SoylentNews is people
SoylentNews
Submitted via IRC for ErnestTBass
When railroad tracks were first laid across the western U.S., there were eight different gauges all competing to dominate the industry – making a nationwide, unified rail system impossible; it took an act of Congress in 1863 to force the adoption of an industry standard gauge of 4-ft., 8-1⁄2 inches.
FedEx CIO Rob Carter believes the same kind of thing needs to happen for blockchain to achieve widespread enterprise adoption.
While the promise of blockchain to create a more efficient, secure and open platform for ecommerce can be realized using a proprietary platform, it won't be a global solution for whole industries now hampered by a myriad of technical and regulatory hurdles. Instead, a platform based on open-source software and industry standards will be needed to ensure process transparency and no one entity profits from the technology over others.
"I think we're in the state where we're duking it out for the dominant design," Carter said during a CIO panel discussion at the Blockchain Global Revolution Conference here. "We're not an organization that pushes for more regulatory control, but there are times regulatory mandates and pushes can be incredibly helpful."
(Score: 5, Informative) by Anonymous Coward on Tuesday April 30 2019, @09:43AM (15 children)
You know that feeling you get when someone says something that so completely demonstrates their lack of understanding of a topic that you suddenly realize you need to educate them? For instance when someone calls you and tells you their computer is broken and you come over only to find out they unplugged their monitor in order to run the vacuum?
This is how I feel every time we have a discussion where the words blockchain and/or crypto-currency are involved.
I work with this technology every single day. The fact that most of you have some very odd notions about what this technology is, tells me that we have a very long ways to go in making it clear what blockchains are and what they are not.
Blockchains are just a way of managing data and keeping a database in sync.
Blockchains are not crypto-currency and while most crypto-currencies use blockchain technologies, not all of them do.
Everytime you hear blockchain, I want you to hear it in the same vein as "RDS", "NoSQL", "Document Store", etc.
In otherwords it is just another database technology, https://www.alooma.com/blog/types-of-modern-databases [alooma.com] one specifically created to allow you to connect your internal business processes to other businesses without the need to "just trust them".
If you run postgres or oracle and you use log distribution in order to keep nodes in sync, then you already use a blockchain, you just have never heard it called that.
https://blog.timescale.com/scalable-postgresql-high-availability-read-scalability-streaming-replication-fb95023e2af/ [timescale.com]
What "blockchain" adds to the workload in the article I linked is cryptographic guarantees as to the validity of the data. Each write to a blockchain is accompanied by a digital signature using the very best cryptography we currently know about. This means that you as a consumer of the database don't need to worry about the chain of custody of the data, you can verify each and every transaction and its corresponding signature for validity.
Because blockchains are a database meant to be shared between organizations that may not trust one another, one other place where blockchains differ from straight up log sharing is in how they come to consensus about timestamps, or the sequence of events.
If Alice sends Bob a message and Bob sends Alice a message, either or both of them could fake their own timestamps.
So instead of just sending directly to each other, they also each send a copy of their message to servers who's sole job is to order transactions.
We can then prove timestamps, by using an ordered series of transactions, these transactions are organized into a group called a "block". A block is just collection of messages that have been acknowledged by the network at large. A block is timestamped by the computer performing the organizing task, and passed around to the rest of the network for approval.
Using this information, Alice can assert that she sent Bob a message before Bob sent her a message, assuming her message appeared in a block before Bob's regardless of what either individual messages timestamp contained.
Now just replace "sent a message", with "sent a message about topic x" and you start to delve into mission specific or topical blockchains.
These are blockchains optimized or tuned for a specific topic or task.
Valid topics are anything where you need to ensure that the data was not tampered with, even in the face of nation state actors who would benefit from the ability to tamper with it.
Thus you begin to see all these use cases crop up, such as voting, vehicle registry, land ownership registry, stock ownership ledger, DNS and of course, chain of custody for physical goods such as FedEx is proposing here.
I think what FedEx is proposing is an excellent use of blockchain technology. In fact Hyperledger Fabric https://www.hyperledger.org/projects/fabric [hyperledger.org] is a ready to go solution that would solve their problems today because it was designed from the ground up with the use case in mind that FedEx is proposing.
The use case is that they want to federate and they must work with partners, whether local or regional contractors, or govt agencies etc. None of these partners should be trusted prima facie. So having a trustless way to verify the chain of custody on packages is a perfect use of blockchain tech, assuming they apply the tech correctly.
I guess what I'm getting at here is that Blockchain is a class of technology, it fits in the same comparator slots as RDS vs NoSQL vs Document Storage. It's extremely useful if your use case fits (i.e secure database federation with potentially hostile actors, wherein reading is open to anyone but writing is restricted by rules), otherwise it's a square peg in a round hole.
Blockchain combines all the headaches of DB admin, with all the perils of cryptography and that makes it a fascinating topic if distributed, scalable databases and cryptography are what interests you.
I genuinely look forward to the day we can have discussions about the merits of Solidity vs ChainCode or Etherchain vs Hyperledger or even EOS's model vs Ethereum's model, in the same vein we would argue PostGres vs Oracle vs MySQL, or even VI vs emacs.
I hope I've educated you. As always, don't buy the hype, just learn the tech. You'll be smarter for it and it will change your way of thinking about certain classes of problems that perhaps previously were unsolvable.
(Score: 0) by Anonymous Coward on Tuesday April 30 2019, @11:39AM (1 child)
thank you for clearing that up.
but you may want to consult with the other users of the word "blockchain" on what it actually means.
for instance I can complain all I want about "affect" vs "effect", but most people will not care.
this person quoted here has communicated something to the public. they did this using a word that is known to be hyped and misunderstood by the general population, when they could have simply said "we want a unique barcode standard, and a centralized database where all the various readings of the barcode are stored".
if the message is misunderstood, it is usually the fault of the person sending the message.
(Score: 1) by sshelton76 on Tuesday April 30 2019, @11:56AM
Well he is using it correctly. There's no misunderstanding.
Yes people hype it, but that is not what he's doing here.
In reality he's saying he wants a universal standard for tracking and accountability on packages.
Something that is open technology that all shippers can subscribe to and update as your package is handed off between FedEx, DHL and/or local post.
I have a feeling he would also like some sort of mechanism to automatically flag troubled packages as well. Such as packages which went out on a truck, but never showed up at their destination or were otherwise lost in transit. Or packages which are caught in customs, or packages which have legal issues.
There are absolutely ways to accomplish all of that.
But instead of government mandating it, it would be better if it were a function of an international standards body such as the UPU https://en.wikipedia.org/wiki/Universal_Postal_Union [wikipedia.org]
(Score: 1) by sshelton76 on Tuesday April 30 2019, @11:49AM (5 children)
Original AC from the above reply here...
After writing that rather lengthy post, I was reminded of a time in ancient history where I was still running windows for everything and didn't see a need for, nor really understand linux.
Then I got swept up in a sea change at work. Microsoft had decided to do an "Enterprise Audit" and was going to fine the company a lot of money for reasons I still don't care about. The CIO came down and said "As of today we're no longer a Windows shop. No new Windows projects are to be started and within a year we will have no more machines running Microsoft products. You have 6 months to either become proficient at Linux or to find a new job."
I realized I liked working there and therefore I needed to suck it up and learn Linux.
I tried a bunch of distros including Redhat 9, but never really understood them, until I found a guide called "Linux From Scratch".
http://www.linuxfromscratch.org/ [linuxfromscratch.org]
After following that, and doing the necessary research, I started to understand what Linux was, why it was and what it's use cases were.
Eventually the company ended up downsizing me anyways, but the skills I learned from LFS have translated into nearly a decade of 6 figure salaries.
I wonder if my fellow soylentils would be interested in a "blockchain from scratch", guide.
The end result being that you have the skills and knowledge to understand at a reasonably deep level what a blockchain is, what the use cases are and of course how to design and implement one, or how to re-use an existing one when you are presented with a problem that is especially suited for a blockchain.
I think it would be fun to go from a barebones basics discussion, to a fully functional site with all the features of something like slashcode https://sourceforge.net/projects/slashcode/ [sourceforge.net] , but which has no backend servers to admin and instead exists solely on it's own peer to peer blockchain, and is served up in the browser when you visit the site URL. I could even demonstrate how to implement an AC feature for those times when you need to open your mouth and say something, but don't want to get into trouble at work :)
Let me know your thoughts!
(Score: 0) by Anonymous Coward on Tuesday April 30 2019, @12:12PM (3 children)
I'd certainly be interested in it.
I'm no specialist, but it sounds to me like the HDF5 standard should incorporate something like this to keep track of file changes, if they don't already. In particular I care about HDF5 in the case of massively parallel numerical simulations, where ideally many cores would be writing a lot of data to a single file.
(Score: 1) by sshelton76 on Tuesday April 30 2019, @12:19PM (2 children)
I would love to research that and give you some feedback, but there seems to be several things which share that name and could all be candidates for the tech you're talking about. Can you give me a link to the specific item you're talking about?
(Score: 0) by Anonymous Coward on Tuesday April 30 2019, @01:15PM (1 child)
I'm talking about "hierarchical data format" https://portal.hdfgroup.org/display/HDF5/HDF5 [hdfgroup.org] (this particular website seems to be somewhat broken, so I'm not sure the group is being administered properly at the moment, but the library is nonetheless extensively used in scientific computing).
And MPI refers to "message passing interface" https://en.wikipedia.org/wiki/Message_Passing_Interface [wikipedia.org] .
I've personally encountered situations where a simulation crashed without closing the HDF5 file properly, and a lot of data became unreadable, including parts of the file that were not being written to (individual files are organized more or less like a filesystem themselves, this is why I can clearly identify what was being written to or not).
I was wondering whether tracking read/write operations properly would help with data recovery.
(Score: 1) by sshelton76 on Tuesday April 30 2019, @01:48PM
Ok so for something like this a journal would provide superior results especially if the journal is also storing a hash of the resulting file to ensure integrity.
The difference here is that yes you're using hashes to ensure integrity, but you don't care so much about the source, no particular node in the system would have any more or less "permission" to make changes to the journal or the filesystem. Thus you don't need to verify the chain of custody on the information, so a blockchain would be overkill.
A merkle chain vis a vis git would reduce performance, but would solve your integrity issues.
(Score: 0) by Anonymous Coward on Tuesday April 30 2019, @04:26PM
yes, do it. thanks
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday April 30 2019, @02:25PM (3 children)
Does blockchain by its method of ensuring security inherently cause what is popularly perceived as ineffciency of energy as competing factions all use arrays of machines to do the proof of work to sign and authenticate? Or is this something that is strictly caused by the race to profit in cryptomining?
Where I'm going at there is that, thanks to your explanation (in part), I can see where it would be useful for a bunch of parties who have no reason to trust one another (shipping companies) to create a veriably secure log for packages without trust to a central authority but at the cost of much seemingly wasted energy to deliver that proof. We have had international banking by data transmission for quite awhile now which didn't require blockchain, and why can't the shipping industry adopt such a measure... Let's say the U.N. develops (or endorses) a standard, or the more conventional route of ISO standards are employed and a central authority established that all parties must trust. Or let's say my idea is wrong here - are there no other alternatives?
This sig for rent.
(Score: 2, Interesting) by sshelton76 on Tuesday April 30 2019, @03:47PM (2 children)
This is an excellent question and goes to the heart of something we call "consensus".
In a nutshell, consensus is the degree to which different parties agree or disagree about the current state of the chain.
To answer the question in the simplest form, the answer is "no", you do not need "proof of work" at all for a blockchain to function.
However the answer is a little more complicated so here goes...
Whenever you select "proof of n", whether it is "proof of work" or "proof of stake" or any of the myriad "proof" mechanisms, what you are really doing is saying "how can I slow things down enough that umpteen million nodes can all come to consensus about some important part of the chain?".
In the original blockchain implementation "Bitcoin", the idea was that bitcoins were the thing being tracked in the ledger, furthermore a fixed quantity of bitcoins (21 Million) would come into existence over a set period of time (roughly 150 years).
To ensure ledger consistency and atomicity, it was decided that a block should take an average of 10 minutes to find and would be no larger than 1MB. This way every single node could stay in sync, even if they were on 56k dialup. In exchange for finding a block there would be a reward given and this reward would represent a subsidy to the node which created the block.
So what is a block? It is a list of the transactions it contains or better put "witnessed". The block's identifier would be the SHA256 hash of all the transaction hashes, in order to ensure data integrity. This way it would be immediately obvious if someone was tampering with the data in flight.
Now you have a problem... How do you ensure that no one is abusing the system by sending bogus transactions and filling the blockchain up with worthless blocks? This starts to delve into game theory. There is a financial incentive to pre-calculating a bunch of blocks and using them to take over the blockchain because the longest chain is always the winner. Furthermore, there is no requirement that any block actually contain any transactions in it at all. This was originally permitted because in the early days there might not be enough transactions in 10 minutes to fill up a block.
So they introduced proof of work and "difficulty". With PoW, you need to take the most recent accepted block header, concatenate it to a list of transactions you are including in the block and then take the SHA256 hash. But you also need to include an integer n, such that SHA256(prevhash + SHA256(txhash[...]) + n) = 1/difficulty.
This means it is always a race to find n since all the other things are relatively static. Difficulty is used to literally make it less likely that any given n will result in a blockhash below the given threshold. For bitcoin difficulty is adjusted every 2 weeks in an effort to try and keep the average block time to 10 minutes and this help to mitigate the effects of a huge amount of hashing power coming in and taking over the chain. The tradeoff here is that as more hashing power is brought to bear on the blockchain, the rate of new blocks found still stays roughly equal for the network, but smaller operators who cannot afford to keep upgrading their equipment are forced to drop out.
This causes consolidation for so called miners and eventually you are left in a dangerous situation with only one or two players. Also the marginal cost of electricity and the equipment to mine quickly becomes the primary factor in determining the value of your coin. Furthermore, miners who drop out of one coin, can easily jump to another coin with a lower difficulty level. This is a feature if the miner is honest, but history has shown that miners will rent their rigs to the highest bidder and that bidder can and often does have nefarious intent. Thus proof of work systems are a very poor way to secure your blockchain.
What we have here is a very complicated answer to what should be a simple question. "How do we all keep in sync?" and a far better answer is "Don't do it by subsidizing the finding of blocks, find another way".
Once you get past that problem then you just have to figure out another way to limit spam from malicious actors. People will spam if they can, but if the cost to spam is prohibitive then there needs to be a business reason for it.
Thus for blockchains which are intended to be used between parties who "know each other but do not necessarily trust each other" such as banks, the answer is to allow blocks to be found by only the participating entities and no anonymous third parties. Furthermore, just get rid of canonical blocks, i.e. blocks are identified by timestamp, not necessarily a sequence number. As long as two blocks do not contain conflicting transactions, such as Alice only had $50 but she managed to send $50 to Bob and $50 to Charlie, i.e. the double spending problem, then there is no reason the whole network needs to stay in complete consensus for every single block.
But for situations where the parties neither know, nor trust eachother you are better off with "proof of stake" type of solution where each block finder must pledge an amount of money equal to or greater than the block they found. If it turns out later that there is something wrong with those blocks, then rest of the network takes the pledged stake. Otherwise the block finder receives their reward.
In otherwords, the block reward is there to subsidize the people who are paying their own money in terms of electricity and compute cycles to find the blocks in the first place.
These financial incentives only really apply when there is no other financial incentive for running the network and it's the primary problem with every crypto-currency out there. No miner wants to sell their coins for less than they cost to produce, but no one wants to buy the coins if they don't see a use either now or in the future. So you get these boom and bust cycles in the crypto-currency markets caused by people who fundamentally have no idea WTF they are buying. Money is only worth what you can buy with it. If your plan is to buy it now and sell it when the price rises, you aren't investing you're speculating and you're contributing to a hype bubble that people who are serious about the tech, neither want nor need.
Thus the TLDR;
Cryptocurrency is one application of Blockchain technology. Cryptocurrency adds a lot of complexity in order to address weaknesses from game theory.
If you aren't doing crypto-currency, you don't really need proof of anything, it's easy enough to verify signatures on your own and the fact that the network accepted the previous blocks is enough security that you don't even need to go back and verify old blocks if you don't want to. It all depends on what you're trying to do.
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday April 30 2019, @05:06PM (1 child)
Thanks so much for both the in depth and TLDR explanations. And responding to your below, an explanatory website would indeed be of interest although I'd assume would take a huge chunk of skull sweat from you. (Especially if it carried both TLDR and detail explanations as nice as your above post). Thanks for sharing your knowledge!
This sig for rent.
(Score: 1) by sshelton76 on Tuesday April 30 2019, @07:12PM
Thanks and yeah it will take some brain power. I don't have a lot of freetime, but I can probably do a chapter a week and post some links in my journal here.
Most likely it won't be its own site, but a github pages site. I just don't have time to admin yet another server, especially one for explaining to people how to build a blockchain in a serverless fashion.
(Score: 2) by DeathMonkey on Tuesday April 30 2019, @06:34PM
SoylentNews has become an ANTI-Science and ANTI-technology discussion forum.
(Score: 2) by dwilson on Tuesday April 30 2019, @09:40PM (1 child)
Well explained, but one nitpick:
If I'm taking the time to verify it? It's something I worry about. If I didn't worry, I wouldn't bother to verify.
You did. I learned more than I knew previously. Thank you.
- D
(Score: 1) by sshelton76 on Wednesday May 01 2019, @01:02PM
True but my point was validty of the data vs custody of the data.
When you log into your bank or paypal, you see your transaction history and you hope and pray they got it correct. You trust them though because they are your bank. If you were getting your transaction history from a third party you would have reason to be suspect.
In blockchain systems, the custody of data is irrelevant. You can literally ask all your neighbors for your transaction history and you needn't worry about them making something up because you can in fact verify it.
This ability to verify the data without needing to trust the source is what makes blockchain such as powerful tool.