Captain Herbert Soanes explains what exactly the blockchain is, and what opportunities and risks it brings to the maritime sector
The concept of the blockchain seems inescapable. Originating in the world of cryptocurrencies, the concept is being mooted for use in a range of applications, including tracking cargoes in the shipping world.
One of the biggest names considering the possibilities afforded by the technology is Maersk, who alongside IBM plans to establish a joint venture to provide efficient and secure methods to conduct trade via blockchain.
Anchoredge Inc’s chief commercial officer Captain Herbert Soanes became aware of the blockchain in the context of the cryptocurrency Bitcoin, but soon realised “it has a lot of potential not just for maritime and shipping but across industries,” he said. Speaking at the European Maritime CyberRisk Management Summit in London on 15 June, which took as its theme ‘People, Processes and Products’, Capt Soanes gave a breakdown of the ideas behind the blockchain and its ramifications for cyber security.
Capt Soanes said that blockchain can be thought of as “a decentralised network which holds information in documents across a peer-to-peer network”, with the blocks in the chain forming a distributed ledger.
Each individual block contains information along with a cryptographic hash, which acts like a fingerprint that uniquely relates to the information contained within the block. If even a single character in the information contained within the block is changed, the hash will cease to match and a new one will be required. Alongside the data a block carries and its own hash, each block also contains the hash that relates to the information contained within the preceding block, hence forming a chain.
Perhaps the best known example of a blockchain is the Bitcoin cryptocurrency, which users access via a digital wallet that comprises a piece of software that stores the public and private keys used to receive or spend their cryptocurrency.
If someone attempts to tamper with the information contained in a block, the hash will change and the chain is be broken. To rectify that, the hash of the subsequent block would need to be updated and so on. “Of course, changing the hash is easily done – with today’s computing power you can generate hashes extremely quickly,” said Capt Soanes.
Bitcoin dealt with the issue of how to monitor and slow down the process of moving from one block to another with the ‘proof of work’, which Capt Soanes described as “a mathematical puzzle that nodes perform in order to put new information on the blockchain,” which takes an average of 10 minutes to complete. This is where the peer-to-peer aspect of bitcoin comes in; multiple nodes in the peer-to-peer network must reach a consensus of at least 51% on the answer to the proof of work for new information to be added.
The proof of work prevents double payment, an example of which would be a user with the equivalent of, say, US$500 in his wallet attempting to trick the system by sending two payments, of US$500 each, simultaneously. Without the proof of work, this might be successful, but with the time delay incurred it is not possible for the transaction to be completed before the system recognises that information has already been transferred and preventing it.
This is where the cyber security applications come in. Noting that to successfully hack a Bitcoin blockchain, 51% of the 7,000 nodes processing each transaction must be compromised, Capt Soanes said “the ledger is decentralised. There’s no central point of failure and that’s what the beauty of the system is.”
As well as the decentralised nature of the network, which does not rely on a single central entity and therefore has no single point of failure, blocks of information are held in a chronological chain. This means that entries cannot be amended or appended without consensus, said Capt Soanes, and historical records are maintained forever. Further, once a block is on the chain, anyone with access to that chain can see all of the transaction details in real-time, creating a high level of transparency, he said.
All of these factors make the possibility of fraudulent action on a blockchain very low, explained Capt Soanes, making it very conducive to what is known as ‘distributed trust’, which is used in situations where many stakeholders need access to the same set of information. He illustrated this with the example of a shipping container travelling from the Far East to Europe.
Such a situation would require many kinds of declaration, clearance and other certification that need to go to not just one or two but possibly hundreds of different parties along the route. “Once you put this on the blockchain, it becomes visible to everybody at the same time and you don’t have to keep sending documents to and fro like we do now,” said Capt Soanes.
This is very useful when the parties involved don’t have a pre-existing relationship based on trust, Capt Soanes noted, offering the example of a customs official who would be able to know for certain that documents relating to a cargo are accurate and haven’t been tampered with.
However, blockchain should not be seen as a solution to all ills, Capt Soanes warned, noting that currently many business ideas are flying around that proclaim themselves to be based on blockchain technology. Citing the example of cyber security, he said that it’s worth considering whether the same solution being advertised still works without the blockchain – “maybe it does but many of them are using blockchain because it’s a buzzword,” he warned.
Turning to the issue of whether the blockchain has been compromised so far, Capt Soanes said that while cryptocurrency exchanges in Japan and South Korea have been hacked, he sees these as appendages to the blockchain, rather than the blockchain itself, and it is in these appendages where the risks lie. He gave the example of communities where people may hold multiple cryptocurrencies and use smartphone apps as the wallet by which these are accessed. In this context, phones become a target for theft not for the phone itself but rather for the access to the owner’s cryptocurrency that the phone’s ownership makes possible. Two-step authentication is often used to control access to cryptocurrency wallets but once in possession of a phone a thief would have access to the SMS messages used for this, Captain Soanes noted, reiterating that in his view he saw this not as hacking the blockchain itself but rather hacking its appendages.
“The beauty in blockchain is its decentralised security,” said Capt Soanes, contrasting it with traditional cyber security methods that comprise “a central entity storing all your data and information”.
“It’s like having a castle on a mountaintop with a huge flag” visible to all, he said, expanding the metaphor by adding that “even with thick walls, if somebody somehow finds a small opening” this can lead to access being gained and a knock-on effect of compromised systems. “With blockchain there’s no single point of failure because it’s all decentralised and there are many nodes,” said Capt Soanes, noting that even sequential hacks are not effective because the consensus nature of the chain would require at least 51% of the nodes to be compromised simultaneously.
Another strength of the blockchain is its lack of the vulnerability inherent in the human element of cyber security, for example manipulating people into taking actions or divulging confidential information. “This is more or less eliminated” with blockchain, he added.
“In shipping we’re probably lagging,” Capt Soanes said, noting that in other sectors, such as financial services, blockchain has found a lot of acceptance, with Nasdaq looking into its potential applications for settling financial trades. “I think we’ll find that blockchain and cyptocurrencies are here to stay,” he added.
Responding to an audience question about whether blockchain has a capacity limit, Captain Soanes said “the limit comes in terms of speed – how many data computations it can do per second.” Bitcoin is currently capable of a hundred data computations per second, he added, noting that other cryptocurrencies have a much faster transaction speed. He pointed out the technology is still relatively young, adding “there is a limit and that is one of the things that has to be resolved moving forward.”
Another audience member raised concerns about whether blockchain technology could prove its viability in commercial scenarios involving identity authentication or the protection of financial or private data. Capt Soanes responded that while the aspects of the blockchain that have been compromised have related to authentication for access, this is an issue with any other technology that requires both accessibility and authentication for access. However where the blockchain is unique is that privacy of data contained in blocks is assured through cryptography, which other technologies cannot guarantee. He noted that to state the blockchain cannot be hacked would be untrue, as security mechanisms will always be breached and require further measures to be developed. “There will be some incidents over time but I don’t think the technology will fail because of that,” said Capt Soanes, adding that he anticipates further security measures being developed.
In response to a question about what levels of investment might be required to stay ahead of threat actors when using the block chain, Cap Soanes said “when you build a blockchain application you don’t need to construct the whole blockchain yourself – you build the application on an existing blockchain.” He gave the example of the Ethereum network, which is open-source and contains some 25,000 nodes. While there’s no getting around the cost of building an application, Capt Soanes said this is not “overly expensive” and ownership of the nodes in the blockchain is not required. “You have to pay a transaction fee, of course, but you’d be incurring that in any situation, so the resources required may not be as large as one might think,” he concluded.
Captain Herbert Soanes
Captain Herbert Soanes is chief commercial officer of Anchoredge Inc and has wide-ranging experience in executive management and value creation in global shipping and offshore. He started his career at sea and captained a VLCC for Wilhelmsen, the youngest person in that company to do so. He holds three masters’ degrees, in executive leadership development, corporate finance and maritime management, from Stanford University, the University of Oregon and Maine Maritime Academy, respectively.