Blockchain

There were many exciting announcements at Consensus 2017, the cryptocurrency and blockchain industry's annual gathering. A particularly nice one involves the continuing marriage between a team of distributed systems experts from Cornell University and Intel SGX (software guard extensions). The latter is a set of new instructions from Intel that allows user-level code to allocate private regions of memory called enclaves.

Cornell's Initiative For CryptoCurrencies & Contracts (IC3) was demonstrating the newest version of "Teechain", an off-chain transaction protocol which uses SGX (incidentally, IC3 was not the only team touting interesting blockchain applications using SGX; watch this space for more to come).

Teechain can offer state channel-like transaction rates, while addressing the problem of transaction malleability: if you have any piece of data that can be altered in the transaction without having the transaction itself becoming invalid you have a case of malleability.

Payment channels offer a very powerful way to remove pressure from the blockchain by netting together transactions in series, while only having to place the opening and closing transactions on the blockchain.

However, transaction malleability means it is not safe to accept a chain of unconfirmed transactions because the later transactions will depend on the hashes of the previous transactions, and those hashes can be changed, up until they are confirmed in a block.

To counter the potential risk here, both parties would have to closely scan the blockchain for what the other is doing, and know what to look out for. A useful analogy would be cheque kiting, whereby a fraud can be committed when cheques are used as a form of unauthorised credit to make use of non-existent funds in a bank account.

Cornell associate professor Emin Gün Sirer said: "The problem until now has been that the existing solutions require changes to the blockchain, they require that the blockchain be non-malleable.

"The existing solutions are highly dependent on being able to watch that blockchain. There are rumours, claims that maybe you could get Lightning to not be dependent on this kind of thing, but I have never seen them properly specified; I have never seen them actually implemented.

"So everybody wants this non-malleability. It's a good feature to have, but it's one that wasn't being deployed."

Teechain, short for "trusted execution environments", uses SGX secure hardware to prevent this sort of cheque kiting, ensuring parties cannot manufacture or push old state onto the blockchain. It also achieves enormous speed ups in off chain transactions.

Gün Sirer said: "We are doing UK to US transactions at a rate of about 50,000 transactions per second. So that means a transaction every 20 microseconds. That's a lot of transactions. And you can be doing any number of these in parallel.

"So between any two parties it can do 50,000 tsx/s; in fact if the parties are closer together it can do even better than that, and it can do it with multiple pairs of participants at the same time."

So if the solution to scaling blockchains lies in hardware, why isn't everyone using this approach? "Partly because it's non-trivial to do that transition," said Gün Sirer. "You need to have some expertise on how to build software on top of these hardware platforms, and partly because the hardware platforms are becoming ubiquitous only now."

He also pointed out that signing keys to use Intel's SGX have not been given out willy-nilly; some major players in the blockchain space were denied the right because Intel did not trust them.

"Essentially you will be handling people's money so you need to be vetted, in this case by the manufacturer of the hardware platform. They don't want you using their hardware for malfeasance, building Ponzi schemes, say, and they don't want you writing bad code that will lose people's money."

In a nutshell, SGX hardware hardware allows the user to perform computations on the chip that are unmolested and that are guaranteed to be isolated from any and all malware. So even if there was a hacker on your machine, he or she could not get to the code that is running inside this encrypted enclave.

The other key ability is called remote attestation: the chip running this code securely in this enclave can prove to a third party what exact code is running. "So you can prove that to me that you are running the code I trust and now we have a basis for building up something much more complicated.

"Most complications in distributed systems stem from not knowing what the counterparties will do, and so the protocols get complex because you have to deal with anything and everything that the other party might decide to do at any time."

Gün Sirer said the Teechain solution would be good for Bitcoin, Ethereum etc. "We are quite excited about this. In fact it doesn't have to be for either of those things, it could also be for SWIFT; you could use it for sending money. They could probably use some of our techniques."