One of the key aspects of Blockchain / Distributed Ledger (DL) Technology is the ability to merge public key authentication of information with a resilient, distributed database. In this piece, which outlines an application Eris is building, I talk about this idea in greater detail using publicly available data from the Legal Entity Identifier (LEI) initiative.There is no shortage of news, blog posts, and whitepapers foreshadowing the disruption of entire industries by blockchains and describing a myriad of potential use cases that will run more efficiently on a decentralized architecture. What is striking is that almost all prominently discussed topics focus on processes and scenarios with a fair amount of complexity and/or attempt to replace very established procedures. At first, this seems logical since the potential for efficiency gains usually increases with the complexity of the use case, but it seems we're rushing too far ahead and have forgotten about one fundamental formula that has always proven helpful when venturing into new territory:Start small, learn what works and what doesn't, and build up from thereWe at Eris Industries are very much about "less talking, more doing" as subscribers to our blogs and Twitter account can surely attest. So, in this article I would like to hone in on a 'real world' use case that exemplifies what can be done with blockchains today. It is very understandable that people may feel they should wait and gain more experience and confidence with this fairly new technology before investing much effort into it. Even when investments (usually in the form of POCs or in-house / consortia experimentation) are made, many might hesitate to build and deploy real solutions on shared ledgers until potentially a 'winner' emerges, be that a blockchain design or a common industry platform. However, I would like to show here that the technological components are mature enough, especially in Open Source, to extract value and start building now."Transformational ROI from blockchain for corporates will take a good number of years. Smaller bits of ROI can be achieved tomorrow if you have the right buy in and strategy and partners." Simon Taylor, Nov. 2015When carefully selecting use cases, opportunity opens up to implement something beyond POCs that contributes to the learning experience at the same time."Blockchains are a new type of hammer that can hit new nails. We don't fully understand what the new nails look like yet, so let's keep hitting old nails until we understand the new hammer. So it makes sense to apply this technology to well understood problems, even if they can be solved using existing technology." Antony Lewis, April 2016Blockchains by design come with a set of features that is desirable in most (enterprise) applications, even if it's merely to reduce operational expenses for hosting, failover, or disaster recovery. The availability of blockchain platforms and toolkits further reduces costs of building custom solutions.So, shall we dive into a discovery and selection process of what we should build?First, in order to increase the chances of arriving at a level of production-readiness let's avoid any of the big unresolved challenges of blockchains/DLT, namely:High Transaction VolumeConfidential TransactionsEnd-User IdentitySecond, the number of participants profiting from a blockchain solution should be as high as possible, after all it's a shared ledger. As detailed by Gideon Greenspan in articles from October and November of last year, blockchain technology as a shared writable data store has private as well as public utility, but the public domain should be considered as a category that trumps most other checkpoints.Third, to be mindful of the start small, build up mantra it should be our goal to identify a simple use case upon which more complex scenarios can be built. This means we're looking for low complexity in the business processes at a network level, i.e. a small number of interactions between disparate entities in a low-trust environment, yet delivering value through the shared content. Two pillars underpinning many higher level business processes are Master Data Management and Reference Data Management.Without further ado ... meet the candidate to be 'ledgerized'.The Legal Entity Identifier (LEI)"LEI data is freely available, easy to access, without restrictions on redistribution or licensing. [...] Future phases will require a new 'utility strength' global infrastructure, which will have similar robustness, reliability, and business continuity capabilities as other financial market infrastructures, such as securities settlement systems and trade repositories." From the original 2012 scope planThe LEI initiative emerged out of a request by the G20 to the FSB in 2011 to establish a globally unique identifier for legal entities, primarily to increase transparency of their involvement in global financial transactions (something that could've doubtlessly been of value when sifting through the mess of a global meltdown of the financial system, but let's not get into that ...). The LEI system as it exists today operates in three tiers:The Legal Entity Identifier Regulatory Oversight Committee (LEI ROC), comprised of more than 50 regulatory institutions worldwide and a variety of public sector stakeholders, monitors the system.The Global Legal Entity Identifier Foundation (GLEIF) is in charge of governance.Local Operating Units (LOUs) are accredited agencies that function as the beachhead in local jurisdictions / countries to render services around the LEI, e.g. issuing LEIs to local businesses.Briefly a few facts about the LEI system:It is an LOU's primary responsibility to certify that the information about a company (legal name, registered address, headquarters address, entity status, etc.) is valid and current. To do so it sometimes relies on services of third-party companies like Avox (a subsidiary of DTCC).The GMEI Utility operated by the DTCC in collaboration with SWIFT is by far the largest such LOU in terms of issued LEIs (see diagram below).An LEI record possesses a lifecycle that goes through different state changes (active|not_active, current|not_current, etc.) and also expires if not renewed. This lifecycle is supported by a simple business process / workflow.LOUs, third-party verifiers, and legal entities themselves participate in this workflow. For example, a company can register, update, or dispute their own data (which still requires verification or approval by the LOU) or request the LOU to do so on their behalf.The LEI format is based on ISO Standard 17442 and follows Financial Stability Board (FSB) specifications. The LEI consists of a 20-digit alphanumeric code.Source: https://www.gleif.org/en/lei-data/global-lei-index/lei-statistics, 28-Mar-2016Each of the certified issuance agencies (LOUs) in the above list owns, runs, and maintains its own infrastructure (servers, web application, and centralized database) to offer LEI issuance and search capabilities. The delta of changes at an individual local agency is uploaded and consolidated into the global "golden copy" that is managed by the GLEIF as depicted in the following diagram.The cost of running and maintaining the LEI infrastructure is probably not very high compared to solutions with higher transactional volume. The individual LOUs cover parts of their costs by charging fees for registration and other maintenance transactions. As of this writing the combined fees for registering a new LEI are approximately $220 dollars.The LEI system went live in 2014, the same year blockchain as a general concept separated from Bitcoin and entered the spotlight. It is an intriguing thought experiment - now that the capabilities of blockchains are more widely discussed - what this system would look like had it been implemented on a distributed, participatory architecture.So, let's look at this scenario in more detail and examine the stages of implementing the LEI system as a global shared ledger.The LEI Global LedgerSince its early days, Eris Industries has been advocating the utility of a blockchain as a data management tool with unique properties: It stores both its state & transition logic (simply put, it houses the data records including the rules that govern them, i.e. authority to access and change as well as the legality of changes). Furthermore, a blockchain distinguishes itself from previously known distributed database approaches by not having a central owner or administrator.A blockchain therefore allows us to store and share a single version of the 'truth' about the state of all LEI data as well as encode and enforce the validity of changes to this data via smart contract logic. All while the infrastructure is jointly operated by its network participants. Permissioned blockchains and ownershipAt this point it is important to take a detour and explain why this particular use case requires what is known as a permissioned blockchain which necessarily introduces a level of control and ownership.Control is expressed in the permissioning layer which authorizes peers to connect to the network in different roles. For example, the group of peers responsible for validating transactions and coming to consensus on the global state of the system should be configurable as a white list of known actors. The same applies to the peers specifically allowed to commit changes to the ledger; every node on the network with 'write access' to the ledger needs to be identifiable and associated with a known participant, for example, a local issuing agency (LOU). However, due to the public nature of the data, read access should not be restricted at all and anyone should be allowed to connect a 'read-only' peer. This approach of permissioned 'write' and public 'read' is sometimes also referred to as hybrid blockchain.Ownership needs to be established in the form of a trusted entity to: a) guarantee the availability of the net
