A few questions about "the blockchain"
January 9, 2018 4:39 PM   Subscribe

"The blockchain" is getting bounced around at my work a bit as a solution for a problem we don't actually have. I personally don't understand it and am looking for some assistance.

I've read a bunch of material on "the blockchain" and have watched a number of videos on the thing, and while I get it in a rough sense, I don't "get it" get it.

It seems to me like it is, in essence, a distributed database that can only have records added to it, and nothing changed. It's also apparently meant to be completely open and visible so that people can see what has gone before.


1) Is the blockchain (whichever blockchain) just one big file? Or is each "block" distributed wherever, and "chained" to previous blocks via essentially a newer version of a TCP/IP header/footer?

1a) If the first, how could a single file with anticipated millions of transactions a second even be stored anywhere? Servers would melt through the floor.

1b) If the second, how is that secure?

2) It is touted as the most secure thing that was ever secured, but could somebody not simply lie in their "block"? One example in one of the many videos I watched - which I admit I have fixated on, perhaps detrimentally, while missing the bigger picture - talked about the origin of "free trade" coffee, and how it can somehow magically be verified by the blockchain. But if I was a dodgy free trade coffee manufacturer, I would simply lie at the outset ("Yes, this stuff is totally legit. Upload!"), and that would ruin the blockchain...wouldn't it?

3) If it is open and transparent, how is that secure? If it is truly secure, how can it be open and transparent?

I apologise, I am probably coming off like the world's biggest doofus, but even the Wikipedia article basically talks about what blockchain DOES (or is predicted to do) rather than what it IS. I guess I am stuck in my old Windows network administration thought patterns, and I am desperately hoping for an "aha!" that will make it clear to me.

(To demonstrate my openness about being a doofus, when I was fifteen I sent a paper letter to a PC magazine asking if a 100MB hard drive full of data would weigh more than a 100MB hard drive that had been freshly formatted. The rest of my life has been just winging it.)

Thanks in advance.
posted by turbid dahlia to Technology (14 answers total) 36 users marked this as a favorite
I just came across yet another vid that is actually helping me a lot, here, but now it's introduced a new problem to my mind, which is the idea of a "proof-of-work" for block hashes, which apparently can take up to 10 minutes - this seems ridiculously inefficient. Oh god.
posted by turbid dahlia at 4:50 PM on January 9, 2018

I've seen complaints that the Bitcoin can only clear a few transactions a minute, so the built in inefficiency is definitely a thing.
posted by COD at 5:05 PM on January 9, 2018

No, the blockchain is not just one big file. You could store it on your computer as one big file, but that's true of just about anything. The blockchain is a list of records, each one pointing to the previous one.

I definitely have some details wrong here, but I'm going to go for it. Wish me luck.

By design the blockchain is very hard to modify. Each block points to the previous block and has a "hash" (a sort of fingerprint) of the previous block's contents. If someone tries to create a new version of that previous block then you'll be able to tell, because the hash won't match. So once a block is added to the blockchain, you can't really change it.

"But wait", you say, "What if someone modifies the previous block *and* the block after it? What then?". First, making new blocks is hard. For most blockchains you have to solve a sort of puzzle (that's "proof of work") and this is very, very hard to do and takes a lot of time. You can't just whip out a bunch of new blocks. This is important because in the event that there are two potentially valid block chains, the longer one wins. Imagine that we have A->B->C->D and I want to alter B. I can do that by creating a new chain A->B' and telling everyone "this is the chain", but the other chain still exists and is longer, so everyone will ignore me. If I could create a C', D', and E' then I'd have the longest chain and would win, but creating blocks is really hard and that would be essentially impossible.

I might be able to create a new D' and that's possible, but other people are working on creating E and given that it's all of them vs. me, they will probably be first and I'll still have the shorter blockchain.

How does your computer find the blocks out there? Uhhh, tbh, I'm not sure. I think it has a list of machines that comprise the blockchain network and you all sort of exchange blocks and you find the latest that way.

What happens if you lie in your block?

For bitcoin, that can't happen because if I send coins to you, that requires me, the owner of the coins, to sign the transaction. You can't fake a transaction from me, because you can't sign the transaction as me. You can sign it as you, but that's not good enough. If I'm giving you coins, the world wants to see my signature.

The Fair Trade example works on the blockchain much as it works in real life. You wouldn't trust the coffee grower to certify their own coffee; you expect a Fair Trade authority to do so. They certify the coffee and add that certificate to the blockchain ("Batch 1234 from XYZ is Fair Trade compliant, so say I, FairTrade Authority #33").

What "proof of work" is and how you "sign" stuff and how "hashes" work are more general CS concepts and not directly related to the blockchain. Wikipedia covers all of these if you are interested. Actually, Wikipedia covers blockchains as well.

Note that a lot of people are really super into blockchain technology as a way to change the world and see it as a solution to all problems, even if the problems don't really exist or the problems exist but don't really need a decentralized ledger. This does not dissuade them.
posted by It's Never Lurgi at 5:08 PM on January 9, 2018 [11 favorites]

This is a decent and concise explainer. Here are a bunch more.

And this might be the Free Trade coffee thing you were talking about. If it is, then it's not much to do with blockchain as much as automatic sorting and prepayment for coffee beans.

A blockchain doesn't ensure you don't lie, but it ensures that (for example) user A sent amount Y to user B, and user A's balance had amount X >= Y at the time, and that A gets Y withdrawn and B gets Y credited.

And yeah, the entire blockchain is present on each server. The servers don't trust each other, that's the whole point, so they each have to validate each transaction block and update everyone's account balance. This is a big reason Bitcoin has scaling problems. Here's some ideas how this might get fixed.
posted by RobotVoodooPower at 5:50 PM on January 9, 2018 [1 favorite]

I think this video by 3blue1brown, who runs an educational YouTube channel and is extremely well-regarded for his ability to present abstract math concepts in a very intuitive and accessible way, is a great in-depth explanation of how the trust aspects of blockchains work, as well as how new transaction records are added and vetted.

For what it's worth (and I guess I should note here that I'm pretty bearish on cryptocurrencies and the hype around blockchains in general), whatever the problem is, I think the chances are overwhelmingly in favor of you being right that a blockchain is not a necessary or optimal solution to it.
posted by invitapriore at 6:18 PM on January 9, 2018 [1 favorite]

(To demonstrate my openness about being a doofus, when I was fifteen I sent a paper letter to a PC magazine asking if a 100MB hard drive full of data would weigh more than a 100MB hard drive that had been freshly formatted. The rest of my life has been just winging it.)

That's not a stupid question and the answer is yes.

Pretty much It's Never Lurgi has the answer.

Off the top of my head, blockchain could be applied to things like identity verification and "trust" of individuals with zero-knowledge proof, smart contracts, and just variety of practical things that non-idiots of my acquaintance are interested in.

If you are actually interested in verifying the authenticity of free trade coffee, you would have the actual coffee physically verified by the blockchain, somehow? In an IoT sort of way? Uhhhh. I want to dismiss that as completely daft, but my intuition tells me it's not daft in principle. But if they actually wanted to implement in any way that makes practical sense it they would have to push the state of the art a lot further than it is now. [probably. all this is just off the top of my head]

It's late and I'm tired and now you're making me lie awake thinking of ways to verify free trade coffee using blockchain and IoT. why are you doing this to me
posted by tel3path at 6:40 PM on January 9, 2018 [1 favorite]

Computer scientist here: I don’t have anything to add to the descriptions of what a blockchain actually is here - the other descriptions are all very good - but I just want to chine in and say that A. blockchains are an extremely useful and valid technology for a certain small set of problems, and B. 95% of the stuff that people hype up as being blockchain-related does not remotely fall in to that certain small set.

The rule of thumb is this: if you are in a situation where you need to be able to agree with a group of other entities that given data is correct, AND none of you are willing to trust a centralized third party to certify that information, AND you’re willing to make trade-offs in terms of efficiency and speed (and, relatedly, power and memory consumption) then a blockchain is a good fit for you. Otherwise, there’s almost definitely a more traditional solution that’s a better fit for you.
posted by Itaxpica at 6:43 PM on January 9, 2018 [10 favorites]

As an example, one potentially legitimately useful case for blockchains is in DNS servers, the piece of internet infrastructure that makes it so that when you type, say, wellsfargo.com in to your browser you’re sent to your bank and not some shady Russian operation pretending to be your bank to steal your credentials. Right now that requires relying on a small set of services that you basically have to trust on their word, and if they’re compromised then all hell breaks loose (though other pieces of internet architecture can mitigate that). By using blockchain-based DNS resolution, you have a public, auditable record of which websites are what, making attacks significantly harder. The major barrier to this currently is the performance issues mentioned above, though there are ways to minimize that impact through clever blockchain design techniques, and as computing power increases that will be less and less of a bottleneck.
posted by Itaxpica at 6:50 PM on January 9, 2018 [1 favorite]

1a) If the first, how could a single file with anticipated millions of transactions a second even be stored anywhere? Servers would melt through the floor.

Millions of transactions per second might be submitted to the peer-to-peer network, but in practice the rate at which they actually get recorded and confirmed is much less. Bitcoin for instance averages around 7 transactions per second.

I just want to comment and say your intuition seems pretty good, you hit right on a lot of the problems with the technology. Like yeah it can't actually say anything about physical reality, so you could just lie about your coffee at the source.

I feel confident saying your company doesn't need a blockchain.
posted by vogon_poet at 10:54 PM on January 9, 2018

I would take Itaxpica’s numbers and up them by a factor of 10-100. 99.9% of Blockchain advocacy is fanciful hype generated by people hopping on the latest bandwagon in the hope of making a fast buck.

The problem blockchain serves is almost entirely restricted to crypto-currencies. /Every/ other use case I have seen proposed is could be served by an ordinary database of some description, either run by the participants or by a trusted third party, often a joint venture set up by the participants.

Anyway, to answer your questions:

1) It’s a file. Or a set of files, each matching a chunk in the blockchain. Or some other representation. The on-disk format doesn't really matter: what you download when you grab 'the blockchain' is a big compressed file.

1b) Security is guaranteed via the chain of block hashes: "miners" compete to compute a hash value of the combination of the current block + the hash of the previous block + a random salt (this is the bit that makes the "chain") and the first to get a value below a chosen threshold 'wins' the race to approve the next block in the chain. The system is set up to alter this threshold so that the time it takes to find the next block is roughly constant (about 10 minutes in the case of BTC) regardless of the available hashing capacity.

You can't alter past blocks without altering the hashes of all the subsequent blocks, so once the chain has been extended 'sufficiently' (where sufficiently varies by your level of paranoia) beyond the block your transaction is in, your transaction becomes effectively immutable. (subject to a few caveats - see below)

2) Absolutely. There’s nothing in the blockchain that can guarantee anything outside of it in the physical world.

3) Security arises from the difficulty in changing it: if you want to alter a past block, you have to change the block, and then rebuild the hashes of all the subsequent blocks (because they’ve all changed), finding hashes for every single one that are below the current work threshold. This takes time + energy, and all the while the rest of the miners are busily working away extending the original chain - unless you can hash faster than the rest of the network you’re never going to catch up (this is the famed 51% attack, although in reality a miner with 25% of the pool of work could profit from occasional double spending.)

This is all very neat & got a lot of cyberpunk nerds very excited back in the day, but the reality of how things work in the real world (i.e. increasing returns to scale & centralisation) means that BitCoin mining capacity has become centralised to just a few mining pools, any of which could successfully subvert the BTC blockchain in the short term if they chose & if any two colluded would (IIRC) be able to double-spend & refuse arbitrary transactions. The same is also happening to other crypto-currency blockchains, albeit at a slower rate.

As vogon says, your company almost certainly doesn't need a blockchain. Some other crypographically authenticated database? Sure, maybe. But not blockchains. Just keep asking awkward questions of blockchain boosters until they go away.
posted by pharm at 12:59 AM on January 10, 2018 [3 favorites]

how could a single file with anticipated millions of transactions a second even be stored anywhere? Servers would melt through the floor.

They can't, and servers do melt through the floor. Bitcoin notoriously can only handle about 5-10 transactions per second and a lot of the current gyrations in the currency can be traced to that bottleneck. (For comparison; credit card networks process roughly 3000 tps).

Blockchain is the new magic beans. It's an interesting technology and has some interesting and novel uses, but it does not solve all problems. To a first approximation it's just a transaction journal. The new part is it's able to be maintained by parties that don't entirely trust each other.

You might want to give a shot at reading the original Bitcoin paper. It's very well written and describes the basic concepts of how the blockchain works.
posted by Nelson at 7:48 AM on January 10, 2018 [4 favorites]

Book rec: Attack of the 50 Foot Blockchain
posted by hleehowon at 9:56 AM on January 10, 2018 [2 favorites]

The problem blockchain serves is almost entirely restricted to crypto-currencies. /Every/ other use case I have seen proposed is could be served by an ordinary database of some description, either run by the participants or by a trusted third party, often a joint venture set up by the participants.

Yep, exactly this. Blockchains are an incredible social/technical innovation of incentivizing agreement in a distributed ledger. This is very useful for recording monetary transactions. They're horrible general databases though.

You can overcome a lot of the inefficiencies of blockchains if you trust the nodes in the network, but if you're able to do that, there's not a whole lot of value in using a blockchain to start with.
posted by so fucking future at 10:21 AM on January 10, 2018 [2 favorites]

Attack of the 50 Foot Blockchain by the inestimable David Gerard.
posted by pharm at 1:21 PM on January 10, 2018

« Older Women's style icons and inspiration for women who...   |   Help choose a sewing machine for this construction... Newer »
This thread is closed to new comments.