[First appeared in KoreConX on May 15, 2019]
Modern capitalists and ancient Chinese may disagree on many things, but the one thing they do seem to agree on relates to security of the realm. George Washington, back in 1799, said, “...offensive operations, often times, is the surest, if not the only (in some cases) means of defence.” A similar sentiment can be seen in Sun Tzu’s writings. It is now a common saying in football: The best defense is a good offense.
If digital securities are to play an innovative and differentiating role in modern capital markets, the one thing they have to support is the trend towards democratization of capital. Ironically, Main Street retail investors have been sidelined in the ‘public’ markets that ostensibly were designed with the general public in mind. 90% of households are generally unaffected by the gyrations of the stock market.
Decentralization of capital brings with it several risks. Inefficiencies aside, some of the financial risks are poor governance, insecure transactions, hacking, and architectural instabilities in the financial platforms. The general public will never be able to store their own private keys safely. Public blockchains are still too new and fragile to support widespread adoption by the vast majority.
The most important lens through which we need to look at this is that of the lay investor, whose primary need is safety. They may not say it, but they definitely think it. For financial systems and in particular digital securities, we need to minimize the number of ways in which the security of digital securities is compromised. Security experts have a fancy term for this, ‘attack surface’, which is the entire set of vulnerabilities possible through all the ‘attack vectors’, each of which is one method of attacking applications or networks.
Unlike the usual attack vectors such as phishing, email, pop-ups, attachments, chats, etc., digital securities can be compromised by non-traditional vectors such as forking, hacking, and adverse selection by miners’ activities, and commingling of cryptocurrencies and digital securities. Adverse selection, in particular, is not criminal activity, but the net effect is that retail investors suffer the consequences since concentration of mining power centralizes points of failure or throttles securities transactions.
All of the ways in which digital securities can fail are the ‘failure vectors’. The collective magnitude of these failure vectors defines a failure vector surface. The surface area, in some intuitive sense, captures the magnitude of potential failures. The larger the surface area, the higher the risk. (Move your mouse onto the various surfaces for color highlights.)
The spider chart above shows various failure vectors, some of which are outright attack vectors, while others represent potential failures not from attacks but due to the inherent nature of the underlying blockchain. Such a visualization is useful only when comparing two or more subjects of evaluation and that too in a relative way and by ignoring the actual values.
One caution: Do not conclude from this chart that public blockchains are necessarily bad. This chart is not an evaluation of a blockchain technology or the competence of the developers. It just speaks to the potential problems that developers and users must keep in mind when using it for this particular use case, that of digital securities.
Can public blockchains systematically reduce the magnitude of all these failure vectors? There is certainly awareness of these failure vectors. However, all current reengineering in public blockchains, such as the ERC20-based protocols, is a defensive strategy.
Keeping to the wisdom of the ages about offense being the best defense, another approach is to start with a blockchain that has been engineered from the ground up to specifically minimize the failure vector surface as much as possible.
For this reason, a permission-based blockchain such as Hyperledger Fabric would be more appropriate for digital securities. The risk of failure is mitigated because some of these failure vectors either don't apply or they are considerably minimized due to the nature of a permission-based blockchain.