Blockchain for Libraries is Snake Oil Eric Hellman

"Blockchain for Libraries" is Snake Oil Eric Hellman • • • Free Ebook Foundation Unglue. it GITenberg Free-Programming-Books • • Gluejar Inc. Consulting Privacy Analysis Gluejar

Audience Poll Favorable? …or Unfavorable? Blockchain Snake Oil Omega-3 Fatty Acids

What is Snake Oil, Anyway? Chinese Water-snake oil is 20% Eicospentanoic Acid (EPA), one of the 3 important omega-3 fatty acids Analgesic properties – helpful for relief of muscle pain “Snake Oil Salesmen Were on to Something”, https: //www. scientificamerican. com/article/snake-oil-salesmen-knew-something/

But… Real Chinese snake oil is: • Expensive! • Exotic – from Asia! • Hard to tell from cheaper oil. So… Marketing Hype! Cure-all! “Good for Man and Beast” In 1917, a snake oil liniment was found to contain no snake oil!

Snake-Oil Today “Snake-oil” has come to mean: • fraudulently hyped solution. • doesn’t do what’s claimed. Also, it’s Chinese! And Snakes!

Blockchain Today “Blockchain” is… • The miracle technology behind Bitcoin • Widely marketed as a solve-all • Fabulously expensive • Never really needed (except BTC)

What $4 M/GB buys • Transactions live on a public, distributed ledger – Transparent- but easy to hide • No central authority or other ‘trusted’ parties. – Decentralized- except for the software. And pools. • Participants can be anonymous. – Private- except where it touches the real world • Value tokens lock the consensus mechanism. – Immutable- and that’s a problem • Consensus mechanism prevents double-spending. – Secure- except for bugs.

What do we need?

You say you need immutability? Use a cryptographic hash-chain and publish hashes in the New York Times! “The World’s Oldest Blockchain Has Been Hiding in the New York Times Since 1995”, https: //motherboard. vice. com/en_us/article/j 5 nzx 4/what-was-the-first-blockchain

You say you need transparency? Use append-only, cryptographically assured, publicly auditable log servers with auditors and monitors! The biggest CT log is a 600 M node tree and growing! “How Certificate Transparency Works”, http: //www. certificate-transparency. org/how-ct-works

You say you need automated consensus? Are you sure? ? ? • Proof of work – the Powerful decide • Proof of stake – the Rich decide • “Permissioned Blockchain” – the Privileged decide

You say you need automated consensus? Instead, make it easy for people to communicate and exchange information in cryptographically signed blocks. Make it easy to fork their mods, and to merge them when consensus is reached. Id est, utere Github.

You say you need decentralized? Imagine a cryptographically secured peer-to-peer network maintaining a synchronized archive of validated library materials. Use a consensus mechanism like the one in IBM’s hyperledger permissioned “blockchain”. But instead of powering it with cryptocurrency, power it with green, renewable, library goodness. Now that would be an awesome blockchain!

No, that’s LOCKSS Lots of Copies Keeps Stuff Safe • Decentralized • Byzantine Fault Tolerance • Secured by Hashes and PKI • Operating 20 years • Powered by libraries https: //web. stanford. edu/group/lockss/documentation/generic_PLN_architecture. pdf

It’s Not-Chain • Do use the healthy components of Blockchain to solve problems • Don’t try to sell an old car using a new label (even if it runs well)

Apply not-chain! e. g. Why are we… • • • …not saving the history of our metadata? …not crypto-signing our metadata edits? …paying for unvalidated digital content? …tolerating unhashed passwords? …tolerating insecure network connections? Let’s do the easy stuff first!

NEVER MIND THE BLOCKCHA HERE’S THE

Eicosapentanoic acid is good for you! Even if it’s not magic. eric@hellman. net @gluejar https: //go-to-hellman. blogspot. com