How to send a file through Ethereum, Hyperledger, IOTA blockchain? There is no convenient solution to this problem.
On Coinmonks, the innovator described how he sent the image via IOTA. He converted it to a Base64 string. Then, the text strings were sent attached to 53 transactions in 10 minutes to the recipient’s address. On Reddit, he got predictable feedback which the main point was: the IOTA was not created for that use case.
The same inconvenient ways are offered on forums for Bitcoin, Ethereum, Hyperledger, and other DLTs.
On the other hand, there are distributed file storage systems, such as IPFS, Storj, Sia, FileCoin. They replicate documents for safety and encrypt data for confidentiality. In the IPFS network, the document address matches its hash. This protects the document from modifications: after any edits, the new document will be released with a new hash at the new address. Documents are distributed uncontrollably across such file systems, so it is usually difficult to remove them. In general, the functions of file storage systems are limited: you cannot specify access rights, to automate the document processing or to collect statistics.
For what practical purposes may need to combine blockchain and decentralized file storage? The integration of these technologies is required to create an automated decentralized workflow. New forms of business relationships with other organizations and with communities around it become possible. For example, transparent systems of interaction with contractors, allowing track changes in tasks and payments. Or ecosystems of brand partners and ambassadors who develop the community and get rewarded for their efforts.
Let’s explore what tasks distributed workflow systems can perform.
File storage in blockchain systems
Authenticity and validity of documents
A simple operation that blockchain cannot perform without file storage is to prove the authenticity of the document. To prove the authenticity of the document, you need to generate its hash value. If the document has not been edited, the hash remains the same as of a genuine document. To store documents and generate their hashes, blockchain developers use third-party services, for example, IPFS.
In the file-based blockchain, data is stored directly in the nodes, so a connection to third-party services is not required. The following scenario is possible, for example. The document was agreed by the partners at the meeting and uploaded to a distributed workflow system based on a private blockchain. Also, the secretary sent the document to whom it concerns. Now anyone who received this document via email can verify its authenticity through this system.
Another scenario: the customer uploaded the project documentation to their corporate file storage and gave access to the contractor. After a while, the customer made small edits to the specification, deleted the earlier version of the file from the shared storage, but forgot to notify the contractor about updates. When the contractor completed the task, the original version of the document could no longer be found because it had been removed from the system.
Even if the customer used a decentralized IPFS system, it would not help to investigate the issue: in IPFS, an old abandoned document disappears after a while. Therefore, a more complex system is needed. You can set a variety of usage scenarios in file-based blockchain, including the permanent storage of ever uploaded documents. Thus, the initial version of the specification can be stored by all users of the distributed system. Moreover, it would be possible to avoid the incident by setting up a notification for changes in the document folder.
Data access control and monitoring
In business systems, you usually assign roles to users, limiting their access to data. Let’s say an employee has left the company and no longer can access data in centralized corporate storage. How to block his access to files stored in a decentralized system?
To do this, you need to set an encryption system from the very beginning. All files stored on a distributed system must be cryptographically protected when uploaded. A multi-signature system has to be developed to access them. For example, it is required 2 signatures to access documents: the employee’s and the system’s that checks a centralized employee permission directory.
The multi-signature system can be more complex following business requirements. If a decentralized system provides services for the interaction of three companies, then in addition to the signature of an employee, one from these companies is sufficient.
The system of user authorization allows track who added the document and accessed it.
Prevent data leakage in workflow between organizations
How to grant access to data from specific work stations only? It is required to avoid a case when an authorized user installed a node on their home laptop and then lost it. Within one organization, DLP systems are used to control the distribution of data. It is more difficult to impose restrictions when several companies are involved in the workflow.
In a decentralized system, in addition to encryption, you can restrict the distribution of data physically. To do this, you need to deploy a subchain or fork of the file-based blockchain in a corporate environment. Then set the node whitelist. After that, no one will be able to install the node unauthorized and connect to the network. Thus, the work station which process and store documents will be physically defined.
Workflow on smart contracts
Within the enterprise, the processing of documents is automated and transparent. Usually, parties involved can easily track the status of the document and see its contents. Roles, responsibilities, deadlines and different process options are provided by workflows.
Can such systems be transferred to the interaction of several companies with each other? Yes, but this requires a decentralized system managed by smart contracts, not by an administrator. Participants agree on workflow, then processes are implemented in code and executed autonomously, without human control. Records and documents are stored simultaneously on all nodes, and therefore can not be deleted or modified.
For example, the process of registration and tracking of official inquiries can be organized in this way. An involved person outside the company will be able to track their case and see the contacts of the currently responsible official.
Sometimes a contractor delay payment to subcontractors under the pretext of nonpayment from the customer. If the customer would register payment information in DLT, the transparency of cooperation increases significantly for all parties. Subcontractors notice that the payment from the customer has been made and begin working on the project.
Document management on distributed systems governed by smart contracts can be implemented to auctions, multiparty contracts, supply chains and so on.
EVEN service for distributed workflow
EVEN is built on top of modified IPFS which used as a transport network. For corporate networks, this is a more reliable solution than a combination of any blockchain, oracles and a distributed file system. Given the complexity of enterprise systems, additional integration and support of multiple solutions requires a lot of effort and entails risks. For example, it will be necessary to control user access to both blockchain systems and file storage systems separately.
EVEN combines the most advanced distributed technologies. In addition to the built-in file storage, the network implements fast smart contracts, energy-efficient consensus, and DAG structured registry. In October, EVEN launched the first public version of the test network and showed some of these technologies in practice. During the test, we demonstrated how to send and receive documents, transactions, and run nodes.
The network is ready to carry pilot projects. We are open to partnerships with developers and system integrators of corporate workflow systems and with end customers. Contact the team to launch a workflow project.