Introducing Ledgio — a permissioned implementation of Ethereum supporting data privacy

We recommend reading our previous blog post Solidity based Smart Contracts Blockchains in Fulcrum ecosystem for an overview first — here.

This blog post details Ledgio a permissioned implementation of Ethereum blockchain with switchable consensus algorithms. We open sourced the code on Github here.

Ledgio is a fork of the amazing word done by the people at JPMorgan Chase Quorum. We heavily modified the codebase to enable switchable consensus algorithms. This paves the way to integrate Proof of Authority and Hashgraph Hedera consensus algorithms.

Today’s Challenges for Blockchain

Beyond its novelty, blockchain raises some important concerns that can cause banks and other enterprises to be hesitant about it. Namely, they take issue with the control of information, access, and full public transparency. Immutability and quick traceability are great, but a traditional bank would reasonably not want to expose its entire record of transactions to the public. Despite the pseudonymous nature of blockchains, it would be quite easy to unmask organizations that transact at the scale and frequency of banks. In addition, the threat of exposure of smart contracts would greatly concern these organizations.

Ledgio was designed to placate many of these key concerns that enterprises or financial institutions have regarding blockchains.

Ledgio is built off Go Ethereum, the base code for the Ethereum blockchain. It functions very similarly to Ethereum, but with four major distinctions: network and peer permissions management, increased transaction and contract privacy, voting-based consensus mechanisms, and higher performance. Let’s look at each of these one by one:


Ledgio is designed to be permissioned, meaning that networks using Ledgio won’t be open to all, as they are in most cases with Ethereum. Because of this, permissioned blockchains operate with extremely different expectations of trust between approved nodes than permissionless ones, even if the architecture is roughly the same.

Namely, Ledgio’s permissioned chain is a consortium blockchain; it is meant to be implemented between participants that are pre-approved by a designated authority. Although consortium blockchains are somewhat redundant (blockchains contain protocols to establish trust, so using them among an already trusted group is unnecessary), their initial use is understandable as these institutions seek to test their ability. A consortium blockchain runs with the same features and protocols of a normal blockchain, but maintains the failsafe of only relying on permitted nodes. As a result, organizations can glean the feasibility of blockchain tech without the possibility of catastrophic failure or breach.

In the long-run, should blockchain consensus protocols continue to perform securely, permissioned systems can eventually disappear as their redundancy becomes apparent: blockchains gain stability from a larger base of users, so explicitly trusting the nodes ignores the strength of the blockchain and limits the number of users included.

The permissioned nature of Ledgio’s blockchain is rather fundamentally intertwined with some of its privacy protocols, and especially with the consensus mechanism. It seems unlikely to be phased out in future iterations.


Confidentiality of records has always been a concern of enterprises that Ethereum and regular blockchains failed to tackle. The pseudonymous nature of transactions is easily undermined when it comes to applications for massive firms. Beyond its permissioned nature, Ledgio seeks to further improve on this point by introducing ‘public’ and ‘private’ on-chain transactions. The public transactions act like normal Ethereum transactions. The private transactions are verified, but the details are not exposed.

Ledgio manages much of its secure message transfers through a system called Constellation. Constellation is a general-purpose mechanism that is not necessarily blockchain-specific. It involves encrypting specific messages in communication with an enclave, a store of previous transactions, authenticity, and authentications. Much of the cryptographically-heavy work is done within the enclave and the communication relay between it. Constellation, and the architecture it supports, is one of the reasons for Ledgio’s superior speed.

Below is a diagram of how private transactions are processed within Ledgio:


In addition to privacy in transaction, there is also privacy for smart contracts, something many banks are particularly wary of exposing for security reasons. Such smart contracts could contain investment strategies, transaction data, or sensitive internal information. The privacy protocols for smart contracts are actually relatively straightforward and are shown in the following diagram:



Ledgio consensus is being abstracted so we can use switchable consensus algorithms.

The algorithms we are developing are Proof of Authority and Hedera Hashgraph.


Ledgio is fast. Actual performance varies depending on the consensus algorithm chosen. For example prototype benchmarks suggests 100K tx/s using Hedera hashgraph a massive improvement over standard Ethereum and Bitcoin rates, and ideal for usage in various enterprises cases. Speed itself is one of the major roadblocks to blockchain adoption, a problem Ledgio neatly sidestepped with its implementation.


Ledgio is really cool. Although it operates on a restrictive structure based around its permissioned nature and its consensus mechanism is by no means trustless, it has clear applications in any enterprise use case. A collection of enterprises trying to improve their transaction infrastructure could see value to switching to this system. In addition, the network benefits from being a light-weight shift, allowing for future incorporation of code from the Go Ethereum base.