[Terretta]

Distributed immutable ledger is astonishingly relevant in a variety of security and financial (and financial security) areas, but good luck explaining to the non-tech execs why they should fund projects using that rather than FOMO on “but blockchain!!!”

For purposes of talking w/ execs or boards, there are something like seven yes/no reasonably explainable properties of chains of blocks that toggled some ways give you alt coins and in one particular other way give you a fantastically high performance distributed ledger a trusted authority can keep an eye on — you can have your cake and eat it too if you aren’t being a coin.

Businesses often want that outcome, but they verbalize what they want as “bLoCkChAiN!!! to the moon!!!” and it’s tech’s job to say wait, what are you trying to do?

Quite probably, they actually could benefit from something like QLDB:

https://aws.amazon.com/qldb/

[mumblemumble]

> Distributed immutable ledger is astonishingly relevant in a variety of security and financial (and financial security) areas

I'm not so sure about that. IANAL, but I suspect that, at least under US law, a distributed immutable ledger would actually be illegal in many cases. The entire legal environment is set up around the idea that there is a system of record, and that system of record has a single custodian, and that custodian is not just responsible for tending to it, but also someone to whom you can appeal (or sue) for remediation if something goes wrong.

The immutable bit is also often incompatible. There are laws and contracts out there laying out cases where data needs to be deleted - not reverted, not being flagged as no longer relevant, actually deleted - from the record. In the US, the Fair Credit Reporting Act is probably the most familiar example, but there are others.

Yes, we can say that it hasn't taken off because people just don't understand it because it's a complex technical topic. But we should also consider the possibility that the business environment in which we are trying to ininuate ourselves is a complex technical topic, too. And also watch out for Chesterton's Fence.

[derefr]

I think you're talking about different use-cases than the person you're replying to.

A distributed immutable ledger has many uses other than recording voluntary transactions, or even recording things to do with specific people.

For example, such a ledger can be used to create a tamper-proof security-camera footage log. Just hashes of exported video files, locked into a chain at time of export. You can redact the videos themselves (i.e. make all copies of the referenced video unavailable), but you can't change the hash, and so there's no party you can collude with to substitute one video for another. Even if you're a state actor. You either have the videos — which can be proven to be the right videos — or you don't; but you'll never be able to present the wrong videos.

Or, in the same vein, a chain-of-custody log for the contents of a safety deposit box at a bank. Any time someone opens the box, an entry is automatically appended to the log saying what authorization (e.g. access card) was used to open the box. Once again, the fact that the log is distributed on a wider multi-party-controlled system, makes it impossible (or at least impractical) for the bank itself to tamper with the logs to steal something from your box.

These are "finance" / "security" / "financial security" use-cases. But they're not PII. There's no point at which any of this data would ever legally require redaction or purging, because it doesn't relate to a specific client profile. It relates either to metadata of public-point-of-view sensory data capture; or it relates to employee actions against customer accounts, where the mapping back to an individual isn't given in the public log but rather exists in a private database.

[sangnoir]

> For example, such a ledger can be used to create a tamper-proof security-camera footage log.

What's the use-case here - who are the untrustworthy individuals that society needs to protect itself against? Societal trust is currently rooted in people - it will not be switched over to machines/distributed ledgers any time soon. This is why people can write affidavits/get sworn in to say "That video's legit" under pain of perjury. Frankly, there's little money in turning over trust to a blockchain when there is an individual/organization that can be interrogated. It's not perfect, but trying to perfect it has (evidently) diminishing returns

[derefr]

That example is not about positive proof (i.e. proving that real evidence is real); it's about negative proof (i.e. proving that fake evidence is fake.) It's about having a way to figure out that the expert defending the evidence has been bribed, and is saying what the prosecution wants them to say.

You can't charge someone with perjury if you can't prove the faked evidence is faked—which is why so few people get charged with perjury. Any threat of perjury with no discriminatory proof mechanism to back it up, is toothless, and experts will treat such threats with exactly the respect they deserve. (Look at the Japanese court system if you don't believe me.)