BCOS is a fully open source alliance block chain underlying technology platform, which is set up by the financial block chain cooperation alliance (hereinafter referred to as the golden alliance) to establish an open source working group. The members of the open source working group include Bo Yan technology, HUAWEI, Shenzheng Tong, Shenzhou digital, Sifang Jing Chuang, Tencent, micro public bank, Yi pen technology and Yuexiu Jinke.
Code repository: https://github.com/FISCO-BCOS
Hello, everyone. I’m Zhang Kaixiang.
As you can see, [FISCO BCOS Open Source Community] is open. It’s a pleasure to meet you here. This number will be built by you, me, engineers from 117 member units behind FISCO BCOS, and thousands of developers who have settled down in the community. We have opened a wide range of community collaboration channels. We hope to talk with you and the masses of chain enthusiasts to get to know the technology of R & D in the block chain. We will share with each of the pits we have passed, and together we will push China’s own alliance chain technology to the top of the world.
This is the first article in this number. Let’s start with the almost obsessive slogans of The Trust Machine, Code is Law, and Letter Chain Being Immortal. In today’s and tomorrow’s two articles, I will start with a few remarks about our beliefs and disbeliefs in the world of block chains.
At present, “Blockchain: The Trust Machine” has become a slogan, followed by a series of powerful terms such as “de-centralization, group consensus, non-tampering, high consistency, security and privacy protection”. How much magic can a block chain make people trust, or what we believe when we say “trust”?
Information refers to natural attributes and behavioral information such as identity, assets, prices and geographical location. It is not inherently trustworthy, because information is scattered, incomplete, may be false, or even someone may make use of the asymmetry of information for profit.
The information is organized into structured data, which can be maintained integrity, network consistency, traceability and not be maliciously tampered with through data verification. The data can be kept open, shared and accessible through redundant storage to ensure that the data is always valid. Then, the information itself can be “trusted” and thus become “public knowledge” of everyone, and become the “maximum common denominator” recognized by all participants in the network.
If the information embodies the value, and these values are recognized and recognized by everyone, can be quantified, have the property of tradable equivalents, or may increase over time, or even be recognized by judicial endorsement, these information will have the commercial sense of “credit”.
It’s like we know someone, but it doesn’t mean we trust him. However, this person always behaves well, and his words and deeds are consistent in the community, gradually gaining everyone’s trust. Trust at this time is still not equal to credit, unless the person has considerable assets, or his personal history has the ability to make profits and repay, the future is also likely to be able to sustain the holding of assets and debt, then this person has “credit”.
Block chain system is based on arithmetic rather than rule of man. It is hopeful to solidify information into everyone’s trust anchor through its unique distributed architecture, encryption algorithm, data structure, consensus mechanism, etc. It is hopeful to transform various real world resources into cash digital assets through technical means, and to launch a series of multi-party business cooperation activities, which is called “information to letter”. “To credit”, or even because of the black chain technology, effective and incomprehensible mystery, this “letter” seems to sublimate into “faith”.
So when we talk about the letter block chain, what is the letter?
1. Signal Cryptography Algorithms
Block chains are trusted by algorithms. One of the most important algorithms is cryptography. The most basic cryptographic applications in block chains are HASH digest, symmetric and asymmetric encryption algorithms, and related signature verification algorithms.
The old version of HASH algorithm has been proved to be crackable and abandoned. The existing algorithms such as SHA256 are still unbreakable. The characteristic of HASH algorithm is to generate a certain length of data unilaterally from a pile of data without collision. It can play the role of “fingerprint” of the original data. Its unilaterality is irreversible, and it can not deduce the original data. It has certain quantum resistance. It is the best way to hide the original data and provide verification credentials when necessary.
Digital signature is generally based on public-private key system, which uses private key to sign, public key to verify signature or vice versa. Digital signature originates from the reliability of cryptography, which makes it impossible for anyone to forge someone else’s private key signature. Therefore, a person with a private key can confirm his right by signing his asset through digital signature, or initiate a transaction with the public key of the opposite party when the two parties are trading, transfer the asset to the other party, and the other party can verify the signature with his private key to obtain ownership.
Several symmetric and asymmetric algorithms such as AES, RSA and ECC elliptic curve are widely used in data encryption and decryption, secure communication and other scenarios. Their security level depends on the algorithm itself and the length of the key. When AES uses 128-512 bit keys and RSA/ECC uses 1024 or 2048 bit keys, the protected data theoretically requires hundreds of millions of years of computing time on ordinary computers to violently crack. These algorithms have been tested in commercial, scientific and military fields.
In the field of cryptography, there are new directions such as homomorphic encryption, zero-knowledge proof, ring signature group signature, lattice cryptography and so on. At present, they are in the stage of theoretical development to engineering. In the fast optimization of functions, security intensity and efficiency, we can see the possibility of landing. At the same time, we also realize that cryptography usually needs long-term development, verification, stability before it can be widely recognized, or experience a lot of tests in practice, or through the authoritative body’s audit and certification, in order to shine brilliantly in the field of production. The theory of cryptography to engineering often has a long period of time.
A basic philosophy of encryption algorithms isComputational costWhen the value of assets protected by an algorithm is much lower than the cost of breaking the algorithm, it is safe. But if an algorithm is used to protect a priceless treasure, there will naturally be people who do not want to attack profits locally, so the safety of cryptography is also dialectical and quantified.
With the rise of quantum computers and other theories, classical cryptography may undergo some challenges. However, the theoretical improvement and engineering implementation of quantum computers will remain for a while. At present, we can basically believe that cryptographic algorithms already used in block chains are almost unconditionally believed. At the same time, all kinds of anti quantum cryptography algorithms are introduced in the field of block chaining. This is an ongoing game.
2. Credit data
The data structure of block chain is nothing more than block + chain. The new block regenerates its own block height, transaction list, and the HASH of the previous block into a HASH as the symbol of the new block, thus forming a Ring-Linked data link. Any byte in the chain, or even a Bit, is modified because of the characteristics of the HASH algorithm.
At the same time, block data is broadcast to all participants in the whole network. The more participants, the stronger the scale effect. Even if a small number of people forcibly modify and delete their own block data, it is easy for others to verify anomalies and reject them. Only the data recognized by the majority can be retained and disseminated. That is to say, the data is stared at by people, and there are many copies, once landed, as long as the chain is still there, the data can be retained forever.
Based on easy-to-verify chain data structure, group redundancy preservation and common authentication, block chain data is “difficult to tamper with”, all the data are consistent, information is open and transparent, public knowledge can be highlighted and solidified.
From another point of view, data can achieve trust, but whether it can achieve “credit” depends on the value of data, that is, the information carried by the data itself, whether it can represent valuable assets, useful information, such as identity, transaction relationship, transaction behavior, big data, etc., can represent certain business value. If these data are shared, it will be enough to build a complete business foundation.
But in a situation where privacy is overemphasized, there is little information that people would like to share, which makes it difficult to achieve the “maximum common denominator” of credit. However, in the current business environment, information isolation and privacy protection are hard demands, information sharing and privacy protection become a serious spear and shield relationship, unless the whole business relationship and business logic has been innovated.
Therefore, the research on privacy protection has attracted a lot of attention, such as the theory of “multi-party secure computing” and “zero-knowledge proof”. In theory, it is possible to publish very little information and verify it, but its complexity and computational overhead are the problems to be solved at the engineering level.
3. Credit Game Theory
The most subtle part of the block chain is the consensus algorithm. Consensus arithmetic is defined as a mechanism to coordinate common or alternate bookkeeping in a group, to achieve undisputed and unique results, and to ensure that the mechanism can be sustained.
In other words, we all maintain a book together and choose who is the bookkeeper? Why do we believe that the bookkeeping action is correct? How to prevent bookkeepers from doing evil? How can a bookkeeper be motivated if he keeps his books correctly? The consensus mechanism fully answers these questions.
The logic of consensus occurs online, but in fact, behind it is the competition game in the real world.
POW (Workload Certification) uses arithmetic to compete for the bookkeeper’s seat and get the bookkeeper’s reward. In real life, in order to build a competitive power plant, miners usually need to develop or buy a large number of new types of miners, transport them to stable and cheap power supply areas, consume a large amount of electricity, network and other operating costs, and when they are regulated, they have to move their families, travel around the world, and actually invest a lot of money, energy and back. There are huge risks. If we want to gain a steady and considerable return in POW competition, we can invest hundreds of millions of dollars, which is no less than running a business.
POS and DPOS seem to be much more environmentally friendly by replacing computational power consumption with proof of interest. In addition to the token issued by the founding team, the miners usually need to get it through currency exchange or direct purchase of digital currency. Even if the currency is converted, the money they take out is often purchased in French currency, or at least these rights and interests can be marked in French currency. This is actually the wealth injection and back in the real world. Book.
However, compared with the real business relationship, the consensus of POW and POS has no legal and regulatory mechanism. They are also vulnerable to the changing game situation, such as the size of the community, the change of miners, the change of core technology operation team. Slowly, people who are rich and able may have more money and power. The centralization of networks may gradually become cartel organizations, and the relationship between miners and technology communities will continue to cause waves, causing forks, rolling back, price pushing and leek cutting.
Generally speaking, people still believe in “autonomy” in the chain of trust blocks. In such distributed autonomy, a single event (such as a transaction) has “probability”, while the whole network pursues “ultimate consistency” (the consistency of public accounts). This short-term probability and long-term certainty can, to some extent, achieve dynamic “balance”, supporting the ecology of the chain, and giving people a sense of “belief”.
On the other hand, the accountant in the alliance chain is generally an institutional role. The alliance chain requires that the identity of the bookkeeper be known and that the participants can access the network only with permission. It is a cooperative game between them. The alliance chain introduces identity information in the real world as credit endorsement, such as business registration information, business reputation, acceptance credit, working capital, or industry status, license, legal status, etc. All acts of participants in the chain can be audited and traced, and the relevant regulatory authorities can target, precisely punish and enforce when necessary. High deterrence.
In this environment, the participants in the alliance chain work together to maintain the network, share the necessary information, and conduct transactions in an equal, transparent, secure and trusted network. Only a small number of bookkeepers need to be prevented from malicious operation risks and avoid the system usability risks. By introducing the necessary trust endorsement in the real world, even though the business logic of alliance chain is very complex, the trust model is more intuitive.
Therefore, the so-called consensus mechanism is still behind the competition and credit endorsement of the financial and material resources in the real world, and the corresponding effective incentive and disciplinary mechanisms.
There is no free lunch, and there is no love or hate for no reason. “Letter” is a bookkeeper who believes in the costs and costs he has invested in the real world, and considering that the whole mechanism has deterred him, he believes that the bookkeeper will not unjustifiably destroy the network for the sake of sustained gains and added value.
4. Credit Intelligence Contract
Intelligence contracts were proposed by Nick Szabo, a prolific cross-disciplinary legal scholar. In several articles published on his website, he mentioned the concept of smart contract, which is defined as follows:
“A smart contract is a set of promises defined digitally, including agreements on which contract participants can implement these commitments.”
Simply put, it can be understood as an electronic version of paper contracts, implemented in code, running indiscriminately on each node of the block chain network, and implementing the established contract rules under the effect of consensus.
Intelligent contracts are generally based on a special virtual machine and run in sandbox mode, shielding some functions that may lead to inconsistencies. For example, the operation of acquiring system time, on different machines, clocks may be different, which may lead to time-dependent business logic problems. For example, random numbers, external file system, external website input, etc., which may lead to different results of virtual machine execution, will be isolated by the virtual machine sandbox environment.
If you want to use java language to write contracts, you can either cut down the relevant functions in JDK (system time, random number, network, file, etc.) or run in a docker with strict authority control and isolation settings. Or simply design a new language, such as Solidity in ETF, that only implements specific instructions. Or abandon some “intelligent” features and use a simple stack instruction sequence to complete the critical verification and judgment logic.
Therefore, the implementation of intelligent contracts on block chains, based on sandbox mechanism control, relying on the consensus algorithm of block chains, to achieve network-wide consistency, difficult to tamper with, undeniable and other characteristics, the output of operation results is a contract recognized by the whole network, known as “Code is Law” by Jianghu people.
However, as long as it is code, there must be a probability of bugs or vulnerabilities, which may come from underlying virtual machines and network vulnerabilities, and more likely from logical implementation. Search for “smart contract security vulnerabilities” casually, and there will be a bunch of search results, including overflow, re-entry, permission errors, and even low-level errors. In recent years, these vulnerabilities have caused losses in various assets. The most famous ones are DAO project code vulnerabilities, Parity’s multi signing wallet vulnerabilities, and a Internet Co’s tokens trading process spilling over to zero.
Technical articles can be referred to:
At present, the safety of smart contracts is also a unique strategy in the industry, including security companies and white hat reviews, formal certificates, public surveys and so on, which will improve security problems. If something goes wrong again, either the hacker is too fierce, or the programmer can only be caught sacrificing the heavens:)
Therefore, the letter intelligent contract is conditional, it is to believe that after strict testing, long-term stable operation, in case of error, there is a way to remedy (rather than despair can only wait for a fork in the big deal) of the contract. Intelligent contracts in alliance chains are usually strictly tested. When online, gray level verification process will be executed, operation process will be monitored, and measures such as accountability, remedy (correction, account adjustment, freezing, etc.) will be designed according to the governance rules, which is more credible.
5. Intermediary (?)
Note that the title of this section has a question mark. The block chain advocates the operation mode of “going to the center or multi-center, going to the intermediary or weak intermediary”. However, due to the imperfect development at present, many scenarios actually introduce intermediaries, such as currency exchange, which usually needs to go through exchanges, especially centralized exchanges. Its trading principle is that users are required to deposit assets in the account of the exchange. When trading, they are actually booking in the database of the exchange. Only when they deposit or withdraw money, they will interact with the block chain network.
To some extent, the trust model and block chain of the exchange are decoupled. At this time, the qualification of the exchange itself, the technical ability, security protection ability, asset credit and acceptance ability of the operator are the most important concerns of the users. Once there are problems with the exchange, such as running, bankruptcy, undercover operation and self-theft, basically retail investors can only do leek.
For many reasons, see the famous “Mentougou incident”:
Therefore, believing a trustee is a matter of opinion, but in the current mode, the role of the exchange is still operating in some areas. In 2018, there are more than 10,000 virtual digital asset exchanges in the world, and how many of them can achieve high-standard security, operational specifications, cleanliness… That depends.
Finally, the default of alliance chain is that there is no virtual digital asset exchange like public chain.
There are many details in the area of block chains. The main points listed above are trust technology, trust consensus mechanism and large-scale community game, which surpass trust in “people”. “Human” is an uncertain factor. You can trust a person who you know very well about Laotai, or a large group of people who share common ideas and have perfect mechanisms to cooperate with, but you can’t trust a small group of people who are ambitious, or turn into leek every minute:)
To sum up, in the block chain world, people can build the following basic confidence:
- I hold assets and information that only I can use or disclose.
- I can participate in transactions, share information and transfer assets according to fair rules.
- The assets transferred to me by others must be valid and will not be invalidated by repeated expenditure.
- Once the deal is done, it’s a dead end.
- Everything that has happened is verifiable and traceable.
- Those who break the rules will lose more.
- The people who maintain the network will pay off their work properly, and the whole model will be sustainable.
Based on these confidence and trust, under the premise of legitimate compliance, it will be an ideal state for people to inject various assets into the network and carry out complementary and mutually beneficial, transparent rules, open and fair business activities.
We encourage members of organizations, developers and other community partners to participate in open source co-construction. It will be even more remarkable if you are with us. Diversified ways of participation:
1 enter the community and chat with the most active and top teams in the circle at any time and anywhere. (Please add a little assistant, ID:fiscobcosfan.)
2. Subscribe to our public number: “FISCO BCOS Open Source Community”, we have prepared for you the development database, the latest FISCO BCOS developments, events, competitions and other information;
3. Come to Meetup and talk face to face with the development team, FISCO
BCOS is touring Meetup in China. Welcome your public number to find the nearby Meetup in the menu bar, go to know the technology cafe and chat about hard core technology.
4. Participate in Code Contribution. You can submit Issues in Github for question exchange. Welcome to submit Pull to FISCO BCOS.
Request includes, but is not limited to, document modification, bug repair, and submission of new features.
Code Contribution Guidelines:
This article was first published in Public No. [FISCO BCOS Open Source Community]. If reproduced, please indicate the source. The original is not easy. Thank you for cherishing it.