Featuring 150+ speakers and 100+ presentations, SmartCon 2022 brought together industry luminaries from across Web2 and Web3 to discuss what’s needed to propel trust-minimization to its next inflection point.
Ushering in an era in which cryptographically enforced systems are the norm requires not only a monumental volume of concerted effort but also principled academic research and a strong emphasis on user and industry needs.
Chainlink Labs’ mission is to accelerate Web3 innovation and the adoption of cryptographic guarantees by empowering developers to build feature-rich hybrid smart contracts. The Chainlink Labs team has made significant progress over the last year in multiple key research areas, including cross-chain messaging, privacy-preserving oracles, fair transaction ordering, and off-chain data aggregation.
This post recaps key Chainlink research updates from SmartCon 2022.
Cross-Chain Interoperability Protocol (CCIP)
Chainlink is currently developing the Cross-Chain Interoperability Protocol (CCIP)—an open-source standard for cross-chain communication. CCIP aims to establish a universal, open standard to help enable developers to build secure services and applications that can send arbitrary messages, transfer tokens, and initiate actions across multiple blockchain networks. In addition, CCIP aims to integrate with a wide variety of oracle services to support highly sophisticated cross-chain interactions.
CCIP is designed for end-to-end security, forward-looking interoperability, and a seamless developer experience. CCIP’s infrastructure enables a sender on a source chain to send a message (data and/or tokens) to a receiver on a destination chain. In practice, many protocol instances can be run in parallel, enabling connections between a large number of independent networks.
CCIP’s architecture comprises three layers—messaging (programmable bridge), transport (CCIP core), and decentralized oracle networks (DONs) using OCR 2.0, as well as a fourth component in the form of the Risk Management Network that supports each layer. Notably, the sender and receiver contracts are the only components that need to be written by external developers—all other components are abstracted away by CCIP, providing a single, simple, and elegant interface for facilitating cross-chain interactions.
In his presentation at SmartCon 2022, Lorenz Breidenbach, head of R&D at Chainlink Labs, took the audience through a cross-chain messaging workflow using CCIP.
First, the sender invokes the Router
contract, which is the single entry point for all destination chains. The Router
bills the sender contract’s subscription and routes messages based on destination chain and tokens (with a dedicated token pool for each token). Notably, token transfers are rate-limited to help mitigate the extent of a potential attack.
If it’s not just tokens but also messages that are being sent, the Router
forwards the message to the appropriate destination-specific OnRamp
contract for it to perform initial validation. If the validation passes, the OnRamp
emits an event with messages and metadata. At this point, the Committing DON (oracles running OCR 2.0) observes the source chain, picks up the event, and waits for the finality of message events emitted by the OnRamp
. Then, the Committing DON sends a cryptographic commitment (signed by a quorum of oracles) in the form of a Merkle tree’s root to the Commit Store
contract running on the destination chain.
A unique feature of CCIP is the Risk Management Network, a separate verification layer that independently monitors all layers of the stack. If the Risk Management Network’s nodes notice any nefarious activity, an emergency shutdown can be automatically triggered to stop cross-chain activity. Whenever a contract performs an action, it checks the status of the Risk Management Network to see if the system is in an emergency pause state. Notably, the Risk Management Network only monitors public (on-chain) information, making its activity fully auditable.
Now, the cross-chain message can be executed. The Executing DON consists of many nodes running OCR 2.0. The Executing DON will wait for the message to be committed in the Commit Store
contract and blessed by the Risk Management Network. Then, the Executing DON sends the execution transaction along with cryptographic proofs to the OffRamp
contract. The OffRamp
validates the cryptographic proofs against the commitment stored in the Commit Store
and checks whether the commitment has been blessed by the Risk Management Network. Finally, the Router
on the destination chain bills the subscription of the receiver contract and acts as a single exit point for all source chains.
In his presentation, Lorenz showcased a cross-chain “ping-pong” demo contract that exchanged messages between a contract on the Goerli testnet and a contract on the Rinkeby testnet.
In addition to the architecture deep dive, Sergey Nazarov, co-founder of Chainlink, and Jonathan Ehrenfeld Solé, strategy director at SWIFT, announced during a fireside chat that SWIFT is using CCIP in a proof of concept that will enable SWIFT messages to instruct on-chain token transfers, helping the 11,000+ institutions on the financial services network become interoperable with blockchain networks. CCIP is also in the alpha testing stage with Synthetix’s novel Synth Teleporters, which allow synths to be moved across different networks.
DECO
DECO is privacy-preserving oracle technology developed at Cornell University and later acquired by Chainlink. DECO enables smart contracts to support sophisticated use cases involving sensitive data in a privacy-preserving manner.
Chainlink oracle networks already bring a vast amount and extensive variety of external data to the blockchain economy. As of Q3 2022, Chainlink oracles have brought 4.2B+ data points on-chain. However, the vast majority of data that exists is not publicly accessible, meaning that most data is not accessible to traditional oracles. And even if oracles could access the world of privately accessible data, there may be sensitive or confidential information that wouldn’t be sensible for oracles or the public to be able to view. Therefore in practice, when it comes to privately accessible data, oracles should only generate claims derived from such data to be used by smart contracts. DECO helps make this possible by unlocking data, capabilities, and services that are currently locked in Web2 by bridging them securely and in a privacy-preserving manner to Web3. In addition, even if there’s no private data involved, DECO can be used to prove the provenance of data from data sources that require user authentication.
“I strongly believe that in order to unlock the massive potential of blockchain technology, there needs to be a way to bring information about users—whether it’s their age, identity, or credit score—in a privacy-preserving manner on-chain to be used by smart contracts.”—Dahlia Malkhi, Chief Research Officer, Chainlink Labs
During her presentation at SmartCon 2022, Dahlia Malkhi, chief research officer of Chainlink Labs, announced that DECO has reached its alpha stage, with testing underway with multiple partners across a number of proof of concepts. Taking DECO from a research prototype to a functional alpha took significant research efforts involving the creation of novel zero-knowledge proofs that are faster to generate and less memory-intensive than existing zero-knowledge technologies. There are plans for the core zero-knowledge engine powering DECO to be open-sourced in the future so the larger research community can contribute to its development and adoption.
From a high level, DECO involves a three-way interaction between various entities—a Web Server, a Prover, and a Verifier. The Prover (user or app running DECO Prover) queries the information from the Web Server (data provider), while the Verifier (Chainlink oracle running DECO Verifier) witnesses the interaction. By doing so, the Verifier can attest to the provenance of the communication between the Prover and the Web Server, knowing the endpoint that the prover interacted with along with an encrypted transcript of the interaction.
Then, communication with the data source is dropped, and only the Prover and the Verifier need to interact. At this point, the Verifier has proof that the data is authentic, but it only sees an encrypted transcript. Depending on the specific use case, one of the following outcomes occurs:
- If no privacy is needed, the Prover supplies the secret key that can decrypt the data to the Verifier. Thus, application developers can incorporate data in their apps with the data’s provenance proven by DECO.
- If privacy is needed, the Prover takes the encrypted data and the knowledge that it was pulled from the original source and—through the power of zero-knowledge proofs—makes claims about it without revealing the data itself. Thus, application developers can incorporate private claims in their apps that have been verified by DECO.
Chainlink Labs recently engaged in a series of alpha test proof of concepts with various partners to verify the viability of DECO across the following smart contract use cases:
- Undercollateralized lending—The protocol was used in a proof of concept with Teller to generate zero-knowledge proofs regarding off-chain bank account balances which were used to facilitate on-chain undercollateralized loans without compromising on data privacy.
- Digital identity—PhotoChromic is working on a digital identity solution that helps prove that a user controls a specific social media handle, allowing for applications to filter real-world users.
- Social identity/proof of fandom—Clique is developing a solution to prove that a user commented on a particular content creator’s Tweet or that a user is following a particular content creator on Twitter without revealing their own Twitter handle.
- System of records—At SmartCon 2022, Burrata demonstrated a prototype that allows Web3 users to prove their identity through one of Burrata’s data providers connected to a Web2 API. The prototype was showcased through a cabin rental proof of concept where users could rent a cottage if they verified their identity and signed a temporary rental agreement. With the support of DECO, Burrata can be connected to an identity platform and a document signing service without any private data revealed on-chain or to the oracle—only the claims about them.
Chainlink Labs is collaborating with various service providers, referred to as Web3 Integrators, who will facilitate interactions between both the Prover and the data source and the Prover and the Verifier in order to help make the system more scalable and the user experience more seamless. In addition, development is underway to enable Web3 Integrators to run client side (even on mobile devices) for additional trust-minimization benefits.
Fair Sequencing Services (FSS)
FSS is a decentralized transaction ordering solution built with the aim of mitigating the detrimental effects of maximal extractable value (MEV) in smart contract systems. MEV presents itself in various forms—in arbitrage opportunities between DEXs, or when malicious actors front-run ordinary DEX trades, to give just two examples. MEV causes unnecessary slippage, degrades the user experience, and creates an invisible tax on users. The measured total amount of extracted MEV sits at around $675M—a lower-bound estimate which accounts for a small portion of trading activity in digital asset markets.
The aim of FSS is to build tools that help enact fairer transaction ordering policies for users by providing a state-of-the-art solution without them having to make modifications to existing infrastructure. FSS is being designed to help increase order fairness, reduce transaction costs, and reduce or eliminate information leaks.
In his presentation at SmartCon 2022, Chainlink Labs Chief Scientist Ari Juels described the smart contract transaction ordering problem and went through the developments of FSS since the technical overview was presented in the Chainlink 2.0 whitepaper.
The main benefits of FSS comprise two key transaction ordering policies: secure causal ordering and temporal ordering. Secure causal ordering encrypts transactions to hide transaction details, orders them by a DON, and then decrypts them for execution. Thus, the transaction payloads are in an encrypted form and not visible to nodes before the ordering process begins. Temporal ordering is a mechanism that aims to ensure that the transactions received first by the oracle network are the first to be output, helping facilitate a first-in, first-out (FIFO) ordering policy.
Chainlink Labs Research Engineer Paweł Szałachowski demonstrated a fully functional FSS prototype using a standard automated market maker (AMM). In the demo, FSS was used to prevent a harmful sandwich attack, in which an attacker inserts malicious transactions before and after an ordinary transaction to make a profit.
Let’s say Alice would like to buy 100 ETH worth of TOKEN, where the price of 1 TOKEN is approximately 1 ETH. The attacker sees the transaction in the mempool (a queue where unconfirmed transactions are stored) and buys a large amount of TOKEN, inflating its price. Then, the attacker executes Alice’s buy transaction, pushing the price higher again and making Alice’s buy order execute at a higher price than initially intended. Finally, the attacker sells their TOKEN for ETH, making a no-risk profit in an atomic transaction at the expense of Alice.
Through the “FSS Swap” demo, Paweł showcased how FSS can effectively prevent a sandwich attack and help minimize MEV.
Off-Chain Reporting (OCR 2.0)
The Off-Chain Reporting protocol (OCR 1.0) was a scalability upgrade to Chainlink Data Feeds which decreased the on-chain gas costs of generating tamper-resistant oracle reports by moving the data aggregation process off-chain via a peer-to-peer network. OCR 1.0 allows nodes to aggregate their observations into a single report off-chain, which is then submitted on-chain by a single node with each node’s observation and signature verified on-chain.
OCR 1.0 has been powering Chainlink Data Feeds, a cornerstone of the DeFi ecosystem, since its initial deployment in early 2021. However, the Chainlink ecosystem and the larger Web3 landscape have gone through significant changes since then. Most notably, Chainlink has launched a wide variety of novel Web3 services, including Proof of Reserve, VRF, and Automation. In parallel, the smart contract ecosystem has also become increasingly multi-chain.
OCR 1.0 was initially developed to power Chainlink Data Feeds on EVM-based chains by aggregating data to be medianized on-chain. OCR 2.0 is a more generalized implementation of OCR, designed to provide a shared foundation for a wide variety of Chainlink services that incorporate DONs across many distinct blockchain integrations. OCR 2.0 introduces additional scalability and configuration flexibility by using a modular architecture that can be tailored to the specific requirement of each service and allows for the expression of logic for different oracle services using the same framework.
OCR 2.0 uses a Reporting Plugin to provide product-specific logic that’s executed by the OCR 2.0 framework running on the DON. Reporting Plugins allow for essentially arbitrary services to target almost arbitrary chains that can be integrated with the corresponding Reporting Plugin interface.
Several additional improvements have been made with OCR 2.0, including further reductions to gas costs amounting to ~25% compared to OCR 1.0, a new peer-to-peer networking stack for increased security and reliability, and enhancements leading to lower latency and higher throughput.
Staying at the Cutting Edge of Blockchain Research
Blockchain research involves investigating highly complex and challenging problems and solving them in a way that can be applied beyond a purely academic context to affect in-production systems and real-world outcomes. In addition, blockchain research is uniquely multi-disciplinary, touching on fields including computer science, economics, game theory, and mathematics, making it an exceptionally attractive field for researchers.
The Chainlink Labs team consists of world-renowned researchers and top industry experts working to create cutting-edge technologies that help establish trust-minimization as a standard for Web applications and usher in a more economically fair world powered by cryptographic truth. If you’re a researcher and would like to collaborate, reach out.
If you’re interested in more blockchain research, join the discussion on the Smart Contract Research Forum. To learn more about Chainlink and keep up-to-date with the Chainlink ecosystem, subscribe to the Chainlink newsletter and follow the official Chainlink Twitter.