About our IOTA based logging system for pact.online
Chances are that when you read or hear about distributed ledger technology (DTL) or blockchain, privacy and security concerns come to your mind. One reason for this might be the well-known illegal use cases of bitcoin at the beginning (e.g. Silk Road). Silk Road was an online black market and one of the first real use cases for bitcoin, best known as a platform for selling illegal drugs. However, looking behind these initial illicit use cases, the technology itself can actually lead to significant improvements in making future digital transactions more transparent.
Take for example the process of medication approval. In general, it involves multiple parties with different roles and objectives (e.g. patients, pharmaceutical companies, research institutions, clinicians and governments). The successful launch and use of a new drug requires that all of these parties trust each other along this process.
However, numerous issues have been reported such as:
- invalid consent collection due to unapproved forms or missing information (affecting almost 10% of the trials, according to the FDA) 
- document fraud and 
- untrustworthy underlying research (see for example “Why Most Published Research Findings Are False”) .
Distributed ledger offers a third party that anyone can trust, and no one can influence once the information is uploaded there. For example, once the patient gives consent to a study, this can be logged on the ledger and nobody can alter or change this log entry anymore. You could do the same with the anonymized results of the trial.
This might sound like a niche case, but it’s actually not. Every time you have a situation in which multiple parties don’t fully trust each other but need to work together, distributed ledger offers the perfect solution. Other use cases that could highly benefit from this additional transparency are for example: immutable tracking within supply chains, peer to peer energy trading, real estate records, or simply digital identity.
Since we believe that decentralized logging of data needs to take place feeless and almost instantly, we decided to use IOTA for the logging system of our prototype pact.online. The existing problem of long-term storage of the data in IOTA can be easily resolved by setting up a decentralized backup system (for example an IPFS cluster) or the involved parties just keep a copy of the “official agreement” since it’s probably in their interest anyway.
To make sure the log entry is created by the right person, we sign every log entry with a digital signature. Together with the public key of this transaction, you can prove to others that you are the creator or receiver of this transfer. Therefore, we’re currently testing the Elliptic Curve Digital Signature Algorithm (ECDSA) Secp256k1 to digitally sign the content of the message. It’s the same system Bitcoin uses . This signature algorithm allows us to include the log information as well as multiple signatures in one single IOTA transaction.