You are welcome, @james. As promised, the following short excerpt (5 paragraphs) includes a useful, recent legal perspective rather than a technical one on blockchain from " Stephen Mason and Daniel Seng, editors, Electronic Evidence and Electronic Signatures (5th edition, Institute of Advanced Legal Studies for the SAS Humanities Digital Library, School of Advanced Study, University of London, 2021). The advantages and drawbacks through a digital evidence lens are informative:
6.85 The most common form of technological authentication for records is the secure digital signature. Such a signature acts to protect bitwise integrity, verifies a record’s origin (part of its identity) and makes a record indisputable and incontestable (nonrepudiation1 ). The digital signature has been given legal value mainly by legislative acts,2 is enabled through complex and costly public-key infrastructures (PKI) and ensures authenticity of information across space (transmission from a person to another), though not through time. This is because it is subject to obsolescence, it compounds the problem of preservation, as it cannot be migrated with the record it is attached to, and the certificates linked to it have an expiry date. Archival science tells us that a digital signature has the function of a seal, in that it is attached to a document that is complete without it, rather than that of a signature, which is an essential part of a record, so it can be removed and substituted with metadata attesting to its presence at the time of transmission and receipt. This is largely the position taken by evidence law in common law countries. A detailed discussion of digital signatures and the challenges they present when the documents to which they are attached must be maintained for longer than 2–5 years can be found in Chapter 7. 1 For the meaning of ‘non-repudiation’ and its limits, see Chapter 7, Electronic signatures. 2 For a list, see ‘World electronic signature legislation’ (2019) 16 Digital Evidence and Electronic Signature Law Review 135, https://journals.sas.ac.uk/deeslr/article/view/5092
6.86 The blockchain is a type of Distributed Ledger Technology (DLT), a concept referring to the maintenance of a decentralized data repository geographically spread across multiple sites, multiple countries and multiple organizations. The blockchain is the underlying technology that enables the virtual currency Bitcoin. It is a ledger – an information store that keeps a final and definitive (immutable) trace of transactions (their hash codes ). To operate, it relies upon a distributed network, given that all nodes and servers are equal, and on decentralized consensus, with no centre(s) and no single point of control or attack. The confirmed and validated sets of transactions are held in blocks, which are linked (chained) in a chain that is tamper-resistant and append-only. A blockchain starts with the genesis block, and each block contains, in addition to the hash of a predetermined number of documents, a hash of the prior block in the chain (referred to as the Merkle tree).
6.87 A blockchain can be used to confirm the integrity of a record kept elsewhere, in that a record existed or was created at a certain point in time, although not after it has been time-stamped and registered in the blockchain, and the sequence of records leading to it. It is not a system that records business records. It holds the hash of records, not the records themselves. Smart contracts, which are agreements between parties directly written into lines of code on a blockchain, are not yet recognized as records. The records must still be stored and managed off chain. This is good, because if they were in the blockchain, they would be immutable.
6.88 Immutability is the attraction of a blockchain: it is what ensures integrity, as nothing can be changed in a blockchain block or removed from a block. At the same time, this is the central problem of blockchain. In fact, with current records, that is records used in the present and active course of current business, any updating or correction of the wrong data, any form of privacy protection, any exercise of the right to be forgotten, any disposition of records that are no longer needed, any system upgrade, and in short, any change in the record, would invalidate the blockchain. Where records are kept or identified for continuing and possibly long-term preservation, any transfer, migration or addition to the records of a preservation system would invalidate the blockchain.
6.89 The blockchain therefore presents a problem for authentication that goes beyond bit-wise integrity, in that any form of indirect or circumstantial authentication is not possible, because the hash on the blockchain does not allow for links to the hash of related records or the hash of metadata. If the metadata were embedded in each record at creation, the hash of such record would not allow for additions or changes, which is always necessary when carrying out any usual and ordinary business.
6.90 Further, handling the decentralized (and thus trans-jurisdictional) nature of the blockchain is complicated. At any given time, determining the author of a record, the owner and what law applies is difficult, especially when dealing with code in a situation where different participants in different jurisdictions control the necessary components of the transaction. An additional issue is presented by smart contracts, which lack both the equivalent of a signature and the date of the completion of an agreement. Thus, decentralization, the attractive aspect of blockchain that takes away central control and democratizes it, is a problem for authentication of data in digital form. This is because information processing happens on a complex technological stack in which different technical components may be in the custody of, and operated by, very different participants. Some components may be under the control of a single organization, others under the control of business partners who are members of a blockchain consortium, and still others under the control of unknown third-party contributors. An organization’s records could be in the custody of thousands of independent legal entities or individuals over which the creators of the records exercise little or no control. The consensus mechanism, and other protocols or standards that determine how the blockchain operates, may not be within the decision-making purview of the creator (or the creator’s designated records professional). These may be decided by remote (and even unknown) third party developers. In many cases, these protocols and standards are still unstable, and thus the reliability of the upload of organizational records to the blockchain could be very difficult to establish with any certainty.