Why the evolution of blockchain reliability is critical to protecting your digital assets

blockchain_

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Amy Steele, Audit & Assurance Partner, Deloitte & Touche LLP


  • The existence of digital assets is dependent on the reliability of the blockchain.
  • Understanding key vulnerabilities can help better assess blockchain reliability.

Much has been said in recent months about blockchain technology and the security and reliability its networks can offer. Given the fact that risks and controls may look different in the blockchain ecosystem, especially when supporting a company’s financial reporting process, protecting digital assets deserves further exploration.

Why effectively-designed blockchains are key

In traditional contexts, an asset can be observed or tracked via source documents or physical observation. However, digital assets exist as a digital record maintained on a blockchain, often with no further physical representation. Digital assets comprise a broad range of items represented as binary data with usage rights and can range from certificates to crypto-assets. If the blockchain breaks down, a company may not be able to assert through their financial reporting that the digital asset exists. Therefore, existence of digital assets is dependent on the reliability of the blockchain (i.e., blockchain technology and support network).

What is the World Economic Forum doing about blockchain?

Blockchain is an early-stage technology that enables the decentralized and secure storage and transfer of information. It has the potential to be a powerful tool for tracking goods, data, documentation and transactions. In this way, it can cut out intermediaries, reduce corruption, increase trust and empower users.

The potential uses of blockchain technology are essentially limitless, as every transaction is recorded and distributed on a ledger that is almost impossible to hack. Though the most well-known use case is cryptocurrencies, blockchain is being positioned to become a global decentralized source of trust that could be used to collect taxes, reduce financial fraud, improve healthcare privacy and even ensure voting security.

Blockchain has the potential to upend entire systems – but it also faces challenges. Read more about the work we have launched on blockchain and distributed ledger technologies – to ensure the technology is deployed responsibly and for the benefit of all. We’re working on accelerating the most impactful blockchain use cases, ranging from making supply chains more inclusive to making governments more transparent, as well as supporting central banks in exploring digital currencies.

Identifying vulnerabilities

A reliable blockchain should have an effective design for its intended purpose – to properly record a digital asset’s creation or transfer with the following elements:

  • Initiated or observed through deployment services
  • Agreed upon by the network with a consensus protocol
  • Maintained on the distributed ledger by network enablers
  • Cryptographically secure
  • Supported by the community of developers

It may be difficult to conclude a digital asset actually exists when one or more of these elements is vulnerable to breaking down. Below we explore some of these vulnerabilities and what companies can do to enhance their internal controls over blockchain reliability.

Image: Deloitte Development LLC

Deployment services are those technology and service providers that allow individuals and businesses to interact with a digital asset. Examples include blockchain explorer software, digital wallets, custodial services and exchanges. There are variations in the types of deployment services and vulnerabilities, however those that offer data services (e.g., blockchain reader, analytics) present unique challenges to existence. As part of supporting that a digital asset exists, one would look to its representation on the blockchain.

Within financial reporting, a company may utilize a service to directly read and report on the status of its digital assets (e.g., type, quantity, historical transactions). The information obtained by the company may have been sourced from the blockchain, but it may be incomplete or inaccurate through errors in the software or manipulation. Companies may look to obtain a service auditor’s report from the data service provider that would support reliability of its internal controls.

Consensus protocol

The objective of the consensus protocol is to ensure that the blockchain network’s node operators will reach the same conclusion about the validity of transactions. A consensus protocol includes rules for: designating which node operator(s) determines which transactions should be accepted in the next block of recorded transactions as “true”; operating the incentive model that encourages participation and discourages bad actors; and equal sharing of information for a common truth of facts among node operators.

Reliability of the blockchain records may be vulnerable when a blockchain’s open source software contains errors or bugs. Critical vulnerabilities have been uncovered within the source code of various blockchains that if exploited could have triggered an unintentional hard fork (i.e., split of the blockchain). Unfortunately, service auditor reports are not available for public blockchains and it may not be feasible or effective for companies to perform their own source code reviews. Companies may consider ways to assess new developments and reports of vulnerabilities in code versions.

Network enablers

The network enablers comprise the blockchain node operators that perform the essential tasks of validating new blocks and mining (specific to proof-of-work blockchains) for the network. Most node operators are honest and seek to support the reliability of blockchain records in pursuit of the consensus protocol’s incentive model. However, there are a variety of attack vectors against blockchain networks depending on how the consensus protocol is designed. There have been attacks against blockchain networks that resulted in transactions being removed, reorganized and replaced. The reliability of the blockchain records seemingly become less reliable with fewer node operators in a blockchain network. Implementing security policies (e.g., notarizing blocks, penalty systems) may be considered during a blockchain’s lifecycle, but these tend to reduce speed of transaction processing. Companies may consider employing their own monitoring activities to understand and respond to risks.

Security

The security of blockchain technology occurs when data is cryptographically linked through the chain of blocks. This key feature of blockchain also poses challenges to reversing bad transactions or fixing unreliable smart contracts caused by user error or poor design. Companies may need to rely on the internal controls operated by smart contract owners and consider employing their own internal controls around initiating transactions and recovering unintended transactions with smart contracts.

Community of developers

Each public blockchain is supported by a community of developers who may be individuals, groups of individuals and formal organizations. Their effectiveness is key for blockchain reliability. The community promotes their blockchain adoption, responds to feedback from users and node operators, performs research and development for the source code, organizes version updates, and performs source code testing and monitoring. The community is often organized around a non-profit foundation that provides governance over the blockchain. While commonly known digital assets may have active foundations, there are many abandoned digital assets where the foundation dissolved or failed to form. Companies may consider employing their own monitoring activities to assess a community or foundation’s effectiveness, integrity, talent and version updates.

“A reliable blockchain should have an effective design for its intended purpose – to properly record a digital asset’s creation or transfer.”

—Amy Steele

Unique risks and challenges emerge when considering financial reporting in this ecosystem. This article has only begun to touch on challenges with the reliability of blockchain technology and its records – a key consideration for assessing if a company’s digital assets even exist (the World Economic Forum’s Blockchain Deployment Toolkit, launched last month, discusses these considerations in more detail). Still, it is increasingly clear that each of the elements that support reliability deserve further analysis but many questions remain as it relates to these systems of internal controls. Certainly, authoritative bodies around the world are proposing frameworks, issuing guidance and providing feedback for companies and service providers. Companies will only fully benefit from adopting digital assets by being proactive and savvy in meeting these complex challenges with the help of effectively designed internal controls over financial reporting.

Contributors to this report include: Tim Davis, Risk & Financial Advisory Principal, Deloitte & Touche LLP; Brian Hansen, Audit & Assurance Partner, Deloitte & Touche LLP; Peter Taylor, Audit & Assurance Senior Manager, Deloitte & Touche LLP

the sting Milestone

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

REACT-EU: EU support to mitigate immediate effects of the COVID-19 crisis

Korea must enhance detection and reinforce sanctions to boost foreign bribery enforcement

Draghi hands over to banks €77.7 billion more

Here’s the secret to financing a greener future

Why EU’s working and unemployed millions remain uncertain or even desperate about their future

Companies that put employees first perform better

38th ACP-EU Assembly: dialogue on cooperation challenges in Kigali

Privatization as a symptom of health inequity

WEF Davos 2016 LIVE: “If we do not do properly the Paris agreement, then all 16 remaining goals will be undermined”, UN Secretary General Ban Ki-moon cautions from Davos

To beat hunger and combat climate change, world must ‘scale-up’ soil health – UN

In visit to hurricane-ravaged Bahamas, UN chief calls for greater action to address climate change

Trade with the United States: Council authorises negotiations on elimination of tariffs for industrial goods and on conformity assessment

Iran: BBC and other broadcast journalists harassed; families threatened – UN experts

Why developing new antibiotics is a matter of life and death

7 shocking statistics that show the cost of corruption

Lithuania finds the ways to maintain its energy security

Migration crisis update: The “Habsburg Empire” comes back to life while EU loses control

Under fire, UN refugee agency evacuates 135 detained in Libya to Niger

State of the Union 2018: The Hour of European Sovereignty

Alarming level of reprisals against activists, human rights defenders, and victims – new UN report

Infrastructural and system barriers to Universal Health Coverage: get in my patient’s shoes

Some truths about the coronavirus, according to the World Health Organization

Visa-free access to the EU for UK nationals and to the UK for EU nationals

Improving Italy’s capital market will boost growth opportunities for Italian companies and savers

Cyber-Risk Assessments: the vaccine for companies in the Fourth Industrial Revolution

These Asian economies invested in their people – and it paid off

Progress made at COP25, despite lack of agreement to increase climate ambition

4 innovation hotspots in the Arab world

This Scottish forest is both a home for wildlife and a boost for the local economy

EU mobilises immediate support for its Western Balkan partners to tackle coronavirus

Boris Johnson’s no-deal Brexit to differ when issued from 10 Downing St.

“There are many converging visions and interests between the One Belt One Road initiative and the Juncker Investment Plan”, Ambassador Yang of the Chinese Mission to EU highlights from Brussels

Humanitarian aid: EU steps up support in Nigeria for conflict victims

The EU Commission openly repudiates the austere economic policies

No hard drivers in sight to remodel the stagnating affairs of the EU

Chart of the day: These countries have the highest share of electric vehicles

Successful carbon removal depends on these 3 conditions

ISIS fighters fleeing Mosul for Syria can topple Assad. Why did the US now decide to uproot them from Iraq?

“Is Europe innovative? Oh, Yes we are very innovative!”, Director General of the European Commission Mr Robert-Jan Smits on another Sting Exclusive

UN must bring more women police officers into the fold to be effective – UN peacekeeping official

The Free World Experience Report – LGBTQI+ health on the spot

Trump badly cornered at home by agribusiness and steel consumer lobbies: Trade

ZTE @ MWC14: ZTE excels in all areas at this year’s Mobile World Congress

Egypt: The road to hell paved with western advices for democracy

UN launches new framework to strengthen fight against terrorism

Syria war: executions condemned as violence continues ‘on both sides’ of border with Turkey

This UK footballer just won free school meals for kids in the summer holidays

MWC 2016 LIVE: Zuckerberg warns mobile industry not to ignore the unconnected

CO2 emissions around the world

COP21 Breaking News: China has promised to cut emissions from its coal power plants by 60% by 2020

Rising landmine blast toll in Afghanistan highlights long-term care needs of survivors

Topic: Mental Health in times of pandemic: What can each individual do to lessen the burden?

25 years on from landmark conference, millions of women and girls still in danger: UN deputy chief

Nigeria: UN chief ‘appalled’ by killing of aid worker; calls for release of remaining hostages

How a new approach to meat can help end hunger

Why social working cultures are happier and more productive

EU: Divided they stand on immigration and Trump hurricanes

TTIP: why it is worth not to pull the covers over your head?

Leading Palestinian legislator calls for ‘new international engagement’ in two-state solution

UN mosquito sterilization technology set for global testing, in battle against malaria, dengue

More Stings?

Advertising

Comments

  1. Vedang Ratan Vatsa says:

    • UAE is debuting a blockchain-based KYC platform

    • Dubai’s Department of Economic Development, and state-run bank Emirates NBD are rolling out their UAE KYC Blockchain platform

    • 120 local firms already signed up for the platform with Emirates NBD

    https://blts.app/10250

Trackbacks

  1. […] Why the evolution of blockchain reliability is critical to protecting your digital assets  The European Sting […]

  2. […] Why the evolution of blockchain reliability is critical to protecting your digital assets – The Euro… […]

  3. […] (perform(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = ‘https://join.fb.web/en_US/sdk.js#xfbml=1&appId=249643311490&model=v2.3’; fjs.parentNode.insertBefore(js, fjs); }(doc, ‘script’, ‘facebook-jssdk’)); Original source […]

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s