Blockchain: Why Transparency = Security

The first time I asked our CEO, Alex Linebrink, about the benefits of blockchain he gave me an answer that seemed impossible.

“Security and transparency.”

I was befuddled.

How can it be secure if it’s transparent? The data is just open…for anyone?

It seemed counterintuitive: if you want to keep something secure, you lock it up. Password protect it, require dual-factor authentication for access, store it in a safe place. If you’re new to blockchain, like I was, it might seem odd to you, too. Akin to letting everyone in the world look up the password to your bank account.

But with blockchain, transparency is a key driver of security. The secret ingredient in this formula is witnesses.

We Didn’t Start The Fire

In my last post, I asked you to imagine blockchain in the context of a burglar trying to break into your home. Now, try to picture your house on fire. (Apologies for all the morose what-if storylines.)

An unexpected house fire is a nightmare scenario. Not only have you lost all your furniture and clothing (and a place to sleep), you’ve likely lost some unreplaceable sentimental items: family photos, heirlooms, wedding dresses, birth certificates, maybe even the deed to your house itself.

But what if there were copies of those items? Identical copies that were easily referenced when yours were lost. If your house burns down, you could still access your valuables through an identical copy stored at your neighbor’s house. Similarly, if their house burned down, you would provide copies to them.

Ok, so a blockchain won’t actually provide a replacement for your grandmother’s wedding ring if you lost the original. But in a digital sense, that’s kinda how it works. Every user has a copy of all the data. There is no central source. If one system (or company) goes up in flames, your records aren’t lost forever.

Will the whole world have access to your financial records? Does transparency mean giving up your privacy? No. The reason this level of transparency works is that the data is anonymous.

Where The Streets Have No Name

On the blockchain, data is open and able to be reviewed by anyone but the records are anonymous.

You can’t see, for example, that Bill paid Sally $40 for two tickets to see a local band on Saturday night. You see only that $40 was transferred from Wallet X to Wallet Y. Only Billy and Sally know the names of their own “wallets.” It’s a bit like a pseudonym.

The whole world doesn’t have copies of your personal information. But your entire transaction history is held by every user on the blockchain.

Why is that any more secure?

The traditional ways of keeping information safe build security through obscurity. We build walls around something to keep it safe. Those could be physical walls like the safe inside a bank, or virtual firewalls to keep digital information secure.

Those are great until the system obscuring your private information is compromised. A hacker breaks into your account or breaches the security firewall of your bank. You might think it will never happen to you. I hope it never does. But there are real vulnerabilities in our existing systems when we turn over our private information and trust that the system — however trustworthy and well-established it may be — to keep it safe.

Not only are the individual transactions available, but the entire history is available. This is key to blockchain’s fraud-fighting power. These records are constantly being monitored and analyzed. Through some complicated math we’re able to see if one user has a different history than everyone else, then throw those records out before a fraudulent transaction can happen. Because all the records are public, it’s easy to identify the ones that are out of sync. The records are unforgeable.

Let’s step back for a moment and talk about those transaction records — the ones that anyone, anywhere can access whenever they want — and the anonymous wallets each user possesses. Couldn’t someone just take my wallet ID, you might wonder, and use it to send themselves a boatload of money while pretending to be me?

They’ll need more than that to outsmart the blockchain.

A Tale Of Two Wallets

The reason blockchain’s public records don’t compromise individual user identity is that there are always two keys involved when you make a transaction: your private key and a public key. Together, those two keys make up what we call your “wallet.”

Your public key is part of the open records available on the blockchain network. It helps confirm the records held by other users or identify the records that are out of sync.

In order to unlock your wallet, or to complete a transaction, you need both your public key AND your private key, however. There’s no way to complete a transaction using only your public key (or using your public key and someone else’s private key). That would inevitably be thrown out as a false record.

Does that mean you need to keep your private key secure? Yes.

It’s not the kind of thing you write on a post-it note and stick on your desk or store in a file labeled “passwords” on your laptop.

The personal responsibility involved is a little intimidating if, like me, you tend to lose your sunglasses and cell phone charger on an almost daily basis. Hopefully, this will help put you at ease. You don’t have to memorize the 30-digit code for your private wallet. Some folks just print them on paper and keep them in their physical wallet, next to credit cards and IDs.

Hybrid solutions like Coinbase are also emerging that allow less-technical folks to participate in blockchain. They handle your private key, and you login with a username and password like any other website (this is less secure, yes, but much easier to use). It will get more and more user-friendly as the industry grows.

For the average user, I like to compare blockchain’s benefit to security technology we’re all more familiar with.

Dual-factor authentication is more secure than a regular ol’ password because it’s unlikely that a hacker is physically in possession of your phone in addition to cracking your online password.

With blockchain, the data is more secure because it’s unlikely that a hacker has possession of 51% of all devices using the blockchain in addition to cracking your password. Even if the whole thing goes up in flames, your data stays secure.

I would love to hear your thoughts, your insights about blockchain, and your ideas for how it can be used. Please share your feedback in the comments. What would you like me to write about next?

Hit the follow button if you’d like to know when I post something new about PassageX, and please give us a 👏 to let me know when you like one of the posts.

Join the conversation on social media by tagging #FixTix.