Yesterday I finally gave in and went to another crypto meetup — the allure of the mythical beast — a real- world(!) use case of supply chain management on blockchain — was just too strong to resist. Unfortunately, this turned out to be another case of glitter with vanishingly infinitesimal nuggets of gold — all in a pretty wrapping paper of course.
Delicious mango — now on blockchain!
The main star of the show, Tiffany Chen from IBM, skipped the first three or so “What is a blockchain?” slides (thank you for that, at least) and got right to the point — the terrible, terrible plight of a producer — distributor — retailer economic food chain. (You see, these poor suckers are still using outdated technology for tracking movement of goods — paper. They have never heard of barcodes, RFID chips, handheld scanners, — and ERP systems that integrate all of the above into a modern SCM/IMS). The reference to “food chain” is not incidental as IBM is developing something called “The IBM Food Trust” (a somewhat Orwellian name that made me think both of the oil barons and ‘The Standard Oil’ ) — a blockchain solution specifically targeting the food-related market.
In any case, we watched a small video about our changing bodies a pilot that was rolled out at Walmart and which enabled them to cut down tracking times for a package of mangoes from 6 days to 2 seconds — a claim that was repeated ad infinitum that evening in an obvious attempt to make it into “Yes, we can!” slogan — something that had apparently succeeded a while back given the number of references to it in the cyberspace (DuckDuckGo it).
Well, no one can argue with this obvious breakthrough, right? From six days to 2 seconds? That’s progress! But I had a few questions (below), several of which I was able to voice during the meetup. TLDR:; I did not get real answers.
Among other speakers was Lucas Henning from Citizen Reserve, a blockchain startup that aims to “make supply chains more efficient, transparent and secure”. The best thing since sliced bread and Uber. In reality, when pressed about immutable garbage data, Lucas admitted that blockchains “are complicated” — you know, like TCP/IP, and the businesses don’t understand what they do, and so Citizen Reserve is there to build layers on top of it so that the data could be intelligible for the end-user (that’s close to verbatim for you). So much for transparency.
Now, let’s get to the “tough questions”. (Not so tough really, just common sense).
Question #1: Why do you think blockchain is the preferred solution for these alleged inefficiencies in SCM? Have you looked at alternative solutions?
OK, so some of the companies in this space use outdated technology (although who is to say it is outdated if it actually works? — of course I am going to claim it is outdated if I am trying to sell you some new shining thingamajig and a service contract with IBM price tag, but as Jerry McGuire said, “Show me the money” (ROI)). Anyway, I digress. If the technology is really outdated for the process — OK, digitize it with a freakin’ shared database, — you know the one we invented in the 70s . Problem solved. Period. No complicated “ecosystems” or conflicting standards, no meshes of private blockchains, no immutable “garbage in” problems, no privacy issues — a simple 1970’s database solves this.
Question #2: “Why do we need something that is trustless in the context of SCM?”
Blockchain was created to solve one problem — and one problem only — how to transact value without centralized authority and trust. This makes sense if I am transacting with pseudonymous (Bitcoin) or anonymous (Monero, Zcash, etc.) actors — transacting on a one-off, ad-hoc basis. You don’t know who I am or where I am — which is why we need to transact without trust, because I do not have legal recourse in case you run away with my digital money (double spend problem). This is a completely made up problem in the SCM world. Nobody is running anywhere — everyone knows who the counter parties are, there are legal means to enforce SLAs (service level agreements), there is a reputation feedback that is very unforgiving for bad players. There is simply no reason to use blockchain in this context — because there is no problem with trust.
Instead of solving trust issues we introduce huge new issues of conflict of interest among parties in a consortium. Someone in the audience raised the question — well, who decides who can join the private blockchain (the consortium)? Is it the current players in the ecosystem? Why would they let a competitor in? What prevents collusion? What about legality of smart contracts (there is none)? Introducing a complex technology into the mix without understanding legal and economic repercussions seems very counter-intuitive to me and frankly, bizarre. An alloy of titanium with pizza.
Question #3: Do you realize that the problem of reconciling immutable digital record with physical assets is a fundamentally hard (and possibly intractable) problem?
Of course the question is not new, and everyone in the space has known about it from the start, but the participants seem to dance around it and tend to shove it under the rug unless pressed. Mitchell Weinberg, the founder of the food fraud detection and prevention firm Inscatech points this out in reference to the supposed “triumph of the mango pilot”:
“Blockchain is fantastic in terms of creating that accounting paper trail that they’re looking for to track the money, but >beyond that — in terms of what’s actually happening to the food and going into it, and as to whether those parties are >really who they say they are, or where they say they are, or what they are — it doesn’t do that, and that’s really the flaw >with it, there’s just no validation of the information that’s being put in. It’s only as good as the person who’s entering
the information.” source
In an even more hilarious admission Brigid McDermott, IBM’s vice president of food safety, and Frank Yiannas — Walmart’s vice president of food safety, the two ‘safety czars’, hypothesized that ‘ people will police their own behavior out of fear of getting caught’. Really? Why do we need the blockchain then, if you need police on top of it? Even in the cited article, which incidentally was much more honest about the problems than IBM’s advertising spiel at the meetup, it is recognized that these assumptions are laughable. According to Weinberg who deals with fraud (and thus might not be a totally disinterested party),
“The people who are adulterating the food and doing stuff to it, they’re very sophisticated in terms of concealing their >crime. Blockchain’s not going to tell you how that food’s being harvested in the field and what’s going into it and >whether the people collecting it or consolidating it are adding anything to it. There’s no way blockchain is going to tell >you that.”
And that is really the key problem — just because you have a record in the blockchain, it says nothing about the tangible state of a physical good associated with that record — it is a problem of oracles that you have to trust, and by the time you solve it, you have made the need for the blockchain itself obsolete.
To be fair to Tiffany Chen, she did mention a few problems like RFID chips that got ripped off the product bin or got stuck on the warehouse floor and created a days’ worth of immutable blockchain junk. What was missing is the discussion of how these problems could ever be solved or even mitigated.
In reality, one can see how bad of a misalignment this dichotomy of physical vs. digital assets really is. I suggested frozen foods as an example — you simply cannot verify that the food has not spoiled in transit without the old school ‘smell test’, blockchain or no blockchain. Physical tampering, theft and fraud cannot be solved by putting data on the blockchain. End of story.
Question #4:Who is guarding the guards?
In all the excitement of the mango saga, the question that was never addressed was — who is validating these transactions, and more importantly — why? IBM is supposedly using some version of Proof-of-Stake algorithm in its HyperLedger product, but it is not clear how the incentives of transaction verifying are aligned with the inherent conflict of interest of the parties involved — especially in cases where multiple participants might be competing with one another. A PoS system does not have the computational penalty associated with Proof-of-Work systems which prevent a fraudulent player from rewriting history — erasing or adding transactions, computing hashes of the new blocks and sticking them in place of the old ones, thus creating several possible blockchains (forks). When millions of dollars are at stake, this could become a worthwhile exercise. The other obvious questions are — who is guarding the protocol, the consensus for implementing new features, and the rules of admitting new members into the “consortium” — a private blockchain pool. All of these issues which have played out in the public blockchains with quite a bit of drama (Bitcoin and Ethereum being the prime examples) — are surely to create a whole new set of unnecessary headaches for the adopters.
Question #5: How do you tackle privacy vs. interoperability dilemma?
At the end of the day, a blockchain is only as valuable as the ecosystem that develops around it, especially if one is interested in a holistic picture of distribution and delivery of various products. At the same time, players in this space may not be very keen on sharing details of who they work with, how often, how long their transits take, etc. — all of which are essential trade secrets of each participant in the space. This dichotomy of interests appears to be another one of those “how to eat the cake and have it too” type of problems and it is not clear at this time how it could be solved or whether it is solvable in principle.
Currently, the emerging solutions are creating isolated silos of data — vis-à-vis private blockchain consortia — like Walmart and its SCM partners. Even if all of IBM clients are using the same HyperLedger protocols, each consortium’s data is not available outside of the private blockchain implementation — it is carefully walled off (at least in principle) in order to guarantee confidentiality. Of course, various implementations of blockchain technology exacerbate the problem by creating disparate, incompatible formats of immutable data — similar to the browser wars of the early Internet. Unlike the browsers though, which all had to support a common standard — HTML and HTTP, blockchain tech is all over the place with widely different implementations and no common standard in sight. It will be interesting to see how this will play out in the end.
Conclusion
The application of blockchain to solving SCM issues (real or imagined) frankly seems like a rather awkward pas de deux of mismatched tech/business objectives. Watching it from the sidelines reminds seeing an awkward blind date between two obviously mismatched participants. It is not clear to me how the unique properties of blockchain make it a particularly good fit for this space. The frictions created by introducing blockchain tech seem much more profound than the issues it is supposed to solve.
While I am skeptical about the proposition “blockchain for SCM” I can see the need for innovation in this sector. What seems like an obvious solution is some type of cloud-based append-only shared database with cryptographic signatures. There is really no need for block-level immutability when you can only add new records — thus the concept of blocks and sequencing of transactions is completely unnecessary. What one needs is auditability — and than could be solved with 2-factor authentication and multi-sig PKI signatures from actors receiving and transferring goods (those could be IoT devices, robots or people). Once created, a record cannot be forged or even changed after the fact without invalidating record signature which would include the hash of the contents. Thus individual records are trivial to verify — allowing one to track products without requiring peer-to-peer consensus rules or any of the inefficiencies associated with blockchain validation.