Month: November 2018

Plasma-The Solution for Security and Scalability

The Scalability Issue

Blockchain always faces the trade-off issue between security and scalability. Though their PoW consensus protocol guarantees near perfect security, it also slows down the processing speed significantly.  Currently, the Ethereum processing speed is 15 transactions per second while Bitcoin is 7 transactions per second. Both platform’s processing capacities are nowhere near Visa’s processing speed of 45,000 transactions per second. Furthermore, the increase in the number of dapps deployed on the main Ethereum main chain has caused congestion and slows down transactions tremendously. One of the most famous cases is Cryptokitties, it clogged up the Ethereum network in just a few weeks of deployment due to its unprecedented popularity.

In seeking a viable solution to the scalability issue, Vitalik Buterin and Joseph Poon have joined hands in conceptualizing and developing Plasma, a framework that can scale Ethereum processing power.  Joseph is also the co-founder of the Lightning network, a framework that has greatly increase Bitcoin processing speed. Both plasma and Lightning network are trustless multilayered blockchain networks.

Plasma

Plasma is a  system that comprises the main blockchain and the ‘child blockchains’ that branch out from the main blockchain(aka parent blockchain or root blockchain). The child blockchains can co-exist but function independently from the parent chain and each other. 

The Plasma system allows anyone to create their own child blockchains a.k.a plasma chains with their own smart contracts. Therefore, the Plasma system enables the creation of all kinds of use cases based on different business logic in their smart contracts. To ensure security, the root chain monitor and enforces the state in all the plasma chains and penalize the bad actors if there is proof of frauds.  In this way, the Plasma system makes off-chain transactions possible while relying on the Ethereum main blockchain to maintain its security. 

The Plasma Structure

Actually, the Plasma architecture is like a tree structure with the main Ethereum blockchain as the root. The child blockchains then branch out from the root blockchain, similar to branches grown out from the root of a tree. Every child chain, in turn, can spawn new child chains, the process can go on.  Therefore, the plasma structure constitute a hierarchy of blockchains,  as shown below:

Plasma Blockchain Structure

How does Plasma Works?

Plasma can greatly increase processing speed and throughput on the Ethereum blockchain because it allows off-chain transactions, similar to the payment channels of the Lightning network and other off-chain technologies. All the off-chain techniques take operations away from the main Ethereum blockchain.

State Channels

The concept of Plasma was derived from State Channels but improved on the latter. State channel works by creating an off-chain communication channel (a.k.a state channel )where transactions are not sent to the smart contract on the main chain, instead, they are sent through the Internet without touching the main blockchain.  It is only after all the transactions have been completed (for example, a crypto game has finished) that the final state is sent to the smart contract on the main chain, closing the channel in the process. The smart contract will check the legitimacy of the transactions and release the asset (such as some ETH or a prize) to the recipient. 

The state channel technique can improve scalability because it can reduce the number of transactions on the main blockchain. For example, a crypto chess game played between two players may involve hundreds of moves, which means hundreds of transactions will be executed on the Ethereum blockchain. However, if we use the state channel, we need to execute only 3 transactions that include registration of the players to initiate the game, submission of the final state to the blockchain and closing the channel. 

Steps in Implementing Plasma

Plasma works in a similar way but with a different approach. Instead of creating the channels, it creates the child blockchains, as illustrated earlier. Smart contracts are created on the main Ethereum blockchain(The root chain) and they  define the rules in the child blockchains. In other words, the smart contract serves as the root of the child blockchains. The child blockchains can employ their own consensus algorithm, such as proof of stake.  The blocks validator will submit the state of the child chain to the Root Chain smart contract periodically. The smart contract will register the state of each Child Chain in the form of block hashes of the Child Chain.

We can illustrate how Plasma works by examining a crypto game such as crytant crab or cryptokitties. The smart contract on the main chain will set the rules of the game, then deploy the actual game application smart contracts on the child-chain, which contains all of the game logic and rules.  The game assets such as characters or collectibles are created on the Ethereum main chain and then transferred onto the child-chain using the plasma root.  When the players play the games, all the executions are confined to the child chain, without interacting with the root chain. 

Plasma Exits

Plasma Exits is a  security mechanism behind Plasma that allows users in a Plasma Chain to stop participating in the chain, and move their funds or assets back to the root chain. When a user wishes to exit a particular child chain, he or she needs to submit an exit application.  The application is not immediately approved because a proof is required. This waiting period is called the challenge period, which means anyone can challenge the user’s claim by submitting a fraud proof. If the challenge is not valid or there is no challenge, the application will be approved and the user can exit and collect back his assets or funds.

Plasma is still evolving and now the Plasma team has come out with the improved version of Plasma known as Plasma cash.  We shall discuss this new version in coming articles.

References

ETHKL #5 : Security Audits & Scaling

The meetup was at HelloGold office , KL on Friday 23, Nov.

Speakers:

  1. Petar Tsankov-Chief Scientist/co-founder of ChainSecurity AG & Senior Researcher at the ICE center. ETH Zurich. 
  2. Andras Kristof- Founder and Advisor of Akomba Labs
  3. Lai Ying Tong- Researcher at Ethereum Foundation
  4. Ken Chan

The session began with Ken Chan introducing the audience about Zero-Knowledge Proofs. I was sure many developers among the audience understand what it is but the concept sounds strange to me. Fortunately, Ken was good in demonstrating the concept by using the scenario of the American presidential election involving Trump and Clinton as well as a “live demo” with Harith of HelloGold as the co-actor.

Apparently, the Zero-knowledge proof method, or more exactly zk_SNARKS, is a consensus protocol used by Zcash to validate its shielded transactions that are fully encrypted on its blockchain. According to Zcash(https://z.cash/technology/zksnarks/), the acronym zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge,” and refers to a proof construction where one can prove possession of certain information, e.g. a secret key, without revealing that information, and without any interaction between the prover and the verifier.

Zcash further pointed out that “Zero-knowledge” proofs allow one party (the prover) to prove to another (the verifier) that a statement is true, without revealing any information beyond the validity of the statement itself. For example, given the hash of a random number, the prover could convince the verifier that there indeed exists a number with this hash value, without revealing what it is.

Ken illustrated the process of Succinct and Non-interactive using a diagram, where the prover begins by generating a proof string and then the verifier needs to verify the proof string, as shown below:

The above process is actually more complex than illustrated in the diagram. According to Zcash,  zk-SNARKs work by first turning what you want to prove into an equivalent form about knowing a solution to an algebraic equation, as follows:

Computation → Arithmetic Circuit → R1CS → QAP → zk-SNARK

Here is an example of what an arithmetic circuit looks like for computing the expression (a+b)*(b*c) :

Diagram Adapted from Zcash

The output is then verified by the verifier. However, Ken pointed out that the process might be compromised by some malicious codes which he called toxic waste that produce false proofs. Ken concluded with the following points:

Why ZK SNARKs?

  • Strong cryptography research by Zcash team
  • Math-based- not coin joining
  • Short proofs

Why not ZK SNARKS?

  • Trusted setup for every contract
  • No transparency for counterfeiting
  • Computationally expensive

Next, Dr.Petar from ChainSecurity discussed the importance of security audit. His topic was “How Not to get Hacked”. ChainSecurity is a smart contract auditing platform. They can identify security vulnerabilities and certify the functional correctness of smart contracts and blockchain projects. 

ChainSecuity has developed an Audit platform that can perform Automated Security Check on smart contracts. This platform can test and audit both Ethereum smart contracts (Security Scanner)and the Hyperledger Fabric chaincode(Chaincode Scanner).

According to Dr.Petar,  more USD$1 billion have been stolen this year due to crypto hacks. He stressed that writing secure smart contracts is difficult.  Developers might fail to see bugs and security flaws, therefore we need to audit the smart contracts.  However, currently, most audits are done manually and tend to miss many issues. Furthermore, in the post-development stage, most anomalies are invisible. 

To work around the aforementioned issues, ChainSecurity has developed some AI-based automated tools to help in every stage of smart contract lifeline. At the developmental stage, the automated tools will assist in certifying the correctness of the code. At code audit stage, the machine-checked audit will generate the audit report by committing the smart contract onto the Audit platform which runs security auditing using the security scanner, the symbolic verifier and the AI-based Tester. Finally, in the post development stage, there are monitoring tools to help track the smart contract health.

More information on security audit can be found on ChainSecurity website.

The final topic was scaling presented by Andras Kristof and Lai Ying Tong.  This is a topic where all Ethereum enthusiasts are concerned about. According to the speakers, the solution is to develop a two-layer architecture. Layer 1 is called serenity which comprises sharding, casper, random beacon, and p2p networking. Layer 2 comprises payment channels, state channels, sidechains, and plasma. The solution also comprises succinct proofs using snarks and starks. Furthermore, there are more integrations that include swarm, light clients and client optimizations.

In more details, the layer 1(serenity) structure includes the Main Chain(provides staking and PoW), the Beacon Chain((provides random number and PoS), the Shard Chain(provides data) and VM(provides state execution result).

For the payment channels, there are two channels, the Open Channel and the Close Channel. The transactions include blockchain transactions and Off-chain payments. Besides that, Lai also spoke on payment channels on the lightning network. The layer2 solutions are to move state-modifying operations off-chain, which include payment channels and state channels.

Besides that, Lai also covered topics on sidechains, plasma mvp, morevp, swarm, light clients and more. These are heavy topics and I shall discuss them in future articles.

A Wrap-up of Blockchain And Cryptocurrency Conference 2018

I am trying to summarize a bit of the Blockchain and Cryptocurrency conference 2018 (from 13th to 15th Nov 2018) but it is far from comprehensive as I missed out the first day programmes. Besides that, I  couldn’t capture all the mind-boggling stuff delivered by the elite speakers, all of them are crypto experts! I am sure all the participants benefited immensely in one way or another unless they slept   through the sessions.

The conference was co-organized by Twinintel, QF4 Tech Asia and Blueshare. The venue was at the impressive five-star Sheraton Imperial Hotel located at Jalan Sultan Ismail, Kuala Lumpur. The event was very well organized and the speakers’ line-up is simply overwhelming, kudos to the organizers!

The topics were very comprehensive and catered for everyone needs, be them crypto investors, tech-savvy nerds, govt officials, regulators(maybe hiding among us), academicians, and students etc.  I would say there were not much marketing hypes about ICO, mostly educational.  The topics covered ICO, ISTO, Crypto analytics, Blockchain training, Blockchain standards, Blockchain smart cities , fundamentals and more.

I was particularly impressed by the cool topic “Predicting Cryptocurrency Exchange Rate with AI and social media” delivered by Dr.Tim Frey.  I like forecasting the future as it is my personal interest , that was why I watched all the back to future and time machine movies. I learned how Dr.Tim used Twitter’ tweets (or rather gossips) as the data for his forecasting model, which gives an impressive level of 70%-90% accuracy. Maybe One day we can develop a forecasting model that can deliver 99% accuracy.  I believe by using AI machine learning we can achieve that goal. I managed to catch up with Dr.Tim at tea time to get more insights from him. According to him, it seemed 90% of the audience couldn’t grasp the concepts, I am not too sure. I myself don’t understand much too. For example,  I don’t know what the heck is Kappa Architecture, I am sure our computer science experts can understand better.

Dr.Sindhu illustration of Crypto banking was an eye-opener.  I like the diagram that showed clearly how various components from KYC, front-end app, ledger, and the blockchain’s bank wallet are connected to the bank’s backend. It showcases a banking model for the future crypto transaction. we also learned about the Microsoft, Ethereum and R3 11 banks experiment on simulation an exchange of value on the blockchain. The banks involved were HSBC, Credit Suisse, Barclays, Wells Fargo and more. Very useful for a case study. In addition, he also highlighted the advantages of using Blockchain in the banking industry:

  • Transparency
  • Less Labour intensive
  • Disintermediation
  • Tamper-proof
  • Nearly instantaneous

However, there are also some key challenges , as follows:

  • Privacy
  • Integration
  • Threat of Rivalry
  • Energy Consumption

I couldn’t remember who spoke on steps in launching an ICO but the points given were super good. According to him, the steps in doing an ICO are as follows:

  1. Decide if an ICO is suitable for your business
  2. Adviser reach out and on-boarding
  3. Get legal opinion
  4. Create a light paper/whitepaper/deck for your ICO
  5. Private sale or an angel investment to develop the MVP
  6. Create the product
  7. Create a token
  8. Create a community and buzz
  9. Getting your token out on an exchange

He further showed us the shocking statistics that 81% of the ICO projects were found to be a scam scheme. Out of the genuine ICO projects, 6% failed, another 5% gone dead and only a meagre 8% proceed to trade. Therefore the ICO projects are not as rosy as what people claim.

Another speaker spoke on potential blockchain applications. He subdivided the potential applications into four areas, smart contracts, digital currency, securities and record keeping.

The speaker from Cryptology gave advice for those who intend to start an ICO project. First of all, he reminded that blockchain is not a get rich quick scheme. It is about the distribution of trust. Secondly, do not just explore blockchain technology just because it is hot or trendy. Think in terms of how the product or services can benefit from it. Finally, bear in mind that the most successful companies are those who can accept and adapt to constant changes.

Miss Daphne Chong, the CTO from Logistics Worldwide Express and a director of Woman Who Code KL explained how blockchain could disrupts the supply chain and logistics industry. She emphasized on the advantages of implementing blockchain  in supply chain and logistics in terms of

  • Efficiency-less paperwork, elimination of the intermediaries
  • Transparency-price, ownership, location
  • Inventory tracking, quality control
  • Disputes settlement, reduction in cost of regulations and compliance

Last but not least, Mr. Fattah, the chairman of Malaysia’s National Standards Committee on Blockchain and Distributed Ledger Technologies told the audience about the development of Blockchain and DLT standards in Malaysia. He spearheaded the formation of the national committee and played a key role in putting Malaysia on the international scene. You can follow his blog https://fattahyatim.wordpress.com/ to learn more about the subject.

This is all about the conference that I can recollect, I welcome your valuable inputs if I have missed out anything important.