It is common knowledge that Blockchains and other Distributed Ledger Technologies (together "DLT") are still in their infancy for mainstream commercial transactions. However, as use-cases have evolved from speculative interest into real-life applications their potential for automating (in part or full) many contractual arrangements is clear. Recent developments in providing additional confidentiality over data and connectivity between blockchains also point towards public platforms becoming more user-friendly for commercial transactions.
Some of the caution in respect of DLT, and more particularly its application in the commercial world arises out of its innate transparency and co-dependency. Transactions on a DLT platform are verified and approved by a network of decentralised users, each relying on the other to provide sufficient information to activate key triggers and allowing the chain of hashes into blocks. This marks a step-change from traditional contractual arrangements which often require dual- or third-party verification or unwieldly paper counterparts.
However, many commercial entities are, understandably cautious about entering into transactions on a platform which is innately open and decentralised and predicated on transparency. This is to all but, the most evangelical proponents of decentralisation an obvious hindrance; hence the recent proliferation of bespoke blockchain platforms which are either private or utilise open platforms, but in a segregated (permissioned) manner. We have identified these as the most likely route for commercial transactions. Conversely, the cost and time involved in establishing such arrangements (which in our experience are difficult to construct for "off the peg" use) complied with the obvious risk of system incompatibility, are barriers to the benefits of scale and more widespread industry usage on a truly decentralised, multiparty and transformative basis. Two recent innovations in the fast-evolving blockchain space offer solutions to this dichotomy and should assist in a stride forward for the technology.
First: Zero Knowledge Proof systems ("ZKPs")
These tools provide greatly enhanced protection of the privacy of a user. Essentially ZKP's provide the requisite data for a transaction, but in a manner which reveals no more information than that which is essential to allow a third party to verify the validity of the data provided. The classic example of a non-computing ZPK is given in Wikipedia:
- Imagine your friend is colour-blind and you have two balls: one red and one green, but otherwise identical.
- To your friend they seem completely identical and he is sceptical that they are actually distinguishable.
- You want to prove to him they are in fact differently-coloured, but nothing else, thus you do not reveal which one is the red and which is the green.
- Here is the proof system. You give the two balls to your friend and he puts them behind his back.
- Next, he gets one of the balls and brings it out from behind his back. From now on he will always put the ball behind his back and with probability 50% he will reveal one of the two balls. Each time he will ask you, "Did I switch the ball?"
- By looking at their colours, you can, of course, say with certainty whether or not he switched them. On the other hand, if they were the same colour and hence indistinguishable, there is no way you could guess correctly with probability higher than 50%.
- If you and your friend repeat this "proof" multiple times (e.g. 128), your friend should become convinced ("completeness") that the balls are indeed differently coloured; otherwise, the probability that you would have randomly succeeded at identifying all the switch/non-switches is close to zero ("soundness").
The above proof is "zero-knowledge" because your friend never learns which ball is green and which is red; indeed, he gains no knowledge about how to distinguish the balls.
This principle can be applied on a cryptographic basis so that the relevant pocket or pockets of data can be encrypted and service providers won't have knowledge of the data shared on their servers. ZPKs allow for segregated data to be used and thus are compatible with a commercial transaction being conducted on a public blockchain, resulting in true protection of private data.
Second: Routers which connect different blockchains
We have in the past used an analogy of emerging rail technology in the 19th Century to identify the role of DLT as an enabling technology. DLT can be the "rails" or network on which smart contracts and other applications are hosted. Yet the use of private or permissioned blockchains, on the one hand, essential to its real-world usage, on the other, can inhibit development. Just as Tsarist Russia found to its cost in the early 19th Century that the use of a different rail gauge limited its ability to transport its good (and soldiers) outside of its borders so a proliferation of private DLTs would inhibit the development of the technology's transformational potential.
Routers offer a solution to this impasse by allowing connectivity between different blockchains. Appropriate security is essential as each connection point allows a potential route for the ingress and egress of data. However, if that concern can be resolved then interconnectivity allows an environment in which decentralisation is possible and without the need for a common or standard blockchain.
As both ZPKs and routers are capable of being tailored for different platforms they can be customised to act both as gateways and filters: thus enabling connectivity, but also the potential for additional security for more sensitive data.
From a legal perspective we see a number of key considerations relevant to the use of these new tools in a Smart Contract environment:
- Confidence in digital identity
- Audit transparency
- KYC compliance
- Sanctions compliance visibility