Making blockchain accessible to global supply chains

Making blockchain accessible to global supply chains

It wasn’t too long ago that editors could grab headlines just by putting “blockchain” in the title. Pretty soon, everyone started doing it. They told us that there was a blockchain solution for everything from hangovers to dog grooming. Somewhere along the way, readers lost the ability to differentiate between overhyped gimmicks and real solutions with actual potential. Eventually, media fatigue set in, and people lost interest.

Now readers are wondering what happened to these promises. Unfortunately, there’s always a delay between research and development and deployment. Like now. But that doesn’t mean that we can ignore blockchain. Hype aside, the benefits haven’t diminished, and companies shouldn’t sleep on a chance to be first movers on this paradigm-shifting technology.

That’s why it’s important to shift the conversation away from “look how cool this technology is,” to “how can we overcome those final impediments to widespread adoption in the logistics industry?”

The key to taking blockchain mainstream is to focus on integration. We’ve got this great technology, but it’s still too hard to interact with and manage blockchain applications for most folks.

That’s due in large part to some impediments that we’re going to have to address. First, we’ll have to acknowledge that asymmetric cryptography is hard and that we need to provide solutions that make its benefits accessible to all levels of tech literacy. The fact of the matter is, even software developers struggle to understand it. Building cryptography software from scratch is like playing blindfolded Russian roulette, and you’re the only guy at the table — you are going to shoot yourself in the head, no doubt. I can’t begin to name all the ways that cryptography projects can go off the rails, but it’s an important concept to understand.

Cryptography

So what exactly is cryptography?

What makes blockchain such a secure format is that messaging and transactions are all signed with private keys (these are like passwords) in such a way that anyone who knows the public key (these are like usernames) can verify that the sender is the original author of that content. That’s because there’s an impossible-to-forge signature attached. The other component of modern cryptography is message encryption. This allows you to take that same message and scramble it so that only the intended recipient can read it. In short, asymmetric modern cryptography lets us sign and encrypt messages for different parties that have their own sets of keys.

Blockchain technology is built on this form of message signing. Everything is signed and verified by keys. That’s how you know that information is authentic. That’s how you know that the block is real. I couldn’t forge a transaction out of someone else’s account because I can’t sign it with their key.

In practical terms, this sort of encryption addresses one of the longest-standing weaknesses of supply chains — lack of transparency and accountability. Blockchain’s asymmetric encryption guarantees that a shipment's condition, ownership, and location are clearly established at all times. If there’s theft, spoilage, or dispute over adherence to any other terms of shipment, the owner of the shipment can establish responsibility without the costly and time-consuming paperwork normally associated with such matters.

But here’s the problem. This stuff is complicated. Nine out of 10 programmers couldn’t even give a coherent summary of blockchain encryption like I just did here. That’s a serious barrier to implementation because the level of programming that encryption requires demands a level of expertise that’s lacking in the programming world.

It doesn’t need to be that way. That’s why we’re building these tools to wrap it all and encapsulate it and remove the need for experts from the system. In other words, taking blockchain cryptography from complex idea to idiot-proof daily use requires very sophisticated programming, but once that’s out of the way, it becomes a very accessible and powerful tool — that’s why we are giving our whole toolbox away to the community for free, and we’re hoping others follow suit.

Interacting with blockchain

The next problem builds on the first. Even if all the cryptography is handled for you, interacting with blockchain is almost as complex. Being able to send messages and submit transactions requires high-end asynchronous programming and job management. At this point, if a retailer wants to accept bitcoin, their sales platform needs to have plugins that have already addressed this complexity and broken them down into simple-to-install tools, meaning that the complexity is taken care of. Outside of these plugins, you would have to build it yourself, which is sort of where the logistics industry is at right now — we’re building these tools.

The promise of blockchain is that anyone can do it, but the reality is that many people can’t. It’s very complex and requires users to wait for confirmations and to account for the asynchronous nature of needing to check back in later to see if transactions have processed.

Secrets managing

The third barrier is secrets managing. How do you keep your private keys private? Where do you keep them? We’re learning this firsthand here at ShipChain. When our engineers are testing our web application and we need tokens, we need to know who’s got the company wallet with the tokens and where we keep that private key that controls access to them.

It’s not sufficient to just leave them with a trustworthy person. Here’s why. With blockchain being unhackable, the key itself — and the person handling it — becomes the point of vulnerability, and we’ve already seen hackers exploit this vulnerability. To address this weakness, we’ve developed a virtual safe where these keys are stored that we’ve called “engine.”

Here’s how it works. Let’s say you want to send me 15 tokens that would be used to transact logistics services on our platform. Under the normal usage paradigm, you have to unlock the safe, remove the key, handle it, manage it, sign the transaction, and then put the key back in the vault. You have to make sure the key never gets accidentally written to a debug log, or stored in an accessible memory; the machine needs firewalls and security scans and bank-grade protections. There are multiple points in this process where the key is vulnerable, and that’s an unacceptably high risk.

The best way to guarantee the safety of the keys is to never take them out of the safe. The keys remain inside the digital safe, from where you can sign messages and verify transactions. That means that as long as you are authorized to use the virtual safe, you can authorize and sign transactions without ever having physical access to the key. “Engine” can look it up, retrieve it, and sign the message.

The net effect of the issues we’ve just reviewed is that the barrier to adoption is tremendous. If you want to build a blockchain app, you need a cryptography engineer, a high-level backend engineer, and you need a security expert, all in one.

Or, you can let others handle the complex programming and focus on running the logistics side of your business. By harnessing all of our apps that we’ve open sourced, you could hire a mid-range programmer and start accepting SHIP tokens on your website today, check to see if the receipt has been paid, and other similar functions.

That’s the only way we’re going to be able to advance the blockchain paradigm — by making blockchain the easiest and most effective tool on the market. But to get there, we need to get it implemented across the industry.

Remember back in 2014 when Tesla started giving away patents to its competitors so that the market would shift towards electric cars? That’s what we’re doing with blockchain, albeit in a slightly different way. We’re offering open-source software and free tools that allow logistics companies of all stripes to easily incorporate blockchain into their day-to-day operations because it’s something that we believe in. 

Lee Bailey is chief technology officer of ShipChain.