The Big Interview

FP Complete’s Aaron Contorer: Making blockchains vastly more secure is increasingly critical

Coin Rivet talks blockchain auditing, crypto hype and key challenges and opportunities in 2019 with Aaron Contorer, CEO of FP Complete

Coin Rivet: Tell us about yourself and FP Complete.

AC: I’m the founder and CEO of FP Complete, an IT consulting firm specialising in software and IT engineering services. Our technical specialty is at the intersection of the functional programming and the FinTech space, and we work with many blockchain technology providers in advisory, auditing, and implementation roles.

Many people might call me a serial CTO. I’ve led technology teams across a range of industries with highly complex IT needs, including serving as Bill Gates’ full-time technology advisor at Microsoft. I now spend most of my time helping innovative companies adopt more advanced software technology.

Coin Rivet: Could you talk to us about blockchain auditing and its role in the blockchain and FinTech ecosystem?

AC: Software auditing, in general, provides feedback to implementers and users of software. On the implementation side, this feedback improves the quality of coding, architecture, design, management, hosting, etc. Users, on the other hand, benefit from understanding the risks involved in using such software.

Blockchain auditing is simply an extension of this concept, but unique in the sense that the blockchain is in an unusual space, where end users stand to be directly impacted in a major financial way by mistakes made in the coding process. We believe everyone in the blockchain world should be adhering to quality standards at least at parity with traditional regulated financial markets.

From an ecosystem perspective, in blockchains, code is law. This means that code, and only code, irreversibly decides who owns what money. As a result, a single coding mistake can result in the loss of all financial value. This makes audits that check for code correctness, and tools and processes that foster correctness, very important.

Blockchain audits, as we define them, are third-party, public audits from specialists in the area of cryptocurrencies, security and software development that achieve different amounts of scrutiny and certification, and report accurately and neutrally on whether each audited project appears to be living up to a reasonable standard of engineering practices. As part of any public certification, they report on the nature of what was inspected, what standards are met, and exceptions it found.

Beyond checking for low-level mistakes, blockchain audits also scrutinise a system as a whole. Is it provable that the system behaves as intended when multiple participants, perhaps with contradicting or colluding interests, interact on it? Are incentives to play along with the rules baked into the system, or could occasional cheating provide expected rewards? Does the implementation actually provide the benefits promised (e.g. in the whitepaper or marketing)?

“We’ll continue to see cryptocurrency adoption increase worldwide, particularly as governments of leading countries accept them, but the players will change. Currently, there are way too many cryptocurrencies on the market, which is hard for businesses and investors to choose from”

Coin Rivet: How do you respond to those critics who argue that blockchain is all hype and no substance and technology looking for solutions to problems that don’t exist?

AC: When the dotcom boom of the 90s occurred, similar concerns were raised. When smartphones started becoming popular, similar concerns were raised. There’s no doubt that there’s a similar boom occurring in the blockchain market, and some of the technology being created is the kind of exploratory products critics will point to.

I strongly believe that blockchain is a real technology which will have a lasting impact, though perhaps not in the same way as current market trends are headed. Like any new technology, we’ll have to see how it evolves.

I like to refer people to the “Do you need a blockchain” flowchart by Wüst and Gervais (https://eprint.iacr.org/2017/375.pdf, figure 1), which makes it obvious that a blockchain is not an appropriate technical solution to many problem domains, but can be the instrument of choice when it comes to maintaining consensus about state shared among mutually distrusting participants.

Coin Rivet: How significant is the blockchain bank bill in Wyoming?

AC: As far as Wyoming state itself, I don’t think it will have a significant impact on the economy of the state or the global adoption of the blockchain technology. On the other hand, it is not unusual for other states in the US to follow such examples of passing innovative bills and laws, which later could be adopted at the national level.

And since we are talking about one of the most powerful countries in the world here, such a snowball effect might lead to significant changes and adoption on the global scale.

Coin Rivet: In terms of the possibilities offered by blockchain, what will be the key challenges, themes in 2019?

AC: We’ll continue to see cryptocurrency adoption increase worldwide, particularly as governments of leading countries accept them, but the players will change.

Currently, there are way too many cryptocurrencies on the market, which is hard for businesses and investors to choose from. Identifying which cryptocurrencies are here for the long run and which are just in it for a quick buck isn’t trivial. Further, new and disruptive applications of certain cryptocurrencies could draw a huge user and investor base, which might force some of the smaller cryptocurrencies to fade away. The challenge is that we will not necessarily be left with most secure or environmentally friendly ones.

“I strongly believe that blockchain is a real technology which will have a lasting impact, though perhaps not in the same way as current market trends are headed. Like any new technology, we’ll have to see how it evolves”

Making blockchains vastly more secure will be increasingly critical and difficult for engineers navigating the blockchain field. Existing cryptocurrencies have been troubled by huge amounts of value being stolen (or “having legitimately but unexpectedly changed ownership”) due to bugs in the code and incorrect logic. The approach that is common in software engineering, which is the combined building blocks that work most of the time, but fails in edge cases, is not safe enough for many blockchain applications.

Engineers will have to embrace tools, techniques, and processes that allow for high-assurance programming, and provable correctness. And they’ll need to figure out the balance between auditability and privacy of transactions (the ability to detect transactions tied to illegal activities without compromising the privacy of end users).

We’ll continue to see new functionality and processes emerge to make transactions easier and cryptocurrency integration more seamless, for example, tools that allow small businesses to seamlessly integrate blockchains, and tools for non-technical individuals to make transactions and manage assets.

We also begin to see the standardisation of cross-currency transactions, as well as simple ways to exchange fiat currencies for crypto (which is likely tied-in with government/banks’ adoption of blockchain).

Related Articles