Post on 31-Aug-2019
Corda
1 of 41
CordaWhat is Corda ?
First and foremost a ledger geared towards the financial and business world
Introduced by R3 a ledger company headquartered in New York City founded by David E Rutte leading a consortium of 200 firms in research and development of distributed ledger usage
A joint effort between the companies resulted in an open-source distributed ledger platform
Since it handles more complex transactions and restricts access to transaction data it is fitted for the business world.
2 of 41
What does Corda stand for?It is not stated anywhere what Corda actually stands for
An email to platform lead engineer Mike Hearn at R3 resulted in this statement:
It doesn’t stand for anything. The name originates in a quick Slack poll one night inside R3 when I said, “our prototype is growing, we need to call it something better than ‘the prototype’. What should we call it?” This triggered a bunch of suggestions. I believe it was Richard Brown who came up with the name Corda. It had something to do with a “chord” being a line segment that joins two points on a circle – at the time we had some diagrams of p2p networks with messages passing directly between them without middlemen, which represented nodes as points on a circle and message paths as chords in that circle.
My suggestion for a name was ‘Delegato’ but people thought it sounded like a brand of ice cream.
3 of 41
Corda is not a blockchainResembles many aspects of blockchain but is not an actual blockchain
Transaction races are deconflicted using pluggable notaries
Provides a platform with common services to ensure that any services built on top are compatible between the network participants
4 of 41
According to software developer from R3 Mike Hearn: “There is no blockchain. Transaction races are deconflicted using pluggable notaries. A single Corda network may contain multiple notaries that provide their guarantees using a variety of different algorithms. Thus Corda is not tied to any particular consensus algorithm.”
5 of 41
● A peer-2-peer architecture since the transactions utilize the UTXO (unspent transaction output) input/output model.
● Similar to the transaction system used in more traditional blockchains such as Bitcoin.
● storage and verification do not get written into blocks.
6 of 41
Instead Corda is
Adding a document hash to a smart contract on Ethereum would be trivial.
The difference here is that Corda requires some form of this document to be tied to a state.
7 of 41
Smart contracts in Corda have three key elements:
● Executable code (validation logic)
● State objects
● Commands
8 of 42
Introduction to article
Corda: An Introduction Richard Gendal Brown, James Carlyle, Ian Grigg, Mike Hearn August, 2016
The authors envision a future where financial agreements are recorded and automatically managed without error, where anybody can transact seamlessly for any contractual purpose without friction.
Duplications, reconciliations, failed matches and breaks is solved and isolated islands of asset representations will be obsolete.
9 of 41
Introduction to article cont.
The philosophy contains three main categories:
● Engineering for the requirements of institutions● Focusing on non-functional requirements,● Extensibility
10 of 41
Business context
● Banks: earliest adopters of information technology● Improved the automation process considerably and digitizing previous
physical processes● Each financial institution maintains its own ledgers● The plurality of technology platforms adds complexity ● Attempts have been made towards centralizing market infrastructure and
increasing the amount of data and business-logic sharing between firms
11 of 41
Business contextThe authors of the article believe: maturation of cryptographic techniques, “blockchain technology”, provides a new opportunity:
● Authoritative systems of record that are securely shared between firms● A business logic where a single global logical ledger is authoritative for
all agreements between firms recorded on it● This architecture enables a new shared platform for the industry, upon
which incumbents, new entrants and third parties can compete to deliver innovative new products and services.
12 of 41
Business context
A new shared platform for the industry, upon which incumbents, new entrants and third parties can compete to deliver innovative new products and services.
On their next slide in Figure 1 a progression is displayed from a world where parties to shared facts record and manage their own records, with associated discrepancies and duplications:
13 of 41
Figure 1 explained
14
(“Bilateral - Reconciliation”) displays a progression from a world where parties to shared facts record and manage their own records, with associated discrepancies and duplications
Parties delegate control and responsibility over critical processing to centralised utilities (“Third Party / Market Infrastructure”)
Collaborating to maintain a shared record, assuring consistency between them, consuming the services of existing and new service providers and market infrastructure providers on an open and competitive basis (“Shared Ledger Vision”).
Business context
15 of 41
The authors believe that higher-quality data, fewer discrepancies and quicker agreement of details between firms will be significant.
Deployment of this common architecture will define a new platform where existing and new providers compete for clients
This type of platform opens up the possibility for finding application within firms, where the problem of multiple systems recording details of the same trades is also a major driver of cost and complexity.
Vision
16 of 41
● A “global logical ledger” with which all economic actors will interact ● Everybody sees the same data that pertains to them and logical in
the sense that the physical implementation may be composed differently
● An end-state would be from systems-of-record maintained within firms to global authoritative systems-of-record shared between firms.
End-State PrinciplesSome possible core principles that emphasize the use of distributed ledger technology may be:
• Facts recorded by the ledger are, by contract, accepted as admissible evidence and legally binding by all parties in any dispute.
• Facts recorded by the ledger are regarded as authoritative rather than “shadows” of authoritative data held elsewhere, enabling settlement to take place directly across the platform.
• Once all parties to an agreement have assented, facts recorded on the ledger are final and immutable; errors and unwinds must be processed through a subsequent transaction. Firms will be under pressure to reengineer their internal processes to increase accuracy and quality. • Any authorized actor may, in principle, connect directly to the ledger and use it to record agreements with its counterparts. No actor is compelled to deal with any other but we may see a decline in “tiered” or hierarchical market models.
• By promoting open standards and inclusive access, existing and new service providers can connect and compete to offer differentiated services, promoting choice and competition.
• The only parties who should have access to the details of a financial transaction are those parties themselves and others with a legitimate need to know.
17 of 41
End-State Principles: summary
It should be stressed that the long-term vision of a global logical ledger is intended to set a direction of travel but that its realization may be in the form of a multiplicity of ledgers.
This may be a one ledger per asset class which would be autonomous, loosely coupled, providing functional and operational independence between different business services.
An already existing technology is here to fulfill the promise of this vision:
Robust cryptography, global communications networks, standards for the definition of financial instruments and effective algorithms to ensure consistency at a global scale
18 of 41
Corda
The smart contract links business logic and business data to associated legal prose in order to ensure that the financial agreements on the platform are rooted firmly in law and can be enforced and that we have a clear path to follow in the event of ambiguity, uncertainty or dispute.
19
Concepts
States and objects
20 of 41
a State object representing a cash claim of £100 against a commercial bank, owned by a fictional shipping company. The state object explicitly refers by hash to its governing legal prose and to the contract code that governs its transitions.
Corda provides three main tools to achieve global distributed consensus:
• Smart contract logic to ensure state transitions are valid according to the pre-agreed rules.
• Uniqueness and timestamping services to order transactions temporally and eliminate conflicts.
• An orchestration framework which simplifies the process of writing complex multi-step protocols between multiple different parties.
Principle features
Corda is heavily inspired by blockchain systems minus the design choices
It provides a framework to run smart contracts with these key activities and features:
21 of 41
Principle features• Recording and managing the evolution of financial agreements and other shared data between two or more identifiable parties in a way that is grounded in existing legal constructs and compatible with existing and emerging regulation
• Choreographing workflow between firms without a central controller.
• Supporting consensus between firms at the level of individual deals, not a global system.
• Supporting the inclusion of regulatory and supervisory observer nodes.
• Validating transactions solely between parties to the transaction.
• Supporting a variety of consensus mechanisms.
• Recording explicit links between human-language legal prose documents and smart contract code and using industry-standard tools.
22 of 41
Consensus
In Corda, updates are applied using transactions, which consume existing state objects and produce new state objects.
Transaction validity: parties can reach certainty that a proposed update transaction defining output states is valid by checking that the associated contract code runs successfully and has all the required signatures
Transaction uniqueness: parties can reach certainty that the transaction in question is the unique consumer of all its input states.
23 of 41
Consensus
24
Consensus Corda has “pluggable” uniqueness services to to improve privacy, scalability, legal-system compatibility
A single service may be composed of many mutually untrusting nodes coordinating via a byzantine fault tolerant algorithm, or a single machine.
uniqueness services only checks if the states consumed by a given transaction have previously been consumed; they do not check as to the validity of the transaction itself, which is a matter for the parties to the transaction
This entails that the uniqueness services do not need to see the full contents of any transactions
significantly improving privacy and scalability of the system compared with alternative distributed ledger and blockchain designs.
25 of 41
Business LogicCorda operates its business logic on smart contract code through a function that accepts or rejects a transaction
It interpret transactions as taking states as inputs and producing output states through the application of (smart contract) commands and only accepting transaction if the proposed actions are valid.
The contracts are mobile nodes and they run inside a sandbox without any review in some deployments,
Corda is using Java Virtual Machine because it has a wealth of existing libraries and a large skill base.
The difference is they made a custom sandbox with much more restrictive use than the ordinary JVM sandbox
This way it ensures enforces security requirements and deterministic execution. 26 of 41
Core Financial ConceptsCorda is influenced by three architecturally significant use-cases:
cash, a security instrument and a derivative contract
• A cash balance (e.g., “The following bank and I agree that they owe me $1 million”).
• A security under custody (e.g., “The following custody bank and I agree that I own 1000 shares of the following corporation”).
• A bilateral derivative agreement (e.g., “Banks A and B agree that they are parties to the following Interest Rate Swap (IRS), which means they agree to exchange the following cash flows (netted) at predetermined scheduled times with an agreed payoff formula”).
27 of 41
Core Financial Concepts
Taking one of these precedents, Corda's money configuration expressly models the business reality that there is no such thing as "cash in a bank", just a money guarantee that a proprietor has regarding a named foundation.
The legal identity of the cash issuer is recorded , the currency, amount, owner (and other information as to the nature of the claim, with an explicit link to the legal prose governing the agreement, and use that to build up all other cash-related concepts (payments, netting etc).
28 of 41
Issuance transaction figure
29 of 41
Figure 4 an issuance transaction. The creation of a new Cash state, issued by a commercial bank to a fictional shipping company.
The issuing transaction is signed by the issuing bank. From this simple model, significantly more complicated transactions, such as payments, delivery-versus-payment contracts and future-dated obligations can be constructed.
Summary: core model
•State objects, representing an agreement between two or more parties, governed by machine-readable Contract Code. This code references, and is intended to implement, portions of human-readable Legal Prose.
• Transactions, which transition state objects through a lifecycle
• Transaction Protocols or Business Flow, enabling parties to coordinate actions without a central controller
The combination of state objects (data), Contract Code (allowable operations), Transaction Protocols (business logic choreography), any necessary APIs (application programming interface), wallet plugins, and UI components can be thought of a Shared Ledger application, or Corda Distributed Application
30 of 41
Comparisons to BitcoinCordas’ similarities to bitcoin: Immutable states that are consumed and created by transactions
Transactions have multiple inputs and outputs and
A contract is pure function; contracts do not have storage or the ability to interact with anything
Difference: While Bitcoin can only hold single, rigid data format and can hold very little data apart from quantities of bitcoin Corda allows for arbitrary typed data, input contracts and also the contracts of the outputs.
In Corda the term “contract” refers to a bundle of business logic that may handle various different tasks, beyond transaction verification.
31 of 41
Comparison to Bitcoin contBitcoin operates on a fixed set of byte arrays as the input meaning that a contract can not examine the structure of the entire transaction.
Since Corda contracts are Turing-complete it enables arbitrarily-precise time-bounds to be specified in transactions (which must be attested to by a trusted timestamper) rather than relying on the time at which a block happens to be mined.
However Corda does not utilise Proof of Work or have a concept of “mining”.
32 of 41
Corda vs Ethereum Both Ethereum and Corda runs code inside a virtual machine and can contain complex logic.
● Non-assembly based programming languages can be used for contract programming and the model allows for various kinds of financial contracts.
● The term “contract” in Ethereum is an instantiation of a program while Cordas’ implementation of the smart contract in code refers to a set of functions, only one of which is a part of keeping the system synchronised
● Ethereum sees itself as more than just a financial logic, and can be used for any kind of application while Corda only concentrates itself around financial applications (for the time being)
33 of 41
To sum up the article
Corda was built with the explicit purpose of recording and enforcing business agreements among registered financial institutions; it is not intended to be a general purpose solution for all problems.
As a result it takes a unique approach to data distribution and transaction semantics while maintaining the features of distributed ledgers
34 of 41
R3 Corda: Deep dive and technical review
A detailed look at the non-blockchain blockchain (Gideon Greenspan)
According to the article the blockchain technology has taken two main paths
Public blockchains with their associated cryptocurrencies and permissioned or enterprise blockchain
Both of them using peer-to-peer networking, public–private key cryptography, transaction rules and consensus mechanisms that can survive malicious actors.
35 of 41
Scalability issueProblem with scalability:
When a Corda node processes a transaction, it must download and verify all of that transaction’s ancestors, apart from those it has seen before.
However when a the family tree(older transactions that a node see for the first time) is deep, new incoming transactions may have a large number of ancestors that need to be verified, triggering Corda’s scalability problem.
It handles about 1000 transactions per second so if the transaction is old with for example a million previous transactions it would take a recipient about 17 minutes to send the asset on - too long for a liquid asset.
Corda nodes are less busy overall, they run the risk of needing to do a huge amount of work if there is suddenly a new node in Corda it has not seen before
Regular blockchains don't have this problem because nodes see and verify every transaction as it occurs
36 of 41
ConfidentialityCorda, nodes only see some of a network’s transactions which ensures better privacy, but they still see some transactions that are irrelevant. Therefore the confidentiality is not completely resolved but developers are aware of the issue
An example: if Alice pays Bob $100, then Bob sends that $100 on to Mack, Mack’s node has to be shown the transaction between Alice and Bob, even if it does not concern him
As mentioned the developer are aware of this problem and in a technical whitepaper by Mike Hearn it is suggested using multiple public keys per entity or reducing traceability by returning assets to issuers for reissuance (similar to cryptocurrency “coin mixers”)
Also using Tor-like anonymization networks to hide participants’ IP addresses and leveraging zero knowledge proofs
These proposed suløitons czan all be implemented in a blockchain so what makes Corda unique regarding confidentiality is its reduced transaction visibility, but that is a problem in itself
37 of 41
Confidentiality cont
38 of 41
Scalability and confidentiality: Tall transaction trees is a problem
The ideal situation for CordaLet's think of two separate Corda networks, with different sets of assets and participants:
A participant in one network wants to send an asset to someone in the other network.
There is no expectation that a node will have verified all past transactions, the node receiving this new asset will experience nothing unusual.
From here it just requests and verifies the relevant history, with no knowledge of the “separate network”.
However Corda nodes must decide which notary to trust to avoid abuse, irregular behaviour etc. Also nodes need a “certificate” granted by a “doorman” to connect to other nodes in a network to ensure that other members do not connect to nodes and consume resources unnecessary.
Before requesting and verifying transactions a list of trusted notaries must be added and given a certificate.
It will involve some manual configuration and administration but besides that interoperability is Cordas big advantage here.
39 of 41
ReintermediationCorda is doing well on transaction delivery,because the nodes involved in a transaction talk directly to each other, correctness and authorization, aswell , since each node is able to check these properties for itself
But when it comes to verifying transaction uniqueness, Corda fails the disintermediation (every participant can verify every transaction for themselves, without depending on the good behavior of third parties) test
Nodes cannot confirm uniqueness for themselves-they do not see every transaction in the network, which is taken care of by the notaries and they may refuse to sign even if its inputs consume outputs that have never been used before
A notary could sign two conflicting transactions which consume the same output while the two parties believe they received the same thing. The Duplicate asset send or exchange it in further transactions, leading to loss of integrity in the ledger and undermine it entirely.
Therefore Corda notaries need not be controlled by a single organization.
They can run a consensus algorithm that can tolerate bad actors. Worst case scenario is that some validators may prevent confirmation of transactions
40 of 41
ReflectionCorda’s solutions are incomplete, and depends very much on the “family tree”
The advantage is interoperability but is it enough?
It’s a challenging work the team has moving forward.
How to solve the disintermediation with price of reduced confidentiality attached to it while still solving privacy which financial institutions and banks regard as one of the core principles.
A positive spin to the issue and see Corda as a major technical upgrade to the financial status quo
It is difficult to know Corda’s real-world costs and benefits compared to the traditional blockchain method
41 of 42
References
42 of 42