The Royal Bank of Scotland Builds a Hyperledger Digital Wallet: the Lessons Learned
The blockchain era is in its early days during a time when profound questions are being asked if not answered. Against that backdrop a Hyperledger meetup—co-organized by Altoros—took place in London.
The ledger technologies evaluated for a wallet
In his session, Mark Simpson, Distinguished Engineer at the Royal Bank of Scotland, talked about how RBS is working with a variety of the blockchain technologies. Referring to himself and his technical team as “blockheads,” he mentioned bitcoin, Hyperledger, Ethereum, R3’s emerging network, and other nascent systems.
He said his team conducts four-day “code spike” sessions for potential new initiatives, during which “we have to do something meaningful or otherwise you just twiddle around. With a team of experienced engineers, we pour the tech out of the box and try to build relevant use cases.” The intended result is a minimum viable product (MVP) that he and his team can demonstrate to business-side executives to show what’s possible.
“We pour the tech out of the box and try to build relevant use cases.”
—Mark Simpson, the Royal Bank of Scotland
Requirements for a wallet
He said RBS held several of these code spikes for blockchain and in the end focused on the question of producing a digital wallet on Hyperledger. The team wanted the wallet to be able to accomplish several tasks:
- Move money from a real account to a digital wallet account
- Make payments out of the wallet to payment systems
- Pay several people at once
- Query balances
- Detect transaction errors
- Obfuscate (i.e. secure) the history of transactions
Mark also pronounced himself a fan of Hyperledger’s security for queries, noting “you can limit the info that people get back from their queries.”
He’s less of a fan of the practice he’s seen of dumping blockchain data into a relational database, which he believes destroys the purpose of blockchain. “(By dumping data into a RDBMS) we now have two copies.”
“Maintaining a single version of the truth is a challenge with blockchain.”
—Mark Simpson, the Royal Bank of Scotland
Mark listed a number of lessons learned during the digital wallet exercise:
- Writing and calling contracts is straightforward.
- Asynchronicity is a challenge (he noted, “waiting for blocks to sort themselves out is a challenge if you want to create responsive systems.”)
- Maintaining a single version of the truth is a battle (as noted above).
- Tooling is a work in progress.
- DevOps is “interesting” in an environment in which you are collaborating across companies.
On this last point, Mark noted that “collaborating with one another involves different (foreign) languages and cultures, different programming languages, and different blockchain technologies being tested.”
Security holes cause problems and bad press
Other big issues that cropped up included:
- Data at rest is always a target for malicious hacking. He said that things such as zero-knowledge proof and “Lattice encryption” that can’t even be hacked by quantum computers are coming. However, he doesn’t believe a big bank will ever be on a public blockchain network “even if it’s safe.”
- Scalability is always a concern when it comes to large numbers of transactions, large numbers of complex transactions, and working across organizations and enterprise IT infrastructures.
- Bad press and the need to build understanding. Things like the recent DAO theft from Ethereum are “just acts of bad diligence,” he said. In this latter case, the continued existence of Ethereum itself has been debated.
- Testing and safety. For example, “smart contracts in a public domain need to be tested like aeronautical things, to a higher safety level,” he said. He noted the idea of sandboxing languages as part of such an approach. He also mentioned the Directive on Payment Services (PSD) from the European Commission as a regulatory approach to the problem.
- Managing change. “How do you change a contract with 42 participants?” he asked, referring to the large number of institutions who are starting to work together on how to incorporate blockchain.
- Legal contracts. “Will contract code be used as a legal language?” he asked. “Some (already) say code is contract,” he noted, adding that code contracts may actually be easier to understand than much of the language in traditional contracts.
- Big players. “Why don’t Google, Facebook, and Amazon appear to be interested in blockchain?” he asked. One school of thought is that it could be a big threat to their existence if blockchain can create a new era in which people secure their identity rather than expose it to the big social and online retail players.
This last question seems the most relevant. Is the answer because the big players don’t see blockchain’s value beyond esoteric uses in cryptocurrencies or because they fear it more than anything else?
Want more details? Watch the video!
Table of contents
- What Is the Future of Blockchain?
- Blockchain Adoption: Industry Requirements and the Role of Prototypes