Research project

EPSRC Glass Houses

Balancing application-specific requirements with both the benefits and limitations of distributed ledgers is the main focus of our research.

UCL PIs: Sarah Meiklejohn, George Danezis, Tomaso Aste

In recent years, the trust that society places in opaque centralised mechanisms run by government, network operators, and financial institutions has been eroding, with various events (e.g., the financial meltdown of 2007 and the hack of the DigiNotar certificate authority) illustrating that high integrity cannot be achieved merely through trust in one or a handful of parties. As a reaction to this erosion in trust, two alternative architectures have emerged: users have either flocked to systems that have no central point of trust; or they have increased pressure on central entities to provide more openness and visibility. In both of these settings, the main technique that has emerged to provide these properties is a distributed ledger; i.e., a list of events that have occurred within a given system that is created and stored by a distributed or even decentralised set of parties. Storing such ledgers in a distributed and transparent manner allows these systems to achieve full public auditability, in which any user can check for themselves that the system is functioning correctly.

Given the potential applications of distributed ledgers, one might be tempted to use a single approach as a way to provide auditability or distribute trust. Requirements in one setting may be very different from those in another, however, so one approach cannot be indiscriminately applied. As an example, SSL certificates are public, so their issuance can be stored on a public ledger. On the other end of the spectrum, systems such as financial settlement, supply chains, and personal identity management all deal with highly sensitive data that cannot be included as-is in a globally visible ledger. Balancing these application-specific requirements with both the benefits and limitations of distributed ledgers is the main focus of our research.

To understand the requirements in each of the settings mentioned above, our research will be conducted with five user partners: the Bank of England, which is interested in using distributed ledgers for financial settlement; the Department of Work and Pensions (DWP), which is interested in the provision of benefits; the Robin Hood Fund, which is interested in allowing for the trading of entitlements to the fund; Provenance, which is interested in transparency in supply chain certification; and the Google Certificate Transparency team, which is already using distributed ledgers to log the issuance of SSL certificates.

Each of these user partners will give us insight into a different potential application of distributed ledgers, and by constructing technical solutions that meet their diverse requirements (e.g., the need for privacy or scalability), we can impact their eventual deployments of these technologies.

UCL PIs: Sarah Meiklejohn, George Danezis, Tomaso Aste