Amazon Web Services, the e-commerce giant’s cloud computing arm, is having its proverbial blockchain cake and eating it, too.

In late November, AWS unveiled a new service during its re:Invent event that lets clients build their own cloud-based blockchains, using Hyperledger Fabric or ethereum as templates for such projects.

That announcement was the next step in a long-running process that has seen the cloud giant continuing to dip its toes ever-deeper into the blockchain pond. Previously, AWS showed its hand by striking partnerships with firms like bank-backed startup R3 and, later, the ConsenSys-tied Kaleido. With Amazon Managed Blockchain, AWS was clearly trying to take that one step further – but at the same time, the cloud services company isn’t making any claims that all of its clients will benefit from using blockchain.

Indeed, according to Rahul Pathak, AWS’ general manager for big data, data lakes and blockchain, conversations with its customers led Amazon to the conclusion that blockchain isn’t some kind of panacea, but is rather suited for specific business problems that many clients simply don’t encounter.

“You can imagine a large manufacturer who wants all of its partners to write on its ledger about trading items through its network,” Pathak explained. In such cases, a “blockchain network brings in an unnecessary complexity, because you don’t need the distributed trust or the consensus elements.”

Amazon’s conference saw another cloud offering – Amazon Quantum Ledger Database, or QLDB – take the stage. That offering is being marketed as a radically easier way to build cryptographically protected databases, and Amazon is betting that in some cases, customers will prefer that to any kind of blockchain solution.

“Some customers wanted an immutable ledger, but centralized trust was ok, and for that we have QLDB, and some wanted an immutable ledger, but also decentralized trust, and that’s where Amazon Managed Blockchain came into play,” Pathak explained.

Ledger selections

That sense of pragmatism – that some companies don’t need a distributed database or simply aren’t interested in blockchain – extends to the top of AWS’ ranks.

As CEO Andy Jassy said during his keynote speech at the re:Invent: “We just hadn’t seen that many blockchain examples in production or that couldn’t pretty easily be solved by a database.”

In fact, AWS is stating that blockchain is not needed for the most touted enterprise blockchain use cases. Even still, some of AWS’ clients – a list that boasts some notable enterprise-level names – are giving the blockchain platform a try.

This list includes communication giant Verizon, electronics manufacturer Philips, clearing and settlement provider DTCC, aircraft engine supplier GE Aviation, insurance companies Liberty Mutual and Guardian Life, software vendor Workday and healthcare technology provider Change Healthcare. Their logos can be seen on the Amazon Managed Blockchain website.

For these early participants, only a preview is available so far, and in case of the managed blockchain, it’s Hyperledger Fabric. Ethereum will also become available in the coming months, Pathak told CoinDesk, but the exact dates are not public.

According to Daniel Johnson, CTO and head of innovation at Guardian Life, testing the AWS’ product is part of its ongoing experiment with blockchain systems that the company has been conducting since 2015. This process has included the development of private blockchain prototypes using ethereum, Hyperledger, and some of the options available on Microsoft Azure.

As Guardian has been using other Amazon’s services for several years now, trying this one seemed logical — and more rational than joining a consortium and running their own node, Johnson told CoinDesk.

“We’d rather have a large provider and let them administer lower-level technical services. Amazon becomes a trusted third party instead of us going into a consortium where you have to worry about that person leaving or another person joining. We’d rather have a technology company that has financial stability and is really performing well, and rely on them,” Johnson said.

Addressing the security concern of vulnerable data sitting outside the company’s venue in the AWS cloud, he said that actually, such a solution is viewed by Guardian as a more secure one.

“If there is a country that wants to hack your system, Amazon has pretty extensive security measures, different controls in place, they can do it a lot better than any enterprise,” Johnson said.

If this is the thinking of other Amazon clients testing the new cloud service (the other seven firms didn’t provide detailed answers about it), and given that Amazon is now a dominant cloud service provider in the world (with 41.5 percent of the market, according to a report by Cloud Security Alliance), the product might be a formidable competition to the existing blockchain consortia, the first ones of which have recently gone live.

Inking relationships

Curiously enough, Amazon has recently partnered with a number of blockchain solutions providers, but the new products have been developed exclusively by the AWS team, Pathak told CoinDesk.

Back in 2017, Amazon hosted Corda on its marketplace, allowing customers to deploy and use dApps on the R3-developed blockchain.

In May, another partnership was announced with the ConsenSys-backed startup Kaleido, which builds enterprise blockchains on ethereum. However, both Pathak and Kaleido co-founder Sophia Lopez told CoinDesk that Kaleido wasn’t involved in the development of the ethereum part of Managed Blockchain.

“Kaleido is working with us across the number of other areas, their focus is bringing their own service to the AWS customers,” Pathak told CoinDesk. Asked if there will be competition between Amazon’s own service for building ethereum-based enterprise blockchains and Kaleido’s, he said he didn’t believe that was the case.

“It’s still very early, and there will be plenty of opportunities for customers to work with any of us or both of us,” Pathak said.

Lopez told CoinDesk that the partnership with AWS has been a productive one, helping create more than 1,500 blockchain networks with Kaleido’s service at AWS. But the Amazon’s own ethereum offering of the Managed Blockchain will be only “five to ten percent” of the solutions clients need to run a blockchain, she said.

Other necessary parts are the constellation of identity, key management, business process modeling services, smart contracts instruments and other tools around the blockchain technology itself. As Lopez said: “Clients need a lot more help.”

“So far AWS has only a template, or a script for one-time initial deployment [for ethereum],” she explained. “It’s one small step forward. They are trying to catch up with other vendors who have been offering something like this over the last year or two.”

But what about blockchain?

While the approach may be winning plaudits from enterprises, participants on the AWS subreddit recently struck skeptical tones during an AMA in late November after the twin services were launched.

A user going by the handle alsomahler noted that users won’t be able to do anything in case their transaction record gets changed: “You can’t prove that merely by using a blockchain. It’s possible for you to fork at an earlier block and included transactions in a new history of blocks. Obviously, a user could keep track of the block hashes themselves, but even then, they can’t prove it in court. Do you have mechanisms to make this more difficult?”

Another one reminded about the core principles of blockchain: “Why should we trust a centralized authority? The core virtue of distributed ledgers is the avoidance of centralized authorities. Central point of control = not trustworthy.”

To these and similar arguments, AWS’ answer was that “customers building on QLDB will trust that AWS is faithfully executing their SQL statements to update the current and history views of their data. But once the journal transactions are published, they cannot be changed even by AWS without detection.”

Pathak added that QLDB is designed for the use cases when there is a trusted authority recognized by all participants and centralization is not an issue.

“What QLDB provides is you will be able to verify that the ledger has not been changed or forked, otherwise you will be able to detect it,” he explained.

Another question is the viability of the systems that allow users to use blockchains without running nodes, making the process radically easier but opening a single point of failure as there is a centralized provider of hardware. Event public blockchains face this problem, like ethereum, in which a service called Infura handles a significant share of transactions.

Pathak says that Amazon makes efforts to guarantee the resilience of its services and “invests a lot of resources to make sure the system stays available in case of different failures.”

Another way to solve this problem for blockchain projects is to include nodes not hosted at AWS, Pathak said, suggesting that, in the end, some decentralization still might be needed.

Image Credit: Kristi Blokhin / Shutterstock.com