> if the blockchain can protect access to anything on the chain, should't it be enough to store the key to encrypted data on the chain, without the data itself?

No, I mean, think of an open source game. You have both the code and the data. Say it's a fighting game.

The game only has effective power if your interest lies entirely within the game. If what you want is to beat a friend in a match then you must act within the game's rules -- use the controller, use the provided moves, and win by applying your skill.

But if all you want to do is to watch the ending cinematic, then you can escape the game's rules. You can just read the source, find the right file, and decode the ending cinematic. You can skip the requirement to finish the game or to play in hard mode. You have the code and the data, so you can break the rules.

Blockchain stuff is like that. So long what you want is within the blockchain and nowhere else, the blockchain has power.

You can store encrypted data on the chain. But since the data is public and the code is public, you can always bypass the chain. You can just take the secret, feed it yourself into OpenSSL, apply the decryption key, and bypass whatever stats accounting/etc might be part of the smart contract.

> sure, once you decrypt it, you can potentially copy it, but that's not a failure of the blockchain, because the same is true without it. the blockchain has other benefits here.

It doesn't have any, it only has weaknesses. A standard webserver would be stronger, because a webserver can work with secrets you can't access. A blockchain is by definition open code, and works with open data. It can't keep any secrets from you, or to reach into any private storage.