Consensus Immutable agreement for the Internet of value
kpmg.com About the authors Contents 1 Seizing opportunity – Blockchain and beyond Sigrid Seibold Principal, Advisory Capital 2 The basics behind blockchain Markets, KPMG LLP 3 Consensus Sigrid looks back at 25 years of working in the banking 10 Key observations and capital markets industry. 14 Is blockchain right for your organization She primarily focuses on the major investment banks, leveraging her areas of 15 Maneuvering the road ahead specialization, such as data management and digital 17 Appendix 1: Key terminology technologies, including financial and blockchain. As a respected industry thought leader, she has published 19 Appendix 2: Consensus mechanism valuation a variety of white papers covering a variety of capital questionnaire markets topics, including the use of blockchain for investment banks, as well as articles in major 24 Appendix 3: Questionnaire response set newspapers, such as the Wall Street Journal. 25 Acknowledgments
George Samman Blockchain Consultant and Adviser George is a blockchain consultant/adviser and Operating entrepreneur in residence features at Startupbootcamp for blockchain and bitcoin. He also writes a blog Access/ on -boarding on blockchain technology and use cases at Tokenization SAMMANTICS. He has co-founded and worked Performance/ for various startups in the bitcoin and blockchain scalability space since 2013. He is also a contributing writer Risks for various blockchain publications. He was a Senior Governance Strength of algorithm portfolio manager and market strategist with a Wall Street firm, and a technical analyst. He holds the Privacy designation chartered market technician (CMT). Cryptography Use cases
Security Consensus methodology
Implementation
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Seizing opportunity – blockchain and beyond
ack in early 2009, the high-profile journey of the first Bitcoin overshadowed the ingenuity of its underlying The terms technology, the blockchain protocol. These days, however, Blockchain, distributed ledgers, and B consensus mechanisms are sometimes blockchain is garnering its own share of headlines. Inspired by used interchangeably. For purposes the original blockchain protocol, a variety of new consensus of this paper, we use the following mechanisms and new types of distributed ledger technologies definitions:
are continuing to emerge. As innovation accelerates, proponents Blockchain: A type of distributed ledger are eagerly seeking solutions that may work within the current database that maintains a continuously regulatory confines of financial services and other industries. growing list of transaction records ordered into blocks with various As a result, more and more financial services companies and venture capital (VC) firms protections against tampering and are looking closely at blockchains and other distributed ledgers, and with good reason. revision. Ideally, this technology has the potential to execute transactions in discreet, efficient, and Distributed ledger: A digital record of highly cost-effective new ways than the existing centralized network in financial services. In addition, entrepreneurs and companies, including some of the world’s biggest banks ownership that differs from traditional and technology firms, are investing massive amounts of money, talent, and resources to database technology, since there is no explore and develop this technology for a wide range of potential applications. central administrator or central data This paper aims to provide an overview1 of how these technologies, specifically their storage; instead, the ledger is replicated underlying consensus mechanisms, have evolved over time. The consensus mechanism among many different nodes in a peer- provides the technical infrastructure layer for blockchains. This makes it one of the to-peer network, and each transaction is most critical components when assessing real-world use cases. It is based on our own uniquely signed with a private key. research as well as the results of interviews with more than 20 creators and corporate users of blockchains and other distributed ledgers. We’ll review how various distributed Consensus mechanism: A method of ledger consensus mechanisms continue to evolve and are currently being tested and, in authenticating and validating a value some cases, implemented. or transaction on a Blockchain or a Despite being highly regulated, the financial services industry (including the rigorously distributed ledger without the need scrutinized capital markets sector) foresees real potential promise in distributed ledger to trust or rely on a central authority. technology. Therefore, financial services decision makers need to stay on top of the Consensus mechanisms are central to evolving consensus mechanism landscape. We hope this paper provides them with the the functioning of any blockchain or relevant questions to ask when deciding on whether this technology is right for them, distributed ledger. and if so, what kind, and how it might best be implemented. Nodes: Members or systems of a In our opinion, blockchain and distributed ledger technology hold significant potential within financial services as a secure and efficient decentralized instruments of trust consensus network or a server that between counterparties. We believe it’s an opportune time to think through how holds a replicated copy of the ledger distributed ledger technologies can be effectively and efficiently used to overcome and can have varying roles: to issue, the previous challenges with the public blockchain called Bitcoin. The following pages verify, receive, inform, etc. For all intents explore its past journey, present states and broad potential opportunities for the future. and purposes, a node can be a virtual machine (VM) instance.
1. This overview is partly based on the authors’ own research as well as the results of a questionnaire sent to more than 20 creators and corporate users of blockchains and other consensus mechanisms. The questionnaire, along with answers from companies that didn’t request anonymity, are in an appendix at the end of this paper.
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Consensus – Immutable agreement for the Internet of value 1 The basics behind blockchain
Blockchains are a specific type of a distributed ledger and a There’s no need for a middleman between the parties in a way of ordering and verifying transactions into blocks with transaction. There’s also no need for trust from one peer to the various protections against tampering and revision. A network next, since the technology, running on the participants’ nodes, of computers maintains and validates a record of consensus of provides all the confidence needed. If a blockchain is well- those transactions via a cryptographic audit trail. A distributed implemented, the resulting advantages include speed, privacy, ledger means that no single centralized authority, like a reliability, and much lower costs. clearinghouse, verifies and executes transactions. Instead, At the heart of a blockchain is consensus among the participants participants have computers that serve as “nodes” within the (refer to steps three and four in Figure 1. ) Consensus is key, network. because without a central authority, the participants have to agree Some or all of these nodes verify and, if appropriate, execute on the rules and how to apply them; using these rules, they have proposed transactions according to an agreed-upon algorithm to agree to accept and record a proposed transaction. called the consensus mechanism. The transactions are then encrypted and stored in linked blocks on the nodes, creating an audit trail.
Figure 1: What exactly are blockchains? Blockchains are a way of ordering and verifying transactions in a distributed ledger, where a network of computers maintains and validates a record of consensus of those transactions with a cryptographic audit trail.
Initiate the ost and record the alidate via consensus Transaction Broadcast Immutable, encrypted block transaction. transaction to the network. and confirm. completed
– ultiple parties – The transaction is added in – The block is broadcast to – The network verifies, validates, – The confirmed block is added in – odes have transact. order into a network s block every party and their nodes in and approves the confirmation a linear and chronological order access to a and presented. the network. is broadcast to the other to the chain. shared single All transactions are – nodes. source of truth. recorded, including – ntries can be added but not – The network of computer – This provides a transparent the transaction s deleted. nodes verify and, validate by – onsensus agreed record of transactions, audit – A completed trail, and traceable digital date, time, parties, – ach node in the network running a software that mathematical mechanism is block gives way fingerprint. and amount wants owns a full copy of the ledger. continuously replicates the recorded and provides the to the ne t to do a transaction. ledger. basis for the trust mechanism. – ata is pervasive and block in the persistent and creates a blockchain. reliable transaction record. onsensus mechanism applied
BLOCKS
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. 2 Consensus – Immutable agreement for the Internet of value The basics behind blockchain Consensus
As highlighted in Figure 1, the transaction, once created and Consensus. Old and new posted to the network, is signed with the signature of the Certainly, building consensus is not a new concept. transaction’s initiator, which indicates the authorization to spend Consensus has been around for as long as human beings the money, create the contract, or pass on the data parameters have lived together. In its most basic form, it’s just a way associated with the transactions. If the transaction is signed, it is for a diverse group to make decisions without conflict. valid and contains all the information needed to be executed. According to Edward Shils’ “The Concept of Consensus,” The transaction is sent to a node connected to the blockchain three things are needed for a consensus: network, which knows how to validate the transaction based – The common acceptance of laws, rules, and norms on predefined criteria. Invalid transactions are discarded, while valid transactions are propagated to another three or four other – The common acceptance of institutions that apply these connected nodes, which will further validate the transactions and laws and rules send them to their peers until a transaction reaches every node in – A sense of identity or unity, so group members accept that the network. This flooding approach guarantees a valid transaction they’re equal in respect to the consensus. will reach the whole network within a few seconds. The senders Consensus began as a concept for societies, but it’s now an do not need to trust the nodes they use to broadcast the important part of computer science too. In the last 30 years, transactions, as long as they use more than one to ensure that consensus mechanisms in the computer world have gone the transaction propagates. The recipients do not need to trust from an abstract idea to the backbone of distributed ledger the senders either, because the transactions are signed or contain technology. no confidential information or credentials, such as private keys. In distributed ledgers, a consensus mechanism is the Once a transaction is validated and included in a block, it is then way in which a majority (or, in some mechanisms, all) of propagated to the network. Once the whole network reaches a network members agree on the value of a piece of data or consensus and the other nodes of the network accept the new a proposed transaction, which then updates the ledger. In block, it is chained into the blockchain. Once recorded on the other words, a consensus mechanism is a set of rules and blockchain and confirmed by sufficient subsequent blocks, the procedures that maintains a coherent set of facts among the transaction becomes a permanent part of the public ledger and participating nodes.2 is accepted as valid in principle by all nodes within the blockchain network. Consensus algorithms allow connected machines to work together as a group that can even survive if some There are many different mechanisms that can build this of its members fail. This tolerance of failure is another big consensus, and programmers and companies are constantly advantage of blockchains and distributed ledgers, which working on new ones. Which consensus mechanism a blockchain have a kind of redundancy built in. uses is at the core of what most defines it. In the pages that follow, we’ll look at some of the most important consensus mechanisms out there. As you will see, not all of these consensus mechanisms are blockchains. Some can also Consensus protocols or consensus platforms lie at work “off-chain,” as bilateral agreements, and we’ll take a closer the core of distributed ledger technologies. There is look at some of those too. Note: that there’s a glossary at the a great diversity of algorithms for building consensus end, which provides definitions for some terms that may not be based on requirements like performance, scalability, familiar to a nonspecialist. consistency, data capacity, governance, security, and failure redundancy.
2 http://www.ofnumbers.com/wp-content/uploads/2015/04/Permissioned-distributed-ledgers.pdf
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Consensus – Immutable agreement for the Internet of value 3 Consensus
How consensus mechanisms work mechanisms below. A number of the parameters above are Basic parameters that define a consensus mechanism: implemented through four main techniques within cryptography that use mathematical formulas to try to ensure security and – Decentralized governance: A single central authority cannot privacy. These techniques include private keys, private keys, provide transaction finality. hashing functions, and hierarchical deterministic keys. – Quorum structure: Nodes exchange messages in predefined ways, which may include stages or tiers. Overview of consensus mechanisms – Authentication: This process provides means to verify the and distributed ledger technologies participants’ identities. Figure 2, provides a visual summary of the key distributed ledger technologies we are seeing in the market right now. – Integrity: It enforces the validation of the transaction integrity (e.g., mathematically through cryptography). Note: See appendix 1 for definitions of key terms – Nonrepudiation: This provides means to verify that the The scope and description of the various consensus mechanisms supposed sender really sent the message. can only be a snapshot in time (April/May 2016) as the landscape is evolving quickly. This paper does not aim to be a complete – Privacy: It helps ensure that only the intended recipient can overview of the existing technology consensus options but is read the message. geared toward giving a fair representation of those propositions, – Fault tolerance: The network operates efficiently and quickly, which currently are being actively explored and discussed even if some nodes or servers fail or are slow. as technical options for building blockchains. For the sake – Performance: It considers throughput, liveness, scalability, and of transparency, it also should be stated that many of these latency consensus mechanisms have been used before blockchain and distributed ledgers came into existence. We have not included Within these parameters, there are significant differences any traditional centralized databases for our evaluation. between one consensus mechanism and another. We’ll look at some of these differences when we describe specific
Figure 2: Illustrative Bitcoin overview of distributed Distributed concurrence 1 Colored Coins 1 consensus mechanisms Corda (R3 CEV) roprietary Metacoins DAG (Directed Acyclic Graphs 1 Factom Coinprism
PBFT (Practical Byzantine Fault Tolerance) 1 Derived PBFT (Hyperledger project) 1 RBFT (Redundant Byzantine Fault Tolerance, e.g., Evernym) 1 1 BF ( implified By antine Fault olerance, e.g., Chain) N2N Casper Proof-of- thereum (moving to o ) work PBFT and derivatives P erm i ss io n l e Proof of stake s penchain s PoET (Proof of Elapsed Time) by Intel
(Sawtooth Lake Project) 1 Types of
Proprietary d
e distributed
distributed ledger n Delegated Graphene 1 o
i mechanism
s proof of s
i 1
m Steem r e stake
Federated P BitShares 1 consensus
Leader-based Ripple (evolving into the consensus inter-ledger protocol) 1 Round Robin (including) tellar ( ipple fork) PAXOS/ RAFT-based derivatives
1 Denotes a consensus mechanism/distributed ledger technology evaluated as part of this paper. See Key Observations below. 1 1 Note: Some DLTs provide for multiple consensus mechanisms, BigChainDB Tangaroa and these are configurable. A primary alignment has been AF Mencius established here for purposes of this paper. Viewstamped 1 a os (including many MultiChain variances, such as Fast a os, replication Tendermint 1 galitarian a os, etc.) AB Juno (Raft-Hardened Tangaroa; JP Project) 1
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. 4 Consensus – Immutable agreement for the Internet of value Consensus
The Byzantine generals’ problem The first way, developed in 1999, was “proof-of-work.” Proof- The basis for modern consensus mechanisms came in 1962, of-work means that the system’s users have to repeatedly run when an engineer at the RAND Corporation, Paul Baran, came up algorithms to validate the transactions of the system’s other with the idea for cryptographic signatures in a paper called “On participants. Today, it’s still the most publicly proven method to Distributed Communications Networks.” These digital signatures achieve consensus. soon became a way to authenticate users when they amended Proof-of-work systems maintain their blockchains with a data or files. decentralized peer-to-peer cryptographic protocol. They don’t have Twenty years later, a trio of scholars published a paper that any central authority, but they do assume that “honest” nodes outlined the problem of reliability in a decentralized system. In control at least a majority of the system’s computer power. (At “The Byzantine Generals’ Problem3,” authors Leslie Lamport, least half the army is in the hands of loyal generals.) They’re public Robert Shostak, and Marshall Pease proposed a thought or permission-less systems: The nodes don’t need to know who experiment: Imagine that a group of generals, each commanding the other nodes are. part of the Byzantine army, surrounds an enemy city. The generals Bitcoin is the best-known use of a proof-of-work system. A can only communicate by messenger, but in order to conquer the person or team who worked under the name Satoshi Nakamoto city, they have to agree on a battle plan. published the Bitcoin technology in October 2008 in a paper called 4 The problem is that one or more of the generals might be a traitor “Bitcoin: A Peer-to-Peer Electronic Cash System.” It was quickly who will try to distort the messages and sabotage the plan. The implemented as open-source code and released in January 2009 question is, how many traitorous generals can the army have and as the now-famous digital currency. It’s based on “mining”: still function as a unified force? Participants’ computers verify and add transactions to the public ledger and, as a reward, earn new bitcoins. There’s a direct analogy to digital currencies, the custody of assets, and the transference of values when there isn’t a central Many other methods have since followed. Figure 3, (on the authority to verify these assets and transactions. In distributed following page) gives a visual representation of the technology’s ledgers, the different participants’ nodes are like generals. development before and after bitcoins. In the following pages, we They have to decide on an acceptable fault level: How many look at some of the forks in this road. transactions can be malicious (how many generals can be traitors) without the system having to refuse a transaction? This is Another way of mining bitcoins because a certain number of failures may not damage the overall Proof-of-stake came in 2012. The method here is to create a system’s reliability. mechanism that punishes nodes that don’t follow the consensus protocol. Participants have to bet a predefined amount of digital In the scenario these authors described, with oral messengers assets (bitcoins) on a consensus outcome. If the outcome doesn’t connecting each pair of generals, it’s possible to develop an take place, the malicious nodes lose these assets. algorithm so that the system (the Byzantine army) will be reliable if it’s certain that two-thirds or more of the generals are loyal. In proof-of-stake bitcoin systems, where mining requires the participant to “put up a stake,” a participant can mine new coins For distributed financial transactions on computers, the question (or enter new transactions) in accordance with how many coins is more complex. For a while, it seemed unsolvable. they already have. In proof-of-work systems, mining successfully The Byzantine generals’ solution – And bitcoins depends on actually doing the computational work. The solution came in 1999, when Miguel Castro and Barbara The advantage of proof-of-stake over proof-of-work is that it Liskov introduced the practical byzantine fault tolerance (PBFT) requires fewer laborious computations. Since these computations algorithm. PBFT can process an enormous number of direct are usually expensive, their reduction lowers the cost of the 5 peer-to-peer (or distributed) messages with minimal latency. That system and the barriers to entry. The more coins are held in the means that programmers can build secure and resilient private digital wallet and the higher the degree of controlled computing distributed networks. Since 1999, PBFT has been implemented in power, the greater is the probability of winning a block. many ways, and it’s been further developed into various technical iterations.
3 LAMPORT, L., Shostak, R., and Pease, M. The Byzantine Generals Problem. ACM Transactions on 5 http://bitfury.com/content/5-white-papers-research/pos-vs-pow-1.0.2.pdf Programming Languages and Systems, 4, 3 (July 1982), 382–401
4 https://bitcoin.org/bitcoin.pdf
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Consensus – Immutable agreement for the Internet of value 5 – Global Financial – Proof of Stake (Developed) Crisis erodes trust – ZAB – DAH (Digital Asset Holding) – DAH announces plans with in Financial – Tendermint (Founded) DTCC “to develop and test Proof of Work Napster, Kazaa, Limewire Services consensus first and BitTorrent show – RAFT (Paper and Founded) a distributed ledger based Consensus solution discussed potential for P2P – Perfect Money yet – Tangaroa (Paper and Founded) (Adam Back) distributed computing one more attempt – Eris – Eris and 40 of the world’s, DigiCash (David Chaum) in for a global digital – Pebble largest and mostly Netherlands first attempt currency – DAG (Founded) systemically-important, Public Key at Crypto-currency based on his – Factom banks join the R3 consortium Infrastructure is work on blinding formula – Chain introduced PayPal commences Byzantine More innovations – Coinprism (GCHQ / Diffie operations as global online “On Distributed Generals in the field of Communications Helman) Viewstamped payments platform Problem Cryptography – August, Networks”, Replication (Roger Heath- paper Bitcoin.org – DPOS Paul Baran Brown) published Secure Hash domain name – BitShares 0.X – UBS begins Algorithm is registered developing – Ethereum (SHA) first blockchain – Mencius – MultiChain published Paxos implementation – Openchain by NSA with Ethereum – CASPER Evernym
1962 1970s 1976 1979 1982 1986 1987 1988 1990s 1994 1996 1997 1998 1999 2001 2002 2004 2006 2007 2008 2009 2012 2013 2014 2015 Jan 2016 Feb 2016 March 2016 Apr 2016 May 2016
WebMoney – Barclays interest digital – CORDA rate swap (Corda – currency Liberty Reserve (R3CEV Ledger) Proof of Concept) attempt is another – Distributed Concurrence Stellar – Derived PBFT from failed – HSBC, Citibank, (Hyperledger project) Moscow attempt to and other banks Ralph Merkle – BigChainDB Cypherpunk create a sign up for patents Merkle Elliptic Curve Ripple – Distributed Proof of Stake movement digital Distributed ledger Tree Hashing Cryptography – PoET becomes currency startup R3CEV technique (Joseph H. – Juno Silveman) popular – RBFT within parts (Redundant – JPMorgan Unveils of global Byzantine 'Juno' Project at Crypto Fault Hyperledger community – Digital currency Tolerance) Blockchain Meeting Sybil attack first Post-centralized eGold based on described Brian Zill mainframe Gold price – Colored Coins – Santander invests (Paper) distributed Practical Byzantine Fault – RIPEMD encrypted in Ripple computing Tolerance (Paper Written) hashing techniques – Colored Coins – PBFT (Mechanism emerges first described in – Proof of Work (Developed) Copay Developed) – Sawtooth – Intel Unveils Belgium – (Developed) Lake ‘Sawtooth Lake’ Proposal Bitcoin – BNY Mellon Explores Bitcoin’s Potential (Bitcoin) Theoretical Papers Actual Consensus definitions (currently being implemented) Implementation attempts Bitshares NXT
A variant system called delegated proof-of-stake (DPOS) tries to – The security system inherited from bitcoin and other proof- combine proof-of-stake and proof-of-work characteristics. DPOS of-work-based blockchains doesn’t work well for regulated uses a decentralized voting process through what are known financial settlements (its incentives are distorted) as witnesses as a way to mitigate against potential network – There’s not enough legal finality around settlements. centralization. – Regulatory risks remain high. The next generation after bitcoin Developers have since presented new mechanisms meant to Alternatives to blockchains improve bitcoin. In 2014, the French entrepreneur Flavien Charlon launched Coinprism, which uses “colored coins,” an open-source The search for consensus mechanisms that are reliable for protocol to create digital assets on top of the bitcoin blockchain. financial institutions and acceptable to regulators led developers That lets the bitcoin blockchain be used for more than just to systems that don’t depend on bitcoin and proof-of-work. currency. Several big financial market players, including Citigroup6 Ripple, developed in 2012, was the first significant new one. and NASDAQ,7 began experimenting with colored coins in 2015. Ripple’s code base is based on the bitcoin blockchain but does not use proof-of-work consensus. Instead, the ripple network uses a Metacoins have also emerged–coins sitting on top of another “ripple consensus ledger” which has these features: blockchain as a “meta” layer.8 – Its participants and history define it, not the underlying But for all the apparent potential, it soon became clear that technology. it wasn’t feasible for financial institutions, which are heavily regulated, to adopt either of these technologies for these – It relays messages with open peer-to-peer broadcasts. reasons9: – Instead of relying on mining, it uses a system of tokens called 6 http://www.ibtimes.co.uk/codename-citicoin-banking-giant-built-three-internal-blockchains-test-bitcoin- XRP as currency. technology-1508759 7 https://www.theguardian.com/technology/2015/may/13/nasdaq-bitcoin-blockchain – Consensus subnetworks of collective trust called “unique node 8 http://explainbitcoin.com/what-is-a-meta-coin/ lists” (UNL) exist within the larger network, so the system is a 9 https://static1.squarespace.com/static/55f73743e4b051cfcc0b02cf/t/564ca429e4b0a9e90a947 kind of federation ba2/1447863337472/watermarked-tokens-and-pseudonymity-on-public-blockchains-swanson.pdf
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. 6 Consensus – Immutable agreement for the Internet of value – Global Financial – Proof of Stake (Developed) Crisis erodes trust – ZAB – DAH (Digital Asset Holding) – DAH announces plans with in Financial Figure 3: Illustrative body of work before bitcoin and – Tendermint (Founded) DTCC “to develop and test Proof of Work Napster, Kazaa, Limewire Services consensus first and BitTorrent show – RAFT (Paper and Founded) a distributed ledger based the history of consensus mechanisms solution discussed potential for P2P – Perfect Money yet – Tangaroa (Paper and Founded) (Adam Back) distributed computing one more attempt – Eris – Eris and 40 of the world’s, DigiCash (David Chaum) in for a global digital – Pebble largest and mostly Netherlands first attempt currency – DAG (Founded) systemically-important, Public Key at Crypto-currency based on his – Factom banks join the R3 consortium More consensus mechanisms emerge Infrastructure is work on blinding formula – Chain introduced PayPal commences Byzantine More innovations – Coinprism (GCHQ / Diffie operations as global online Since PBFT was developed in 1999, many other consensus “On Distributed Generals in the field of Communications Helman) Viewstamped payments platform Problem Cryptography – August, mechanisms have emerged. Some consensus mechanisms Networks”, Replication (Roger Heath- paper Bitcoin.org – DPOS Paul Baran Brown) utilize tokens; others have evolved to function token-less and published Secure Hash domain name – BitShares 0.X – UBS begins Algorithm is registered developing without mining respectively. There’s been a general shift from – Ethereum (SHA) first blockchain – Mencius – MultiChain published Paxos implementation permission-less systems like bitcoin, where anonymous nodes – Openchain by NSA with Ethereum – CASPER Evernym validate transactions, to permissioned systems. Here, nodes must be legally known and identified to validate transactions. Since the 1962 1970s 1976 1979 1982 1986 1987 1988 1990s 1994 1996 1997 1998 1999 2001 2002 2004 2006 2007 2008 2009 2012 2013 2014 2015 Jan 2016 Feb 2016 March 2016 Apr 2016 May 2016 nodes are known and can demonstrate their assets, there’s no
WebMoney need for “mining” to create currency. – Barclays interest digital – CORDA rate swap (Corda – currency Liberty Reserve (R3CEV Ledger) Proof of Concept) Where bitcoin is an open, censorship-resistant system, we have attempt is another – Distributed Concurrence Stellar – Derived PBFT from failed – HSBC, Citibank, seen an evolution for certain capital markets transactions to the (Hyperledger project) Moscow attempt to and other banks Ralph Merkle – BigChainDB exact opposite of that: bilateral consensus mechanisms, node Cypherpunk create a sign up for patents Merkle Elliptic Curve Ripple – Distributed Proof of Stake movement digital Distributed ledger Tree Hashing Cryptography – PoET to node (N2N). The two counterparties in a transaction validate it becomes currency startup R3CEV technique (Joseph H. – Juno Silveman) popular – RBFT between themselves, node-to-node, without others in the ledger within parts (Redundant – JPMorgan Unveils of global Byzantine 'Juno' Project at involved, unless the counterparties choose to permit it. R3CEV’s Crypto Fault Hyperledger new ledger, Corda, has developed such a solution for its banking community – Digital currency Tolerance) Blockchain Meeting Sybil attack first Post-centralized eGold based on consortium. Corda essentially creates, with a set of rules that all described Brian Zill mainframe Gold price – Colored Coins – Santander invests (Paper) participants have agreed to, an environment in which everyone distributed Practical Byzantine Fault – RIPEMD encrypted in Ripple computing Tolerance (Paper Written) hashing techniques – Colored Coins has access to the same data. Each hash is then recorded so that – PBFT (Mechanism emerges first described in – Proof of Work (Developed) Copay Developed) – Sawtooth – Intel Unveils Belgium it can’t be disputed. – (Developed) Lake ‘Sawtooth Lake’ Proposal RAFT, which was developed and published in 2014 to improve Bitcoin – BNY Mellon Explores Bitcoin’s Potential (Bitcoin) an earlier system called Paxos, works through a transitory Theoretical Papers Actual Consensus definitions (currently being implemented) Implementation attempts Bitshares NXT centralization: The nodes temporarily elect one node to be a leader. The leader is then responsible for validating transactions. A – Each participating server maintains its own UNL based on how variation on RAFT called Tangaroa came the year after, meant to its operator configured it better protect against malicious attacks and software errors. – A server can be configured either as a node that participates In 2014, Digital Asset Holdings was founded as a blockchain in validating proposed transactions or as a follower node, in technology company that provides settlement and ledger services which case participants just use it to submit payments or make for financial assets. In March 2015, the company appointed Blythe inquiries. Masters as chief executive officer and made headlines in early 2016, raising more than $60 million in their series A funding round. Ripple’s consensus mechanism requires that an 80 percent Ethereum came in July 2015 as another attempt to extend supermajority of nodes in the UNL subnetwork (not in the larger blockchain use beyond bitcoin’s peer-to-peer money system. system) agree to validate a transaction.10 That means transactions The smart contract concept of distributed data computation on can take place in seconds, rather than the 10 minutes or more distributed ledgers was introduced—an entity can represent required in proof-of-work systems. value from tangible or financial goods in a contract and then use This was a major breakthrough on the path to distributed ledgers. blockchains to distribute it. Ethereum is a step toward combining Instead of mining, a native token is used primarily to throttle traditional financial contracts with the blockchain technology. ‘spam-like’ transactions. The progression of ripple has led to Eris Industries has offered a way to integrate Ethereum’s tool the current evolvement of the Inter Ledger Protocol, which in kit with the technology stack (the various layers of software that essence provides a way to connect legacy ledgers of the past, form a computer’s infrastructure.) An Ethereum VM sits at the top with the distributed ledgers of the future. of the stack. Further down are different consensus mechanisms Stellar followed in 2014. The stellar consensus protocol (SCP) that can be swapped in and out. With this system, each is based on what Stellar calls a federated byzantine agreement, organization, depending on its needs at a given time, can use one which uses “quorum slices”: Each node chooses which consensus mechanism or another. There is no need to use one monolithic consensus layer. other nodes to trust. The sum of all these individual choices is a system-level quorum of consensus. These slices bind the Also in 2015, Coin Sciences launched MultiChain as the first system together in much the same way that individual networks’ freely available off-the-shelf blockchain platform. At present, decisions unify the Internet. MultiChain allows the issuing and tracking of assets on a network level and includes a permissions management system to enable 10 https://ripple.com/files/ripple_consensus_whitepaper.pdf privacy, mining control and specific counterparties.
© 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Consensus – Immutable agreement for the Internet of value 7 Consensus
In February 2016, the Linux Foundation’s Hyperledger project “Sawtooth Lake abstracts the core concepts of consensus, introduced templates based PBFT meant to serve as foundations isolates consensus from transaction semantics, and provides two for blockchains. The idea is to create a cross-industry open consensus protocols with different performance trade-offs. The standard and an open-source development library so that first, called Proof of Elapsed Time (PoET), is a lottery protocol that business users can build custom distributed ledger solutions. builds on trusted execution environments provided by Intel’s SGX Hyperledger’s templates can customize a given transaction and to address the needs of large populations of participants. The then record it through a private blockchain or other registries. second, Quorum Voting, is an adaptation of the ripple protocol and SCP and serves to address the needs of applications that require Big companies increasing their involvement immediate transaction finality.”13 In March of this year, JP Morgan announced its own consensus Chinese companies are also moving forward. The ChinaLedger mechanism, which it had begun working on in 2015. Its Juno12 Alliance was announced at the start of May: 11 commodity, project, like RAFT and Tangaroa (which inspired it), achieves equity, and financial asset exchanges led by Wanxiang Blockchain consensus by electing a temporary leader. The client-side node Labs are working to create an open-source blockchain protocol then gives this leader node a command, which it distributes to the and to set standards across the industry to ensure regulatory system.11,12 compliance.14 Also this year, Intel® released details on its Sawtooth Lake project, based on its PoET platform for distributed ledgers. Intel describes it as follows:
11 http://www.the-blockchain.com/docs/JP-Morgan-Juno-Distributed-Cryptoledger.pdf 13 http://intelledger.github.io/introduction.html 12 http://www.coindesk.com/jpmorgan-juno-hyperledger-blockchain/ 14 https://bitcoinmagazine.com/articles/china-joins-the-blockchain-race-with-chinaledger-alliance- 1462204569?q=&hPP=5&idx=articles&p=0&is_v=1
Figure 4: Illustrative distributed ledger technologies