Blockchain technology is emerging to be a significant change in how we interact with information on the Internet, and it may be worth spending some time looking into what it is and, ultimately, how it may shape the work we do. For now, though, let’s define what blockchain technology is and what it is not.
First, it is not a cryptocurrency; it is not Bitcoin, though it is a necessary part of a Bitcoin transaction. According to Wikipedia, “a blockchain, originally block chain, is a continuously growing list of records, called blocks, which are linked and secured using cryptography.” To put it most succinctly, a blockchain is a secure distributed ledger system. It was developed by Satoshi Nakamoto to track Bitcoin transactions and provide security, transaction immutability (meaning, the transaction can’t be changed), public anonymity, and to provide a means of maintaining a single digital entity that cannot be copied. In addition, the data it contains is not located in a central server. There is no central database in a blockchain system, and therefore, there is no central authority over that data. Instead, the data in the blockchain is distributed; it is replicated to multiple nodes, each of which contains an exact copy of the blockchain data, the ledger, if you will.
The security of blockchain data is handled with math. Blockchain data is hashed. This is different from typical encryption which requires keys and can be unencrypted with those keys. Hashed data on the other hand, is of a fixed length and cannot be unencrypted, it can only be verified against the hash value generated. Brilliant.org states secure hashing algorithms: “are designed to be one-way functions, meaning that once they’re transformed into their respective hash values, it’s virtually impossible to transform them back into the original data.”
Hashing algorithms are often used to obscure passwords when storing them. The blockchain hash process includes the hash information from the previous, otherwise potentially unrelated, transaction. Robert Greenfield IV, writing for Medium, states, “Every block has, as its data, the hash of the previous block.” In other words, for a new transaction to be recorded in a blockchain, a previous transaction already within the blockchain is read, the hash data from the existing block is mathematically combined with the new data to be added, and then once confirmed, the new data is added to the blockchain.
The new block is mathematically tied to the last blockchain entry. This link is why the term “chain” is used to describe this technology, and it is this link that provides so much of blockchain technology’s security. If someone were to hack into a node to modify the data associated with a given transaction, the intended transaction would first need to be unhashed before any data could be changed or deleted but changing it would also require unhashing and changing the previous transaction as well, and the transaction before that, and the transaction before that, and so on. Further, hashed data calculations must be executed by a node and then confirmed by several other nodes before a new block of data can be added to the chain. This confirmation process prevents a single blockchain record from being modified as the change would not be confirmed by other nodes. According to Imran Bashir in his book Mastering Blockchain, this concept is called Consensus, and it “provides a means of agreeing to a single version of truth by all peers on the blockchain network.”
Currently the EU is investigating whether blockchain technology violates a new law called the General Data Protection Regulation (GDPR) which is set to go into effect in May. Among other things, this law provides for a user to request all of their personal data to be removed from an online source. Wikipedia, quoting the EU, states, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
Less certain is whether this includes encrypted data that cannot be read publicly, like that in a blockchain. According to EU lawyers Natalie Eichler and Thorsten Jansen in their article “Blockchain Data and Data Protection Law: When Anonymous Data Becomes Personal,” this situation gets murky when considering “a recipient of a transfer of this [blockchain] data, who would be able to use the additional source of information to identify the individual persons engaged in a blockchain transaction.”
As things stand today, if a record in a blockchain must be removed, a fork would need to be created from that record onward. This would then need to be confirmed by several nodes adopting the new fork, and then future transactions would continue on the new fork. It would be a very cumbersome, expensive, and challenging process. It is not yet clear how this situation will be resolved.
Hope this post has been helpful in understanding what blockchain is and isn’t. In future posts, we’ll look at how the EU is dealing with this possible conflict as well as existing and potential blockchain applications and some thoughts about testing blockchain applications.