Risk Management

Blockchain APIs for a stronger performance

blockchain api

Blockchain APIs can bring stronger performance. Blockchains use what’s known as distributed ledger technology (DLT). This was originally developed as the accounting method for the virtual currency Bitcoin, nowadays they witnessed a growing interest for a variety of commercial applications. Although blockchain technology is primarily used to verify transactions within digital currencies, there is a growing use for its recording capabilities. The great thing about blockchain is that it is possible to digitize, code and insert practically any document into the blockchain. Doing so creates an indelible record that cannot be changed; furthermore, the record’s authenticity can be verified by the entire community using the blockchain APIs instead of a single centralized authority. A great plus for anyone.

How Blockchain APIs supports the accessibility to digital assets

There are six Bitcoin Developer APIs

  • Receive payments API: An easy method for websites to receive bitcoin payments
  • Blockchain Wallet service: send and receive payments from Blockchain Wallets
  • Blockchain data: Query JSON data on blocks and transactions
  • Simple Query: Simple plain text API for querying blockchain data
  • Web sockets: Subscribe to notifications on blocks, transactions or an address
  • Market data. Exchange rates on currency data from the major bitcoin exchanges

The programmable web lists 107 Application Programming Interfaces (APIs) that are built on top of the basic ones that allow you to access blockchain API capabilities. Some are bitcoin-specific, others are for cryptocurrency in general, while others are used for accounting, storage and so on.
Basically, the number of blockchain APIs that can be built on this public platform for all cryptocurrency transactions is unlimited.  However, they can all be categorized according to the range of applications that blockchain technology unleashes:

  • Smart contracts: Digital rights, escrow …
  • Securities: Equity, private markets, crowdfunding, derivatives …
  • Digital currency: e-Commerce, global payments, remittance, microfinance …
  • Record keeping: Intellectual property, supply chain, proof of identity, ownership, loyalty programs …

What if blockchain could help secure API integrations?

Blockchain has a distributed database with data replicated across many nodes and little to no privacy when it comes to data elements. The database (ledger) system is implemented with hashed b-trees, also known as Merkle Trees. The ledger is immutable. Blockchain can be public, private or hybrid. An interesting feature is the notion of a miner, which can be described loosely as a system verification mechanism driven by consensus across nodes. Blockchain has a complex math challenge, which you need to solve to get a key to post to the distributed ledger.
Some contend that the technical implementation of blockchain creates some challenges when it comes to APIs security. The ever-present problem is that blockchain has no notion of authorization. Blockchain requires a form of a digital identity that is required to post to the ledger. The identity of the user that created the transaction could be masked into a virtual identity, an abstracted virtual pool of hashed public keys.

Blockchain API as a mechanism of trust

APIs, with appropriate API Management, can provide security of data, as well as provide adequate user authentication and can manage the authorization required to access a given data. APIs, on their own, cannot provide the necessary trust in the data they deliver. Without such trust, the entire API, no matter how secure and efficient it is, would be worthless.
You could provide data, trusted because it has been verified over time on a blockchain, either to a third party who would aggregate it into their API or create your own API independently.

Another threat on Open APIs and indeed on non-open APIs is related to the trust or lack of trust on the data and services that the API is meant to provide.

Read more here about the threat on Open APIs here.