Technology giant IBM has patented two solutions to audit blockchain networks, which should help organizations to certify the data integrity in their blockchain-based systems. Both patents were recently approved by the US Patent and Trademark Office (USPTO).
The world of business has seen multiple high-voltage controversies regarding data integrity in the systems of the enterprises, resulting in legal actions initiated against large corporations and stringent punitive measures against them. High-profile lapses on part of the big businesses to certify the integrity of their data, IT systems and business controls have also resulted in regulatory regimes becoming more and more stringent.
The blockchain technology with its’ promise of immutable record certainly helps the businesses demonstrate that their databases and IT systems haven’t been tampered with. The immutability of blockchain records also helps the businesses solve another of their key challenges: satisfying the regulators about their record-retention policies.
However, the blockchain technology is relatively new, and many regulators are still coming to terms with it. The technology also employs complex cryptographic technologies to ensure the immutability of records, and for a business dealing with regulatory bodies may find it very challenging to explain such technology, and assure them about their immutable records.
While blockchain is good news, the businesses still have to certify that they have immutable records, and independent auditors still have to agree that the business has indeed the right controls in place in their blockchain-based systems. IBM’s patented solutions address this.
The solution proposed in the first patent, which concerns establishing an auditable checkpoint, is following:
- A checkpoint needs to be established for auditing a blockchain.
- For certifying a checkpoint, all validating peer nodes must reach a consensus and the state, i.e. value, of the network.
- The ideal solution for this is to have a numeric value of the network, which could be the hash value of the state of the network at that point.
- This will allow the auditor to first go back to the genesis block, i.e. the first block in the blockchain, and start from there to the declared checkpoint state. The auditor can verify whether all the validating peer nodes record exactly the same hash value for this checkpoint. If they do, then the checkpoint is a valid one, there is a consensus about it, and the blockchain has immutable data.
The solution proposed in the second patent concerns the auditing of the checkpoint itself. It proposes a process where the independent auditor should be able to independently execute all the transactions in the blockchain between one checkpoint and the next. The auditor can independently verify the hash value of each block created in the parallel exercise, and match that with the cryptographic hash value recorded in the ledger. If they match, the audit is complete, because the data integrity has been independently verified by running the same transactions. While some auditors may insist on checking the signatures of transactions, it shouldn’t really be needed, since the audit process covered the hash value already.
IBM is deeply involved with the blockchain technology, especially the enterprise blockchain area. In fact, IBM was one of the main contributors to the Hyperledger Fabric enterprise blockchain project executed by the Hyperledger Consortium. IBM has also worked with a number of jewelry companies for their TrustChain, i.e. a blockchain-powered supply chain assurance solution for the jewelry industry.