Highlights:
- Baseline Protocol aims to address privacy issues to encourage enterprise adoption of public Ethereum
- Is a set of tools to completely cloak transactions, smart contract logic and communications via the Ethereum Mainnet
- Using Zero Knowledge Proofs offers granular privacy and p2p communication
- Aims to replicate some of the key features of traditional enterprise middleware, but for transactions between companies
- EY and ConsenSys vision is for one blockchain (Ethereum), like there is one internet
To date, the vast majority of enterprise blockchain applications have been built on private permissioned blockchains. Security and privacy are the most significant reasons for enterprise resistance to public blockchains. Today EY, Microsoft and ConsenSys unveiled the Baseline Protocol. The aim is to empower enterprises to adopt the public Ethereum blockchain for complex and confidential processes, without storing sensitive data on-chain.
ConsenSys’ John Wolpert, who was also on the founding team of Hyperledger Fabric, explained what Baseline is and isn’t: “This is not a platform. It’s not a product. It’s not a coin, a token. It is a way of using the main net (public Ethereum) that will be acceptable, we think, to very conservative corporate CSOs (chief security officers), CIO, CTOs, where they can finally say, yep, it’s okay to use the main net in this way.”
The Baseline Protocol offers a set of tools that enables not just the transactions to be private, but also the logic or smart contracts and the communications between parties. And it allows for a granular level of privacy.
“We can make sure that all the participants in the network have full privacy, that their data is compartmentalized,” said EY’s Blockchain Global Innovation leader, Paul Brody. “So that if you’re, say, a small business partner of a large company and you’re authorized to buy off their contract, that doesn’t mean you can see all the terms and conditions of the contract or who else is on the contract, for example.”
The group wants to make “baselining” a phrase. So any ERP system, CRM System or supply chain system could be Baseline compliant, enabling business partners to synchronize data without middleware.
Why use a public rather than a private blockchain?
If you’re reading about enterprise blockchain you’re aware of the benefits of synchronizing data between business partners, ensuring that for shared transactions, your records show the same as mine. That can be achieved using a private permissioned blockchain. Which begs the question, why do you need Baseline?
Private blockchains offer control and peace of mind. Some argue that the peace of mind is false because private blockchains are less security hardened compared to public blockchains, which are under constant attack and are more tamperproof because of greater decentralization. There’s the old argument that one of your business partners is the weakest link on a private blockchain.
EY’s Brody pointed to the scalability and speed criticisms of public blockchain, stating that invoices are invariably net 30 days and don’t require millisecond transactions. “So much of this is driven by vendors,” said Brody. “They have FUD to dispense to you so that they can sell you a private blockchain that comes with the illusion of security instead of the transparency and inspectability of a public network.”
It’s a reasonable point, but Twitter demonstrates that cryptocurrency owners have at least as strong vested interests.
Setting up a private blockchain network is a major endeavor with a comparatively high upfront cost both financially and resource-wise, before the transactions start flowing. ConsenSys’ Wolpert referred to this as the “CapEx versus OpEx” decision.
Furthermore, there are concerns that in the future, some companies could be precluded from private networks. Although the fear of antitrust legislation may keep that in check.
But potentially, the biggest weakness is the number of new silos that numerous separate networks create. Wolpert commented on the situation where “you wind up on a bridge staring each other down, going, who’s going to give up their blockchain to join our blockchain?”
The current solution is to enable interoperability between blockchain networks. In the future, as standards develop, cross network integration might have a relatively small additional overhead compared to integrating two applications on the same network. But that’s currently not the case.
ConsenSys and EY argue that the alternative to blockchain interoperability is to adopt a single blockchain platform such as Ethereum, in the same way that there’s one internet. However, Ethereum also has numerous well publicized weaknesses, including energy hungry mining, scalability and weak finality. Many of these are in the process of being addressed in Ethereum 2.0. Although some have reservations about the viability of Proof of Stake.
What is the Baseline Protocol?
The Protocol heavily leverages Zero Knowledge Proofs (ZKP), a kind of encryption which works a little like guess which card I’m holding and I’ll tell you true or false. The Baseline Protocol started with a specific use case for volume discounts in a supply chain.
So as an example, the volumes and the discount rates are not stored on the blockchain, but a zero knowledge proof is. As a partner, based on your volumes a smart contract will calculate the relevant discount rate. Critically, given smart contracts on a public blockchain are usually visible, with the Baseline Protocol, a competitor would not be able to see the smart contract contents or the volume discount details.
EY is already known for its NightFall implementation of ZKP to provide transaction privacy. But together the group created a new piece of ZKP work that protects the business logic in the smart contracts. It also leverages Whisper for secure p2p messaging between partners.
Continuing the volume discounts example, the fact that the parties have signed the contract might be communicated p2p, but the activity could also be notarized.
The outputs are tokenized, although private. EY’s Brody explained that tokenization makes transactions compatible with decentralized services offered on Ethereum. “So that the inputs and outputs are set up and being built out in such a way that we can access things like working capital for a purchase order or factoring of a receivable, without compromising the buyer or seller’s security and privacy.”
Wolpert clarified that the invoice details are not contained within the token. “What you’re doing is injecting the hash, the state marker into an ERC 20 (token) and moving that around, which would look like nonsense to anybody other than the parties that were doing it. So you could do invoice factoring on the main net out in the open, without your competitor knowing anything about your invoices.”
Another important Baseline feature is a directory element so one can build a network of partners. That will evolve based on emerging distributed identity standards.
Standards and governance
This is early days for the protocol, with invitations to the community to help to build it out further. The protocol will be governed by the Ethereum-Oasis Project, managed by the open source OASIS community and funded by the Ethereum Foundation and the Enterprise Ethereum Alliance. The code has a very permissive license.
The other companies that have signed up so far include AMD, Splunk,
MakerDAO, Duke University, ChainLink, Unibright, EnvisionBlockchain,
Neocova, Core Convergence, Provide and W3BCloud. All of these firms are already active on Ethereum.
Enterprise Ethereum’s path to the public blockchain
Initially, the Enterprise Ethereum Alliance focused on how to use Ethereum in a private blockchain context. It now has a Mainnet working group, and earlier this year produced a document “Why I Won’t Use the Mainnet – Ten Problems“. If the challenges aren’t acknowledged, they can’t be addressed.
ConsenSys’ PegaSys also open sourced the Hyperledger Besu client, which appeals to Java developers and works on both private and public blockchains. And now there’s the Baseline Protocol.
The master plan is for Ethereum to be the one network, the next generation of the internet. It has some first-mover advantage, which given network effects is important.
But before 1998, there was Yahoo, Alta Visa and others in internet search. And then there was Google. Some believe we’re still at the 1998 stage of blockchain. So even if one agrees with the “one blockchain network” argument, Ethereum may or may not be that network.
R3 seems to think the Corda Network will be the “one” solution for enterprises. And they’re having a hard enough time getting CSOs to agree to participate.
Turning to Hyperledger, Executive Director Brian Behlendorf recently responded to the public blockchain question: “I think the vast majority of transactions for a generation at least, and I don’t see any reason why this changes after the generation frankly, will take place on permissioned blockchains.”
But perhaps the last say comes down to governance.
“There’s one internet, there needs to be one main net,” said Wolpert. “And that thing needs to be as close as possible to proof against some group of parties becoming toll loving trolls, getting control of that (network), changing history or locking you out.”