Today we’re announcing Gradient: a full stack infrastructure for high performance, secure and privacy-preserving distributed systems — from cloud-scale computing and storage, to the simplest of connected devices.
At Gradient we see a world in which the authenticity and integrity of every electronic device, the software it operates, data it stores and computes, and information itself, are provable qualities by construction, not by trust in a third party.
For the better part of the last year, we’ve been working with veteran hardware engineers from leading chip manufacturers, former NSA cryptographers, distributed systems engineers and top academic researchers to take a first principles re-assessment of what it means to build secure and privacy-preserving distributed systems — and critically, how to achieve these features while delivering meaningful performance, with energy efficiency sufficiently great that it can also be implemented in the lowest power devices (think operation at microwatts, not just kilowatts).
The impetus for our project was simple: distributed ledger technologies (DLTs) present an unrealized possibility to drastically reduce the cost of trust , enabling fundamental new opportunities in compute, logistics, healthcare, machine learning / AI model and dataset provisioning, provably honest and efficient financial exchanges, and more — in the limit, these represent an opportunity to completely re-architect the web, as its original creators are now proposing. But, these possibilities are unrealized today because the cost of this decentralization is prohibitive. Any distributed ledger we are aware of is many orders of magnitude less performant (in terms of effective instructions/second) than the native compute power inside whatever device you’re reading this on. The same is true for financial settlement and payments.
This is not to disparage the work done to date in blockchain technologies — most were not designed for this purpose — rather, to clearly set performance goals of Gradient’s technology. We believe the bar for mass adoption of such technologies is staggeringly high: most users are unwilling to sacrifice much of any convenience for security, privacy, etc.
Gradient’s objective is thus unquestionably an audacious one. Some think our solution is, too.
At Gradient we’ve designed our own secure processor architecture that incorporates the ability to check authenticity of the chip and integrity of the chips’ operation into the silicon itself.
What this means for the network, and for other uses, is that the operations of a node running our processor can be effectively “fingerprinted” at any point. We’re building upon the work of collaborators with decades of experience in these areas, and in that spirit, we’re making these designs publicly accessible and auditable, so that security may be formally analyzed and by outside parties. We also aim to foster an ecosystem such that other manufacturers may adopt, and other researchers may participate in the acceleration of this evolution. We aspire to a future in which these properties are ubiquitous across all electronic devices.
On top of this hardware, we’re leveraging state of the art cryptography to create a distributed framework that at its most basic level enables any node in the network to verify authenticity and integrity of any other node, anonymously, with minimal overhead.
The Gradient hardware and software framework has been designed from the beginning for implementation in devices ranging from ultra-low power and low-cost electronics embedded in our everyday devices (demanding power and time efficiency) to multi-core high performance processors. As a framework, Gradient can scale from small peer-to-peer networks to those the size of the web. Our mission is to redefine how our electronic devices — and ourselves — work together, enabling open collaboration without compromising security, integrity or data rights.
Gradient’s technical focus
Gradient’s technical efforts to achieve these goals are broadly scoped into two efforts:
First, we’re developing a special type of secure processor — a remotely attestable secure processor with hardware-based “root of trust”.
To break this down a bit, practically speaking, a “hardware root of trust” means the processor’s private key generator is permanently linked to the silicon. In our designs, the key is unknown even to the manufacturer, never persistently stored, and no one device is identical to another (e.g., compromise of one device does not spread to others). This powerful feature allows us to protect users against vulnerabilities in the global supply chain (e.g., workers, or adversaries who infiltrate the chip factory, known as a foundry or fab, might try to reverse engineer the chip) and attacks on devices in remote locations (e.g. in the cloud) and still make guarantees to the security of cryptographic keys. From this root of trust, the features collectively known as “remote attestation” allow us to anonymously prove the authenticity of the electronics as well as integrity of the code it runs, the computations it performs, the data it stores, the sensor readings it detects, etc., all without reliance on any given trusted party.
Second, we’re developing a new type of distributed framework, the Gradient network, that leverages the root of trust and attestation enabled by Gradient hardware, to establish an alternative to trustless consensus-based protocols. We render these attested properties of any given node persistent by establishing a distributed ledger analogous in function to a decentralized certificate authority, but with many more features.
Four powerful new properties follow from this architecture:
(I) Compared to other strategies (e.g. ZK-STARKs, ZK SNARKs, homomorphic encryption, etc.), the computational cost and time of the attestation process is effectively amortized over a large number of what may be different transactions, smart contracts etc., such that we’ve added negligible overhead to achieve security and privacy beyond a lightweight signature scheme. That is to say, for a given security requirement, we’ve made the network very, very fast.
(II) Because we can attest cryptographically verifiable properties of a node, we do not require consensus (though may add for robustness), proof of work, proof of elapsed time, etc. This concept can be viewed as a formally verifiable and quantitative instantiation of reputation-based proof protocols (e.g. “Proof of Authority”). In the case of a payments system, the implication is that settlement of transactions occurs practically instantly, without risk of reverting transactions.
(III) For any given transaction or computation, to use Ethereum analogies, the parties involved establish in the smart contract the required specifications for security and privacy, and based on this, a determination is made autonomously about e.g. the number and properties of verifiers required to meet the security and privacy specifications. Thus, the Gradient Network’s security and privacy thresholds are self-adapting to the requirements of the users. (hence the name “Gradient”, e.g. gradient descent iterative optimization).
(IV) Gradient’s hardware root of trust establishes an immutable link between a physical asset and its digital fingerprint, solving one of the largest outstanding problems for application of distributed ledgers to real-world applications, e.g. supply chain logistics. For such applications, total device size is smaller than a grain of rice.
We should note that Gradient’s network architecture does not explicitly require custom hardware. It is backwards compatible with existing hardware, including CPUs with and without so-called Trusted Execution Environments, or TEEs. In the limit of no TEEs, this reduces to operating at the speed of the fastest existing protocols. However, using Gradient secure processors enables many orders of magnitude increase in performance over all options that we are aware of (again, we believe that until decentralized systems are performant comparable to native computing, most users won’t use them or Dapps built on top of them).
The Need for Gradient Secure and Attested Hardware
As the broader public has learned repeatedly over the last few years — most recently with the publication of the Foreshadow attack last week, which highlighted the latest in a series of vulnerabilities related to speculative execution on Intel’s Software Guard Extension (SGX) enabled processors — there are realistically no commercial options for secure execution environments. Gradient is changing that and adding new features that are a difference of kind over just a robust enclave.
Gradient’s hardware development team, made up of world class engineers from the likes of AMD, Intel, the NSA, MIT, UC Berkeley, Columbia and more, has been working with multiple secure processor architecture projects to bring viable solution to market. Our internal test network consisting of FPGA instances of our hardware designs (stay tuned for ASIC schedule) will be available by invite over the next few months for evaluation. These hardware nodes do not rely on a trusted third party or trusted hosting provider.
At Gradient we believe our mission is furthered by openness, not challenged by it. If you or your company or lab are working in this space, we’re eager to collaborate.
Gradient Team and Culture
The Gradient team is itself “full stack”: we’re a mashup of hardware engineers, applied physicists, cryptographers, distributed systems engineers, blockchain developers and computer scientists, working closely industry leaders from healthcare to finance, with the common desire to build impactful technology for the betterment of society.
We’ve held previous positions with AMD, Apple, Intel, the NSA and the greater intelligence community; we include a smattering from large and small financial institutions and healthcare companies. Academically, our largest concentrations are from MIT, Berkeley and Columbia, though what really matters is a willingness to tackle hard problems, to speak up on matters of principle, and maintain humility in the process.
We believe in taking a first principles approach to problem solving. We encourage criticism and dissent. In previous lives, Gradient team members have built human brain-machine interfaces, ballistic missile guidance systems, satellite constellations and other mission critical hardware and software. (We’ve also been known to, for example, hack the office espresso machine — sometimes open loop temperature control just won’t cut it).
If what we’re doing sounds interesting, we’re hiring across the board!