Driven by data security concerns, a majority of financial institutions are now looking at so-called private or hybrid blockchains, rather than fully decentralized public blockchains (like the blockchain used for Bitcoin). These institutions voiced concerns with regards to the ‘public’ notion of the current blockchain technology, i.e. the fact that transactions – although encrypted and anonymized – are visible to virtually everybody with an internet connection and client software. The private and hybrid blockchain configurations that have emerged as a result promise to avoid this issue by keeping all operations within a secure internal network controlled by known participants.

 

A FUNDAMENTAL DECISION

The fundamental difference of a private blockchain is the fact that all of the participating network entities (or so-called nodes) are centrally controlled by one or multiple institutions. This way, the “trust” notion is automatically mitigated, as (1) no data is ever publicly exposed and (2) no external attacks in the traditional “51%” sense (i.e., the network being compromised by means of a group of participants controlling more than 51% of the network’s computing power) are possible, as all the blockchain validators are known. However, while such blockchains are faster (no proof-of-work consensus mechanism is required) and more easily controllable (e.g., transactions are reversible, balances can be modified), the fundamental trust guarantee disappears: when using a public blockchain, all transactions are considered immutable and cannot be modified, cancelled or revoked, given the so-called “proof-of-work” consensus mechanism. The power of this mechanism results from the fact that all blockchain entries are encrypted using cryptographic hash functions that require a tremendous amount of processing capacity (the Bitcoin network exceeded one quintillion hashes per second earlier this year). In private blockchains, however, such a mechanism of validation does not exist: any institutions running a private blockchain internally can alter its entries at any point, as all network nodes are centrally controlled. Thus, the strength of a distributed open ledger (i.e. a “public” blockchain) is its ability to provide protection from one single entity or power possessing such majority control over the network (and the record entries) by utilizing a fully distributed system with majority control.

Table I: Types of Blockchains

In other words, from a security standpoint, deploying a private blockchain is not different from being the system administrator for a major network: if someone gains access to the controlling key, then the entire network is exposed and corrupted.  The Bitcoin network, for example, requires a community agreement before a new block is confirmed or a new process can be implemented; if either action is done maliciously, the other network participants can choose to ignore the proposed changes, thus avoiding any harm. Private blockchains do not offer this protection by means of a distributed validation and protection mechanism.

 

THE ‘HYBRID’ COMPROMISE

A widespread assumption today is that a so-called hybrid blockchain, developed and deployed by leading group of participating financial institutions with a shared underlying data model, will prevail. Such a hybrid setup would incorporate aspects from both public and private systems. For example, the consensus process could be run by a number of pre-selected participants (e.g., a number of member institutions), jointly running a consensus mechanism. The network overall could be partially decentralized, e.g., by providing public read-access, allowing clients to verify transaction execution (assuming that they hold the corresponding key). In the U.S., the most promising initiative is led by a R3, a blockchain technology company representing a consortium of now 42 institutions in research and development of blockchain usage in the financial system.

For the financial sector, the deployment of some sort of hybrid blockchain appears likely. Financial institutions will have to define a standardized set of rules and processes to enable seamless collaboration by means of a hybrid blockchain. With such a system, the introduction of a proof-of-work mechanism is possible as well: participating institutions can “keep each other honest” by cross-validating blockchain entries (no single institution would control the ledger).

In addition, leaving the realm of finance, we believe that a significant amount of latent benefits can be realized by bringing synergies between different industries to fruition, going beyond the financial sector alone (e.g., in logistics). Such a shared infrastructure approach would likely require a public blockchain, and would be more focused on processes and execution – and less on transaction record keeping.

As of today, the blockchain industry is still in an embryonic phase. While we see a strict separation of public and private blockchains today, one could also imagine the emergence of cross-chain exchange layers connecting public and private blockchains – which would open up a variety of possibilities and enable many kinds of hybrid combinations of the underlying properties. The ideal solution preferable for a particular industry depends on specific use case requirements. In some instances, public is clearly better; in others, a degree of private control is required.