AWS Database Blog

How Contura Energy built a letter of credit application on Amazon Managed Blockchain

This is a guest post from Sammy Jordan, Assistant Treasurer at Contura Energy, in partnership with Emile Baizel, Sr. Blockchain Architect at AWS.

In their own words, “Contura Energy is a Tennessee-based coal supplier with affiliate mining operations across major coal basins in Virginia, West Virginia, and Pennsylvania. We export metallurgical coal, a key raw material in steelmaking, to customers on five continents and approximately 25 countries.”

Contura will produce around 12 million tons of metallurgical coal in 2020, and roughly 7–8 million tons are destined for the export market. Contura used letters of credit (LC) exceeding $250 million in 2019 to facilitate their global trade. LCs help mitigate country and customer risk; however, the current process requires many layers of communication between Contura and their third-party agents, such as freight carriers and third-party logistics, that prepare several key documents, such as the bill of lading and certificate of weight for adherence to the LC. Every step requires manual activity and the use of a courier, which is inefficient, costly, and subject to human error. The end result of the LC process is confirmation by Contura’s bank, which ensures payment if the documents are deemed clean.

The following diagram illustrates a typical LC workflow, starting with Contura and their customer agreeing to the terms of a sales contract.

Problems and risks with how letters of credit are processed

Any discrepancies in the paperwork could lead to a delay in payment or a worst-case scenario where Contura loses the opportunity to deliver a vessel due to discrepant paperwork. Something as simple as a misspelled word can cause a bank to reject the document presentation. The presentation period doesn’t allow much time to correct errors with physically mailing documents back and forth to folks who may be in drastically different time zones and locations.

Why Contura looked at Amazon Managed Blockchain to address these challenges

Blockchain technology natively provides a shared, trusted, and verifiable ledger (the data store) for all parties involved in the LC process. Contura needed a blockchain network that supported private membership, which is why they chose to build this pilot on Hyperledger Fabric, with members including Contura Energy and one of their partner banks.

Fabric has native support for attribute-based access control, which allows enforcing business rules within the LC application, such as ensuring that only the bank can approve the LC presentation, or that only Contura can update the LC to indicate having collected payment on it.

Contura chose to run the blockchain network on Amazon Managed Blockchain for a few reasons:

  • It’s a fully managed service that scales automatically as needed and removes a lot of the heavy lifting needed to operate a blockchain network.
  • You can easily integrate Managed Blockchain with other AWS services. For example, the pilot used Amazon Textract to automate the document processing during intake, and also used Amazon Simple Notification Service (Amazon SNS) to notify users of important events that occurred in the blockchain network.
  • Managed Blockchain simplifies growing and administering the blockchain network. Network governance and inviting new members can be done via the AWS Management Console, and each member is billed separately based on their own usage.

The remainder of this post explores in more technical detail the following key areas of the solution:

  • Smart contract data and state
  • Providing full transparency to all parties
  • Creating an immutable and verifiable document store
  • Automated and complete audit logs
  • Automated discrepancy detection

Smart contract data and state

A smart contract is a business application that runs on the blockchain network. It contains business logic that reflects agreements made between parties. The smart contract is reviewed and agreed to by all parties involved (in this case, Contura and their bank) and deployed to the blockchain.

A smart contract reads and writes its data to the blockchain ledger. The data includes business names and addresses, the content and required specifications of goods being shipped, required documents (such as bill of lading or certificate of analysis), and important dates such as the presentation date before which the LC presentation needs to be sent to the bank.

The smart contract also contains current state information about the LC, such as where it is in the review process. The data and state information can be made available as read-only to certain participants, for example, providing Contura’s customers visibility into the current state of the LC without allowing them to make any updates.

Business logic is embedded into the smart contract to enforce certain business rules. For example, after Contura’s advising bank has completed publishing the terms of the LC data, those terms are locked in the smart contract and are no longer editable. When this happens, the contract state is updated to reflect that the LC is now awaiting Contura to receive and publish required documents as they receive them from various third parties.

Providing full transparency to all parties

With a fully paper-based system, it’s very difficult for all participants to gain visibility into the progress of an LC. Contura’s customers typically don’t see the LC documents until the vessel has already left port, and in the event that a customer or their bank identifies a discrepant document, there is a lot of operational overhead for Contura and their bank to review and correct this discrepancy. Meanwhile, the vessel is already underway and the clock is ticking, which lends urgency to resolving discrepancies as quickly as possible.

The pilot utilizes Hyperledger Fabric’s native support for attribute-based access control. This means that within the smart contract, you can enforce business rules based on the role and attributes of the user running the blockchain transaction. Contura’s customers, banks, and other third parties are given users with roles that have limited access. These roles are limited to read-only capabilities, which allows Contura’s customers to stay up to date on the progress of the LC, while being unable to modify any of the data.

Users are created and managed within Amazon Cognito and then associated, using Amazon Cognito custom attributes, with a user in the Fabric Certificate Authority (CA). Users created in the CA are assigned a role (for example, customer), which defines their permissions when issuing blockchain transactions. By using Amazon Cognito, users can authenticate using familiar user name and password-based authentication, while enforcing authorization based on the blockchain roles defined in their CA user profile.

Creating an immutable and verifiable document store

When using blockchain to store documents, you have the following assurances:

  • Documents are immutable and tamper evident
  • Documents can’t be deleted

Although it’s technically possible to store documents in blockchain, in practice this is an anti-pattern. You want to keep the size of the blockchain from growing too large because the size (disk storage) of a blockchain network impacts cost, transaction throughput, and the speed with which new members and peer nodes can join the network and synchronize to the latest block.

To design for these requirements, the documents are instead saved on Amazon Simple Storage Service (Amazon S3), a SHA-256 hash of the document body is generated, and this hash is signed with the user’s blockchain credentials. These are the credentials generated when the user is created in the CA.

The Amazon S3 URL of the document, its signed hash, and the signing user’s public key are saved in the blockchain ledger. A reader can verify the authenticity using these three pieces of data. They download the document from the URL and use the document content and the user’s public key to verify the signed hash.

To prevent deletion of the documents, accidental or otherwise, the S3 bucket is enabled with S3 Object Lock with Compliance Mode. This ensures the documents remain immutable and can’t be deleted before a specified date. Technically, a document could still be deleted if the entire AWS account containing the S3 bucket was deleted. To guard against this, you can configure cross-account replication for the S3 bucket, which would copy every document into other members’ S3 buckets.

The following code example shows how you generate the hash, sign it, and store this data on the blockchain:

const contentURL = <document url on S3>;
let content = <document bytes>; // Buffer of the document contents
const sign = crypto.createSign('RSA-SHA256');
sign.update(content);  // The SHA256 hash of the document

const publicKey = <user's public key>;  // This is generated from the Certificate Authority
const privateKey = <user's private key>;  // This is generated from the Certificate Authority
const signature = (sign.sign(privateKey, 'hex')); // The user signs the document

// Save these three attributes on the blockchain
const chaincodeArgs = {
    signature,
  publicKey,
  contentURL
};
await putDocumentOnChaincode(chaincodeArgs); // This function uses the Fabric SDK to write to the blockchain

Automated and complete audit logs

Banks are required to provide audit logs for an LC when asked to do so as part of an audit. Typically, compiling a complete audit history for an LC requires manually collecting all of an LC’s documents and their many revisions, and identifying where various updates to the LC and the documents occurred, when, and by whom. When processing LCs on a blockchain, because the ledger is immutable, it provides a complete history of all activity, down to the attribute level.

Some examples of blockchain activity include:

  • Contura’s bank creates an LC
  • Contura records the bill of lading date
  • Contura approves a certificate of weight document

Because the blockchain ledger is immutable and records cannot be deleted, it contains a complete history of all updates. Hyperledger Fabric provides a history service (getHistoryForKey) that lets you query for a key’s complete history. In the smart contract, each LC has its own unique key, so querying the history service for this key gives a complete history of all activity on that LC since its creation.

To offload history querying from the blockchain, and to provide more querying flexibility, such as by date ranges or activity type, the historic activity data is streamed into an external data store such as Amazon DynamoDB. Blockchain events are used to capture blockchain activity as it occurs and write the activity data and blockchain transaction ID of that activity into DynamoDB. The source of truth remains the blockchain ledger. The transaction ID is included in DynamoDB so that anyone, such as an auditor, can refer back to the blockchain to verify the authenticity of the activity data.

The following screenshot is an example audit log of an LC being submitted to the bank for approval.

Automated discrepancy detection

Automatically discovering discrepancies and raising alerts is a significant efficiency improvement for Contura. Each discrepancy can add days to the completion time of an LC, so identifying them as soon as possible is critical. The pilot includes a document ingestion pipeline built using Amazon Textract. When a document is received, such as a bill of lading or a certificate of weight, Textract parses the relevant content of that document. After the content is parsed, it’s validated against the terms of the LC for correctness and completeness. For example, it’s usually required that each document include the LC’s documentary credit number (think of this as a unique ID). This is one of the many things that is flagged by the automated discrepancy detector. When a discrepancy is found, Amazon SNS sends an email alert to Contura. The document ingestion and automated discrepancy detection happens when a document is received via email and also when it’s uploaded via the LC web application.

The following diagram shows the document ingestion pipeline and how alerts are triggered when discrepancies are found. The AWS Lambda function processes the digitized document contents, compares them against the LC terms contained in the blockchain, and raises an alert via Amazon SNS when discrepancies are detected.

Looking Ahead

The blockchain pilot is already helping Contura more effectively process letters of credit with their bank, but this is just the beginning. Future plans include growing the network to include Contura’s customers, their customers’ banks, and third parties such as freight carriers and third-party logistics.

 

About the Authors

 

Sammy Jordan is the Assistant Treasurer at Contura Energy. He enjoys spending time with his family on a bike or in a boat. He also relishes in reading history, watching soccer, and investing in the stock market.

 

 

 

Emile is a Senior Blockchain Architect at AWS. In his free time, he enjoys cooking, reading, trail running, and hiking with his wife and two year old daughter in the beautiful hills north of San Francisco.