Microsoft has developed a blockchain framework that aims to provide the confidentiality, scalability and built-in governance needed for blockchain technology to proliferate at the enterprise level.
The so-called Coco Framework, built on top on Intel SGX (Software Guard Extension) enclaves, isn’t a ledger itself, but instead allows “arbitrary ledgers” to integrate with it, and achieve the benefits of scalability, confidentiality and built-in governance lacking in many blockchain technologies, according to Microsoft. Third-party application providers and third-party blockchain providers can run solutions on top of Coco, and plug into those benefits.
Intel SGX technology is key to delivering those capabilities, said Mike Reed, director of Intel’s Blockchain Office, as it protects the consensus mechanism (the agreement among a group of participants on a ledger) to speed the blockchain publication process. For instance, Bitcoin and Ethereum gives users the ability to do three to seven transactions per second, and enterprise blockchain technologies like Chain and Symbiont allow 100 or more. Coco can handle more than 1,600 transactions per second, stepping up blockchain’s capabilities to the level of a distributed database.
“Coco allows [enterprises] to encrypt a privacy mechanism in that chain,” Reed said. “The Coco Framework is a big step toward enterprise blockchain.”
Industries like financial services and healthcare, as well as industries with complex supply chains, are eager to embrace blockchain technology, Reed said. Blockchain has strong potential to drive out costs and increase performance in any industry that relies on an intermediary for a transaction.
But blockchain’s very design makes it challenging to deploy at the enterprise level. Traditional blockchains store data in the open, allowing any network participant to view historical data.
Instead, Coco leverages Intel SGX to encrypt transaction data, and Intel SGX execution to accelerate transaction throughput. When data is requested and the proper identity validated, the data is decrypted for transaction execution within a private enclave, according to an Intel blog. Coco reduces the overheard needed to achieve network consensus; it includes a consensus mechanism that uses Intel SGX to protect the process from malware, unauthorized applications and unauthorized users.
[Blockchain360, co-located with IoT Security Summit and Cloud Security Summit, investigates how blockchain can scale to meet the IoT's needs across industry and enterprise, accelerating widespread adoption. Get your ticket now.]
The partnership is not exclusive, and Intel is committed to “enabling the industry,” Reed said. In turn, the Coco Framework by design will be compatible with any ledger protocol and can operate in the cloud and on premises, on any operating system and hypervisor that supports a compatible TEE, according to Microsoft, which said it will contribute the source code to the community in early 2018.
By ensuring trust in the transaction, blockchain holds promise to help accelerate enterprise deployments of IoT technologies. Reed pointed to a simplified example for the fishing industry. Relying on intermediaries between commercial fishermen and, say, a restaurant limits the amount of distributors that restaurant uses to a few trusted intermediaries. Picture instead that after the catch, fishermen tag the supply with sensors, and data on everything from where the fish were caught, to what type of fish it is, to their temperature throughout transport is transmitted and tracked through Intel’s Sawtooth Lake distributed ledger, allowing the restaurant to digitally track ownership of assets and exchange ownership without an intermediary.
“The magic of blockchain in general is it allows us to exchange assets without having a trusted intermediary in between us,” Reed said. “The IoT space has opportunity to deploy blockchain, and in doing so, it’s seeking some of the same capabilities the financial services industry has attempted to realize, including introducing trust amongst a collection of parties.”
As a value-added service for blockchains, Coco is a first mover, according to Colin Ferrian, who is a senior research analyst focusing on blockchain for Boulder, Colo.-based IoT consultancy Harbor Research. But as an enterprise blockchain solution, Chain and Symbiont offer a permissioned blockchain that targets similar use cases.
“The difference between these two is the infrastructure of the startups vs. the add-on software of Coco, and the value is that Coco can be integrated across many different types of blockchain infrastructures,” Ferrian said via email.
Yet Coco, Ferrian thinks, will spur more competitive solutions, half-jokingly pointing to jobs postings just a day after Microsoft and Intel’s announcement by Amazon, IBM and Visa for blockchain-related job roles.
“At the very least, the announcement is going to spur competitors to move faster on building competing solutions, which will increase the relevance of securing IoT deployments,” he said.