On the Origin of NEO
This article is part of the ongoing “Origin” series that tracks the emergence and evolution of projects in the cryptocurrency-based smart contract ecosystem. Today we’ll look at NEO and the ways it could supplant today’s dominant platform, Ethereum.
NEO’s goal is to enable the digitization of all real world assets by tying them to real world identities through blockchain and smart contract technology. Note the emphasis on real world; NEO’s tight integration with existing legal and governmental frameworks and support for familiar software development environments are distinguishing features of this platform. Thus NEO has some sharper contrasts to Ethereum than the other projects examined thus far in this series that will set the stage for some interesting competitive scenarios.
The NEO project dates back to 2014, when the Antshares blockchain was conceived and became China’s first open source public chain project. The Antshares technology was used as a foundation for the DNA blockchain framework for permissioned networks, developed by Antshares creators and their company, Onchain. In mid 2017 Antshares rebranded itself as NEO, projecting an image of newness punctuated with a second, all new “initial” coin offering. At the same time the network was upgraded to NEO 2.0, signalling an intensified focus on smart contracts to build what the project calls the Smart Economy.
This shift was likely influenced by the advances in technology to support smart contracts that occurred between 2014 and 2017, most notably in the Ethereum community, and led to NEO being labeled “Chinese Ethereum.” While that moniker represents a simplistic, perhaps speculator-fueled association that overlooks some fundamental differences, NEO nonetheless is well-positioned to challenge Etherum’s position as dominant smart contract platform.
Despite it’s long life (in blockchain years), the project is less mature than Ethereum in some ways; major pieces of functionality are still being developed and the consensus mechanism remains highly centralized. However, the project is evolving at a healthy pace thanks to a thriving open-source developer community and an organized steering committee, the NEO Council, that sets and funds project initiatives. NEO development and community support is well-funded by token sales and the venture capital backing of Onchain. Unlike some other competing smart contract platforms we’ve looked at in this series, NEO already has a live production blockchain, running a few smart contracts, and has supported at least one ICO at the time of writing.
Let’s take a deeper look at some of the different approaches NEO takes and examine how the competition could play out in the near future.
Nearly every competing smart contract platform is touting orders of magnitude performance increases over Ethereum, and NEO is no exception, claiming 1000 transactions/second throughput with 15–20 seconds confirmation times. Like the others, NEO promises to achieve this by doing away with Proof of Work (PoW) in favor of a more synchronous, and thus faster consensus mechanism. However, unlike most platforms that use some form of Proof of Stake (PoS), NEO has chosen instead to implement Byzantine Fault Tolerance (BFT) consensus.
In both PoW and PoS consensus, chains can split and those splits must be resolved (or reach a suitably high cost of reversal) before transactions can be considered confirmed. NEO’s designers believe that using BFT consensus, which does not produce chain splits, can increase performance and overall adoption of its platform. Rather than split the chain, the BFT process simply stops making new blocks whenever consensus cannot be reached. A nice side-effect is that the transactions contained in a block can be considered finalized (100% irreversible) immediately after consensus on the block is reached. So using a BFT algorithm that can produce a block of 15–20 thousand transactions every 15–20 seconds, can achieve throughputs on the order of 1000 transactions per second with a 15–20 second confirmation time.
So, if BFT has all these wonderful properties, why isn’t it being used to secure all blockchains? BFT performance is best when a high percentage of validators follow the protocol (i.e. are “honest” nodes), but degrades as that percentage decreases, and comes to a dead stop below 2/3 (roughly 67%) honest nodes. So more often BFT is used in permissioned, “consortium” blockchains, where stronger identification of validators makes it much more difficult for bad actors to join, and the higher degree of trust allows the BFT consensus to run at optimal speeds.
Public blockchains, such as Bitcoin and Ethereum, are designed to allow open participation without requiring any trust among participants. These designs intentionally trade off on-chain performance with the belief that scaling can be more effectively accomplished using off-chain technologies such as layer 2 networks and baby chains. The off-chain networks can support a variety of different participation and trust models, which can be adjudicated as necessary by a fully permissionless and trustless base layer chain. Although NEO, like any platform hoping to dethrone Ethereum as world computer, will likely need to implement off-chain mechanisms to reach worldwide scale, its commitment to BFT in the base layer will require permission to participate in consensus and a greater degree of trust among users that consensus nodes do not collude or act malevolently.
This “real world” influenced design philosophy is antithetical to a some people’s vision of what a public blockchain should be. NEO has been criticized for calling itself a public blockchain while creating significant barriers to public participation in the consensus process. The process for becoming a consensus node involves staking a large amount of money, obtaining an identification certificate from a government-authorized Certificate Authority, and then getting elected by voters. The NEO Council’s response to this criticism is that, because NEO uses delegatedByzantine Fault Tolerance (dBFT) consensus, where validator nodes are elected by users who have stake in the NEO coin, users will have a say in determining who the validating entities are and thus serve as a check against abuse of power. The extent to which this theory works in practice will depend on whether NEO can overcome the well-known challenges associated with stakeholder voting such as low voter participation, insufficient individual incentivization, difficulty of voters staying informed, and centralization of voting power (in whales and exchanges).
In contrast, Ethereum, which does employ a BFT-like consensus protocol in its “Friendly Finality Gadget”, shuns voting and delegation in favor of imposing financial penalties on malevolent validators to allow open participation in the consensus process with minimal trust. Ethereum’s choice to deter malevolence through loss of funds rather than loss of job distinguishes it from NEO and several other emerging platforms (e.g. Tezos, DFINITY, and EOS) that rely on voting for delegated consensus nodes. If any one of these challengers succeeds in creating a secure, robust consensus implementation before Ethereum can improve its transaction throughput (via pure PoS or other mechanisms) that platform’s performance advantage will pose a serious threat to Ethereum’s public chain dominance.
This challenge is far off however, as any platform will need to reach significant size for its resilience to collusion, censorship, and other attacks to be fully tested and most challengers don’t even have running production blockchains yet. At the time of writing NEO does have a functioning main net and a healthy market cap, but does not yet have a functioning voting mechanism.
NEO and other challengers will have the advantage of learning from each other’s approach to voting challenges, but the disadvantage of competing with each other with variations on the same basic design. If delegation turns out to be a winning strategy, these platforms will likely converge toward the same implementation (with the same performance characteristics), and the ultimate winner will have to distinguish itself in other ways.
NEO has yet to distinguish itself from Ethereum in terms of improved blockchain governance. At the present time, NEO provides no mechanism for users to vote, and most, if not all, operating consensus nodes appear to be affiliated with projects funded by the NEO Council. Even if voting gets fully implemented and all of the aforementioned issues with stakeholder voting overcome, one of the glaring issues is that 50% of all NEO (i.e. voting power) is currently held by the NEO Council. So until that is somehow resolved, NEO’s governance could be considered a more formalized version of the benevolent dictatorship model often attributed to Ethereum’s thought leaders.
In a broader sense, NEO is looking to leverage governance from existing legal systems to enable the digitization and management of real world assets. According to the NEO white paper “Assets registered through a validated digital identity are protected by law.” To take advantage of such protections, NEO users will need to be issued a digital identity from a Certificate Authority that is recognized within the jurisdiction of the legal system in which they seek protection.
In many legal jurisdictions, ownership of financially significant assets (e.g. car, house, stock) is recorded in a ledger maintained or regulated by a government agency and tied to identification established by a government-issued form of ID. This enables the government’s legal system to authoritatively determine the ownership of any registered property. The process of transferring assets in such systems is often beaurocratic and expensive, so transfer via the blockchain can be much faster and cheaper. However, in order for asset transfers via the blockchain to be enforceable under existing law (in those jurisdictions), the blockchain owner ids must be linked to the government-issued ID that establish ownership under that legal system. NEO claims that this linkage enables digital asset management applications that are “no longer limited to just the issuance of native tokens on the blockchain.”
Ethereum does not appear limited in this way despite its identification as a “world computer” that is not tied to any one government system of registry, identity, or law. It aims to provide a decentralized, global ledger, where anyone may participate without asking permission, identity is self-sovereign (i.e. private to and fully controlled by the user), and matters of ownership are decided by smart contracts (mostly). Decentralized applications (dApps) to exchange non-governmentally managed real world assets such as file storage, computation, and user attention have already been built on Ethereum. Applications that may require stronger linkage to real world identity could be provided this information by users via identity management dApps, such as uport, and numerous dApps to digitize such real world assets are being developed. The Mattereum project is working on creating a “blockchain aware” legal infrastructure and smart contracts technology that makes the legal transfer of property possible on the Ethereum blockchain.
We are still in the early chapters of the asset digitization story, but we are already starting to witness how technology can change our relationship to traditional assets in ways that facilitate their digitization. Ride sharing and self-driving cars are predicted to change our relationship to automobile ownership and at least one company is building smart locks and Ethereum smart contracts to automate sharing economy transactions. More immediately, we are seeing how blockchain technology is changing our relationship to traditional stock ownership. Whereas Overstock pioneered issuance of traditional stock certificates on the Bitcoin blockchain after being granted approval by the US Securities and Exchange Commission (SEC), we’ve since witnessed hundreds of projects raising collectively over 2 billion USD by issuing their own tokens to a global market of investors, without the permission of any authority. These tokens don’t represent “real world” stock shares, but many of them serve effectively the same purpose as stocks in the eyes of investors and government regulatory bodies.
Initial Coin Offerings (ICOs) have created an alternative to traditional stocks for raising capital that is more inclusive of investors and projects, and not tied to any specific governmental jurisdiction or ID system, though local governments are beginning to impose restrictions and warnings that have real impact on the ability to raise funds from investors in their jurisdictions. So, even as the globalization and transformation of real world assets plays out, our brief glimpse at ICOs suggests that the local government agencies and systems of law that have been traditionally involved in asset regulation and ownership will be modernizing to stay involved. In the foreseeable future, decentralized applications will be subject to these local systems of law, whether they run on NEO or Ethereum. Platform differences may not matter nearly as much as differences in how local governments modernize, and it’s entirely possible to see NEO dApps rise to dominance in China, while Ethereum dApps dominate the west.
Smart Contract Security
The strategy of building bridges to legacy systems to facilitate adoption is pervasive in NEO’s approach to smart contract development. NEO is building bridges to existing developer communities by allowing smart contracts to be written in a number of popular general purpose programming languages, such as C#, VB.NET, F#, Java, and Kotlin. This strategy has the obvious benefit of facilitating ecosystem growth by allowing a wide range of developers to start building NEO smart contracts without the barrier of having to learn a new language and toolchain. The mature tooling around existing languages can be leveraged to improve productivity and reduce certain classes of bugs (as compared with the less mature Solidity programming language and tooling).
However, the use of existing languages are no “silver bullet” for smart contract development. Smart contracts have requirements for determinism and decidability that these languages were not designed for. All non-deterministic features, such as threads, I/O, random number generation, and time of day functions will need to be completely disabled for programs that run on a blockchain. Execution will require gas, and regardless of language, programmers will need to be cognizant of gas usage, and handle problems that arise when a transaction doesn’t provide enough. Contracts will need to call other contracts (that consume gas), verify digital signatures, send and receive funds, and perform other domain-specific operations that are not built into these languages, but will have to be implemented by libraries. In contrast, the Solidity programming language, which was designed specifically for smart contract programming, provides built-in support for a number of domain-specific entities such as addresses, cryptography, contracts, transactions, gas, and blocks. Whether or not the ability to develop smart contracts in in a familiar programming language speeds adoption and/or provides a significant productivity advantage over Solidity remains to be seen.
What’s far more important is whether bugs that introduce very costly vulnerabilities (which can extinguish an otherwise viable and thriving smart contract platform) can be prevented. The ability to call methods in ways the contract authors didn’t intend is a general vulnerability that was common to two high value exploits on the Ethereum platform, one via reentrancy and the other via delegation to library methods. Both of these useful programming mechanisms are found in the general purpose programming languages supported by NEO, and are not likely to be disabled by NEO’s smart contract-specific compilers. However, NEO’s runtime does prevent contracts from directly calling arbitrary methods on other contracts (they can only call Main), which effectively makes all non-Main methods in all NEO smart contracts private by default. This safety feature would likely have prevented the delegation to library methods exploit. There has been some discussion around changing the Solidity default from public to private, but until the language is officially changed Solidity programs will remain vulnerable to this kind of developer oversight.
The root problem affecting Ethereum and NEO equally is that programming a smart contract is more like programming a nuclear reactor than a website; it requires a completely different approach to development because the cost of any bug is potentially catastrophic. Even Solidity code that has been developed using best practices and subjected to code review, audit, and bug bounty hacking can still have exploitable vulnerabilities. The use of familiar programming languages will not help this situation, and might even make it worse if programmers unwittingly follow familiar programming paradigms.
NEO does have an advantage in not yet having large amounts of assets stored in smart contracts like Ethereum. As long as that is the case, most exploits will target high-value Ethereum contracts, putting the full cost of lessons learned on Ethereum while the resulting language modifications and best practices can be adopted for free by NEO and other platforms.
However, Solidity’s history shows that best practices followed by the best developers aren’t enough to prevent exposure to major loss of funds. Ultimately, languages and tools specifically designed to overcome human limitations and eliminate such vulnerabilities will replace the inadequate ones we have today. The platform that first supports these on a production blockchain will be on the fast track to dominance as it watches challengers suffer extinction by exploit. Although no platform has achieved this yet, the efforts of projects such as DFINITY and Tezos are ahead of those in the NEO and Ethereum communities in terms of vision and implementation.
NEO is a very ambitious project with a lot more innovation and development going on than we were able to touch on in this article. The NEO Council is funding numerous projects to support smart contract development, parallel execution, stakeholder voting, cross-chain asset exchange, distributed storage, a standard for token issuance, secure messaging, offchain order matching, and the incorporation of quantum resistant cryptography. That’s just a sampling; the NEO ecosystem is firing on all cylinders.
NEO distinguishes itself from Ethereum and other emerging smart contract platforms in some uncommon ways. It foregoes creating a domain specific language for developing smart contracts in favor of supporting a large number of existing, general purpose languages to speed adoption and community growth. By using BFT consensus and relying on a centrally controlled digital certificate authority for identity, it trades off decentralization and censorship resistance for high performance and streamlined integration with existing legal systems.
Although it’s fairly common for projects to have a roadmap that starts out more centralized and becomes increasingly decentralized over time, the tradeoffs NEO is making to bridge to existing systems could result in a long evolutionary path toward full decentralization, censorship resistance, and smart contract security in the wild. This path may turn out to be a winning strategy for permissioned consortium chains, especially in China, where NEO is most likely to leverage the existing legal system. In the quest for global dominance as a public chain, however, Ethereum and other platforms making different design tradeoffs, may have an advantage. However, a more global and revolutionary approach threatens to disrupt and potentially disintermediate some very powerful institutions, so these platforms might face some more institutional friction than NEO.
In China, it’s common for homegrown technology from providers such as Alibaba, Baidu, Weibo, Tencent to completely dominate and shut out western competitors like Amazon, Google, and Facebook. So it may very well turn out that NEO becomes the dominant smart contract platform in China, while another project achieves global dominance everywhere else.
Dominance threat levels are explained in the introduction to the series. Below is a brief legend.
 It may be possible to get elected without an identity certificate, we’ll know when the voting system is implemented
 In Ethereum’s early days, the DAO smart contract was overruled by Ethereum’s thought leaders with a small amount of community support, but still jurisdictional legal systems were not involved
Thanks to Ethan Fast for his input on early drafts.
Special shout out to DecStack, the Virtual Co-Working Spot for CryptoCurrency and Decentralized App Projects, for their help and encouragement.
If you’d like to support this series with an ETH donation, please send it to 0x7e83982eb92502ad5d38c400ba2af7b135469ac9
Your support allows and encourages me to devote more time to these articles and is greatly appreciated.