Page 15 - FIGI: Security Aspects of Distributed Ledger Technologies

P. 15

All citation hyperlinks where provided in the end- readability of the endnotes, hyperlink shorteners
notes were checked for online availability during the have been used in some cases.
period March 10, 2019 to July 1, 2019. To improve

4 OVERVIEW OF DISTRIBUTED LEDGER TECHNOLOGIES (DLT)

4�1 What is Distributed Ledger Technology? tained through synchronization of the nodes, so that
Distributed Ledger Technology (DLT) is a new type the information on each node precisely matches
of secure database or ledger that is replicated across each other node. In blockchain terms, adding blocks
multiple sites, countries, or institutions with often no to a chain is called ‘mining’. In public blockchains, a
centralized controller. In essence, this is a new way reward system has been established to incentivize
of keeping track of who owns a financial, physical, or miners to efficiently place these blocks on a chain.
electronic asset. Because of the computer processing power often
The concept of DLTs emerged from the introduc- required to do so, mining activity is often provided
tion of the ‘blockchain’ in 2008-2009 through the by large mining ‘pools.’ Because nodes are often
10
launch of the crypto-currency Bitcoin. Bitcoin’s anonymous, there is said to be a need for ‘consen-
12
11
decentralized transaction authentication rests on sus’ between the nodes before a mined block can be
blockchain approaches: It records in a digital ledger added to a chain. The veracity of the data within a
every transaction made in that currency in identical new block is not checked though: just that the block
copies of a ledger which are replicated – distributed itself is able to be added. 15
- amongst the currency’s users - nodes - on a chain The types of consensus mechanisms are outlined
of data blocks. in Annex A, with the majority using the resource and
13
DLT is commonly used as a term of art by those power-intensive ‘proof of work’ (POW) mechanism
in the technology development community as the first outlined in the Bitcoin blockchain. Many DLTs
generic high-level descriptor for any distributed, are moving towards the more energy efficient Proof
encrypted database and application that is shared of Stake (POS) consensus protocol and its variants.
by an industry or private consortium, or which is Where the technology allows, a consensus mecha-
open to the public. Blockchain is one – but the most nism will often be chosen to reflect the task of the
14
popular - of types of DLT. Distributed refers then to DLT, for example to ensure payment finality in a cen-
the ‘nodes’ – as they are called in blockchain - while tral bank DLT, who often use DLTs based on Byzan-
decentralized refers to the control/governance. tine Fault Tolerance (BFT) consensus type.
Where the nodes are unknown, the DLT system is The manner in which consensus for proposed
said to be ‘trustless.’ Both concepts have risk and changes to the ledger is reached defines the type
security components to them, discussed below. of blockchain. If the process is open to everyone -
16
DLTs generally integrate a number of innovations such as with Bitcoin - then the ledger is said to be
17
which include: database (ledger) entries that can- ‘permissionless’, and the DLT has no owner. If par-
not be reversed or otherwise modified, the ability to ticipants in that process are preselected, the ledger
grant granular permissions, automated data synchro- is said to be ‘permissioned.’ Permissionless block-
18
nization, rigorous privacy and security capabilities, chains allow any party without any vetting to partic-
process automation, and transparency, such that any ipate in the network, while permissioned blockchains
attempts at changes to entries will notify others. Its are formed by consortiums or an administrator who
primary disruptive attribute is that it is decentralized evaluate the participation of an entity on the block-
and therefore not dependent on a central controller chain framework. These may also be public or pri-
19
20
or storer of the data. vate. The sharing data can be controlled, depending
The nodes in a blockchain eliminate the need for on the blockchain type. That is, while data may be on
third party intermediaries in favor of distribution of the blockchain, it may only be visible to (and/or edit-
the data across participant nodes. This means that able for) those with an appropriate cryptographic
every participant node can keep - share - a copy of key. Layers of permissions for different types of users
the blockchain. The blockchain updates the nodes may be necessary. There are hybrid iterations though,
automatically every time a new ‘transaction’ occurs. with some privacy-type components for DLTs called
Accuracy of the information added to blocks is main- zero-knowledge proofs being built atop even the

Security Aspects of Distributed Ledger Technologies 13

10 11 12 13 14 15 16 17 18 19 20