The Blockchain Explained to Web Developers, Part 3: The Truth
After exploring the blockchain theory and using it for real, we now have a better understanding of its strengths and weaknesses. Surprisingly, most of our conclusions are very different from what you will read in the blogosphere. Maybe it's because we don't blindly relay the fascination caused by the huge valuations of BitCoin and others. Maybe it's because the hard truth about the blockchain is that it's not ready yet. Read on to understand our take on the blockchain, based on strong evidence.
As explained in detail in the previous post in this series, developing Decentralized Apps over a blockchain is a pain. The development community is small, available code snippets don't work, public tutorials are outdated, the libraries are crippled with bugs, developer tooling is lacking, bugs are silent, etc.
It's not that the Ethereum developers and community are bad ; they're amazing, and they're pouring a lot of time and expertise into their tools. But building a blockchain framework is a huge amount of work, and they're only halfway through. Ethereum hasn't reached the point of usability yet. I'm confident that this will change in the future, but I don't know if it's a matter of months or years.
The consequence is that developers don't want to work on blockchain projects - they find it very frustrating. If you force them to work with a technology they hate, they will leave. Since it's extremely hard to find skilled developers these days, you should think twice before taking a chance on the blockchain.
The second consequence is that it's impossible to estimate the time it will take to build a project on the blockchain. If you can't estimate your costs, good luck building a Business Model on the blockchain.
In our blockchain experimentation, everything a bit "smart" in the contract had to be moved to a plain old web service running outside of the blockchain, in a trusted environment. For instance, a smart contract can't figure out if the person asking for an ad placement is the author of a pull request, because a smart contract can't call the GitHub API. As a consequence, our smart contract keeps only a very minimal amount of logic, becoming, in fact, a dumb contract. It's not because we wanted to, it's because we couldn't do otherwise.
By design, a blockchain is deterministic. That means that if you take the entire history of blocks, and replay it locally, you should end up with the same state as every other node. This forbids the call to external APIs, where responses may change over time, or according to who calls them.
Blockchains are walled gardens. You can execute a contract from the outside world, but a contract itself can't require data from a source outside of the blockchain. If a smart contract needs external data, someone must push the data to the blockchain first. There is an effort to ease this process through a concept called Oracles. But Oracles need a reputation system and governance. So much for fully-automated contracts and disintermediation.
In the real world, very few applications work in isolation. All the applications we've built for the past 3 years relied on external APIs - for identity management, payment, live data source, image processing, storage, etc. The limited capabilities of smart contracts make them useless in real world situations.
If you read through the first blog post of this series, you probably think that you have a good basic understanding of the blockchain. Now, go and read this article. I'm an average engineer with only 20 years of experience in Web Development, and I couldn't understand anything after the Jurassic Park reference. Terms like "two-way-pegged blockchains", "pre-determined Host Oracle Contract", and sentences like "The M-S result, combined with our inability to feed (non-BB) a revelation mechanism, means that Oracles are out" make me fell like a first grader.
The blockchain concept is complex. Existing implementations rely on rare design patterns, that you don't learn in college. The blockchain vocabulary is kabbalistic.
Developing decentralized apps on top of blockchains requires understanding too many complicated concepts to fit in an average developer's brain. My opinion is that there are not enough highly skilled programmers to support the revolution promised by the blockchain. And there will never be, as long as it's so hard to understand.
As a consequence, most Decentralized apps are very buggy. A recent article stated that smart contracts contain 1 bug every 10 lines of code, making Ethereum "candy for hackers". It wouldn't be such a big deal if fixing bugs was easy. Unfortunately, as we explained in the previous post, you can't update a smart contract. You have to create a new contract, transfer all the data and pointers from the old contract to the new one, and wait for the blockchain to propagate the change. The old buggy contracts and transactions remain in the blockchain forever.
The blockchain authors suggest using "code as law". This also means "bugs as law", as every software contains bugs. These bugs can be used by smart developers (criminals, the NSA, etc.) to avoid playing by the rules. Bugs are very common, even in popular open-source projects. Bitcoin, for instance, suffered several critical bugs leading to "cybertheft". So leaving the keys to developers also means giving extraordinary power to the mean developers.
I don't want to go all FUD (Fear, Uncertainty and Doubt) on you, but the possible scenarios of a society governed by machines don't all finish with a happy ending in my mind.
And even if we don't consider mean developers, giving the power to good developer is dangerous, too. The problem is that developers are irresponsible (no harm intended - I'm a developer myself). It's not that they're childish, it's that nobody ever taught them to write the law.
Also, developers are not elected by the people. If you don't agree with the direction that Bitcoin takes (favoring speculation rather than practical applications) too bad for you - there is nothing you can do to change that. This is currently happening: the Bitcoin network currently suffers a severe crisis, because of the disagreements between a few core developers.
The decisions of half a dozen developers may cause the collapse of a billion dollar market capitalization. But nobody will hold them accountable in case of failure.
A blockchain is not cost-effective at all. In fact, it's a huge waste of resources.
Take data replication for instance. The blockchain replicates all transactions across all nodes. Engineers have long invented replication strategies with better space efficiency. Compare the Blockchain with RAID6 disk clustering for instance:
In a Blockchain network, 10 nodes of 1GB each allow for a total replicated data volume of 1GB. You can loose up to 9 nodes in the network, and yet be able to recover the entire data.
In a RAID6 pool, 10 hards disks of 1GB each allow for a total replicated data volume of 8GB. You can loose up to 2 HDD in the pool, and yet be able to recover the entire data.
Mining nodes require very expensive hardware, with high end GPU cards and a huge amount of memory.
And it's not just about buying expensive hardware. 99.99% of the computing is just wasted. All miners compete to mine a block by running expensive Math challenges. In Bitcoin, only one node every 10 minutes wins, and is actually useful to the chain by creating a block. The computation done by all the other nodes is thrown away.
The Ethereum blockchain is trying to fix that: they plan to switch from a proof-of-work consensus algorithm to a proof-of-stake, which is much less resource intensive. But proof-of-stake also has drawbacks, such as giving more power to people or companies owning high amounts of cryptocurrency. Besides, it's far from ready yet (expect it in at least a year from now).
This waste of storage, CPU and memory translates into a huge waste of energy. According to a bitcoin mining-farm operator, energy consumption totaled 240kWh per bitcoin in 2014 (the equivalent of 16 gallons of gasoline). Mining farms are a distributed engine turning electricity into heat. A blockchain is, in short, an expensive radiator. Energy efficiency is a big deal in a globally warming planet.
Who pays for all the wasted energy? The companies that publish and use smart contracts. Yes, that's you, if you intend to run a business on the blockchain. When you pay for a transaction on the blockchain, you also pay 99.99% of the network running at full speed for nothing. That makes blockchain transactions expensive.
An average BitCoin transaction requires a fee of BTC 0.0002 ($0.11). This price is rising. It's not really cheaper than a bank transaction fee (unless you consider a transfer across two countries with different currencies, of course).
For ZeroDollarHomepage, executing a 10-lines script on Ethereum method costs about one cent (0.01). That's insanely expensive. Amazon Lambda, for instance, [costs0.0000002 per request](https://aws.amazon.com/lambda/pricing/) (after the first million requests each month).
It's normal to pay for hosting costs when you use a platform, but the Blockchain costs are orders of magnitude higher than the most expensive PaaS.
You could say that the blockchain cost isn't such a big deal, as long as people are willing to use the network and pay for transactions. It's a question of supply and demand, and the demand for blockchain and cryptocurrencies is currently high enough to make it profitable. But this high demand leads to speculation, and therefore the price of computing and storage in a blockchain (any blockchain) is highly volatile.
Some analyst compare Bitcoin to a Ponzi Scheme, and predict that the market value will collapse once general interest disappears.
If we build a business based on the Ethereum's blockchain, most of our expenses will be in Ether. If we don't mine it ourselves, we'll have to pay for that Ether in real money. But since the USD value of Ether may vary tenfold within a year, our business can move from profitable to worthless in the same timeframe. And we can't do anything against it. On the other hand, if we mine ourselves, what is currently affordable (running a small server to cover expenses in Ether) might become very expensive once very large mining farms move from Bitcoin to Ethereum.
The high volatility of cryptocurrencies forbids any long-term profitable business built on the blockchain - except speculation.
Compared to many other innovations based on computers and networks, the blockchain is very slow. Experts say that you should wait 6 blocks to make sure that a transaction is legit. This means more than 1 minute in Ethereum, or more than 1 hour in Bitcoin.
In a traditional ad server, scheduling an ad takes about 100ms. If you've used our ZeroDollarHomepage Ad Server, you probably had a very different experience: Scheduling an ad takes about a minute. The network transport and replication accounts for a small share of that duration ; most of the time is spent waiting for the network to mine the transaction, and add a few more blocks after that. But all in all, the Ethereum blockchain is several orders of magnitude slower than traditional computing.
For end users, every second counts. The Web Performance Optimization trend focuses on improving revenue by earning one or two seconds in download time. Betting on a technology that requires a transaction to be acknowledged by the entire world isn't the best way to make business.
One of the promises of the blockchain is to liberate markets that still require an intermediary. No more lawyers, bankers, or bookmakers. A great opportunity for new businesses?
Except these intermediaries currently report criminal activities to the authorities (governments and law enforcement agencies). If you remove the intermediaries, you also remove the police, and you let criminals proliferate. The first bitcoin application at scale was called The Silk Road. It was an online marketplace for everything illegal: drugs, weapons, child pornography, etc. Not to mention the ability to use bitcoins for tax evasion.
Even the proponents of free market economy recognize that a certain level of regulation is necessary to avoid total chaos. Running a business in a land full of criminals with no police isn't profitable - unless you're a criminal, too. For instance, the Mt. Gox Bankrupcy in 2014 cost about $450 million to BitCoin users.
Just like it took a long time for governments to control the Internet (which was, and remains, a haven for criminals), it will take a long time for our lawmakers to control the anarchy unleashed by blockchains. The blockchain may carry the promise of a better future in the long term, but for the near future, you'd better be armed.
A large share of the hype around the blockchain comes from people who don't really understand its shortcomings. They would probably use another solution is they were better informed. Here are a few bad reasons why you should probably not choose the blockchain technology.
You can use a private blockchain Nearly 80% of the blockchain projects I hear about, especially in finance, are based on private blockchains. This completely defeats the main purpose, which is to get an agreement between non-trusted parties. If a project needs runs on a private blockchain, then only trusted parties can join it, and you don't have a trust problem. In a trusted network, there are many, many other tools to share a ledger of facts - all much better optimized than the blockchain (for instance: a web service).
It offers a way to reach distributed consensus It does, but only if this consensus can be written as code. For instance, a company working with music rights distribution recently contacted us to build an international platform for artist retribution on the blockchain. Except that when two countries disagree on how to pay right holders, they both have valid contracts. Only a court can decide which contract wins. No smart contract can replace that. You must have clear governance rules that already work before trying to automate them in a blockchain.
It's secure Asymmetric cryptography is one of the blockchain's strengths. However, the blockchain technology, just like any other, is safe only until someone finds a vulnerability. It has already happened in the past. The computer science behind the blockchain is so complex that very few developers can contribute or review the code. Consider smart contracts and blockchains as relatively less secure than, say, TSL on the web (through HTTPS). Of, and even if the software works perfectly, it doesn't prevent fraud. Remember the double spend problem from our first post? It turns out people regularly try that in blockchains (see the latest 200 double spends in the Bitcoin blockchain)
It's transparent Granted, all transactions are public, and expose location and IP address. But no personal information ever transits - only anonymous hashes. Even the creator of Bitcoin is a mystery. So blockchain transparency doesn't prevent crime or fraud. Also, transparency is usually an inconvenient for businesses. Are you willing to bet your business on a technology that lets everyone track all your transactions, and exposes your code to hackers?
Data is replicated and safe Sure, but with the least cost effective replication strategy. Amazon S3 replicates every bit of data at least 3 times with 100% uptime, for a fraction of the price. And if you actually need full transaction history, use an event store.
It connects anonymous peers But if it's only for a shared storage (i.e. if you don't need fact ordering), then regular peer-to-peer network protocols like BitTorrent are enough.
It's hip I can't argue with that: yelling the word "blockchain" out loud is currently a great way to grab an innovation budget. However, many of the shining products that pretend to run on the blockchain are merely powerpoint presentations. Besides, you'll get better results with many other technologies. Not to mention that the word blockchain also evokes money laundering, tax fraud, and pornography.
If you want to build your business on the blockchain, be certain that you need it, and that it will be really useful for your use case.
Blockchains are a very smart idea, with huge possible implications. But are the current implementations ready to power the disruptive applications of the next decade?
On the technical side, some elementary features are simply not feasible. Blockchains are not efficient enough, not enough developer-friendly, and they give too much power to a small league of extraordinary developers without enough political and economical background.
On the business side, the blockchain is moving too fast, it's expensive, and often overkill. Costs may vary tenfold for no reason. Building a business on such an unstable platform is incredibly risky.
My take is that we have to wait. The blockchain isn't ready yet. It needs more maturity, another killer app than a speculation engine, a larger developer community, more ecological and economical responsibility. How long will it take? Maybe a year or two? Nobody can tell that.
To be honest, this conclusion surprised me. Most of the publications about the blockchain suggest the opposite. They say "it's time", "don't miss the train", or "the giant businesses of the next decade are being built on the blockchain right now". Maybe they are wrong, or maybe we are wrong. We've tried to argument this analysis with strong evidence. If you have a different opinion, please voice your comment below.
We'll be following the developments in the different blockchain projects closely. Make sure you follow this blog for related news!