Column

Blockchain? Probably Not.

Most of what you are being told about the future of blockchain in the legal profession is nonsense.

Don’t get me wrong. Blockchain is very cool. And I am the furthest thing from a luddite you will find in the legal profession. I’m a part-time LLM student at the University of Alberta Faculty of Law and Department of Computing Science studying the automation of legal reasoning. I’m an ABA Innovation Fellow for 2018/2019, writing open-source software to automate analogy to prior cases. I am an advocate for the adoption of technology in law.

So I’m enthusiastic about blockchain being adopted for the things that blockchain can actually do. But there is a lot of information out there, and most of it is wrong. Like really, really wrong.

I was invited to write something for Slaw.ca designed to help. So here’s my attempt at providing you, dear reader, with a blockchain BS detector.

. . .

Blockchain is the technology that powers digital currencies. That is the fundamental problem that it was designed to solve. The problem the developers of cryptocurrency faced was this: how do we let people who don’t know each other and don’t trust each other trade a single currency with anyone else, anywhere in the world, with no middle-man or government involved?

That’s a big problem. You need a digital currency that can’t be forged or stolen. That means there has to be a single authoritative record of who has how much of it. But to avoid central authorities, everyone needs a copy, and it needs to be independently verifiable in each place. Each person looking at the record needs to be able to satisfy themselves, without referring to any other authority, that the record is correct, and current. And it needs to be universally available, with no possibility that anyone can prevent anyone else from viewing it. Plus the currency has to come from somewhere.

. . .

Here is the shorthand of how blockchain solves that problem.

In order to record a new set of transactions (a “block”) on a blockchain, someone has to do something hard with their computer. The difficulty adjusts until on average it doesn’t happen for a set amount of time, regardless of how many people are trying. It is an encryption task that involves the current data, and the data being added. It is hard to do, but easy to undo. So when it happens, everyone else can quickly check to see that it is correct, and confirm it, and pass it along to everyone else. The contents can still be read, all the way back to the first transaction. The encryption allows you to verify, without asking anyone else, that the data is accurate. After a short while, it’s essentially impossibly complicated to change the data.

In order to motivate people to volunteer to do the hard work (for their computer) of encrypting the new data as it arrives, an amount of crypto currency comes into existence and is given directly to the person who successfully encrypts the new data. This is called “mining.”

A public blockchain can be set up for a specific purpose, like BitCoin, or it can be created for general use, like the Ethereum blockchain. Whether or not cryptocurrency is what you use blockchain for, the mining system process is what makes it possible to run a public blockchain.

A private blockchain can be entirely inside a single organization, or among a limited number of actors. In a private blockchain you can more or less ignore the tokens that are used as a reward for mining. Some purists object to the use of the term blockchain to describe these private networks, preferring to call them distributed verifiable ledgers, or some other similar term.

. . .

Blockchain is designed to solve the problem of verifiability of data in the absence of trust. It makes a number of sacrifices in order to achieve that objective.

What are the sacrifices? Well, for starters, you have to use a blockchain. A new technology has costs associated with learning and implementing it. Blockchain is no different.

For another, if you are using a public blockchain, you cannot undo mistakes. Let’s say you accidentally post the unencrypted business plan for next year to the chain. It’s there, publicly available, forever. That is a risk that doesn’t exist with most other data repositories. Immutability, as it is called, is a double-edged sword.

On public blockchains, there are small, but perhaps not insignificant risks with regard to mining. The mining system adjusts its own difficulty in order to ensure it is always economic for people to start mining the cryptocurrency, as long as it has any value. But that system is limited in how quickly it can respond to changes in the value of the currency, or the cost of electricity. If changes happen faster than the chain can react, you might have temporary slow-downs in the processing speed of the chain.

Even if there is no slow-down in the blockchain network, the speed at which data can be added to the blockchain is set by the system, and can’t be changed after the blockchain is deployed. You will never be able to speed up the period of time between when data is added, and when it is verified and shared.

There is also an environmental concern about using public blockchains. Because blockchain mining operates as a competitive system, blockchain is hugely energy inefficient. The average BitCoin transaction involves the use of 300kWh of electricity. Around 80% of all mining happens in China, where the electrical system is largely coal-powered. The total amount of electricity being used on BitCoin mining is on the scale of a small country of a few million people, and growing.

. . .

But the question is not “does blockchain have costs and risks?” The question is “does blockchain have costs and risks that outweigh the benefits?” So what are the benefits of blockchain?

Blockchain allows for a single, shared, independently verified database of information that can be added to by anyone, but cannot be changed or restricted, all without requiring the parties on the network to trust each other or anyone else.

More specifically, blockchain distributes data widely without having a central copy, and provides the ability to verify the data without having to refer to a central version. You will note that the word “central” keeps appearing. We have ways of sharing data. We also have ways of verifying data. We also have ways of doing these things online. What blockchain adds to the toolkit is the ability to do these things without having to trust a central authority.

. . .

Whether or not blockchain is the right solution for a given problem depends on more than just what blockchain can do, and what blockchain costs. If something else can do 95% of what blockchain can do, and costs 5% of what blockchain costs, blockchain may still not be the best choice.

So to understand blockchain’s value, you have to understand its alternatives.

To understand where blockchain lies relative to its alternatives, you need to think about the difference between making something less likely and harmful, and making the same thing impossible.

. . .

Having your house burn down is a bad thing. It is a bad thing that happens, sometimes. We have a number of strategies that we use to mitigate that risk. There are building codes, fire extinguishers, conveniently-located fire stations, 911 systems, fire insurance, and even the courts that hear claims for negligence and police that investigate arson. But all of these things are mitigation strategies. Rather than making it impossible for your home to burn down, they make it less likely, and less important.

No one would suggest that the next time you build a house, your house ought to be completely fireproof. Well, they might, but you would likely scoff, and ignore them. Because making a house out of fireproof material would be insanely expensive in order to obtain only a marginal additional mitigation of the risk of fire. And there would be other downsides beside the cost.

Suggesting that someone should use blockchain for something is like suggesting that their house should be fireproof. Blockchain does not merely mitigate the risk that data shared among parties will be changed, or deleted, or access to it will be restricted. Instead, blockchain makes those things impossible.

So nothing is going to be built on blockchain that doesn’t fall into one of these two categories:

  1. Stuff that cannot be built any other way, because only a system that does not require the users to trust anyone will work.
  2. Stuff where eliminating the requirement of trust is not strictly necessary, but the value of using blockchain is higher than the value of using the best alternative.

(There is course a third miscellaneous category, which includes scams, experiments, and other adoptions of blockchain that are not sustainable.)

Cryptocurrency is an example of category 1 above. There may be others. But the vast majority of problems will fit in category 2, if at all.

. . .

Blockchain solves a trust problem by eliminating the need for trust where it is absent. Traditionally, we solve those problems by adding trust in a third party where trust between two parties is absent. People don’t trust your cheque, they trust your bank. They don’t trust your web server, they trust the SSL certificate issuer who says that you are who you say you are. They don’t trust you that you own the Manhattan Bridge, they ask the land titles registry.

Blockchain does a lot of things. It distributes data, it verifies data, it prevents outages, and prevents hacking. Prior to the advent of blockchain, we solve those sorts of problem using data security techniques which can be categorized as “backups and stuff.”

You can see that these are both mitigation strategies. Backups and stuff don’t necessarily prevent data manipulation (though companies like Amazon and Google seem to do just fine using “backups and stuff.”). They just make them less likely, and mitigate the damage if they happen. Similarly, trusted third parties can also act badly, which is why the legal trust safety industry exists.

It’s not perfect. It’s like fire insurance, not fireproofing. But the combination of trusted third parties and backups and stuff has been good enough for all of human civilization until now. Blockchain might be better, but only if it provides more of what we want, or avoids more of what we don’t, and does so efficiently.

. . .

So when I am trying to figure out whether or not blockchain is a good solution for something, I ask myself this question:

“Who is going to implement blockchain for this purpose, and for that person, does blockchain seem like it has a better cost/benefit value than trusted third parties and backups and stuff?”

. . .

Let’s try applying that test to some of the proclaimed benefits of blockchain in the legal profession. For starters, let’s talk about land titles registries.

Yes, blockchain could be used to provide more efficient access to land titles records. But more efficient access to land titles records could also be provided by any other number of online database technologies that are better understood, and don’t have the double-edged sword of immutability. The only thing that blockchain would have over those technologies is that you would no longer need to trust the land titles registry.

I have heard a lot of complaints about the land titles registry in my career, but distrust of the land titles registrar is not one of them. But even if buyers and sellers are tired of the land titles registry’s constant lying, that is data controlled by the government, and it will not be put on the blockchain unless the government perceives some benefit to go along with the loss of control that would entail. What does the government gain from a technology that no longer requires you to trust the government?

Blockchain would also increase the quality of the land titles service because you will be able to verify the state of title at the time of registration in an automatic way. But independent verification is not the problem that blockchain solves. Blockchain solves the problem of independent verification without reliance on trust. If you still trust the government to be in control of the data (and even if you don’t, I’m pretty sure the government does), then you can achieve the same thing without blockchain by using verified database technologies like AWS QLDB.

So no; blockchain is never going to be used for land titles. That’s nonsense.

. . .

Next, let’s talk digital identities. The claim you hear is that people will all have their own identifying information on the blockchain, and have third-parties add their relevant authoritative data to it. So perhaps your university would add your degrees to the chain, and your government would add your driver’s license. Everyone will just be able to give the keys to anyone who needs identity information, and that information can be verifiably downloaded from the blockchain all in one place.

So this anticipated use of blockchain would involve the person handing you their blockchain ID number, and you would go to the blockchain and download something that says “I have verified that the person who looks like this has the following name,” for example.

That’s great. Except who put the information on the blockchain, and why do you trust them?

Wait, no. I don’t care why you trust them. I only care that you trust them.

If you trust them, then you don’t need the information they provide to be on the blockchain to have confidence that it has not been altered. Just verify that it came straight from them, which can be done with basic digital signatures and a trusted certificate authority. There is no reason to use blockchain for this. Nonsense.

What about the digital identity certificates that underlie encryption technology themselves being put on the blockchain? Extremely bad consequences can arise from losing access to them, particularly once they are more widely relied on for things like banking. But the certificate is only valuable if either you, or a third-party, has verified the person’s identity. If it’s you, just keep the certificates yourself. You usually trust yourself.

If it’s a trusted third party who is confirming that a given website is owned by a given person, and you trust them to tell you the truth about that, why would you not also trust them not to use backups and stuff appropriately so as to avoid losing access to the data? That’s what we do now. As far as I’m aware, there has not been a spate of security certificates suddenly becoming useless because the certificate authority was hacked, or went out of business. It solves a problem that doesn’t exist.

. . .

Smart Contracts. Oh, man. Where do we start?

First, a smart contract is to blockchain as a boat is to Hudson’s Bay. You might find one there, but it’s not the only place, or even the most likely.

Smart contracts and blockchain are not the same thing. You can do blockchain without smart contracts, and you usually do. And you can do smart contracts without blockchain, and you usually will. Too often people conflate smart contracts with blockchain because of the technologies that are out there to make them cooperate with one another.

The Accord project, for example, is seeking to create a standard computer language for expressing contracts. One of the hopes is that you would be able to use that language to generate software code that lives and runs on the Ethereum blockchain, called a distributed application, or a “dApp”, which automatically executes the requirements of the contract.

But not all self-executing smart contracts will be on blockchain. Nor do all smart contracts need to be self-executing. Encoding a contract can be done for the purposes of analysis, or as a means of building applications to help people execute the contract accurately, or for contract management, or for any number of purposes which have nothing to do with trustless execution.

Blockchain aside, smart contracts are a future area of law. There are problems to sort out. One major issue is how to integrate the court system with smart contracts to retain the best parts of both. There are questions about what is the contract, the code, or the written agreement to that code was supposed to model? If the code is the contract, did you have a lawyer who could read that code, and advise you on it? If not, what does it mean to have independent legal advice about a contract? What happens when you need to sue, but you can’t explain the contract code to the judge?

Smart contracts really will impact the future of the legal profession. And a part of that will involve understanding how smart contracts were implemented over the blockchain, if they were implemented over the blockchain. That is not nonsense. But it will also be possible to have a thriving smart contracts career that has nothing to do with blockchain. Saying that a smart contracts lawyer needs to know blockchain is nonsense.

. . .

Whether or not blockchain is the right solution depends primarily on one factor: Trust. Whether or not blockchain is the right solution depends mostly on how much the absence of trust is the problem, and it cannot be solved with third parties and backups and stuff.

Blockchain is not the next industrial revolution. It is not on the scale of the printing press and the Internet. You and your clients are not going to be using the blockchain for everything. It is not AI. It is not the same thing as a smart contract. Courts and law firms will find little use for it. Governments and businesses will find use for it primarily when dealing with people in other jurisdictions, or untrusted parties.

Take a deep breath. Relax. Everything is going to be OK.
_______________

Jason Morris is a lawyer at Round Table Law in Sherwood Park, Alberta, and an LLM student in Computational Law at the University of Alberta.

Comments

  1. Thank you for this breath of fresh air on blockchain and (the limits on) its potential uses. You make excellent points.

    One could expand on a couple of them, too. For example, why does one trust what is put on the blockchain? One can post lies. One can – as you say – post mistakes. How does the verification process change that?

    The point of the blockchain is the distributed ledger – but how many people have the capacity to mine, to encrypt, and to check encryption? If there are not enough members, blockchains can be hacked, as has been demonstrated.

    This factor makes proprietorial blockchains suspect, if the fact that some entity is controlling access does not already do so. Certainly having a permissioned blockchain kicks the trust question back up from the technology to the entity giving the permissions. Isn’t that what we already have, with our traditional array of mainly-trusted institutions – the banks, registries, governments that are alleged to be about to wither away, replaced by blockchains everywhere?

    And will *everybody* be able to enter information? Does everybody need encryption capacity? Will everybody on the blockchain need even a digital signature? Most people do not have such things, and managing a public key infrastructure is expensive and difficult, so most people will not have such things.

    And PKIs have weak links, including some that support the trust in it – such as how secure the computer is that contains the signing keys (probably protected by user ID and semi-weak password, in many cases), and how thoroughly did the certification authority test the alleged identity of the person getting a certificate?

    How much do those problems affect the reliability of the blockchain?

    And the immutability, as you note, is a two-edged sword. Courts may have to order participants to compensate other participants, and if compensation cannot be done within the blockchain, it will have to be provided outside the blockchain. So those who say that the blockchain removes things from state control are dreaming.

    And once it is clear that the state will exercise its supervisory rights – according to law, in countries we respect, but that is not all of them – then the blockchain looks less like a haven for tech-savvy anarchists without starting to look like a useful parallel system of providing trusted information.

    I looked at some of these questions, starting with the expense issue you raise in passing, in a Slaw column last year.

    I am pleased to read your statement about the independence of ‘smart contracts’ from the blockchain. It will be discovered that it will not always be wise to enter a smart contract, and the legal system will find a way to enforce rights and equities despite how smart the contract will be. Some more discussion is in my Slaw column on smart contracts.

  2. Nice article. I bet you can find a lot of similar articles about Email and the Internet in the early 90’s.

    Just because people are still creating uses doesn’t mean they won’t exist.

    The blockchain is immutable, that is it’s fundamental value. That allows for money and other uses to be created.

    Let me show you a way I use the blockchain in the legal profession regularly.

    Let’s say I want to store a digital version of a client’s will (or any other important document) and I want to ensure that it isn’t tampered with and easily accessible to any third party.

    I do the following:
    1. I save the document in PDF format;
    2. Calculate the document SHA-256 hash;
    3. Save the necessary information on the Bitcoin Cash blockchain.

    Click on the link below to see a test I made.

    https://explorer.bitcoin.com/bch/tx/d884fd351475c0ad0ef655dc8ddba48f521b58106817b276a4cdb9a5a12f8bf5

    If the PDF is requested from the firm, I can check it’s SHA256 (3C18D8A0232FF6A1AA55E7B6E4884CB8D1D257ABB2178198279FA42FC445F6D1) hash and without having to trust the firm, I know that is the Will that existed on the date the blockchain entry was made. I don’t need to trust anybody. Without calling any witnesses, I can prove the document was not altered. All of this cost me less than $0.01. That is value.

    Great, so how do I find this on the blockchain you ask. Same thing was asked about the internet before yahoo and google.

    https://oyo.cash/ is google for the blockchain. Search “Mr Name” and you can find his Will.

    Granted, this may be more difficult for the average lawyer to do but with a 5 minute video I can teach anybody.

    Don’t write off blockchain just yet.

  3. Addison Cameron-Huff

    I wholeheartedly agree with the idea of equipping people with the knowledge they need to stop “blockchain BS”. There’s too much of it out there. But I think this article is unduly pessimistic about blockchain opportunities and doesn’t give enough credit to the people working in this field.

    Virtually every major corporation has invested time and/or money into blockchain applications. Canadian banks have dedicated groups for this, and it’s not because they’ve bought into bullshit. There’s more to this than it seems.

    “Blockchain” is a broad term and this article covers a broad swath of what people are up to in the field. Here are a few reasons why I think there’s more substance to this trend than the author does:

    1. There’s enormous interest in applications to the securities market. Major players like DTCC have invested millions in this (e.g. https://www.coindesk.com/dtcc-milestone-11-trillion-derivatives-gets-closer-blockchain). The Delaware Court of Chancery suggested in a 2017 case that “DLT” (blockchain) could be a solution to the share ownership problem they were asked to rule upon: https://www.cameronhuff.com/blog/delaware-court-of-chancery-also-likes-dlt/. Odds are good that the Delaware Court of Chancery, DTCC, and hundreds of other important institutions aren’t completely wrong about whether blockchain might be applicable to securities. There are also crypto startups like Toronto’s Polymath that are trying to tackle this problem from an issuer perspective: https://polymath.network/index.html. Given the amount of money invested by major financial players I think it’s more of a question of what the most successful solutions will be rather than whether they will exist.

    2. To address the specific claims made about land systems: there’s a lot more merit to the blockchain approach than first meets the eye. In Ontario the government doesn’t exactly control the main database for land, it’s run by a private company (https://www.teranet.ca/registry-solutions/about-polaris/). This is a common pattern where governments delegate a system to be run by private operators on their behalf (e.g. ServiceOntario). Governments are fairly comfortable with having a supervisory role and leaving service delivery up to the private sector (although approaches across Canada are obviously varied). Is it really a stretch to set up a blockchain and then manage that, or have a private company do so on the government’s behalf? In Ontario that’s a stretch because of a monopoly given to Teranet that extends until 2060: https://www.theglobeandmail.com/report-on-business/streetwise/teranet-deal-with-ontario-likely-first-of-many/article1461786/. But in other jurisdictions, particularly less developed ones, it’s entirely possible that a blockchain-based land system might be implemented. Ghana and IBM are exploring this: https://cointelegram.co/ghana/. The land registry for England and Wales signed a deal in October to investigate this: https://www.gov.uk/government/news/hm-land-registry-to-explore-the-benefits-of-blockchain. There are many issues associated with this idea (some of them listed in an article I wrote in 2014 on this subject: https://blog.decentral.ca/a-smart-property-real-estate-system-for-ontario-2/) but to dismiss out of hand an idea that so many smart people in this field are investigating seems premature.

    3. Most blockchain systems involve storing hashes of data on chain and/or metadata, not the full data, because that’s much more efficient space-wise. This greatly reduces the data privacy issues raised in this article. There’s a major data breach announced every day involving legacy systems (e.g. https://blog.decentral.ca/a-smart-property-real-estate-system-for-ontario-2/) so a system that involves any degree of cryptography would be a big step up on what the vast majority of companies are using right now. Blockchain systems always involve major use of cryptography and the issue identified in this article about posting damaging unencrypted data is so obvious that I can’t imagine any legitimate blockchain project ignoring it. Crypto people are well aware of the immutability aspect and the roots of Bitcoin lie in its use for anonymous online transactions.

    4. Often “blockchain” is corporate shorthand for adopting some of the principles of Bitcoin/Ethereum and applying them to a new software system. This is a bit strange for many crypto technologists because it’s hard to see the value of cryptocurrency if you remove the value component, but if the result is the adoption of hashes and asymmetric encryption then I think that’s a good in itself. Whatever you think about “blockchain”, the elements that make up a cryptocurrency system are obviously valuable and widely used already. Bringing these technologies into wider use and thinking about how we can build more open systems is surely a good thing.

    5. There actually have been hacks of certificate authorities: https://slate.com/technology/2016/12/how-the-2011-hack-of-diginotar-changed-the-internets-infrastructure.html. There’s also been inadvertent disclosure of the private keys for certificate authorities: https://www.theregister.co.uk/2018/03/01/trustico_digicert_symantec_spat/. That said, most blockchains are accessed through SSL and that’s an essential part of the ecosystem that not many people are proposing throwing out (but some people are working on CA alternatives, e.g. https://handshake.org).

    I’m the first to advocate skepticism. Hard questions should always be asked when people propose a technological solution to any problem, and if that solution involves “blockchain” then the questions should be especially hard. In 2018 I oversaw a team of a dozen engineers working on crypto software full-time. It’s hard work. It’s experimental technology. There are a lot of wild claims and hand-waving, but there are also a lot of smart people and smart companies working on solutions involving blockchains.

    There’s also a lot of great, open, global software being built. Will there be failures? Yes. Will lawyers be writing solidity code instead of drafting contracts in 2020? No. Will everyone’s dreams come true? No. Will blockchain-based software become more widely used? Yes. Definitely.

  4. Whoa, I’m late to this party!
    Glad to see Addison join the fray.

    I’ll add only that:

    a) not all blockchain applications require complex energy intensive computing mining (via Proof of Work)… there is also Proof of Stake and variants of that. So the that is not a universal downside of blockchain.

    b) I like the tempting analogy of a fireproof house, and I think it’s applicable in the sense that it’s worth testing whether you really need the assurances of blockchain in every case. But I think it’s too simplistic because there are ways to use blockchain efficiently, securely and cheaply to do what traditional databases can do.

    c) I love Jean’s memo transaction to the Bitcoin Cash chain. Great proof of a simple practical use case. You could also authenticate photos, a zip file, or other ESI evidence with such a hash sent to the blockchain.

    d) As for land title… Jason says “So no; blockchain is never going to be used for land titles. That’s nonsense.” Actually, those are careless words Jason. You just may regret being so bold. Read about BC’s LTSA. They announced in late 2018: “The Land Title and Survey Authority of British Columbia (LTSA) and ChromaWay AB (ChromaWay) announce they are working on an initiative to evaluate distributed ledger technology (blockchain) solutions that will make land administration processes more secure and accessible in British Columbia.”