A semantic domain for privacy-aware smart contracts and interoperable sharded ledgers
Daml is a Haskell-based smart contract programming language used to coordinate business workflows across trust boundaries. Daml’s semantics are defined over an abstract ledger, which provides a clear semantics for Daml’s authorization rules, double-spending protection, and privacy guarantees. In its simplest form, a ledger is represented as a list of commits, i.e., hierarchical transactions and their authorizers. This representation allows for easy reasoning about Daml smart contracts because the total order hides the intricacies of a distributed, Byzantine-fault tolerant system. It is also adequate for Daml running on a single blockchain, as it defines a total order on all transactions.
Yet, for distributed ledgers to fully eliminate data silos, smart contracts must not be tied to a single blockchain, which would then just become another silo. Daml therefore runs on different blockchains such as Hyperledger Fabric, Ethereum, and FISCO-BCOS as well as off-the-shelf databases. The underlying protocol Canton supports atomic transactions across all these Daml ledgers. This makes Daml ledgers sharded for higher throughput as well as interoperable to avoid data silos.
Semantically, Canton creates a virtual shared ledger by merging the individual ledgers’ lists of commits. The virtual shared ledger is not totally ordered, to account for the fact that there is no global notion of time across ledgers. Still, transactions can use only contracts that have been created within earlier transactions. This ensures that causality is respected even though individual system users cannot see all dependencies due to the privacy rules. Canton tracks privacy-aware causality using vector clocks.
To ensure that Daml and Canton achieve their claimed properties, we have started to formalize the Daml ledger model and prove its properties in Isabelle/HOL. The two main verification goals are as follows:
Canton’s vector clock tracking correctly implements causality.
The synchronization due to vector clocks cannot cause deadlocks.
The challenge here is that these guarantees should hold for honest nodes in the system even if other systems fail or behave Byzantine.
In the lightning talk, we give an idea of the ledger model, privacy-aware causality, and the current state of the verification.
|Slides (2021-01-18 CPP lightning talk-6.pdf)||450KiB|