State channel: clearing on the chain under the chain, walking on two legs – nine of the blockchain technology

Guide

The state channel is a popular expansion solution. The Ethereum Foundation recently disclosed an annual funding budget of $30 million, with $19 million for the development of Ethereum 2.0 including state channels and Plasma. The state channel is expected to promote large-scale commercial use of blockchains.

Summary

The impossibility of the blockchain triangle means that the decentralized characteristics, security, and scalability cannot be well satisfied at the same time.

The state channel solution isolates the chain and the clearing of the chain, enabling faster, lower-cost transactions while maintaining a certain degree of decentralization and asset security. As a kind of chain expansion scheme, the status channel is divided into three levels: general status channel, status channel and payment channel.

The main issues facing the state channel include routing problems, channel balancing issues, node offline issues, and margin locking issues.

The state channel can be extended to a network structure by designing a reasonable routing strategy. The current scheme has a hash time lock contract, a virtual channel, and a meta channel. The main solutions to the channel balance problem are the backpressure routing algorithm and the chain rebalance solution. The main solution to the problem of node offline is to introduce third parties to monitor the status of the chain and provide economic incentives. The solution to the problem of margin lock-in is to absorb idle funds and share funds pool from liquidity fund providers.

Compared with the chain expansion scheme, the state channel subtly separates the functions of the chain and the chain. The scheme does not need to change the structure of the chain, and combines the security and decentralization characteristics of the chain and the scalability under the chain. However , from the overall ecology, due to possible problems in the communication process under the chain, the state channel is still a new balance of security, decentralization and scalability. Compared with other chain expansion schemes, the state channel has better privacy and can be immediacy. It is especially suitable for fixing high-frequency interactions between two parties. The disadvantage is that intermediate nodes need to “pay” funds, and require nodes to be online or in real time. Introduce a third party to supervise.

Risk warning: mediation node monopoly, security vulnerabilities

table of Contents

1 Status Channel Overview

2 three levels of state channels

2.1 General Status Channel

2.2 Status channel

2.3 Payment channel

3 key issues that state channels need to overcome

3.1 Routing problem

3.1.1 Hash-Time Lock Contract (HTLC, Hashed-Time Lock Contract)

3.1.2 Virtual Channel (Virtual Channel)

3.1.3 Meta Channel

3.2 Channel balance problem

3.3 Node offline problem

3.4 Margin Locking Problem

4 Comparison of state channels and other expansion schemes

4.1 Comparison with the expansion plan on the chain

4.2 Comparison with other chain solutions

text

The State Channel is one of the block-chain (off-chain) expansion schemes. Currently, many well-known projects have adopted the state channel technology scheme.

1 status channel overview

All nodes in the blockchain perform the same calculations and store the same data. Such a redundant architecture guarantees security and decentralization, and also causes the blockchain to process transactions very slowly and expensive. .

The expansion under the chain, also known as the second layer expansion, is an extension of the application layer that does not change the basic protocol of the public chain. Layer 1 provides security and layer 2 provides scalability. . Under the chain expansion, there are mainly state channels, side chains (or sub-chains) and under-chain calculations.

The state in the status channel refers to the current state of the blockchain, including the account name (or the address of the UTXO model), the balance (or the unspent transaction output under the UTXO model), contract data, and so on. The status channel is to open a chain channel between two or more parties for state exchange, so as to achieve lower commissions and immediate arrivals.

The process of trading with state channels is generally:

1 The trading party locks a certain amount of assets on the chain, and records and opens up the state channel on the blockchain;

2 Inter-transaction and status update in the channel, but not submitted to the chain;

3 When either party wants to close the channel, submit the final state to the blockchain for clearing. If the other party has an objection, it can apply for chain arbitration within the specified time.

The principle of capacity expansion of the state channel is mainly the chain interaction, chain clearing, avoiding each small transaction on the chain, only need to submit the final state to the chain, which reduces the workload on the chain. . When both parties have no objection, they can complete the liquidation quickly, realize Instant Finality, and achieve faster transaction speed, lower handling fee, and better privacy due to chain trading within the channel. .

When a party attempts to defraud and submits a non-final status link that is beneficial to itself, the other party can appeal to the chain by submitting an up-to-date status with a time stamp, and the fraudster will face punishment for the confiscation of the collateral. However, this requires users of the status channel to be online in real time. If a party is offline for a long time, the chain clearing will be enforced, which may cause losses. In this case, a third party is usually introduced to monitor whether fraud occurs, but this requires a reasonable third-party economic incentive mechanism.

The state channel scheme is more suitable for the scenario where the participant needs to exchange status multiple times in a relatively long period of time and is sensitive to the transaction fee of a single transfer. For example, chess games, Internet of Things smart payment (M2M), gaming platforms, live broadcasts, etc.

2 levels of 2 state channels

As a kind of chain expansion scheme, the status channel is divided into three levels: generalized state channel, state channel, and payment channel.

2.1 General Status Channel

The general state channel is a modular, standardized state channel development framework that becomes a state channel or a payment channel after instantiation. Developers can easily develop state-based channel-based applications without having to be familiar with the technical details of the state channel, and users can install, run, and terminate DApps in the channel without performing any chain operations.

Typical projects include Counterfactual (development architecture for building applications based on the underlying state channel) and Celer Network (layer-2 extension platform to help developers quickly build and run decentralized applications).

2.2 Status channel

A state channel is a channel that performs state interactions under a chain. The purpose of state exchange and sub-chain expansion is achieved by putting the Turing-complete smart contract on the chain into the chain. For example, a Go game based on state channel development is the continuous exchange of states under the chain.

Typical projects include the Perun Network (which supports the execution of smart contracts under the chain) and FunFair (state-based gambling games).

2.3 Payment channel

The payment channel is a specific application of the status channel in the payment field . Both parties to the transaction can conduct accounting transactions multiple times in the status channel until the chain is cleared when the channel is closed. There is no commission for the transfer under the chain. When a party tries to commit fraud during the winding up, there will be arbitration and punishment mechanisms to ensure the security of both assets.

Typical projects are Lightning Network (BTC's stateful channel payment network), Raiden (Ethernet's Lightning Network), Trinity (Neo's Lightning Network) Liquidity Network (NOCUST-based payment channel network).

3 state channel needs to overcome the key problem

3.1 Routing problem

In order to extend the payment channel to the payment network, it is uneconomical to establish a connection of two strange nodes through the routing node on the opened state channel. As explained in the six-degree network theory, we can use the six-degree network to connect with anyone else in the world. At present, there are mainly three routing schemes as follows:

3.1.1 Hash-Time Lock Contract (HTLC, Hashed-Time Lock Contract)

Representative project : Lightning Network

The sending direction sends the BTC to the 1/2 multi-signature address. If the receiving party cannot unlock the BTC by means of "signature + hash ciphertext" within the time specified in the contract, the BTC will return it to the sender.

As shown in the figure, A wants to send one BTC to D through B and C. As the receiver, D first generates a random private key r (equivalent to the key) and public key R (equivalent to the lock), and then sends R to A.

A and B first set up a hash time lock contract, R is the "lock", the "time" here is 3 days, "Hash ciphertext" is the private key r only known by D. This contract means that as long as B can obtain the private key r to unlock R within 3 days, you can get 1 BTC sent by A in the smart contract, otherwise the 1 BTC will be returned to A.

B needs to obtain the private key r to unlock R. According to the same idea, the smart contract of B and C stipulates that as long as C can obtain the private key r to unlock R within 2 days, it can get 1 sent by B in the smart contract. BTC, otherwise this BTC will be returned to B.

The same is true for the smart contracts of C and D. As long as D can unlock R with the private key r within 1 day, the BTC can be obtained. Equivalent to D is to use the private key r in exchange for a C "pay" 1 BTC, C gets the private key r and then use it to unlock and exchange for a B "pay" 1 BTC, then B unlocks A with r 1 BTC.

That is to say, D first generates the "lock" and the corresponding "key", then the lock is transmitted to A, B, C in turn; after D receives the BTC, the "key" is transmitted to C, B, A in turn. Such a few nodes implement secure transfer from A to D without mutual trust. In practice, the intermediate node will receive an additional service fee as an economic incentive (this also means that the more intermediate nodes pass, the higher the commission).

3.1.2 Virtual Channel (Virtual Channel)

Representative project: Perun Network

As shown in the figure, both A and B have opened up state channels with I, which are channel X and channel Y, respectively. Now A and B send an application to the intermediate node I through the smart contract to establish virtual channels Z of A and B (shown by dashed lines).

A locks the Z (A) pass in the X channel, and the corresponding I also locks the Z (A) pass in the Y channel;

B locks the Z (B) pass in the Y channel, and the corresponding I also locks the Z (B) pass in the X channel.

After locking, it is equivalent to establishing a virtual channel Z between A and B. The corresponding available quotas of A and B in the channel are Z(A) and Z(B), respectively. If you want to transfer 1 pass to B, I will add 1 pass to the left of the I. At the same time, the pass will be reduced by 1 pass, and the reduced pass will be transferred to B. The effect is similar to the martial arts novel. In the "crossing the mountain", A passed the I as a "springboard" and transferred a pass to B. Virtual channels can also be further extended to form larger networks.

Compared with the hash time lock contract scheme, the intermediate node of the scheme does not need to involve every transaction, and only needs to be automatically executed through the smart contract, so it is more private and low-latency, but requires an intermediate node to lock a sufficient number of Pass, said to provide "intermediary services" at both ends of the virtual channel. For example, in the above example, the I node needs to lock at least Z(A)+Z(B) passes.

3.1.3 Meta Channel

Representative project: Counterfactual

This scheme is similar to a virtual channel, except that the structure is slightly different. For example, Counterfactual is to establish the proxy status channel of A and I, B and I respectively after instantiating the common state channel, and establish the payment channels of A and B on the basis of this, achieving the same effect as the virtual channel.

3.2 Channel balance problem

In the state channel network, the shortest path routing strategy of the traditional computer network will cause the channel to be unbalanced, which in turn will invalidate the routing strategy. If the pathfinding encounters a "dead end", the value cannot be effectively transmitted. As shown in Figure 8, the two-way status channels consisting of three nodes A, B, and C use the shortest path to make the available pass of the node in one channel become 0, and the two-way channel becomes a one-way channel. The upper left picture is the balanced state, corresponding to the bidirectional channel shown in the lower left figure. The pass of the upper middle picture and the upper right picture is concentrated on one side, corresponding to the one-way channel of the lower middle and lower right respectively.

Celer Network proposed a backpressure (BackPressure) routing algorithm to measure the congestion degree and channel imbalance of the local network in each time slice, and then carry out the route transfer according to the direction of the back pressure weight to reduce the network congestion and achieve channel balance. By testing the payment network composed of 254 state channels composed of 77 nodes, it is found that the backpressure routing algorithm improves the performance by 15 times and the channel utilization rate by 20 times compared with the shortest path routing algorithm of the lightning network.

Liquidity Network proposes a Revive protocol that allows the payment channel to be rebalanced under the chain. The protocol rebalances the amount of pass-through assets of each node in multiple channels by causing a set of payment channel nodes to perform a set of transactions, preventing unidirectional channels from forming. The tree network structure shown in the left figure below cannot be rebalanced, and the network shown in the right figure of Revive includes a ring structure, which can realize the uniform distribution of the nodes in multiple channels from the concentration. For example, B has 200 passes in the channel composed of D, and 0 passes in the channel composed of E, and can be redeployed through the (B, D, E, B) ring structure for the right image. So that there are 100 passes in each of the two channels consisting of B and D, B and E.

3.3 Node offline problem

As mentioned above, the state channel is interacting under the chain and clearing on the chain. Either party can close the state channel to achieve final clearing and delivery. When both parties are online and agreed, instant termination can be achieved. But when one party is offline, or the other party launches an attack (such as DDoS attack, destroys the network cable, etc.) to take it offline, and submits a non-final state that is beneficial to itself to the chain, once the offline party misses the arbitration period, the final liquidation result will be It will cause asset loss to the offline party and damage the fairness and security of the status channel.

In this case, people think of solving the task by outsourcing to a third party, such as Monitors of Lightning Network, Custodians, and Celer Network's State Guardian Network.

Monitors receive awards through proof, and Custodians gain regulatory opportunities through pledge security deposits. The State Guardian Network is a Plasma-like sidechain made up of state guardians, and the CELR Pass (Certified in the Celer Network) passes the mortgage. Pass-through becomes the guardian of the state under the chain. The more mortgage passes, the more likely it is to be delegated to guard the state task under the chain, and the greater the probability of gaining more benefits.

With the development of chain expansion and large-scale commercial use, the design of a reasonable third-party economic incentive mechanism will bring opportunities for layer-2 service providers.

3.4 Margin Locking Problem

The routing scheme mentioned in section 3.1, whether it is a hash-locked contract, or a virtual channel or a meta-channel, requires an intermediate node to "pay" funds or lock the margin. The larger the network size and the larger the average transfer amount, the more the security deposits are locked in the entire network, and the resulting opportunity cost is also higher.

Both Liquidity Network and Celer Network have proposed a banking-like mechanism to share liquidity, trying to reduce the margin lock by means of smart contracts to rent a pass from the holder or the payment center to "lender" and share.

The following picture shows the economic model of Celer Network, mainly consisting of Liquidity Backing Auction (LiBA), Liquidity Guaranteed Mining (PoLC Mining, Proof of Liquidity Commitment Mining) and Chain Status Guardian Network. Partial composition. The PoLC Mining mechanism is a key source of Celer network liquidity funds. Simply put, it collects idle funds from liquidity providers through pledge guarantee contracts, similar to banks obtaining funds from depositors and then serving the state channel through LiBA mechanism. Suppliers provide liquidity funds, similar to bank lending.

Liquidity Network is based on NOCUST's multi-party payment center, which reduces capital locks by pooling and sharing mortgage funds. The Lightning Network needs 100% collateral for all transactions, and the mortgages are isolated from each other and have poor liquidity.

Comparison of 4 state channels and other expansion schemes

4.1 Comparison with the expansion scheme on the chain

Compared with the chain expansion scheme, the state channel subtly separates the functions of the chain and the chain. The scheme does not need to change the structure of the chain, and combines the security and decentralization characteristics of the chain and the scalability under the chain. However, from the overall ecology, the state channel is still a new balance of security, decentralization and scalability due to possible problems in the communication process under the chain.

4.2 Comparison with other chain solutions

Compared with other chain expansion schemes, the state channel has better privacy and can be immediacy. It is especially suitable for fixing high-frequency interactions between two parties. The disadvantage is that intermediate nodes need to “pay” funds, and require nodes to be online or in real time. Introduce a third party to supervise.

The principle of expansion of sidechains (such as Plasma) is to extend the sidechain processing transaction in the main chain. After the dispute arises in the side chain, it can apply for arbitration in the “Challenge Period” to the main chain, similar to the Intermediate People's Court and the Supreme People's Court. The relationship takes into account efficiency and fairness. Compared with the state channel, the side chain scheme does not have instant termination due to the mandatory “challenge period”.

The solution under the chain calculation is to put complex calculations under the chain and submit the calculation results to the chain for confirmation. Inter-chain calculations also ensure that calculations under the chain are reliable by introducing competition and incentives, such as Truebit's Verification Game. The calculation under the chain is more suitable for scenarios that require complex calculations. For example, BTC's Simple Payment Verification (SPV) allows Ethereum's smart contract to check whether a transaction has occurred, but the SPV itself is computationally intensive and placed on the chain. It is expensive and congested.

Note:

For some reasons, some of the nouns in this article are not very accurate, such as: pass, digital pass, digital currency, currency, token, Crowdsale, etc. If you have any questions, you can call us to discuss.

This article is original for the General Research Institute (ID: TokenRoll). Unauthorized reproduction is prohibited.

General Information Institute × FENBUSHI DIGITAL

Text: Song Shuangjie, CFA; Cheng Dongfeng

Special Advisor: Shen Bo; Rin; JX