NCSC says think twice about using DLT

The UK’s National Cyber Security Centre (NCSC) recently published a short whitepaper on distributed ledger technology (DLT) to help decisions makers in organisations decide whether it is an appropriate technology for their use case.

Key benefits of DLT include its ability to “provide transparency, integrity and availability in a decentralised environment where there is no trusted central authority” and it may therefore be useful where:

• multiple parties need to be able to write data;
• there is a lack of trust between those parties; and
• there is no trusted central authority that can write data on behalf of those parties.

Specific use cases where the NCSC believes DLT can add value include cryptocurrencies such as Bitcoin; the trade of digital artwork (read more here); and supply chain management (more information about the use of DLT in international shipping supply chains is available here).  In each of these cases, multiple parties will be writing data (transactions) to the distributed ledger, the ledger may then be relied upon by an ever-changing list of parties (who may or may not trust each other) and there is no trusted central authority who could maintain the ledger.

However, except in such particular use cases, the NCSC concludes that the potential drawbacks of DLT mean that “alternative technologies [will] usually provide comparable, or better, solutions”.  These drawbacks include that DLT:

• can be relatively expensive to build and maintain;
• can make it difficult to comply with privacy and data protection laws (read more here);
• can have relatively poor transaction throughput and high transaction latency and therefore poor scalability;
• often consume significantly more energy and thus have a greater negative environmental impact; and
• can have more security vulnerabilities as they are newer and more complex than many traditional options. This is particularly the case if they are implemented poorly or with poor use of cryptography (including non-quantum-safe cryptography).

While the NCSC’s position may seem a little pessimistic, it is nevertheless a useful reminder not to get caught up in the hype of any new technology and to carefully consider its pros and cons over its alternatives.

It is sometimes glibly said that DLT is a solution in want of a problem.  The hype surrounding DLT is creating a seemingly endless stream of DLT projects, a number of which fall over as it becomes clear that DLT offers no real benefit over more conventional solutions for that project.  And while there are certainly some notable success stories, DLT has not yet become a broadly applicable solution to particularly common problems, let alone a panacea for online/digital trust.

However, there is cause to be more hopeful for those who see potential in this technology, as solutions are being found for many of the potential drawbacks outlined above:

• a growing number of service providers are making it cheaper and easier to deploy blockchain-based DLT solutions;
• newer DLT solutions are starting to provide much more scalability, with faster, higher-volume transaction processing;
• DLT solutions that only store hashed data on-chain and store source data in more traditional databases can often maintain the same trust benefits of DLT without the same privacy and security concerns; and
• alternative consensus mechanisms are increasingly being adopted to help reduce the environmental impact of DLT solutions.

So, while it will always be important to evaluate the benefits and drawbacks of DLT versus alternative technologies, the evolution of DLT may see it become increasingly viable in many more use cases.