I'm investigating this at my company so I can share a couple of ideas.
Our system is used by a series of companies to manage the performance of their supply chain (keeping this very vague to avoid breaching NDAs).
We generate reports which show the performance. as our system sees it. However, what if a supplier were to bribe us to change the report? I have heard third-hand of this happening before in our industry so that's not as crazy as it sounds.
And what if the client were to change performance criteria mid-way through a contract? The supplier might now be showing poor performance where this is totally unfair.
This is where a blockchain might be helpful. If we publish these reports to the private blockchain shared between us, the customer and the supplier, the customer can verify the blockchain at any time to prove that this has not happen. Finally, the supplier can see if terms are updated and this is permanently stored in the chain.
Effectively, if three parties might not trust each other, then blockchain might be a good option to keep people honest.
Assuming with blockchain you mean blockchain+PoW, I fail to see how it solves your problem. The gist of PoW is that so many people contribute work that it's difficult for any party to do more work than the other parties combined. PoW is essentially useless if three parties are involved.
Wouldn't a simple timestamping of documents work in this case? Either standard RFC 3161 service or publishing document's hashes on Bitcoin (via OP_RETURN transactions).
That is given that the data remains true at the point of data entry into the network. If the data entering the chain is bogus due to bribery, blockchain won't solve the problem.
I think that's addressing a different problem. There are two distinct issues:
1. Is the data correct?
2. Has the data been changed?
For many cases, 1) is not solvable in software.
I'm not sure I really understand why 2. is something best solved with a blockchain with a private group, but given people who have actually looked into this when I haven't think it's relevant means I'm probably missing something either on the requirements, difficulty to implement or features.
Well, in this case it is still a permissionless blockchain. But there are many use cases why we need private permissioned blockchains. For example Hyperledger Fabric is mostly used for different purposes. You can find some use cases here: https://www.ibm.com/blockchain/business-use-cases.html
There's also Quorum, the open source enterprise blockchain based on Ethereum. It's got privacy and zksnarks and pluggable consensus and a decompiler and a consortium and everything.
