Everything I've been reading about blockchain from my understanding says that even on a private blockchain, every participant can view all transactions. I've seen it mentioned that a use case for block chain could be the sharing of medical data. So for example if I had a blockchain that holds the medical history of every person from birth to death in a country. Is there no way of setting up permissions so that only data relating to a person and those who have been given permission to that person's data can view it? If the data is stored on every node in a blockchain, how is a person's computer supposed to have the capacity to store the medical data of every person in a country?
I would advise looking up Medrec when related to health care. Most of the research is geared towards dealing with keeping the data off the chain. In addition, there are other blockchains that might provide a better solution, for more privacy, for example, I would look up quorum by JP Morgan. There are different formats being looked at but these can give you two possible solutions. Also, check out Health Nexus' whitepaper, it deals with medical blockchain technology. Let me know if you need more.
https://www.pubpub.org/pub/medrec
https://github.com/jpmorganchase/quorum
There are blockchains that allow defining permissions. Hyperledger Fabric is one of them. You have the ability to configure channels with data stored in the ledger of the participants in the channel only.
to pass the scalability problem of blockchains and their solutions for this purpose, you should concentrate on off-chain architecture.
right now this scenario should be considered:
save tx's to the blockchain(it should be formal)
save hashed data to an off-chain repository like DB's.
save the address of that data-hash to blockchain for future access.
yeah, you pointed to the right thing. a central point of access as an admin-node or god should be the opposite of blockchain as a distributed dream.
for this issue, the mechanism like secret-sharing or re-encrypt proxy should be realized to guarantee the privacy and security of data-hashed.
for more information read this article:
https://www.sciencedirect.com/science/article/pii/S2210670717310685
GoQuorum has an 'enhanced permissioning' model where you can do all that, and at the same time stay compatible with Ethereum standards.
Check this out: https://consensys.net/docs/goquorum/en/latest/configure-and-manage/manage/enhanced-permissions/
Related
I am just starting out as a blockchain developer and I want a blockchain service except Ethereum (already implemented) to store a hash (SHA256 and ISCC hashes) of a document in a blockchain so that it can verify its validity and is tamper proof. There is already a UI to generate hashes and I need a blockchain to store the hashes
My need is:
I want to have a blockchain service with low transaction cost and high transaction speed. Also, I want that the hashes be stored in the blockchain for a long period of time (5 years). Which blockchain would be best fit for this usecase?
To answer your question, you need to understand who will be the users of your project. Accordingly, it is necessary to use the public or private blockchain further. For public blockchains, the choice is quite small - of those that will live for 5 years, these are most likely Bitcoin and Ethereum. For private blockchains, the choice is much wider: Ethereum / Quorum, Hyper Ledger Fabic, Corda and many others. Each of them has its own complexity of deployment, development and support.
But the very first question - why do you need blockchain? To store hashes of files, you can use IPFS or cloud storages, certifying them with a digital signature of a certain "notary" participant or, for example, the owner of the file. In terms of performance and low cost, these are the most efficient solutions.
I want to have a blockchain service with low transaction cost and high transaction speed.
Everyone wants this, so you are not along with your requirements.
Also, I want that the hashes be stored in the blockchain for a long period of time (5 years). Which blockchain would be best fit for this usecase?
Currently all blockchains assume the state is stored permanently - or to the end of the world or until nobody runs nodes anymore. Whichever comes first. There is a risk of dead chain, so whatever you pick might not be around after five years. However this is a business discussion, so it is hard to answer to this one on StackOverflow.
For your use case, it does sound you do not need a blockchain at all, but just having a public data storage that is prepaid for up to five years.
You can use Emercoin NVS for upload your hashes. Service emernotar.io already does so. Also, you can use File Validator service, all scripts are open source and available on Github.
I ask this question because I want to facilitate a workflow that utilizes a managed blockchain service such as the Azure or AWS blockchain service.
Is the true purpose attestations, provenance and interoperability?
In that aspect, aren't regular (legacy and or current) methodologies sufficient for data interoperability and the transfer and consumption of said data?
Lastly, if all this effectively is doing is creating a ledger account of data flow would a true advantage be the encryption of the data existing on the entire flow including up unto the edge?
If it cannot be encrypted up to the edge so that it is not readable at any point in time of the data flow into the data archive/traditional store is effectively worth any of the previous described gains of provenance and interoperability?
I think there is some nuance to this answer. The purpose of Azure Blockchain Service is to allow enterprises to build networks (consortiums) that enable the business workflows. The unique value that blockchain is adding to business workflows is a logical data model/flow with infrastructure shared to the participants (businesses). That is not easy to do with a traditional database model.
With regards to the encryption you mentioned above, the value with blockchain is providing a digital signature for every change in the system that is shared between enterprises. The typically is done at the client to provide the least chance for manipulation. Privacy, which can use encryption techniques, is something that can be used to allow participants to control access to change details. The fact that changes were made is still cryptographically verifiable, without sharing all the data details with everyone.
If you look at something like EDI that is done today with supply chains, this essentially is a complex network of enterprises, synchronizing databases. This typically suffers breakage of keeping all these things in sync. With a blockchain based system, the "syncing" is abstracted and the focus is more about the business logic, which is always cryptographically signed and verifiable. So it functions like a single "logical" data store, but is actually distributed.
I'm documenting in this blockchain world. Basically I would like to make some web application in which a user decides to make a donation, and would like to see who made the donation and to which entity. I have several doubts, the first one:
1-Is it possible to use blockchain using javascript? (can smartcontracts be done in javascript?)
2- If the donation is made using blockchain, is it necessary to use a cryptocurrency? or you can use real money and make the transaction (using some means like paypal)
3- Can real money be transferred by some means such as paypal using blockchain?
Thank you very much, your answers will document me much more
Is it possible to use blockchain using javascript? (can smartcontracts be done in javascript?)
Every blockchain has a SDK, the part of the software which lets you
interact with the real blockchain( A decentralise ledger). There
are generally two parts in the Blockchain , One is client and one
is processor.
As you must have guessed, Client is the one who sends the transaction,
This transaction must satisfy certain rules in order to be accepted by
the transaction processor. If the transaction gets validated by
transaction processor, The transaction will be added to the block alongwith
other transactions and this block will then be added to the blockchain.
Copied to all other nodes (Forks are a different story)
Generally Most blockchains lets you interact with the blockchain through
ABCI which is just an interface to convert your transaction into
a format understandable by the blockchain processor.
Some blockchains has their fixed transaction processing logic like Ethereum for
security and some lets you write your own transaction processing logic like
Sawtooth, Fabric etc.
Permissioned and some public blockchains like Hyperledger projects and
cosmos SDK lets you write your own application layer logic for Blockchain,
So yes, You can write those transactions in Javascript or any other programming
language, as long as it satisfies the interface.
Public blockchain deals with tokens having real worth. Their transaction logic
is already fixed, but some of them does provide javascript API's like NEO
(Not sure about that)
2- If the donation is made using blockchain, is it necessary to use a cryptocurrency? or you can use real money and make the transaction (using some means like paypal)
You can do that and put the donation receipt on Blockchain linked with
real identities of people. This way if anybody wants to check who pays
how much donation, They can query blockchain for the user address.
3- Can real money be transferred by some means such as paypal using blockchain?
This can also be done, but this will involve using a crypt exchange,
centralised or decentralise. You can convert the real money into crypto
of your choice at one end and vice versa at the other hand.
Note: This is based on my limited knowledge of Cryptocurrencies. Please consult more people or any professional company before acting on this advice.
I don't think any protocols offer the possibility to implement their smart contracts in Java Script, but you can build a translator between the two languages which could potentially benefit others in the open source community.
So you want have some engineers do some work for you, in this case build an web application. There are several ways you can get this done, here are some ideas:
a) issue tokens which pays profits based on the success of your new business, you might be able to do this on a protocol that is not tied to any specific crypto or fiat currency.
The users can use an exchange to convert your tokens to their favorite one.
b) approach a private equity or VC fund and get them to pay for it.
c) forget about blockchain, and just pay for the project to your favorite engineers.
I work in a company where in order to send staff to the field, employees have to comply with a certification that expires each 4 years, which probably employees did in their previous job, but the previous job just provided a letter that could be falsified, also, others companies don't spend time and resources to share their databases advocating security for the sensitiveness of data (names, nationality, id, company (including governments), date completion), centralization is a risk they don't want to take. As this is a training that is the same, and conducted everywhere that produces a contract between the company and the person, that expires in 4 years, but the person would like to be able to certify itself with the other companies, I was wondering if there is such implementation in the blockchain world, where writers, public ones, with no interest in 3rd parties, but in consensus due to the training nature, are willing to write/read the transaction on a secure manner providing a "self-service" among producers and consumers.
Assuming the other companies want to participate in the scheme, it is perfectly plausible to use some blockchain solution. You might want to use Hyperledger Fabric to create a privately permissioned blockchain network between the relevant stakeholders.
However don't get sucked into the blockchain hype, evaluate objectively whether the rest of the business processes also fit in the paradigm. Can certifications be revoked? Are there regulations on what data you can store on the employees and rights they have to get their data erased?
There might be many other simpler solutions that achieve the same thing. If the company or training provider just has a private key that signs certificates (PDF?) it might already be enough to solve your letter falsification issue.
Maybe each company could host its list of certified trained people on its own repository which could be queried, such that the list of certified people is maintained up to date (and any revocations can also be handled online), would probably achieve exactly the same result. Just like most other blockchain use-cases, there is a simpler solution that achieves the same thing, and is probably more flexible to fit the rest of the business processes.
Finally, before engaging in too much effort, make sure the other third parties are on-board. Do they really want to share the list of people they trained with competitors? If there is a likelihood they will not play along the project will probably be DOA. Case in point what happened here:
https://www.coindesk.com/ibm-blockchain-maersk-shipping-struggling/
how to verify new assets in a blockchain? For example: in order to participate in blockchain transactions, a member must first claim to have an asset that the network has not seen before, how would the network verify this claim? I've read a bunch of papers, but they're too bitcoin centric, which is that there are centralized institutions that issue block assets to members in exchange for real world currencies. And the non-bitcoin-centric mechanism seems to just assume that the new asset is inalienably verified, so just hash it directly with a timestamp as a new block. There doesn't seem to be any verification process. Is it incumbent on the application to determine a specialized verification algorithm? Am I just completely missing something? Please any response is appreciated.
To track assets using the blockchain you create your own token and create a owner which can then assign people the asset using contracts or manually. If you are talking about currency then you either need to work and mine it or buy.
Yes it is the application's and mostly the user's responsibility. A real world asset cannot be pegged to a digital asset, blockchain or not, without a central authority enforcing such a peg.