Follow

Wrote a blog on why AWS never dove seriously into blockchain. Features groovy pix from a trip to New York, which is part of the story: tbray.org/ongoing/When/202x/20

@timbray interesting that QLDB also launched and didn’t make it as a mainstream service. I think it was too hard to market it to the right people and those that might be interested wanted something more portable.

@adrianco If QLDB had been more like internal QLDB, with appliers and so on, it should have found an audience. I was baffled when it turned into something else that I could never really understand.

@timbray @adrianco I was super excited when QLDB launched, then majorly disappointed to find out it wasn't *that* (the internal) QLDB.

@timbray @adrianco we’re currently using it but wondering if we will migrate to a ‘regular’ db with tight permissions instead.

@onyxraven @adrianco I think it's a perfectly decent project, just shared a name with an internal thing that was quite different.

@timbray @onyxraven I think it would have been much more successful if it had been open sourced as part of the launch. I agree that making closer to the internal service would also have helped get it out quicker and got more use from ex-Amazon devs who understood what to use it for.

@adrianco @timbray ya I think maybe it’s in between use cases in its current form. Auditable data version log is great, but the trade offs are a little steep on its own.

@timbray I find it quite interesting that you hit upon the one potential use case that Bloomberg also mentioned as being useful (property markers in places where rule-of-law isn't so firmly established), as well as the reason why it doesn't solve it (powerful folk will find another way, on or off the blockchain).

@timbray Interesting article, Tim, thanks. There's probably still folks within AWS who, from time to time, write docs describing services that could be considered "blockchain related". Whether or not those documents end up turning into real services, no one outside AWS really knows until the services show up. At this point, given the landscape, my hunch is that anything blockchain-related is not going to appear.But who knows?

@timbray Thanks for weiting this up. I’ve wondered of scenarios where a blockchain would be useful when a trusted registry may do the job.

@timbray One scenario I’ve considered is baclground checks for Lyft and Uber drivers. As a customer I’d want proof that my driver has passed a background check by a reputable service. And if a driver passed one for Uber and later drove for Lyft that they could use the same background check. And once it expires it could be renewed. I’d want customers to be able to look up the background check to see the summary, like what was checked and when it was last checked.

@timbray Since I don’t trust Uber to do proper background checks I’d want registered services to be authorized to enter records about drivers of background checks. There also needs to be a mechanism to amend a check if there is any incident which would cause the check to no longer pass. Lyft and Uber would not be able to just claim they ran a check.

@brennansv So, you want an independent background-check provider, which you trust even though you don't trust Lyft & Uber. Fair enough, sounds reasonable. How does a blockchain help?

@timbray It may not need blockchain, but who owns the database? Government? Uber or Lyft? I might trust and independent third part (cloud provider) to host it. Somehow it has to be funded. But this is a one good use case where I would consider something like a shared ledger to be useful. I’d use checksums to guard against tampering old records. I suppose “receipts” could be copied to every party.

@gravity @timbray With transport and signing. What I’d also want is smart contracts. Every step in the workflow would be controlled to prevent abuse. Uber could not fake a record or mutate past records.

@brennansv @timbray (just trying to understand) seems to me like if the verifying organization (ie not Uber) is signing the “this guy is a-ok” message with something rolling up to their PK you have that. It’s not going to change overtime necessitating a chain unless the signing cert is revoked, which we already have infrastructure to support.

@gravity @timbray The original record would be to identify the driver and verify they have a valid license. It would include the expiration date. The background check would be linked to the driver’s record. Lyft and Uber are just 2 ways to use it. I could use it with Toro or Getaround to prove I have a valid driver’s license and background check. There is more than just a single, one-time certificate needed. I’d like to avoid sharing my ID with every app I use.

@gravity @timbray My driver’s license expired a while back before I realized and Turo still let me book a car. This is one scenario that should be covered.

@brennansv @timbray I see. So the advantage would come with all of that stuff living together on a chain and all usecases reading and writing to the same.

@gravity @timbray It would not have to be like the typical blockchain. The root of a chain could be the identity of a person which is amended with a verified driver’s license, background check, or a certification to handle specific equipment. These could be entries in the shared ledger. It’s all linked to the identity. There are privacy issues to address. So I’d address that too. But could this also be a database? Maybe. Just needs to be trusted and distributed.

@gravity @timbray For privacy, I would just have the status on the public record. To get the person’s home address or other details you’d have to request access and that permission would come from that person and registered in this system. They could also update their home address and signal all users who were granted access previously. I’d like to use this to update accounts across many services. Bank, DMV, Insurance, etc.

@brennansv @timbray It sounds like you want X.509 certificates. Driver presents you with a certificate signed by a certificate chain with a root authority that you trust. You can then cryptographically verify that their certificate saying they passed a background check has been asserted through a system that you trust. No need for blockchain there.

@jroper @timbray yeah, I’m not pushing for blockchain. This is just one use case where I don’t trust the service providers. (Uber/Lyft) So if background checks could be published into a shared registry, signed and keep a checksum which is copied to every party that could work.

@brennansv @timbray It doesn't have to be a shared registry. The driver could just provide it to you, or the driver could give it to Uber/Lyft, who give it to you. The use of X.509 certificates means you don't have to trust the means by which you obtained the certificate. It's exactly the same concept as TLS certificates, there's no shared registry for them, and you don't have to trust the network over which it's given you.

@jroper @timbray It’s not enough to sign a single certificate and issue it to the driver. There needs to be a way to see if anything has changed later, like a car accident or police report that changes the result of their background check or validity of their driver’s license.

@timbray I was working for an investor backed startup during the height of the blockchain craze, and so our investors were frequently asking us if there was anything we could do with blockchain. The thing is, we're a serious engineering company that provides technology based on long proven computer science solutions to address problems in the distributed systems space. It wasn't in our blood to do smoke and mirrors. So we kept having to disappoint our investors.

@timbray this was a good post, thanks for writing it. I also liked the back story of “this the kind of whacky stuff people in my role get pulled into” and the old “management by magazine” vibe :)

@timbray Excellent write up. You didn't do 6 pagers in AWS land?

@timbray Ironic that you posted this on a federated social media platform instead of a centralized one ;)

@timbray I guessed so, but couldn’t resist. Ik like your post, it’s always good to look at a new innovation from both sides 👍

@timbray @mheadd This is such an excellent piece. Thanks for sharing! 🙌

@timbray Really liked the piece, thanks for sharing. My thinking changed a bit over the last few months for a potentially narrow subset of cases in which crypto is a feature, not product, used to jumpstart a community / marketplace / ecosystem and, potentially, reward useful work in the space. The one good example I’ve seen is Helium (though it probably could’ve been done without crypto). See
twitter.com/owasow/status/1533

@timbray thanks for sharing your view Tim, it was an interesting read

@timbray How do you explain that blockchains and BTC/ETH are still around? Why are we pouring all this money into it (just to witness spectacular crashes) when there is really no use for it?

@murcea I suspect the miners and exchange insiders are wash-trading like crazy all the time to keep the price from collapsing, and attract the last possible shreds of sucker fiat. But I have no inside information.

@timbray I doubt it. The blockchain for BTC for example is public. I also find it extremely suspicious that big financial institutions are starting the offer bitcoin/eth as an investing option (eghttps://www.fidelity.com/crypto/trading)

@b_cavello @timbray mm! Read this earlier today.

At some point blockchains will leave the marketing materials and be hidden away in some engineer’s architecture diagram in the documentation, which is when things will actually become exciting.

@roblach @b_cavello That's *exactly* what I've been waiting to see happen, since 2015 or so, and it hasn't. If it were going to, it would have by now.

@timbray @roblach @b_cavello

I agree with the line of thought around blockchain being part of the tech stack rather than a feature or product in its own right.

I also wonder where something like IPFS fits in all of this as it's not a blockchain but used by lots.of crypto projects for file storage.

Sign in to participate in the conversation
mastodon.cloud

Everyone is welcome as long as you follow our code of conduct! Thank you. Mastodon.cloud is maintained by Sujitech, LLC.