CTO Perspective: Blockchain and Source Code Security

Jacek Materna on October 8, 2018

Blockchain, cryptocurrencies, Bitcoin—what’s all the hype about? We know that blockchain is a newer, more secure way to keep track of things, like a ledger that is fully transparent and traceable. But what use cases have yet to be discovered and how can developers use it to incorporate more security into their current practices?

nasa-53884-unsplashOver the past few weeks, I had the chance to to speak at the BlockChainConf in Atlanta and BlockWorld in San Jose, and I wanted to share my observations. While it’s become quite a buzzword, it’s more than that, and something to be tracked and unpacked. There is some uncertainty around best-fit use case, but there is also a substantial opportunity for it to continue to revolutionize and disrupt well-established industries and drive security deeper into businesses.


Blockchain technology is still trying to “find itself”

First born in 2008, blockchain’s claim to fame comes from its role as the underpinning technology for Bitcoin, but it has evolved drastically. The decentralized nature of this ledger ensures that transactions and the information they carry are tamper-proof. It lends transparency to the way we do things. Its power lies in its ability to secure sensitive data while still making things transparent where needed. Because its coverage is massive, many industries are still trying to figure out how to incorporate blockchain into their businesses.

Crypto is no longer the driver of the blockchain
What’s clear, however, is that blockchain tech has surpassed its initial use case of crypto. Many industries could and do benefit from this type of tech. Health care is a big one. According to a recent study by the Ponemon Institute, health care is the most vulnerable industry, with 328 leaks (nearly 60% of all leaks in 2017) at an estimated cost of almost $1.2 billion. The obvious need for a more secure way to track and handle medical records is a reason health care is emerging as a blockchain adopter.


Additionally, the software supply chain is one of the fastest-growing use cases. Today, developers are pulling open source code down from the internet so they don’t have to write new code from scratch. They are using components, or packages, to create the finished products that enterprises are building and selling. All enterprises are in this position and have software supply chain in full effect. Blockchain will help assess how this open source code is being used, when it is being used and where it is being used so we can keep code secure.

Bigger players like IBM are now leading the community
Blockchain isn’t just for individuals trying to get rich quick. There’s real value, and it’s gained quite a bit of momentum. Even the largest enterprises, IBM included, have a vested interest. A recent study by Juniper Research out of the United Kingdom reported that 65% of large businesses are considering or are actively engaged in blockchain strategy. Industries including logistics, food and mining are either using the technology or planning to in the near future. Even the federal government is getting in on it. In the US, there are three upcoming bills entitled the Resolution Supporting Digital Currencies and Blockchain Technology, the Blockchain Regulatory Certainty Act, and the Safe Harbor for Taxpayers with Forked Assets Act. As reported in the, the proposed laws would support development of blockchain technology, as well as issue safety nets for taxpayers with “forked” digital assets.

All Blockchain devs use Git—but is it secure?
There are more than 22 million software developers in the world writing more than 600 billion lines of code each year. Developer numbers are growing more than 20% year over year. Source code management underpins the world of software development apparatus. Git is the most popular and widely used version control technology today. Blockchain is developed exclusively on Git, and while Blockchain boasts inherent security, what if the code it’s developed on is not? As it becomes more mainstream, there will need to be additional security measures in place to ensure this transparent ledger remains as safe as it currently is.

Overall, it's a watch-and-see market. Many projects don’t make the cut and fail relatively soon after their launch. According to the Bitcoinist, “More than 80,000 projects claiming to utilize blockchain technology have launched worldwide since Bitcoin’s underlying technology became the hottest buzzword in business. Of those projects, only a mere eight percent are still active, and the average lifespan of any given project is roughly 1.22 years.”

We are still in the early days of blockchain, and the landscape is ripe with opportunity for mass adoption. I’ll be keeping my eye on the space, especially as it related to software development and source code security. Check out my recent talk on blockchain from the BlockChainConf in Atlanta here.