When engaging with customers on Blockchain projects, I come across a number of red flags that indicate the scenario isn’t ready or suitable for the technology. For example, I would frequently find Enterprises trying to take an existing 3 tier app that they ran internally, and planned to swap the Database with Blockchain to “make it more secure”.
This led me to putting together a quick screening checklist that I would share with account managers, to allow them to do early screening of their accounts. Now when I am eventually brought in, the scenario is in a much better place for me to work with.
Attributes of a good Blockchain engagement:
- Consortium: Multiple companies being part of the initial deployment.
- Shared Blockchain: The Blockchain infrastructure is hosted by all parties, who are all validating the Blocks
- Infrastructure independence: Each party has their backend systems directly connected to their Blockchain nodes.
- Decentralisation: One of the founding members could potentially drop out, with the other parties continuing without impact
- Shared API: The Blockchain is used as a “shared API” that the parties use to communicate through via smart contracts.
These are not necessarily showstoppers, but do indicate that the technology is not being used optimally.
- Scenario is a workflow for a single company.
- Not all consortium members are providing development resources for the development.
- No direct access to the Blockchain to validate underlying data, everything goes through abstractions.
- Other parties all go through party A’s centralised infrastructure and can’t see the Blockchain.
- In the architecture diagram, if you could potentially replace the Blockchain with a SQL database and external parties would not know any difference as they can’t access it.
- Customer is using it as “a chance to play with Blockchain” with no pathway to production.
- Wanting to store PII information e.g. medical records, or access records
- Required supporting systems are not yet implemented e.g. supply chain logging, IoT sensor information.
- Thought about how identity will be handled.
- Agreements from the other companies that they will be part of the Direct Engagement
- Dedicated, ring fenced, development team within each member of the consortium (regardless of my involvement).
- End to end workflow for entire interaction between Party A & B. Including sequence diagrams showing where it will pass between systems.
- Solidity tutorials completed e.g. Cryptozombies tutorial
- Developer environments configured setup guide
Alternatives to Blockchain
If a customer is trying to “make it more secure” without involving other parties, then other services may solve it easier
- Azure SQL ledger: SQL Database but with tamper-evidence capabilities.
- Azure Immutable blob storage: For customers that require audit trails for regulatory reasons. Targets SEC 17a-4(f) compliance.
- Azure CosmosDB: For quick replication of data across regions.
- Azure AD Authentication for storage: For giving conditional access to sensitive resources.