Overview of 0Chain Protocol

Most systems up to recent times have been organized around centralized bodies. This can be said to be true of governments, religions and economies. A lot of new research and technology has emerged in the last 50 yrs related to digital computation. This new technology has made it possible for the first time to bring a de-centralized ledger technology such as Bitcoin.

Proof Of Work

Bitcoin is a blockchain that is not controlled by anyone and anyone can work towards making the blockchain grow in a manner that everyone agrees. This is possible as Bitcoin uses the concept of Proof Of Work. I would like to explain PoW using another familiar concept in our day-to-day lives, the lottery. Anyone buying the lottery can win it but purely by chance (at least in theory, there have been several incidents of rigged lotteries). Similarly, anyone wanting to work on expanding the Bitcoin blockchain can do some special computation that they win by chance if they crack the computation. In real world, people choose to put their money in a pool and buy the tickets collectively so that the chance of winning the lottery collectively increases but the rewards are shared among all the members of the pool. Same is also done with PoW, where many people pool their resources to do the special computation to increase the chance of winning. Now imagine, one of the pool grows so big it is more than 50%, then any member belonging to it has a very good chance of winning but at the same time will have to share the reward with many people resulting in a very small payout.

But there are some fundamental differences between a lottery and PoW. In case of the lottery, the money that is used to buy the ticket is used towards paying the reward and hence is a centralized process. In case of Bitcoin, the reward is created out of thin air by minting it. Also, with a lottery system, once the results are announced it is permanent (unless there is any evidence of cheating). But with PoW, there are many paths to arrive at the required computation and whoever can extend the maximum at any given instance influences the path leading to that point. However, the computation requirement is enormous that it will be impossible to alter the path for extended period of time with the underlying assumption that no one controls more than 50% of the computation power that is extending the blockchain.

While PoW based systems solve the decentralization problem, it comes with an enormous cost. Lot of research went in creating alternate solutions that are cost effective still offering the same confidence of decentralized systems. The most notable solutions rely on Proof of Stake.

Proof of Stake

In this model, each party that wants to extend the blockchain stakes some financial value. If anyone caught cheating they lose their stake serving as an incentive to well-behave. 0Chain protocol uses a non-linear staking approach (mainnet will be launched with squared power of stake but the power can be adjusted as needed). The idea behind this is that someone with a lot of tokens would prefer to pool them all together as one rather than splitting into several parts and joining the network separately.

Decentralized systems need to be both fault tolerant and also Byzantine tolerant. Among the PoS systems, some protocols choose to do consensus by electing a leader and change the leader regularly and also when the leader is not making progress. A problem with a single leader based system is that it can be prone to external attacks such as DDoS. Hence, these protocols are typically suitable for private or permission networks.

For a public blockchain, it is desirable to have a protocol that can effectively defend against both Byzantine conditions and also external factors like network outages and DDoS attacks. Some protocols such as dFinity propose having multiple leaders (or block generators) so that the blockchain will make progress even if some of them are faulty. 0Chain protocol adopts a similar approach where more than one miner can generate a block in a given round and while the network collectively works towards notarizing the highest ranked block in a given round, the goal is to eventually notarize and make progress with any of the blocks that got generated in the round and pass the verification process (transaction signature validation, no replay of transactions and so on).

In order to achieve consensus without a leader, and to mitigate the risk of network attacks, consensus is achieved by everyone sending their verification messages to every other miner on the network. This type of protocols trade the CPU requirement of PoW with network bandwidth. These protocols are suitable for networks of medium size (a couple of 100s of nodes) and will have scalability problems with very large networks. By periodically shuffling the active network, it is possible to operate with a medium size network. Keeping the network size limited to about 100 nodes also helps increase the payout for the miners that are serious about operating in the network with sufficient stake.

Deterministic Finality

If a protocol doesn’t require explicit endorsement of a block to reach consensus and just rely on other factors such as PoW, it is possible to disclose blocks much later and alter the course. Many PoS protocols require direct interaction with each other to reach consensus, using a variation of pBFT (practical Byzantine fault tolerance). Immediate direct interaction ensures consensus is discovered quickly and it will not be possible to release blocks at a later time. This makes these protocols to be almost deterministic compared to what is possible with Bitcoin for example. When multiple blocks can be proposed for a given round, it is sometimes possible to not be able to determine if a block is finalized because of network conditions. This is where protocols such as Hashgraph take a different approach. They rely on the fact that the current proposals are consistently endorsing past transactions and when a majority of the miners endorse directly or indirectly a given transaction, it gets finalized. Transactions get finalized individually but the same concept can be applied at the block level. That is, when enough miners extend directly or indirectly off of a given block, it is possible to agree on which of the notarized blocks in a round should be finalized deterministically. 0Chain protocol executes finalization based on locally available information but also keeps track of the deterministic finality using the Hashgraph like logic applied at the block level. In our experiments we have not seen any rollbacks of finality computed based on local information even after running the blockchain for hundreds of thousands of blocks. The clients interacting with 0chain have several choices on deciding on when to consider their transaction is finalized. They can choose to wait a certain number of blocks, they can choose to query the confirmation from multiple nodes or do a combination of both.

Blockchain Workload Optimization

Most existing blockchains have a single type of node, the mining node that is CPU intensive and also has to ensure sufficient storage and network resources. 0chain has taken a different approach by recognizing that the mining process is CPU intensive while responding to queries of finalized transactions is storage and network intensive workload. That’s why 0chain protocol has both Miners who receive transactions and mine them in to the blockchain and also Sharder’s who save the finalized transactions and respond to queries regarding transaction confirmation.

The sharding of blocks is further optimized among sharders by using a Consistent Hashing like algorithm and splitting the blocks among the sharders. That is, the 0chain blockchains can be configured to choose the number of replicators per block and only those many (and sometimes a few more) sharders store the block. Which set of sharders are replicating a given block is completely deterministic from the hash of the block. While blocks are sharded, the mapping information regarding which transaction has made into which block is stored by all the sharders. This way, a client can initiate a query with any sharder and in the best case scenario that sharder has the block information and so will respond back with the entire transaction information and in the worst case scenario, will only be able to tell which block the transaction belongs to so the client can query the details from the right sharder.

Smart Contracts

While a decentralized database provides all the immutable storage needs, ability to execute logic on the data and reach consensus adds a new dimension providing the flexibility to develop various applications on top of the blockchain. Undoubtedly Ethereum pioneered in this space with their work on Smart Contracts. Solidity is the popular Smart Contract language by Ethereum. However, they have plans to provide WASM based smart contracts. Hyper Ledger is another blockchain that has taken a slightly different approach of allowing the smart contracts to be written in Enterprise application languages such as Java and Go. They provide this capability by allowing shim layer of code that interface with the native blockchain code.

Developing a full fledged smart contract language and getting it right ensuring correctness, security and performance is a major undertaking in itself. Also, if WASM is going to get popular, it may be worth while to use that as the smart contract execution environment. Due to some of these challenges, uncertainties and the time to go to market, 0chain has chosen to go with Hyper Ledger like approach of allowing Go lang based smart contracts. All the system smart contracts that come out of box with the 0chain will be integrated directly as a layer on top of the core blockchain layer. All this work released for mainnet will not prevent any future plans to expand by offering a full fledged smart contract language with which code can be dynamically deployed like in case of Ethereum. But for the moment, all the smart contracts have to be written in Go and be linked into 0chain blockchain code.

Governance

While a blockchain is decentralized and the core operations of validating transactions and producing the blocks is all automated and achieved via consensus, many blockchains have little or no overarching governance that helps go through any unforeseen issues such as malicious attacks or faulty code requiring major changes and so on. 0chain has taken a decentralized stake based governance approach. That is, any changes required to the blockchain will be approved/vetoed via a staked voting mechanism which itself is done as a smart contract on the blockchain. In addition, to avoid last minute manipulation, 0chain uses a novel multi-round exponentially increased limit mechanism to complete the voting process there by making it as robust, fair and transparent as possible.

Summarizing all of the above, 0chain is the first role-specific blockchain network (miners and sharders), leaderless squared PoS consensus protocol with periodic active set change making it resilient to various types of failures and Byzantine conditions. All of this resulted in providing a fast finality with sub-second steady state block finality. Further changes to the operations of the blockchain are transparently governed using the same decentralized consensus using a system smart contract. The 0chain protocol is starting on a solid footing allowing for adding several additional features and dApps over time.