Why (dis)trust is the key to enterprise adoption and how it's done on Plasma
OmiseGO recently attended INBLOCKS 2019 and the first Indonesia Blockchain Week in Jakarta. The event focused sustainable blockchain development and enabling enterprise-adoption of the technology.
There, Unnawut, our software engineer, gave a talk on “The relationship between enterprise adoption, trust, and distrust.” His presentation revolved around the why trustlessness is important in blockchain and how the ability to eventually distrust can contribute to enterprise-adoption.
Here's an excerpt from Unnawut's talk at INBLOCKS:
Since the OMG Network is a layer-2 solution, let me talk about that first.
Layer-2 solutions, like OMG Network, focus on scalability and move settlement ‘off-chain’ to speed up transactions. However, to achieve this goal OMG Network does not forgo security. The solution couples Ethereum’s security protocols with its own to fortify the network.
So how does that relate to trustlessness?
Before I go into further detail about that, let’s talk about the three things that make banks trustless:
- Verify: that the banks are doing my transactions correctly and my assets are safe.
- Withdraw: my funds whenever I need them
- Appeal: If I can’t verify my transactions or withdraw my assets, I want to be able to appeal to some sort of authority that can help me recover my funds. Authority includes working with lawyers, or going to court.
What about blockchain and trust?
- Verify: Blockchain is a transparent ledger, which means I can see my transactions and verify them through public services online
- Withdraw: I can withdraw funds on the blockchain whenever I want to with my private key
- Appeal: This is a little different from banking systems, because in permissionless blockchains, we consider the code as law. Which means we don’t need an appeal process.
And that means blockchains are trustless because we don’t rely on any party or institution to give us our funds back. The coded rule is the king.
But is the ecosystem surrounding blockchain trustless as well?
Trustlessness is important. But let's discuss if the services and apps operating on the blockchain network are trustless as well?
Part 1: Trust and Layer-2
1. Alice runs a medium-enterprise that conducts 1 million transactions daily. On Ethereum (layer-1), this costs her 100,000 USD/day in fees and processing these transactions take 40 hours/day. Not only is this impossible, the Ethereum Network is slow and expensive -- but it is secure.
2. This is where Bob comes in and offers Alice his layer-2 solution (OMG Network). He promises a cheaper transaction fee and higher throughput. He also mentions that his solution is secure because it uses layer-1 security.
3. And so, Alice moves her operations from the Ethereum Network to the OMG Network, enjoying faster, cheaper, and secure transactions.
Part 2: The Inevitability of Murphy’s Law
Anything that can go wrong, will go wrong. This isn’t just theory though, we’ve seen this happen in the blockchain space as well. What was once hailed as unhackable, has been breached a few times.
But, 3 out of 4 compromises happen outside the blockchain network, because of things like lost private keys or a hacked app/service. My point is, while we are confident that the base blockchain network is secure, it is important that the ecosystem around the blockchain system remains secure as well.
As engineers, we have to plan for this, because without a solution, real world enterprises will never feel safe enough to move over to blockchain.
So far, there are four popular ways to rectify this situation, namely:
Part 3: Distrust and Plasma
What does that mean for the OMG Network? There are 3 concepts within plasma we use so a user can distrust the Network.
- Watcher - A mechanism that observes and verifies normal and unusual account activity.
- Exit - Ability to reclaim funds by bypassing the layer-2 solution and communicating with the layer-1 solution directly. This feature is useful if the layer-2 solution is under attack or shut down.
- Challenge - Ability to dispute malicious claims and challenge the system when my funds are not right.
Case A - Exiting Without An Operator:
“How do I recover my funds if the OMG Network Disappears?”
Alica can get her funds back by presenting her Smart Contract to the Ethereum Network. The Ethereum Network communicates with the now-defunct Layer-2 and asks if it can challenge Alice’s ‘proof’. It can’t, and so Alice gets her funds back.
Case B - Exiting Without An Operator:
“How do I recover my funds if an operator on the OMG Network becomes malicious?”
Say someone attains OmiseGO’s private key and asks the OMG Network to transfer 10 million USD from her account to theirs. The watcher system in-place detects this unusual activity and notifies Alice of it immediately. Seeing this, Alice challenges the fake transfer with her latest Smart Contract, telling the Ethereum Network to reject the transaction.
The Ethereum Network’s Smart Contract waits for the third-party to object to Alice’s ‘challenge’, they can’t– Again because Alice is challenging with a valid proof, no one has a truth-ier proof to object Alice's challenge; and so Alice exits her nearly-stolen funds to her bank account.
So what does all this mean for enterprise-adoption and for those using the network?
First, trust issues are not limited to Layer-2 solutions. It applies to all the applications that have to talk to the blockchain and those that hold user funds. As long as we can’t answer the question of “what happens after things go wrong?” confidently, it will be difficult to gain enterprise-adoption.
Few questions we can start asking to speed up the process:
Lastly, one of the most important points I can propose to any dApp or service out there is: It's as important to design your solutions for trustlessness as designing for scalability.
It’s important to keep asking yourself if you’re able to trust your service and even more prudent to ask if you can distrust it when things go wrong.