There is a project lurking in the shadows; slowly it has worked its way towards the spotlight, and now a palpable demo is estimated to be less than two weeks away.
Its goals are to strengthen Elastos’ off-chain security, pave the way for adoption by enterprise clients, promote the function of the current peer-to-peer network to include mining, and much more.
It is Elastos’ Trusted Computing Enhancement project.
Kevin Zhang, the man behind the ambitious endeavor funded by the Manhattan Project, is of the opinion that trusted computing on top of a blockchain base layer will bring the best of both worlds to enhance not just Elastos, but the entire decentralised consensus space.
But isn’t Elastos already foolproof? Why is this important for enterprise clients? And what exactly is trusted computing?
Blockchain: Trustless computing
Blockchain is a form of trustless computing that is secured through a variety of consensus mechanisms (mining, staking, etc.). It is called trustless because these mechanisms do not require trust between the parties involved, though there is a shared faith in the system.
Using PoW as an example, the blockchain serves as a truly immutable ledger, also proving to be very robust and highly unlikely to be hacked with a 51% attack to take over the network possibly costing double digit figure amounts. While this means the blockchain is secure for commercial use, paying an inconceivable amount of money for a hack that allows access to valuable data or impedes the operations of say a Fortune 500 company’s biggest competitor could mean that even that incredible price is a bargain.
Besides attack risks and well known issues like scaling and energy costs, other less-apparent cons such as public storage of data and execution of privacy sensitive tasks can be a big no-no if we look at the many use-cases enterprises may have. Many blockchain projects actually resort to off-chain solutions to solve some of the above mentioned problems, unfortunately sacrificing security and decentralisation in the process.
Trusted computing, on the other hand, generates trust by thoroughly securing the technology (hardware, software, or both) to guarantee system integrity and to make it very hard to breach from a technical standpoint.
A great example of trusted computing technology is TrustZone by ARM, which provides system-wide hardware isolation, kind of like a hardware version of the Elastos Runtime. Use-cases include authentication, such as user-friendly fingerprint entry, payment, and content protection. Speaking of content protection, the US Army and Department of Defence both require that every new PC they purchase comes with a Trusted Platform Module, another form of trusted computing.
Even more popular is SGX by Intel: “Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into some modern Intel central processing units (CPUs). They allow user-level as well as operating system code to define private regions of memory, called enclaves, whose contents are protected and unable to be either read or saved by any process outside the enclave itself, including processes running at higher privilege levels.” [source]
With trusted computing, a device will always operate as intended; its actions are enforced by the hardware and software. Guarantee of proper execution of code is achieved by loading the hardware with a uniquely encrypted key that cannot be accessed by the rest of the system.
While this technology on its own (without blockchain) allows for secure and private execution of these privacy sensitive tasks, it is limited to its safe zone. The many benefits of decentralisation, including the all-important decentralisation of the manufacturing of the hardware used, are missing. From here, corruption, manipulation, and many other downsides that have driven the world to decentralised solutions may follow.
So, blockchain secures through consensus, which is slow and very expensive to attack, making it unprofitable to do so in nearly all situations. Anyone can join and contribute to a blockchain as long as they do what’s required by the system, i.e. provide a correct Proof of Work result. Their device, background, or anything else does not matter. Trusted computing, however, puts the task of securing on to specialised hardware and/or software. While this is highly effective for security and works without diminishing operation speeds, its functionalities are limited, and, it requires a fundamental trust in the actual hardware.
To help explain how the perks of trusted computing can amend the principles of blockchain, I’ll use the notorious blockchain trilemma.
The blockchain trilemma involves scalability, security, and of course decentralisation. Projects tend to follow a pattern of solving two by sacrificing one: the secure, decentralised Ethereum project lacks in scalability, the secure and scalable NEO project lacks in decentralisation (21 node system).
Elastos on its own goes very far in solving all three (and solves the trilemma for the ETH and NEO projects as well): securing through its merge-mined mainchain, the Elastos Runtime and Carrier solving scaling through its sidechain architecture, and decentralising through the Carrier, mainchain, and to an extent, through DPOS. Adding on a trusted computing layer can further improve security and, at the same time, enhance the other two factors.
Elastos is merge mined with Bitcoin. Attacking Bitcoin, by far the most secure blockchain project, is expensive. This makes it fine for commercial use, but for enterprise and nation clients, this is not enough of a guarantee as bad actors might find it worthy to attack regardless of costs. By adding a trusted computing layer, Elastos and other projects can further secure their already solid structures, and open doors for a lot of use cases, as well as enterprises that are now unable to confidently make the leap into the decentralised tech domain.
As technology matures rapidly, an additional hardware security layer alongside the Elastos Runtime, allows Elastos to remain fortified against future innovations by applying these next-gen technologies to its own hardware modules, which would of course be open source, solving the aforementioned problem of trusting manufacturers.
Mining equipment and staking costs can be expensive and inaccessible to many for a plethora of reasons. Cheap IoT devices with trusted computing apparatuses built-in allow a much larger percentage of the world’s population to join in and truly decentralise mining to the same extent the Carrier network does for network transmission—possibly going up to dozens, if not hundreds of devices per household in the far future.
The wide use of small and cheap IoT devices in place of a lower number of large expensive mining machines would entail tons of low (energy) cost miners stretched across the globe in a system that is able to perform the arguably best form of scaling; as more users join to reap the benefits of a project, the devices that are required to do so actually aid in the scaling of said project.
By bringing together the best aspects of trusted and trustless computing, the Elastos trusted computing enhancement is able to use the blockchain as Elastos does currently: as a base layer that serves as an immutable ledger, for its smart contract capabilities, and for the resulting token economies that these features make possible.
On top of this base layer, the second layer in the proof of concept is a trusted computing equipped P2P network, wherein the trust aspects of the smaller enclave (like in the above described TrustZone and SGX) are supplied to participant nodes and IoT devices in the enhanced Carrier network.
As of now, not much has been disclosed, but one use-case Kevin Zhang has outlined is a low cost decentralised ID card: “The decentralised ID card is a future DApp on top of our Trusted Network. It is one of the thousands of Trusted DApps.” Not only is the ID itself trusted, it can also be used to verify the device it connects to, “for example, to detect a fake ATM or malicious smartphone,” Kevin revealed.
Both Elastos and other projects that resort to moving part of their operations off-chain in an effort to solve key issues will soon be able to guarantee the data privacy, security, and ownership through the trusted computing layer, this time without sacrificing security and decentralisation in the process.
Let us know on social media/in the comments if you’d like to have an in-depth breakdown of the technology.