Kandola Ecosystem: Components & their functions

~ Smita Selot, Kandola Network

Introduction

The Kandola ecosystem is the collection of end-to-end decentralized components that send/receive general-purpose messages using Kandola’s Layer 1 Blockchain. The Kandola Blockchain ensures end-to-end privacy and security. Only the authentic applications can send the transactions and only the intended recipients can receive the transactions. The plain-text i.e. producer message of these transactions is encrypted and can be viewed only by the sender and receiver. Neither the network nodes nor third-party verifiers like EtherScan can decrypt the ciphertext. The integrity of the producer message (plain-text) is verified using Zero Knowledge Proof (ZKP) and digital signature techniques.

Kandola Blockchain uses the W3C Decentralized Identity (DID) specification to identify every participant, entity, or component. Decentralized identities allow users to present verifiable credentials to a verifier with zero knowledge about the identity information. For example, using the decentralized identity, a customer can verify the proof of age to the bartender without revealing any Personal Identifiable Information (PII) that is part of a driving license. Decentralized identities are also more secure compared to centralized identities because there is no central point of failure or attack.

Last but not the least, the messages sent by applications must conform to the Kandola Message Standard. The standardized format allows for better interoperability of the nodes. Kandola Blockchain has its own indigenous consensus algorithm PoRT, which is highly scalable, extremely fast in attaining finality, and secure against Byzantine attacks. The article focuses on the interactions between the applications and the PoRT validator nodes. For in-depth information about the PoRT consensus protocol and validator nodes, please refer to the Kandola White paper. The following paragraphs explain various components of the ecosystem.

Kandola Ecosystem Entities

In the diagram below producers are the devices/applications such as IoT, healthcare, and social media chat, that send real-time messages using Kandola’s decentralized network. Consumers are servers and dashboard applications that receive a message from the producer applications through Kandola’s decentralized network.

Figure 1: Kandola L1 Blockchain Ecosystem

The Kandola Ecosystem consists of these main entities:

  1. Kandola Decentralized Network: Kandola Blockchain network consists of PoRT (Proof of Real-time Transfer) validator nodes and other nodes
  2. Standardized Block Uplink Client (SBUC): Middleware/SDK running on the producers for interacting with Kandola decentralized network
  3. Standardized Block Downlink Client (SBDC): Middleware/SDK running on the consumers for interacting with Kandola decentralized network

1. Kandola Decentralized Network

The Kandola decentralized network is the heart of the Kandola ecosystem. It runs the PoRT consensus protocol. Operations and micro-components of validator nodes are beyond the scope of this article. The ecosystem has many common sub-components. All the components interact with these common sub-components to register DIDs and queries. There are broadly three sub-components as shown in the diagram:

Figure 2: Kandola Decentralized Network

1.1 DID Network

Each participant — SBUC, validator nodes, and SBDC registers with the DID Registry using the Public Keys, if not registered already. The Private Keys are held locally by the participants and never sent over the network. The DID Registry creates a DID Uniform Resource Identifier (URI) for each Public Key and returns it to the participant.

Figure 3: DID Registry

1.2 Service Discovery Network (SDN)

This component is queried by the SBUC, SBDC, and validator nodes to get the state and other information about different nodes, especially the leader validator nodes. The SDN enables the producers to identify and choose leaders. For instance, a producer may select the leader node(s) based on one of these criteria — most available, most reputable, least loaded, and closest in terms of network proximity. A lightweight producer may delegate the leader node selection to the network also.

1.3 Node Discovery Network (NDN)

This component is queried by validator nodes, SDN, and DID Network to discover all peer nodes and mempools in the Kandola Decentralized Network.

2. Standardized Block Uplink Client (SBUC)

When the SBUC connects to the network, it registers the producer with the DID Network, if not already registered. Then it queries the SDN for primary, secondary, and tertiary leader nodes. After getting the list of nodes, the SBUC creates the message by adding a message header and producer signature to the ciphertext of the producer message (plain-text). SBUC sends the resulting message to the validator nodes. The following sections delve deeper into these operations and the SBUC components.

2.1 Message Structure

Each message has a globally unique identifier. The DID URI of the producer (From Address field) and consumer (To address field) help verify the authenticity of the producer and consumer. The nonce field value increments for every new message and thus enables the validator nodes to avoid processing duplicate messages (replay attacks) from the producer. The primary leader node is the validator node responsible for collating the consensus from the majority of the network nodes. If the primary leader node goes down, then the secondary leader node will take over. And if the secondary leader goes down then the tertiary leader node will take over.

Figure 4: Message Structure

The producer acks field informs the primary leader node how it needs to acknowledge the receipt of a message to the producer. These different values allow acknowledgement for different levels of distribution for producer messages. For example, mission-critical producer messages such as fire alarms need acknowledgement from the majority of the network, while simple information messages may not need any acknowledgement.

2.2 Message Encryption

The encrypted data (ciphertext) is the producer message (plain-text) encrypted using the consumer’s Public Key. The metadata is header fields excluding the signature field. Using the SHA-512 algorithm, a hash is generated from the metadata and encrypted data. This hash is signed using the producer’s Private Key. This signed hash is referred to as the producer’s signature. The combination of metadata, the producer’s signature and encrypted data forms a message conformant to the Kandola message standard and is sent by the SBUC to the PoRT validator nodes.

Figure 5: Message Encryption

SBUC encrypts the producer message (plain-text) using the consumer’s Public Key so that only the intended consumer can decrypt the producer message. SBUC signs the hash using the producer’s Private Key so that a validator Node can verify that the message was indeed sent by the authentic producer. To verify the integrity of the encrypted data, the validator node generates a hash on the header and encrypted data and compares it with the hash obtained by decrypting the producer’s signature. If both the hashes match, then the message integrity is verified as intact.

2.3 SBUC Components

Figure 6: SBUC Components

Data Input Manager (DIM): This component manages messages sent by the producer intended to be sent to the network.

DID Manager (DM): DID Manager is responsible for registration with DID Registry, if not already registered.

Schema Standardization Engine (SSE): This component ensures conformance to the Kandola message standard.

Cryptographic Wrapper Layer (CWL): This component is responsible for all the cryptographic functions for the messages sent by the SBUC — encryption of the producer messages, and digitally signing the messages.

Network Interface Manager (NIM): This component is responsible for all the network communication between the SBUC and the Kandola decentralized network.

3. Standardized Blockchain Downlink Client (SBDC)

SBDC registers the consumer servers and dashboard applications with the DID registry, if not registered already. SBDC receives the encrypted producer messages (ciphertexts) from the Kandola decentralized network, verifies them, and decrypts them for the consumer.

Summary

The Kandola Blockchain ecosystem ensures that the standardized clients SBUC and SBDC make the applications agnostic of the nitty-gritties of communicating with the network. SBUC and SBDC enable seamless integration or minimize integration efforts with the Kandola Network’s decentralized platform. Together these components form an ecosystem that acts as a secure, real-time decentralized middleware allowing producers and consumers to exchange generic messages with end-to-end privacy and security.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kandola Network

Kandola Network

13 Followers

Kandola: A privacy-by-design L1 blockchain that enables quick messaging, data processing and storage.