6 vulnerabilities of blockchain technology and how we will overcome them

“the future belongs to those who see possibilities before they become obvious”, T.Levitt

Blockchain technology is an exciting and fascinating topic: In its short 8 years of existence, it attracted massive attention from the world’s brainiest folks, billions of dollars in funding, spurred thousands of new companies (startups mostly), promises to turn upside down almost every industry as we know them today, and provide the foundations for the next internet, the internet of value. But is this grand vision and lofty target feasible and on target?

That’s a rather rhetorical question as it attempts to tackle a utopian situation so I’d rather focus on practical issues as I identified them from my experience and exposure to blockchain: 6 key, broadly defined, vulnerabilities that more concentrated work is need to help us come closer to the utopia described above. For the sake of brevity, I will refer to blockchain as a one-size-fits-all term, and inclusive of public blockchains (bitcoin, ethereum, etc.), privately deployed (permissioned), distributed ledgers (non-blockchain based) and shared ledgers.

Identifying vulnerabilities early in the course of a transformational technology’s journey is not necessarily a contrarian move. Rather, it helps to constructively identify areas which are vulnerable and helps practitioners focus on ways to overcome subtle problems (as for example, the vulnerabilities I identified for the visionary semantic web technology). That way, you acknowledge weaknesses early enough so you can apply remedies before stuck in fruitless explorations and waste resources and time. Technology companies have a way of tackling such situations with pivots, when they can.

Blockchain technology enjoyed a unique situational opportunity: emerged in the aftermath of the 2008 global financial crisis (GFC) it helped, as it presented itself with huge transformational potential. Unique triggers that aligned powerful forces in the global financial and geo-political ecosystem influenced and enhanced blockchains rapid trajectory: the 2008 GFC brought about a nearly catastrophic erosion of trust for banking institutions from large portions of the public, financial services institutions forced or willingly embarked on digital transformation journeys, the sharpest minded folks of the desponded pubic sought ways to take full control of their financial affairs away from the banks, great technological innovations helped with seemingly unlimited computational power and planetary scale distributed systems; all that combined led to the birth of bitcoin in 2009. And then blockchain emerged. And the rest is history. Nowadays, blockchain applications and pilots in the financial services are omnipresent, funding is in abundance and it seems that large corporates and VCs can’t have enough of the pie, and continuously invest.

But what shall we expect, ideally, from such a unique confluence of events and resources with blockchain technology: T+0 trade processing, crypto-currencies at the (digital) pocket of every individual, crypto-assets available 24/7/365 for immediate trading of any asset and transfer of value globally from anyone to anyone using sophisticated smart contracts, elimination of double books record keeping, on-demand automation, intelligent autonomous oracles regulating the flow of value through execution of smart contracts, eventually realizing DAOs (neatly engineered and governed, to avoid well known issues with first attempts in this space); and all that will ideally bring benefits to the society as a whole and tackle the huge issue with the more than 3 billion folks out there who don’t have access to banking.


To get to that mind-boggling future, we need to do more work on:

1. (Universal) adoption 

Blockchain is great, if every market participant is using it. You need two hands to clap. It’s a network and membership should be seamless and streamlined. The bigger the network, the maximum its effect and benefits for its participants. In the capital markets, sell-side, buy-side institutions, intermediaries, exchanges and agents (retail and institutional) and ultimately regulators all need to be in it. One way or another. Blockchain has the transformation effect of “math based money” where the notion of a trusted third party is not present or needed (at least in today’s form), but the current complex financial markets ecosystem won’t change overnight. Practically it can’t, and tactically it shouldn’t.

How to remedy: As every journey starts with a first small step, blockchain adoption started already in small and concentrated pockets of the ecosystem where existing functionality can change to peer-to-peer (p2p) with relative ease; emergence of private blockchain systems helps counter initial roadblocks derived from public blockchains reliability perceptions; consortia bringing together many and diverse market participants emerged and proliferate; that helps understand dynamics, vested interests, and shared goals; these consortia could also lead to much needed standards in this space (so that everybody adheres to standard). 

2. Standards 

Capital markets participants will need to agree on standardisation across various asset classes digital representations on blockchain(s) and their underlying securities. Failing to do so in a cost-effective and timely manner, and with agreed upon practice on how to conduct, could undermine the benefits of a blockchain in the first place.

How to remedy: consortia is one way to foster collaboration and work on blueprints for blockchain(s) standards. Other ways is to get sector regulators weigh in and force principled ways of conducting business with blockchain(s). Standards take time to agree upon, mature and adhered to. But the first steps toward standardisation for the conduct of business using blockchain look promising.

3. Scalability

Current financial markets enjoy some of the most complex and scalable, operational, technology of all industries. For example, in the transactions space, the VISA network averages 2,000 transactions per second (tps) and at peak times that figure goes up to approximately 50,000 tps. By contrast, the largest public blockchain out there, bitcoin, averages 7 tps. In addition, block size limits present some interesting challenges for system architects as not much data can squeeze in the few megabytes available (ranging from average 1MB to 8MB with some clever engineering). Also, time taken for processing and validating transactions (mining) affects the throughput rate and importantly, the ordering of transactions (which could lead to undesirable double spending effects, Sybil attacks, etc.)

How to remedy: if it is only a matter of firepower, then we see that continuous work and relentless innovation produced already some dividends: Symbiont reported 87,000 tps in certain transactional circumstances, and there is ongoing work for scalable block size limits with the emerging Lighting Network. But viewing the scalability issue of blockchain(s) purely from a firepower angle is misleading; new architectures and clever ways of combining the best bits of rudimentary blockchain(s) is another way to achieve scalable, enterprise grade blockchain(s).

4. Regulations and governance 

Blockchain(s) can be a boon for regulators (as it could potentially help them prevent another 2008 style GFC, as stated in a White House hearing last year), but also a challenge. As blockchain(s) present, at least in their native form, a self-regulated network of transactions from a participants’ perspective; regulators and policy makers need to weigh in to protect the consumer from improper activity.

How to remedy: global regulators and central banks begun to notice blockchain over the past couple of years: from the high profile ones to local State regulators, from the West to the East, regulators all over the world are gearing up for the blockchain era. For example, in just a few days, SEC will deliver their verdict on the Winklevoss brothers bitcoin ETF application; if regulatory approval is granted, it could open the floodgates for retail investors and aficionados of cryptocurrencies as, as much as $300M could be invested in that ETF alone in its first week. Regulators should also take into consideration the dynamics of regulation in blockchain environments: enforce vs. make the rules. Enforcing the rules in such environment is mechanical and given by the very nature of blockchains; but making the rules defies the logic of using a blockchain in the first place! This is the “governance paradox” of blockchain.

5. Anonymity and off chain world

One of the cornerstones of capital markets trading strategies and dynamics is that buyers and sellers do not always have to reveal themselves to each other or make their commercial intentions known prior to a trade. With blockchain(s) technology, and their self-regulated, open network with the underlying immutability property for transactions, this is not easy to achieve. On the other hand, regulators and policy makers need to ensure access and traceability is technically and rightfully a feature they can rely upon to do their job.

How to remedy: the anonymity of blockchain(s), mostly public ones with proof-of-work consensus mechanism, can be easily tackled with adopting private, permissioned, blockchain(s), or even a different consensus mechanism (see, for example the excellent review of G.Samman on consensus mechanisms) where the validators are known and trusted (resembling today’s model of market intermediaries (ACHs, CSDs, etc.). Regarding the immutability property of blockchain(s), not all data need to live on the chain – there are certain circumstances where data and triggers can, and should be, off the chain: in a parametric micro-insurance context, for example, oracle data feed smart contracts to enable trigger based execution when a condition is met. But, as smart contracts will be executed independently by every node on the chain we need to guarantee that every smart contract will receive the exact same information from the oracles so that we have deterministic computation, with no inconsistencies due to lapse of network uptime or temporal unavailability of oracle data input. A workaround is to have oracles push data onto the chain – rather than smart contract pulling it in – that way we guarantee that every node sees the same data. Hence, oracles (and other data and business logic structures) can live off the chain and feed in the on-chain components on demand or as per protocol design.

6. Switching cost 

Adopting blockchain(s) is not a weekend system upgrade before markets open again on a Monday. Even the simplest POC and pilots take weeks to come to fruition (excluding the “quick and dirty” hacks done is a few hours which do not intent to produce enterprise ready production systems), let alone intentional systems’ replacement which can take years to materialize. There is plenty of reports and market research out there pointing to billions of dollars in cost savings as a benefit of adopting blockchain(s). But there is little evidence and reporting on what the switching cost is or even how to quantify it.

How to remedy: practically speaking, we need to wait a few more years until we complete cycles of switching large, core, financial market infrastructure systems to blockchain ones. Early work points to clever ways of preparing such a switch (for example, BNYM’s BDS 360 system), but we also need to understand what works and what doesn’t (see, for example Deutsche Bank’s commentary on the bitcoin use failing to eliminate intermediaries). General guidance and sharing experiences also helps, and we need more of that.

The road to adolescence

Arguably, these are not insurmountable obstacles, with all the attention and resources devoted to blockchain technology development it’s only a matter of a few years before we have solid blockchain systems underpinning the global financial services ecosystem. But in other industries blockchain has, arguably, more immediate impact potential with things like supply chain management, ID resilient management, records management (healthcare, personal, government, real estate, etc.), insurance (parametric, contextualized, micro, p2p) and other initial explorations. As blockchain applications progressively mature in other industries, the great catalyst that will bring about fundamental change will arrive: Consumer. A great catalyst by their sheer volume, when consumers start using blockchains(s) and services build on them, we will experience impact equivalent, at least, to the arrival of e-Commerce on the web and growth of social media.

But the current focus should also shift from enhancing existing mechanics of blockchain(s), like getting higher throughput for tps, bigger block sizes, better consensus mechanisms, flexible governance protocols, etc. – to bring in new techniques and knowledge from other fields and practices. For example, smart contracts current work could benefit by a solid body of knowledge and work done in AI with autonomous multi-agent systems (think here, agents as in smart contracts on blockchains), especially in automated coalition formations and mechanised trust protocols. Industry practitioners could benefit from engagements with academia, as we clearly witness in the engagement, for example, of Barclays and Imperial College London for smart contracts research. One would observe that unlike other transformational technologies, blockchain had little to do with academic research and development, initially at least. Almost a “not invented here” syndrome kept the best academic labs muted in the first few years whilst much of the work done was driven by communities of practitioners. But this started to change lately, with world class research hubs forging partnerships and setting up blockchain specific labs.

Transformational technologies take time to pay back heavy dividends. It’s a long and impactful journey, not a quick sprint with a shocking effect. The pace of substituting old technology with new is very dependent on ecosystems, and we see that blockchain is doing well on that front. Most impactful innovations arrive at the end of the hype cycle and tend to stay with us for a long time. Blockchain technology is getting there and will keep us busy in its journey to adolescence.