This article discusses the effect of the architecture of a web application on the internet user.

The article is part of a series starting with this article: Blockchain Foundations Part 1: Distributed, Decentralized and Centralized Computer Architecture

The articles are drawn from my book "Blockchain and Crypto Currencies Easy to Understand for Everyone, Thomas Bauer". Please refer to the part 1 article for a introduction to the blockchain foundations series.

How the Architecture Affects the Internet User

As already stated in the first part of the article series – we do not talk about network topologies and implementation. Rather we talk about the effect of the different basic architectural variations on the internet user. Let us analyze the effects by looking at a trading platform. A trading platform may be from the point of view of the sellers and buyers a centralized platform with intermediaries like eBay or Amazon. But in the sense of blockchain the trading platform could also be a decentralized distributed architecture without an intermediary. These two architectural concepts we will compare now

Privacy (Protection of the Data related to us)

• Centralized architecture: All data lies on the computers of the trading platform. In most cases the user of the platform cannot control how this data is protected, encrypted or used. Of course, there is a data protection act. But where are the data hosted? In your home country? In a computer center on a Bahamas island? Maybe your data is replicated worldwide. You cannot see what is happening to your data.
• Decentralized distributed architecture in the sense of a blockchain application: All data lies on every computer of the community. Everybody can see the data. Therefore, in a blockchain application encryption is used very intensively. Consequently, everybody can see that there are data. But we cannot assign this data to a person. And access to the data content is only possible with the corresponding private key. You will read more about encryption in subsequent articles of this article series. Every person should own the private key for the access to his or her personal data and nobody else. Then only the person itself can control who may access his or her data or parts of the data. One could even allow someone else to use the data without letting the other person know who he or she is. For example, for a study.

The need for data protection grows and grows. A centralized trading platform could allow any user to control who is using or seeing its data. Imaging a trading platform with an encrypted data storage and only the platform user may allow the usage of the data using his or her private key. For example, the platform user could sell its data for marketing research. But today, you won't find a commercial trading platform offering its users to control his or her data stored at the platform computers this way.

With a centralized solution, the user need to trust the trading platform provider for ensuring a complete privacy. With a decentralized distributed solution in the sense of blockchain everybody we need to care about out data ourselves. This maximizes privacy protection. But on the other hand, we need to care about our data and cannot leave this to someone else. If nobody can access our data without our permission and we lose our private key, then nobody is able to restore our data. And, if we are not careful with our private key, then undesired persons or companies may use it to access our data.

Identity Data

• With a centralized solution, the identity data are stored on the trading platform. Passwords hopefully are stored encrypted. History shows that is not done reliable in each case. There have been several big companies suffering password thefts. Of course, there are laws. For example, a trading platform must store a password encrypted and must not be able to encrypt the password itself. But does the law apply to the trading platform we are using in this moment? And does the trading platform comply with the law?
• With a decentralized distributed solution in the sense of a blockchain we make our data available for others or enable transaction processing with our private key. Only we have knowledge of this private key. Everybody can see that there is data and everybody can see our public key. But nobody can read our data without our explicit permission. We can do transactions in the network without anybody seeing our personal data. More details on private and public keys you will find in the chapter on encryption in this book.

The internet platforms more and more keep up with the growing desire for access protection. For example, two-factor identification has been establishing in the last years. If we are an Amazon user and we activated two-factor identification for our account, after the normal login using e-mail and password we get asked for a PIN. This PIN Amazon sends to a mobile device. A login then needs not only our e-mail and password. Our mobile needs to be physical available for the login.

A positive trend, of course. But our data is still stored on the trading platform's computers and we have nearly no possibility to control what will happen with our data. The trading platform has full access to our data. And we do not know how reliable the trading platform is in protecting our data against external attacks.

With a decentralized distributed system in the sense of blockchain the usage of private and public key leads to other challenges. The private key is long and nobody can memorize it. Hence it must be stored somewhere. We ourselves must care for the private key not to be stolen by someone else. And we must care for the private key not being lost. Otherwise everything, which was encrypted and stored in the blockchain using the lost private key, is lost forever. For examples Bitcoins are not restorable if the private key got lost.

Availability

• With a centralized trading platform, the programs run on the infrastructure provided by the trading platform. Each transaction between a trader and a seller runs on this infrastructure. If the computer center of the trading platform is not available, no trading will be possible.
• With a centralized distributed trading platform all participants in a transaction have all the data and programs, they need to run the transaction, on their own computer. No third party is needed.
  If a centralized trading platform gives up its business or gets bankrupt all business processes built around this platform will be no longer operable. Furthermore, the trading platform can suspend every participant. This may make sense to protect other participants. But this may also be arbitrary. Maybe a trading platform suspends a participant selling goods which are cheaper than comparable goods offered by the trading platform itself or by some premium seller.
  Of course, peer-to-peer solutions based on blockchains have problems, too. Everybody is even more responsible to rate the business partner he is going to do a trade with. The blockchain advantages (anonymity, independence from intermediaries, protected privacy) also help the dark shapes in the web to do trading.