Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
22 SESSION 4 Provenance Tracking Victoria Adams, Cadwyn Bloc LLC, Moderator Presenters Mike McCoy, ConsenSys Health Vincent Annunziato, U.S. Customs and Border Protection Jim St. Clair, Dinocrates Group LLC Victoria Adams noted how important provenance tracking will be in the upcoming year, as COVID-19 vaccines become available. Rough estimates indicate that at least one billion vaccine doses will need to be distributed, most of which will have to go through the cold chain. Adams stated that blockchain could be critical in helping to understand and meet this challenge. This session included discussions on blockchain applications for provenance tracking, including opportunities and limitations in the public and private sectors, including the federal government. Mike McCoy stated that most blockchain applications are in the pilot phase. There has been a successful pilot in coordination with IBM, Walmart, and others to identify a model for successfully sending pharmaceuticals across the supply chain and across borders with an audit trail. McCoy noted that blockchain is often a last resort solution when all else fails or when unfamiliar parties need to work together. At the moment, relevant pilots have 50 to 100 users and involve private, permissioned blockchains. The goal is to be able to use IoT devices to track information. Vincent Annunziato noted the importance of interoperability, which should not be confused with open source. Interoperability is the ability of software to communicate seamlessly. Annunziato stated that geographical issues have typically been a barrier. Right now, U.S. Customs and Border Protection (CBP) is working with the Science and Technology Directorate of the U.S. Department of Homeland Security on standards for blockchain. Because of proof of concepts that CBP has done related to free trade and intellectual property rights, several of these specifications have been adopted into the World Wide Web Consortium (W3C), the primary international standards organization for the World Wide Web.
23 Annunziato noted that CBP is working in three areas: DIDs, verifiable claims, and decentralized key management systems. Annunziato noted that a DID is the equivalent of a Social Security number, driverâs license, or passport number. It allows for verifying someoneâs identity, but the identity can never be stolen. Verifiable claims describe what the entity is about: they provide data about a person or organization that give the unique ID number something to look at (e.g., when the business incorporated, where it is located, who is associated with the business). Annunziato stated that this kind of verification system is a significant step forward in allowing trustless parties to work together and in enhancing automation. Annunziato stated that a decentralized management system is like a Post Office box. If a business is working with another organization that needs any information shared to be secure, it can provide something analogous to a Post Office box key that allows one organization access to the information while the other one retains control of that information. Annunziato noted that CBP was able to resolve data correlation issues as well as issues related to trading of data between multiple software platforms. This has enabled multiple blockchains in different families to communicate. Annunziato stated that blockchain is not visible from the perspective of the user interface. Users will not know when blockchain is happening on a global scale because it is all happening on the back end, though only through private permissioned parties at the moment. Jim St. Clair noted that passengers could need multiple credentials in order to board a flight, such as what airport workers have now with multiple access passes or cards. All of that could be integrated into a single digital identity that allows the information owner to control how much of his or her identity to share for each specific verification process. Adams noted that provenance and identity are essentially the same thing. An individual, business, or object coming into the supply chain must verify it is the individual/business/object that should be touching the supply chain, and identity is central to that process. Adams stated that she is involved in an effort with the Value Technology Foundation, a blockchain industry association, to bring together and embody different credentialing standards to create standards-based interoperable frameworks. These frameworks allow multiple parties to trust the credentialing, ideally through an international organization. Adams noted that there could be a single identity that allows for trust, whether passing through customs, accepting financial information, or conducting transactions.
24 McCoy stated that there are many ethical data standards to address, primarily around consent management of data. W3C and others are actively working to create data cooperatives. McCoy noted that many people became interested in blockchain because it promised true ownership of data and sovereignty. As these systems are being built, it has become more apparent that a single entity or individual owning data and having access to data is not valuable. McCoy stated that data lose their original value when copied or transferred to a spreadsheet. He noted that the ability to take the data in its original form is truly valuable, and the person who can do that is the person who created the data. Adams noted that provenance is not just an issue for physical goods. There is also the issue of provenance of data and how it flows throughout the system. Adams asked Annunziato how intergovernmental cooperation has fared. Annunziato responded that there has been a tremendous amount of outreach between the U.S. government and other governments in South America and the European Union and with Canada. This has enhanced the speed of product development and is beginning to generate clear benefits. Annunziato noted that the importance of cooperation has been accentuated by COVID-19. Annunziato stated that he worked with several large companies on a proof of concept regarding intellectual property rights. This led to breakthroughs in ensuring that all products made under licensing agreements were ordered by the license holder. This ties together all phases of the manufacturing, licensing, and consumer purchase process. St. Clair noted that, in many instances, data are moving from organization to organization, none of which communicate with each other. Blockchain offers a new, cohesive governance model. St. Clair stated that there is a working group looking at collecting different requirements (e.g., trade law) that constitute the rules and regulations for how an activity occurs. Governance is central to integrating solutions and providing a streamlined and transparent architecture for implementation. McCoy stated that he does not like the term âsmart contracts.â He noted that they are essentially a transactional script. Quality measures (e.g., with pharmaceutical products) may not be recorded as efficiently through the blockchain unless there are specific positive or negative incentive mechanisms for the people reporting. McCoy noted that these technical and philosophical issues have not yet been addressed. St. Clair noted that AI is relevant in this context. AI can provide a simple software code, with a governance model as the framework, and automate the process or augment the
25 intelligence of the deciding factors. McCoy stated that these AI algorithms are proprietary. Someone could easily reverse engineer the algorithm to find details that are compromising between airports, borders, or databases. The hope is to create a quantum-resistant cryptography (i.e., a cryptography that is secure from quantum computer attacks) as well as cryptography in general to protect algorithms without compromising the information. McCoy noted that this is one of the more important issues that needs to be addressed. Annunziato stated that he considers what CBP is doing to be beyond the proof-of-concept stage and noted that one of CBPâs applications is on a public blockchain. There are several products moving forward through the phases that precede production, including one related to tracking oil to ensure it is free trade and one tracking steel mill certificates. Annunziato stated that Walmartâs food safety blockchain work has been a foundational workflow model for CBP. CBP is also looking at blockchain applications for food safety, natural gas, and e-commerce. Adams asked Annunziato what his viewpoint was on the cost and energy to develop an automated customs environment with a blockchain background, relative to the cost savings. Annunziato responded that several years ago, when an automated customs environment was first put in place, he believed it would be the foundation on which all new processes would be built. He noted that looking back, he now believes that the costs would far outweigh the benefits. Annunziato stated that any application needs to fit with the natural flow of the supply chain, and that he anticipates adoption particularly if standards are put in place. Standards could accelerate market adoption and lower costs and could limit the need for customization. Annunziato noted that an application does not have to be purely blockchain based. Blockchain can be a layer within multiple technologies that helps to integrate them. In response to a question from Adams, McCoy stated that the trade-offs between a public platform such as Ethereum and a private chain like Hyperledger Fabric include computational costs and social implications. McCoy noted that with a platform such as Ethereum, access to information is distributed and verifiability is decentralized, so there is no single, central point of failure. St. Clair noted the issue of trying to integrate non-U.S. identity and health record systems into the flow of airport information that is coming through the larger identification system. For example, an Indian citizen has specific privacy concerns and should have the ability to
26 manage his or her consent within the Indian system. At the same time, his or her Indian national identification would be the basis for traveling elsewhere and should be equally protected elsewhere. St. Clair stated that it is still to be determined how to reach agreement on a verifiable credential that is recognized everywhere and allows the holder to travel freely but at the same time affords everyone the right to protect his or her privacy, especially given GDPR, HIPAA, and other concerns. St. Clair noted that engineering and standards development must be all-encompassing relative to what standards are considered. St. Clair noted that he is also working on a white paper on verifiable credentials that points to the principles of ethical, social, ecological, and environmental sustainability. He stated that a global identity system should not increase the carbon footprint or leave individuals vulnerable to unauthorized data sharing. Annunziato noted that verifiable credentials are one approach to addressing that problem. A participant asked the presenters what their biggest supply chain concern was. Adams responded that for her, it is the connection between the analog and digital world. Fraudsters are ingenious and only need to find one vulnerability in the system, while the owners of the system have to anticipate all potential threats. That is, fraudsters have an inevitable advantage over system owners and can exploit the difference between the physical and digital worlds. Adams noted the importance of understanding how to integrate IoT devices and blockchain and use real-time analytics to identify fraud. McCoy noted that a function reported today may not be the desired function to report tomorrow. If smart contracts are not set up properly, there will be a need to constantly iterate on the contract and flow and create predictive functions. McCoy noted the importance of making sure that everyone is in consensus. Annunziato stated that his biggest concern is the unknown. The scope of CBPâs mission is enormous, from dirty bombs to lead poisoning, from toys to food safety. He noted that it is imperative to give the best data available to the people responsible for keeping the country safe to make their jobs easier and identify bad actors. St. Clair noted that there are many blockchain constructs in existence but, ultimately, if there is bad data on the blockchain, there is a transparent, immutable record for bad data. It will be important to be able to map systems back to agreed-upon standards at the industry or international level. However, that is still an area under development. A participant asked what, from the customerâs point of view, was the biggest travel frustration that blockchain has the potential to mitigate. McCoy responded that
27 epidemiological models and diagnostics for COVID-19 change constantly. Managing identity and verifiable claims functions could be particularly helpful, especially as contact tracing and testing become more widespread. St. Clair responded that blockchain has the potential to eliminate the hassle of travel by consolidating all needed forms of identity in one place. Blockchain could also help with health care and reduce friction on commerce, goods, and services. McCoy stated that he is also working with the National Institute of Standards and Technology standard groups on cryptography and noted that standards bodies and the government are ahead of the curve on cryptography. Annunziato stated that it will be a major advancement if 20 to 30 years of data are preserved. He noted that this achievement should be realized with quantum security. St. Clair noted that authentication and permission will always be issues to address.
