Gimly’s Decentralized Identity Framework Is Built for Portability and Security
Gimly built a decentralized identify framework on EOSIO that offers users portability, security, and ease.
We interviewed Ricardo Schiller, CEO of BlockBase, about the future of blockchain data storage and their solution that provides privacy and scalability at the click of a button.
BlockBase is a platform for storing databases on blockchain. The best way to understand it is to think of it as a cloud service for database storage provided by a distributed network of nodes that are running the BlockBase code.
The concept of storing a database on a blockchain seems counterintuitive, but it makes a lot of sense. When you store all database structuring and data-related operations on a blockchain, you end up with proof of exactly what happened to that database up until the current moment in time.
This proof is extremely valuable because data can’t be manipulated, covertly changed, or forever lost, providing integrity and transparency to businesses and agencies using the blockchain-integrated database.
Such functionality could be implemented on existing blockchains but would lack two very important aspects: scalability and privacy. The BlockBase network relies on EOSIO smart contracts to operate but doesn’t store much data on the EOS Public Blockchain.
Instead, it runs sidechains to the EOS Public Blockchain, and it’s inside those where most of the data is stored. These are regular blockchains, but we call them sidechains because all their block headers are published on the EOS Public Blockchain.
Our approach conveys integrity to the sidechain structure because anyone can verify its block headers on the EOS Public Blockchain and compare them with the ones on the sidechain.
All data stored on BlockBase is encrypted by default while retaining search capabilities through an SQL-like language. This enables an easier transition for regular businesses that just want to have access to a scalable system for secure and private storage of data on a blockchain.
BlockBase has scalability built into its architecture. It springs from the idea that everyone who needs a blockchain should have one tailored for them, instead of having to default to the same blockchain as everyone else and having to adapt to that blockchain’s throughput, security, and cost.
On BlockBase, anyone can send a request to the network for a new sidechain. Depending on its configuration, each provider will decide independently if it wants to participate in the provision of this sidechain.
The decision is an economical one, and it’s based on the sidechain request, which specifies how many providers are needed, the size of the blocks, the time intervals between blocks, the reward in BBT (BlockBase Tokens) per block produced. It also encompasses the staked BBT providers will lose if production Service-Level Agreements (SLAs) aren’t met.
If an economically attractive sidechain is requested, service providers will jump to provide it. The number of providers is capped, and there is a random selection process that favors the ones who stake more BBT. If they fail to provide service for the sidechain according to the SLA, they can lose this stake.
Service providers compete with the amount of skin they have in the game. As a result, they create a scalable free market economy around the resources of the network.
BlockBase leverages an SQL-like language to manage data, chosen purposefully to ease adoption, as many developers are already familiar with it.
All database and data-related operations are stored on sidechains and are therefore traceable and replayable right from the start. Each network node stores all sidechains they are building. If they are full nodes, they also execute all operations contained on those sidechains on a local database server.
This means they always have the latest, up-to-date version of the database they are building for each sidechain. Furthermore, the requester node stores all data locally, so it’s immediately accessible and queryable for the service requester.
BlockBase is a platform designed to store databases on a blockchain, so data privacy is an important concern for us – we encrypt all data before it reaches the network.
Database names, table and column names, right down to record-level data, are all fully encrypted. Encryption is always on by default, but users can opt-out by explicitly indicating so. It’s the opposite approach to how data is usually stored.
A lot of R&D was involved in determining how to implement this mechanism because fully encrypted data is unsearchable. We based ourselves on Order Preserving Encryption, a technique that allows you to search through data without outright revealing it.
We also took this a step further: When designing a database structure on BlockBase, the service requester can fine-tune how much order should be revealed on every data column from each table of each database.
Completely revealing the order of your data is something you want to avoid, because very advanced attackers may deduce some properties about it, and that’s why an approach like the one we use is the best trade-off between privacy and searchability.
The cool part about this technique is that the more data points you know about what you want to search, the less order you have to reveal while maintaining search performance.
Around 2016-17 there was an explosion in smart contract innovation. It became clear to us that smart contracts were a powerful idea and that general data storage on blockchain would be a great feature to build.
This realization was mostly driven by intuition, and we couldn’t find any other projects providing data storage solutions. We had found a gap in the market.
Before we even got started, we performed a deep dive into the current state of data security to figure out if we were on to something. We rapidly learned that current data security was a mess of layers of technologies and practices that just ended up not working.
Our findings can be empirically confirmed by all the modern security problems industries face, only a small portion of which ends up on the news.
From there we decided to apply for an exclusive European Union funding program for cutting-edge R&D projects. We ended up winning, which proved to us that we were on the right track.
In mid-2018 we had our funding approved. We knew that blockchain technology was at the heart of what we wanted to build.
All the main technological concepts for our project were fleshed out, and we had to choose the main blockchain network to attach BlockBase to. This decision was critical because we would have to commit to that network for a long time.
We took an unbiased approach to that decision by comparing technology stacks, communities, ecosystems, and potential growth of various smart contract-enabled blockchains.
After that exercise, choosing the EOS Public Blockchain and EOSIO technology was a straightforward decision. EOSIO was the best-positioned ecosystem to build on.
BlockBase Beta has been running on the EOS Public Blockchain since late May 2020. We’ve been running an initiative for teams to run the BlockBase node software as providers and earn BBT by doing so.
Since May we have been working on the software, and it has been steadily improving. By September the BlockBase network had reached a solid level of stability.
Now we’re mostly occupied with improving the network performance and adding cool new features to it. The BlockBase platform is finally fulfilling the vision we had when we started building two years ago.
Firstly, no one would seriously consider storing important data on a public blockchain unless it was encrypted in some way. Secondly, traditional blockchains can also face scalability issues and therefore might struggle to handle large-scale databases.
These were the two greatest challenges we had to overcome. They led us to the concept of encrypting all data stored on blockchain while maintaining its searchability, and to the concept of sidechains, blockchain-like constructs that have all their block headers published on a main chain.
We recognized that privacy and scalability were paramount for a general-purpose data storage system like that.
These two concepts are the main contributions of BlockBase to the community, and they tie in with the core concepts of computer security: confidentiality, integrity, and availability. Integrity is provided by a blockchain; we added confidentiality and availability.
It’s that simple!
If you want to contribute to the network, instead of requesting a sidechain, you just run the node as a service provider. It’s also quite easy to do because it’s a very automated process. The system will automatically look for sidechains to produce that fit your configured cost/benefit model and enroll you in those accordingly.
We ran an airgrab for seven months that distributed about 30% of the BBT supply to EOS accounts.
We are now continuing to distribute BBT via different methods. Currently, we have requested a sidechain to the network and are distributing tokens to 20 different service providers.
We have big plans to scale this up in the future – to bootstrap a large-scale network of service provider nodes. Having that in place will allow anyone to use the network as a service requester and get a sidechain up and running immediately. This already happens, by the way, but on a smaller scale.
BlockBase is the culmination of a tremendous amount of effort and hard work from many team members, both past and present.
We built BlockBase inside of an IT consultancy called Agap2IT, so we had no shortage of development talent. Blockchain development is still a nascent area, and our core blockchain team has not changed much in the last two years. This consistency has enabled us to pursue our vision with laser focus.
Diogo Bulha, our lead developer, has been a pillar for the team with his excellent development skills and his gentle character.
Márcia Policarpo made integral contributions to the SQL processing layer, from encryption to execution of queries and to the reliable propagation of them from requester nodes to provider nodes.
Fernando Azevedo did important work on the implementation and testing of our smart contracts.
Of course, many others made key contributions, and we would need several pages to do them all justice.
We’ve partnered with three different projects from the EOS ecosystem: Hire Vibes, Discussions, and Boid.
Furthermore, we’re building relationships with local companies that want to experiment with blockchain technologies.
Blockchain adoption is still in its infancy. That said, we believe that it will eventually come, and when it does, existing blockchain technologies will need to scale to process worldwide demand.
We believe that the best way to meet future demand is through a horizontally scaling architecture, which is what BlockBase provides through sidechains.
From our point of view, data storage will be the first functionality traditional companies will look for when considering adopting blockchain, and BlockBase will be primed to provide that service.
Any company that considers using blockchain for data storage will quickly find out that it gets very costly, very quickly. That’s where BlockBase will shine. There isn’t any other option on the market that offers the same level of scalability.
Our #BuiltOnEOSIO series showcases some of the amazing projects leveraging EOSIO technology or the EOS Public Blockchain to build a more secure and connected world. If you would like to suggest a project for us to feature please send an email to spotlight[at]block.one for our Developer Relations team to review.
–Block.one Developer Relations team
Important: All material is provided subject to this important notice and you must familiarize yourself with its terms. The notice contains important information, limitations and restrictions, relating to our software, publications, trademarks, third-party resources and forward-looking statements. By accessing any of our material, you accept and agree to the terms of the notice.