Background: Blockchain is a type of Distributed Ledger Technology (DLT). The term Blockchain is often used to refer to both DLT and Smart Contracts.
The open-source release of its custom distributed ledger technology (DLT), R3 Corda, became a part of the Linux Foundation-led Hyperledger blockchain project’s collection of enterprise technologies.
Permissionless Ledgers (Public Blockchains) vs. Permissioned Ledgers (Private Blockchains)
Permissioned Ledgers: Sometimes called private blockchains, allow for distributed identical copies of a ledger, but only to a limited amount of trusted participants only. As the network may have an owner(s), this methodology is better suited for applications requiring simplicty, speed, and greater transparency.
Permissionless Ledgers:Also called unpermissioned ledgers, allow anyone to contribute data to the ledger with all participants possessing an identical copy of the ledger. Since there is no single owner of the ledger, this methodology is more suitable for censorship resistant applications (e.g. Bitcoin).
The future of mainstream blockchain technology will likely not result in one blockchain to rule them all. There will likely be many implementations of distributed ledger technology and it is to everyones benefit that they all be interoperable with eachother. The result of this is emerging open source, neutral protocols and standards for various implementations. - See more at: http://www.blockchaintechnologies.com/blockchain-definition#sthash.Cl2NovrV.dpuf The most well known blockchain consortiums and collaborative projects are included below:
HYPERLEDGER PROJECT - LINUX
Post-Trade Distributed Ledger Group
Hyperledger (or the Hyperledger project) is an open sourceblockchain platform, started in December 2015 by the Linux Foundation, to support blockchain-based distributed ledgers.
Smart Contract Definition: Smart contract is a term used to describe computer program code that is capable of facilitating, executing, and enforcing the negotiation or performance of an agreement (i.e. contract) using blockchain technology. The entire process is automated can act as a complement, or substitute, for legal contracts, where the terms of the smart contract are recorded in a computer language as a set of instructions.
Smart contracts (also called self-executing contracts, blockchain contracts, or digital contracts) are simply computer programs that act as agreements where the terms of the agreement can be preprogrammed with the ability to self-execute and self-enforce itself.
Contrary to common belief, the Bitcoin blockchain is not the only distributed ledger, in fact, many other users of Distributed Ledger Technology use different methodologies to achieve the same consensus (e.g. Ripple, MultiChain, HyperLedger Project).
The bitcoin blockchain, which uses ‘Proof-of-Work Mining’, is the most publicly proven method used to achieve distributed consensus. However, other forms of distributed ledger consensus exist such as Ethereum, Ripple, Hyperledger, MultiChain, Eris, and other private enterprise solutions - See more at: http://www.blockchaintechnologies.com/blockchain-definition#sthash.Cl2NovrV.dpuf
Blockchain is typically used in Financial Services (for example for shared ledgers and smart contracts - Ethereum is a practical example of how this is being used) to exchange legal contracts such as Derivatives and over-the-counter trades.
A smart contract can be broken down into two separate components:
Smart Contract Code - The code that is stored, verified and executed on a blockchain.
Smart Legal Contracts - The use of the smart contract code that can be used as a complement, or substitute, for legal contracts.
How a smart contract would work on a distributed ledger:
Coding (What goes into a Smart Contract): Because smart contracts work like computer programs, it is very important that they do exactly what the parties want them to do. The code behaves in predefined ways and doesn’t have the linguistic nuances of human languages, thus, it has now automated the “if this happens then do that” part of traditional contracts.
Execution (How it is processed): The code is then encrypted and sent out to other computers via a distributed network of ledgers (i.e. Distributed Ledgers). If this is done via public permissionless blockchain such as bitcoinr. This can also be done in a permissioned or hybrid distributed ledger platform such as the R3 Distributed Ledger.
Distributed Ledgers (How the smart contract is sent out): One the computers in this network of distributed ledgers receive the code, they each come to an individual agreement on the results of the code execution (. The network would then update the distributed ledgers to record the execution of the contract, and then monitor for compliance with the terms of the smart contract. In this type of system, single party manipulation is overted because control over the execution of the smart contract is no longer possible because execution is no longer in the hands of a single party.
Barclays has tested a way to trade derivatives using so-called "smart contracts" . The International Swaps and Derivatives Association (ISDA) creating the standards across the financial world for derivative trading. For the trial, Barclays used a blockchain called Corda. It was developed by R3 – a consortium of the world's biggest bank. It marks the first time that the Corda blockchain has been used in a public trial. ISDA could be the issuer of the smart contract.
Some people say Ethereum is too logic-heavy and hard to use. Ethereum Virtual Machine. So you can write more powerful programs than on top of Bitcoin. It refers to the blockchain, what executes smart contracts, everything.
Blockchain Audit Tests:
Ethereum processes 20 transactions per second . Therefore ensure the implications of system latency have been considered.
It essential that a legal review has been performed to assess the contract templates being used in the blockchain system.
Security of the private key for each account - the private key allows the content of the transaction to be updated after it's been posted to the chain.
Is the infrastructure scalable to meet future demands and peak.
Check for the presence of back doors.
Determine if the information being processed through the Blockchain is subject to regulations and whether the systems meets those regulations.
The method of authentication to allow users onto the block chain are valid.
Determine if the Distributed Ledger design using Blockchain is an 'Unpermissioned ledgers' or a 'Permissioned ledgers'
Other IT General Computer controls apply as they would any other system, for example software development controls, pen testing, resilience, DDOS protection etc.
In an ‘unpermissioned’ distributed ledger system like Bitcoin, verifiers (known as miners) are chosen by lottery. The system seeks to assure their integrity through a system of economic incentives, in a process governed by the software. In a ‘permissioned’ distributed ledger system, verifiers are appointed by the system’s proprietor, and their integrity is assured through conventional means, such as a legal contract. It is important that verifiers are fully assured when used for regulatory related tasks.
Systems should be designed to allow the system to be taken offline if a serious network attack is suspected.
For systems intended to have a long lifetime, the initial design should make it straightforward to update components during that lifetime (eg the ability to switch out nodes of the network with more modern hardware; the ability to upgrade cryptographic algorithms that can no longer be used securely).