A company called Blockstack has been operating what it refers to as a new secure internet, based on the same blockchain approach that protects crypto-currencies
By Brian Santo, contributing writer
The communications industry has spent the last 20 years or so trying to bolt security technology onto the public internet, and like most retrofits, the result isn’t quite as good as something that had been purpose-built. For the last three years, a company called Blockstack has been operating what it refers to as a new, secure internet, based on the same blockchain approach that protects crypto-currencies.
People have long traded physical tokens, typically coins (such as the krugerrand), whose value rises and falls based on the value that traders invest (in both the emotional and financial senses of the word) in them.
Crypto-currencies such as Bitcoin work somewhat in the same way. One key difference is that they have no physical manifestation — there are no notes and no species. If something like a bitcoin can be said to exist, it exists as data. A crypto-currency requires security that is as close to unbreakable as possible, and the system devised to be that nearly impregnable security is blockchain.
In blockchain schemes, data is encrypted in “blocks,” which are shared widely. Each time a block is shared, it is time-stamped and tagged with data about the transaction. New blocks must be validated. Changes to blocks need to be validated as well.
On top of encryption and validation, the process has another feature that lends to overall security: The process is decentralized. There are no central repositories of data; there are no central systems through which the data must pass.
The problem with centralized resources such as the domain name server (DNS) system, Blockstack principal Muneeb Ali explained in a video, is that they’re “honey pots” — places where treasure (valuable data) is amassed and, therefore, invites being raided.
The brainstorm that Ali had along with Blockstack co-founder Ryan Shea was this: Why couldn’t you handle all data the same way that crypto-currencies are handled?
The proposed system, according to a company white paper, would have to have the following characteristics:
Decentralized Naming & Discovery: End-users should be able to (a) register and use human-readable names and (b) discover network resources mapped to human-readable names without trusting any remote parties.
Decentralized Storage: End-users should be able to use decentralized storage systems where they can store their data without revealing it to any remote parties.
Comparable Performance: The end-to-end performance of the new architecture (including name/resource lookups, storage access, etc.) should be comparable to the traditional internet with centralized services.
Blockstack devised a three-layer network architecture that includes a control plane with the blockchain layer and a data plane that contains a peer network layer and a data storage layer.
Neither the peer layer nor the storage layer, which, together, are roughly analogous to the public internet, have to be trusted. All trust issues are handled in the control (blockchain) layer.
Blockstack does require something to replace the centralized DNS system. The company’s analog to DNS is the blockchain name system, or BNS, which does not rely on any specific servers.
Introducing new features in blockchains can be problematic because everyone in the system has to upgrade, and coordinating that in a decentralized system is hard (Blockstack notes that this is a problem experienced by Namecoin). To avoid this, the company has devised what it calls virtualchain. The company explains that a virtualchain creates “arbitrary state machines on top of already-running blockchains. Virtualchains, like virtual machines, enable the ability to migrate (from one blockchain to another) and improve fault tolerance.”
Learn more about Electronic Products Magazine