Designing Cryptosystems for Supply Chain Management


As distributed ledger technology continues to be constructed, proposed applications thereof likewise proliferate. While cryptoassets appear to be slowly becoming more common in mainstream society, it is in blockchain’s application to supply chain management that distributed ledgers may sooner unobtrusively enter the everyday lives of the general public. The apparent support of large corporations lends this application a sense of legitimacy not afforded to fungible cryptocurrencies, tokenized securities, and other DLT use cases. One need not look further than to abundant reports from Big Four firms and Ivy League business schools to understand the corporate excitement surrounding the matter. As many such sentiments manifest as generalized calls simply for the use of DLT in supply chain logistics, this dispatch offers the Smith + Crown research team’s more nuanced analysis of specific distributed architectures and mechanisms applicable to the discipline.

Recently, VeChain announced the development of a pharmaceutical supply chain management system for Bayer China, a project to which it won the rights in a 2019 competition. The system, CSecure, is an independent, permissioned blockchain capable of storing immutable and privately-auditable records of supply chain movements and transactions. Developed using ToolChain, VeChain’s proprietary system for creating client-specific blockchains, CSecure works by allowing counterparties at a given point in the supply chain to publish transaction receipts, including batch numbers and timestamps, by digitally signing the receipts using private keys. While non-disclosure agreements make information on specific mechanisms scarce, CSecure will notably forego the use of non-fungible tokens to track and verify pharmaceuticals. The initiative joins a larger class of emerging supply chain management systems attempting to reap the benefits of blockchains’ immutability and auditability. Though each has its own specific mechanics, most projects can broadly be classified into two categories—publication-based or NFT-based—generalized versions of which this dispatch will evaluate.

Smith + Crown defines publication-based tracking and verification systems as those which rely on the submission of external descriptive data to a blockchain without directly employing a cryptoasset to do so. At a high level, as an item is transferred between parties at each point along the supply chain, timestamps, along with batch numbers and other unique identifiers, are submitted as a transaction within a block to be published on the blockchain. Each counterparty uses private keys to digitally sign the submission, which serves as an immutable record by which the item’s authenticity and chain of custody may be verified by parties later in the supply chain. While it is indeed possible to publish this data in its entirety, this method would impose significant costs: in a permissionless system, it would require a high number transactions and commensurate gas fees, and in a permissioned system, the resources needed to store distributed ledgers containing such data would be great. Further, on a public blockchain, such as Ethereum, maintaining confidentiality would require an encryption scheme and compromisation thereof would result in an irremovable, public copy of private datasets. Alternatively, it is possible to publish to the blockchain only a hash of a transaction data while storing the complete record in an off-chain database. Verification would remain possible, such that any party with access to the off-chain database may re-hash a record stored therein, matching it to that published on-chain to confirm its integrity; any alterations to the off-chain record will result in a different hash and indicate tampering.

A similarly popular proposal for integrating blockchain technology into supply chain management systems relies on non-fungible tokens, which, unlike fungible cryptoassets such as BTC, are non-divisible and entirely unique from one another. At a high level, an NFT-based supply chain management system would begin by minting an NFT whose unique digital identifiers correspond to relevant characteristics of an item moving through the supply chain. In much the same way that an individual CryptoKitty NFT’s code is observably translated into cattributes, aspects of this hypothetical NFT’s code would translate to information such as a batch number, an item’s classification and its quantity. After minting, the cryptoasset would follow the physical item as it moves along the supply chain, being transferred to and from the digital wallets of the item’s current custodians and serving an immutable certificate of authenticity.

Unlike publication-based methods of supply chain tracking, NFT-based systems require no off-chain information to be published beyond the token’s minting, as the NFT contains all relevant information about the item itself, and the transactions transferring the NFT provide timestamps, counterparty information, and proof that the transaction was digitally signed. To verify authenticity and chain of custody, one needs simply to read the NFTs code and follow its movement from address to address. There is no need for an accompanying off-chain database, which may lessen the resources required to establish and maintain the system as well as allow for more efficient transfers by way of smart contracts. While no off-chain database may require less resources to set up and maintain and may indeed allow for more efficient transfer via smart contracts, keeping all item information solely on-chain does present problems. Namely, the NFT’s immutability and continuity prevents item info from ever being updated in the event of damage or slippage, whereas publication-based methods allow a potential new, more accurate item description to be published on- and off-chain at each point in the supply chain and verified at the next.

Both publication- and NFT-based distributed supply chain management systems appear promising and may indeed embody similar traits; for example, both may be implemented on either a public or private blockchain, and both may be used in conjunction with physical identifiers such as RFID chips. However, publication-based systems may confer greater benefits when tracking and authenticating large shipments at the commercial level. In this scenario, parties are more likely to have the knowledge and resources to continually publish external data on-chain and maintain a corresponding off-chain database, and the inherent risk of losses in large, long-distance shipments may demand a level of flexibility not offered by NFT-based systems. In contrast, NFT-based systems may be more appropriate for tracking and verifying individual items such as pieces of art, where there is no risk of partial loss during shipment. These systems may further be advantageous at the consumer level, wherein ease-of-use is crucial to efficacy and implementation of smart contracts–enabling, among other functions, trustless payments and transfers–may lessen the technological burden on the consumer. Finally, NFT-systems appear superior in situations in which efficiency is prioritized over flexibility; conveyance of only native data and more streamlined smart contract capability best support such objectives. Ultimately, though, distributed supply chain managements should be designed in light of their strategic goals and the technological restrictions of their component cryptosystems, as is best practice in cryptoeconomic design.