OSAKA, Japan—In April this year, accounting firm Ernst & Young released a small advancement in Ethereum technology, called Nightfall, designed for making private Ethereum transactions. But at the time it was unclear why it was developing this technology, and it was unknown how ambitious and radical its overarching plan was.
In an interview with Decrypt at Devcon 5, EY’s global blockchain leader Paul Brody explained that Nightfall is the first step in a greater process to get businesses creating agreements, settling invoices and making payments with each other using the public Ethereum blockchain. At the same time, the transaction information will be kept private and the majority of the data will be kept off the blockchain. It’s an ambitious roadmap but one, he said, that could drive, “immense transformation to the world’s companies.”
It’s an idea so transformative that he believes it will drive massive changes for the way businesses operate over the next 20 years. To put it in context, he referred to the introduction of Enterprise Resource Planning (ERP) software, created 20 years ago, which pulls together information from all parts of a business into one location. When it came out, it reimagined the way businesses operate. Brody said, “We believe that blockchains will do for networks and enterprises what ERP did for the single enterprise.”
But this isn’t just a speculative idea; EY already has a prototype in place. Back in June 2018 (before Nightfall was unveiled), it announced a partnership with Microsoft, which planned to use its prototype to settle and pay contracts. Brody said Microsoft’s previous method of settling invoices used to take 30 days, while the blockchain-based one takes just five minutes. And it has been a great success.
“We’re doing more than 10,000 transactions per day for Microsoft. We have seven major video games suppliers live and we’re expanding the footprint of that service,” Brody said.
The privacy paradox
However, this just tells EY that it’s on the right track—that there is a gap in the market and that a blockchain-based service can be more efficient and save costs. Only, this isn’t enough.
The prototype currently uses a private blockchain, not that dissimilar to a database with added cryptography. It still requires trusted third parties to maintain the blockchain, and those parties can witness what’s going on. And this shows that they haven’t solved the real problem.
The real problem, according to Brody, is that when businesses use third party platforms—known as portals—to make the process smoother, this creates a risk. The third party is able to collect all the transaction data it processes, potentially exposing the company’s private data—a valuable commodity. Hence, many companies choose not to use such mediators, especially when concerning trade secrets or other valuable information.
“The portal operator can see all of the transactional data. Consequently, a lot of enterprise partners have been reluctant to use portals especially for direct procurement because they would be exposing their most secret business terms and conditions to potentially a competitor,” he said.
And here’s where blockchain can come in. This technology allows any two parties to interact without the need for a trusted third party. And a blockchain like Ethereum has tools called smart contracts, which are contracts written in code that automatically execute when the conditions are met. Again, this doesn’t involve a third party.
But here’s the issue. The current version of Ethereum (and most blockchains) are not privacy-focused. If you make a transaction on the network, anyone around the world can see the two addresses involved and the amount of money transferred. So, if businesses started using Ethereum today, it could expose their financials. A big no-no.
On top of that, smart contracts are similarly publicly available. So if you created a contract between two parties, where if certain conditions are met, a specific amount of money is transferred, anyone could observe it. Similarly, no good.
Private smart contracts
EY isn’t content to just wait it out. It’s dived headfirst into the blockchain industry, hiring multiple engineers and developers (Brody wouldn’t say how many) to help build privacy features for Ethereum. Its first step was to create Nightfall, a way of creating private transactions on Ethereum—where the transaction data is obscured from public view, through the use of complex cryptography.
The problem here is that they take up a lot of space on the network, making them expensive. In the beginning, each transaction cost $100, a lot compared to the current average transaction fee of $0.004. Since then, EY has managed to get the cost down to $9. Brody claimed this is already cheaper than private blockchains, when you take into account the overall cost of using them, such as paying for the service. But he added that EY plans to bring the cost down below $1, by batching transactions together (which means combining them into one), a commonly used technique in the blockchain industry.
It’s actually waiting on a new development for this one. Ethereum Improvement Proposal 1962, if implemented, will make it possible to have multiple entities work together to batch transactions. Brody’s team is pushing hard for this to go through. “If we’re successful, by the end of this year, you’ll be able to drive your transaction cost very low but only when you have multiple transactions to do at the same time,” he said.
But this isn’t the only step; EY wants to do the same for smart contracts. Stage two of EY’s plan is to create the notion of “private smart contracts” where the details of the smart contract would not be uploaded to the blockchain—an ambitious concept that will take more technological innovation.
The third stage is even more radical. “Our goal is to create enterprise transactions. But we want to tell enterprises that none of their data, even in an encrypted form will ever go on the blockchain,” Brody said.
One of EY’s worries is that, even if encrypted data is uploaded to the blockchain, this would still be a security risk. Instead, it wants to create some distance between the original data and what’s put on the blockchain. In essence, what it hopes to put on the blockchain will be a link to the data, not the data itself. So, if the blockchain did get compromised, the company would be able to cut off access.
“We can prove everything was done according to our contract and was done truthfully but in order for you to receive the details, you’d have to follow the link to the off-chain data,” he said, adding, “It’s not enough encrypting the data but that access to the data can be revoked if necessary.”
Getting enterprise on Ethereum
Bringing the three stages together, if EY gets its way, enterprises would be able to create a contract with another business, fulfil the terms of the contract, which would trigger a smart contract that would result in an Ethereum transaction—without any of the data available to anyone, except the two companies involved.
“The end game is enabling all the functionality of the Ethereum blockchain for enterprise users, with full privacy,” Brody said.
It’s a pretty radical shakeup. It would essentially make it as easy for companies to work with one another as it is to send an email to anyone in the world. While it might not be in the spirit of decentralized finance (DeFi)—the idea of creating financial applications on blockchain platforms—it’s actually the same concept but applied to real-world businesses.
Businesses seem to like the idea too. EY already has Microsoft on board, using its current prototype. It is also doing blockchain-related auditing work for 130 companies and has 350 broader engagements with blockchain companies. If it can create the technology that it needs, it could drive a lot of companies to start using the public Ethereum blockchain in order to save time and money.
Brody added, “We believe that by 2030, more than half of all new business contracts will be done on a blockchain.”