Robert Tuttle: As far as general public understanding is concerned, blockchain is the technology that enables Bitcoin and other emerging digital currencies trying to gain a foothold in the world of financial services. From a high-level technology point of view, it could be described as a distributed database of anonymous transactions that is mathematically secured against revision or deletion. One of the best blockchain technology introductions that I have come across online, and that I highly recommend, is here.
RT: Blockchain technology can be highly capable for many scenarios where an exchange of data between two parties requires a permanent record of the transaction, along with definitive validation not controlled by a single entity.
The current mindshare and momentum behind blockchain is in financial services, but it is not hard to see the massive amount of data exchange going on in the world today that needs to have much greater security and accountability, such as government elections, healthcare records, or property ownership deeds.
To take it a step further, simple identity management and authentication of users falls into the category of a secure data exchange. This observation led us down a frogLabs experimentation using blockchain for consumer home automation. While there are a number of existing projects and startups taking on ideas for blockchain beyond digital currency (Ethereum is a notable one), we wanted to experiment with the technology in the context of a common user experience challenge.
RT: frogLabs projects are how frog performs experimental research and prototyping with emerging technologies, while taking into account user experiences and market realities. As a cutting-edge creative organization, we use an applied science process in frogLabs to dig in much deeper to understand and evaluate technology enablers in tangible ways that our clients will likely encounter in the near future, and which may impact their business models.
RT: Our experiments covered four categories of technical proofs-of-concept that would help validate (or disprove) our hypotheses. We first needed to use a blockchain implementation that gave us the ability to build a service and API around it for both the wallet and the mining pool. For that, we researched and settled on DigitalNote XDN (digitalnote.org) for the purposes of this experiment. We next needed to design a protocol for the login handshake and micropayment exchange between a user and the service that would take the place of current multi-factor authentication methods using strong passwords, SMS codes, etc. We next had to connect this service and protocol as a custom authentication module within an established server framework.
We chose to implement this for Nginx, which is commonly used in reverse proxy configurations as a layer of protection on top of other services. Finally, to complete the experiment with a real-world user experience test, we developed a simple authenticator app using this blockchain service that acts much like other types of multi-factor authenticator apps coming out today from Google, Microsoft, and others.
RT: The technical experiments and validation resulted in a packaged concept and functional prototype that I happen to be running live at my own house beyond the lab environment here at frog as a real-world test bed.
First, the combination of the blockchain and reverse proxy software was built into a $35 Raspberry Pi 2 device I could drop in place with my home network and automation gear (door locks, lights, Nest gear, etc.). With some fairly simple configuration, I was able to insert this device in between my home Internet gateway and the rest of my network, creating a blockchain-secured layer between the Internet and my home. A complementary authenticator app for my mobile device is used to receive login confirmation messages, which I can accept or deny when I want access. It is certainly experimental from a user experience perspective, but the technology and security is sound and working well so far in this isolated use case.
There are a number of ongoing questions and areas of exploration regarding scalability that go beyond the initial scope of the lab experiment.
RT: As with any emerging technology being considered for alternate use cases—like we had here with blockchain—we used an applied science approach to generate questions and form hypotheses from both a technical and user experience perspective, in order to directly answer that question.
We first had to consider the practical real-world speed of transaction validation across multiple blockchain implementations. We also had to consider the service provider and developer as a user, in that the introduction of blockchain into the authentication lifecycle should not create a massive disruption and refactoring of code. Simply put, if users have to wait minutes to login using blockchain, then it is a UX fail regardless of how secure it becomes.
Additionally, it becomes a major challenge to adoption if providers have to invest major resources to overhaul current infrastructure to support blockchain in their software and services. Our hypotheses and plans for experimentation led us down a path where we believed we could introduce a blockchain-based login experience that was fast enough and more friendly to the user, while also improving on some of the current complexity arising with account and password management in consumer experiences.
RT: Blockchain is one of those underlying technologies that most consumers may actually never hear about or know they are interacting with, especially if or when it can be teased apart of Bitcoin in public perception. I believe we are at least two to three years away from seeing blockchain technology in real production use on a consumer level outside of current digital currencies, given how critical it is to properly test and validate any new type of security protocol before released into the wild.
Catch Robert at SXSW 2016 on Monday March 14, 2016 at 9:30am for his panel “Save the Unicorns! Tooling for Full-Stack Design.”