Although the blockchain technology is gaining immense popularity around the globe and potential application of this technology across sectors and businesses are being identified, we are also hearing some whimpers casting doubts about how safe the technology really is. A distinction is also being sought to be made between private blockchains and public blockchains. An argument that raises the flag on public blockchains is its accessibility to anyone and the consensus protocol that consumes huge amounts of electrical energy in different parts of the world to solve cryptographic puzzles that is essential for public blockchain to function.
The apprehensions about the public blockchains have given rise to private blockchains on the premise that businesses will have an enhanced degree of control. Private Blockchains are primarily employed in financial contexts and their operators can control over who is authorized to submit transactions, who can read the ledger with verified transactions and also who can verify them. Private Blockchains can be applied to a wide range of markets where multiple participants wish to transact business simultaneously but do not trust each other wholly. For instance, a private blockchain for physical assets and land register, private equity distribution, or commodities trading are on the test bed. Admittedly, unexpected consequences may await these systems too, once they evolve fully. Some such consequences may also impact the security and the assets stored or managed by the system. As in the case of development of software, addressing security concerns early on alleviates the problems of carrying out fundamental changes to the product itself for addressing security flaws at a later date.
Private Blockchains should focus on Network Architecture for security
A major decision while creating a private blockchain is the network architecture for the system. The blockchain ledger achieves consensus, list of verified transactions with the help of communication and communication is essential for writing and approving new transactions too. This communication between nodes and a copy of the ledger is maintained by each node informing the other nodes on new information freshly submitted or verified transactions. Those who operate private blockchains can also have control on who can operate a node and how the nodes are connected, wherein a node with larger number of connections receives information quickly. Similarly, for being considered active, nodes may also need to have a specified number of connections. In order to maintain the integrity of the system, it should also be possible to identify nodes that restrict information transmission or transmits information that is incorrect and circumvent those nodes. A private blockchain for commodities trading may provide established trading partners with more central positions within the network and require that new nodes maintain connection to one of those central nodes for enhanced security and ensuring that the central nodes behave the way they are intended to.
Another security related concern while establishing network architecture is the treatment for nodes that are either not communicative or intermittently active. For innocuous reasons, nodes can go offline, but the network needs to be structured to function (for obtaining consensus on transactions that have been previously verified and for verifying new transactions correctly) without offline nodes and it should also have the ability to quickly bring back the nodes back to speed in the event they return.
Access permissions and consensus protocols in private vs. public blockchains
The consensus protocol refers to verification of transactions through a process of problem solving and by design, it takes time, presently about ten minutes. For about 2 hours transactions are not deemed to have been verified fully. After this, the transactions are adequately deep in the ledger to allow introduction of a competing version called a fork would become computationally expensive. This delay is a boon and a bane since transactions that initially appeared verified might lose that status later and pose a significant obstacle for using the systems based on Bitcoin for fast transactions like financial trading.
In contrast, private blockchain operators can permit only specific nodes to carry out the verification process and such trusted parties would carry the responsibility for communication of transactions newly verified to the other participants in the network. The system operator of the blockchain would be responsible for accessing the trusted nodes and determining the set of trusted parties should be expanded.
What are the rewards from a private blockchain?
Private Blockchain offers faster network communication and transaction verification, apart from being able to reverse transactions and fix errors, reduce risk of external attacks, and restrict access. The very thought of a blockchain system presupposes a certain degree of trust deficit, or at the minimum an acknowledgment that incentives of all users may not be in alignment. Developers working on maintaining public blockchain system such as Bitcoin continue to rely on individual users for adoption of any changes proposed by them which in turn ensures that changes are adopted only when they are of interest to the entire system. Conversely, with private blockchain operators can unilaterally choose to deploy changes even when some users are not in agreement. For utility and security of private blockchain systems, operators should take into account the recourse available for users who do not agree with changes to the rules of the system or are slow in adopting new rules. A large number of operating systems that are running currently without latest patch presents a strong indication, that, even when changes are not controversial, their adoption will not be quick enough.
Summing up, public blockchains are better suited for applications with widespread participation, third-party verification, and transparency while the private block chains are more suitable when central control as opposed to transaction verification and possible transaction reversal are envisaged.