Blog > 2021
Plutus Application Backend (PAB): supporting DApp development on Cardano
The PAB provides the components and an environment to help developers create and test DApps, before deploying them to a live production environment
28 October 2021 6 mins read
The Alonzo protocol upgrade introduced Plutus – a platform that provides a native smart contract language along with the necessary infrastructure and tools to support smart contracts on Cardano. The Plutus platform enables developers to write decentralized applications (DApps) with scripting capabilities that interact with distributed ledgers.
To understand Plutus, one has to recognize three concepts:
- The Extended Unspent Transaction Output (EUTXO) model
- Plutus Core ‒ the ‘on-chain’ part of Plutus
- The Plutus Application Framework (PAF) ‒ Plutus contracts consist of parts that run on the blockchain (on-chain code) and parts that run on a user’s machine (off-chain or client code)
Both the on-chain and off-chain code are written in Haskell, and Plutus smart contracts are effectively Haskell programs.
What is the Plutus Application Backend?
In a previous blog post, we discussed the on- and off-chain functionality of core components of Plutus in greater detail. Here, let’s dive deeper into Plutus off-chain capabilities and take a look at the Plutus Application Backend (PAB).
In the UTXO model, we have off-chain infrastructure that builds the transactions that move the apps along. This off-chain infrastructure is quite complicated because it needs to look at the ledger state, pick some information from the ledger, and put it all together to build a transaction with the right pieces of data in the right place. The PAB is a single Haskell library that makes it easier to write this off-chain infrastructure and the on-chain scripts.
The PAB helps with building the UTXO transactions in two ways:
- The read path - That is, getting information from the chain, and reacting to events that happen on the blockchain. The read path is currently working on the testnet
- The write path - This is where we actually construct the transactions that run the Plutus scripts
The role of the PAB
The PAB is a key component of the Plutus Application Framework (PAF) that enables developers to create and test DApps locally, before deploying them to a live production environment. A little like the Marlowe Playground provides a sandbox for devs to create and test financial smart contracts, the PAB offers a similar environment for devs to create and test full DApps.
The PAB is an off-chain, backend service for managing and handling the requirements of the application instance throughout its lifecycle. This includes interaction with external clients (such as wallet frontends) and acts as an intermediary between Plutus Applications, the node, the wallet backend, and end-users. Such interaction is made possible by PAB commands and mock components that enable convenient simulations and integration of DApps.
While not a prerequisite for DApp creation or implementation – some developers are creating their own tools and indeed API-based alternatives are being worked on by the community – the PAB removes the need for developers to create their own infrastructure from scratch (including chain index, etc.) reducing development time and resources needed. It allows developers to simulate how an application would behave on-chain for prior testing and error elimination, to ensure a flawless transition for launch.
The purpose of the PAB is to:
- provide a standardized environment for Plutus applications to run in
- present discoverable interfaces to the external clients
- track on-chain information for smart contract uses
- allow the developer to work in an emulated or non-emulated environment
The PAB can switch between emulated and non-emulated (real network) environments seamlessly. This makes it easier to write all kinds of different tests – unit tests, integration tests, property based tests, etc. The PAB allows DApps to easily communicate with it as the backend can receive and deliver messages. Thus, the DApp can send usual requests to endpoints that the PAB has exposed, and which correspond to actions and operations that any particular smart contract is capable of handling.
Applications deployed using the framework’s libraries can run on the PAB, which provides runtime support for access to the blockchain to further perform smart contract operations triggering transactions based on the EUTXO model. Additionally, PAB features functionality for persistence, logging, and monitoring.
Where are we right now?
Earlier this summer, we deployed the first in a series of color-coded testnets to bring core Plutus smart contract capability to Cardano. This was deployed on mainnet via the ‘Alonzo’ hard fork. Smart contract capability is currently accessible using a Command Line Interface (CLI). While the first simple smart contracts were enabled on mainnet in early September, this was always the first stage in the road to DApp deployment on mainnet.
Developers have meanwhile been working on their DApps (many via the PAB) locally while testing any core smart contract functionality on the testnet. These elements need to come together before an DApp hits mainnet and this takes time. Once the PAB is integrated with the node and other core components such as the wallet back end (WBE) connector, developers will be able to move their DApps into a state of readiness and bring them to the Cardano testnet prior to mainnet launch.
These early applications built locally will then be able to interact with the mainnet as intended. The ‘mockchain’ approach to development to date means that for DApp creators, it will be a smooth transition from testnet to mainnet. All it takes is a change in the configuration files to start the PAB, it requires no changes to the actual code or to the Haskell code. This integration work is complex and a critical part of Cardano infrastructure so we need to ensure it is done correctly. We’re continuing to work on the final integrations and based on the current trajectory, we plan to deliver the integration in November, assuming we don’t encounter any critical issues.
This is just the start. As always, this will be an iterative process. With the evolution of the Plutus platform, we will be inviting the developer community to deploy their own tooling and create off-chain code for their DApps running on Cardano. We have already seen a hive of activity in this area, through both the Alonzo testnet program and Project Catalyst. So while we test the platform with our engineers/QA and the developer community, we’ll be making gradual improvements and adding more capabilities and functionality. The goal? From the Alonzo hardfork and the arrival of Plutus smart contracts, a rapid scaling of the developer experience, with new tools, APIs and environments to support an already burgeoning ecosystem of talent.
For regular updates make sure you follow us on Twitter and subscribe to our YouTube channel. For an overview of projects #BuildingOnCardano be sure to check out the Essential Cardano repo.
IOG's third round of delegation gives voice to stake pool operators
Choice of 100 recipients for ada stake based on nominations
27 October 2021 4 mins read
The 100 Cardano stake pools to benefit from the third IOG delegation have been announced. They were chosen from 520 nominations made by stake pool operators, based on contributions to the Cardano community.
All the pools chosen will receive delegated stake of about 3m ada from IOG, in a strategy to encourage a vibrant pool ecosystem. By delegating this large stake to a pool for several months, IOG increases that pool's chances of minting the latest block of data on the blockchain. When a block is produced, the pool earns rewards that are split between the pool’s operators and every ada holder who has delegated to the pool.
Most of the pool operators who got involved – 84% – nominated another pool, and 7% entered just to promote another pool and didn't apply for delegation for themselves. All the pools that received delegation were nominated by other operators.
‘The selection process, although driven by the nominations of all 520 pools that took part, was discretionary,' said Ben O’Hanlon, IOG’s head of community, insights and engagement. 'But we’re clear that the 100 chosen reflect the voice of the community.’
He added: ‘A key difference between proof-of-work and proof-of-stake is that POW extracts value from the network. In POS, stake pool operators have to attract delegation, so they have a stronger relationship with other stakeholders in the ecosystem. This is why nominations are so interesting.’
Participation with others to build, create and educate is one of the salient characteristics of those selected. More than 30 tools and resources created or being developed by SPOs have been added to the Essential Cardano page on GitHub. This makes it easier for people to find their way around the ecosystem, and GitHub users can add their suggestions.
Here is the table of the 100 successful pools.
Whereas the first two rounds of delegation were about giving a leg-up to mission-driven and smaller, or ‘incubator’, pools, in this round pools were asked to nominate contributions by operators that they considered outstanding. Stake pool operators (SPOs) were also asked questions about environmental matters such as green energy use. (Their answers will be published in a follow-up post.)
‘Something that the first two delegation rounds revealed was that SPOs wanted all the good work they saw being done silently to be recognized,’ said O’Hanlon. ‘This is the feedback we heard, and so we acted on it and gave SPOs the opportunity to nominate.’
Although not everyone will agree on every delegation decision, it's important to remember how much progress has been made since the start of the year and what a success the strategy has been. When the staking process was set up, IOG ran 20 public pools to which it delegated the stake from its own ada. All but one of these were retired in December last year and part of the stake was moved to private pools through the delegation process. The first ‘call for delegation’ was on December 10 (Ada Lovelace’s birthday).
In the second round, more emphasis was placed on mission-driven pools, geographical distribution (to minimize connectivity failure), social and community activity (to keep ‘telling the story’ of the Cardano blockchain), and support for the lower-middle-sized ‘core’ of the network.
This third round opened as Cardano achieved one of its key goals – 100% of block production in the hands of the pools. Running a stake pool is a competitive business, and there are no guaranteed outcomes, but IOG has directly supported pools with 300 delegations so far as part of this strategy!
You can discover more about the latest 100 successful pools, and all the 3,000-odd active pools, at Adapools or Pooltool. On these community-built platforms, you can search on each ticker-like name for more information. Their search functions work differently and it's worth spending a bit of time looking at the differences.
Ouroboros Chronos provides the first high-resilience, cryptographic time source based on blockchain technology
Designed to provide more accurate global timekeeping, Chronos ensures increased security and network resilience to communication delays
27 October 2021 5 mins read
Global time synchronization across any distributed network is essential to ensure its resilience.
From ensuring up-to-date information between all participants, maintaining accurate transaction processing and block creation, time synchronization is especially important in terms of smart contract deployment.
In collaboration with scientists from the Universities of Edinburgh, Purdue, and Connecticut, Input Output found a way to globally synchronize clocks across a blockchain to provide a more secure and tamper-proof global time source. This includes synchronization of time from internet of things (IoT) devices, like measurement tools in supply chains, and general distributed systems, particularly where the disruption of a central clock represents a security risk. The research is realized by Ouroboros Chronos, the Greek word for time, which is the latest iteration of Ouroboros – the consensus algorithm that underpins the Cardano blockchain.
Time is an indispensable concept within computer programs and applications. Without this concept, we would not be able to access any transport layer security (TLS) based websites, exchange data, or utilize various cryptographic algorithms.
Yet, time tracking is a difficult problem to solve. Accurate time synchronization presumes data transmission across the whole internet, and this, in turn, takes time too. It is also hard to predict how much time would be required for certain data transmission – the network state constantly changes and relies on such factors as congestion and the actual size of data among others. Thus, inconsistencies often occur and it is important to provide the tools and solutions for accurate timekeeping.
With common computers, we take timekeeping for granted. However, there is a rigorous mechanism that works behind the scenes. The Network Time Protocol (NTP), for instance, addresses the timekeeping issue using a hierarchy of servers distributed globally. This includes up to 15 Stratums the routing paths of which are developed to synchronize in the most optimized manner. This is also enabled by the construction of a Bellman-Ford shortest-path spanning tree that decreases both latency and transmission time inconsistencies.
The UK Government’s Satellite-derived time and position: Blackett review recently highlighted the need for more resilient timing data and the dangerous dependence of critical sectors from smart grids to autonomous vehicles on Global Navigation Satellite Systems (GNSS) that are vulnerable to jamming, cyber attacks, and space weather. Additionally, the world’s first National Timing Centre, led by the National Physical Laboratory, was recently created to investigate alternative and more resilient timing services for everything from telecommunications to smart transport. International metrology centers currently have to compare clocks operating at different frequencies and in multiple locations for accuracy.
Blockchain time synchronization
The concept of timekeeping is different for distributed ledger technology. Without an accurate and valid timestamp, the network cannot verify if the transaction that is being processed is valid and does not revert the previous one. There are different timestamping techniques used across a range of blockchain ledgers, however, they aren’t necessarily very accurate. For example, Bitcoin uses timestamps for consensus security reasons, but not primarily for timekeeping; and in Ethereum, on-chain timestamps are determined by miners whereas the consensus won’t technically block or verify those for validity.
Timekeeping is essential for smart contract execution as well. Inaccuracy poses a risk for decentralized finance (DeFi) smart contract attacks. Smart contract vulnerabilities aren’t always conditioned by poor code, time inconsistencies should be resolved to block any possible attacks within the ledger.
Ouroboros Chronos: designed to boost communication and timing resilience
The new research on Ouroboros Chronos enables blockchain technology to synchronize clocks more securely. Chronos is itself a cryptographically secure blockchain protocol that additionally provides an accurate source of time via a novel time synchronization mechanism, eliminating the vulnerabilities of externally hosted clocks. This also enables blockchain to accurately time-stamp transactions making the ledger more resistant to attacks that target time information.
The new protocol can dramatically boost the resilience of critical telecommunications, transport, trading systems, and infrastructures by synchronizing local time to a unified network clock that has no single point of failure.
Professor Aggelos Kiayias, director of the Blockchain Technology Laboratory at the University of Edinburgh and Chief Scientist at Input Output, who led the research, says:
The problem of synchronizing clocks without a central time-keeper is essential in creating a truly robust decentralized financial system. For the first time, we have developed a blockchain mechanism that enables a dynamically evolving group of parties to calibrate their local clocks so they are consistent – even if they come and go following arbitrary participation patterns. By creating a blockchain-based global clock, we have also paved the way to a more secure, tamper-resistant time source with many possible external applications.
By enabling accurate timing and thus full traceability of all transactions, the scientific breakthrough also marks a major step towards creating fully auditable and fraud-proof financial systems.
To find out more, see the published research here.
Thanks to Rachel Bruce, Jenny Corlett, Rod Alexander, and Christian Badertscher for their input and support in writing this post.
Africa is where the tough get going
The ‘developed’ world needs to change. And more resilient countries with younger populations are going to lead the way
26 October 2021 17 mins read
This month, members of the team are in Africa, meeting entrepreneurs and politicians across the continent. Here are some edited parts of a speech by IOG chief Charles Hoskinson at a recent event in Cape Town.
This is a long tour. We’re starting in South Africa and working our way all the way up to Egypt. We call it the pan-African tour. You know, we’re really passionate in this company. There’s brilliant people who work at IO and they come from all around – 56 countries, 576 employees.
The heart of the company has always been changing the systems of the world, improving them for everyone, everywhere. You see, blockchain technology is really a larger conversation. It’s about how the world globalizes. How do we make decisions about how we’re going to come together and operate in the 21st century? In prior centuries we stood on the moon, built all kinds of amazing things like planes, trains, and airplanes, and horrific things like nuclear weapons. But there were winners and losers. There were hierarchies. Some people were on top. Some people were on the bottom. We just accepted that as the status quo.
The 21st century may be the first where we have one global community where everyone in the world – regardless of where they happen to be born, the language they speak, color of their skin, their gender – lives pretty well. Now to get there, we have to have great technology. We have to have cultural changes. We have to kind of grow up a little bit as a species. But most importantly, we have to have the right systems and the right incentives behind the systems.
The blockchain industry is basically the Swiss army knife of systems and incentives. It touches everything. It touches voting, it touches property rights, it touches something as fundamental as identity. Who are you? Are you a good person? And it asks philosophical questions about who should be the custodians of these things. Should it be a government, a transnational body, a private company like Facebook or Google or Microsoft or Apple? Or should it be something else? The power of decentralization is it gives you a paradigm, if you do it right, instead of ‘Don’t be evil’ – it’s ‘Can’t be evil’. It actually gives you the ability to have inclusive accountability. What’s that? If you don’t trust me, you can verify yourself. So when you vote, normally you trust your government to count that vote, right? Well, wouldn’t you like to be able to check the vote yourself? That’s a pretty fundamental thing, a pretty simple thing.
You know, the US recently lost another war. And many billions of dollars worth of military hardware disappeared. So if I go to the Pentagon and say, ‘Hey, can you give us some records on all that stuff that just disappeared?’ ’Oh, we lost them. So sorry.’ When it comes time to pay taxes, though, the US authorities can always find my records. Go figure.
I can’t check any of the data. I can’t check the records. Something so simple as that, in a modern hyper-connected society, 2021. The most powerful country, or so it claims; the richest country, or so it claims; certainly the largest debt country – and it just loses records. Wouldn’t it be nice to live in a world where anything someone tells you you can check it yourself and know that it’s true? Whether it be a credential, your vote, or your money. All these things – work your way through. That is what our industry promises. We’re after inclusive accountability, resilience, decentralization. We’re after rules, terms, and conditions that do not require nation states or corporations to play nice. You just simply can do it yourself.
Why is this IOG team in Africa? Well, Africa is a really special and interesting continent in that it’s going through a massive upgrade. There are no allegiances to the systems of the past because those systems haven’t historically worked out so well here. So that means over the next 10, 20 years, every single thing – from how compliance works to how stock markets are going to work to how national ID works to how academia is going to work – is up for change. And as an entrepreneur and an innovator, that’s where you want to be. You don’t go where the ball is right now. You go to where the ball is going to be.
If the whole world is globalizing and changing, you want to be where all the systems are going to change first, because if you get it right, more wealth will be created here over the next three decades than in Europe, the United States and China combined. That’s just how it is. It’s why the US got on top in the 20th century. It just simply had a better system than the competitors. And everything resets when you have technological change. We now live in a global economy. People from Africa are going to be on equal footing with people in Europe and America if we do things the right way. And then it’s a meritocratic race, and I’m going to bet on the people who are tougher, more resilient and more entrepreneurial 10 out of 10 times. They’re going to win – it’s just that simple.
So IOG has a pan-African view as a company. We started in a pretty difficult country to do business in, Ethiopia, and you know what? Everywhere we looked, we saw well-educated, well-intentioned people who really did want change. And they worked with us. Sometimes the system worked against us; sometimes it worked with us. But everybody remembered why they were there. And it was the privilege of my career to announce a deal of five million people that could grow to 20 million, that could grow to a national ID system of 110 million in just a few years, and that could grow into a voting system, a payment settlement system. It can grow to anything. It’s kind of like the stem cell: once you’re in, you’re in, and you can keep navigating and growing. And then how do we take that to Kenya, to Nigeria? That’s 400 million people – more than the population of the entire United States – within grasp in five to 10 years.
What’s most extraordinary is that this will transform the lives of people. Now, boring work has to be done, dry presentations given about credential this and verification that. And they’re very necessary. But at the core of all of that are people. And a lot of people right now live a life where no matter how hard they work, they can’t prove that they worked hard. No matter how good they are, they can’t prove they’re good. So what does that translate to? It translates to lack of foreign direct investment. It translates to a hard time getting a job. It translates to high interest rates, sometimes 40% per month. But when these systems come in, they can prove basic things. And people get the job. The interest rates fall. It translates to a mass uplifting of the people of the nation. And when that happens, everybody’s going to want it. And if everybody wants it, everybody’s going to get it.
The smart cow effect
You see, that’s the key. It’s the ‘smart cow’ effect. I’m a rancher in addition to a technologist, and one of the things you learn when you rear animals – in my case bison – is that if one of your animals is particularly smart, they influence the whole herd. They go and figure out how to open up the fence. Once one cow can get out, every other one can, and you just wake up and they’re all gone. Similarly, one country changes the way identity or voting works, and that’s all it takes: every other country will change very quickly, including my own.
In America we’re kind of the original rebels. In fact, Europeans were really terrified of us in the 18th century, 19th century. We had this whole revolution thing. We got pretty good at killing kings. But somewhere along the way, we went from revolutionaries to a situation where it takes two years to get a permit to build a fence for my farm. Something went wrong, you know? And there are a lot of people in the United States that like change too. In the state of Wyoming, we passed 26 pro-cryptocurrency laws. A massive number of companies have come to Wyoming. We have Dao standards decentralized autonomous organization standards, asset clarification standards. The economy’s growing by leaps and bounds. A $4 billion company, Kraken, moved in. All this amazing progress.
Meanwhile, in Washington, the treasury department does everything in its power to try to kill our industry. They say it is threatening. A $2 trillion industry just pops up in its backyard and the US government is trying to kill it. So how do I change that? Well, I can go beg Goldman Sachs to do it, but they’re not going to. No. However, I can try to change things here in Africa. And that smart cow effect might work just as well in influencing the United States as it does elsewhere. You see? So you create the change that you want.
Never be cynical, never be hopeless. If you want to change the world, go and change it. Years ago I was poor. I went to Japan, started Cardano. And no one took me seriously. I said, ‘We’re just going to build this blockchain and then go to Africa and talk to heads of state and change the world.’ And they’re like, ‘Yeah, OK. What qualifies you?’ ‘Oh, I’m just a math dropout guy. But don’t worry, it’ll all work. It’s totally legitimate.’
Eight years later we’ve got an army of millions of people and billions of dollars. And we’re meeting three heads of state on this tour. We just got it done one step after another. And I’m not special. I’m just kind of an asshole who’s resilient as hell. And that’s OK because there’s a lot of assholes who are resilient as hell in this audience too. All you gotta do is be passionate. That’s it. That’s the point. And this is probably one of the most passionate, resilient continents in the world. There are no people tougher than Africans. It’s true. Nobody is tougher. So if you’re going to bet on the future of changing the systems of the world, this is where to be, with Africans – as long as you give them the technology.
Blockchain is as much your technology now as it is mine. We’ve written 120 papers and none of them is patented. They’re all open source. You get to use it as much as I do. You know how much do you pay for it? Nothing. They’re royalty-free. We’ve written over a million lines of code for Cardano. It’s all open source. It’s your code as much as it is my code. When somebody gets a decentralized digital identity (DID) it belongs to the person. When you get a Microsoft credential or a Google ID or an Apple ID or a Facebook ID, it belongs to Mark Zuckerberg, Larry Page, Apple. When you get a DID it belongs to you. And you can take it anywhere. The minute we start closing more deals across the continent, the credentials of all those kids in Ethiopia will be interoperable with the credentials in Zanzibar, Burundi, South Africa. So when you travel, you take ‘you’ with you, and you can’t be shut out of ‘you’. Simple concept, right? You did the work – you should own it.
And it’s the same for business registration and all kinds of things. And that’s what’s so cool about Prism Pioneers and Catalyst. If this sounds like a good idea, and you’re an entrepreneur, then build a business on top of that infrastructure. And there is $1.4 billion available to go and build businesses on top of that. Pretty simple, right? And if your business works and it’s built on open DNA, then people can’t be locked out. That means everybody can build together. We create one global community where everybody’s equal. That’s the dream, and it’s why we’re here.
What excites me is what you do with what we’ve built. Because the things that we have provided, or that are coming out this year and next year, really can be used to run countries and businesses. And that’s not a joke. They could process millions to billions of transactions. It does all the things you’d ever want. And I’m excited about the prospect of living in a world that’s just a bit less cynical, a bit more fair, a bit more honest and a bit more open for everybody. So thank you for coming. I appreciate it.
Hoskinson then had a Q&A session with two South Africans, Simon Dingle and Joshin Raghubar. Dingle is a fintech entrepreneur and author of In Math We Trust and Beyond Bitcoin. He tweeted recently that when people realize what Cardano is, it’s going to ‘melt faces’. Raghubar is the founder of iKineo Ventures and chairs Africa’s largest nonprofit tech incubator, the Bandwidth Barn. Hoskinson also took questions from the audience. The topics covered ranged from computer games to synthetic biology.
Some players of games like EverQuest, World of Warcraft, Skyrim, and Diablo 2 have devoted more than 10,000 hours of their life to them. That’s like what you do to become a mathematician or a doctor. You have lifelong skills. And the minute the server goes down, all of that progress just disappears.
In the new generation of games that are coming you have the ability to save that state and make it portable. So what you do in game A can be taken to game B and C and D. There’s some ‘permeance’ there.
And then, with the NFT revolution, it eventually becomes a market item that you can sell and trade.
On the need to create jobs in Africa:
In demographic terms, Africa is the youngest continent. In Ethiopia 70% of the population’s at or under the age of 30. If you give them internet and a great education, then suddenly you’ll have an incredibly entrepreneurial group because they don’t tolerate the status quo. You say, well, how will we create jobs for all these people? Well, they’ll create them for themselves.
Technology and the metaverse:
I believe that things like synthetic biology, the internet of things, and artificial general intelligence – if they’re pushed through – will create tens or hundreds of millions of jobs. Ten years ago no one had a concept of the metaverse, and then Ready Player One comes out and we’re like ‘Oh yeah, we get it’. Probably 100 million people will have jobs inside the metaverse by 2030 or 2035. There’s no geographic bias to that. Most of them will probably be in Africa, Southeast Asia, and South America.
Biotech, evolution, and the blockchain:
I have a biotech company that does anti-aging regenerative medicine. It’s still in silent mode. Right now I’m negotiating with Colossal. It has just announced a project to bring the wooly mammoth back by 2027, and my ranch is the perfect place to do it. They have artificial wombs and the whole genome of the wooly mammoth, and they’re going to clone one.
What’s interesting about the intersections of synthetic biology and biotech and blockchain is there’s a lot of open questions. Who owns the mammoth genome? And then what happens when your mammoth has babies? Who owns that DNA?
It’s the same question in NFTs. You issue an NFT and someone buys it and sells it to someone else. There’s the artist who created the NFT. Should that be perpetual or at some point should that decay? The very same set of questions could be reapplied to synthetic biology for designer organisms, de-extinction efforts, and so forth.
There’s a huge problem with poaching in Africa and other places. There’s mass extinction, especially in Madagascar. Ethiopia has lost 80% of its biodiversity in 100 years. It’s crazy.
How does a nation state create a strategy for de-extinction or for preservation of animals? Well, the same technology that could be used to bring the mammoth back could be used to bring those lost species back. How you create an economic system that prioritizes that is also a blockchain question. It’s an incentives question. So I think what our industry can do for the emergence of the biotech stuff is helping sort out some of the difficult questions about ownership of things, the transfer of things, the prioritization of things, as well as alternative funding models.
Health data, privacy, and the vaccine:
As consumers we’re shedding all of this data and we don’t own any of it. It’s used in making decisions about our lives and we’re excluded from the process. That’s OK when most of society is still on paper and not digitized, but it’s dystopian when everything gets digitized.
The concept of self-sovereign identity is really the skeleton key because the data is not just data: it’s data plus metadata plus identity. So the identity really establishes the use policy of how it is shared, how it is revoked, and who controls it. Usually identity is the provenance of states and data is the provenance of private industry. It’s very siloed. And you can’t build one of these systems without the other. DIDs are pulling all these pieces together in a very clever way. And it puts the individual, the owner, at the center instead of the government or the enterprise. And then, people actually have to include you in the conversations about how your data is used.
Israel got first access to Pfizer because it had something to offer that other nations couldn’t. Countries like Germany were offering huge prices, but Israel said, ‘Well, Pfizer, if you had access to the medical records of every citizen of our country, wouldn’t that be interesting to you? Millions and millions of people. That’s like the world’s largest clinical trial.’ Because all the medical records of the country had been centralized it was easy for them to do that.
The hard question of governance:
I think as an industry we have a pretty good sense of what we need to do for scalability. It’s just a question of trade-offs and philosophy. I think, out of necessity, interoperability will come either as a network effect or through a collection of industry-wide efforts like Hyperledger and W3C stuff.
The decentralized government is really hard because humans have never built a government that works. No one’s happy with their government everywhere I go.
It’s a great transition: turning Cardano from this amazing academic – now amazing commercial – project to a self-governing, self-evolving organism that is led by its users.
This is a devil of a problem. Some people believe you can do it on- chain; others say you can’t. It would disappoint me if we hadn’t made progress by 2030. Now progress doesn’t mean you solved it. Blockchains are moving from homogeneous systems to heterogeneous systems. Design mirrors biology; design mirrors life. You need cell differentiation, you need eyes cells and ear cells. Analogously, a blockchain is useless if you don’t have heterogeneity because you need to interface it with medical records and voting systems and telecommunication applications, and every transaction and user is different.
New certification levels for smart contracts on Cardano
Certification will bring high assurance to the development of decentralized applications (DApps) on Cardano
25 October 2021 5 mins read
High assurance is paramount when developing and working with smart contracts. You want to be confident that the source code is of a high quality, that the contract is secure and will behave as it should, and that it utilizes good properties and behaviors in the process. Certification ensures that security checks are performed prior to any deployment, and that smart contracts can be continually audited as they are updated. It provides benefits to both smart contract developers and end users, helping protect user funds and project reputations alike from coding errors or exploits.
At September’s Cardano Summit 2021, we laid out our plans on the introduction of new levels of certification for decentralized applications (DApps) running on Cardano. This certification program will provide levels of quality for DApps and their internal smart contacts.
This initiative has been led by Professor Simon Thompson, technical project director at IOG, and Shruti Appiah, head of product at IOG. It will help us comply with the best practices we’ve seen around the industry. We are working with Runtime Verification, Tweag, Well Typed, Certik, and others to roll out this new certification program that will link in with the new dAppStore, also unveiled in prototype form at the summit. This will be released in conjunction with the new light wallet.
What are the different certification levels?
There are three levels of certification, each of which is complementary to the others, rather than being progressive in terms of assurance and auditing purposes.
Level one: Automated tooling
This certification level gives continual assurance about a range of properties for smart contracts. It covers the discovery of different types of issues or bugs and is characterized as low cost, low effort, accessible to everyone while providing a substantial level of assurance.
It can be applied repeatedly and automatically, so each time there is a release or a sub-release of an application, we can test to ensure that the application still has the properties that we expect.
Level two: In-depth audit
This level involves looking at the technology and processes that led to it being produced. It is characterized by the fact that it involves a manual audit and verification of smart contracts within the DApp itself.
The testing is performed at a much more in-depth level and involves more manual effort that can address a DApp in its entirety, even if it is written in a variety of languages.
Level three: Formal verification
This level is more specialized where we aim to provide full assurance of critical aspects of applications through formal verification of smart contracts. Formal verification involves ensuring that a smart contract serves the specific business or technical requirements defined at the outset.
What kind of assurance can we expect?
Certification will ensure the correctness, compliance, and consistency of requirements by both application developers and auditors. It will also guarantee the absence of common security vulnerabilities and provide a level of robustness, reliability, and maintenance of DApps deployed on Cardano. While certification will be strongly encouraged and the store curated accordingly, it will not however be mandatory or act as any kind of ‘gatekeeper’ thus maintaining a balance between the need for user assurance and decentralized principles.
By auditing the specifications and design and ideation phases, you can present evidence to the community and guarantee that things will work as expected. This evidence includes documentation of requirements to a detailed level, thereby creating a reference point for the future.
Certification status in the dAppStore
We plan to integrate this certification with the new dAppStore that we are building to provide cryptographically secure non-fungible tokens (NFTs) that give evidence of the levels of certification that we will guarantee. The dAppStore will be part of a light wallet that IO is developing, and users will be able to access the light wallet and dAppStore using a web browser, and in the store to view the certification status of each DApp as they browse through the categories and individual applications. Making the relevant certification status visible to users during the selection process will offer reassurance on quality and safety for users in their choice of DApps.
To learn more about our dAppStore plans, you can watch a concept walkthrough on the dAppStore summit video.
What is next for certification?
Professor Thompson says:
We want to build support from the industry for emerging standards of certification. In the longer term, we will work with our partners and others to articulate best practices, which may involve forming an umbrella industry body to define new standards and practices for this domain.
We also plan to work with our ecosystem of partners to support certification of the first DApps on Cardano; one of a number of DEXs looking to launch on Cardano this year SundaeSwap also announced their plans at the summit to certify.
It is still early days. There are some technical challenges that we are busy working through about how we support versioning of DApps, how they will be packaged, and how to make them available to automated tooling. However, we are very excited about this journey with our partners and the general community to deliver a secure platform and applications built on top of it.
To learn even more about certification levels, and meet some of the partners on the program, make sure you watch the certification session from the Cardano summit.