Using permissioned blockchains

1 Introduction

The application of blockchain in the media world is usually focusing on two domains: management of digital rights and non-fungible tokens (NFT). Nevertheless, blockchains can have other practical applications in the media chain. This paper presents two such scenarios. They illustrate the potential benefits of using a permissioned blockchain rather than a traditional distributed database.

2 Blockchains

My proposed definition of blockchain is “a blockchain is a secure distributed ledger.”

Thus, a blockchain stores the complete chronological records of transactions. Transactions are combined in a data structure called a block. Each block is cryptographically bound to its predecessor, thus creating a chain of blocks.

A blockchain is a distributed ledger by construction. No central server holds the blockchain. Every participating node has a complete duplicate copy of the ledger. A peer-to-peer network connects the nodes. Therefore, the blockchain offers high availability and resilience. There is not one point of failure in the system.

A blockchain is secure. Each issuer signs its proposed transaction. Each node validates every transaction according to validation rules defined by the blockchain’s governance. Once all the transactions of the block are validated, the nodes engage in a consensus protocol to decide whether to append the block to the blockchain. Once all nodes reach consensus, they add the new block to their copy of the blockchain. Consensus is the most complex element of the blockchain. Many consensus protocols are available. The two most famous ones are the Proof of Work (PoW) and Proof of Stake (PoS) Transactions are immutable. To alter an already recorded transaction, an attacker would have to modify the forged transaction block and adjust all subsequent blocks to maintain the cryptographic link. Furthermore, the attacker would also have to trick the consensus protocol into voting the forged fork as valid. Thus, it is reasonable to assume that the transactions are carved in stone

3 Actual use

Sony Pictures is exploring the use of blockchains in a Business to Business (B2B) context. As the use cases are exclusively in B2B, all the entities interacting with the blockchains will be known. Therefore, a permissioned blockchain was the appropriate choice. Blockchains like Bitcoin, Ethereum, or Solana are permissionless blockchains. Anybody can participate in it, is not necessarily trusted, and is relatively anonymous. A permissioned blockchain knows and trusts all its participants. Thus, its trust model is simpler than a permissionless blockchain. Consequently, the consensus methods are simpler, faster, and less energy-guzzling than PoW or PoS. We selected Hyperledger Fabric 2.2.

The first use case is Atheneum: management of theatrical release dates. Usually, movies are not released in every territory on the same day. The choice of releases depends on many parameters. International distributors distribute films in their respective territory. Each distributor is granted the right for a given set of countries. The smart contract of Atheneum enforces that the granted rights are compatible with the distributor’s territory and that the local release date is compliant with the studio’s decision. Atheneum supports multiple studios. A Decentralized Autonomous Organization (DAO) streamlines the enrolment of new studios and distributors into Atheneum.

The second use case relates to Digital Cinema. The secure distribution of movies to digital theaters encrypts the content into an encrypted container. Each authorized projector receives the decryption key in a message encrypted for the projector. Each digital projector has a unique public-private RSA key pair. This targeted encryption requires knowing a piece of information, the public key, unique for each projector. If this information is inaccurate, the projector cannot decrypt the movie, resulting in a black screen, otherwise an unauthorized projector could decrypt it, resulting in potential piracy. A Trusted Device List (TDL) maintains this list of public keys and their associated projectors. BCTDL is a blockchain that manages the public key of every theater's projector. Furthermore, the BCTDL smart contract implements a protocol that proves that a projector is really in the claimed theater.

“A decentralized autonomous organization (DAO) streamlines the enrolment of new studios and distributors into Atheneum”

All these blockchains use an in-house-developed framework: SPBF (Sony Pictures Blockchain Framework). SPBF simplifies the development of smart contracts and wallets by encapsulating and enriching the features of Hyperledger Fabric. For instance, it provides an RBAC (Role Based Access Control) for the smart contract designer. SPBF enforces that only the non-revoked issuers with the proper role can request some transactions. As the issuer’s signed public key holds the role, the RBAC is robust against forgery.

4 Why a blockchain?

The logical question at this point is whether to use a distributed database. The answer is: it could. Nevertheless, blockchains introduce many benefits over a distributed database. Following is a non-ordered list of advantages.

• The reader may have noticed that the two disclosed projects have a scope wider than one unique studio. They target a wide range of content producers. A blockchain is better suited for sharing operations/responsibility amongst different actors than a database. It is a shared, non-proprietary resource.

• Smart contracts are elegant and efficient methods to implement/enforce business logic in a secure, distributed manner. There is no one unique point of failure or attack.

• Blockchain inherently implements strong security, such as authentication of the issuer, non-forgeability of transactions, or traceability. Using a permissioned blockchain ensures that only known entities interact with the blockchain and perform only operations they are entitled to.

Blockchain also brings its set of issues. The most important one is that it is a relatively new paradigm.The industry is still at the bottom of its learning curve. Finding skilled practitioners is difficult. Some key issues are not addressed. For instance, protecting the entity's private key is entirely the implementer's responsibility. Indeed, this challenge is real for any security system but may be more critical in the scope of blockchains.

5 Conclusions

For most people, blockchains are intimately associated with hyped cryptocurrencies and NFTs. Fortunately, blockchains have practical non-monetary, applications without implying hyped concepts. We presented two such applications. In controlled environments, permissioned blockchains may be valid alternatives to permissionless blockchains. They offer the same resilience and immutability. They are faster, cheaper, and more secure than their permissionless counterparts. They enable competing organizations to collaborate without biding to a competitor’s system.