blockchain risks, opportunities and future scenarios · 2018-02-26 · –impact on future of audit...
TRANSCRIPT
![Page 1: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/1.jpg)
www.csiro.au
BlockchainRisks, Opportunities and Future ScenariosMark StaplesResearch Group Leader – Software Systems
![Page 2: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/2.jpg)
![Page 3: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/3.jpg)
![Page 4: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/4.jpg)
Looking (Back) at Data61 Treasury Projects
• Two concurrent projects, Jul 2016 – May 2017
• Funded via National Innovation Science Agenda
• With help from The Treasury
• Reports available:http://www.data61.csiro.au/blockchain
• Today:– What did the projects do, and what did the reports say?
– What’s changed, and what’s next?
Data61: Blockchain Risks, Opportunities and Future Scenarios4 |
![Page 5: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/5.jpg)
5 |
Distributed Ledgers: Scenarios for the Australian economy over the coming decades
Hanson, R. T., Reeson, A. Staples, M.
What might plausibly happen, across society & economy?
Data61: Blockchain Risks, Opportunities and Future Scenarios
![Page 6: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/6.jpg)
Technology Trigger
New equilibrium
Time
Imp
act
/ B
en
efit
s Aspirational
Transformative
Collapse
Foresight – Plausible Scenarios?
Data61: Blockchain Risks, Opportunities and Future Scenarios6 |
![Page 7: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/7.jpg)
Fore
sight
DLT Foresight – Methodology• Consultative workshops, panel discussion
– Impact on future of audit (and professional services)
– Impact on privacy and identity
– Impact on law, especially contracts
– Draft scenarios
• Over 100 subject matter experts consulted– Government Departments
– Start-ups
– Banking and Finance
– Academics, and
– Professionals
Data61: Blockchain Risks, Opportunities and Future Scenarios7 |
Inputs
Analysis
Interpretation
Prospection
Scenarios
after (Voros, 2003)
![Page 8: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/8.jpg)
Four Scenarios1. Regulation on Rails – Aspirational
– Understanding of risk and potential; adoption, innovation, and productivity
– Leading and cohesive regulatory support and automation
2. Sherriff on the Digital Superhighway – Transformational– Industry and IoT-led adoption
– DLT “deputised” for provenance and internet of trust
3. A Bumpy Ride – New Equilibrium– Proliferation of many DLTs without regulatory acceptance or standards
– Lack of trust in technology and regulation cripples full DLT potential
4. A Slippery Slope – Collapse– History of loss, failure, crime, mis-use, “hacks”, and broken trust from DLT
– Regulatory barriers installed; Abandonment of blockchain as a “brand”
Data61: Blockchain Risks, Opportunities and Future Scenarios8 |
![Page 9: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/9.jpg)
DLT Foresight – Use Cases and Key Issues
Data61: Blockchain Risks, Opportunities and Future Scenarios9 |
• Digital Currencies
• Trade Finance
• Provenance
• Professional Services
• Intellectual Property
Nearer Term(Work
Underway)
• Auditing
• Credentialing
• Identity Management
• Internet of Trust
• Sharing Economy
Longer Term
(More R&D Needed)
Scalability
Adoption
Innovation & Novelty
![Page 10: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/10.jpg)
DLT Foresight –What’s Changed, What’s Next?
![Page 11: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/11.jpg)
What’s Changed, What’s Next?• Active interest, good & growing understanding by regulators
• Australia leading ISO TC307 standards on Blockchain and DLT
• Still yet to get clear indication of widespread adoption & benefit
• Cryptocurrencies are a two-edged sword for blockchain/DLT
• Massive ongoing technological innovation– Interoperability, Governance, Distributed Exchange, Scalability, Privacy
Data61: Blockchain Risks, Opportunities and Future Scenarios11 |
![Page 12: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/12.jpg)
12 |
Risks and Opportunities for Systems
Using Blockchain and Smart
Contracts
Staples, M., Chen, S., Falamaki, S.,
Ponomarev, A., Rimba, P., Tran, A. B.,
Weber, I., Xu, X., Zhu, J.
What are technical risks & opportunities for use cases?
Data61: Blockchain Risks, Opportunities and Future Scenarios
![Page 13: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/13.jpg)
Study Perspectives and Approach
• Blockchain are components in broader systems
• Identify plausible use cases
• Create some design alternatives, examine trade-offs– Focus on three illustrative contrasting use-cases
Data61: Blockchain Risks, Opportunities and Future Scenarios13 |
Software
Architecture
Dependable
Software Systems
Trusted and Trustworthy Systems
- Risk, Evidence, Assurance, …
Non-Functional Properties
- Security, Performance, …
![Page 14: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/14.jpg)
What Does a Blockchain Do?• Functionally, blockchains are…
• A database (ledger)
– Record of transactions
• A compute platform
– “Smart contracts”
• Distributed, and no central owner
Data61: Blockchain Risks, Opportunities and Future Scenarios14 |
Centralised Trust
using a
Third-Party
Distributed Trust
using a
Blockchain
![Page 15: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/15.jpg)
Compared to Conventional Databases
• Logically centralised;Physically and administratively decentralised
• Trade-offs for Various Non-Functional Properties(+) Integrity, Non-repudiation
(-) Confidentiality, Privacy
(-) Modifiability
(-) Throughput/ Scalability/ Big Data
(+ read/ - write) Availability/ Latency
Data61: Blockchain Risks, Opportunities and Future Scenarios15 |
![Page 16: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/16.jpg)
Blockchains are Not Stand-Alone Systems
Data61: Blockchain Risks, Opportunities and Future Scenarios16 |
UI for humans
IoTintegration
Auxiliarydatabases
Legacysystems
Keymanagement
privatedata
BIG DATABlockchain is a component
![Page 17: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/17.jpg)
Potential Use Cases• Financial Services
– Digital currency– (International) payments– Reconciliation– Settlement– Markets– Trade finance
• Government Services– Registry & Identity– Grants & Social Security– Quota management– Taxation
• Enterprise and Industry– Supply chain– IoT– Metered access – Digital rights 7 IP– Data management– Attestation– Inter-divisional accounting– Corporate Affairs
• Three Illustrative Cases Selected1. Agricultural supply chain2. Open data registry3. Remittance payments
Data61: Blockchain Risks, Opportunities and Future Scenarios17 |
![Page 18: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/18.jpg)
Agricultural Supply Chain – Use Case
Data61: Blockchain Risks, Opportunities and Future Scenarios18 |
Producer Processor
Export
Import
Wholesaler
Retailer
Food service
InteroperabilityLatencyIntegrityConfidentialityScalability
![Page 19: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/19.jpg)
Agricultural Supply Chain – Designs
Data61: Blockchain Risks, Opportunities and Future Scenarios19 |
Producer
Transport Provider
Processor
Retailer
Event Aggregation
Server
Product
information
Pickup
details
Order
details
Payment
Delivery
details
Producer
Transport Provider
Processor
Retailer
Product information
Pickup details
Order details
Payment
Delivery details
Consortium Blockchain,replicated to all participants,
storing event data
Producer
starts
export
process
Producer
prepares product
for shipment
Transport provider
picks up empty
container from shipping
line
TP delivers
empty container
to the warehouse
Container is packed at
the warehouse (at
producer s premises
or outsourced)
TP picks up full
container from
the warehouse
TP delivers
loaded container
at the port to
terminal
Terminal loads
container onto ship &
informs SL and
customs
P / FF informs
receivers of the
shipment
FF arranges land
transport for container
(empty and loaded)
Link to
import
process
FF makes booking for
shipment & requests
container from shipping
line
FF initiates outgoing
customs procedures
Producer tasks freight
forwarder to initiate
shipping
FF creates PRA (Pre-
Receival Advice) to
coordinate with
terminal
TP books time
slot for delivery
to terminal
FF polls the information
that container is loaded
(bill of lading)
Ship leaves port
Warehouse
not ready yet
Deliver directly
Store container
in depot
Delivery time slot
not reached yet
Deliver directly
Store container
in depot
Customs
clearance
received
1. ConventionalPoint-to-pointmessaging andevent aggregationserver
2. Event Trackingon BlockchainPoint-to-pointmessaging andevent aggregationon blockchain
3. Supply chain processcoordination on blockchainas smart contracts
![Page 20: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/20.jpg)
Supply Chain & Trade Finance• Structure of supply chains similar to blockchain
– No centre; highly distributed; many parties; dynamic relationships
• Might address limitations in supply chain– Limited visibility & logistics efficiency
– Provenance & Supply chain quality
• But also enables derived financial services– Trade Finance
– Insurance
• Attach financial contracts directly to logistics contracts
Data61: Blockchain Risks, Opportunities and Future Scenarios20 |
![Page 21: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/21.jpg)
Open Data Registries – Use Case
Data61: Blockchain Risks, Opportunities and Future Scenarios21 |
IntegrityAvailabilityRead LatencyInteroperabilityBarriers to access
![Page 22: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/22.jpg)
Open Data Registries – Designs
Data61: Blockchain Risks, Opportunities and Future Scenarios22 |
1. ConventionalRegistry operatedby single agency
2. Consortium acrossdata providersPublic access stillcontrolled through aportal
3. Registry on public blockchainAgency only controls entriesincluded on official index
![Page 23: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/23.jpg)
Registries
• Blockchains can help to federate registries
• Sometimes too much integrity causes problems
Data61: Blockchain Risks, Opportunities and Future Scenarios23 |
![Page 24: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/24.jpg)
Data61: Blockchain Risks, Opportunities and Future Scenarios24 |
![Page 25: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/25.jpg)
Remittance Payments – Use Case
Data61: Blockchain Risks, Opportunities and Future Scenarios25 |
Write LatencyCostCost transparencyControlled confidentialityLow barriers to entry
![Page 26: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/26.jpg)
Remittance Payments – Designs
Data61: Blockchain Risks, Opportunities and Future Scenarios26 |
1. ConventionalThrough bank or MTO
2. Payment throughblockchain
3. KYC throughblockchain
![Page 27: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/27.jpg)
Remittances• Blockchains may help
reduce cost and time of remittances, but challenges remain for solutions to KYC
• Blockchains and smart contracts may make it possible to create ‘programmable money’
Data61: Blockchain Risks, Opportunities and Future Scenarios27 |
![Page 28: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/28.jpg)
We (Will) Rely on Blockchain-Based Systems
• DAO failure; Parity bug; Phish; Hacking– Costs $60M? $280M? $225M in 2017? $500M + …?
• Huge future economic value (the main point!)– e.g. supply chain, asset registries, settlement, …
• Security-critical and Safety-critical use cases– e.g. e-health records, pharma supply chain,
IoT management, …
Formal Specification and Verification of Smart Contracts | Data61, CSIRO28 |
![Page 29: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/29.jpg)
What is “Trust”?
Dependable Software Systems says…
• Trusted System– A system you have chosen to rely on to fulfil a goal
• When it fails, you suffer harm or loss
• Trustworthy System– A system where you have evidence it will not fail
Data61: Blockchain Risks, Opportunities and Future Scenarios29 |
“Trust” means
accepting exposure
to risk
![Page 30: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/30.jpg)
Trustworthy Blockchain-Based Systems?
• What is good evidence that blockchain-based systems will do what we need?
– Functional correctness
– Non-Functional properties
• How do we get regulatory acceptance?
Data61: Blockchain Risks, Opportunities and Future Scenarios30 |
UI
IoT
Auxiliarydatabases
Legacysystems
Keymanagement
privatedata
Blockchain is acomponent
BIG DATA
![Page 31: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/31.jpg)
Assurance: Evidence & Acceptance
• Test blockchains in the rain
• Technologically-neutral regulation and policy
• But look carefully at blockchain-specific risks
• Need indicative guidance on regulatory acceptance of blockchain-based systems
• There are open questions about blockchain governance
• Increase R&D on trustworthy blockchains!Data61: Blockchain Risks, Opportunities and Future Scenarios31 |
![Page 32: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/32.jpg)
Other Findings
• Blockchains have a different cost model
• Private blockchains are often not private enough
• Public blockchains might be OK for some purposes, even in regulated industries
• Blockchains have limitations – sometimes that doesn’t matter!
Data61: Blockchain Risks, Opportunities and Future Scenarios32 |
![Page 33: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/33.jpg)
Busting Blockchain Myths
Myth Reality
Solves Every Problem A kind of database
Trustless Can shift trust and spread trust
Secure Focus is Integrity, not Confidentiality
Smart contracts are legal contracts
May help execute parts of some legal contracts
Immutable Many only offer probabilistic immutability
Need to waste electricity Emerging blockchains are more efficient
Are inherently unscalable Emerging blockchains are more scalable
If beneficial, will be adopted Adoption can be hampered by FUD
![Page 34: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/34.jpg)
Risks & Opportunities –What’s Changed, What’s Next?
![Page 35: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/35.jpg)
What’s Changed, What’s Next?• “Programmable money”?
– What distinctive value for blockchain after NPP + Open Banking?– RBA Governor speech indicates possible business cases, especially for B2B
• Data61 blockchain research continues– Business process, architecture, availability, consensus, IoT, …– Programmable money– Smart contract formal verification (Isabelle) & specification (deontic defeasible)
• Towards verifying Ethereum smart contract bytecode in Isabelle/HOL, CPP 2018.• Evaluation of Logic-Based Smart Contracts for Blockchain Systems, RuleML 2016.
• Blockchain/DLT is a strategically important avenue in Data61 & CSIROfor supply chain, provenance, and industry integrity infrastructure
Data61: Blockchain Risks, Opportunities and Future Scenarios35 |
![Page 36: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/36.jpg)
Closing Thoughts
![Page 37: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/37.jpg)
Closing Thoughts• Like the web in mid-90s
– Industry is in early stages of discovering applications
– Technology is still rapidly changing
• We are still learning…– What the requirements are
– How to design blockchain-based systems
– How to provide evidence they are trustworthy
• Some large failures and mis-use have occurred• Regulation and standards are emerging• Need more research & more translation of research to industry
Data61: Blockchain Risks, Opportunities and Future Scenarios37 |
![Page 38: Blockchain Risks, Opportunities and Future Scenarios · 2018-02-26 · –Impact on future of audit (and professional services) –Impact on privacy and identity –Impact on law,](https://reader036.vdocuments.net/reader036/viewer/2022070710/5ec472f4b06ee6034364bfad/html5/thumbnails/38.jpg)
www.csiro.au
Questions?
Thanks!