Aeternity and decisions in cryptocurrency design. Part 1: Consensus
This is part one of a two-part series on the choices you have to make when building a cryptocurrency.
Find Part 2: Governance here.
- Balancing consensus, governance and tokenomics
- Proof of work vs proof of stake, Bitcoin-NG and Cuckoo Cycle
- Why aeternity chose its proof of work-type consensus mechanism, and how it's emphasising the pros and mitigating the cons
aeternity, or æternity to use its given name, is a blockchain smart contract platform that aims to start with a more modern foundation than Ethereum did for the creation of a more streamlined and naturally faster dapp platform.
But blockchain and cryptocurrency design is still very much an evolving field, and developers will always tend to find themselves blazing entirely new trails and asking themselves a lot of tough design questions along the way.
There's a lot to be learned from exploring the choices made in blockchain consensus, governance and tokenomics design.
Assembling a blockchain platform is kind of like building a house of cards, where each card is a separate design choice.
One might think of consensus mechanisms, governance and tokenomics as the three main cards.
- Consensus mechanisms: This is what makes a blockchain tick. It's how different nodes reach agreement and maintain their ledger. It needs to be robust, fault tolerant and able to consistently and predictably reach consensus. Proof of work (PoW) and proof of stake (PoS) are two common types of consensus mechanisms, but they aren't specific individual consensus mechanisms in and of themselves.
- Governance: This is how network participants can make decisions on future network developments. History has shown that these are essential for cryptocurrencies and decentralisation, especially for preventing contentious hard forks that split communities. Anarchy, democracy and plutocracy are all examples of governance systems.
- Tokenomics: This is how the platform economy is designed. It includes coin-minting schedules or mining rewards, token distribution, money sinks, inflation and others.
These cards need to simultaneously support and be supported by each other. Working consensus mechanisms, for example, will typically depend on tokenomics, which might be influenced by governance mechanisms.
If one of these cards falls, the entire house might come crashing down – so no pressure. Anyone seriously developing a brand new blockchain platform has to think long and hard about how they want to set up their cards.
Vladislav Dramaliev of the aeternity project walked finder through the assembling of their cards.
The consensus card
aeternity's heartbeat is Bitcoin-NG, a proof-of-work consensus mechanism.
Bitcoin-NG, Dramaliev explained, was "developed by academics at Cornell, in particular Emin Gün Sirer. It's basically a modification of the original mode of consensus which tries to keep the most important features of that consensus – things like [mining] difficulty and implementation of proof-of-work mechanisms – but at the same time improve on latency."
It does this by introducing two types of blocks, known as key blocks and microblocks. Key blocks are basically like normal bitcoin blocks, while microblocks are transactions that can be processed by miners between the discovery of key blocks.
"Originally in bitcoin, what happens with miners is they're trying to find a block," Dramaliev explains. "Once they find this block and announce it, and it goes throughout the network and everyone learns about it, all miners start looking for the next block. But during this period of looking for the next block, nothing in terms of verification of transactions is happening. So it's kind of lost time. This time should on average be 10 minutes.
"But NG tries to address this. This is how we can improve some of the latency. It basically uses these 10 minutes for some actually useful work.
"This happens with key blocks and microblocks. In Bitcoin-NG, once a miner finds a key block – you can call it just a normal block on the bitcoin network – the miner can start looking at the mempool of transactions and start verifying them one by one. This is happening with these microblocks.
"So the miner finds a key block and then has the opportunity to start creating microblocks. He doesn't need to provide the PoW for these microblocks. Basically, he takes the transactions he wants and verifies them with the key that found the key block.
"This means the time until the next key block is found could be used for verification of transactions as well. This significantly improves the scalability, basically the latency, of the system and allows for a significant increase in transaction throughput on the chain.
"So Bitcoin-NG is a consensus mechanism that improves scalability on chain. It's not an off-chain solution... In other networks, it has been proven to reach speeds of 100 TPS on chain, which is a significant increase from the 4 or 5 TPS in bitcoin.
"It has been implemented in other systems already, but they're not proof of work. aeternity is the first PoW platform that implements Bitcoin-NG."
The pros and cons of consensus mechanisms based on proof of work
Proof of work is widely criticised for its shortcomings. Its energy-hungry nature has put bitcoin through the wringer, 51% attacks have proven to be a thoroughly feasible way of hitting smaller coins, the dangers of seemingly unpreventable mining monopolies have led many to question whether proof of work is too economically prone to centralisation, and it's not possible to permanently stop ASIC miners from dominating the network hashrate.
aeternity mulled over these hazards and others, but still opted for proof of work while taking steps to mitigate the downsides where possible.
One of the reasons for taking that route, Dramaliev says, is because aeternity is thinking of the need to support the tokenomics card with the consensus mechanism. Running nodes and processing transactions consumes very real resources which cost very real money and there is a certain merit to the "you only get out what you put in" economic theory. This counter-intuitive-sounding yet quite compelling idea is that the intrinsic value of an asset is driven by the effort put into acquiring it more than anything else. So, according to the theory, bitcoin is highly valued largely because mining it is so expensive and consumes such enormous amounts of energy.
"I think generally it's always good to have something in the real world, or some kind of resource that is being connected to the process of creation of this digital resource, which is the token – this coin," Dramaliev mused. "This is related to economics. Miners are a form of staker in the system. They need to use an actual resource – money – in the real world to manufacture or buy this equipment in the real world, and then use this equipment to provide some kind of security to the network and be rewarded by coins."
It also decentralises the potential attack vectors, he notes. Proof-of-stake systems can be attacked with money alone, which can be instantly moved and deployed to that end. However, mining hardware is governed by supply chains, external business realities and a range of other factors that make it harder to leverage against temporary vulnerabilities that might come up, such as a temporarily low hashrate.
However, the main reason for deciding on proof of work might be that proof-of-stake consensus mechanisms aren't yet where they need to be.
"PoS has a long way for its attack vectors to be identified and addressed; many already are, but only time... could be employed to test something of this scale," Dramaliev said. "No matter how well you design, a certain amount of time needs to pass for you to be relatively sure that it's secure.
"We consider at aeternity that decentralisation is actually the primary goal. And so far we believe that the Nakamoto consensus and proof of work are the way forward for that. That's why we opted in for proof of work when everyone's going for proof of stake. We might consider implementing [a non-PoW consensus mechanism] at some point in the future, but we think it's too early for that."
Mitigating the downsides
After leaning into the decision to use proof of work, aeternity then needed to find ways of overcoming some of the potentially deal-breaking downsides.
First up, ASIC risk.
"What we realised in the process of developing aeternity is that ASICs are actually very, very hard to stop or to remove entirely as a threat," Dramaliev said. "So this ASIC resistance is a very short-term solution, just because of the fact that anything which is created for a specific task will always be more efficient than something that has a general purpose.
"That's why we decided to go for Cuckoo Cycle. This is the mining algorithm that actually provides a good deal of protection against ASICs... We actually contributed to the development of the cuckoo cycle and the funds of John Tromp, the creator of Cuckoo Cycle.
Cuckoo Cycle (PDF) is a form of proof of work that presents an inherent measure of ASIC resistance.
It's a memory-bound proof-of-work system that works by deliberately turning main memory latency into a bottleneck. In other words, the efficiency of mining hardware becomes dependent on RAM, rather than CPU speed.
This works because RAM speed is relatively consistent across hardware, so major developments will be needed for the creation of a worthwhile Cuckoo Cycle ASIC miner. Basically, someone could make a super-fast aeternity ASIC miner, but its speed would be limited by its RAM so it would only get minimal advantages.
And souping up RAM is on a completely different level to designing ASIC mining chips. It's "a complex process that only a few companies worldwide are engaged in," Dramaliev said.
But hardware is getting more advanced every day, and the business realities of ASIC mining tend to see a single provider monopolise the markets for all but the largest coins. The short reason for this is that manufacturers often depend on monopolising a market if they want to turn a profit. At this stage, most PoW coins just don't dispense enough rewards to support multiple providers, so the explicit business plan is to corner the market and centralise mining.
Dramaliev sees two primary defences against these issues. The first is existing game theory defences, and the second is to actually push the ASIC market forward and open it up.
"The first one is the protection we have currently... there is incentive not to engage in some bad activities because if they do so, the value of the coins they are mining and the value of the whole network will go down. This is the general game theoretical defence you have.
"You have a couple of pools only that are mining of course, but pools are made up of individual miners. If a pool decides to do something bad to the network, these individual miners could stop using that pool and move to a different one.
"The second big solution is introducing some kind of developed market for ASICs. We're not there yet. We have just a few producers of ASICs, and they have a monopoly on the entire market. This is ASICs when it comes to bitcoin mining and other cryptocurrencies.
"What we think is going to happen, and what we are going to try to do, is push the development of this ASICs market forward. We would like to make it easier for people who are interested in developing ASICs to start doing so. The companies which have access to factories will always have economies of scale on their side, but if the ASIC designs are made public or open source it might be easier for people to modify FPGAs, (a form of customisable hardware) and to use FPGAs to mine certain – or all – currencies.
"There are a couple of companies that usually produce FPGAs for certain purposes, they are now creating divisions and hardware components that could be sold throughout the world and could be used for the creation of different kinds of mining equipment. This might not be more efficient than ASICs, but it would be more efficient than GPUs. So I think the first step would be to decentralise the production of mining equipment somehow.
"If this happens, hopefully mining itself could get decentralised.
"Generally when it comes to PoW and mining centralisation, there is no other solution at this point. There is a certain amount of centralisation that will come from mining. This is one of the negative sides that will come from PoW. All mining types have their pros and cons. It's a concern, but for us it's been outweighed by the benefits of having this connection to a real-world resource – electricity."
Expect the unexpected
aeternity is using a proof-of-work Cuckoo Cycle Bitcoin-NG consensus mechanism. The tokenomics card is a crucial support for the consensus card, and vice versa.
The hazards of proof-of-work systems are very real, but can be mitigated to a significant extent by careful design and planning ahead. It's not enough to just plan one step ahead though, and it might be preferable not to set things in stone where possible.
"The dev team has been tackling a lot of issues on the road," Dramaliev explained. "When it comes to blockchain protocols, keeping in mind that they are applied R&D, there is always some kind of uncertainty. Basically, every time when it comes to creating a software, there are certain things that cannot be expected."
Having yet to launch its mainnet, aeternity is still able to respond to the unexpected with relative ease and swiftness. Dramaliev says the team is hoping for a mainnet launch sometime this year, but cannot set it in stone yet and needs to remain flexible.
This is important because implementing certain updates or changing directions will be more difficult after the mainnet launch. That's also where the governance elements start playing a crucial role in supporting the consensus and tokenomics cards.
Find Part 2: Governance here.
Disclosure: At the time of writing, the author holds ETH, IOTA, ICX, VET, XLM, BTC and ADA.