Secured by Blockchain - what does that mean?

When you explore the marketplace for solutions to secure documents or transactions you will often find the claim 'secured by the blockchain'. That sounds very comforting - after all blockchains are all the hype right now and billions of dollars in cryptocurrency transactions are secured by public ledgers (blockchains) every day, but what does that actually mean?

"Secured by blockchain" does not automatically guarantee the transparency and immutability that is inherent to the design of blockchains. It starts with the problem that there isn't just ONE blockchain, there are dozens of chains with public access (Bitcoin, Ethereum, Solana, Algorand, Oasis, just to name a few) and unknown numbers of private blockchains (that may be using the technical framework of one of the aforementioned blockchains, but not everyone can connect to them). So first you have to know where to look - but what are you looking for? Entire documents are not stored on public blockchains, as it would be cost prohibitive to essentially replicate them across all nodes keeping a copy of the ledger, so instead cryptographic hashes of documents are typically stored and the documents/data itself are "off-chain".

The protocols for signing and recording of crypto token (currency or NFT) transactions are very well defined and documented for each blockchain but that is not the case for non-standard documents or other structured data, so one needs to know how to independently verify a record on a blockchain. On a public blockchain, if you have to rely on a third party or their proprietary system to decipher or perform the validation for you, you are essentially replacing trust in the blockchain with trust in that third party or system. Additionally, on a private blockchain you should also be able to judge access control and design of the proprietary chain.

So whenever you see "secured by blockchain" ask yourself: "how can I check?". It may not be feasible to verify every document hash or traverse the proof path of a Merkle tree for every such validation, but you should be able to review the documentation and design for the steps to perform this validation against the data stored in blockchains. You should know what data element is secured on the blockchain, as it is not necessarily cheap to store extensive data, maybe only the signatures of a group of transactions is committed to the blockchain, but what makes up those groups is off-chain data.

Review the steps to perform a validation carefully, otherwise "secured by blockchain" is just a marketing label.

13 views0 comments

Recent Posts

See All