed in blockchain environment; their codes are accessible to all and anyone can verify the correctness of code execution. The verification is carried out by miners in the blockchain environment. This ensures honest execution of the “contract.”
Thus, an ecosystem of international decentralized, but trusted, links based on the blockchain technology is created. Which makes it possible for economic aspects to be built into all sorts of different things:
- Decentralized computer networks with built-in economic links;
- IoT (Internet of Things, if you happen to forget the meaning of this acronym); individual devices will engage in economic interplay (picture it: the refrigerator itself decides what is wanted, places orders and effects payments J);
- Smart cars, smart homes, smart cities. Let us not write these off: they are a part of not so remote a future, at some places they already make the present.
In all these cases blockchain allows transferring money or value. All the while being an effective and trusted information exchange tool for efficient distribution of resources.
Blockchain 2.0 being at the height of its development, there are quite a few different terms and concept, often overlapping ones. Let us cover the main ones in brief.
This appears to be the simplest concept among those I am to describe, but it is certainly worth mentioning.
The Visa/Mastercard backbone technologies had been originally designed as centralized structures, and their bases make attractive targets for attackers, as we see from the many “hacker” movies and real life cases. Plus they are unable of effecting really small (micro)transactions. By small I means the minute transactions not supported by the traditional payment systems. Blockchain enables transactions worth portions of a cent. Small as they may be, this opens up a whole new horizon of opportunities.
Let me give you a simple example. Let's suppose in a city there are several companies operating cargo drones.Blockchain will make the drones able of economic team play—not only with the drones of the same fleet of but with third-party drones, too. For example,Drone 1 has to deliver cargo from A to B. It is free to calculate whether or not it is more economical for it to deliver its payload to point C and put outa tender for it to be delivered from there to B by third-party drones; if feasible for both parties, it may strike a deal or complete the delivery by itself. This will improve the overall performance of the drone network.
There is another example I have seen quoted in the literature: your car is caught in dense traffic but you badly need to get along really quickly: let's suppose your wife is in labor. You are ready to pay the other road users a certain amount of money to make them move aside and give you the right of way. Those who let you pass (drivers who are not in a hurry to make their destinations) will each get a microtransaction for their help. Blockchain with its microtransaction feature set is exactly the engine to enable this. In a centralized system such transactions would be too costly to be considered.
Those of you who had never heard the term before are probably now asking themselves what a smart contract is. And yet, indirectly, we deal with this concept every day. This is a contract from our life, but one written using a programming language and automatically executed as soon as certain triggers are pulled.
The classic example of such a contract is the vending machine, always automatically operating according to a fixed set of rules: you pay the money, your make your choice—the machine releases your purchase. In the smart contract context, code becomes law; it cannot be contested and it will always be executed to a letter as soon as the conditions are met. At least, until recently I had never heard of any means of challenging such a contract. But every rule has its exceptions (I am going to tell you about one such interesting case later). The most important nuance here is that the contract must be executed without fail.
Smart property is a new concept we are not used to at all yet. In this case property rights (for a car, apartment, etc.) are cryptographically fixed in the code.The asset (property) will only operate if recognizing legitimate user rights for the use of that property. This makes the transfer of property as simple as any transaction.
Of course, the smart property concept is based on widespread use and adaptation of decentralized trusted blockchain, which as of now appears to be quite a distant future. Yet I wouldn't be overly pessimistic—there are already blockchain startups used to register diamonds and watches.
By way of adding to the idea: using the information about the current balance of supply and demand supplied to it from the internet, the smart property item can potentially be engaged in economic activities of its own. Thus, a taxicab without a driver—a self-owned one—will be marketing its services or taking orders all by itself, balancing out its tariff based on time of day, current supply and demand.
Dapps (Decentralized Applications)
These are apps executed in blockchain.Bitcoin, being a transaction-focused peer-to-peer network, happened to be the first ever decentralized application. The opportunity to make smart contracts and write executable code within blockchain has given birth to all sorts of decentralized applications. Besides, Daps can be quite independent from any particular blockchain, operating as entirely stand-alone applications. Example: MadeSafe, a distributed data storage application. In short, it operates like this: you make your disk space and up-time available too the network users and collect your premium for that; alternately, you can upload your data to the network in exchange for your service. There had been similar projects in the past (for example, Wuala), but now, for the first time ever, they are founded on economic principles: you simply offer your space and get paid. So far there is no certainty whether the project will survive. For your info: Wuala was closed in 2015.
Internet sources give a list of criteria an application must satisfy to be called a Dapp. I think these should be covered in some detail:
- A Dapp must be fully open-code, it must operate as a stand-alone application and no organization may be able to claim possession of the greater part of its tokens. A Dapp may adapt its protocol in response to suggested improvements and market feedback, but all changes must be adopted by consensus of all its users.
- A Dapp's data and operating reports must be encrypted and stored in a public domain, the so called decentralized blockchain, to avoid any potential network outage.
- A Dapp must require a cryptographic token (bitcoin or original app token) for access to it. Every bit of input contributed by miners must be rewarded in Dapp's tokens.
You can find quite a long list of different dapps based on Ethereum: http://dapps.ethercasts.com. I shall not discuss them at length in this article; instead let me give you a few examples for better understanding:
- http://etherwheel.io: an Ethereum-based lottery—invest cryptocurrency in hopes for a win;
- Countless p2p marketplaces;
- http://gridsingularity.com: energy exchange Dapps; just look at their website;
- http://ujomusic.com: a blockchain-based music marketplace;
- https://github.com/yep/eth-tweet: a decentralized twitting app.
There are lots of them—you can spend hours studying the different options allowed by blockchain.
DAOs (Decentralized Autonomous Organizations)
In my opinion, one of the most impressive blockchain-based concepts is that of a decentralized autonomous organization. “What's that anyway?” you are sure to ask. Before I give you the answer, let us think. The traditional organizations we know of are all based onsets of contracts and agreements enforced by external agencies (laws, courts of justice, authorized bodies, etc.). This certainly increases the operating costof such an organization and impairs the reliability of its rules and procedures. DAO, too, is based on a set of contracts, but these are not paper contracts but smart contracts executed in blockchain environment. This puts DAO ahead of the previous concepts and turns it into a sort of a company's robotized manager. DAO can collect and store the money received by way of investment, it can spend that money based on a known set of rules agreed upon by DAO members, and so forth.
Let us take a look at a few down-to-earth examples of decentralized autonomous organizations:
- An automated marketplace for trading resources or other valuables. A distributed independent marketplace with equal conditions for all participants. Some of the closer examples: stock markets or RTB-based advertising markets.
- The communities involved in organizing p2p interplay, such as you do or profi.ru, can well be based on decentralized principles.
In addition to DAO, there are such concepts as DACs (decentralized autonomous corporations) and DASs (decentralized autonomous societies).These appear a bit redundant to me, as they are in effect integral to the DAO concept and are not much different from DAO in terms of operating a decentralized organization. The different terms in this case seem only to mimic the familiar forms of centralized organizations, as we know them.
By way of summary: the DAO concept may greatly alleviate (or completely do away with) the company's operating costs by automating its operations, in full or in part.
Is the outlook really so serene?
Unfortunately, not. The strong points of smart contracts and DAOs give rise to a number of problems. As we set to work on our project, we came to understand the vulnerabilities of such an ecosystem and found real life evidence to justify our concerns. I am going to write a separate article about the potential dangers and vulnerabilities to be expected of smart contracts in the future; but now let us look at one graphic example from not long ago.
One of the first major successful implementations of the DAO concept is called The DAO. (Not quite unassuming, but they could justas well call themselves that by right of pioneers.) The organization is something like a distributed kickstarter we all have heard about. Investors were encouraged to invest into the Ethereum-based projects and draw profits as the latter were gaining momentum. The implementation was really a success: there was about $140m under The DAO's management. But then a curious incident happened: an attacker used a vulnerability in The DAO's contract to withdraw its cryptocurrency funds into a The DAO branch under his control. He called the branch Robin Hood DAO. Fortunately, contract did not permit for instantaneous and final withdrawal of money (such a transaction takes 27 days to complete),but still… Now, dear readers, let us consider the magnitude of this precedent as well as certain nuances not readily apparent to us:
- The bad actor (if he is to be called that) was following the rules of the contract; he did not replace or change it, he just took advantage of the unobvious logic contained therein. The Ethereum platform itself was operating correctly. If interested, you can find a detailed description of the malicious act here: http://www.ether.camp/dao-thief.html.
- The money was not withdrawn all at once. We are used to think that in the event of attack we can pull a “switch,” so to say, and freeze all further action, thus arresting the negative scenario. In the case with The DAO and Ethereum this was not possible! After the money leak was detected, the contract continued its relentless operation, streaming cash to the entity controlled by the attacker. The loss amounted to 6 million ETH (it is hard to say how much that makes in USD, for the exchange rate had dropped quite a bit on account of the incident, but an approximate estimate gives $50m).
- There was no one to turn to for help, either.
How do they deal with situations like that? I was writing a lot about decentralization and the rest of that stuff, but in this case, it is proposed to infringe on that principle. The community is asked to agree to fork off the history of transactions at a point just ahead of the attack. The solution was brought forward by the developers of Ethereum (the platform itself) in an effort to save The DAO. I want to call your attention to this: the fork will affect all transactions, not just the ones to do with TheDAO and affiliated structures. That means, if you had purchased or exchanged ETH, your transaction, too, will be called off. This is quite a cut at decentralization, bringing The DAO out as an enterprise which is “too big to fail,” so to say.
But! It is interesting to observe how the miners' community goes about proposing and discussing the fork option. The idea has been put to vote, and individual miners are free to either join or decline to join the fork.
The reaction of the attacker is even more fun to watch! First, he is convinced that it was not an attack but legitimate use of the opportunities offered by The DAO; second, he offered $1m to the miners who declined to accept the fork.
What's the outcome? So far unknown. The SantaBarbara soap opera is in full swing; ETH exchange rate dropped a good deal; news keeps coming; the community has split into two opposing camps — the pro-fork one demanding to save The DAO and the antagonists of that option. I am going to cover the end of this story in one of my future articles.
What are our takeaways? In broad brushstrokes:
- The described case has exposed the risk of vulnerable contracts (in fact it was not the first case, only the first major one). Or even ill-intended contracts. We, as a large security company, are potentially looking at a promising new market.If the smart contract concept, along with the interplay forms based on it, survives, automatic or semi-automatic contract security audit services will be called for. The demand will be generated by both makers and users of contracts.
- The case has also revealed the lack of a judicial mechanism to modify the effects of the contracts; so far there is a makeshift one, which has spontaneously emerged in the miners' community.
- A need may arise to create a contract action insurance and risk hedging service.
- And so forth…
Let us leave it at that for now. My next article will discuss the security problems inherent to such ecosystems and synergies with other hot trends; we shall also try to cast a glance into the future.