Many people believe blockchain to be a revolutionary technology because it enables decentralization, disintermediation, or censorship resistance. This is all well and good, but the reason any of these things are possible now, and weren’t with the mere existence of the internet itself, is because blockchain networks are economic systems. The value stored, transferred, and promised in the system can create arbitrary incentives. Of course, it cannot compel or guarantee behavior — it just makes certain things (like a double spend in Bitcoin, or censoring information on Arweave) really expensive. That’s powerful. But how can we create systems that do this effectively?
Here at Gauntlet, we are building a platform to help people build economically sound blockchain protocols and applications. We like to say that these are “secure” — the cost of an attack is very high — and “successful” — people are incentivized to participate.
Blockchain systems lie at the intersection of technology and finance. While we believe that blockchain technology opens up a new paradigm shift in the way that humans will interact, we also believe it creates a new set of challenges that are not seen in traditional software development:
- “Move fast and break things” is not a viable strategy to build blockchains. Damage to trust can be irreversible, asset loss can be permanent, and changes involve convincing all participants to adopt them — making updates and hot fixes very difficult.
- In a distributed and open network, the behavior of the system and the experience of using the software is not solely determined by the development team building the particular application. The effects of other system participants start to take over. System participants are driven mostly by the incentives of the system. Economic incentives and product success are tightly coupled. The potential profitability of attacks is higher than ever.
How do we build software in this new type of world? We need to be sure:
- Code executes as it was written (private fields are actually private, etc.)
- Code executes as it was intended (avoiding things like reentrancy)
- The software creates a viable system, one that is both valuable and usable
Formal verification is an invaluable tool to ensure that code executes as it was written, though code as it is written often differs from the intended behavior. Security audits, unit testing, and testnets all provide ways to identify how code might not work as intended.
However, these tools do not help you build viable products. They do not effectively take into consideration the permissionless or economic nature of these systems — they say nothing about incentive compatibility, mechanism design, or multi-user interactions. In traditional software, many people have turned to lean methodology to iterate towards viable business models, but as we have mentioned, iterating quickly in most blockchain applications and protocols is not feasible.
Often, people simply try to reason about these systems in their head or on a whiteboard. However, these are complex systems that often have counterintuitive behavior. It’s easy to create a “safe” system that no one has any incentive to use. It’s just as easy to have strong incentives for adoption that only work in the short term or build a network that is susceptible to economic attacks on security.
There actually happens to exists an existing technology sector where 1) Developers cannot employ a move-fast-and-break-things methodology and 2) the action of market participants is the dominating factor in overall system behavior. Algorithmic trading has been dealing with these same issues since the mid 1990s when HFT proliferated across all of the major trading markets. When you trade, you have to consider the strategies of other traders. If you don’t, or do so unsuccessfully, you risk a substantial loss of capital. So how do algorithmic traders build effective trading programs? How do they test changes?
Agent-based simulation has been employed extensively in developing and backtesting algorithmic trading strategies. It combines models of user behavior (agents) with models of system dynamics to provide statistical confidence in the performance and behavior of complex systems. Simulation provides a method of analysis which is easily verified, communicated, and understood, and is most valuable when (like in blockchain systems) the cost of experimentation is high. The Gauntlet team has decades of experience using these methods to build trading systems at top HFT and quant funds including D. E. Shaw & Co., Tower Research Capital, GETCO, Jump Trading, and Goldman Sachs.
The Gauntlet platform
How do you apply these techniques to smart contracts and protocols? How do you ensure these techniques effectively and accurately model blockchain systems? At Gauntlet, we are building a platform to allow people to do exactly that.
The Gauntlet platform is an interactive environment for simulation development and analysis that allows you to quickly and easily quantify protocol and smart contract behavior. We can support any protocol or smart contract, but we have integrated the EVM so we can run Solidity and Vyper contracts right out of the box. We also parametrize the system, so that you can test a broad range of assumptions. Often these are protocol parameters (e.g. the block reward, the MakerDAO stability fee, etc.), but they also can be more fundamental aspects of the system like hash power distribution or network latency. Our platform is optimized for performance so you can get results quickly or even construct an automated parameter search / optimization. A big part of agent-based simulation is creating accurate models of users, or the agents in your system. We have a library of agent models that you can use to define user behavior, but allow for customization so that you can create build a more accurate and complex simulation.
The tools Gauntlet is building will be an essential part of how people understand blockchain systems, but this understanding isn’t just useful to people building these systems. Our long term vision includes extending and building on top of these tools to help other participants in the blockchain ecosystem, such as investors, users, or node operators. However, right now, our focus is on working with people building protocols and dApps / smart contracts.
Gauntlet’s simulation tools are a key component of building secure and successful crypto systems, but what are the sort of problems the Gauntlet platform is intended to solve? Here’s a few examples of questions our platform could answer:
- Are people incentivized to participate in this system?
- What is the cost of a particular type of attack? (e.g. selfish mining in PoW, front-running in dExs)
- How can I trade-off safety for liveness in my consensus mechanism?
- How do I balance rewards with inflation of my token supply? (or other aspects of monetary policy)
- What happens during an improbable (black swan) event? For instance, if I’m building a stablecoin backed by on-chain assets, how large of a price drop could we withstand before the value of the coin brakes from its peg?
- How do my protocol parameters affect the price of my service / product?
- Can I set SLAs for things like transaction confirmation time?
We hope that this post sheds a little light on how agent-based simulation and the Gauntlet platform can help people build secure and successful blockchain protocols and applications. We’ve mentioned some possible use cases, but over the next few weeks, we have a series of announcements and blog posts that should provide more info on specifically what we’re doing to help companies. We work both with protocols in the design phase as well as after launch to help test updates and analyze risk. If you are interested in working with us, or even if just have questions, feel free to reach out to email@example.com.