How does secure socket layer (SSL/TLS) work? Why do retail websites require https?

To answer what is secure socket layer and how it keeps websites secure it is important to understand the making of the Internet. The internet in turn is an abstract concept meaning the interconnected network of computers across the globe. Computers interact with each other to create services necessary for us.

To start off, you just need to know that there has to be a physical cable between two computers for interaction to happen between them.

Continue reading “How does secure socket layer (SSL/TLS) work? Why do retail websites require https?”

The Mt. Gox incident – the largest bitcoin hack ever

An American software developer named Jed McCaleb founded a platform in 2006 named Magic: The Gathering Online eXchange. He set up the platform for secure exchange of trading cards used in a video game by the same name, using the domain name mtgox.com. This platform allowed cards to be bought and sold like stocks.

Some quarters say that it was this underlying technology of trading imaginary cards securely that formed the basis of bitcoins. Although McCaleb never released the original code written by him for Mt. Gox, it is true that the bitcoin technology is similar to such card exchange technology. It is also in popular notion that the anonymous author of the Bitcoin paper,1 Nakamoto, is probably McCaleb himself.

It is important at this juncture to understand how the bitcoin and blockchain works. I would recommend you to go through my earlier post on What are bitcoins / cryptocurrency / blockchain – what is so different than fiat money?

Continue reading “The Mt. Gox incident – the largest bitcoin hack ever”

Canadian Securities Law (OSC statement) on Distributed Ledger Technologies (blockchain)

The Ontario Securities Commission (OSC) put up a press release on Wednesday (March 8th) containing cautionary advice against use of Distributed Ledger Technology or commonly the blockchain.1

Continue reading “Canadian Securities Law (OSC statement) on Distributed Ledger Technologies (blockchain)”

How blockchain is changing governance: Permissioned Blockchain

Permissioned blockchain arose out of the need of the public to interfere in private transactions. It is fundamentally the same concept as with the blockchain technology I previously wrote on. While the original blockchain allows all members to transact and verify transactions, in permissioned blockchains, the right to verify transactions is available only to a permissioned few.

This model is all set to revolutionise e-governance across the globe.

Continue reading “How blockchain is changing governance: Permissioned Blockchain”

How blockchain is changing the finance industry: Triple Entry Accounting

The blockchain technology brings in yet another revelation, this time in accounting principles. Enter the Triple Entry Accounting system. Compared to the traditional double entry accounting, triple entry brings in another dimension in the accounting process. In this article we will first clarify what is double entry accounting and how blockchain technology introduces the triple entry accounting.

To gain a better understanding of this article, I recommend you to go through the previous articles on:

Asymmetric Cryptography, Public Key, Private Key and the RSA Algorithm

Digital signatures? Signing and verification – Relevant Indian Laws

Bitcoins, cryptocurrency and the blockchain – what is so different than fiat money?

How blockchain is changing the legal industry: Smart Contracts

 

Double Entry systems

Modern accounting originated about 500 years ago in 1494 through Luca Paciolo. Paciolo was a close aide of Leonardo Da Vinci and a Franciscan by religious order. Paciolo developed an accounting equation which in its simplicity means:

Assets = Liabilities + Equity
– Luca Paciolo

In other words for every transaction there has to be a credit and debit. Two accounting books need to be maintained for every transaction. At the end of a financial year the accounting procedure would make sure the debit balances the credit. Any mismatch in the two ledgers would tell the managers that they should not trust their own books.

Double Entry Bookkeeping or double entry accounting (‘DEA’) meant this system of maintaining two books for every transaction. It marked the Renaissance in accounting procedure compared to earlier, when only one ledger maintained accounts under the single entry system. Accountants needed to go through the entire accounting period counting every transaction to ascertain accuracy. DEA did away with this trouble, if the debit and credit balances matched it meant proper accounting.

 

The issue of ‘trust’

However, even with the introduction of DEA the quagmire of human accountability did not seem to resolve. Although the DEA kept company managers confident about their own books, outside stakeholders, such as investors, lenders and the state could not still trust the company’s books. Why would they? It was very easy to make bogus entries and still keep the debit and credit balanced.

PwC Satyam scam (7800 crore in 2009), five independent auditors, all affiliates of PwC, were guilty of collusion.1

DEA saw the appointment of a so called ‘independent auditor’. The company appoints and pays the auditor as a legal requirement, and he makes sure that the accounting is proper for the benefit of the stakeholders. The auditor donned the role of an independent guarantor of financial information.

If a company has prepared inaccurate financial statements and has a good story to support them, it becomes very difficult for auditors to detect the misstatements (even if the auditors were not collusive).

A big issue in law of agency arise out of this: Do auditors work for the company who appoints and pays them or for the outside stakeholders who rely on their integrity in order to make decisions?

Even if auditors do their work with full integrity, the amount of accounting ranges from obscene to astronomical. The accounting bill in itself causes a displacement of lakhs of rupees in even a medium sized enterprise.

All of these elements together places a lot of ‘trust’ in the company and the auditor. Consequently, it often proves to be detrimental to the general public.

 

Enter the Triple Entry Accounting system

The global popularity and massive circulation of bitcoins and the blockchain enabled technologies is solely because of this new method of accounting. New vistas have opened in trade both domestic and international. The element of trust is surgically being discarded.

In comparison to the traditional two columns maintained in the DEA, the triple entry accounting (‘TEA’) requires managing a third column. In the coming paragraphs I will explain the job of this third column.

 

The blockchain network

It is important at this juncture to understand how the bitcoin and blockchain works. I would recommend you to go through my earlier post on What are bitcoins / cryptocurrency / blockchain – what is so different than fiat money?

In jargon-free simple terms bitcoins are numbers stored on a public database. One can send bitcoins to another by digitally signing the transaction. Digital signatures ascertain authenticity of the sender’s identity. Furthermore, every transaction is stored as an immutable block in a linear chronological fashion called the blockchain. Finally, reading the blockchain would ascertain who owns how much bitcoins.

 

The third column

Remember how the DEA is a representation of two accounts? Now take these two accounts and give them a wallet address. Every movement of value debits one wallet and credits another. The account sending the value digitally signs the transaction, and this digital signature is stored in the third column. Consequently, the third column forms the blockchain and the integrity of every transaction is ascertained by reading the blockchain.

 

More Security

If you know about digital signatures and how they work,2 you would understand the role of a Digital Signature Certificate Authority (‘DSCA’).

The job of the authority is to maintain a public database of all public keys or encryption keys of digital signatures along with their legally identified owner. To effect this, the state legally enables only the DSCA to issue digital signature certificates.

All transactions which happen on the TEA requires a public key and a private key to digitally sign the transaction, the DSCA may now verify the identity of the signatory every time.

All of it creates an undeniable, immutable and future proof record of transactions. No matter how voluminous the transactions of a company have been, reading the very last record on a blockchain based TEA system would draw a clear picture every time.

 

Legal validity of Triple Entry Accounting

In India the Companies (Indian Accounting Standards) Rules, 2015 specify accounting standards. The Ministry of Corporate Affairs issued G.S.R. 111(E) making the Indian Accounting Standards (Ind AS) a mandate to be followed by various classes of companies. The Ind AS in turn heavily relies on Double Entry Accounting.

While, no country has made Triple Entry Accounting a mandate. Reports of Credit Suisse in 2016 on Blockchain3 and Delloite 4 explain and show how blockchain can be used in financial auditing through the TEA. They also place reliance on the current ongoing practices at the Big4 to show their future applicability.

Seems like it is only a matter of time nations across the world appreciate the Big4 practices and accord legal recognition to it.

How blockchain is changing the legal industry: Smart Contracts

A smart contract is a self-regulated software which has it’s own impeccable sense of time, it is used to send automated electronic messages, either periodically or conditionally.

Periods are based on specific intervals of time and conditions are reference to objective facts around us. The electronic messages sent are transactional in nature which change account balances of two or more parties.

The software takes in conditions and functions in a high level programming language and translates them into a machine-readable form called bytecode. This bytecode can then be permanently stored in a read-only form called a block. The blocks are further stored in a chronological order on a decentralised database system called a blockchain.

You can read more about What are bitcoins / cryptocurrency / blockchain – what is so different than fiat money? To get a better idea about the blockchain and its application on bitcoin.

 

Why smart contracts?

For a moment let’s understand why would we ever want to enter a contract. It can be two reasons out of many others.
Either, because we respect law and want to keep our transactions publicly recorded,
or, we clarify our intentions through the contract and enter relations which benefit us.

If you chose the latter, it is because the basis of all contracts is not in law itself or any social validation. Certainly, no one cares about the legality or the illegality of the contracts they enter. What interests us in every contract is the transfer of value from one person to another. This transfer of value (i.e. consideration) from one to the other is so important and intrinsic in even legal relations that the lack of it renders a contract void, and the mere presence of it can turn an agreement into a contract.1

 

Because it is automatic!

In smart contracts, the software automatically executes a transaction without any requirement of manual enforcement. The transaction is either made to an account directly or to an escrow account created specifically for the transaction. The advantage of smart contracts is that it will definitely be executed irrespective of it being legal or illegal.

Smart contracts have a self-executing deterministic nature. There is no way out of a contract, it is mathematically impossible to breach a contract. Even efficient breach is not allowed. Due to this deterministic nature of smart contracts there would be no requirement of a third party!

Now if contracts could be given a life of their own in which they automatically execute, who would not want this panacea of legal disputes?

 

Because it has every element of pure capitalism

The primary reason behind the massive success of smart contracts is the fact that the the blockchain network provides for a complete ecosystem of a capitalist nation, including banking, a transparent marketplace, a secure and private messaging system and infinite identities.

 

Because it does not require your trust

We would soon be taking the word trust out of businesses. Businesses fail because of trust issues, a lot of enterprises never scale because of lack of trust.

The only bane of capitalism was the word ‘trust’. Internet had already done away with a lot of third party elements, independent parties felt more confident to make peer-to-peer transactions. But still, we always needed a central bank to approve of our transactions.

Blockchain having its own currency system does not require a bank to maintain our accounts or do our transactions. The exchange of currency and accounting would be totally done according to the code in the software. Gone would be the days when fractional reserve banking would be used to create an unlimited source of magic money.

Smart contract systems would bring in a whole lot of confidence by providing for autonomy. Any middleman be it a book publisher, music distributor, cab aggregator or a broker, would have to find greener pastures. Transaction costs would drastically reduce giving us a better half of the 21st century.

 

But why do I trust the system and the software?

You do not have to trust the system and the software. Because there is no system and software!

Blockchain is not primarily a software, it is an idea. There is no proprietary system or software which claims to have built the blockchain, neither has a patent been claimed. This idea was recorded in an anonymous research paper titled: Bitcoin: A Peer-to-Peer Electronic Cash System by Satoshi Nakamoto2 and widely publicised for people and businesses to learn and implement. It is a mathematical concept which like mathematics itself is undeniable logic.

You are free to make your own software on this idea and still connect with the global network. Hire a developer and order your software now!

Thousands of corporations across the world have implemented their own versions of this idea to hold internal transactions, specifically transactions which needed to be at arm’s length.

For others, there were some fast moving developers in this domain, and the open-source softwares they have developed are really popular as of now. It is better to just download a free open-source version of the most popular blockchain network softwares, it will save a lot of costs.

If you still have an issue downloading an open source blockchain software, you need to understand that these open-source resources are just like academic research papers continuously being scrutinised and challenged. If one developer builds something, thousands of others would develop on it and invest millions of man hours to perfect it. At this stage, you would not be trusting the software or the underlying code, you would be trusting humanity and mathematics.

Even after all of that, a smart contract is actually a software on its own, the blockchain system has no say in what a smart contract can do or not do. The job of the open-source software, that you would use, is to just translate the contents of a smart contract and make it machine readable. So ultimately the trust is put on the contract which you yourself have created 🙂

 

So how it is done?

The Ethereum network

The Ethereum Foundation based out of Switzerland, founded by Vitalik Buterin,3 launched an open source software called the Ethereum. You can use Ethereum to either create a private network or join the already existing global network. The Ethereum network stores data in a distributed format and takes actions automatically. It is akin to one unified global computer and therefore it is called the Ethereum Virtual Machine (“EVM”).

You can download your own copy of the Ethereum software freely from this github link.

This EVM has it’s own cryptocurrency called the ether, which is going at the rate of 18.59539 USD as of now. The best part is that the EVM can also be used to create new cryptocurrencies (or digital tokens) of your choice. You can actually run a currency in your name, the strength of which would depend on how others value the worth of it.

The EVM can run automated softwares (smart contracts) which can effect changes to the cryptocurrencies which have been launched on it. Smart contracts can be written in high-level programming languages such as Solidity, Serpent and Viper (derivatives of Python).

 

What does it look like?

A smart contract looks like this:

contract MyToken {
 /* This creates an array with all balances */
 mapping (address => uint256) public balanceOf;

 /* Initializes contract with initial supply tokens to the creator of the contract */
 function MyToken() {
 balanceOf[msg.sender] = 10000;
 }

 /* Send coins */
 function transfer(address _to, uint256 _value) {
 if (balanceOf[msg.sender] < _value) throw; // Check if the sender has enough
 if (balanceOf[_to] + _value < balanceOf[_to]) throw; // Check for overflows
 balanceOf[msg.sender] -= _value; // Subtract from the sender
 balanceOf[_to] += _value; // Add the same to the recipient
 }
}

This smart contract of only ten lines is written in Solidity. It generates 10,000 tokens for the initiator of the contract. To create the tokens the initiator would either need to have his own computer which can mine the tokens or he will need to hire a computer or he can just outsource it to the global network for a much cheaper cost.

These tokens are the minimum tradeable unit and cannot be subdivided, so owning a single token could be represented in shares (say 10 tokens is 0.01% of the total of 1,00,000 tokens).

The above lines of code will be compiled to bytecode which is a string of 0s and 1s by the Ethereum software and would be deployed to run on the network. This simple contract just allows the initiator to create new digital tokens and send them from one account to another.

 

It costs

One important thing about smart contracts is that it costs to execute a contract. Every movement of the contract costs, and the costs are quantified in ‘gas’ units. This example contract would at most need 20,000 gas, which is around 0.0002 ether, equivalent to a very negligible cost in money, about 20 paise in INR.

This cost is due to the complex mining process which requires huge computational power to hash the bytecode and write it to the blockchain.

The nodes which do the hashing are called mines and they are rewarded for their work in maintaining the blockchain. The nodes are paid in ether. The ether is deducted from the account which initiates the contract. Although uploading a contract on the network is very cheap as of now, it still provides a much needed incentive to write minimal code.

 

Use cases of a smart contract

Automated monthly payments or EMIs

A small smart contract can be written to send 100 ether to a specific account on the third of every month for twelve months. This will create a deterministic relation between two parties. The receiver would not have to worry for payment on the third of every month, and the sender does not need to remember it. Obviously, till the moment there is enough ether in the sender’s account. In addition, to employ more security to the contract an escrow account can also be created containing 1200 ether.

Music Industry

An artist can write a smart contract which deducts a specific amount of ether every time one plays his music. To play the music the smart contract shall ask for the ethereum public key of the player’s account and make it available only on the EVM in an asymmetrically encrypted form. The user can login only by using his ethereum private key. R.I.P. Piracy.

Gold and Diamond Trade

Gold or diamond merchants globally can issue virtual cryptocurrencies redeemable against real physical gold or diamond. It can be named GoldCoins and traded freely on the EVM. The speed of large transactions would do away with the current lag in international settlement systems and bring transparency to the movement of gold.

Diamond is already being transacted on the blockchain technology by a company named Everledger. They are using digital locks to keep diamonds, the locks can be opened only through the internet using a blockchain network.

Real Estate

Real physical property can be equated into a fixed number of tokens and then traded on the EVM. A plot of land of 100 acres can be divided into 10,00,000 LandCoins and then transacted with. The issue and movement of LandCoins would be traceable for the infinite future reducing all forms of land disputes and presenting a clear picture of every property.

Furthermore, drones or GPS transmitting fences can be used to determine land ownership and the data can be stored in an immutable form on a blockchain network for transactions. This would provide for an immutable and undeniable record of land rights.

Securities Market

A company can issue digital tokens against it’s shareholding and sell the tokens on the EVM from time to time. The worth of the company would depend on how much others would value the digital tokens. It will make international securities trade faster than ever before. Currently settlement in international markets take two working days, this can be reduced to 10 minutes or lesser. As a result, ownership pattern of all companies would be transparent and violation of securities law would be easily detectable.

The Euroclear Bankchain is using blockchain to effect immediate settlement.

Cab services

I can write a smart contract which reads my GPS coordinates. This contract would pay in ether from my account to the account of a cab driver the moment I reach my destination. The payment modalities can be thoroughly kept peer to peer without any involvement of a third party. No subsidies or coupons, pure market forces.

Anything…

Every legal contract, in some way or the other, is nothing but a transfer or an exchange of value from one party to another. True, that they would now be needed to be looked at from a different perspective, but, yes, they hold the future of all contracts.

 

Legal Industry

The civil and corporate domains of law would receive a huge jolt. It would be impossible to have a dispute on the possession of cryptocurrencies on the EVM. There would be sea changes in the legal industry due to the onset of smart contracts.

 

Contract

A contract between two parties is written in code into the blockchain. The individuals may prefer to remain confidential but the contract is public.

 

Smart Contract

A triggering event like time or a strike price is taken into account and the contract executes itself according to the code.

 

ethereum

Regulators can use the blockchain records to see the nature of the contracts while maintaining complete anonymity of party identity.

 

 

Do not take the simplicity of smart contracts for granted. Smart contracts can be made into very lengthy and complex software, while the working of which two persons need to agree on.

The legal status of smart contracts is already under consideration. The lower chamber of Arizona’s legislature has already tabled the HB 2417 bill which seeks to confer legal recognition to blockchain signatures. The bill has been forwarded with an unanimous vote as of today (1 March 2017).4

In the words of the Arizona Legislature:

“Blockchain Technology” means distributed ledger technology that uses a distributed, decentralized, shared and replicated ledger, which may be public or private, permissioned or permissionless, or driven by tokenized crypto economics or tokenless. The data on the ledger is protected with cryptography, is immutable and auditable and provides an uncensored truth.5

 

And David Cameron is rooting for wider use of blockchain technology to fight corruption in government tenders.6

“… most excites me is, the potential that your technology [blockchain] has to fight corruption and to deal with failures of governance and governments and the rule of law all over the world.”
– David Cameron

 

Seems like, law enforcement and judiciary would now get the much required break to focus on criminal law.

 


 

If you liked the article please like and share it with your followers. If you have doubts or questions about any part of this article, please feel free to leave a comment below or ask questions directly to the author here: Ask Questions.