Oracles as a sub-hype in blockchain discussions, or how my puppy helps me get to 10,000 steps a day

Photo: Rob Alcaraz/The Wall Street Journal.

Photo: Rob Alcaraz/The Wall Street Journal.

The more I think about the use of blockchain solutions in the context of public procurement governance—and, more generally, of public services delivery—the more I find that the inability for blockchain technology to reliably connect to the ‘real world’ is bound to restrict any potentially useful applications to back-office functions and the procurement of strictly digital assets.

This is simply because blockchain can only generate its desirable effects of tamper-evident record-keeping and automated execution of smart contracts built on top of it to the extent that it does not require off-chain inputs. Blockchain is also structurally incapable of generating off-chain outputs by itself.

This is increasingly widely-known and is generating a sub-hype around oracles—which are devices aimed at plugging blockchains to the ‘real world’, either by feeding the blockchain with data, or by outputting data from the blockchain (as discussed eg here). In this blog post, I reflect on the minimal changes that I think the development of oracles is likely to have in the context of public procurement governance.

Why would blockchain be interesting in this context?

Generally, the potential for the use of blockchain and blockchain-enabled smart contracts to improve procurement governance is linked to the promise that it can help prevent corruption and mistakes through the automation of decision-making through the procurement process and the execution of public contracts and the immutability (rectius, tamper-evidence) of procurement records. There are two main barriers to the achievement of such improvements over current processes and governance mechanisms. One concerns transactions costs and information asymmetries (as briefly discussed here). The other concerns the massive gap between the virtual on-chain reality and the off-chain real world—which oracles are trying to bridge.

The separation between on-chain and off-chain reality is paramount to the analysis of governance issues and the impact blockchain can have. If blockchain can only displace the focus of potential corrupt or mistaken intervention—by the public buyer, or by public contractors—but not eliminate such risks, its potential contribution to a revolution of procurement governance certainly reduces in various orders of magnitude. So it is important to assess the extent to which blockchain can be complemented with other solutions (oracles) to achieve the elimination of points of entry for corrupt or mistaken activity, rather than their displacement or substitution.

Oracle’s vulnerabilities: my puppy wears my fitbit

In simple terms, oracles are data interfaces that connect a blockchain to a database or a source of data (for a taxonomy and some discussion, see here). This makes them potentially unreliable as (i) the oracle can only be as good as the data it relies on and (ii) the oracle can itself be manipulated. There are thus, two main sources of oracle vulnerability, which automatically translate into blockchain vulnerability.

First, the data can be manipulated—like when I prefer to sit and watch some TV rather than go for a run and tie my fitbit to my puppy’s collar so that, by midnight, I have still achieved my 10,000 daily steps.* Second, the oracle itself can be manipulated because it is a piece of software or hardware that can be tampered with, and perhaps in a way that is not readily evident and which uncovering requires some serious IT forensics—like getting a friend to crack fitbit’s code and add 10,000 daily steps to my database without me even needing to charge my watch.**

Unlilke when these issues concern the extent to which I lie to myself about my healthy lifestyle, these two vulnerabilities are highly problematic from a public governance perspective because, unless the data used in the interaction with the blockchain is itself automatically generated in a way that cannot be manipulated (and this starts to point at a mirror within a mirror situation, see below), the effect of implementing a blockchain plus oracle simply seems to be to displace the governance focus where controls need to be placed towards the source of the data and the devices used to collect it.

But oracles can get better! — sure, but only to deal with data

The sub-hype around oracles in blockchain discussions basically follows the same trend as the main hype around blockchain. The same way it is assumed that blockchain is bound to revolutionise everything because it will get so much better than it currently is, there are emerging arguments about the almost boundless potential for oracles to connect the real world to the blockchain in so much better ways. I do not have the engineering or futurology credentials necessary to pass judgement on this, but it seems to me plain to see that—unless we want to add an additional layer about robotics (and pretty evolved robotics at that), so that we consider blockchain+oracle+robot solutions—any and all advances will remain limited to improving the way data is generated/captured and exploited within and outside the blockchain.

So, for everything that is not data-based or data-transformable (such as the often used example of event tickets, which in the end get plugged back to a database that determines their effects in the real world)—or, in other words, where moving digital tokes around does not generate the necessary effects in the real world—even much advanced blockchain+oracle solutions are likely to remain of limited use in the context of procurement and the delivery of public services. Not because the applications are not (technically) possible, but because they generate governance problems that merely replace the current ones. And the advantage is not necessarily obvious.

How far can we displace governance problems and still reap some advantages?

What do I mean that the advantage is not necessarily obvious? Well, imagine the possibility of having a blockchain+oracle control the inventory of a given consumable, so that the oracle feeds information into the blockchain about the existing level of stock and about new deliveries made by the supplier, so that automated payments are made eg on a per available unit basis. This could be seen as a possible application to avoid the need for different ways of controlling the execution of the contract—or even for the need to procure the consumable in the first place, if a smart contract in the blockchain (the same, or a separate one) is automatically buying them on the basis of a closed system (eg a framework agreement or dynamic purchasing system based on electronic catalogues) or even in the ‘open market’ of the internet. Would this not be advantageous from a governance perspective?

Well, I think it would be a matter of degree because there would still need to be a way of ensuring that the oracle is not tampered with and that what the oracle is capturing reflects reality. There are myriad ways in which you could manipulate most systems—and, given the right economic incentives, there will always be attempts to manipulate even the most sophisticated systems we may want to put in place—so checks will always be needed. At this stage, the issue becomes one of comparing the running costs of the system. Unless the cost of the blockchain+oracle+new checks (plus the cybersecurity needed to keep them up and properly running) is lower than the cost of existing systems (including inefficiencies derived from corruption and mistakes), there is no obvious advantage and likely no public interest in the implementation of solutions based on these disruptive technologies.

Which leads me to the new governance issue that has started to worry me: the control of ‘business cases’ for the implementation of blockchain-based solutions in the context of public procurement (and public governance more generally). Given the lack of data and the difficulty in estimating some of the risks and costs of both the existing systems and any proposed new blockchain solutions, who is doing the math and on the basis of what? I guess convincingly answering this will require some more research, but I certainly have a hunch that not much robust analysis is going on…

_____

* I do not have a puppy, though, so I really end up doing my own running…

** I am not sure this is technically doable, but hopefully it works for the sake of the example…

An incomplete overview of (the promises of) GovTech: some thoughts on Engin & Treleaven (2019)

I have just read the interesting paper by Z Engin & P Treleaven, 'Algorithmic Government: Automating Public Services and Supporting Civil Servants in using Data Science Technologies' (2019) 62(3) The Computer Journal 448–460, https://doi.org/10.1093/comjnl/bxy082 (available on open access). The paper offers a very useful, but somehow inaccurate and slightly incomplete, overview of data science automation being deployed by governments world-wide (ie GovTech), including the technologies of artificial intelligence (AI), Internet of Things (IoT), big data, behavioral/predictive analytics, and blockchain. I found their taxonomy of GovTech services particularly thought-provoking.

Source: Engin & Treleaven (2019: 449).

Source: Engin & Treleaven (2019: 449).

In the eyes of a lawyer, the use of the word ‘Government’ to describe all these activities is odd, in particular concerning the category ‘Statutes and Compliance’ (at least on the Statutes part). Moving past that conceptual issue—which reminds us once more of the need for more collaboration between computer scientist and social scientists, including lawyers—the taxonomy still seems difficult to square with an analysis of the use of GovTech for public procurement governance and practice. While some of its aspects could be subsumed as tools to ‘Support Civil Servants’ or under ‘National Public Records’, the transactional aspects of public procurement and the interaction with public contractors seem more difficult to place in this taxonomy (even if the category of ‘National Physical Infrastructure’ is considered). Therefore, either additional categories or more granularity is needed in order to have a more complete view of the type of interactions between technology and public sector activity (broadly defined).

The paper is also very limited regarding LawTech, as it primarily concentrates on online dispute resolution (ODR) mechanisms, which is only a relatively small aspect of the potential impact of data science automation on the practice of law. In that regard, I would recommend reading the (more complex, but very useful) book by K D Ashley, Artificial Intelligence and Legal Analytics. New Tools for Law Practice in the Digital Age (Cambridge, CUP, 2017).

I would thus recommend reading Engin & Treleaven (2019) with an open mind, and using it more as a collection of examples than a closed taxonomy.

Governance, blockchain and transaction costs

Bitcoin Traces / Martin Nadal (ES)

Bitcoin Traces / Martin Nadal (ES)

Blockchain is attracting increasing attention as a new technology capable of ‘revolutionising’ governance, both in the private or public sector. In simple terms, blockchain is seen as an alternative to the way information is (securely) stored and rules are enforced, regardless of whether those rules are agreed in a contract, or result from legislation or administrative decision-making.

Some examples include the governance of illegal agreements to distort competition (cartels) (see eg this paper by Thibault Shrepel), or the management of public procurement (eg in this paper by Hardwick, Akram and Markantonakis, or these thoughts by Bertrand Maltaverne). These examples explore how the technology allows for the creation of ‘self-executing’ sets of rules that would be capable of overcoming so far intractable governance problems (mostly, about trust: eg among the cartellists, or in public officials).

This could create opposite effects in the governance of public procurement. For instance, this could make the detection and correction of bid rigging very difficult (if not impossible) or, conversely, allow for a corruption-free procurement architecture. Therefore, the impact of the technology (in principle neutral) on existing governance systems can ultimately be seen as an ‘arms race’ between the private and public sector as, ultimately, the one that gets ahead will be able to exploit the technology to its advantage.

This justifies some calls for both investment in new technologies by the public sector (as the private sector has its own incentives for investment), and regulation of private (and public) use of the technology. I have no objection to either of these recommendations. However, I think there is an important piece of the puzzle that tends to go missing in this type of analysis.

Indeed, most of this discussion brushes over the important limitations of smart contracts. These limitations are both linked to the fact that the computational logic underpinning smart contracts can only operate on the basis of complete information/rules, and that the computing power necessary to implement smart contracts can currently only process extremely simple contracts.

The latter issue may be dismissed as a mere ‘a matter of time’, but given that it has been estimated that it is currently only possible to create a blockchain-based procurement process capable of holding 700-word-long tender documentation (Hardwick, Akram and Markantonakis, 2018: 6), there seems to be a very long road ahead, even accepting Moore’s Law on the growth of computational power.

This first issue, though, is more difficult to set aside. As rightly stressed by Davidson, De Filippi and Potts in their ‘must read’ paper, ‘the obvious problem is that blockchains only work on complete contracts, whereas most in-the-world firms ... are largely (entirely?) made of incomplete contracts'; ‘a blockchain is an economic world of complete contracts’ (2016: 9).

In my view, this should raise significant doubts as to the likely extent of the ‘revolution’ that blockchain can create in complex settings where the parties structurally face incomplete information. Procurement is clearly one such setting. There are a few reasons for this, my top three being that:

  • First, the structural incompleteness of information in a setting where the public buyer seeks to use the public tender as a mechanism of information revelation cannot be overstated. If it is difficult for contracting authorities to design ‘sufficiently objective’ technical specifications and award criteria/evaluation methods, the difficulties of having to do so under the strictures of computational logic are difficult to imagine.

  • Second, the volume of entirely digital procurement (that is, the procurement of entirely digital or virtual goods and services) is bound to remain marginal, which creates the additional problem of connecting the blockchain to the real world, with all the fallibility and vulnerability that so-called oracles bring with them.

  • Third, blockchain technology in itself creates an additional layer of transaction costs—at least at the stage of setting up the system and ‘migrating’ to a blockchain-based procurement mechanism. Bearing in mind the noticeable and pervasive difficulties in the much simpler transition to e-procurement, this also seems difficult to overstate.

Therefore, while there will clearly be improvements in specific (sub)processes that can be underpinned by blockchain instead of other cryptographic/cybersecurity solutions, I remain quite skeptical of a blockchain-based revolution of procurement governance. It may be that I still have not advanced enough in my research to identify the 'magic technological solution’ that can do away with transaction costs, so any pointers would be most appreciated.

Procurement governance and complex technologies: a promising future?

Thanks to the UK’s Procurement Lawyers’ Association (PLA) and in particular Totis Kotsonis, on Wednesday 6 March 2019, I will have the opportunity to present some of my initial thoughts on the potential impact of complex technologies on procurement governance.

In the presentation, I will aim to critically assess the impacts that complex technologies such as blockchain (or smart contracts), artificial intelligence (including big data) and the internet of things could have for public procurement governance and oversight. Taking the main risks of maladministration of the procurement function (corruption, discrimination and inefficiency) on which procurement law is based as the analytical point of departure, the talk will explore the potential improvements of governance that different complex technologies could bring, as well as any new governance risks that they could also generate.

The slides I will use are at the end of this post. Unfortunately, the hyperlinks do not work, so please email me if you are interested in a fully-accessible presentation format (a.sanchez-graells@bristol.ac.uk).

The event is open to non-PLA members. So if you are in London and fancy joining the conversation, please register following the instructions in the PLA’s event page.