The document discusses the impact, challenges, and risks associated with blockchain technology, emphasizing its potential to improve data integrity, reduce fraud, and reform financial systems while presenting advantages like trustless transactions and automation through smart contracts. However, it also highlights significant challenges such as scalability, privacy limitations, verification and governance issues, and the risks associated with irrevocability and the lack of regulation. The conclusion urges caution and optimism regarding blockchain's future applications, suggesting that substantial technological advancements are still necessary before widespread adoption.

1. Srinath Perera
VP Research, WSO2
( srinath@wso2.com)
Blockchain, Impact, Challenges,
and Risks

2. Trust
The highest reach of
civilization is a seamless
system of trust among all
parties concerned.
— Charlie Munger
!2
Such a world needs does
not need government,
police, banks, ..
Blockchain: Massively Simplified
https://www.youtube.com/watch?
v=k53LUZxUF50

3. What is Blockchain?
• Hashchain - immutable if the last block is secure
• Consensus algorithm ( Proof of work for bitcoin) makes first block secure
• Owning a block get you bitcoins
• Solve a hash to own a block
• Promise of block keeps participants
!3

4. Case Study: IAM
• You create a key pair, register
it, and demonstrate that you
own certain sites, accounts
• Governments and
organizations issue verifiable
claims (e.g. NIC, University,
Your employer, Birth register)
• Claims and identity is
registered in blockchain
!4

5. What does this mean for Cyber Security?
• Improve data Integrity and sharing
(e.g. One person can’t override)
• Embed Security and Privacy logic into
Access Protocols
• Less paperwork, tamperproof
• Reduce operational and processing
costs ( removing people in the path)
• Reduce Fraud
• Enable tracking (e.g. we can decide to
track public spending)
!5

6. Impact: Ledgers of Roles and Asserts
• Governments and organizations maintain ledgers
of identity, ownership, status, and Authority.(e.g.,
education, citizenship, right to travel, taxation
obligations, social security entitlements, and
property ownership).
• Blockchain can replace them
• Reduce Paperwork. (e.g. among examples of
records are education records, birth, and death
certificates, and Criminal records)
• Track public spending and trade money
• Reducing fraud, improve security and improve
agility.
!6

7. Impact:Lightweight Financial System
• Remove intermediaries or make current
models efficient and secure.
• mortgages, loans, escrow, crowdfunding,
widely accepted gift cards, loyalty points
and local currencies.
• Offer efficient and cheap micropayments.
Enable many who are currently disconnected
from banking systems due to costs. ( **
challenged due to high bitcoin costs)
• Disaggregate and enable many new business
models
!7

8. Impact:Smart Contracts
• Automatic Execution - e.g. upon a missed payment, the car
automatically locks and returns the control to the lender.
• Trustless transactions (e.g. escrow, hedges)
• Furthermore, due to the reduction of costs, smart contracts
would enable complex financial instruments to a wider audience.
!8

9. Impact: New Internet
• Recent algorithm changes by Facebook and governments surveillance bills
• Some sees blockchain as future of internet and by extension democracy
- A decentralized DNS services, routing, and other internet services
- A global identity that is safe and decentralizedA global Reputation that
is safe and decentralized
!9

10. Few More
• Disintermediation - shared database
• Provenance - tracking
• Initial Coin Offerings (ICO) - raising money
• Autonomous echo systems/ marketplace - e.g.
decentralized amazon, eBay
• Voting
• Healthcare - track medication, prescription management
!10

11. Challenges: Speed, Storage, Consensus
• 8 minutes for transaction and about 2-3
transactions per second, but needs >
100k throughput
• Full history about 2BG and increasing
exponentially and getting worse (e.g.
forestall IoT nodes)
• Unsustainable consensus mechanisms -
bitcoin energy consumption, if
considered as a country, would be 39th
in the world and higher than Australia.
• Mining Pools - collaborative mining
!11

12. Challenges: Limited Privacy
• Only provides pseudo anonymization
• By analyzing the transaction graph and
related other information, it is often
possible to link users to transactions.
• Once one transaction is linked to a
user, all transactions become known.
• Since transaction data are public or
shared, this means blockchain is riskier
than using a credit card in terms of
privacy.
!12

13. Challenges: Verification & Governance
• Lack of methods to verify and limit risks
• Harder to break in, but can do more damage inside
• Solutions: formal verification, testing and
simulation, support for undo or bounded effects,
and put human in the loop.
• Lack of governance and standards
• How to evolve the blockchain, when to fork, what
is the process to accept a fork, how to handle
human errors, how to verify?
• Solutions themselves must be decentralized not
to undermine the goals .
!13

14. Challenges: Grand Impact
• We need to understand the economics,
social, and political side effects of the
blockchain.
• For example, blockchain may enable
chap voting, enabling us even replace
representative democracy with direct
democracy. However, we do not
know whether that will be a good
thing or a bad thing.
• Is inflation free currency a good thing
• Is global currency a good thing?
!14

15. Risk: Irrevocability
• For example, if a credit card is lost or bank
account is hacked, money can often be traced,
found, and returned. With blockchain, if you loose
your keys you can loose everything.
• Most systems such as marketplaces, platforms,
internet are complex systems. Complex systems
( hard to analyze) and Irrevocability are poisoned
combination.
• Fixing them via forks is risker
• Moreover, automation and irrevocability is a
poisoned combination.
!15

16. Risks: Missing Regulator
• Markets work only if it is fair ( As per Adam Smith)
• E.g. Stock market oversight, Pyramid schemes.
• Controlling hate speech, bias, targeted attacks, etc.
• there is no one to hold accountable.
• Malicous injection of bias other behaviours ( hard to verify updates)
!16

17. Future
• Impact is significant
• Tradeoffs: making it harder to breaking
vs. increasing the potential damage
• Technology is not ready expect for
limited use cases
• Lot of investments, I believe it will take
5-10 years more
• Can it sustain effort?
• Do we really need deceterlization?
!17

18. Conclusion
• Risky, high payback
• Be cautiously optimistic, but make sure technology is ready
for your use case
• Be careful at deployment
!18