A few days ago, I presented about the Blockcerts open standard at the Blockchain in Education conference in Groningen, The Netherlands. One of the conference attendees, Dr. Jaap-Henk Hoekman, a privacy researcher at Radboud University Nijmegen, wrote a blog post in which he presented several criticisms of blockchain technologies in general and the Blockcerts open standard specifically. These criticisms reflect some misunderstandings, so I thought Iâd take a minute to respond to them individually.
- In his post, Dr. Hoekman invokes a Learning Machine keynote presentation in which I mentioned that the issuer software we have built generates analytics about credential sharing and verification. He writes, âone of the keynotes suggested that also uses, i.e. verifications, of credentials could be logged on the blockchain.â From his perspective, this represents a âprivacy nightmare.â
That is a misunderstanding. The Learning Machine software tracks shares and verifications of certificates so that issuers can see analytics about how the credentials they have issued are being used. However, none of these events are logged on a blockchain, and these analytics are for internal issuer use only. They are a policy-making and alumni-relations tool for institutions, which already know when individuals request credential verification from them, but are unable to visualize this data in a user-friendly way.
- Dr. Hoekman also writes that âblockchain adds a middlemanâ because âCreating credentials (and perhaps even using them) is modelled as a transaction for which a significant fee needs to be paid.â
While itâs true that there are fees associated with writing transactions to a blockchain, these fees are actually quite small, especially when compared with the costs of printing paper records. Of course, any electronic records management system will also cost money, whether itâs built in-house or licensed from a software vendor. That is in part why the Blockcerts standard is free and open source: so any University can build their own applications for issuing credentials to the blockchain right now without licensing anything from a vendor. They would pay only for employee time and labor, as well as the small mining fees that it costs to log any transaction on a blockchain network.
Also, the implication that using credentials issued as Blockcerts costs money is incorrect. As the Learning Machine presentations noted, the Blockcerts Wallet (available for iOS and Android) is completely free for recipients, and verification operations are all free and vendor- and issuer-independent as well. Today, many issuing institutions and software vendors charge money for people to receive, access, and verify their records. Blockcerts does away with these fees. The issuing institution can, of course, decide that they want to continue to charge recipients. But that is a decision up to the issuing institution, not Blockcerts or Learning Machine.
- Dr. Hoekman believes that Attribute-Based Credentials (ABCâs) are a better solution for anchoring data than blockchains. He writes, âAll you need is that each issuer keeps a list of all issued credentials in a local immutable record (using a simple hash-chain, for example) against which a verifier can check the status of a credential.â
Thatâs fine, but you then have to trust the issuer (a centralized authority) to maintain an accurate record of all of their transaction hashesâand to be around as long as people need to verify them. If the issuer ever disappears, loses their records, or falsifies transaction order, verification will fail or be inaccurate. The beauty of blockchains is that the chain of hashes is decided by distributed consensus, so human error, mistrust, and deception cannot interfere with the integrity of the ledger. This mechanism also allows the blockchain ledger to outlast issuing institutions, providing verifiability even if the issuer no longer maintains their records.
- Dr. Hoekman describes some advantages for ABCâs which he believes Blockcerts do not possess, like recipient ownership and selective disclosure of data.
The advantages Dr. Hoekman describes for ABCâs are advantages of Blockcerts as well. Blockcerts are also stored (and owned!) directly by the individual, and data minimization (selective disclosure) can be built into the standard using Merkle trees. See the Blockcerts FAQ.
- Dr. Hoekman also describes what he calls a âsemantic problemâ with blockchains: âwhat does a credential like âThe Frysian University of Franeker certifies that John Doe successfully completed the master programme on Cow Managementâ actually mean? What guarantees does it give regarding the qualifications of John Doe?â He then responds: âThis seems hard to solve using technology. Blockchains do not help here.â
This is right. The social meaning of a credential is not a problem blockchains were designed to solve, and therefore cannot be considered a âproblem with blockchains.â All blockchains do is ensure the integrity of a transaction. What the document content means is a social question that requires human discretion. You can read Learning Machineâs essay on the differences between social and technology standards here.
- Dr. Hoekmanâs last criticism of blockchains regards the difficulty of proving the identities of the parties to a transaction. He writes, âAnother, slightly related, problem is credential binding: how can I be sure that the John Doe standing in front of me is the same John Doe mentioned in the credential? This is a general problem in identity management, for which I have not seen any satisfactory solutions yet.â
The Blockcerts Wallet will solve this problem. Its private key can be used to countersign any Blockcert (say, a diploma or an ID) to prove that I am who I say I am and that I own the document being presented. See the last question in the Blockcerts FAQ.
Moreover, the Blockcerts approach to identity is platform-agnostic; Blockcerts can be integrated with any identity solution, allowing software vendors and issuing institutions maximum flexibility with how they link transactions to social and digital identities.
I hope this response provided some helpful clarifications. We welcome further questions and comments about the Blockcerts open standard and blockchain technologies in general at the Blockcerts Community Forum.