Elrond

1 1 ElrondA Highly Scalable Public Blockchain via Adaptive State Shardingand Secure Proof of Stake[Technical whitepaper release 2 revision 1]Updated chapters: [5 - 13]June 19, 2019 - The Elrond The advent of secure public blockchains throughBitcoin and later Ethereum, has brought forth a notable degreeof interest and capital influx, providing the premise for aglobal wave of permissionless innovation. Despite lofty promises,creating a decentralized, secure and scalable public blockchainhas proved to be a strenuous paper proposes Elrond , a novel architecture which goesbeyond state of the art by introducing a genuine state shardingscheme for practical scalability, eliminating energy and com-putational waste while ensuring distributed fairness through aSecure Proof of Stake (SPoS) consensus. Having a strong focus onsecurity, Elrond s network is built to ensure resistance to knownsecurity problems like Sybil attack, Nothing at Stake attack andothers.

2 In an ecosystem that strives for interconnectivity, oursolution for smart contracts offers an EVM compliant engine toensure interoperability by simulations and testnet results reflect that Elrondexceeds Visa s average throughput and achieves an improvementbeyond three orders of magnitude or 1000x compared to theexisting viable approaches, while drastically reducing the costsof bootstrapping and storage to ensure long term Introduction1 General aspectsCryptocurrency and smart contract platforms such as Bit-coin and Ethereum have sparked considerable interest andhave become promising solutions for electronic payments,decentralized applications and potential digital stores of , when compared to their centralized counterpartsin key metrics [1], the current state of affairs suggests thatpresent public blockchain iterations exhibit severe limitations,particularly with respect to scalability, hindering their main-stream adoption and delaying public use.

3 In fact, it hasproved extremely challenging to deal with the current engi-neering boundaries imposed by the trade-offs in the blockchaintrilemma paradigm [2]. Several solutions have been proposed,but few of them have shown significant and viable , in order to solve the scalability problem, a completerethinking of public blockchain infrastructures was Defining the challengesSeveral challenges must be addressed properly in the pro-cess of creating an innovative public blockchain solutiondesigned to scale: Full decentralization- Eliminating the need for anytrusted third party, hence removing any single point offailure; Robust security- Allowing secure transactions andpreventing any attacks based on known attack vectors; High scalability- Enabling the network to achieve aperformance at least equal to the centralized counterpart,as measured in TPS; Efficiency- Performing all network services with mini-mal energy and computational requirements.

4 Bootstrapping and storage enhancement- Ensuring acompetitive cost for data storage and synchronization; Cross-chain interoperability- Enforced by design, per-mitting unlimited communication with external from the above challenges, we ve created Elrondas a complete rethinking of public blockchain infrastructure,specifically designed to be secure, efficient, scalable and inter-operable. Elrond s main contribution rests on two cornerstonebuilding blocks:1)A genuine State Sharding approach:effectively parti-tioning the blockchain and account state into multipleshards, handled in parallel by different participatingvalidators;2)Secure Proof of Stake consensus mechanism:animproved variation of Proof of Stake (PoS) that ensureslong term security and distributed fairness, while elimi-nating the need for energy intensive PoW Adaptive State ShardingElrond proposes a dynamically adaptive sharding mecha-nism that enables shard computation and reorganizing basedon necessity and the number of active network nodes.

5 Thereassignment of nodes in the shards at the beginning ofeach epoch is progressive and nondeterministic, inducing notemporary liveness penalties. Adaptive state sharding comeswith additional challenges compared to the static model. Oneof the key-points resides in how shard-splitting and shard-merging is done to prevent overall latency penalties introducedby the synchronization/communication needs when the shardnumber changes. Latency, in this case, is the communicationoverhead required by nodes, in order to retrieve the new state,once their shard address space assignment has been proposes a solution for this problem below, but firstsome notions have to be defined: users and nodes. Users areexternal actors and can be identified by an unique accountaddress; nodes are computers/devices in the Elrond networkthat run our protocol. Notions like users, nodes, addresses willbe further described in chapter - solves this challenge by:1) Dividing the account address space in shards, using abinary tree which can be built with the sole requirementof knowing the exact number of shards in a certainepoch.

6 Using this method, the accumulated latency isreduced and the network liveness is improved in twoways. First, thanks to the designed model, the dividing ofthe account address space is predetermined by , there is no split overhead, meaning that oneshard breaks into two shards, each of them keepingonly one half of the previous address space in additionto the associated state. Second, the latency is reducedthrough the state redundancy mechanism, as the mergeis prepared by retaining the state in the sibling ) Introducing a technique of balancing the nodes in eachshard, to achieve overall architecture equilibrium. Thistechnique ensures a balanced workload and reward foreach node in the ) Designing a built-in mechanism for automatic transac-tion routing in the corresponding shards, considerablyreduces latency as a result. The routing algorithm isdescribed in chapter - Elrond sharding ) In order to achieve considerable improvements with re-spect to bootstrapping and storage, Elrond makes use ofa shard pruning mechanism.

7 This ensures sustainabilityof our architecture even with a throughput of tens ofthousands of transactions per second (TPS).4 Secure Proof of Stake (SPoS)We introduce a Secure Proof of Stake consensus mecha-nism, that expands on Algorand s [3] idea of a random se-lection mechanism, differentiating itself through the followingaspects:1) Elrond introduces an improvement which reduces thelatency allowing each node in the shard to determinethe members of the consensus group (block proposer andvalidators) at the beginning of a round. This is possiblebecause the randomization factorris stored in everyblock and is created by the block proposer using a BLSsignature [4] on the ) The block proposer is the validator in the consensusgroup who s hash of the public key and randomizationfactor is the smallest. In contrast to Algorand s [3]approach, where the random committee selection cantake up to 12 seconds, in Elrond the time necessary forrandom selection of the consensus group is considerablyreduced (estimated under 100 ms) excluding networklatency.

8 Indeed, there is no communication requirementfor this random selection process, which enables Elrondto have a newly and randomly selected group thatsucceeds in committing a new block to the ledger ineach round. The tradeoff for this enhancement relies onthe premise that an adversary cannot adapt faster thanthe round s time frame and can choose not to proposethe block. A further improvement on the security of therandomness source, would be the use of verifiable delayfunctions (VDFs) in order to prevent any tamperingpossibilities of the randomness source until it is toolate. Currently, the research in VDFs is still ongoing- there only a few working (and poorly tested) ) In addition to the stake factor generally used in PoSarchitectures as a sole decision input, Elrond refines itsconsensus mechanism by adding an additional weightfactor called rating.

9 The node s probability to be selectedin the consensus group takes into consideration bothstake and rating. The rating of a block proposer is recal-culated at the end of each epoch, except in cases whereslashing should occur, when the actual rating decreaseis done instantly, adding another layer of security bypromoting ) A modified BLS multisignature scheme [5] with 2communication rounds is used by the consensus groupfor block signing5) Elrond considers formal verification for the critical pro-tocol implementations ( SPoS consensus mechanism)in order to validate the correctness of our Architecture Overview1 EntitiesThere are two main entities in Elrond : users and , each holding a (finite) number of public / private(Pk/sk) key pairs ( in one or multiple wallet apps), usethe Elrond network to deploy signed transactions for valuetransfers or smart contracts execution.

10 They can be identifiedby one of their account addresses (derived from the publickey). The nodes are represented by the devices that form theElrond network and can be passive or actively engaged inprocessing tasks. Eligible validators are active participants inElrond s network. Specifically, they are responsible for runningconsensus, adding blocks, maintaining the state and beingrewarded for their contribution. Each eligible validator canbe uniquely identified by a public key constructed through aderivation of the address that staked the necessary amount andFig. 1: Relations between Elrond entities3the node id. Relations between entities in the Elrond protocolare shown in Fig. , the network is divided into smaller units calledshards. An eligible validator is assigned to a shard based onan algorithm that keeps the nodes evenly distributed acrossshards, depending on the tree level.