Limits to trust in blockchains

14 februari, 2023
Auteur: Urwin van Lopik 

In hoeverre kunnen blockchains zekerheid geven en wat zijn de beperkingen? Een studie naar dit onderwerp.
As blockchain technology is increasingly used in IT services, IT Auditors will increasingly encounter this technology in their work. Therefore, it is a must for IT Auditors to gain some understanding of it. This article provides a global description of one aspect of blockchain: the concept of trust, and the limitations to that trust, in blockchains.
Blockchain technology was invented primarily to replace trusted third parties in the processing of electronic payments. To accomplish that goal blockchain technology must offer digital mechanisms to ensure transaction processing is trustworthy.

This article explores the relationship between blockchain and trust and to what extent there are limits to that trust. Driven by the rise of bitcoin, a growing number of companies are investigating and introducing new services and solutions using blockchain technology. Whether a blockchain is used to facilitate financial transactions, trade, or compliance, blockchain technology is often employed to provide some level of trust between transacting parties. This is evident with cryptocurrencies where the blockchain replaces trusted third parties such as banks or brokers when performing financial transactions. The replacing of trusted third parties is by design as the first document on blockchain from S. Nakamoto notes this purpose explicitly:
‘Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust-based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes (….) What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.’ 1
This, however, raises the question of what exactly makes blockchain technology trustworthy and if there are limits to this trustworthiness.
The concept of trust
In literature trust is generally considered a complex and multi-faceted concept with varying definitions. One useful definition of trust is the following: Trust is a psychological state comprising the intention to accept vulnerability based upon positive expectations of the intentions or behaviour of another.2  This indicates that trust exists in the context of risk and interdependence. The risk here is the possibility of one party in the trust relationship acting opportunistically to the detriment of other parties in that relationship. Trust is affected by the actions of the parties in a trust relationship and by their reputations (essentially their past actions). Trust is also affected by societal norms and values and by the institutions in a society. For instance, societies with strong legal institutions will allow parties to trust each other more easily because they feel protected against opportunistic behaviour through legal protections. Interesting to note is that trust is sometimes used as a substitute for control, though trust in itself is not considered a control mechanism.
Trust in IT
A trust relationship where one party is a piece of technology, is similar to other trust relationships in that, also here, one party chooses to depend upon another, expecting positive behaviour. Today it is normal for individuals and organisations to accept some level of dependence on IT systems, and be exposed to risks, while reaping the benefits these systems offer. There are, however, also a few differences. Trust in IT systems is different in that IT systems are not intelligent and therefore have no reason of their own to behave opportunistically. After all, IT systems behave as they are programmed to do. This behaviour however may be subject to contain computational errors, unavailability, or the system may simply be too slow. An IT system may of course also be manipulated to the detriment of its users by the people who programmed the system or by individuals who somehow have taken control of that system and now manipulate it to their own ends. All these errors can impact people’s trust in a system.

So, the trustworthiness of an IT system depends to a large extent on the competence and integrity of the people who have built and now run that system. Their actions in ensuring correct functioning and protection against errors and attacks are key in ensuring a trustworthy IT system. However, we should also note that trust in an IT system may also depend upon the users of that system. Indeed, users may attempt to manipulate an IT system by feeding it false information to gain an advantage. Though here, too, the developers of a system should provide protection, the nature of some IT systems makes this very difficult. This issue is particularly relevant for public blockchains functioning in a so-called adversarial environment, where not everyone can be trusted.

Blockchain Technology
Blockchain technology is essentially a combination of several long-known technologies, including public and private key cryptography, hashing and digital signatures, smart contracts, game theory, and triple-entry accounting. Blockchain is innovative in that it combines these technologies smartly by essentially creating a distributed database system where users create, process, and store data without a central authority maintaining the integrity of that data.

In blockchain systems, the ledger is comprised of blocks of data that are chained together using cryptographic hashes, with each subsequent block containing the hash value of the previous block. If the data in a block is changed by one participant, the hash values for that block will also change. As each blockchain participant has a copy of the ledger, each participant will also know the previously agreed upon original hash values. This makes changes to blocks in the ledger by one or several participants easily detectable and correctable by the other participants using the consensus algorithm to vote for the hash values that are to be adopted as the true values.

Trust in blockchain
Given the way a blockchain functions, it is clear that blockchains can enhance trust by providing a mechanism to prevent opportunistic behaviour in an adversarial environment. There is, however, a limit to what a blockchain can do regarding trust. Although a blockchain can ensure the ledger is tamper-proof, there is no implicit guarantee that what is stored in that ledger is correct. For example, if the blockchain is fed false data with no mechanisms in place to check the validity of that input, the false data will be stored as truth. While users may provide false data attempting to manipulate outcomes to their benefit, false data may just as well arise from erroneous data imported from other IT systems, malfunctioning sensors, or human error.
There is also the risk that the people behind the blockchain are either acting maliciously or making errors, potentially making the entire blockchain system untrustworthy to its users. This risk is one of the reasons why blockchain operators often publish the source code of their blockchain software. This allows anyone to test the trustworthiness and correct functioning of the software. While only experts can do such an analysis, transparency is known to build trust.

Finally, there are threats to the functioning of the blockchain to consider. In public blockchains a single party can gain control over more than half of all nodes, allowing that party to manipulate the consensus algorithm to have favourable outcomes. But achieving this level of control may be practically impossible or at least very difficult for blockchains with large communities. There is also the already mentioned risk of false data being stored in the blockchain, possibly invalidating all future usage and processing of that data. This poses a major problem regarding trust for all types of blockchain systems and the business models these blockchains support: from blockchains that execute financial transactions to those that are used to verify the origin of products in support of international trade or sustainability programmes. False information can lead to losses, unfavourable outcomes, and ultimately loss of trust.

Risk depends on the environment
Not all blockchains function in the same kind of environment. On the one hand, public blockchains operate on the principle of anyone who can download and install the software can participate. On the other hand, private and consortium blockchains are selective about who can participate in those systems. This means that the extent to which the mentioned risks and issues affect blockchains, may differ from one blockchain to another.
As this short exploration shows, blockchain technology is innovative in that it is a technology that ensures data integrity based on arbitration through consensus and not on a single central arbitrating entity. This means that blockchains can provide trust in adversarial environments to the extent that a trusted third party is no longer needed.

Yet, in principle, there are limits to what a blockchain can do to ensure trust. For instance, as discussed, blockchains cannot ensure the correctness of the data stored, just that this data is not altered once accepted as truth. Blockchains may also contain errors and exploitable weaknesses that have not yet been discovered. Furthermore, risks depend on the environment (public, private or consortium blockchains). Finally, the operator of a blockchain may also act opportunistically and use the system to their own benefit and to the detriment of others.

To mitigate these risks and increase the trustworthiness of blockchains, additional controls ranging from ITGC, input validation and behavioural controls may be helpful. In these situations, knowledge and practices from the IT Audit field will be of value in mitigating risks that could harm trust in blockchain products. However, with blockchains being innovative in combining existing technologies to create something new, some inventiveness in designing new and blockchain specific controls may be called for. Here too, IT Audit may have a positive impact by engaging with technical specialists to invent new controls and technical means of mitigating risk and enhancing trust.

  1. Nakamoto, S. (2008, October 31). Bitcoin: A Peer-to-Peer Electronic Cash System
  2. Rousseau, D., Sitkin, S., Burt, R., & Camerer, C. (1998). Not So Different After All: A Cross-discipline View of Trust. The Academy of Management Review, (Vol. 23, No 3, 393-404).

Urwin van Lopik | IT-auditor Rabobank
After obtaining his bachelor's degree in Computer Science from the University of Applied Sciences ‘Hogeschool Utrecht’ in 1998, Urwin started working in IT in the finance sector. At some point joining Rabobank, he worked in various functions in information security, IT operations, and Risk Management. During that time, Urwin also spent some years teaching part-time at the Hogeschool Utrecht on the subjects of IT Operations, IT Governance, and IT Process Management.
A few years back, Urwin joined the IT Audit team of the Rabobank Internal Audit department as an IT auditor, performing audits inside and outside the bank, with a specific interest in the subjects of Cloud Services and Information Security. Finally, Urwin also focuses on new and emerging technologies such as Quantum Computing and Blockchain, and what this means for financial services and Audit.