Blockchains use what’s known as distributed ledger technology (DLT). Originally developed as the accounting method for the virtual currency Bitcoin, they witness nowadays a growing interest for a variety of commercial applications. Although blockchain technology is primarily used to verify transactions within digital currencies, there is a growing use of it for its recording capabilities. It is possible to digitize, code and insert practically any document into the blockchain. Doing so creates an indelible record that cannot be changed; furthermore, the record’s authenticity can be verified by the entire community using the blockchain instead of a single centralized authority.
How Blockchain APIs supports the accessibility to digital assets
There are 6 Bitcoin Developer APIs
- Receive payments API: An easy method for websites to receive bitcoin payments
- Blockchain Wallet service: send and receive payment from Blockchain Wallets
- Blockchain data: Query JSON data on blocks and transactions
- Simple Query: Simple plain text API for querying blockchain data
- Web sockets: Subscribe to notifications on blocks, transactions or an address
- Market data. Exchange rates on currency data from the major bitcoin exchanges.
The programmable web lists 107 Application Programming Interfaces (APIs) that are built on top of the basic ones, that allow you to access blockchain capabilities. Some are bitcoin specific, others are for cryptocurrency in general, whilst others are for accounting, storage and so on.
Basically, the number of blockchain APIs that can be built on this public platform for all cryptocurrency transactions is unlimited. They can all however be categorized according to the range of applications that blockchain technology unleashes:
- Smart contracts: Digital rights, escrow …
- Securities: Equity, private markets, crowdfunding, derivatives …
- Digital currency: e-Commerce, global payments, remittance, microfinance …
- Record keeping: Intellectual property, supply chain, proof of identity, ownership, loyalty programs …
And what if Blockchain could help secure API integrations?
Blockchain has a distributed database with data replicated across many nodes and little to no privacy when it comes to data elements. The database (ledger) system is implemented with hashed b-trees, also known as Merkle Trees. The ledger is immutable. Blockchain can be public, private, or hybrid. An interesting feature is the notion of a miner, which can be described loosely as a system verification mechanism driven by consensus across nodes. Blockchain has a complex math challenge, which you need to solve to get a key to post to the distributed ledger.
Some contend that the technical implementation of blockchain creates some challenges when it comes to APIs security. The ever-present problem is that blockchain has no notion of authorization. Blockchain requires a form of a digital identity that is required to post to the ledger. The identity of the user that created the transaction could be masked into a virtual identity, an abstracted virtual pool of hashed public keys.
Blockchain as a mechanism of trust
In my previous post, I discussed the threat on Open APIs in the context of increasing data breaches. Another threat on Open APIs, and indeed on non-open APIs, is related to the trust or lack of trust on the data and services that the API is meant to provide.
APIs, with appropriate API management, can provide security of data, can provide adequate user authentication, and can manage the authorization required to access a given data. APIs, on their own, cannot provide the necessary trust in the data they deliver. Without such trust, the entire API, no matter how secure and efficient it is, would be worthless.
Here is where blockchain comes into play. You could provide data, trusted because it has been verified over time on a blockchain, either to a third party who would aggregate it into their API, or create your own API independently.