In a previous article we discussed what exactly a ledger does. In this article we will seek to understand why you would want to use one, and what your options are.
By Sam Curren
For a brief recap, the ledger offers four important elements when building a decentralized ecosystem, these being:
1) Immutability: The data cannot be changed — by anyone.
2) Tamper resistance: A distributed ledger makes it very difficult for a malicious actor to break in and change material.
3) High availability: If one node on the network goes down for any reason, there are plenty of others to receive data from.
4) Geopolitical and infrastructure diversity: By hosting the ledger on servers located in multiple geographic areas and by diverse organizations, network resilience to technical problems is maximized — and this contributes to high availability.
While there are other options available, ledgers provide all these aspects in one convenient place; oftentimes, efforts to provide all the necessary features end up resembling a ledger anyway.
It’s important to keep in mind that while other options such as web infrastructure (did:web or similar) can provide some of the combination of immutability, tamper resistance, and high availability, they often fall short in one of them. For example, did:web doesn’t provide features universally, leading to a deficit in the high availability / diversity category.
When creating a decentralized network, using a ledger is often both the easiest and most effective choice. Once you have decided on using a ledger there are several different types that you can employ, all with slightly different specialties.
The most well-known proof-of-work network is Bitcoin, which was also the first widely-known application of blockchain technology. Beginning as a protocol for peer-to-peer financial transaction, Bitcoin evolved to become a store of value, known generically as a cryptocurrency.
Without a central authority to authorize and record transactions, a decentralized financial network needs to establish a way to ensure that everyone agrees on what is written to the ledger, not least to prevent money being spent twice.
Bitcoin solves this with “proof of work.” It turns the verification of a new block of transaction records into a numeric challenge, the solution of which writes the block to the chain and earns the winner Bitcoin (which expands the amount of currency in circulation). Those that compete to solve the problem are called “miners,” and the complexity of the problem increases the more miners there are and decreases the fewer there are. The first miner to complete a proof of work for a new block, broadcasts the block to the rest of the network, where it is verified as following the rules of the Bitcoin protocol.
This process ensures that a new block is written to the ledger roughly every ten minutes and that the effort expended to solve the problem is evenly balanced to the Bitcoin earned. The easiest way to think of all this is that the effort required to verify transactions serves as a deterrent against fraud. This proof-of-work methodology, however, is not without controversy, as the effort is measured in computing power and hence energy to do the work. This excess usage of energy is frequently criticized as being wasteful.
If you want to use a proof-of-work network — such as Bitcoin — you will need to have your transactions verified by a miner, typically for a small fee. This fee can fluctuate and be unpredictable, but generally the more you are willing to pay, the quicker your transaction record will be verified.
Some networks are controlled through proof of stake networks, often referred to as smart contracts, which are digital programs that mirror the functions of a traditional contract in the form of “if this, then that” rules. Once the terms of the contract are met, the program automatically executes the predetermined outcome. A popular analogy is that of a digital vending machine. As a smart contract program cannot be altered and automatically executes the terms of the contract, it can be trusted to continually execute the code it was created with.
While smart contract networks can do a lot more than finance-oriented, proof-of-work networks, this greater flexibility creates complexity. When a smart contract is not read and understood correctly by the user, or the contract parameters are defined poorly, the code may do things you were not expecting or don’t want to happen. And once the code executes it can’t be undone.
The transaction fees on this type of network pay for the execution of contracts (Ethereum calls this fee “gas”) and keeps the contracts to be kept active and running on the network. The fees required are subject to market forces, and makes this fee unpredictable.
A public permissioned network allows anyone to read the data written to it but requires authorization by the network to write to it. This is because the ledger is a permanent record and writing personal data to the ledger would breach data privacy law, such as the right to be forgotten.
Anyone wishing to write to this type of ledger (typically called a “Transaction Author”) must go through a “Transaction Endorser,” an organization that has a signed legal agreement with the network for approving writes to the ledger. Endorsers may charge a transaction fee for approving writes and pay a fee to the network for writing to the ledger. These fees can change, but are far less volatile than the fluctuating fees charged by other ledger technologies.
A good example of this type of network would be Hyperledger Indy-based identity networks. These networks are ideal for decentralized identity as they are compliant by default with many rules and regulations put into place by governments that have run into issues with blockchains in the past. These ledgers do not require proof of work to establish consensus. They are not set up to create tokens or currencies and can’t handle complex smart contracts, focusing instead on the fundamental needs of decentralized identity.
Some of the goals of decentralized identity may be accomplished without using a ledger at all. There is, for example, some support for hosting the assets necessary for an identity ecosystem on web infrastructure, a well-understood technology stack which avoids all the complexities of a ledger.
Unfortunately, web technology does not meet the requirements necessary for a stable decentralized ecosystem. While immutability and tamper resistance can be achieved with the proper application of digital signatures, and high availability in web infrastructure can be gained by using clusters of servers for redundancy (often by the use of a content delivery network, or a large, distributed collection of servers for delivering web content), these must be provided on a per-identifier basis. Some web infrastructure will have high availability, and some will not. This creates an uncertain environment when it comes to accessing the assets required for data verification.
Infrastructure diversity is partially solved using the same methods as high availability, but the need to continue hosting assets when a company or organization ceases to exist remains unmet. This also adds uncertainty when retrieving assets using web infrastructure.
The decision to use web infrastructure must be made with these deficiencies in mind and a plan to address them.
So how do I choose?
When choosing a network to host your solution the answer comes down to functionality and seeing if your goals align with what the network is good at. As we have outlined above, despite all falling under the umbrella of “blockchain,” these networks have very different ways of establishing consensus, creating blocks, and executing code.
A brief recap and slight oversimplification may be helpful here:
If you are looking for token or financial exchanges, and can handle heavy computation costs, a proof-of-work network is probably best suited for you.
If you are looking for a trustworthy way to broker deals and execute code when certain conditions are met — “if this, then that” — then a smart contract network is your best bet.
If you are looking to create a solution that needs to be highly visible to anyone, but exclusive about who can write to the network — such as anyone being able to check an ID but very few being able to create one — then a public-permissioned network will meet your needs nicely.
Need something free that meets credential holder needs and you don’t care about issuing capabilities? Did:peer could be an option for you.
Lastly, if high availability and infrastructure diversity are not major concerns, you might be able to use did:web.
This technology is new and highly nuanced. If you aren’t completely sure which network will be best for you, figuring it out before you start building can help you avoid costly mistakes.
Indicio can personally attest to the effectiveness and ease of Hyperledger Indy networks. Indicio uses them across our products and services, and If you are interested in building an ecosystem for the secure exchange of identity information, these networks are custom built with your use cases in mind.
If you have questions on how to get started, or have an idea for a solution of your own, our team is happy to help, you can get in touch here.