Imagine ordering a powerful new pneumatic nail gun. You aren’t a roofer; you bought it mostly as a toy because you like power tools. The first thing you would do after unpackaging it is start looking around for things to nail and nail you would: walls, your workbench, walls, boards, and walls. You have a new toy- a new technology- and you want to use it wherever you can justify using it.
Seven years ago blockchains were invented as part of Bitcoin. For year one, almost no one knew the project existed. In year two, people learned how to make use of the currency. During year three, people started using a different blockchain, Namecoin, to hold domain name information in a system which was academically interesting but not widely used. Since then people have started trying to hold all kinds of things in blockchains: deeds, contracts, and all sorts of documents. On the outside, it sounds sensible: a censor-proof fully distributed persistent data storage system.
An Organization Finds a Fun Power Tool
Last week DARPA, the U.S. Defense Department’s Advanced Research Projects Agency, put out a request for prototypes for a secure messaging platform. Potential participants are tasked with creation of a platform which uses “a decentralized messaging backbone to allow anyone anywhere the ability to send a secure message or conduct other transactions across multiple channels traceable in a decentralized ledger.” In particular, they want a blockchain. It’s rare that DARPA demonstrates much misunderstanding of new technology but this RFP makes it clear that DARPA has jumped on the “Just use a blockchain!” bandwagon without regard to their huge downsides. DARPA has found a nail gun and by God, it wants to use it.
The problem is that blockchains are bad at storing data. They aren’t even intended to be a data storage system- they’re a consensus mechanism and that’s it. A consensus mechanism is a way for a bunch of entities who don’t trust each other to come to a consensus about the order of events. An event may be the transfer of money or the creation of a document. Everything else that DARPA wants, blockchains cannot do. They want a system where “Regulators with access to the ledger [can] read the correspondence and thus easily verify that a transaction didn’t violate Federal Acquisition Regulations,” despite the fact that blockchains will not help with access control nor will they help to guarantee transparency. If officials and contractors don’t want a contract to be stored where regulators will review it, blockchains will not help.
DARPA wants a system to work such that “Troops on the ground in denied communications environments would have a way to securely communicate back to HQ,” despite the fact that blockchains by themselves aren’t encrypted and do nothing to help you if you have no way to communicate already. Encryption and the other features DARPA wants could certainly be layered on top but then the blockchain only serves one purpose: decentralization. According to the document, decentralization comes with two benefits: security and cost.
Two problems: Blockchains don’t secure data and they are very expensive.
“Legacy messaging and backoffice infrastructures, traditionally based on centralized, unencrypted hub-and spoke database architecture,” the document states, “are expensive, inefficient, brittle and subject to cyber attack.” Except concerning cyber attacks which I will address later, this is wrong. Centralized infrastructures are vastly cheaper and more efficient than any known decentralized system. In Amazon’s cloud, AWS, renting a pair of redundant medium-sized database servers, 100 GB of storage, 5 medium sized communication servers, and a load balancer costs $2800 per year . That comes with a base performance of 300 input/output operations per second with the ability to burst if needed. In ClearChat, when one person sends a message to three people in a group, our server must do 15 database operations including the work for acknowledgments so this server setup could handle 20 messages and small files per second or 631 million per year. That’s 0.4 cents per 1000 messages. Bitcoin, on the other hand, costs about $8 per transaction, or 1.8 million times more.
The Cheaper Option
“So what?” you might ask. “Maybe the benefits are worth being 1.8 million times more expensive. Or maybe we can make a cheaper blockchain.” We can actually. Bitcoin is expensive, ultimately, because a lot of useless work is done when adding blocks to the blockchain. But this work is self-imposed- a trade-off for not having to trust anyone. But if there is a central agency, like the DoD, who packages messages and documents into blocks and adds them to their own blockchain without doing any useless work, we could allow and accept that simply because we trust DoD. They could achieve redundancy by doing this in five different data centers so that if one goes down the others can continue on just fine. But if we go this far then what is the point of using a blockchain? Why not just have DoD store messages and files, along with a time-stamp, in redundant databases that they control and from which they refuse to delete data? This would be much simpler, more flexible, and would achieve all of the same goals.
As for using blockchains to achieve cyber-security, there is nothing more secure about blockchains over a simpler append-only database. Ultimately you aren’t trusting the blockchain or database to keep your information secret- you trust your own end-to-end encryption. Companies and government should do what we’ve done: a centralized service with redundant hot servers and databases spread out across the country and protect people’s information using end-to-end encryption. Ultimately this is the inevitable outcome for DARPA’s latest challenge.
- MySQL database server: t2.medium multi-availability-zone: $795 / year.
Storage: $0.230 per GB-month (SSD) x 100 GB x 1 year = $276 / year. This includes a base performance of 300 input/output operations per second but can burst much higher if needed.
Servers: t2.medium EC2 instances (2 vCPUs with 4 GiB of memory each) x 5: $1510 / year.
Load balancer: $0.025 / hour = $220 / year.