tServices’ Communication with Layer 1 Blockchains

Photo by Austin Kehmeier on Unsplash

tServices’ Role in Web 3 Stack

As we have introduced in the previous blog, tServices are service applications running on the off-chain Taxa Network. tServices perform privacy-preserving, high performance business logic of web3 applications, while also facilitating communication with layer 1 blockchains about immutable, persistent states.

tServices are executed in a trusted execution environment (TEE) which protects applications’ private data against outside attackers, as well as the node operator. tServices provide significantly greater computation and storage resources compared to on-chain smart contracts.

Nowadays the Web 3 stack includes decentralized economy infrastructure with transaction protocols (e.g., Ethereum) and decentralized storage serving static content (e.g., IPFS). tServices fill in the missing pieces by providing decentralized computation resources for service applications and dynamic content.

Flexible and Secure Layer 1 Communication

tServices use a protocol to communicate with Layer 1 blockchains asynchronously. Protocol-wise, Taxa Network is compatible with any blockchain protocols that support smart contracts with public key encryption or hashing functions. Taxa will support Ethereum in the initial mainnet release.

ECDSA is a digital signature algorithm that is widely used in blockchain protocols such as Bitcoin and Ethereum. Taxa Network introduces the Pyxa-ECDSA library as a bridge between a Layer 1 blockchain and the off-chain Taxa Network, which enables tServices to take a private key input from users and generate digital signatures as part of the execution result (we call this message a transaction authorization token). Such a mechanism provides developers flexibility on their application-level protocol design, and is compatible with different blockchain protocols.

The ECDSA-generated transaction authorization token cannot be forged outside of the TEE. The token serves as a crypto proof that certain transactions are authorized by tServices. Layer-1 smart contracts are then able to verify the signatures and execute the transactions.

tServices’ Layer 1 Communication Procedure

The 6-step procedure is as follows:

1. Before calling tServices that involve in-contract payments, the client side will generate the payment session key, a one-time use ECDSA keypair.
2. Taxa will deploy a “wallet contract” on Ethereum. Users will need to lock/prepay the Taxa Token (ERC20) for this contract. The public key will be sent to the wallet contract via a function authorize(), together with a “Permission” parameter for the public key, which assigns the security boundaries for the current payment session, such as the cap allowed to be spent and the whitelist of recipients in the tServices. Afterwards, the amount of token specified by the cap will be locked up by the wallet contract. Each participant will be able to verify a certain participant’s balance in the contract.
3. When the user calls the tServices, the private key will be sent to the enclave inside Taxa nodes together with the private data input, which are treated as part of the secret. The payload is then encrypted with AES during the transmission to the enclave so nobody including the node can get it in plaintext.
4. During Services’ execution, the transactions are recorded off-chain. After the tServices’ lifecycle ends, all the in-contract payments will be merged and signed inside the enclave by the private key of each participant, generating a signed message called “transaction authorization token”.
5. The signed and hashed message will be treated as part of the contract’s response data and returned to all participants. Anyone could broadcast the message due to economic incentive. (e.g., a winner in a game who earns tokens or the node itself which demands payment for computing service).
6. The wallet contract will verify the transactions’ signature against the public key. If the signature is successfully verified, and the payments haven’t breached the security boundary, then the wallet contract will finally execute the ERC20 transaction of Taxa Tokens. This will also mark the end of the payment session by releasing the locked tokens and invalidating the public key.

Conclusion

This article detailed the six steps which Taxa Network uses to conduct off-chain smart contracts, while leveraging the persistence, immutability and wallet contracts provided by a Layer 1 blockchains. The steps demonstrate how an ECDSA keypair is used to protect contract data and verify transactions. Thanks to tServices’ Layer 1 communication mechanism, a smart contract shall benefit from both the immutable, persistent states of Layer 1 blockchains and the performance and data confidentiality provided by Taxa Network. In future tech blogs, we will introduce tServices development standards, and the new possibilities for dApps with a layered design powered by tServices.

Resources

Do you know Taxa is on Discord? Join the technical discussions here: https://discordapp.com/invite/BusRMXf.