Blockchain is changing the technology landscape when it comes to cryptocurrency, data backups, immutable voting, file sharing, authentication, and much more. It embraces the notion of computational trust and uses computer processing to establish validity of transactions rather than an institution or intermediary.
However, the computational trust model creates privacy and scalability tradeoffs for blockchain developers. Transaction validation can be a time-consuming process, and it can become slower and require more compute power as a network grows. That is one of the reasons why Bitcoin and Ethereum operate at 3-15 transactions per second, while Visa can operate at over 24,000 transactions per second. Data privacy can also be an issue with blockchains since they typically replicate transaction data across validator nodes to assist with provenance. This replicated data can present problems for developers that need to build strategies to prevent unauthorized participants from seeing valuable corporate data stored and replicated on-chain.
To overcome these challenges, organizations are exploring ways to execute blockchain transactions off-chain to help meet performance and privacy needs. But, how can a transaction execute off-chain and still maintain the computational trust of blockchain? Without computational trust, off-chain data has little value.
The Hyperledger Avalon project was established to help create computational trust for off-chain workloads. Avalon is an open source reference implementation of the Enterprise Ethereum Alliance (EEA) Off-Chain Trusted Compute API Specification and was designed to help blockchain developers deliver the next wave of confidential computing applications that address off-chain speed and privacy concerns. The project originated as a research project in Intel Labs, which studied the benefits and viability of off-chain blockchain transactions. The EEA embraced off-chain transactions in the forming of their Trusted Compute Working Group that delivered the Off-Chain Trusted Compute API v1.0 in 2018. A Trusted Compute API reference implementation called Trusted Compute Framework (TCF) was initiated by Intel. The TCF code was contributed to Hyperledger in early 2019 and was renamed to Hyperledger Avalon. Currently, there are more than a dozen developers participating in the project, including Baidu, IBM, Kaleido/Consensys, Santander, and many others.
Hyperledger Avalon (or Avalon for short) was designed to help developers gain the benefits of computational trust and mitigate its drawbacks. It specifies that a blockchain is used to enforce execution policies and ensure transaction auditability, while associated off-chain trusted compute resources execute transactions. By using trusted off-chain compute resources, a developer can accelerate throughput and improve data privacy. The off-chain execution enabled by Avalon allows complex transactions to execute on dedicated servers or cloud-based virtual machines (VMs). Once complete, the results of those transactions can be posted back to the shared ledger so that the developer gains access to dedicated compute power for faster execution while gaining the benefits of blockchain computational trust.
Off-chain execution can also help developers deliver data confidentiality. Developers can gain access to off-chain data stores and selectively post portions of the transaction results back on the blockchain. This allows access by the replicated blockchain network only to the select portion of the transaction data that the developer intends to share, and it leaves the rest of the confidential transaction data off-chain in the original data store.
How is this off-chain trust established? Developers who utilize Avalon will find that hardware-based Trusted Execution Environments or TEEs play a key role. TEEs are a secure area (or enclave) of a processor that can help protect code and data from disclosure or modification. Developers can use the attestation capability of TEEs to help verify that a specific off-chain workload has been loaded into an off-chain server for execution. The isolation of TEEs can help ensure that the code and data are not observed or manipulated by external parties, including the service provider hosting the TEE.
A workload running off-chain in a TEE can also cryptographically sign the data output and return that data to the blockchain. This allows developers to ensure that the desired off-chain workload has executed to completion by an intended workload processor, and it can validate the results of the execution, thereby helping to extend computational trust from on-chain to off-chain.
What are some use cases currently being explored by Avalon?
Privacy Preservation in Edge Networks – As telecom networks increasingly process and capture 5G video on edge networks, carriers are looking for ways to help ensure that the data is used for its intended purpose and that privacy is maintained for those captured on video. For instance, consider a self-driving car’s onboard camera witnesses a car accident. An insurance company, working with a network carrier, could use Avalon and hardware-based TEEs to help access captured video from the accident and process a claim at the network edge. Once the transaction completes (and the relevant portion of the video is shared), the insurance company could use a blockchain smart contract to remunerate the owner of the self-driving car that captured and sent the witness video. And finally, because the off-chain transaction would be operating in a TEE, the captured video could be encrypted and only applications with the appropriate cryptographic key such as the insurance application would have access to the encrypted data (or restricted access to portions of it such as a captured license plate image).
National Supply Chain Networks – Supply chain data is often stored in corporate Enterprise Resource Planning or ERP systems. Corporations are often reluctant to share their ERP data on a blockchain, as they fear other blockchain participants could be in a position to see a competitor’s confidential ERP transactions. With Avalon, the blockchain transactions would come to the ERP system and execute in a TEE. Corporations could keep their ERP systems off-chain and away from the shared infrastructure of the blockchain. The results of the smart contract could be placed back onto the blockchain in the form of a cryptographic receipt. This would allow corporations to join a supply chain blockchain without exposing their ERP system to the rest of the network.
Enhanced Insurance Quote Ecosystems – Imagine creating more informed insurance quotes for employee populations by developing a network of hospitals, businesses, and insurance companies that all use TEEs to securely share data. For example, a hospital can encrypt patient data and drop it into a secure enclave, and the insurance company can then input an algorithm into that secure enclave to make a calculation. The results are then pushed back to the insurance company so they can make an informed quote to the business on health coverage for employees – all while maintaining the privacy of patient data. This enables employers to deliver better coverage options, allows insurance companies to reduce rates (while still making a profit), and ensures that hospitals can conform to regulations.
The aforementioned examples are just the tip of the iceberg when it comes to the type of solutions we’ll see as a result of the off-chain computational trust that can be created with Avalon. Blockchain offers a powerful medium for digital transactions, and when off-chain compute capabilities are securely integrated into that framework, it becomes a game-changer. Blockchains become more efficient; complex processing can be done off-chain and results recorded on-chain; flexible privacy policies can be implemented; enterprise legacy apps and external data sources can be integrated; and much more. While the reference implementation (Avalon) is just getting started, we encourage new developers to join the initiative, and new application providers to start writing to the spec.