KEEP IT SIMPLE Principle Protects Blockchains
Cryptocurrency and blockchains have been hot topics in the news over the last year. Most recently, GPU shortages, Ethereum pricing, Bitcoin segwit, and a $7M ICO web site hack all have generated headlines that continue to signal the growing significance of blockchain technologies.
To help put blockchain news and information in context, I'm publishing a blog series on blockchains. The series will explore blockchain technology advances and the implications of those technologies for developers, enterprise IT decision makers, and consumers.
In this first blog, I will:
1. Share Intel’s contributions and commitment to blockchain and our focus on improving the security, privacy, and scalability of blockchain-based solutions.
2. Use the concept of Transaction Families to illustrate one or several approaches to blockchain security.
3. Frame our context for the next blog which will focus on scalability; specifically our point of view on the importance of consensus efficiencies and its potential impact on a number of different applications including financial transactions and cryptocurrencies.
Intel is actively participating in the blockchain industry. We are a founding member of the Linux Foundation's Hyperledger open source initiative. Intel is also a founding member of the Enterprise Ethereum Alliance. Intel developed Software Guard Extensions (Intel® SGX), available since our 7th Generation Intel® Core™ Processor introduction, and already proven to deliver value in the blockchain space with R3 and BitPay. We have also developed Hyperledger Sawtooth, which is gaining momentum with IMO's music consortium and PokitDok's healthcare blockchain solution. Intel will continue to focus on improving the security, scalability, trust and privacy of blockchains.
In this initial blog post, we will explore Transaction Families and discuss how they can help prevent blockchain hacks. Before I continue, let me explain the concept of smart contracts. A smart contract is a programmatic representation of an agreement between parties. Once agreed upon, the contract is stored on a blockchain allowing it to execute the terms of an agreement without involvement from the committed parties.A number of blockchain attacks are programming exploits of smart contract vulnerabilities to execute unintended transactions. Last week's $32M hack of the Parity Technologies multi-sig wallet is an example; the DAO hack from 2016 is another.
Transaction Families can help in preventing these types of attacks.
Transaction Families are a part of Intel's work on Hyperledger Sawtooth within the Linux Foundation. Hyperledger Sawtooth is an open source enterprise solution for building, deploying and running distributed ledgers or blockchains. Transaction Families represent the application-facing portion of the Hyperledger Sawtooth blockchain stack.
A Transaction Family is a group of operations or transaction types that are permitted to operate on a ledger. Some networks need fully programmable smart contracts and therefore demand a broad set of operations; others can get by with just a few functions. Transaction Families allow the blockchain implementer to hone the transaction breadth to the scope that is needed for the application — no more, no less. This keep-it-simple approach eliminates excess operations that could lead to system exploits.
A simple example of a Transaction Family is the Integer Key family, which provides 3 operations (increment, decrement, and set). With just these three operations, and no looping constructs, it's difficult to create a rogue routine. Rather, the Integer Key Family is limited to simply counting up and down from a set position in single integer increments.
For a more sophisticated example of Transaction Families, we created a bond-trading family. This application includes 17 operations, specific to bond trading, such as CreateBond, CreateOrder, and CreateSettlement. These allow a blockchain network to create and trade bonds, but leave no extraneous operations beyond bonds for 3rd party abuse.
The notion behind Transaction Families is to allow businesses to dial up or down the versatility (and risk) of their network to match the business need. This approach creates a pragmatic programming model for application development and serves as a deterrent for unwanted hacks.
Should you want to learn more about Transaction Families, visit the Hyperledger Sawtooth web sitewithin the Linux Foundation's Hyperledger project.
In my next blog, we will explore consensus algorithms scalability and cryptocurrencies.
For more such intel IoT resources and tools from Intel, please visit the Intel® Developer Zone
Source:https://software.intel.com/en-us/blogs/2017/07/31/keep-it-simple-principle-protects-blockchains