HSBC suggests it might have found a... use for blockchain?

Re: Truth

"To execute the attack, the miner acquired at least 51 percent of the network’s total hashpower, which provided them with temporary control of the blockchain"

Sure, if one malicious entity is able to enter arbitrary transactions against your network without your knowledge, after taking control of half the people able to enter transactions on said network (note, this wouldn't include *users* or people *viewing* the chain to verify transactions, only those capable of making their own).

I think you'll find that any distributed ledger would be vulnerable to attack in such a circumstance.

You're literally asking "half-the-world's foreign-exchange banks" to collude to make a transaction that the others will accept as genuine, in a way that's blindingly obvious, flags all kinds of warnings immediately, and would only proceed if you were stupid enough to not put decent checks in your system and wait for the right number of verifications from trusted entities - at that point, you have bigger problems than what you use to record that transaction.

Re: Just to be clear

The small and private blockchains such as the one HSBC is using can easily be hacked as we've seen on numerous occasions. It's not inconceivable that they instead use the Bitcoin blockchain since it's the biggest, oldest and most secure blockchain in existence. It could be implemented as a side chain with all the data being encrypted. Thoughts?

Re: immutability provided by DLT

Well, we don't know how HSBC have implemented their tech. I would be very surprised if they used a 'proof of work' system like Bitcoin & Ethereum. Would they really want to spend that much on electricity? As it's a single organisation they don't necessarily need the 'double spend' protection that Bitcoin needs, so there will be other ways of giving the process the immutability guarantees required.

Re: immutability provided by DLT

At a minimum, I'd expect that they'd need 51% of co-operating foreign exchanges to recognise the transaction as valid before it could be "falsified" into the blockchain.

Coin-based blockchain attacks are when malicious users own 51% of your blockchain AND you choose to recognise their branch of the blockchain as definitive.

There's two different things at play, and a distributed ledger is going to have a lot more control stopping you getting 51% of the ledger under your control - maybe even by the simple precept of "there are only a hundred master nodes and HSBC control 20, another bank controls another 20, etc.)

Re: Risk Averse?

IB are more and more risk averse. They now prefer the safe and steady revenue streams of sales and arbitrage to the risks of trading for their own. Plus the regulatory constraints make it more and more costly to perform their activities. A lot of IB have been shutting down or reducing their prop trading activities in the last years.

Re: Probably different model

Absolutely.

Bitcoins are basically generated by an anti-spam measure to stop one person hoarding all the coins without a proportional expense/effort on their part. You could have literally let people get a Bitcoin just by sending an email to an automated address, if you'd wanted, and used that as the ledger entry.

A ledger itself, though, just needs to know who made the transaction, who signed off on it, who can revoke it, and then put it into the ledger. Importantly, even complete compromise of their key cannot erase the history of what that key did, as each transaction is in effect "signed" by the next (basically the core idea of blockchain).

Think of it not like Bitcoin but like those play-by-mail games of old. You collect the transactions, perform the calculations, and modify the "database" in the middle. Then you send out the results of the next "round", everyone else can see the effects of those new results and "previous moves" but you can't change them.

The only difference is that instead of one person performing the calculations, you're publishing the data, letting everyone do the calculations at the same time, waiting for everyone to agree what the result is, and then having everyone sign off on that result.

Bitcoin does that, WHILE solving a pointless maths problems that's hard to solve (I believe it is literally "hashing the entire existing blockchain with random numbers until the hash results in 00000000000000000000000" - or it certainly was at one point). It's literally a time-effort-and-money-burning exercise so that there's something that has to happen to make a coin.

I'm guessing a load of $1 test transactions, or, probably not all exactly $1 as they will want to check that different amounts get transmitted correctly.