Hybrid Blockchain Solutions: Real-World Combinations of Public and Private Distributed Ledger Technology (DLT)

By Matthew Hine

When we’re deep into the process of helping customers define the best way to integrate blockchain with their business, the topic of “decentralization" almost always surfaces. Whether they know the term or not, most customers looking at blockchain for their business assume that blockchain equals decentralization, meaning that to use blockchain, they must trust their business to an open public network of computers like the Bitcoin or Ethereum networks.

This feels risky and complex (rightly so!), but we will see that a hybrid blockchain solution provides other opportunities. Blockchain – or to use the more general term, distributed ledger technology (DLT) – comes in multiple forms, many of them not at all decentralized but with other significant advantages. We have found that most real-world businesses (which are inherently centralized, to begin with) are best served by a hybridized approach to DLT, where we use both decentralized DLT and private centralized DLT for their respective strengths.

The Power (and Tradeoffs) of Public, Decentralized Distributed Ledger Technology (DLT) Networks

When Satoshi Nakamoto introduced Bitcoin, the first DLT protocol, to the world, he certainly had decentralization in mind. To him, the critical problem was how to create true digital assets (digital cash to start) without a trusted centralized authority calling the shots. For decades, this problem was assumed to be unsolvable, but Bitcoin demonstrated that it could be done with DLT. This was an immensely powerful advancement in technology, the implications of which will be felt for years to come. Entities like banks, escrow companies, or middlemen that took their cut and had their hands on the levers of control could now potentially be replaced by a democratic network of computers only requiring trust in the underlying mathematics of the protocol. That is the power of decentralization.

How is this possible? Without going into the messy details, a DLT’s protocol is designed so that a network of participants are forced to come to an agreement that a given action (such as moving a token or setting a state) follows certain rules such that everyone can trust the result and officially record it to a shared ledger. The network achieves that trust without a special authority that could make mistakes or could secretly change the rules. For this reason, I like to think of DLT as a “trust engine” where the design of the engine itself creates the trust in the result.

A DLT trust engine works beautifully to create public networks – networks anyone can choose to join – that still ensure transactions are correct because the rules of the network are followed. The tokens and cryptocurrencies now transforming finance and business funding (such as utility tokens in ICOs or tokenized securities) absolutely require a public DLT as their foundation. Public DLT is also a great match for keeping track of assets or records where absolute transparency is of value; think records of ownership or document notarization. And some DLT platforms such as Ethereum, NEM,  and many others now allow users to create their own decentralized rules, or even run application code (“dapps”) in a decentralized way.

Operating a totally decentralized, public DLT trust engine, however, comes with unavoidable costs:

  • Privacy: Privacy of transactions becomes vastly more difficult on a public network. In simple terms, in order for everyone to agree on a transaction, everyone has to see the transaction. This means that if anyone knows your DLT address, they can see the full history of everything you’ve done on the DLT. This means loss of personal privacy, and possibly legal liability.
  • Speed: Trust engines designed for public operation must include features to keep attackers at bay; these features slow the network down and in many cases come at actual physical cost. Bitcoin mining, with all of its vast power-sucking farms, is simply a feature of the network that prevents takeover by nefarious actors. This processing overhead greatly limits the number of transactions a DLT can handle.
  • Availability: Users of a DLT must rely on the availability of network participants (“nodes”) that have no obligation to stay online, or may simply not be physically located nearby, creating performance challenges in usage.

These challenges are even more pronounced when a business needs to create their own DLT rules or run their own dapps. Not everyone can accept having application logic and data available publicly and these features can quickly slow down many public DLT networks to the breaking point. For example the simple dapp-based game Crypto Kitties caused massive slowdowns of the entire Ethereum network.

Researchers are proposing new approaches to improving the speed, privacy, and availability of public DLT protocols, but a public network will likely always require compromises in order to maintain critical decentralization compared with what a centralized network can provide. For example, additional privacy may come at further performance cost, or additional speed may come with loss of decentralization.

Private Distributed Ledger Technology (DLT) Networks Have Their Place

People quickly discovered that Satoshi Nakamoto’s ideas didn’t only apply to public decentralized networks. If you remove the public requirement of full decentralization, you still have a DLT trust engine that does a fantastic job of securely and reliably keeping track of transactions and other data on a private network of trusted nodes. The private network still enforces transactional rules that help a business ensure proper accounting and resistance to errors by individual users/systems. DLT projects such as Hyperledger are focused exclusively on this kind of private usage.

For a business, this kind of private DLT might take the form of their own network of nodes (running, say, on a private cloud) behind a firewall that can address public DLT shortcomings:

  • Privacy: Running private DLT nodes within a company firewall, private DLT networks naturally keep user and business transactions private, while still ensuring they are correct and can’t be tampered with.
  • Speed: Because the business can trust its own nodes, it doesn’t need mining or other defensive features. Removing the defensive features of a public DLT allows the private DLT to run much faster – sometimes hundreds or thousands of times faster.
  • Availability: A business can easily design a custom network of private nodes for low-latency availability, site redundancy, and for the level of DLT performance required.

Our customers are often surprised at the power of these private DLT networks once we explain what they can do. Businesses that thought they only needed DLT for an ICO find that they can also gain a critical cost and efficiency advantage over their competitors with a private DLT solution.

The Hybrid Approach

Both public and private DLTs then have important and very different use cases, but real world problems seldom lie at the extremes. We find the majority of systems we architect for our customers benefit from a combination of both public and private DLT with a hybrid blockchain solution. We use each for its respective strengths. And we prefer using DLT platforms that include a decentralized public network but also allow us to provision our own private networks using the same developer interface and methodology. This way, one piece of application code for the business is able to talk to both DLTs as appropriate and our customers get the enterprise-level security, auditability, and scale required to further their business.

An example of a hybrid DLT solution.

An example of a hybrid DLT solution.

Real-World Example

Challenge: Many businesses require the maintenance of critical private records:

  • User account balances and transactions
  • Timestamped records of actions taken by systems or users
  • User identities/roles and records of authorized approvals

Competitive Advantage: It is critical that these kinds of records be both reliably accurate and auditable, in the simplest and most cost-effective way possible.

Traditional Solution: The business builds and maintains a database wrapped in extremely carefully written and audited code, often with a team of IT and compliance personnel to ensure mistakes aren’t made and to create audit reports. Many companies also maintain redundant systems to prevent network downtime in case of a system failure.

Hybrid DLT-based Solution: The business sets up a private DLT network that provides fault-resistance, security, and auditability inherently into the protocol – typically not requiring expensive hardware to operate. This is a massive improvement in efficiency in development, maintenance, and usage over the traditional solution. Transactions and records kept with this DLT are internal to the business, and a part of its trusted operation for its customers. However if the business also offers a utility token or security token, if it conductions transactions with untrusted third parties, or if there are records that require a high level of public auditability, then the business also makes selective use of a public DLT for these features where decentralization is a good match.