If we look at the Internet today, we can certainly say that a large part of the information is stored in a few but gigantic data centers of some corporations. Many companies have built their main business on the accumulation and commercial re-use of often private information. Recent developments clearly reveal that the exploitation of such huge amounts of data even has political implications. An example of this was the influence of Cambridge Analytica on the US elections in 2016 in the USA, where information from Facebook users was used to set a political direction and thus significantly influence the presidential election. This was possible because Facebook provided access to the centrally collected user data via API.
The agglomeration of data has increased massively in recent years, especially through IaaS and PaaS. As a result, a few IT companies are accumulating enormous amounts of data and information in their data centers. The end-users have no choice but to trust that the companies are not messing with their data. However, even if these companies are ethical, they are subject to their national jurisdictions. And it is no secret that nations like the USA, China, Russia, and many others have a great interest in such data.
People are increasingly raising their voices, demanding protection and control over private data. A very well-known and also notorious attempt is the DSGVO, which aims to return more control and transparency over personal information back to the end-user by means of a legal resolution. Regardless, for some years now there has been a steadily growing community working and researching new concepts, which are intended to give the end-user complete control over their data or prevent information from being stored at central points. It is about the (re)decentralization of the Internet, very much in the spirit of its pioneer Sir Timothy Berners Lee, who himself is actively participating in this development.
A very well known and also notorious attempt is the DSGVO, which aims to return more control and transparency over personal information to the end-user by means of a legal resolution. Independently of this, for some years now there has been a steadily growing community working and researching new concepts, which are intended to give the end-user complete control over his data or prevent information from being stored at central points. It is about nothing less than the (re)-decentralization of the Internet, very much in the spirit of its pioneer Sir Timothy Berners Lee, who himself is actively participating in this development.
WTH is decentralization
In an online context, decentralization means that the connections are built in a mesh-like scheme without a recognizable central node. The network participants connect to each other using peer-to-peer protocols and exchange overall network data. This means that there is no agglomeration of data or control, i.e., no central servers and authorities. The fascinating thing is that decentralized systems have no single point of failure: the more participants there are, the more robust the system is.
The data volume in a decentralized network is more or less evenly distributed. The advantage of robustness is obvious, but it also means that data must be implicitly redundant. The conflict-free and timely synchronization among peers is a technical challenge, which nowadays is already quite well solved and developing rapidly.
Decentralized systems don’t come without challenges. Apart from synchronization latencies between peers, there is a compelling non-technical problem to be solved, which is especially true for public systems: how to find participants?
Some may still remember BitTorrent. It was not uncommon for a movie (let’s face it, we used BitTorrent to get the latest games or movies practically for free) to get stuck at 99.8% “download” because the last data blocks were no longer on the network, as no “seeder” was active. Everyone wanted to take it, but hardly anyone wanted to give.
This is one of the biggest challenges in decentralized networks. Therefore, motivation mechanisms need to be developed to attract participants and keep them in the system. Another challenge is dealing with malicious or untrustworthy participants who want to abuse the system for their own purposes. This problem must be solved especially in public systems, where there could even be legal issues since there is no central authority to trust like in conventional ones. Technical problems such as scaling effects also play an important role. For example, truly decentralized public blockchains such as Bitcoin are not really suitable for everyday use due to their long transaction runtimes.
Decentralization at Cinq
At Cinq, we are a small group of people who deal with the issue of decentralization. We work on innovative solutions based on decentralized and distributed technologies, and explore the possibilities and limits of technologies such as blockchains, smart contracts, secure digital assets, dApps, decentralized ledgers, decentralized file systems and databases, peer-to-peer solutions, etc. The aim is not only to be a pioneer and to gain an advantageous market position through a lead in competence, but also to raise awareness of data protection and privacy.
Our first current project at Cinq is a decentralized ledger based on a distributed No-SQL database, in which we internally manage point accounts. Through the decentralized approach, we expect a strong simplification in the integration of new business units, but also a robust system that becomes more stable the more nodes are running company-wide. This ledger can be used as a basis for various types of applications that are intended to increase motivation through gamification.
Although the project is in an early phase, it is ready for the first test phases. The ledger was developed with NodeJS and uses IPFS in combination with OrbitDb. For interaction, e.g. account creation, transaction and query, a GraphQL API is used. To ensure that no one can perform transactions on behalf of others, they must be cryptographically signed. The transaction throughput is configurable, but we are able to perform several hundred transactions per second, which should be more than sufficient within the application context.
Software Craftsman at Dextra Digital/Cinq