After a few years as the premier buzzword, Wall Street is reviewing whether blockchain is as immutable, scalable and secure enough to implement instead of more proven technologies.
“When people hear ‘immutable ledger,’ which cannot be changed, people want to use it for everything,” said Diana Kelley, cybersecurity field CTO at Microsoft, during a recent Webinar hosted by analysis firm IDC. “It needs to be assessed for suitability. There are some use cases where blockchain doesn’t make sense.”
Financial institutions should learn the lessons of the cryptocurrency world when they consider deploying blockchain, added fellow panelist Ed Moyle, general manager at the Prelude Institute.
Emerging blockchain skeptics have started questioning whether blockchains are as immutable as advertised.
“We already have seen multiple cryptocurrency exploits that have resulted in huge losses,” said Eric Parizo, an analyst at The Parizo Group and who also was on the panel. “Somewhere the result of benign mistakes like insecure coding, but there are serious potential problems where the entire blockchain can be forked and changed beyond what anyone thinks is possible.”
Even if blockchains provide data immutability, the amount of transaction throughput that blockchains can support compared to those of transaction platforms currently in production is tiny.
The best blockchain deployments that are known today maybe can handle 10,000 transactions per second, according to Parizo.
“That is controversial because so few people understand the details and those systems are not truly blockchain,” he added. “You have to dissemble blockchain until it is no longer blockchain to get it to scale.”
However, blockchain deployments do not need to compete with such implementations. The technology’s sweet spot is in environments where there are low volumes of highly valuable discrete transactions, according to Peter Lindstrom, vice president of securities strategies at IDC and who moderated the panel.
Blockchain’s greatest weakness may be its reliance on public key encryption, which can be a single point of failure.
“If the key is lost, so is the data and, potentially, the transaction,” said Parizo. “If the key is compromised, someone else can access the data or the related asset.”
As with any software, firms should perform a threat assessment before putting blockchains or smart contracts that run on top of blockchains into production.
“Take a lesson from the DAO, which no longer exists,” said Moyle. “A coding error in some of its software wound up undermining it.”
Wall Street may have to bite the bullet and invest in blockchain no matter what just to keep innovative fintech startups at bay.
“If the large firms are not the innovators, they need to be fast followers of whichever technology wins," said panelist Dan Blum, principal consultant and managing partner at Security Architects Partners. "They cannot afford not to have a dog in the blockchain fight even if they lose money on it. It’s worth the risk.”