I would be curious though know more about exactly what the threat model is:
My understanding is that block chain stuff makes it very difficult (Barring implementation flaws or possession of overwhelming compute power) to tamper with the contents of a ledger even in absence of a single authoritative record holder; but obviously doesn’t prevent cloning of valid stickers, or printing of stickers with values that we’re never actually issued, but which are structurally correct. The neat math also does nothing to keep certain actions from simply never being recorded(eg. the return case: if I do record that a unit was returned, good luck getting that record out of the ledger without anyone noticing; but if I simply keep it off the books, it will never be recorded in the he first place).
In this case, my naive impression would be that most of the points of failure would not be impeded by the block chain mechanism: the untrusted vendor can’t produce more fully legitimate units than they have been provided stickers(though the same would be true of simple serial numbers if only a specified range we’re authorized for production); and they can freely produce multiple units with identical tags or units with accurate-looking fake values. The latter will be detected and f the customer checks, the former leads to a race between two or more customers, since the system can distinguish between real and fake values; but not between the ‘original’ use of a real value and the subsequent printings of the same sticker.
For service/returns/other important product life events, there is the problem that the block chain only forces retention if someone makes the note in the first place.
I guess I just don’t understand how this is more reliable than a single authoritative record holder(Bunny’s company in this case) doling out ordinary serial numbers and product registrations. It’s mathematically cooler, however.
Obviously, my naive impression is worth way less than someone with experience in the matter, which is why this is intended to be in the form of a question: do I misunderstood some of the capability of the mechanism? Is it largely as I understand; but it turns out that most supply chain fraud actually falls in areas it covers? Are hopes modest; but the cost of trying corresponding low?
