Hybrid Blockchain & The Immutable Product Journey

Initial Draft: 08/16/2017
Revisions: 03/09/2018, 12/12/2018
Latest Revision: 02/16/2019

1. A Quick Technology Background

Blockchain is a distributed database that is write-only. No update is allowed. It holds a continuously growing list of records that are ordered by time and organized into arbitrary groups, called blocks. Each block has a link to the previous block. The link value often is a hash of the previous block, signifies the integrity of its predecessors. The records contained within each block are usually transactions between parties, but it can be any piece of information that we want to protect. It’s guaranteed that what is written, once, won’t be tampered with

There are two main attributes that make blockchain truly decentralized and usable for financial transactions or for contracts between two or more parties:

1. Each block is sealed by “proof-of-work” called key. These keys are very special. It requires massively intensive computation to come up with one — hence the name. In fact, with all the mining going on in the world of bitcoin, only one key comes up every roughly 10 minutes. Whoever comes up with the next key first can seal all the open records into a block (and get some commision for doing so). Then the new block starts.

2. Consensus by the majority of record holders, called nodes, decides the outcome of any conflict. The chain that agrees with majority wins. In a truly distributed world, there could be delays that give rise to multiple racing chains (fork out), the longest (that with the most proof of work) fork out wins.

What this means is that if someone wants to alter the historical data, they have to:

1. Go back into the old block, make that change

2. Come up with all the keys to reseal that block and ALL subsequent blocks to support the “new” integrity. If you only change that block, the hash        contained in the subsequent block will not match. You also could drop the subsequent blocks, but that won’t work because other hosts will always pick the longest validated chain. Thus you need to do one more thing

3. Get the majority of nodes to agree with this new chain

Proof-of-work allows data (usually ledgers and contracts) to be openly shared, and yet secured against tampering. Cryptocurrencies are successful examples of blockchain. They are maintained by a set of public computers — some are serving the ultruristic goal, others are incentivized by earning commissions for mining key to seal the blocks.

2. The Problem with Proof-of-Work (PoW)

Proof-of-work requires lots of hardware computing resources to perform key mining. The good participants together have to be the majority, otherwise, the blockchain is vulnerable and is prone to be taken over by someones or groups with more powerful computing resources.

“Proof-of-work” cannot be simple. Its difficulty level is adjusted depending on the number of mining nodes. It is designed so that blocks are slowly added to the blockchain. Without the super heavy (and slow) proof-of-work, the public blockchain is not secured.

If however, you make the blockchain private between a limited number of trusted parties then you may let go the “proof-of-work”. You could use “majority-vote” or other algorithms to resolve any conflicts.

3. Hybrid Blockchain Introduction

We are introducing a Hybrid Blockchain Technology (HBT) as a set of API Services and Database plugins. Private parties can employ HBT to host their immutable record chains. It is efficient and hack-proof.

HBT manages the private blocks using “weighted-voting” algorithms. Every so often it sends its checksum into the public blockchain to mark the blocks immutable with the public “Proof-of-work” from miners (such as that of Bitcoins or Ethereum).

Validator modules can be set up to check the integrity of data every so often. It’s configurable, cost-effective, super scalable, and fast!

As of September 2018, the bitcoin public blockchain size has already reached 185 GB. Every replica on the participant network holds a complete copy of this data. Blocks are formed every 10 minutes. It is simply big, inefficient, and slow! All public blockchains, by design, will face this same issue.

Not every single activity among the private parties need to be made public to uphold the trust among them. HBT system can be used to hold private contracts, thus they are secured, fast, and scalable. The blocks’ signatures are sealed by public blockchain so their integrity is guaranteed.

Hybrid Blockchain adds the level of trust that only public blockchain possesses to your existing systems without requiring the entire system redesign. It minimizes the typically-forbidden data migration cost and the massive disruptions to business’s day to day operations.

4. Hybrid Blockchain Advantages

4.1 Speed and Immutability

  1. No proof of work is required for private blocks
  2. Periodically blocks’ hash would be sealed by public blockchains.
  3. It’s scalable, fast, and immutable.

4.2 Distributed and Secure

  1. You can create any number of Nodes as publisher or subscriber or both.
  2. Nodes can be configured to be randomly distributed on AWS, Google or Azure or any Datacenter, with individual private algorithms and keys to uniquely protect the blocks data. Hackers will have to hack all the nodes to be able to mutate any block which is not yet hashed to the public blockchain.
  3. Those whose hashes are already published to public blockchains are immutable and as hack proof as public blockchain with proof-of-work (such as Bitcoins or Ethereum).
  4. Consensus algorithm (such as weighted-voting right) are configured for resolving any conflict very efficiently. This is similar to quorum on BigTable or other NoSQL technology in the eventual-consistency paradigm

4.3 Simple and Non-disruptive System Integration

Hybrid blockchain strategy adds public backed immutability to your existing system’s record keeping. It’s an add-on model that allows gradual integration into any existing system. It starts with adding basic integrity checkpoints to your data which provides public proof that your private data is secured and hasn’t been tampered with. The hybrid layer can over time act as the monitoring system, conducting periodic & automated audits. Result of audits can also be sealed by public blockchain.

NeuroTags hybrid blockchain system would employ a set of simple and standardized programming & design principles and practices. It features the following:

  1. API Services
  2. DB Plugins
  3. Configurable Auto Validator Module

That’s all you need to make it happen.

5. Trusted Product Journey

Products’ track & trace is a mandate by many governments. It is also important for a business to know the flow of their products and components. For high-end products, Blockchain can add public-backed trust to this data so that peer businesses or end consumers have the warranty that their product is genuine and has gone through the proper checks and certification, on a legit distribution network. It can be done via HBT.

5.1 Constraints of a public blockchain

Tracking the journeys of billions of products using public blockchain is just not going to happen. It’s simply not practical and not even possible!

5.1.1 From the data size perspective

We’re talking about terabytes (TB) of data or even petabytes (PB) for large brands. Public blockchain is already struggling at 196GB. The public blockchain is trustable because each participant has a complete copy of the data. There are at least 100,000 bitcoin miners out there. They’re not going to be able to replicate your TeraBytes every so often.

5.1.2 From the speed perspective

Products in the distribution network and retailers constantly move. There are millions of moves every minute. Public blockchain can’t handle these many ledgers! For example, bitcoins can only handle around 3-7 transaction per second.

5.1.3 From the cost perspective

Miners work for coin but in the long run, it’s the commission earned on a transaction that keeps them going. End of the day we need their hard earning computing power to seal the trust among unrelated parties. No-one can afford to pay the commission for billions of transactions a day.

5.1.4 The impossibility X 1000

Whatever we plan to do with public blockchain, there are at least a thousand others (if not millions) are trying to do similarly. Everyone wants to write to public blockchain. Uber trust is a scarcity and comes with high price. The price of trust is proportional to the price of the bitcoin. The more people using it, the scarce the resource, the higher the price!

5.2 Achieving Immutability

Your private data now is trustable if it matches the checksum that you published early on the public blockchain. That is the proof that the data hasn’t been tampered with. Therefore publishing the checksum is sufficient. The bigger the checksum the more it is trusted. A 128 or 256-byte checksum is already very trustworthy.

Immutability = Trust
“It is what we said it is, sealed by public trust!”

Hybrid Blockchain Technology(HBT) solves this very problem! As products or components move, assembled or repackaged, we can track them using your existing database or NeuroTags’ track and trace cloud backend. Every so often we’ll calculate the checksum and back up the data into private immutable storage. The checksum then sent to the public blockchain. Later if you or your peer parties want to validate your data, just check it against the checksum. It is that simple.

5.3 Achieving Scale

HBT is one of a very few ways to achieve peer trust in any large scale highly active data system. Your database or NeuroTags’ cloud backend can operate normally at its hyper speed without any constraints. Computing checksum can be done continuously in parallel or every so often on the side. It’s a standard and linear algorithm which is fast. If necessary, we can compute multiple checksums for different data segments in parallel then compute another checksum on top. This distributed model isn’t limited at 2 layers. You can create any chain-of-trust and it will be trustable as long as each checksum is 128-characters long and the root checksum is backed by public blockchain. It’s very similar to how DNS works.

5.3 Easily Configurable

Besides being fast and effective, HBT is also totally configurable depending on your need and budget. You can configure how often you want to publish to the public blockchain, and how big the checksum is.

6. Conclusion

There is no magic in the blockchain. We need to know the costs and benefits. Blockchain is a great technology if we use it effectively. Hybrid Blockchain Technology is a simple, yet a powerful portal to export the trust of private data systems to the world.

Products’ track & trace is a mandate by many governments. It is also important for a business to know the flow of their products and components. For high-end products, Blockchain can add public-backed trust to this data so that peer businesses or end consumers have the warranty that their product is genuine and has gone through the proper checks and certification, on a legit distribution network. It can be done via HBT.

If you have more questions or want to understand more about the blockchain technology you may contact our blockchain experts, first 30 minutes of consultation would be on NeuroTags.

How counterfeiting can be solved with the AI monitored serialization technology

Initial Draft: 08/16/2017
Revisions: 03/09/2018, 12/12/2018
Latest Revision: 02/16/2019

Counterfeiting is a big problem

around $1.6 trillion as of today (Dec, 2018). There are a handful of partial solutions available, but none is really solving the core problem.

The solution to address the largest segment of merchandise counterfeited (ranging from $20 to $1000) need to be foolproof, and cost effective. The typical solutions offered today are holograms, rfid based tags, random 2D graph, scratchable QR codes, and Digital number based SMS system.

We found that every partial solution offered today to address counterfeiting can be counterfeited, meaning the tags or the scheme they employ can be copied and replicated easily. Below are our findings and rough estimate on how much it costs a counterfeiter to replicate and fool the solution provided.

Let’s explore each solution one by one:

Holograms Tags/Labels/Stickers

All it takes to copy the hologram is, give one of the original to any hologram printer company and it will give you exact copies of it. It will even cost less to the Counterfeiters to get the exact Tags/Labels/Stickers from any hologram printing lab near them. Usually, the price ranges from less than 1¢ to 10¢ depending on the quantity, complexity, colors, layers, materials, and size involved.

Random 2D Graph stickers/labels

Some companies claim they generate or print certain shape or graphs on the label whose photo can be taken and sent to the cloud servers to authenticate. Unfortunately, they are still the same, no matter what the company claims about running a Machine Learning or AI to scan the image on the cloud. The truth is anyone who can take photos of the sticker and print them on a paper would pass the counterfeit-check. As long as the server gets the same scanned photo, regardless of the source (genuine sticker or copied sticker), it will pass the check.

RFID/NFC Tags/Labels

RFID and NFC are no different than holograms when it comes to copying them. It is even easier, all you need is the RFID/NFC code set in one of the original item and set the same code in cloned RFID/NFC labels/tags, and you will be ready to pass the counterfeit check! Usual cost varies from few cents to a dollar based on type of RFID (active/passive) or NFC tags.

Unique Random Code per Product (QR or Barcode or number or text)

Companies, who provide the unique code per product, make more sense. There are two type of Codes usually provided:

A. Open (visible to everyone even before purchasing the product)

If the codes are open (not protected by some scratchable layer), then it is of not much use, anyone can copy them and pass the counterfeit check, no matter what company claims about the crypto tech, block-chain or advanced technology they use in the backend (although with the help of geo-location tech and AI, red flags can be raised for some cases).

Truth is, if you have the same code as the original, which you can see without buying the product, then you can copy it, put it on counterfeited product and pass the counterfeit-check.

Also, in the market, many say putting the supply-chain data on block-chain prevents counterfeiting – it is definitely not-true. Printing the code on the item means you are making the key to access the data on block-chain public, now any one can copy and replicate this code and pass the check. Block-chains are meant for totally different purpose and have different use-cases, and preventing the counterfeit of general goods is not really one of them.

Please note – by block-chain, we mean the block-chain in terms of technology, we have encountered many non-technology and business development people who confuse block-chain technology to something totally different depending on the context. To learn what really is a block-chain and how it can be made fast and cost effective, to be utilized for business-cases, you can check our whitepaper fast private blockchain

B. Hidden or protected code

These are the physically protected QR or Barcode or Alphanumeric codes and you must buy the item before you can see the code, for example, scratchable card, and then verify with the backend server.

This does protect the item and if the backend technology is implemented properly, i.e. non-guessable codes are generated, then this will prevent the counterfeit.
But problem is, user has no idea before buying the item if it will be genuine or not, not only this company who has not implemented the backend properly may pass some items which may be fake, or may pass already scratched code again and again.

Secondly, if their DB is hacked then it will be very simple for the hackers to sell the codes to Counterfeiters.
The development and more importantly maintenance and security of such system is not simple and usually costs good maintenance cost. And the authenticating servers will have to be always online.

Introduction of SOLVE

Finally to provide better anti-counterfeit protection, we designed and implemented SOLVE.

We kept mainly 3 things in mind:

1. Foolproof but semi open (user must be able to check authenticity with decent probability before buying)

2. Secure (System must provide a backend security to the codes and the way they are accessed)

3. Simple to use for the end users and cost effective for the businesses

Foolproof and semi open

This is the most difficult part to design. After careful thoughts, we have introduced two tags which go together, one open (pre-purchase) tag and one protected (post-purchase) tag and each of them is unique for each product.

User can scan the pre-purchase tag before buying and get a good estimation of genuineness of the product and check any RED flags. And scanning the post-purchase tag (which is accessible only after purchase of the item) provides complete genuineness information.

There are two protection we have given to pre-purchase tag:

* This tag is tightly algorithmically coupled to the post-purchase tag. So if someone buys the product and scratches and scans the post-purchase tag, the pre-purchase tag’s status is also updated in our system. And any further scans of the pre-purchase tag fails the counterfeit-check.
If counterfeiter copies the pre-purchase tag and replicates it, the first scan of the post-purchase tag will invalidate all the products with corresponding pre-purchase tag

* Machine learning based anomaly detection system is always monitoring the scan activity of the tags. If the pre-purchase tag starts to randomly appear from the geographic locations where it should not be or if the patterns of scanning has any anomaly pattern our algorithms raise the RED flags. Which would mean all the products of the copied tag would be invalidated, a counterfeiter has to put new copied tags on products in retail stores, which would again be caught by our system within few scans.

Protection to post-purchase tag:

* Physical protection is provided to each tag, i.e they can only be scratched or opened once after purchase. Once they are scanned their status gets updated on our system and they can not be used again for authenticity check by any other device.

* They are algorithmically coupled with the pre-purchase tags. So any anomaly pattern on the pre-purchase tags will lead to RED flagging of the post-purchase tags too.

* Machine learning based anomaly detection system keeps monitoring the scan activity of the post-purchase tags and the pre-purchase tags. And immediately raises the RED flags for any abnormal or anomalous pattern.

Security

Security of the auth system and tags are the most important criteria in designing the system.

Having the team with experienced ethical hacker, experience fighting hackers in gaming companies in past (Gala Net) and designing the secure systems for finance companies (Paypal) has helped not to overlook any potential cases where security can be a problem.

We can not expose more here, but our tags info is one way “scrypt” and private key secured so even if someone gets the DB of tags he or she can not get the tags code.

Simple to use for the end users and cost effective for the businesses

We have made sure the SOLVE can be scanned without need of any app download. This removes any friction from user’s side.

User can manage the purchases, warranty of the products and access to customer support with just a single scan.
Codes can be scanned by any scanner app, for iOS and new Android phones native camera works, also scanner of the popular apps, such as, WeChat, can be used.

The technology is cost effective, on the cloud and efficient to use so that it can be used by any company of any scale, without worrying about the cost. In most of the cases, the overall cost of our technology is usually lower than putting a hologram.

Pre-Purchase

A single scan to check authenticity

Post-Purchase

A single scan to collect loyalty or participate in gaming

Overall Value Summary

A technology is useless if it can not be effectively put into use for mass adoption. While designing the SOLVE technology we have made sure it has short and long term business benefits.

The money saved by preventing counterfeits will always be many times more than the cost to use SOLVE.

The valuable insight of consumer behavior data collected with SOLVE will help improve the Business Intelligence.

Warranty and support modules can help up-sell the extended warranty protection and consumable parts of the products.

Bundling the loyalty programs with SOLVE would further increase the repeat sales.