Chainlink’s New Acquisition From Cornell University Could Transform Blockchain For Good
Chainlink, the most widely used decentralized financial data source, securing over $3bn in value, announced today that it has acquired DECO from Cornell University.
According to the Smartcontract.com (creator of Chainlink)’s co-founder Sergey Nazarov, DECO, is an improvement on how to utilize HTTPS/TLS, for data transmission across the internet, developed by Dr. Ari Juels, the former Chief Scientist of RSA, one of the world’s largest security companies. Juels previously formalized Proof of Work, which is now used to secure the more than $300B in cryptocurrency stored across Bitcoin, Ethereum and thousands of other cryptocurrencies.
While initial reactions to this announcement have focused on its impact to decentralized finance (an area that Chainlink is best known for), the repercussions of this transaction are far broader than this narrow space and could fundamentally accelerate the adoption of blockchain technology by corporates.
I sat down with Nazarov to understand the significance of the DECO acquisition and what this means for adoption outside of DeFi.
First De-Fi Then The World?
Chainlink’s network purpose model is ultimately about enabling smart contracts to securely access external data sources — or oracles as it is known in blockchain terminology — in a decentralized manner, while ensuring that the information can be trusted and has not been tampered with.
While smart contracts have enormous potential with a broad range of uses, it has been in DeFiwhere they have had an overwhelming level of traction. Today over eight billion dollars is locked up in smart contracts in DeFi; much of it using Chainlink’s technology as the information backbone to provide investors and their algorithms with token information such as price, demand, supply and collateral levels.
While DeFi has been on a tear recently (the entire space has grown up 30% since July 2020 alone), it still represents a relatively small asset class in comparison to traditional financial markets. Furthermore, it is one that is predominantly isolated from real world of physical goods and services. While there is nothing inherently wrong with DeFi, that public blockchains’ primary usage today is to enable cryptocurrency investors to speculate on the price of other tokens represents something of a disservice to what smart contracts are actually capable of doing.
In other words, DeFi is the tip of the iceberg for smart contracts’ capabilities.
Underneath the water line lies the vast potential of public of blockchains which could eventually represent a “world computer’; ubiquitous, globally connected and decentralized, automating every aspect of our lives using data delivered through high speed networks such as 5G; for instance, through blockchain, satellites can beam real-time road usage to autonomous vehicles and weather stations can send wind and rain reports in North Dakota that can be used to automatically price automated weather crop insurance contracts for farmers.
So why have we only seen use cases in DeFi come to fruition? For Nazarov, he believes it is because the information that can be reliably and verifiably captured and transmitted in a tamperproof way today with today’s technology has tended to be in the blockchain realm.
Information about tokens, especially where that information already resides on the blockchain, is far more readily available, trustworthy, secure and straightforward to verify than from data sourced from the real world.
After all, information in the physical realm tends not to already be on a blockchain, so there are fewer mathematical guarantees that information, say, sourced from a weather station has not been tampered with, than data from a coin contract which is inherently backed by mathematical “proofs.”
Nazarov goes on to explain some of the fundamental challenges of bridging between information sourced from real physical world and delivering it to a smart contract in such a way that the data can be proven to have come from the source that it pertains to have originated from and has not been tampered along the way. It turns out that it’s not a trivial thing to do.
Our interview time is short, but I’m determined to fully understand the problem space and how Chainlink and DECO intends to solve it. Nazarov, somewhat surprised to be speaking with a journalist with a computer science background, gladly obliges.
He switches gears from a marketing narrative to one where he attempts to squeeze in a computer science academia presentation into the remaining fifteen minutes of our call, launching into a monologue about aspects such as homomorphic encryption and zero knowledge proofs. As he does so, he pulls up, and rapidly scrolls through, an array of academic white papers that he has published — a sea of mathematical hieroglyphics, and “alice and bob” diagrams dance across the page as he quickly advances through the dense text.
Some of it is, admittedly, lost on me, given the time constraints, but it provides a visual reminder that much of the work that blockchain companies are involved in remains on the frontier of engineering, and pioneers like Nazarov, and his new chief scientist Dr. Ari Juels — who used to head up security for the secure computing giant RSA — are pushing up against the boundaries of the knowledge of theoretical computer engineering every day.
Privacy Is Complex
Being able to trust data from a broader range of information sources that reside in the real-world, as opposed to pertaining to on-chain token contracts is but one part of the overall puzzle.
Another aspect concerns the challenge of privacy. There’s little need for privacy in DeFi (save for the actual identities of token holders, which blockchain already obfuscates).
But when stepping out of the internal confines of cryptocurrency and into the real-world, that is where privacy complications start to emerge.
Corporate and personally identifiable data has a lot of complexities associated with it where privacy is concerned.
To Nazarov’s mind, there are three models that start to emerge: at both extremes you have either no privacy, as we see today with many of the DeFi oracles, and at the other extent is the highly secure, private communication channel approach where only two entities can share information.
In reality, most “real-world” use cases reside in the middle of that spectrum, and that’s a far more complicated scenario to engineer around; complex corporate relationships and supply chains, data needs to be private, but to certain groups of entities.
For example, in the case where a shipper decides to share information on its cargo’s passage through various ports and customs controls; this information is inherently confidential to the shipper, but the company may wish to share that data with the companies that own that cargo. Neither a fully transparent, not a fully private solution fits that model.
Another privacy problem in the real world involves how to enable multiple organizations to share data that they deem as private in order to benefit from analysis of the full data set.
Take healthcare for example; in researching a new drug, it is often necessary to pool information from a large body of patients to analyze how a group responded to treatment. However, this has inherent challenges — patients either have to provide their consent (easy if there are 10, less so when there are 10,000), or the companies that are the guardians for that data must cleanse the information themselves which is expensive, time consuming and can remove some of the value of the resulting analysis.
But what if all that sensitive data in its raw form could be sent to a smart contract that can be proven mathematically will not share the data, but is still able to analyze it and report back its analysis?
Ultimately, smart contracts have the potential of unlocking a variety of these types of privacy use cases which are simply not possible to do with traditional technology today but only with oracle technology that provide the right level of safeguards.
Making It Easy For Corporates To Adopt
As compelling as these examples may be, it still remains a complex topic for the average Chief Information Officer at a large corporate to dedicate time to considering. That he or she must invest in a technology stack to drive this forward tends to be inconceivable given other numerous priorities.
With the acquisition of DECO, Nazarov believes he has found a solution to this. Rather than deploying new technology, adopters can use the same technology that is already in use today to secure web traffic. This is security technology that has existed for 25 years – the same security which has kept us safe when we have used our bank cards to purchase goods on the internet — Secure Sockets Layer, or SSL. This technology uses the same encryption that smart contracts and secure oracles rely on.
Not only does that remove a large hurdle for adopters, but it also opens up some interesting possibilities; for example, it becomes possible to mathematically prove exactly when (or to use the technical terms — within which TLS session) a given piece of data was transmitted. As data moves along a long supply chain of intermediaries and smart contracts, there is the risk that it can be tampered with, but being able to prove mathematically not just from whom the information was transmitted from but exactly when it was transmitted becomes very powerful as it removes the risk that data was altered, after the fact.
The Dawn Of A New Era?
With the ability to provide an enterprise grade level of security and assurance, which Nazarov claims that the combination of Chainlink and DECO will bring to the industry, he sees the heralding of a new era in the adoption of blockchain — extending usage outside the close knit realm of crypto enthusiasts and DeFi speculators a to mainstream audience.
Nazarov draws parallels with the advent of e-commerce in the late 90’s reminding us that SSL gave people the confidence that they could shop online securely without their bank details being compromised and that led to the explosion of online shopping.
In the same way, suggests Nazarov, the privacy and assurance provided by the Chainlink and DECO stack will drive a similar groundswell of adoption. Businesses, and in particular financial markets, thrive and feed off high quality data and Chainlink is providing that backbone, just as Cisco did with networking at the turn of the decade. So — the argument goes — that will fuel the fire of growth in areas of business that feed off the oxygen of data, just as it did in DeFi.
Adoption Is Everything
That said, it’s easy to get swept up into the fervor of blockchain, and its possibilities. The combination of frontier engineering created by computer security luminaries, and the endless possibilities of businesses transformed is an intoxicating cocktail that has led many people down the rabbit hole of crypto over the years.
But it can be easy to be swept up in the possibilities that the technology unlocks and forget that today this enthusiasm resides almost exclusively in the echo chamber of the world of crypto enthusiasts and actual mainstream public blockchain adoption has been painfully slow. So far, outside a few notable successes, blockchain has remained in the research labs of major corporates.
Organizations such as Consensys and Ernst & Young have been pushing the boundaries on what is possible with public chain technology with some success but the space. Yet corporate adoption still remains analogous to steam train with the brakes on; with startups and blockchain consultancies continuing to shovel large amounts of cash into the boiler, frustrated to the locomotive only marginally edging forward.
It’s all too possible that solving the security and attestation problems of oracles isn’t enough to get corporates to adopt the technology and that there will be are other, non-technical factors, that will continue to hold mainstream adoption back.
It will be interesting to see how this plays out.
By Ben Jessel