The state of enterprise blockchain today resembles something of a technical primordial soup, with various standards just beginning to emerge in its nascent ecosystem. Microsoft is now doing its part to speed evolution in this new terrain by introducing the Coco Framework, an open-source project based on Ethereum that is designed to bring essential enterprise features to blockchain networks.

Not Just for Cryptocurrencies Anymore

In case a quick refresher is in order, blockchain is the technology underpinning cryptocurrencies such as Bitcoin and some other new applications. At its most basic, a blockchain is a distributed ledger, or a decentralized database of transactions that is replicated among many computers or nodes. Each node in a blockchain typically contains a full copy of that ledger (called a “block”), and each entry of the ledger contains a hash pointer that ties it cryptographically to all previous entries (hence the “chain”).

The distributed nature of the ledger, coupled with encryption and the chains of mathematical hashes, makes blockchains especially resistant to malicious tampering. What results from this clever ledger design is a new type of recordkeeping that doesn’t rely on any third-party middlemen and that is more secure than any of the current alternatives.

The first implementation of blockchain technology was seen in cryptocurrencies, and these remain the most visible blockchain applications today. However, other platforms, such as Ethereum and Hyperledger Fabric, allow “smart contracts” to be built into blockchains in a way that can serve as a platform for distributed applications that, many believe, will greatly benefit businesses in the future. (See our earlier blog post for a lengthier introduction to blockchain, Ethereum, and its potential in the enterprise.)

The Promise of Blockchain Applications

The potential advantage that many foresee with blockchain-based applications is the ability to perform robust authentication and secure transactions across trust boundaries, all without any need for intermediaries such as banks, brokers, or retailers. By using blockchain technology, individuals and organizations in the future are likely to be able to exchange and track assets with each other and to collaborate on shared processes in ways that are currently hard to predict. Though it’s still in its infancy, blockchain today looks like it has the potential to eventually disrupt a broad array of business sectors and processes in the modern economy, including in the supply chain, capital markets, manufacturing, healthcare, and the digital marketplace. (For a good review of the potential future applications of blockchain technology, I recommend this article.)

Problems with Enterprise Blockchain

These prognostications shouldn’t be taken to suggest that there’s little but a smoothly paved highway between here and the blockchain economy of the future, however. Blockchain, in its current form, has a few serious limitations that must be overcome for it to host applications in any high-volume production environment, especially in an enterprise setting.

Chief among these limitations is the inherent difficulty of scaling blockchains. Performance in Bitcoin and Ethereum, for example, is now limited to fewer than 10 transactions per second. Compare that to the 24,000 transactions per second that is possible through large-scale financial institutions such as Visa. The scaling problem with blockchain is well known, and many new competing proposals are now appearing, such as Raiden and Plasma, that attempt to resolve this issue for both public and private implementations of blockchain technology. (For a comprehensive look at blockchain scaling issues and proposed solutions, I recommend this article.)

However, for blockchain to be production-ready, it has to improve upon more than its limited scalability. Specifically, blockchain also has to overcome problems of confidentiality and governance.

  • Confidentiality: In current implementations, blockchains can’t support private transactions or confidential contracts. Any enterprise member of a consortium that has a node is able to see the full contents of the blockchain.
  • Governance: Governance of blockchains isn’t built into current implementations through enforceable policies. Enterprise networks require the capacity more centralized administration.

All of these drawbacks are non-starters for most large organizations when it comes to deploying blockchain applications in a production capacity.

Introducing the Coco Framework

To address these fundamental problems with using blockchain technologies in the enterprise, Microsoft has announced that it is developing the Coco Framework in cooperation with Intel, JPMorgan Chase, and Ethereum. Coco is short for “confidential consortium,” and the framework is built to work with any available distributed ledger protocol, not just Ethereum (on which the Coco Framework itself is based). Currently, the Coco Framework supports blockchain platforms based on Ethereum, Quorum, Corda, and Hyperledger Sawtooth. Other blockchain types that can also store application code will be supported as they become available.

According to the Microsoft website, the Coco Framework addresses blockchain performance issues in a way that allows its throughput and latency to approach database speeds. To address confidentiality, it promises to provide “richer, more flexible, business-specific confidentiality models.” To improve blockchain governance, it will enable network policy management in a distributed way.

A GitHub repository for the Coco Framework is already available, but Microsoft plans to wait until 2018 to release the source code.

Confidentiality Built on Intel SGX

One of the most interesting aspects of the Coco Framework is that it enforces blockchain confidentiality through a required trusted execution environment (TEE) on the local physical server or through a virtual machine. A TEE is an area in memory that remains hidden and inaccessible from both the operating system and all local administrators. For physical hardware, this TEE is provided through Intel Software Guard Extensions (Intel SGX). (For more information about Intel SGX, read our introductory series of blog posts on the topic here, here, and here.) For virtual machines (such as virtual servers hosted in a cloud), the TEE is provided through Windows Virtual Secure Mode (VSM). (For more information about VSM, I suggest this article.)

The Coco Framework can be used to bring enterprise features to blockchains on-premises in the data center, in the cloud through public-cloud providers such as Amazon Web Services (AWS) and Microsoft Azure, and finally in hybrid clouds that span the data center and the cloud. Microsoft says it is also currently building new blockchain-based business applications to run on top of this new Coco Framework.

The figure below shows how TEE serves as the secure foundation for the Coco Framework. Any blockchain can be implemented on top of the Coco Framework, and distributed apps (DApps) can be built on any of these blockchains.

Stay Tuned for More

The rapid-fire developments now happening in the complex world of blockchain might not be easy to follow, but they are nonetheless consequential. In fact, it’s probably not an exaggeration to say that how the winners and losers of all the competing blockchain technologies shake out in the end will shape the future of business transactions.

Here at Prowess, it’s our job to stay ahead of all the latest developments affecting enterprise technology and to then use that expertise to help our clients, regardless of whether their needs are more deeply technical or marketing-oriented in nature. Clients know that when they work with us, they have a partner with both the creative skills needed to simplify messaging about complex, cutting-edge topics and the technical knowledge that enables us to meet our clients’ needs without sacrificing accuracy.

To keep up with more news about enterprise blockchain and other emerging trends in enterprise technology, follow Prowess on our blog, Twitter, and LinkedIn.

Share this:

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail