If you’re buying diamonds or an artist hoping to get paid fairly from Spotify, thank Hyperledger.

Blockchain is one of those buzzword bingo terms that has been as hot as it has overhyped. Unlike some of these words — “cloudbursting” anyone? — after hearing Brian Behlendorf speak a couple of times and talking to him, I’m convinced that distributed-ledger technology deserves its fame.

Behlendorf is the executive director of Hyperledger, an open-source collaborative effort hosted by the Linux Foundation that launched in 2015. Behlendorf calls himself “chief diplomat” of the project, noting that 140 member organizations count on him to manage the budget and the governance around the developer community and vendor community.

He sat down with Superuser at OSCON to talk about the impact of distributed-ledger technology on open source and society as a whole. Here’s an edited version of our conversation.

How did you get involved with blockchain?

For about 10 years, I’ve had this disturbing sense that as the internet matured, more and more governments and businesses digitized all of their services and their systems. That was leading to a greater centralization rather than greater decentralization. Instead the internet started out as a very decentralized thing — people ran their own mail servers, they ran their own WordPress servers and Apache servers. That almost seems archaic now, but it still felt like a good principle:  it created a competitive and highly diverse ecosystem.  It always disturbed me to think about how much we were concentrating on one or a few services. I wondered, was it necessary to actually build something like an Uber or an Airbnb that was actually distributed? Did you have to be centralized?

I started to hear about blockchain around the same time, 2008 – 2009, but didn’t pay much attention to it.  Then I became a VC for a couple of years and started talking to some of these Bitcoin companies — and I was still very skeptical.  It was when I heard about the use case of land titles in emerging markets that I went, “Okay, wait.  There’s something different here.”

When there’s nobody you can trust to run a land title database you can run something like a Github repository, where every change that comes in gets seen by everyone else and that’s where the source of trust comes. That reminds me of open-source software.  That’s how we trust open source software is we know when stuff gets committed to a repo, everyone else can see it, right? Or should be able to see it. (If they’re not looking at it- if you’re a developer at an open source project and you’re not watching the changes, that’s a bad thing.)

So now think about automating that process. Think about a database that inherently has witnesses. Not looking to whether this is good code or not, but simply saying, “Yes, this is transaction #43. This is transaction #44,  #45.”  And if somebody tries to change history and change it, that would be obvious…

That’s what pulled me in. As I’ve started to pull it apart, I asked the question, “Do you need a cryptocurrency to make that work?” Because I was still skeptical…As I started to look at this, I realized that permissioned ledgers, are very much like how the domain name system works. The domain name system is a permission system.  We have registrars who manage them, right? In a permission system, you don’t have to have a cryptocurrency to fuel these consensus mechanisms- these distributed databases.  That’s when I woke up and said, “Okay, I want to know more and I want to be a part of helping make that happen.” The Linux Foundation launched Hyperledger around the same time, so I spent time with Jim Zemlin and others, immersing myself in that...

Sorry, it was a long story!

Where are the main contributions coming from?

IBM is a major contributor to Hyperledger Fabric, which is one of the eight projects. Intel is a major contributor to Hyperledger Sawtooth, which is a modular platform for building, deploying, and running distributed ledgers.  We have a startup called Soramitsu that also brought a project to us based in Japan. They contributed a distributed ledger technology called Hyperledger Iroha.  Another startup called Monax that recently brought an Ethereum-related project called Hyperledger Burrow to the organization.

Everyone of these projects, in our opinion and by our rules, has to become multi-vendor, multi-stakeholder projects.  We’re more than happy to have these major companies participating and involved, but everything they do has to be public. Every touch point has to allow for external- other companies to get engaged. There’s no “We built this inside, and then we pushed it out.” That’s not allowed.  They have to think of themselves as part of a larger thing now.  That takes time to engineer.

For some companies, like for IBM, this is a major technology benefit.  They are taking this to all their customers and saying, “We think you should reinvent how you do this and this through blockchain technology.” So they are investing heavily in it. They’ve got that vision and we’re working on getting that vision on other companies. A couple others have that, but this is a 20-year project.

That’s interesting – so the cycle is to get source code public. How much emphasis do you put on having the open source bits being functional projects?  It’s always hard to draw the line between which part is ready to run in your data center and which in the open-source world?  And how much of the value-added bits are for sale or fund the next cycle of release?

Part of that question is, “What’s the state of maturity of the different projects?” And then the other part is, “How much is it a complete solution to being able to build blockchain applications?”

So, to answer the first, many of the projects are still pre-1.0.  Hyperledger Fabric is on course to be 1.0 sometime in the next few months. Hyperledger Iroha and Hyperledger Sawtooth Lake are also trending towards a 1.0 release of their own.  Some of the projects are actually fairly mature, so we just brought in “Hyperledger Composer”  a visual tool to build blockchain networks. But, it’s still very much early days. This is like 1995 and the World Wide Web again…

There are different points of maturity, but with these systems, you have basically a way to express interesting functionality. There’s still a little bit of end-user interface you’d want to write when you’re talking to average consumers, but as a backend integration technology, this stuff is ready to go. This is not the kind of thing that’s only useful if you’re also using products from a certain vendor or certain other proprietary products. This is stuff that is as independent as the Linux kernel was. Linux kernel is still dependent on a lot of work to be done on top of it, but you could put it into your products and move on.

What’s the most surprising application you have seen so far?

There’s a couple of companies. One just got bought by Spotify that uses blockchain technology as a way to track performance rights in music.  When you play a track on Spotify or something like that, in theory, some fraction of a penny makes its way to the musician, some fraction of a penny makes its way to maybe the composer or other people who played a role in recording it. But these are not as formally tracked as you would imagine because it would actually require that the establishment of a rather large database. Some of the major organizations managing author’s rights, like, ASCAP/BMI are often very criticized because their algorithms for deciding who receives the payout is not very transparent. YouTube is not very transparent about the algorithm and how that maps to how much artists get paid.

So people are experimenting with embedding those rights directly into the works. And recording that in a blockchain – in a distributed ledger, so that anytime somebody is playing a track, it’s easy to look up and see where should whatever payment was derived for the performance of this, where should that be sent to? So that’s intriguing to me, though it’s still in an earlier state.  Something like the diamond-use use case is a lot more advanced…The diamond supply chain is being reinvented today through the use of a blockchain application. And that’s really cool. That’s really fun.

And how does that work?

That’s something that may be surprising to people when they understand this is how we fight the slave labor and conflict-free diamond is by a track and trace system like this. Moving to blockchain will make that so much more resilient- so much more hardened.

Do you see or have you seen anything that couldn’t be tied with a cloud or infrastructure as a service, or-?

Blockchain is a service. It’s definitely a thing…  The idea is that every one of these is a free-standing network. If the three of us decide we have a system of record we want to build, we can either run our own nodes on our own hardware, or you can hire IBM. I can hire Amazon, she could hire Azure. We should be able to run a network between us. The important thing is independent control of these nodes. You have your business. I have my business. She has hers. There’s no one party that can corrupt that.

Now we’re probably also still get those benefits even if we all use Amazon. Because as long as these are independently owned and managed through Amazon, then we probably would have pretty high security. But we’d have the highest security if we knew that this was actually truly distributed.  These are issues that are still being sorted out. We’ll probably have ratings agencies for these different business networks that will tell you how trustworthy is it. And that will be a function of the diversity of the network.  In that scenario, having multiple blockchain-as-a-service providers and not just one will be actually pretty valuable.

Do you feel like the barrier to entry for Hyperledger and, in general, blockchain technology is higher than in the Apache days?

Well, there’s so much more money out there in the world for technology. I mean software has eaten the world, right? Five of the ten largest companies in the world are pure play technology companies. And you could argue the other five actually are.  They just masquerade as a financial firm or something like that.

Or manufacturing.

Yeah. So, everything done.  If we were to say this is like 1995 and the web, well you didn’t see a billion dollars of investment into the web in 1995.

That was probably a good thing.  It probably would have been very awkward to take a billion dollars in at http 1.0. And with Mac Mosaic and the state of play at the time because it would have meant a lot of overlap, a lot of competing efforts.  I think we have competing efforts today partly because of that.  So, separating out from the noise- it’s almost a good thing that it’s so easy to start open source projects now…

Open source is very healthy right now. We’re a very fortunate spot in that the world has kind of moved to the principles we’ve been fighting for for 20 years. It’s not time to go to sleep on those though, it’s time to continue fighting for them.

There’s so much more open-source code available. Being open first seems to be common nowadays, like the Netflix’s approach with Spinnaker of “Okay, let’s see who else has the same problem. Let’s start by collaborating from scratch.” How do you see companies accepting and adopting- or adapting- to the open source development models?

You have to have open source competency skills to survive today. I don’t think there are many companies left that don’t have some major part of their business and revenue dependent upon or engaging with the open source…

Even inside larger companies, there are some teams who understand it very deeply because they’ve been there for 20 years, and other teams for whom this might still be their first.. So there is still a very strong need to continue to explain what the principles are –how you work in an open-source community…

What’s interesting about our membership, if you look at our roster, is we have companies like Airbus. Is Airbus an open-source company?  It’d be hard to say. Or Daimler. But talking to people there internally, they get it. They know that there’s this transformation for how software’s built, and how IP is built, and they need to have much more sophisticated viewpoint on it. They don’t necessarily have the muscle, like the reflexes we have now about to engage, but they want to build those.  So, part of what we do at Hyperledger is help them understand what that means.

Cover photo by: Emily