Scaling Bitcoin with Secure Hardware

We unveil a new technology for secure, high throughput, low latency Bitcoin transactions using secure hardware, on the current Bitcoin network.

Bitcoin suffers from a fundamental limit on how far it can scale. While the number of transactions sent per day has been growing exponentially since Bitcoin’s inception, the number of transactions the system can clear is firmly capped at 7 tx/sec under the best of circumstances, and at around 3.3 tx/sec with realistic transaction sizes. This means that, for example, if Venezuela were to switch over to Bitcoin today, every adult would be able to conduct at most one financial transaction every 72 days. And on the latency side, every non-trivial transaction would incur at least an hour’s delay.

There have been no shortage of suggestions to improve the scale of the protocol. One possibility is to increase the block size. While a reasonable stopgap measure, changing the blocksize does not appreciably improve latencies for confirmations. And a 2X or 4X increase in block size delivers at most a 2X or 4X improvement in throughput. Even a highly controversial 10X increase in block size would yield only one transaction per week for Venezuelans, still far short of the target. Another possibility, suggested in efforts such as Bitcoin-NG, ByzCoin, and Hybrid Consensus by research groups including ours, is to change the protocol to construct blocks incrementally over time, avoiding centralization bottlenecks. Quixotically, the practitioner community has been reticent about adopting these techniques or even acknowledging their existence during scaling discussions, reportedly because these proposals require changes to the underlying protocol.

Instead, most practitioners have focused on off-chain scaling, through a technique known as payment channels. Payment channels, such as the Lightning Network (LN) and Duplex Micropayment Channels (DMC), allow for efficient transactions in which two parties can engage in a large number of fund transfers off chain, only settling the net result on the blockchain. While this can potentially improve scale immensely, these protocols, also, require substantial changes to the underlying protocol. Specifically, Lightning Network implementations are vulnerable to transaction malleability, whose current proposed fix, SegWit, has become mired in controversy, partly as a result of its implementation complexity.

A New Solution

Secure hardware

We have developed a new scalability solution for Bitcoin, called Teechan. It is a new, practical, high throughput, low latency off-chain transaction protocol that can be deployed securely on the Bitcoin network, as it exists today.

Teechan is similar in design to the Lightning Network, save for one crucial differentiating factor: it leverages trusted execution environments (TEEs), that is, secure hardware components found in recent commodity processors such as the latest batch of Intel CPUs with Software Guard Extensions (SGX).

This key technology enables Teechan to provide surprisingly strong guarantees. Specifically:

  1. Teechan does not require any changes to the existing Bitcoin network; it is secure even in the presence of transaction malleability.
  2. Teechan is efficient: Payments are completed with a single message. Network latency does not impair its throughput.
  3. Teechan enables infinite channel reuse as long as the balance does not exceed the channel credit.
  4. Teechan is space-efficient, requiring only two transactions to be placed in the blockchain in total under all scenarios. As a consequence of lower dependence on on-chain transactions, Teechan is less open to attacks based on blockchain flooding.
  5. Consequently, Teechan lends itself to an efficient implementation. Our prototype achieves a throughput of 2480 transactions per second per channel, with settlement latency overheads of 0.4 ms.

The first feature alone is worth its weight in bitcoin, as this means that all the touted benefits of payment channels can be had on top of the regular, unmodified Bitcoin protocol right now, avoiding the thorny discussion around SegWit and its deployment. It’s worth explaining why Teechan is able to provide these features.

Power of Secure Hardware

Secure hardware

SGX is a set of instruction set extensions for CPUs released in Fall 2015 and available on recent CPUs. The key ability SGX provides is the notion of confidential, private execution with integrity guarantees. In essence, the chip has a special construct called an enclave. An enclave is like an ordinary program, except that the memory contents of an enclave are encrypted whenever they are off-chip, and accessible only on-chip, and only while the special enclave code is running. Further, the decryption keys are available solely to code with a certain hash: if you or a hacker were to hack the enclave code and change its hash, that hacked code will no longer have access to the encryption keys, repelling attacks. As a result, this ingenious technology does not permit anyone, even the owner of the machine who can modify the code arbitrarily, to peek at the contents of the enclave or to modify execution within an enclave. Further, the SGX hardware enables remote attestation, that is, the ability to prove to a remote computer that a given enclave is running a particular software distribution. In essence, the chip is able to issue a statement that says „I guarantee to any remote party that I am running this code with this particular hash,“ which is a critical bootstrapping mechanism. Teechan is built on these two underlying features, which, together, provide a trusted execution environment (TEE).

Now, SGX is not the only way of building a trusted execution environment. It’s quite possible to do the same using, for instance, secure hardware co-processors known as trusted platform modules (TPMs). TPMs can be found in almost every laptop and cost somewhere between $1-$5, and come from multiple vendors. Rumor has it that they can even be manufactured with self-destruct circuitry in the packaging, where attempts to shave off the packaging result in the chip destructing its private key. While the Teechan protocol is suitable for building on top of any platform that supports TEEs, including TPMs, we decided to build our prototype implementation on top of SGX.

The nice thing about SGX is that the security guarantees are built into the CPU. SGX enclaves are secure against an attacker who has placed probes on the system bus, has special attack hardware on the USB ports, has modified disk contents and is able to forge network packets any which way. The only way to compromise these guarantees is to shave off the CPU packaging and place probes on the silicon wafer, a costly undertaking requiring a clean room and significant reverse-engineering effort. And users currently already trust Intel (or AMD) to execute their transaction signing code correctly.

Channels Over Secure Hardware

Secure hardware

Teechan uses TEEs to build lightweight duplex payment channels. Compared to software implementations of payment channels, such as the Lightning Network, a hardware-based implementation has several advantages:

First of all, current payment channel implementations require segwit to be activated and transaction malleability to be fixed to reduce implementation complexity. Lightning has been the big impetus behind SegWit, which is currently stuck without sufficient miner support. Teechan enables us to build secure payment channels without having to change the base protocol, without having to bicker over SegWit.

Sending money with Teechan is incredibly fast, because payments are completed with a single message. The alternatives are either DMC, which puts a bound on the maximal amount transacted in a single direction of the channel (deposit amount times max number of channel resetes), or LN, which requires multiple round trips between the two parties to complete a single transaction.

Caveats

Secure hardware

There is no such thing as a free lunch. While Teechan represents very good news for Bitcoin, it comes with some caveats:

  • Teechan requires a trusted execution environment. This requires some special hardware, so you may need a special machine with the right kind of hardware to create a channel. Our current prototype is implemented on top of Intel SGX, so if you want to use this particular prototype, you’ll have to trust Intel. This is not an onerous requirement, because you already trust Intel for the correct execution of your code, and these extensions are just a part of the new instruction set being rolled out by Intel. If you do not currently trust Intel and use AMD or another vendor instead, then you’ll have to wait for that vendor’s implementation of SGX, or else port Teechan to other trusted execution environments. Note that only the entities at the two ends of the channel, you and the person you are transacting with, need to trust each others’ TEEs. The blockchain and the rest of the world are oblivious.
  • Our measurements purposefully leave out the effects of the network, which depend on your deployment. You need to factor in the network latency between the two parties, as well as the bottleneck bandwidth. As noted above, higher latency does not impair Teechan’s throughput.
  • It is yet unknown by how much Teechan, or other solutions, will help Bitcoin scale. The exact benefit depends on the emergent credit network on top, which has yet to emerge, because it has not been possible to deploy payment channels securely until now. Our hope is that Teechan will be used in concert with payment network design by LN and others.
  • Payment channels rely on the ability to place certain transactions on-chain when needed. This requires space in blocks on the underlying blockchain. As mentioned in the LN paper, full blocks interfere with this and can open payment channels to attack.

Bottom Line

If you have the right hardware, you can run Teechan over the unmodified Bitcoin protocol right now.

Our unoptimized prototype of Teechan is able to achieve 2480 transactions per second per channel, with transaction latencies of 0.4 ms. Not only does this enable paying for a coffee, but also enables Bitcoin to achieve very high aggregate throughput, to enable cheap & fast micropayments, as well as a host of other usage scenarios that require frequent, high-speed payments.

Where Do We Go From Here?

If you are interested in the operation of the Teechan protocol for building secure payment channels on trusted execution environments, a working draft paper is available.

We will be making the Teechan implementation public in the next few weeks.

Caveat emptor: this code is going to be an alpha release. It is quite possible for software bugs to lead to loss of coins. The prototype will be made available as is, with no express warranty of its suitability for any purpose.

We do hope to build an open-source effort around Teechan. If you’re interested in contributing to the effort, please get in touch with us.

Summary

While Bitcoin has to embrace on-chain scaling to not only scale, but to ensure the security of off-chain protocols, it is essential to tackle scalability at all levels of the protocol stack.

Overall, we have outlined a best-of-breed off-chain solution to help Bitcoin scale. Teechan builds on secure hardware to yield a secure payment channel implementation that achieves high throughput and extracts a very low latency overhead. It side-steps a controversial proposal to change the underlying Bitcoin protocol, and provides all of the much-touted benefits of Lightning Networks today, without having to modify the base protocol at all.

Quelle: Scaling Bitcoin with Secure Hardware

/0 Kommentare/von
,

UAE Pushes Blockchain Tech Development to Become a Leading Center for Innovation

The United Arab Emirates is ramping up blockchain development in a bid to become, by 2020, a leading center for innovation and the first government in the world to execute all of its transactions on a blockchain.

The move seeks to cut an estimated 100 million paper transactions annually and reduce the 25 million hours of work required in handling paper documents in Dubai alone.

Sheikh Hamdan Bin Mohammed Bin Rashid Al Maktoum, Dubai Crown Prince, launched the Dubai Blockchain strategy in October, which aims at achieving a high degree of efficiency in government departments.

Another area of the strategy seeks to create thousands of new jobs by leveraging blockchain technology to allow Emiratis, expatriates and investors to set up companies more easily.

„The strategy will result in substantial economic saving that can be reinvested in value-added sectors and will contribute to saving millions of hours wasted in entering data and ensuring their veracity,“ said Mohammad Abdullah Al Gergawi, Vice Chairman of the Board of Trustees and Managing Director of Dubai Future Foundation.

„It will also create new economic fields and businesses as the volume of blockchain market is expected to hit US$300 million over the course of the next five years.”

The strategy is a joint project between the government’s Dubai Future Foundation and Dubai Smart City Office.

Earlier this year, the Dubai Future Foundation launched the Global Blockchain Council, a public-private initiative that demonstrated the UAE’s commitment to the technology.

Under the Global Blockchain Council umbrella, prominent financial institutions, technology firms and startups are collaborating on a number of pilot projects that promise to increase efficiency in processes, cut costs and create new business opportunities. Among these projects, a system called BitOasis aims at creating a blockchain platform „to secure [the] flexidesk contracts and registration process.“ Another project, called the Kraken Bitcoin Exchange, seeks to build a financial infrastructure for Islamic finance operations. Both pilot projects are being overseen by Dubai Multi Commodities Center Authority.

Dubai Future Accelerators Selects Two Blockchain Companies for Pilot Programs

In September, Dubai Future Foundation kicked off the inaugural Dubai Future Accelerators, a 12-week program that seeks to connect international technology startups with government entities to create prototypes and pilots for the city of Dubai.

More specifically, Dubai Future Accelerators paired 30 companies with seven of Dubai’s public services: Health, Energy, Knowledge, Municipality, Police, Transport and the investment portfolio, Dubai Holding.

The program, which ended earlier this week, selected 19 out of the 30 companies to move forward to the pilot and prototyping phase. These will receive a total of Dh120 million (US$32.6 million) in investment.

Of the participating companies, 14 have already relocated their headquarters to Dubai, highlighting the city’s growing attractiveness.

“The UAE has become the foremost global platform for turning the future into reality,” said His Excellency, Mohammed Al Gergawi, Minister of Cabinet Affairs and The Future, and Vice Chairman of the Dubai Future Accelerators. “It is the ideal destination to materialize innovative ideas into tangible projects that have a significant impact on the economy and society — projects that can create better lives for us and for future generations.”

Among the companies that made it to the next phase, Loyyal, a loyalty and rewards platform, signed a deal with Dubai Holding for a pilot deployment aimed at creating the „internet of loyalty points, promotions and rewards“ by using blockchain technology. Specifically, it will seek to provide an innovative and cost effective solution to enhance and connect different loyalty programs.

The pilot will focus on the Jumeirah Group and TECOM Group, Dubai Holding’s sister company, bringing together their respective loyalty schemes to enable network-effect opportunities.

„We established the Global Blockchain Council here in Dubai less than a year ago, and are already seeing impressive advancements in the uptake of this technology,“ commented Saif Al-Aleeli, CEO of the Dubai Future Foundation and Founding Member of the Global Blockchain Council. „We are pleased by Loyyal’s progress with Dubai Points, their partnerships with the private sector, and look forward to working even closer with them as they bring the blockchain future to reality.“

As part of the deal, Loyyal will be deploying its proprietary and patent-pending blockchain and smart contract infrastructure solution to re-map the way Dubai Holding’s businesses interact with consumers and each other.

Alongside Loyyal, other blockchain startups that were selected for program integration included BlockApps, an Ethereum compliant platform for the development, deployment and management of enterprise blockchain applications, and ConsenSys. The largest Ethereum blockchain software company in the world, ConsenSys, will develop a real estate database using blockchain technology for the pilot program.

The 19 pilot projects are expected to create 135 job opportunities in Dubai over the next three months, which is projected to increase exponentially when the projects achieve tangible results, and the companies expand their activities.

The second round of the Dubai Future Accelerator program will kick off in the beginning of Q1 2017 and will see five additional government and private entities joining in: the Department of Economic Development, Dubai Smart Office, the General Directorate of Residency and Foreigners Affairs, Etisalat and du, both telecom operators in the UAE.

Source: Bitcoinmagazine

/0 Kommentare/von
,

France’s Central Bank Details its First Blockchain Test – CoinDesk

France’s central bank quietly released new details about its work with blockchain last week.

The Banque de France said on Friday that it had tested the tech for hypothetical use in the management of SEPA Credit Identifiers, or identification markers used to establish the identity of creditors within the Single Euro Payments Area. The trial marks its first publicly acknowledged blockchain trial.

According to the central bank, one of the key participants in the trial was the Caisse des Dépôts et Consignations, a public-sector organization that acts as a kind of investor on behalf of the French government through a number of subsidiaries. Paris-based startup Labo Blockchain and several unnamed French banks also took part in the test.

Work began in July, the Banque de France said, culminating in October with the creation of prototype tools for creating and managing SEPA Credit Identifiers. The central bank outlined how weekly meetings were held with stakeholders as the project moved forward, going on to indicate that more detailed insights into the project would be released sometime next year.

Word of the trial comes months after the central bank called for more research into the subject, arguing at the time that any testing should focus on both the positive and negative impacts the technology could hold for the finance sector.

The Banque de France evoked this sentiment in its announcement, noting in a translated statement:

This experience allows all the participating banks to share their analyzes on [the] impacts and opportunities of this technology.

With the trial, the French central bank becomes the latest institution of its kind to test the technology.

In the past year, central banks in Japan, Sweden and Singapore, among others, have launched similar efforts, with the European Central Bank announcing a new research undertaking in partnership with the Bank of Japan on 6th December. Earlier this month, the US Federal Reserve released its first major research paper on blockchain.

Image via Shutterstock

Quelle: France’s Central Bank Details its First Blockchain Test – CoinDesk

/0 Kommentare/von