City A.M.: “Approach Blockchain with Caution” — as text

Here’s the published text of my article “Approach Blockchain with Caution,” from last week’s City A.M. Crypto Insider section.



Approach Blockchain with caution

There’s tremendous excitement around “blockchain.” But what’s the substance?

“Blockchain” is a hugely popular buzzword. There’s all manner of promises being made — how good would it be if your business could get some or all of those!

Beware the realities, though — there are good and useful parts of blockchain, but there’s a lot of hype.

The promises

Blockchain originated in Bitcoin, the first cryptocurrency, in 2009. Bitcoin made a series of promises — decentralised, secured against bad actors, immutable and incorruptible, fast and free.

By about 2015, most of these had failed — mining (Bitcoin creation) is centralised, the blockchain is secure but the ecosystem is prey to the ill-intentioned, transactions are clogged.

But that list of promises will look familiar — because the consultants selling “blockchain” took that list of promises, and claimed their new thing would do all of them … whether it could or not.

Remember: if it sounds too good to be true — it is.

The good bit: The ledger

The useful part is the append-only ledger. This is just like a paper account book that you can only add new lines to — you can’t cross out old ones. This is a “Merkle tree,” invented in 1979. It’s a ledger you can only add to, and if you try to alter the past it’s immediately evident.

The Merkle tree has been widely used since — but it’s got a new lease of life being promoted under the name “blockchain.”

The new part of Bitcoin was a consensus mechanism — to decide who was allowed to add new lines to the ledger. Bitcoin’s inventor, Satoshi Nakamoto, wanted a completely automatic mechanism, with no central controller. So mining works by a lottery — computers guess numbers trillions of times a second, and one winning number comes up every ten minutes. The more computers you run, the more lottery tickets you can print. So bitcoin mining uses more and more electricity all the time, to stay in the same place.

For business use, this would be ridiculously wasteful. You would also usually not want to put your back-office onto the Internet. So business blockchains are set up with known participants, and the consensus mechanism is some variant on just taking turns.

So practical business blockchains are a variety of distributed database. It’s often slower, but highly robust and redundant.

Smart contracts

A “smart contract” is not a contract — it’s a jargon term for “computer program” — one designed to trigger when certain conditions are met on its blockchain.

Blockchain pitches often include a diagram of the system, where the hard bit is done by a box marked “smart contract.” They’re just saying “we do it with computers,” but more impressively.

Smart contracts are hard to program and hard to debug — the idea is that they are immutable, which means that bugs are much more difficult to fix.

This is very trepidatious when you’re dealing with money. Some people have lost hundreds of millions of dollars on Ethereum to smart contract bugs — including Dr. Gavin Wood, who wrote the Ethereum protocol design, when his startup Parity had a minor bug in their Ethereum wallet software last November. Even he couldn’t do smart contracts well enough not to lose millions.

Smart contracts are also slow — the price of being highly distributed. Vitalik Buterin, the inventor of Ethereum compares a smart contract’s computing power to “a smartphone from 1999.” It won’t replace your back-office systems.


The GDPR is anathema to blockchains. Never put Personal Data into a blockchain! You’ll have a very painful time performing redaction.

Any blockchain use case that involves Personal Data on the blockchain is asking for trouble — avoid.

But where’s the magic?

You might think — but where are the magical promises in that? What will automatically give me trustless perfection? What will process my data for free?

The answer is, of course — magic doesn’t happen. But business reality can. Many claimed blockchain use cases have no working examples — there’s furious confusion of “could” and “is.” There’s no smoke without fire — but there’s a lot of fog machines.

Ask your blockchain salesman to produce working examples of every single promise. Not a pilot programme he heard of — but checkable examples, that do in fact check out.

Do they sound pie-in-the-sky? Or does this sound like an ordinary, mundane IT project? That second one’s what you want — someone reality-based, and matter-of-fact.

If they say “but imagine predicting Facebook in 1993!” then show them the door.

But a system based on the append-only ledger can do good work. If it’s marketed as “blockchain,” that’s an outcome we can work with.

David Gerard is the author of the book Attack of the 50 Foot Blockchain — Bitcoin, Blockchain, Ethereum and Smart Contracts, and the news blog of the same name.

Become a Patron!

Your subscriptions keep this site going. Sign up today!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.