UPD April 2018: this article has been updated to share the insights and the outcomes we received after deploying a similar solution for one of our customers from the finance industry.
Organisations in the financial, governmental and legal industry are showing the highest level of interest in blockchain and smart contracts. The benefits of this approach come in the form of security, speed and reduced cost. McKinsey estimated that blockchain could save businesses at least $50 billion in B2B transactions by 2021.
Since the emergence of Bitcoin in 2008, cryptocurrency and one of its underlying technologies, the blockchain, have already become buzzwords in the world of finance. If you look into the short history of cryptocurrency, starting from the year when Bitcoin was introduced, it took less than 10 years for this technology to integrate deeply into the financial industry. Today, we already have hundreds of alternative coins and cryptocurrencies available.
Those who advocate for this technology believe that it can change the global landscape just as the Internet did a few decades ago. And it looks like major opportunities are yet to come.
The potential of blockchain technologies: finance and beyond
As 2016 started, one of the world’s leaders in news and information on digital currencies, CoinDesk, has shared an article featuring Deloitte’s predictions on how the digital currency and the blockchain industry may evolve within the following year. The prediction was based on a survey handled by Deloitte within its internal cryptocurrency community, addressing the question of “What do you think will be the biggest breakthrough in the blockchain space in 2016?”
The below graph displays the high-level results of the survey:
According to the survey results, the respondents believed that in 2016 the blockchain trend was likely to accelerate, resulting in new promising partnerships and high-tech product launches that would bring in major investments.
And it looks like the prediction has already started becoming a reality. According to cryptocoinsnews.com, Microsoft has recently announced its collaboration with Bank of America, with the aim to “fuel the transformation of trade finance transacting, with blockchain technology.”
The other important outcome of Deloitte’s survey regards the emerging new use cases of the blockchain and the decentralized approach itself, as this technology seems to have a great potential to reach beyond the financials, spreading into real estate, commodities, retail, digital media etc. This is just a short list of domains where a lot of experimentation with blockchain has started recently.
This article describes how we started with internal PoC and ended up with a real prototype for one of our clients from the finance industry. You’ll see how we advanced our approach and how the technology stack evolved.
When we developed the secure document transfer system for our customer, we opted for blockchain for some specific reasons — this technology allows to establish an environment that combines efficiency, security, transparency and trust among business participants.
In general, the speed of blockchain transactions may be lower than it is with databases. This is because, with blockchain, the system needs to perform some extra actions such as verifying the consensus and applying cryptography to ensure the safety of transactions. However, thanks to these additional steps, blockchain provides trust and security, even in semi-trusted environments, since the transaction history is available to every stakeholder instantly.
Tapping into the capability of smart contracts
While we started experimenting with blockchain technologies, we learned that the decentralized approach actually allows one to organize a secure transfer for various types of data and its potential is not limited to financial transactions. And, with the introduction of smart contracts, this capability has been extended significantly.
Smart contracts are self-automated computer programs that can self-execute and self-enforce by using some pre-programmed conditions and run without any possibility of downtime, censorship, fraud or third-party interference.
Designed to be very similar to their paper equivalents, smart contracts can carry out the terms of any kind of agreement. They feature the two parties involved (the sender and the receiver), include the reference to the document that is being transferred as well as the other attributes, such as the timestamp, block-address, self-address etc.
The key aim of this technology was to streamline financial transactions, allowing for business operations to be done by two anonymous parties through the Internet with no middleman required. However, smart contracts are not limited to finance. As this technology matures, it allows for storing and transferring the assets referring to the legal sphere, real estate, intellectual property and more. Inspired by this broad tech potential, we decided to create a custom system for smart document management on top of the blockchain, allowing one to securely store and transfer various kinds of assets.
In other words, blockchain supports a different aim comparing to databases. Blockchain uses a decentralised approach, while with a database, users have limited access and the administrator can modify the data at any time.
Developing a system for secure document transfer powered by Ethereum
We decided to build our system with the help of Ethereum, a decentralized platform that runs smart contracts.
One of the reasons we opted for Ethereum is because it supports a wide range of possibilities for smart contract development. This platform also provides an advanced programming language with a large variety of data types, functions and so on. Another benefit of Ethereum is that this network is live; it already works. All these things together made Ethereum an optimal choice for us to experiment with blockchain.
Ethereum blockchain is a permissionless blockchain, where anyone can join the network as well as write and read transactions. But usually, businesses need private blockchain networks so that only predefined participants can join a network, view and make transactions. In this case, permissioned blockchains should be used (e.g. Hyperledger blockchains).
Just recently (summer 2017) Hyperledger evolved and released a new version with more functionality and tools, which made it an interesting platform for private or semi-private blockchains. Hyperledger suited our client’s business better because it allows establishing more granular control over who sees what and who has access to what, compared to public blockchains — where all information is available to everyone, and we have to think about additional cryptography.
The aim of this experiment was to provide secure storage and transfer for various kinds of financial, legal or any other types of documents, such as agreements, ownership clauses, private photos and more. In other words, we wanted to create an environment where legal transactions can be processed safely and with no third-party intermediary required. In daily life, when people conclude legal agreements, the process requires the involvement of a notary whose job is to verify the agreement, sign it and register in his/her journal. While, in the blockchain world, you do not need to pay for notary services, which usually cost a great deal of money. Thanks to cryptography, all the signatures can be secured while blockchain can do the verification and maintenance of the registry journal.
And more importantly, it takes much less time, especially when the parties are in different time zones. Imagine a logistics organisation in Amsterdam that needs to sign an agreement with the port of Singapore and a bank in Dubai. In case of conducting a regular legal contract, the parties may need to organise video calls and sign the document when all the representatives are available online. With the blockchain solution — all participants can grant their approval whenever they are available; there is no need to coordinate this process — the business logic and smart contracts will do the job.
The solution we were creating included two key units: document storage and a smart contracts journal.
We wanted the storage to contain all the documents, providing public access for verification and private restricted access for reading, and therefore we chose Github for this purpose. Having the files located in public GitHub, we made them visible to everyone, but still they were secured with encryption. Combining public storage and cryptographically-secured access, we made it possible for anyone to access the file; however, without an encryption key, this file was only a plain set of bytes.
In the case of our customer, instead of using a public GitHub we opted for IPFS private network as storage. IPFS, the InterPlanetary File System, is a content-addressed peer-to-peer distributed file system. The stakeholders can upload files into the network, and these files are shared among peers. The participants can upload files to the system with the help of an IPFS client, which is an entry point to the network.
IPFS network can also be accessed through publicly available gateways directly from a web browser, which is a massive advantage to those users that have no IPFS client installed on their devices.To ensure security, IPFS uses encryption for all the transactions made.
Private Networks allow IPFS to connect only to other peers who have a shared secret key. All nodes in a private network are isolated from a public network, and the data is shared only between nodes in a private network. Our solution encrypts the secret key with the recipient’s public key so that only the recipient can decrypt it with his/her private key.
The encryption keys were sent through the Ethereum blockchain with the help of smart contracts. These contracts contained the sender’s and receiver’s addresses, a key, as well as a link to the publicly-stored document. The contract rules were preprogrammed in a way that only the receiver could obtain a key.
We used the smart contracts journal to contain all the transactions as well as their attributes. The journal also provided an interface for private access. We decided to add the option of changes tracking as well. Therefore, the sender and receiver could change the existing documents and all the updates could be tracked via blockchain. This way, everybody would see that there were some changes implemented, but again, no one would be able to check what was changed without an encryption key.
The blockchain network that we created contained a number of nodes: mining nodes and client nodes. Mining nodes contain a full version of the blockchain and perform the “proof-of-work” consensus algorithm to mine new blocks. Client nodes also contain a full blockchain and do not do any work except for providing a blockchain interface to enable smart contracts creation and calls. In our case, we decided to keep the blockchain in the client nodes so we could easily switch the node types, but it is still possible for the client node to keep only parts of the blockchain.
The mining nodes are hosted on Azure as a virtual machine with an Ubuntu operating system. Client nodes are hosted locally (as Geth — a command line interface for the Entereum blockchain) together with the user interface written on .Net WPF. The client WPF application includes all the logic required to work with GitHub as a document storage and Geth as a blockchain interface. And the reason why we opted for WPF is that the WPF application’s interface is far more user-friendly, compared to a “black command line”. The WPF application also provides the logic for account creation and the wallets are stored in local Geth node.
Since the first version of the application had been built with .Net WPF, it was intended for Windows only. While our customer needed a cross-platform solution, we opted for Node.js to make the app run on Windows, Linux and MacOS.
Apart from Node.js, we used C++ and Go for backend development to make the system perform efficiently under high loads. The below scheme shows our network in detail.
The network nodes worked in a permanent operating mode to keep the blockchain up and running. We tested our network locally to see how the files are transferred, and the process looked quite smooth and reliable. So, we decided on a number of enhancements to be added to the basic features of our network.
Further improvements: our next steps with the Ethereum blockchain
To improve the overall security of the transfer process, we decided to create an alternative document management system: a more secure one that would allow for creating backups and would be compatible with the existing legal compliances and regulations. We also wanted this system to be available both through web access and on a mobile device. The next security improvement related to the account features was to implement a password recovery option, allowing one to restore passwords with the help of the user’s personal data. As for the private key, we wanted to have it stored in a local registry or split it into multiple files. In both cases, the new features would be accessible and could be used as a service.
To allow for a comprehensive network analysis, we created the concept of a tool that could monitor and display network performance and gather statistics. This tool would provide an interface for network search, covering blocks, addresses, transactions. It would also visualize all these transactions in a clear and transparent way. To improve the user experience provided by our network, we developed a custom monetization and payments approach, defining the way the client nodes pay for transactions as well as the benefits that the mining nodes receive. Thanks to the custom document storage and “wallet and account” services described above, the shared economy of blockchain can be easily maintained.
The future of blockchain for business
For businesses, blockchain and smart contracts open a variety of new opportunities. Among all the crowdsourcing approaches, blockchain is, most likely, the best one. It can still be considered a bit futuristic; however, it proves to be working the same way as the self-driven Uber taxi service. Imagine a safe and transparent system, accepted at the governmental level, allowing one to track and conduct legal operations with any kind of valuable assets: cars, houses, stocks and more. Alternatively, it is a comprehensive solution for investment management, where people can receive shares and payments from public companies they invested in. Indeed, the possibilities of the blockchain are broad and they keep expanding as this technology matures. Expect some new advanced use cases in the near future.
While for some businesses blockchain and smart contracts may take a bit longer to adapt, this technology now shows great potential for the financial service industry and beyond. Today, among the pioneers of blockchain and smart contracts are big pharmaceutical enterprises, e-commerce leaders and financial service giants.
Contact our experts at ELEKS today, and we will help you determine if blockchain technology is the right fit for you and your business. We will tailor a solution that best meets your needs to ensure that your business is making the most out of blockchain and smart contracts.
Originally published at labs.eleks.com on April, 2018.