I’ve spent the last three or four days analyzing what IBM is up to, and it’s been an interesting excursion. So, let’s dive in!

IBM’s invention

The first thing to note is that the allowed patent is a continuation of application 15429121 and consists of a single long claim, which is a concatenation of all the claims of the parent application (filed 9 Feb 2017). There is so much in that one monolithic claim that you would have to go out of your way to produce a system that infringes. I’ve asked on Askpatents why a company would file and prosecute such a patent application, but haven’t received any feedback on the strategy behind this legal maneuver. It is therefore easier to analyze the parent patent (which hasn’t been granted yet), because it still presents the ideas in a structured step-by-step manner.

So let’s forget about the enforceability of the claims, and look at what the invention actually address.

The first few claims of the parent application set the scene. IBM claims a database and a blockchain, linked together and with identical data, so that when access or changes are requested, both the database and the blockchain are updated.

The next claims talk about detecting inconsistencies between the database and the blockchain, and sending an alert when inconsistencies are detected. So far, so good.

The later claims contain the clever bit, in my opinion. The database has administrators, who can do anything, and ordinary users, who can’t.

But the blockchain doesn’t allow administrators or users to make changes.

Instead a smart contract is the only thing that can update the data records in the blockchain. The smart contract monitors requests that are made to change the database, and makes identical updates in the blockchain. As the blockchain contains a “delta” record of the changes, if set up well it, it will ensure that any shenanigans from rogue administrators are immutably logged on the blockchain, allowing them to be identified and suitably punished.

And the final claims sort of mop-up the invention by talking about automation and efficiency ideas.

Now I’ve always found that an invention starts with a core idea — a gem, that you feel has some worth to it if only it can be suitably polished. The rest of the stuff around it is like the facets and cut of the gem, which tidy it up and if done right make it look beautiful and sparkle. But if the core idea isn’t a good gem, you can polish it all you like and it will still just end up looking like a rock.

In the IBM patent, I would identify the “administrators can edit the database, and only a smart contract can edit the mirror of the database on the blockchain” as the gem. So, let’s see if the specification provides more detail on how a “smart contract” is going to do that…

Unfortunately, the details aren’t there. Although there are fifteen references to “smart contracts”, and there is even an example of a smart contract only allowing three transactions changes to the database in a given week, there aren’t really any specifics in the detailed description of the specification. It’s a bit like saying “I’ve got an idea for a social media app”, and when asked how you’re going to implement it, you respond, “with computer code”. In patent terms — I can’t see an enablement of the invention described.

Now smart contracts can only act on data already in the blockchain, unless there is an “oracle” feeding data in from the outside. In this invention, the oracle would be passing in the change requests from administrators to the smart contract, which would then validate the changes and either add them to the blockchain or reject them.

But from a security aspect (and security is key to making a tamper-proof representation of a database on a blockchain), it really depends on how the blockchain is configured — for example, are there other ways of getting transactions onto the blockchain, and could these be used to side-step the smart contract? How secure is the oracle? How much testing is going to be required to ensure the smart contract actually does what it needs to, and doesn’t contain any bugs that can be exploited? And the biggest risk of all — if a rogue administrator manages to find a workaround, given that the integrity is automatically checked for, the database operator could be lulled into a false sense of security that everything is okay, and not notice any hacks for a long, long time.

Chainfrog’s invention

Blockchains connected to database is nothing new. Note that all the blockchain engines out there have associated software that extracts data from the flat-file that constitutes the hash-linked list of the blockchain, and puts it into an associated database. For example, Bitcoin Core software uses LevelDB to index the blockchain and Berkeley DB for wallet information. For Ethereum, Geth uses LevelDB as well, and Parity uses RocksDB.

However, databases synchronized over a blockchain is new, and because there’s a blockchain in the middle, it is possible to run an audit on the synchronized systems to ensure it really represents the one true view of the current state of the data.

So instead of focusing on immutable data, my work was about providing a simple familiar interface (the database) to blockchains, and to provide a disparate network of databases managed by different organizations with the means to synchronize selected data over the blockchain in a trust-building and decentralized manner.

A patent application that I filed back in March 2017 to enable this covers sharing database schemas over a blockchain, which is a different concept to the one IBM has gone after, but the two areas are related. In my opinion, using a blockchain to ensure a consistent structure across a variety of databases is far more important, as it relates to data sharing. Data immutability is ensured by having one blockchain that the multiple databases connect to. Each database has a blockchain node running alongside it, and as new block arrive, the node can scan the contents and only extract the data that the database owner is interested, as well as the structure of the data. As a result, different parties using different databases can arrive at identical views of the truth, including the shape that that truth is to take.

Now it turns out that with a system for synchronizing databases over a blockchain, it becomes almost trivial to implement the subject area of the IBM patent, namely making a tamper.proof database.

Configure two databases, connected and synchronized through a blockchain (e.g. using our Blockbinder product). Give one user on the first database administrator rights. Give a second different user administrator rights on the second database. To check for database integrity, compare the first database with the second.

It’s a simple as that. No smart contracts required. If the databases don’t match, one of the administrators has edited the database in a manner that they’re not allowed to, and the blockchain ensures that they can’t edit the past to hide what they’ve done.

Conclusion

IBM have received a patent for making a traditional database tamper proof using a blokchain. Such a database may well have beneficial use cases in for example the finance world and the legal world, where compliance through auditing are required to ensure the data in the database has not been tampered with.

Unfortunately the patent doesn’t really describe how the system works, other than through the “magic of a smart contract”. I can only hope that more details will be forthcoming.

Furthermore, there are other solutions that achieve the same aim using existing database synchronization over a blockchain.

Hopefully therefore, in the future further patent applications and product releases by IBM will extend the story further and provide some real information as to how Big Blue intends to provide the world with genuinely tamper proof databases. We can but wait…

Links and further reading

BigchainDB’s architecture for a similar solution

An article on why blockchains won’t replace databases

A rather different take from the author’s on IBM, blockchain and patents

About the author

Keir Finlow-Bates is an inventor and CEO of Chainfrog, Finland’s first blockchain startup, focusing on IoT/blockchain innovation. Their first product, Blockbinder, connects and synchronizes traditional databases through a blockchain. Feel free to contact me to find out more.