It all started in early 2009 when the first bitcoin block was mined, and the first reward of 50 BTC was collected. We called that a blockchain, and we loved a lot it’s currency, the Bitcoin. Well at least until the big downspin of 2018. But that’s a discussion for another time.
Now, what is the best way to define a blockchain? I would say that arguably the best definition is the following: an immutable, append-only, transaction log.
Let us also take a closer look at how participants can join the network. There are no restrictions, and anyone, at any time, can download the entire ledger and start mining. These types of blockchain are called permissionless. In this category falls Bitcoin, Ethereum, Litecoin, and so on. They are also built with anonymity and transparency of identities and can have slow performance and scalability issues.
You might see where I am heading.
When you develop your business model, depending on your needs, you might be looking for a more ‘managed’ ecosystem.
Enter permissioned blockchains.
They are closed-loop ecosystems where all entities are defined and preapproved. The concept of mining and cryptocurrency does not exist most of the time. More important, they solve many scalability and performance issues of permissionless blockchains.
A good representative of this category is Hyperledger Fabric. It is a blockchain framework which allows components such as consensus and membership services, to be plug-and-play.
Hyperledger Fabric focuses on use cases for enterprise use. Therefore it’s participants must be identified, and each entity or transaction have attached a certificate managed by a central authority.
Ok, so we have permissioned and permissionless blockchains. Which one is better?
The answer is neither. When you design a solution, the scope will point you to the right decision.
There is no such thing as a perfectly secure technology, and the permissionless blockchain is highly vulnerable to data manipulations and collision attacks.
Of course, permissioned systems are not perfect, but at a minimum, they have an entity who is in control and can mitigate the risk of malicious transactions.