Posts

What is a State Object?

,

A state object is a digital document that represents and completely captures all relevant information about an agreement shared between parties, including its existence, content and current state.

More broadly, states can be thought of as referring to a fact at a point in time (for example, a cash state or an identity state). In Corda, states usually represent an obligation between parties. For example, a state object could represent a $100 obligation issued by a bank, an interest rate swap, or a zero coupon bond. The Corda Vault maintains the current position of state objects upon which two firms have agreed upon. In Corda, a state object is intended to be shared only with those who have a legitimate reason to see it. 

A state object references (in the form of hashes) both the contract code and legal prose contained by an agreement). States are established and can only be changed by accepted transactions, which are governed by the rules of the contract code. Digitally signed transactions consume zero or more states and create zero or more new states (see UTXO model)*Some transactions dictate that a new state be created while other transactions cause current states to evolve into new states. Potential new states may be proposed by parties to an agreement, but a “consensus state” is only reached once all parties to the agreement achieve consensus.

*A state object is either current (considered a live obligation) or historic (considered no longer valid). Note that these terms are also sometimes referred to as unspent/unconsumed or spent/consumed.

What is Hashing?

,

Hashing is a cryptographic technique that takes a piece of data and translates it into a unique “fingerprint” (or “bit-string”). The resulting value that is generated – a representative image of the original message – is referred to as a “digital fingerprint”, “message digest” or a “hash value”.

Different scenarios require different cryptographic techniques. For example, to ensure confidentiality, an encryption method is used that enables one to reconstruct an original message with the knowledge of the appropriate key*. A cryptographic hash, however, is used to allow for a quick comparison of large data sets and to verify that that data has not been altered.

While some encryption techniques – such as the confidentiality example above – are reversible, a cryptographic hash is a one-way function and therefore impossible to invert. So, even if someone knows the hash value of the data, he/she is unable to know the original message. Only the person who knows the original data can prove that the hash value was created from the original piece of data, thus ensuring that it has not been altered from its original form.

The only way to recreate the input (original) data from a hash function’s output is to try a large number of potential inputs to see if they produce a match. If two inputs result in the same output, then a collision** has occurred. While it ideally should be impossible to find two different messages whose hash values are similar, collision resistance doesn’t necessarily mean that no collisions exist, but rather that they are very difficult to find.

*Public/private key cryptography is an encryption method whereby one can encrypt data with the recipient’s public key and the recipient can then decrypt it using their private key (or vice versa, depending on the objective).

 **An example is a SHA-256 collision. A SHA-256 hash function produces 256 bits of output from a larger set of inputs. Thus, some inputs will necessarily hash to the same output. If a hacker finds a collision, he/she can use it to substitute an authorized message with an unauthorized one.

What is a Node?

,

A node is a data point on a distributed ledger network. It is a virtual point made up of a collection of computers also known as a “highly available cluster”, such that if one computer goes down, another can take its place.

In a distributed ledger, nodes are the points through which information is sent and distributed. Each node contains a full set of relevant information from the ledger. That is to say, a single node on a network maintains a full copy of all transactions on the ledger to which they are privy – it cannot see other transactions in the network.

In a decentralized system, every node has a full copy of the blockchain. Nodes in the network can validate transactions, add them to their copy of the ledger and then broadcast these transactions to other nodes in the network. In a decentralized blockchain, nodes, rather than a trusted third party, maintain the network. In a centralized system, however, each node is privy only to transactions that are relevant.

Nodes ensure that a transaction is valid and maintain a ledger’s record of consensus. In the Bitcoin blockchain, nodes are used to confirm “blocks” and to secure the network. However, while the Bitcoin network records transaction data in blocks, these blocks are not necessary in instances where only two parties must be aware of the details of a transaction.

Even if a node is unable to see the contents of an agreement, it can independently verify that all of the required authorizations have been made in a transaction. In a given transaction, both nodes involved can ensure its validity, meaning that the content is consistent between both parties, while the finality or uniqueness of a transaction, meaning that it has not been previously spent, must be established by the “Uniqueness service”.

In Corda, a Uniqueness service is a type of node (or a collection of nodes operating under some consensus mechanism) that verifies transaction inputs have not previously been spent, thus eliminating the risk of a double-spending problem. In this sense, a uniqueness service essentially performs the function of a trusted third party. Note that in order to perform this function, the uniqueness service does not necessarily need to see all of the details of the transaction.

What is an Oracle?

,

An oracle is an external source of data to a distributed ledger which is considered to be authoritative, trusted and definitive. What makes an oracle unique (compared to a smart contract, for example) is this ability to derive information from sources external to the ledger that it supports.

An oracle is necessary once a smart contract is written to interact with external data. One example is a bet on the Super Bowl, where one party picks one team, one party picks another, and an oracle determines the winner from ESPN and pushes that data to a smart contract to carry out the transaction. Similarly, within financial institutions, external data is often necessary in transactions – for example, to verify that a loan has reached maturity, one must gain knowledge about the current time.

An oracle attests to the validity of data by digitally signing facts within transactions as well as the state resulting from the transaction. A signed message from an oracle indicates proof of an event and can then be used as an input into a transaction and distributed within the transaction data itself. Once signed, an oracle cannot later “change its mind” and invalidate transactions that were previously found to be valid (allowing an oracle to change its mind would result in a loss of consensus, undermining the integrity of the system).

There are similarities between oracles and smart contracts and, in fact, they work together to carry out transactions that require data from the outside world; however, there are key differences as well. While the integrity of a smart contract depends on it being contained within the ledger itself, an oracle is independent of the entities on the ledger it interacts with and can access data outside of the ledger. Additionally, an oracle does not contain legal agreements nor can it change the state of agreements on the ledger as a smart contract does.

Once the integrity of a transaction is exposed to a third party, it creates significant vulnerabilities. Within “permissioned” or known-participant systems, trust can be relied upon and fraud and malicious attacks are much easier to monitor and police. In a permissionless system, on the other hand, the use of oracles is more problematic as trust may be more difficult to establish.

What is Proof-of-Work?

,

A proof-of-work protocol (PoW) generally involves proving that some resource has been expended (typically processing time by a computer). It is a method to deter an abuse of service (i.e. denial of service attacks, spam, double spending) by requiring some form of “work”.

For example, in order to prevent email spam, a PoW system may require the sender’s computer to perform 1-2 seconds of work before sending an email. While this is easy to do for a single email, it would require huge computational resources for mass spam emailers. Another example of a PoW is the requirement to type in numbers / letters when ordering concert tickets online. This is a PoW in that it requires the user to prove that he/she is indeed a human being and not a machine buying a mass quantity of tickets.

In the Bitcoin network, PoW is used as a part of generating new valid blocks. In order for a new block to be accepted into the network, other network participants must demonstrate PoW*. For Bitcoin, the difficulty (related to the amount of work needed to be done before a valid block is created) limits the speed of creation of new valid blocks to roughly one every 10 minutes, irrespective of how many computers are competing to create new blocks.

In a public blockchain, such as Bitcoin, PoW removes the need for trust amongst anonymous actors by reducing the likelihood of an attack by a single malicious actor. In this case, PoW aims to prevent one party from holding a majority of computational resources at one given time, though this is not impossible. While it is often thought that PoW is a technological innovation, it is actually an economic innovation that reduces the likelihood of system abuse – it is possible for a PoW-based system to be circumvented given enough economic resources, time and effort.

Though PoW is a key component of Bitcoin and other public blockchains comprised of a network of anonymous actors, the need for PoW is absent in a private network where participants are known and the relationship between entities is governed by legal contracts.

*Bitcoin mining uses SHA-256 as the PoW algorithm (SHA stands for Secure Hash Algorithm).