KEEP IT SIMPLE Principle Protects Blockchains

ID 659781
Updated 7/31/2017
Version Latest
Public

author-image

By

Blockchain Cryptocurrency and blockchains have been hot topics in the news over the last year. Most recently, GPU shortages, Ethereum pricing, Bitcoin segwit, and a $7M ICO web site hack have generated headlines that continue to signal the growing significance of blockchain technologies.

To help put blockchain news and information in context, I'm publishing a blog series. The series will explore blockchain technology advances and the implications of those technologies for developers, enterprise IT decision makers, and consumers. 

In this blog, I will:

  1. Share Intel’s contributions and commitment to blockchain.
  2. Use the concept of Transaction Families to illustrate one of several approaches to blockchain security.

Intel is actively participating in the blockchain ecosystem. We are a founding member of the Linux Foundation's Hyperledger open source initiative. Intel is also a founding member of the Enterprise Ethereum Alliance. Intel developed Software Guard Extensions (Intel® SGX), available since our 7th Generation Intel® Core™ Processor introduction, and already proven to deliver value in the blockchain space with R3 and BitPay. We have also developed Hyperledger Sawtooth, which is gaining momentum with OMI's music consortium and PokitDok's healthcare blockchain solution. Intel will continue to focus on improving the security, scalability and privacy of blockchains.

Before I describe Transaction Families, and how they can help harden blockchain security, let me explain the concept of smart contracts. A smart contract is a programmatic representation of an agreement between parties. Once agreed upon, the contract is stored on a blockchain allowing it to execute the terms of an agreement without involvement from the committed parties. A number of blockchain attacks are programming exploits of smart contract vulnerabilities to execute unintended transactions. Last week's $32M hack of the Parity Technologies multi-sig wallet is an example; the DAO hack from 2016 is another. Transaction Families can help prevent these types of attacks.  

Transaction Families are a part of Intel's work on Hyperledger Sawtooth. Hyperledger Sawtooth is an open source enterprise solution for building, deploying and running distributed ledgers or blockchains. Transaction Families represent the application-facing portion of the Hyperledger Sawtooth blockchain stack.

A Transaction Family is a group of operations or transaction types that are permitted to operate on a ledger. Some networks need fully programmable smart contracts and therefore demand a broad set of operations; others can get by with just a few functions. Transaction Families allow the blockchain implementer to hone the transaction breadth to the scope that is needed for the application -- no more, no less. A simple example of a Transaction Family is the Integer Key family, which provides 3 operations (increment, decrement and set). With just these three operations, and no looping constructs, it's difficult to create a rogue routine. For a more sophisticated example of Transaction Families, we created a bond-trading family. This application includes 17 operations, specific to bond trading, such as CreateBond, CreateOrder, and CreateSettlement. These allow a blockchain network to create and trade bonds, but leave no extraneous operations beyond bonds for 3rd party abuse.

The notion behind Transaction Families is to allow businesses to dial up or down the versatility (and risk) of their network to match the business need. This Keep-It-Simple approach creates a pragmatic programming model for smart contract (application) development, and serves as a deterrent against attacks. 

To learn more about Transaction Families, visit the Hyperledger Sawtooth web site within the Linux Foundation's Hyperledger project.

In an upcoming blog, I will explore the importance of consensus algorithm efficiency for blockchain scalability and the impact of algorithm efficiency on several applications including financial transactions and cryptocurrencies.
 

You are welcome to follow Rick on LinkedIn and Twitter (@RJEche) for future insights, industry best practices, and discussions.