Don't believe the blockchain hype: Examining the weaknesses and risks

Blockchain, the platform underlying Bitcoin, is often described as 'inherently secure'. A new report reveals that it's far from ironclad.
Written by Chris Kanaracus, Contributor

Few if any technologies have been covered as breathlessly by the media in recent years as blockchain, the underlying platform for the Bitcoin digital currency.

Blockchain's adherents -- which include a rapidly growing number of government entities, financial services firms and software startups -- have done little to quell the exuberance, seeing the technology as something that can power new types of applications for identity management, health records and other areas.

That's a problem, since in its current state of maturity, blockchain has significant weaknesses and limitations, as Constellation Research VP and principal analyst Steve Wilson writes in an new in-depth report, "Beyond the Hype: Understanding the Weak Links in the Blockchain":

Blockchain was designed specifically for one main goal: preventing the "double spend" of electronic coins, without a central authority. Yet few of the mooted use cases are vulnerable to double spend or anything analogous. At the same time, many important security objectives are not provided by blockchain at all. Thus, blockchain is neither necessary nor sufficient for many of its suggested applications; in practice it's massively over-engineered, or incomplete, or both.

Speed Is Relative

Wilson's report provides a detailed history and technical overview of blockchain, and then dives into a discussion of its limitations, which don't get much attention in the general media discussion. For example, the digital ledger blockchain provides is thought to be speedy, and it is compared to inter-bank settlements, Wilson notes:

But individual Bitcoin transactions are paradoxically slow by consumer payments standards. Nothing on the blockchain is finalized until the new chain and its hash value have been calculated and agreed to by the network (because in the meantime, there might be an attempted double spend).

The exact time is unpredictable; at present, 13 percent of transactions can take longer than 20 minutes, and 0.25 percent longer than an hour. This delay creates problems in some retail payments settings; for example, a hotel that accepts Bitcoin might find a payment blocked 10 or 20 minutes after the guest checks out.

More important for purposes beyond crypto-currency, the delay reaching consensus opens up windows of opportunity for the system to be gamed by miners behaving badly. And it's problematic for any identity management applications when resolution often needs to be immediate.

Blockchain and Security: There's Room for Improvement

Another commonly held view of blockchain is that it's inherently secure. While blockchain has some trappings of security, it's far from complete and ironclad, as Wilson writes:

Classically, security is a blend of confidentiality, availability and integrity, or "C-I-A". Blockchain offers lots of "A" and "C" (though the confidentiality is fragile). But its integrity comes with fine print. Once committed to the blockchain, transactions are indeed immutable, but the veracity of each entry rests on who controls the private key of each account.

Blockchain Could Be Just the Beginning

While blockchain and Bitcoin have their limitations at present, that's not to say they haven't already had a genuinely positive impact on the world, Wilson notes.

Academics argue about its true originality, but Bitcoin and the blockchain may be regarded as the first practical solution to the longstanding double-spend problem in electronic cash. Here we have the latest example of a wondrous pattern in applied mathematics. Conundrums widely accepted as unsolvable are, in fact, solved quite often, after which frenetic periods of innovation can follow. The first surprise solution is typically inefficient but can inspire fresh thinking and lead to more polished methods.

Bitcoin likewise has already spurred dozens of new digital currencies, with different approaches to ledgers and arbitration, and different ambitions, too.

Wilson's full report goes into much greater detail on blockchain's present and future, and provides prescriptive advice for enterprises considering an investment in technologies derived from it. An excerpt is available to download at this link.

Chris Kanaracus is Managing Editor of Constellation Insights. Steve Wilson, author of the report "Beyond the Hype: Understanding the Weak Links in the Blockchain"is Vice President and Principal Analyst at Constellation Research.

Editorial standards