Tuesday, February 21, 2017

Podcast: Blockchain and Hyperledger with Brian Behlendorf

I sat down with Brian Behlendorf, the executive director of the Hyperledger project, while I was out at Lake Tahoe for the Open Source Leadership Summit last week. The Hyperledger project is an open source collaborative effort created to advance cross-industry blockchain technologies. It works as essentially an umbrella project on top of projects such as Fabric and Sawtooth Lake.

Brian was a primary developer of the Apache Web Server and a founding member of the Apache Software Foundation. In our conversation, he covered topics such as balancing innovation and standardization, the use of blockchains for transactions within consortiums of competing organizations, technical challenges, and early examples of blockchains use that go beyond cryptocurrencies.
Link to MP3 (0:14:32)
Link to OGG (0:14:32)


Gordon Haff:  Brian Behlendorf's the Executive Director of the Hyperledger Project, which is basically a blockchain project. Brian, you were just giving a talk, and someone said that was the most laid‑back talk about blockchain they had ever heard.
I think you're probably a great person to give a real quick summary of what blockchain means in the context of Hyperledger without the hype.
Brian Behlendorf:  I thought that was a nice way of him saying that my voice put him to sleep. Hopefully, I won't do the same to your listeners.
Now, we take a very pragmatic view of what's being built here, and what the world has needed, really, in this space.
Think of it as a decentralized database where the heads of that database, the nodes on that network, are potentially competitive, potentially rivalrous, and yet, they all have business that they need to transact together. They all need a system of record that keeps the order and the data of what they've transacted consistent and clear.
On top of that, you can build a lot of interesting things. You can have validation logic at each of these nodes so that you can do things like keep somebody from spending the same asset twice, or doing the same transaction twice for two different people. This is why you can build a cryptocurrency on top.
Cryptocurrencies are one kind of application, but there are lots of other types of assets that you would track in the system, lots of other kinds of data that you might log. The temperature here in Lake Tahoe might be a bit of data we want to record for permanence, because maybe I have an insurance contract that depends upon that data being accurately recorded, and never being able to be deleted.
We also take the point of view that these networks don't have to be the size of the whole wide world, that there are interesting systems of record built by consortia, built by collections of organizations, companies, government agencies, those sorts of things, where you don't need to have the physics of a cryptocurrency to be able to allow for these interesting applications to be built.
Hopefully, that dumbs it down a bit. On top of that, you can build amazing things ‑‑ smart contracts, that sort of thing, but at its core, that's what it is, and that's what we're shipping product today around.
Gordon:  From what you just said, I think maybe the best segue into, "What does blockchain give us in a private or semi‑private consortia, I think is the term you used, context that a more traditional distributed database, which obviously has certain technical advantages from the point of view, perhaps, of transaction rates and so forth?"
Brian:  The big difference is more political than technical. The big difference is most of the way that these distributed database systems have historically been built, they've presumed that they've all worked for the same person.
Therefore, their profile of attack doesn't presume that one node wants to corrupt the data that's sitting on another node, or gain an unfair advantage when that node wants to write entries and keep the other side from being able to write entries as well.
Within all of these systems, there is a consensus mechanism that establishes a fair process for each of these parties to be able to write into this network, and then cryptography at every layer, implementing what are called Merkle trees, simply ways of taking hashes so that you can guarantee that the data is kept in order.
You have your copy of the database, I have my copy, Ray has his, other people have theirs, but we can guarantee by comparing these hashes that our copies of the database are all in sync, have the same exact order to them, and this is something traditional databases have not provided any guarantees around.
Gordon:  From a technical standpoint, what, from your view, are the biggest technical challenges that have to be overcome to use Hyperledger, to use blockchain, with smart contracts, supply chain, financial transactions, and so forth?
Brian:  I'd say initially, it'll be speed, and in the long term, it'll be confidentiality. In the short term, we're going to have numbers that are not nearly so impressive as in a traditional database when it comes to transaction rates.
Right now, we see, with Hyperledger Fabric, for example, on a well‑tuned system, a couple of hundred transactions a second. We know we need to get that up to a couple of thousand, maybe over 10,000, and we have pathways to get there, but talk to any database admin, and that's a trivially low amount, especially when you have tools like sharding and other things.
That's because what we're trying to do with a blockchain is very difficult. Every proposed transaction is broadcast to everybody else, and some threshold number of those have to confirm it before everyone locks it in and says, "Yes, that's actually the next link in the chain, the next block in the chain."
That's a much more sophisticated thing, let alone if you have any validation logic you're trying to apply to prevent double spend, that sort of thing, or smart contracts that you want to run on top. That's the first challenge.
The second is the simplest blockchain is one where all the data's unencrypted, and all the data is shared with everybody. There are use cases where that's valid, where everybody wants to know the same data, say if we were building a database of certificates for TLS. Everybody wants to know the public signatures for TLS certificates.
But if we're doing something anywhere more meaningful, like recording transactions between two parties, we want the rest of the world to know about, but maybe not the price that we're paying for that transaction, maybe not some part of that transaction, and the fact is, right now, like with Bitcoin, you have exact information about who's spending what money on what.
Confidentiality is all about the set of techniques that you might apply to providing greater privacy for some of those transactions while still getting the benefit of logging into a chain, and having the consortia know that that transaction happened, and perhaps even know something about it.
This is where zero knowledge proofs, homomorphic encryption, there's all these emerging fields that are still fairly young by computer science standards, that will come into play to help give us confidential transactions. That's the horizon.
Gordon:  From what's going on right now, what are some of the specific interesting use cases that you're seeing?
Brian:  The world of finance is full of ledgers, full of systems that keep track between two parties, between thousands of parties. "Who has wired what money to who, who owns which shares of stock of a different company? Where is the underlying paperwork behind this or that?"
There's lots of drop‑in use cases for this technology there, where you don't have to talk about different governance models. What you're doing is simply dropping out a central authority that might have already existed in that system, and say, "Here's a peer‑to‑peer way to do the same thing."
Much less expensive, much more rapid for confirmation. This way, wires between two banks might clear in five minutes rather than three days.
Those aren't the use cases that get me up in the morning. The ones that get me up in the morning have more to do with helping people secure the ownership of their house in a database that can be a public database or semi‑public database. Land title databases are an active field of conversation.
More concretely, there's a project already in pilot that's moving to production ‑‑ that is the diamond industry ‑‑ reinventing their provenance tracking system that's used to keep conflict diamonds out of the market and help you know when you buy a diamond what part of the world that came from, what mine that came from.
That is, today, implemented as paper‑driven, centralized, bureaucratic kind of process with very little transparency. That's being reinvented as a blockchain, partly for greater transparency, but partly, as well, for greater audit ability. It's already in pilot. It's already caught millions of dollars in fraud, and when they move to production, it'll become an airtight system.
That's what gets me excited is these positive social impacts that at the same time, are also potentially helping solve structural problems for the business sector. I haven't seen that kind of synergy, that kind of combination of value from these two different things since the early days of the Internet.
Gordon:  Let's switch gears to talk about Hyperledger, specifically. You've described Hyperledger as, essentially, an umbrella to a number of different pieces that fit together. Can you tell our audience a little more about that?
Brian:  This space is still pretty young. You could say it was kicked off with Satoshi Nakamoto's paper in 2008, and it even taps into distributed database design going back to the '80s.
Understanding how to map this landscape and the diversity of different consensus models, different ways that we might write smart contracts, that's still pretty young for most people. We realized it wasn't going to work if we came out and said, "We've got the one true architecture, the one true consensus model, the one true framework."
We bootstrapped the project just about exactly a year ago with two different projects, one called Fabric, another called Sawtooth Lake. It started life as internal projects at two different companies, but now with an open source, both of which have blossomed, both of which now have a diverse contributor ecosystem behind them.
They solve the same problem in two very different ways. This is a challenge, because explaining this to people can be about as challenging as explaining why they would want to use Debian versus Red Hat versus Ubuntu.
We know there's real differences there, but explaining those to the outside world is part of our challenge. Now we've added other projects like Iroha. One's coming in called Corda. These are different distributed ledger technologies. There's other technologies built above that that we will bringing in, too.
We feel right now it's important to map the landscape to encourage R&D efforts across that landscape, to decentralize, in a way, and then let some combination of market suitability and Darwin basically play out to see which of these emerge as the ones that people tend to gravitate to.
The others, either they merge, or they find some interesting niche, like Darwin's finches on Galapagos Island, to, "Here's a specific kind of prey, a specific kind of use case that a certain technology becomes appropriate to."
All of that happening within Hyperledger means we get, hopefully, at least, a culture of remix, a culture of creativity, a culture of borrowing from each other, and of helping each other, looking for places to integrate with each other and combine efforts so that this makes sense to the outside world.
Gordon:  It's interesting, as I was talking to Chris Aniszczyk earlier about OCI. Their charter is really around standardization. It sounds like you sort of see your charter at this point in time as really focusing on innovation, and let the standardization, maybe some of the ease of use, come with time.
Brian:  I think so. I think that's the way that innovation has tended to work best, is for standardization to follow implementation. When you have implementations under an open source license then all of the traditional concern about closed de facto standards starts to dissipate.
"Here's this. Anybody can use it. There's no rivalry around an interface implemented by open source software." While we're developing this code, we're kind of developing open standards at the same time. What everyone wants is stability.
What everyone wants is to know, "When is it time for me, if I've got a $20 million project to bring over to this that requires me orchestrating this with six different business partners, I want to move to something that's not going to be thrown away in a year by the core developers, and forgotten about."
Again, part of our challenge is going to be making this activity make sense to the outside world, sending a signal, "Fabric will hit 1.0 in the next few months," which will send a big signal that this is now a platform that is solid enough that we feel people can run this in production and start their serious migration towards.
The other projects will start to hit that same kind of milestone this year as well, so that's a focus for us, for sure.
Gordon:  Before closing out, maybe I get to ask you one last question. There are a number of blockchain‑related projects out there that aren't directly related to Hyperledger, like Etherium, for example. What do you see as Hyperledger's relationship with those?
Brian:  I think the cryptocurrency use cases are part of the landscape. We have started from a different place, which was more of the consortium chains and tracking non‑currency types of things, partly because we know how hard it is to run a public chain.
There's serious challenges that those communities, I feel, are tackling fairly well, and there may be opportunities to find projects that span those worlds and our world, especially as you go up the stack. There'll be a lot of demand, I think, to have transactions that talk both on ‑‑ in some cases, on a consortium chain, in some cases, on a public chain.
I think that'll happen naturally, that kind of convergence and collaboration between these communities. We don't have any antagonism towards them. We don't see them as competition. We're sharing ideas, and we're learning from them, too. We're at a point now where at least the world is expanding fast enough that we can all be friends.
When blockchain winter comes, maybe it'll be tougher ‑‑ I'm smiling as I say this ‑‑ but it's a pretty healthy collaboration now, and I respect the deep technical work going on that side of the world, but they are solving fundamentally different problems.
Gordon:  Thanks a lot, Brian, for your time. Is there anything you'd like to leave our audience with?
Brian:  No, I just want to thank the companies that have been committed to open source software for a long time, like Red Hat. It really has helped serve as a model for explaining to others how you can build a business on top of open IP.
That keeps coming up as a recurring question in the blockchain space. "How do all these venture capital‑backed startups and these big companies make money from this?"

The good news is, we're now a couple of generations in to this open source transformation, and so I think Red Hat has been a stellar example of that, so, really, thank you.

No comments: