DotLedger: blockchain reimagined
Our end-of-term report on blockchain would read, “Could do better”
In order to deliver undoubted facts across a widely distributed user base, the two factors we needed most were security and immutability. The former is an obvious consideration - we’re managing highly sensitive and confidential data. But immutability is just as important; we’re creating an evidential audit trail, and to do that we have to ensure that the information we provide hasn’t been altered in any way.
And this is where we began to notice the chinks in blockchain’s armour. Its security, while far beyond any conventional database, isn’t as impenetrable as initially believed. And millions of dollars’ worth of crypto currency have been stolen as a result.
Having found a need for improvement in protecting data, we went on to find other issues. Then looked for ways of fixing the problems. The answers required a clean-sheet rethink of the way data is stored and secured. The result was a federated ledger that could provide beyond-blockchain security from as few as two nodes.
What is DotLedger?
DotLedger is a patented data storage system that combines - and improves upon - the best features of blockchain while avoiding its shortcomings. It reinvents distributed ledger technology to create a federated ledger, which has subtle but important differences.
Like blockchain, it’s immutable; data stored in it can never be changed. It can be superseded by subsequent grains, but the original data remains and can be audited.
Unlike blockchain, in which all data is essentially shared publicly across the network, DotLedger’s federated architecture allows for data to be held privately in-region . While private blockchains are possible, localisation significantly reduces their security; DotLedger suffers from no such compromise. But it also federates freely with all other private nodes, allowing controlled data sharing right across the network.
DotLedger is available as the core of our eKeyiD platform, or as standalone, ultra-high security storage for your data.
Why is it different?
It’s compact: Rather than the huge network of computers required by blockchain, DotLedger can work with as few as two nodes. As a result its energy footprint is vastly reduced. That’s good for the environment and for your running costs.
It’s self-contained: Blockchain uses thousands, or even millions, of donors who provide processing power in return for a reward, usually in crypto. This isn’t needed by DotLedger, adding another saving.
It’s available: A standard blockchain needs to be network-connected all the time. If there’s a network failure, your data is unavailable. DotLedger can operate temporarily offline, resyncing itself when it reconnects.
It’s connected: DotLedger’s federated architecture means that every client can use their own private node, located in the jurisdiction of their choice, while still maintaining interoperability with every other node.
Many jurisdictions require that personally identifiable data be stored within the region. That’s not a challenge for a conventional database architecture, but undesirable in blockchain technologies. Their resistance to penetration is based on the largest possible network; a private chain suffers from a vulnerability known as localisation, where fewer participants make penetration significantly easier.
DotLedger’s interlocked record structure provides a higher level of security from just two nodes, so it’s easy to hold all data in the region of choice.
Compliant privacy
Interlocked security
The diagram here shows how DotLedger builds its security. In this example we show the ledger’s minimum of two elements (connected machines), though there’s no upper limit to the number of connections.
A chunk of data (grey) is added to either element - it doesn’t matter which, but let’s say it’s element 1. The data is deeply encrypted before storage and copied to element 2, along with a checking code, Element 2 locks the chunk with a new code, which it returns to element 1. Element 1 now locks its chunk with the received code. Each element now holds its data, its own encoded checksum and the encoded checksum of the other element.
A new chunk of data (orange) is added to either element. Once again, codes are generated and exchanged. This time, however, each element also exchanges codes with the previous block.
And so the process continues. The total security of the system multiplies with every new piece of data, as it deepens the locking of its connected elements and all previous chunks. Any change breaks the lock, allowing instant detection and isolation of the compromised chunk.
The DotLedger system is covered by a worldwide patent that has been cited by organisations such as Oracle, DocuSign, Seagate and LedgerDomain.
Together or alone
It’s your choice - and one you don’t even need to make
Small companies and occasional eKeyiD users generally need just to check in from time to time to manage their own information or check the credentials of a potential customer or supplier. That’s an easy task requiring no commitment or planning - they just log in.
Larger companies and banks often prefer to maintain separation from others, which is also fine. You can request your own DotLedger node, which can be located physically wherever you dictate in order to honour any jurisdiction stipulations.
Whichever you choose - and you can always switch if your needs change - you’ll still be able to share the data, that you want to share, seamlessly with other nodes or organisations not connected to the eKeyiD network. Your node is completely under your control and we support your developers with a full suite of meticulously documented RESTful APIs, backed by one-to-one advice from the platform’s creators.
DotLedger joins the dots
Apps and frameworks
As well as protecting the eKeyiD ecosystem, DotLedger is designed for you to create your own custom applications. To help you on your way, your node comes complete with:
JSON storage API to store public or encrypted JSON documents directly on the ledger
Document API for storing public or encrypted general-purpose documents directly on the ledger
Multi-document API that allows you to store document sets and share them from a single locater reference
Opaque record API for creating any type of custom application at will.
Beyond using these APIs or designing your own, you’re also free to use one of our ready-to-go application frameworks.
Your data - always
You always own, control and have access to the data in your node, even if you decide at some point to terminate our relationship. Adding or updating data requires a current DotLedger licence but, whatever happens, your archives remain safe and accessible¹.
You’re in control
Your data is protected by heavy encryption and accessible only by you or parties to whom you grant access. Neither CertiQi nor anyone else has access to the information unless you expressly grant permission.
1: You have permanent access to archives stored on your own DotLedger node. For information stored by CertiQi, you’ll have a reasonable period - usually three months after cessation of our agreement - to download and store your data.
The Data Vault
Access to DotLedger data is handled by the Data Vault. It uses a development of DotLedger’s patented security to control granular access to your valuable information. Data sharing is made possible by an intelligent system of data types, user roles and data keys, so that, for example, a transaction key can be freely published to allow supply chain or logistics companies to examine only relevant shipping documentation, while the same key might unlock full compliance detail to an authorised bank.
The vault records an audit trail of every document access to allow detailed investigation where necessary. It’s particularly useful for storage and secure sharing of data such as payment transactions, medical records and certificates.
Request a demo
We’d be delighted to walk you through DotLedger’s unique capabilities. If you’d like to see it in action and talk through how it could fit into your development plans, please begin by filling in the short form here.