More Related Content Similar to Deep dive on Amazon Managed Blockchain (20) More from Amazon Web Services (20) Deep dive on Amazon Managed Blockchain1. S U M M I T
L o n d o n
2. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Building enterprise solutions with
blockchain and ledger technology
Dr. Andrew Kane
Principal Solutions Architect
Amazon Web Services
3. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
How do we think about blockchain?
4. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Need for a ledger with centralized trust
DVLA
Track vehicle
title history
Manufacturers
Track distribution of a
recalled product
HR & Payroll
Track changes to an
individualās profile
Healthcare
Verify and track hospital
equipment inventory
LEDGERS WITH
CENTRALIZED TRUST1
5. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Challenges customers face
Building ledgers with traditional databases
Difficult to
manage and scale
Impossible
to verify
Error prone and
incomplete
Resource
intensive
Blockchain approaches
Designed for a
different purpose
Adds unnecessary
complexity
6. S U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon Quantum
Ledger Database (Amazon QLDB)
Fully managed ledger database with a
central trusted authority
PREVIEW
7. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Do you need a ledger database or
a blockchain?
Michael Labib
Principal Solutions Architect
Amazon Web Services
8. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Amazon QLDB (Preview)
Fully managed ledger database
Track and verify history of all changes made to your applicationās data
Maintains a sequenced
record of all changes to your
data, which cannot be
deleted or modified; you
have the ability to query and
analyze the full history
Immutable
Uses cryptography to
generate a secure output file
of your dataās history
Cryptographically
verifiable
Easy to use, letting you
use familiar database
capabilities like SQL APIs for
querying the data
Easy to useHighly scalable
Executes 2ā3X as
many transactions as
ledgers in common
blockchain frameworks
9. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Need for running transactions with decentralized trust
2
Financial
institutions
Peer-to-peer payments
Mortgage
lenders
Process syndicated
loans
Supply chain
Transact with suppliers
and distributers
Retail
Streamline customer
rewards
TRANSACTIONS WITH
DECENTRALIZED TRUST
10. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Customer problems with complex business networks
1. Networks rely on central authorities
2. Cannot agree on how data can be securely and fairly shared
3. Multiple organizations need a single, up-to-date view of data
4. Business logic among multiple organizations could be simplified
5. Asset transfers require escrow
6. Public networks needs a tamper-proof history of transactions
11. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Blockchain builds trust in a network
Eliminates the need for central authority in business networks
Three main components: distributed ledger, consensus mechanism,
and āsmart contractā execution environment
Together these elements allow two parties to transact with one another by ensuring other parties consent
to the transaction and record the transaction. This provides immutability and trust
12. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
New Transaction
Blockchain components: Distributed ledger database
Block 59
Transaction
Previous Block Hash:
0000d68b2f0a3b
Timestamp
Block 60
Transaction
Previous Block Hash:
000057ec2fda71
Block Hash:
000087ea2ffe94
Timestamp
Transaction
Block 61
Previous Block Hash:
000087ea2ffe94
Block Hash:
000044bf2efe32
Timestamp
Transaction
Transaction
Block Hash:
000057ec2fda71
Transaction
The journal records an immutable log of all transactions
and is maintained by nodes in the blockchain network
New Block Hash:
0000473acb123
13. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Blockchain components: Consensus mechanism
Some important attributes
ā¢ Byzantine fault tolerance requirements
ā¢ Transaction rate, energy consumption
ā¢ Hardware requirements
ā¢ Security
14. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Blockchain components: āsmart contractsā
Smart Contracts
ā¢ Rules embedded in app
ā¢ Verified execution of code
ā¢ Conditional operators
ā¢ Application writes to ledger
ā¢ Contract can interact with
components outside of the
blockchain network (off-chain)
Traditional Contracts
ā¢ Require human action
ā¢ Open to manipulation
ā¢ Verified an enforced by third parties
15. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Challenges with existing blockchain solutions
Complicated
to manage
Setup is hard Hard to scale Expensive
16. S U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon
Managed Blockchain
Fully managed blockchain service, supporting both
Hyperledger Fabric and Ethereum frameworks
NEW
17. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Ā© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Announcing General Availability of
Amazon Managed Blockchain
18. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Hyperledger Fabric available today and Ethereum
coming soon
AMB is now ready for production workloads with availability in US
East (N. Virginia)
ā¢ Customers can simply go to the AWS Management Console and
get started
ā¢ For more info go to https://aws.amazon.com/managed-
blockchain
19. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
What is Amazon Managed Blockchain?
Amazon Managed Blockchain is a fully managed service that
makes it easy to create and manage scalable blockchain networks
using popular open source frameworks:
Hyperledger Fabric and Ethereum
20. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Amazon Managed Blockchain features
Low cost
Only pay for resources used
Open-source variety
Support for two frameworks
Integrated
Send data to Amazon QLDB
for secure analytics
Fully managed
Create a blockchain network in minutes
Reliable & secure
Backed with Amazon QLDB technology
Decentralized
Democratically govern the network
21. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
How Amazon Managed Blockchain works
Amazon Managed
Blockchain
Create a network
Choose an open source
blockchain framework, set
up a new blockchain network
and your membership in
your AWS account with
just a few clicks
Invite members
Invite other AWS accounts to
join the network
Add nodes
Create and configure
blockchain peer nodes that
store a copy of the
distributed ledger
Deploy applications
Create and deploy
decentralized applications
to your network through
your per nodes. Transact
with other members on
the network
22. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Hyperledger Fabric
ā¢ Create permissioned networks with
channels to limit the transactions on
the ledger each member can see
ā¢ Chaincode (smart contracts) written in
Go and are executed in Docker
containers
ā¢ Validation policy for executing
chaincode is configurable
ā¢ Does not require a native
cryptocurrency for chaincode
execution
23. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Ethereum
ā¢ Create smart contracts using the
Solidity language that run across
nodes in the network
ā¢ Very scalable
ā¢ Create permissioned networks or use
public Ethereum network
ā¢ Configured to use Proof-of-Work
consensus algorithm for public
network and Proof-of-Authority for
private networks
ā¢ Anyone who can access the network
can see all data on the ledger
24. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Who āownsā the network?
ā¢ Networks are decentralized and can remain active even after the
initial creator leaves
ā¢ Inviting members to join: members vote on who to invite and remove
ā¢ Network-wide settings: members can vote on network-wide settings
and configure the actual voting rules (e.g., majority rules or one
member decides)
ā¢ Each member pays for their resources
ā¢ Amazon Managed Blockchain manages shared components like the
ordering service and networking settings
25. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
ā¢ Pay-as-you-go with no upfront costs
ā¢ Hourly rates billed per-second
ā¢ Each member pays for their own
resources and the data it writes to
the network
ā¢ VPC endpoints created to
access resource endpoints are
billed separately
ā¢ Standard data transfer rates
Pricing dimensions
26. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Starter edition and standard edition
Starter edition
ā¢ Test and small production networks
ā¢ Up to 5 members/network
ā¢ Up to 2 peer nodes/member
ā¢ bc.t3.small and bc.t3.medium
ā¢ Ordering service provisioned has lower
transaction throughput and availability
than that in a Standard Edition network
Membership pricing rate is different for each edition
Standard edition
ā¢ Production networks
ā¢ Up to 14 members/network
ā¢ Up to 3 peer nodes/member
ā¢ bc.t3, bc.m5, and bc.c5 instance families
ā¢ Ordering service provisioned has higher
transaction throughput and availability
than that in a Starter Edition network
27. S U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
28. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Transaction flow with Hyperledger Fabric
Verify policy
Peer-1
Peer-n
Transaction simulation
Ordering service
Submitting-client
2
5
6 Transaction delivery to peers
Transaction proposal1
Endorsement signature3
Broadcast endorsement4
29. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Augmented Hyperledger Fabric
Ordering service
ā¢ Core component of a Fabric network to guarantee delivery and
order of transactions
ā¢ Production grade networks using open source will utilize Apache
Kafka for this component
ā¢ Managed Blockchain uses Amazon QLDB technology, increasing
durability and reliability
Certificate authority
ā¢ Open source uses a āsoftā HSM
ā¢ Managed Blockchain uses AWS Key Management Service (AWS KMS)
to secure the Certificate Authority service
30. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Channels and private data for access control
Channels allow isolation of
transactions among specific
members in the network
Create or update a
channel with configuration
transaction (configtx)
Private data enables sub-
channel access control
Member 1 Member 2 Member 3
Channel 2
Ledger
Channel 1
Ledger
Hyperledger Fabric ordering service
Channel 2Channel 1
Member 2
Peer
Member 3
Peer
Member 1
Peer
31. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Endorsement policies
Endorsement policies allow
chaincode to specify which
members (or how many)
need to validate a transaction
before submitting
Endorsed transactions
then get submitted to
the ordering service and
assembled into blocks
Member 1
client
Hyperledger Fabric ordering service
Ledger LedgerMember 2
Peer
Member 1
Peer
1
3 2
1
3
32. Network 1 ā Managed Blockchain
VPC endpoint
VPC endpoint
Account A
Account B
33. S U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Customer use cases
34. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Customers are experimenting in many industries
Proof of Ownership
Digital Security Trading
Documents/Contracts
Enterprise Platforms
Financial
Insurance
Mortgage Loans
Voting Mechanisms
Patient Records
Corporate Governance
HCLS
Real Estate
Legal
Agriculture
Gaming
M & E
Transportation
Digital Advertising
Power/Utilities
Retail
Capital Markets
Cloud
OWNERSHIPPRIVATE MARKETS
DERIVATIVES
WAGERS
GLOBAL PAYMENTS
REMITTANCE
NOTARISATION
EQUITY
MICROFINANCE
INTELLECTUAL PROPERTY
TITLE RECORD
ESCROW
DIGITAL RIGHTS
E-COMMERCE
DEBT
CROWDFUNDING
P2P LENDING
HEALTHCARE
VOTING
TRUSTEES
SMART
CONTRACTS
DIGITAL
CURRENCY
SECURITIES
RECORD
KEEPING
BLOCKCHAIN
TECHNOLOGY
35. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Blockchain in supply chain
ā¢ Each organization has a
trusted copy of the
supply chain data
ā¢ Payments can be
automated through
smart contracts
ā¢ Identity of components
are immutably tracked
as they move through
the supply chain
ā¢ Quality of products can
be monitored and
immediately acted on
36. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Blockchain in financial services
37. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
āGiven our vast partner ecosystem, we are exploring the decentralization and
immutable tracking benefits of blockchain for potential applications in our
insurance business. We believe blockchain can improve the transparency and
efficiency for stakeholders in these networks to transact, while still maintaining
an independently verifiable lineage of activities. However, blockchain frameworks
are complex and difficult to operate. With Amazon Managed Blockchain, we can
now easily create Hyperledger Fabric blockchain networks to test and learn
without worrying about managing the underlying infrastructure, networking, and
software configuration.ā
āDaniel Johnson
CTO and Head of Innovation, Guardian Life Insurance Company
38. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Who is Singapore Exchange
A diversified exchange group that runs key market infrastructure including the Singapore
stock market and a pan-Asian derivatives exchange covering all major asset classes.
High annual dividend of 28
cents for the past 5 years
Strong cash-flow with
debt-free balance sheet
Anchored in Singapore, an
AAA-rated economy
London
Tokyo
Mumbai
Singapore
Hong Kong
Shanghai
Beijing
Chicago
New YorkSan Francisco
Headquarter
Office
39. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Singapore Exchange blockchain use case
Challenges with existing financial systems:
ā¢ Lack of trust between multiple banks for
settling trade transactions, and thus
require an intermediary financial institution
ā¢ Inefficient processes for sending data
across each other as extra hops result in
delays, especially for international transfers
ā¢ API divergence is expensive and
cumbersome to maintain as banks
communicate with each other using API
integrations from disparate systems
40. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Singapore Exchange blockchain use case
Amazon Managed
Blockchain
Benefits of implementing a blockchain
ā¢ Efficient transfer of data and transactions
without intermediaries
ā¢ Enables distributed trust and allows for
significant reduction in settlement time on
trade by trade basis
ā¢ Compliance enforcement through smart
contracts reduces costs (no more API
spaghetti across disparate banking systems
ā¢ Easy to add new participating members
41. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
About āa multiphase journey
Project Ubin is a collaborative project between Singapore Exchange, the
Monetary Authority of Singapore (MAS) and the industry to explore the
use of blockchain for clearing and settlement of payments and securities.
Source: http://www.mas.gov.sg/Singapore-Financial-Centre/Smart-Financial-Centre/Project-Ubin.aspx
Domestic Delivery
vs Payment for
Securities Settlement
Use of digital currency in
Real-Time Gross
Settlement (RTGS)
Achieved gridlock
resolution and liquidity
savings mechanism
(LSM) on a distributed
system without
compromising on
privacy
Phase 1 Phase 2 Current phase
Delivery vs Payment vs
Payment (DvPvP) for
Cross-border settlement
of payments and
securities
Payment vs Payment
(PvP) for
Cross-border settlement
Current Phase Future Phase
Trading Post Trade Clearing Settlement DepositoryCapital Raising
42. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Our pilot on
Amazon
Managed
Blockchain
Single region,
single country
deployment
Arbitrator
Fabric Certificate
Authority
Bank A
Peer Node
VPC Endpoint
Fabric Client
Node
VPC Endpoint
API Server
Fabric Client
Node
API Server
(Ordering Service)
Fabric Certificate
Authority
Bank B
Peer Node
Fabric Certificate
Authority
RMO
Peer Node
Fabric Certificate
Authority
Central Bank
Peer Node
Amazon VPC
PrivateLink
Blockchain X
Arbitrator
VPC Endpoint
Fabric Client
Node
API Server
VPC Recognized Market Operator (RMO)
Hyperledger Fabric Network by Amazon Managed Blockchain VPC Central Bank / FIs
VPC Bank B
Buyer/Seller
VPC Bank A
Buyer/Seller
Digital Asset Digital Currency
43. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Our conclusions
āHigher investor confidenceā
Design for arbitrator role
ā¢ Designing for arbitratorās role
provide avenue for recourse for
disputed transactions
ā¢ Maintains a central role to monitor
and facilitate market functionalities
Potential for round-the-
clock operations
Underlying DvP Design can be
further explored for cross-border
transactions where time-zone
differences could mean a delay in
settlement time, exposing
participants to unnecessary FX
fluctuations and principal risks
ā¢ Smart contracts can be used to apply
obligations and rights consistently
and coherently
ā¢ Compliance enforcement through
smart contracts reduces costs
āFlexibility to reduce Settlement timeā
Tokenized currency coupled with smart
contracts allows for significant reduction in
settlement time on trade by trade basis
1
2
3
4
5
6
ā¢ Distributed control prevents
account compromise
ā¢ Layered security with blockchain-
independent transfer of secret
Enhances investorsā security
Multi-Sig, off-chain, out-of-band
secure secrets
Project DvPās underlying design,
architecture & benefits can be scaled
for other asset classes beyond central
bank-issued digital currencies
including securities, corporate bonds,
commodities etc. and other investor
types such as retail etc.
Potential broadening of asset
classes & investor types
āConsistentlyā applied rights and obligations
44. S U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Summary
45. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Identifying the right AWS blockchain service
Owned by a single, trusted authority
Addresses core need of a immutable and
verifiable transactional log
Itās a database, so its fast, as it doesnāt
require consent from members
Amazon QLDB Amazon Managed Blockchain
No single owner of the ledger. Joint
ownership by multiple parties
Addresses core need of enabling multiple parties to transact
transparently and with trust with each other
Removes intermediaries when a group of members needs to
transact. So it makes business processes more efficient
Ownership
Addresses Need
Key Benefit
46. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Use AWSās managed blockchain service or other compute
services as the foundation for your blockchain infrastructure
Amazon API Gateway lets you
create custom REST API to power
your blockchain apps
Use CloudHSM to manage
blockchain participantās
secret keys
Connect IoT devices with
unique identities to a common
underlying data layer
Utilize S3 as your
off-chain data storage
for high availability
Perform analytics and gain
insights from your blockchainās
data in near real time
Leverage off-chain database
solutions to support blockchain
applications and store metadata
Send notifications or leverage serverless
compute to respond to events programmed into
blockchain smart contracts
AMAZON
EC2
AMAZON
ECS
AMAZON
S3
AMAZON
EBS
Blockchain solution building blocks on AWS
AWS
CLOUDHSM
AMAZON
REDSHIFT
AWS
LAMBDAAMAZON
DYNAMODB
AMAZON
KINESIS
AMAZON
API GATEWAY*
AMAZON
SQS
AMAZON
SNS
AMAZON
IOT
AMAZON
MANAGED
BLOCKCHAIN
AMAZON
QLDB
47. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
AWS blockchain customers
48. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Next steps
Learn more about our services!
Amazon Managed Blockchain (Generally available)
ā¢ Amazon Managed Blockchain webpage: https://aws.amazon.com/managed-blockchain
ā¢ Deploying a sample application: https://aws.amazon.com/blogs/database/build-and-deploy-an-application-for-
hyperledger-fabric-on-amazon-managed-blockchain/
ā¢ Documentation: https://docs.aws.amazon.com/managed-blockchain/latest/managementguide/what-is-managed-
blockchain.html
Amazon QLDB (Apply for preview)
ā¢ Amazon QLDB webpage: https://aws.amazon.com/qldb
ā¢ Preview sign-up: https://pages.awscloud.com/QuantumLedgerDatabase-preview.html
49. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Thank you!
S U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dr. Andrew Kane
Principal Solutions Architect
Amazon Web Services
50. Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I TS U M M I T Ā© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.