Forensic nodes are a valuable tool for the operation of consortium blockchains, bridging the gap between the trustless operation of a public blockchain and the closed nature of an enterprise one. Maintaining such a forensic/witness node requires an independent third party though.
Consortium blockchains implemented by well-known enterprises are emerging indicating that blockchain technology is getting mature even for enterprise-level adoption. Public blockchains’ operation is based on a zero-trust model: there’s no need for trust between the parties co-operating on the blockchain. Consortium blockchains are different, therefore conflicts of interest might arise among involved companies. Blockchain nodes operated by a trusted third party (aka forensic/audit/witness nodes) can dissolve such disputes.
The first guidelines for forensic nodes to be implemented for blockchain technologies have been defined by the Malta Digital Innovation Authority.
The forensic nodes are meant to store all relevant information on the behavior of the Decentralized Application (dApp) as a whole in order to allow for continued assessment of the system and investigation in case a dispute arises. Any material changes are going to be backed up on the forensic node, which includes transactions performed on the blockchain as well as information and events relevant and accessible for the application in case it has off-chain components.
The forensic node, due to the nature of the information it contains, will not necessarily be an operational blockchain node.
The information stored on a forensic node enables a deep system audit of the dApps from security and functional perspectives and also can serve as a source for legal compliance requests.
Forensic nodes serve a vital role and will be an invaluable addition to the agreements between large and global corporations. However, in order for the purpose of the forensic nodes to be adequately fulfilled, the node should be maintained independently from the companies involved in the blockchain infrastructure.
The operator of the forensic node, as a trusted third party, has to take care of the followings so that information retained on these nodes can serve as an incorruptible database for an audit trail of the system runtime:
- All relevant data and events should be recorded in real-time on the forensic node so as to eliminate the risk of omission or corruption.
- The information on the forensic node should be written in a manner that ensures its accessibility and accuracy without the risk of any alteration or deviation from the original version. In short, no data can be deleted or altered in any way.
- All processes should be in place to ensure access to information is timely and can be proven not to have altered the information or deviated it from the original format in any way.
Once the above requirements are met, the forensic node can serve with valuable information in the unlikely event of any dispute between the parties involved.
Following the regulation of the Malta DIA, it is recommended that other countries emulate this innovative step to facilitate secure collaboration between corporations.
The blockchain division at TrustaaS provides security audit, consultancy, operations and development services for enterprise clients looking to implement blockchain-based projects. With our extensive track record in multiple industry verticals, we are uniquely qualified to maintain forensic nodes as a trusted third party.
Contact us now to get immediate guidance how to benefit from applying forensic nodes in your permissioned blockchain implementation.
