The Privacy Paradox: Navigating Enterprise Blockchain's Biggest Challenge
I was recently in San Francisco for the Hyperledger Members Summit, an intimate, excellent event for Hyperledger member firms to connect with one another. With Web3 Labs’ ongoing contributions to Hyperledger Besu, the summit was a great opportunity to connect with other companies that are using Hyperledger Besu and other enterprise-focused blockchain clients.
The case for private blockchains in an open world
Although many believe that the future of blockchain is everything happening on public networks, there is still room for permissioned enterprise-focused blockchains to thrive. With the rise of the web during the noughties, we saw many companies embrace the public internet, but it didn't do away with private computer networks. Much of the wholesale financial services industry uses private networks, and this is a trend we'll continue to see even with web3.
Computer networks that are of systematic importance to a specific jurisdiction such as central bank-issued currencies will not end up on public blockchains. With this context in mind, a number of different highly regulated financial infrastructure providers and central banks are working with and evaluating enterprise blockchain networks.
When I wrote my book, The Blockchain Innovator's Handbook, I discussed the enterprise blockchain landscape at the time which included:
Hyperledger Besu and Quorum
In the couple of years since its release, the dominance of the Ethereum Virtual Machine (EVM) in public blockchain networks has influenced enterprises too, with Hyperledger Besu emerging as the most compelling option for firms looking to deploy new networks. For more on why, you can refer to my recent post. Given how widespread the EVM is, coupled with Hyperledger Besu being designed for both enterprise and public network deployments, it’s by far the most battle-tested and future-proof technology to use.
However, whilst Besu is becoming more entrenched with enterprise, it doesn't solve some of the privacy challenges which companies have.
These privacy challenges are not unique to enterprises. Activity on public blockchain networks takes place using pseudo-anonymous identities, where on-chain activity is fully transparent to all network participants.
There is an expectation, like with most of the technical challenges in web3 that they will be solved in the near future, but it seems unlikely in the next 12 months.
The cutting edge of privacy in Web3
The solutions tend to involve using fully encrypted blockchain networks such as Obscuro and Aztec. Both of these are layer 2 networks being built on Ethereum — Obscuro relies on SGX enclaves, whereas Aztec uses its own zero-knowledge technology (ZK-ZK rollups as they refer to them).
Other approaches utilise zero-knowledge technology for smart contracts that issue shielded tokens, as EY's Nightfall project has done. None of these approaches are seamless, and they are all at varying stages of development.
Enterprise -specific needs: Identity and data security
Users of public blockchain networks are mainly driven by asset speculation, and don't mind if their activity is potentially visible to others should their pseudo-anonymous identities be revealed.
For enterprises, there are two crucial considerations that limit what they can do with public blockchain networks. Firstly, they need to be sure of whom they're dealing with. If you're a bank, you better be certain of who your customers are. Secondly, you need to ensure that data, be that customer or commercially sensitive activity is not readily available for anyone to consume should they so choose.
This is where an enterprise has challenges with all on-chain activity being shared with all participants of the network.
Although it's limited to transactional data on-chain, having everyone able to see which parties are entering into every transaction is far from ideal and privacy is required to address these shortcomings.
Quorum's privacy model: a case study
J.P. Morgan's Quorum blockchain technology emerged back in 2016 to address this lack of privacy for Ethereum networks. They modified the Go-Ethereum client code base (support was subsequently baked into Hyperledger Besu too) and added a private state database and a secure enclave for storing private transaction payloads.
Quorum added a private transaction capability to blockchain networks. When you submit a transaction to a node on the network, you can mark it private for that node. The node then encrypted the transaction payload and propagated it only to the participants it was intended for.
Those who could decrypt it, then applied the appropriate updates to a private state database, ensuring that the transaction had taken place as far as they were concerned. The transaction was stored in the secure enclave ensuring there was a means by which the transaction could be recovered.
This approach did work, but it was brittle, and many companies found it complex to deploy as not only did you need to have the blockchain nodes, but you also had to configure the enclave instances and ensure they could all talk to one another. This added significant overhead to the deployment.
There were also challenges with bringing new participants into transactions after the fact, and challenges with high availability. These factors have resulted in the Quorum-specific functionality being phased out of Hyperledger Besu, and few companies working with what was referred to as Quorum.
However, although the Quorum approach to privacy suffered from its own challenges, there is awareness that blockchain networks need a way whereby a subset of participants can transact with one another in a secure manner where no information about this activity is leaked to any additional participants.
In both public and private blockchain networks, this is a challenge for which an elegant solution does not yet exist. The Enterprise Ethereum Alliance has specifications for privacy approaches for networks. But, they are no longer actively maintained.
Zero-knowledge proofs come up as candidates for a potential solution. However, the current focus with them is on zero-knowledge rollups which are for scaling blockchain networks, not providing privacy.
Other enterprise blockchain technologies such as R3's Corda and Hyperledger Fabric have their own approaches to privacy. Fabric has parallels with the approach used by Quorum. But increasingly, companies want to be able to utilise Ethereum technology in their blockchain networks to piggyback on all of the development being undertaken on it. The EVM is the closest thing we have to TCP/IP in web3.
Privacy as a catalyst for growth
Alongside identity and interoperability, privacy is one of the key features blockchain networks need to provide. During the past year, great inroads have been made with scaling blockchain networks, it is my hope that teams now start to focus more on the remaining challenges, especially privacy.
Having these challenges addressed on public networks won't necessarily bring enterprises onto them, but it will give them a mechanism they can incorporate into highly regulated environments.
This will drive further adoption of blockchain technology in these companies. With the right privacy measures in place, the surface area of potential opportunities will grow increasingly larger which will be beneficial for all.