We talk to NuGenesis about its freakish obsession with crashing and hacking their own blockchains, using the best blackhats in the business. In the light of the recent hacks continuing to plague Defi, its an opportunity to review the developments in security.
With the internet of things (‘IOT’), supply-chain and NFT serialisation of physical items using physical unclonable functions (‘PUFs’), being a digital fingerprint hardware that service as a unique identifier of the devices, there is exponential increases in the interaction of data through an increasing number of data points. Individuals have little or no control over the storage and the access to their information. in the era of cloud computing and networking systems where many users share the same physical storage or network. Application developers migrate their storage and computations to the clouds and require the data privacy to be granted. Moreover, IoT, healthcare, smart grids, and several other popular networking applications need to process and store a massively large amount of data, generally using cloud computing.
NuGenesis uses networks combining private and public networks in a blockchain system that separates the sensitivity of the data for client needs and consequently uses a vast variety of authentication systems, privacy services, providence services and integrity assurance services. “The proper integration for these services in blockchain technologies”, says CEO Hussein Faraj, “has been based around scalability concerns when using miners. We are increasingly streamlining our services with the removal of scalability as an issue.”
Integrity assurance deals with the correctness and the validity of the data stored, accessed, or generated by the network. It assures that the information has not been changed or corrupted by unauthorized users. Providing an end-to-end integrity assurance maintains consistency, reliability, accuracy, and trustworthiness of the information over its entire lifecycle. The integrity is one of the basic components of the CIA (confidentiality, integrity and availability) triad for information security. The leading approaches uses the smart contracts to achieve its objectives. This framework is dedicated to IoT applications that require a producer-consumer architecture. In this architecture, the owner shares the data with other consumers for specific purposes. The data is generally shared through the use of the cloud storage services, where the owner posts the data to the cloud and the consumers access the data from there. Storing the data in the blockchain database provides the integrity service.
However, the blockchain database are limited in memory and cannot handle the massive amounts of data. Thus, storing all the cloud data becomes impractical. The idea of this framework is to store encrypted hash values of the data on the blockchain database and these hash values are then used to check the integrity. Storj is a blockchain-based peer to peer data storage system that utilizes the blockchain database to store hash values of the data and verify the integrity. The network validates the data stored offchain and returns back the metadata needed to retrieve the original data. In this way, the integrity is provided efficiently; however, the requirement of tracking the intruders in case the data is changed is still not provided. Ericsson partnered with Guardtime to provide integrity services that allow the application developers to assure the integrity of their users’ data and assets. They utilize Keyless Signature Infrastructure (KSI) to generate signatures for the resources. The Ericsson service verifies that a collection of data has not been altered by storing their signature on a blockchain.
The limitations come down to the computational power required that nodes generally do not possess. The industry speculation is the use of specialised application mining nodes with high computational
power, and with the point of failure involved with greater centralisation. Other proposals involve decision making from the local blockchain logs without requiring distributed consensus. For example, in the blockchain-based ACL (Access Control List) mechanisms (the ACL assuring that by defining a set of rules stating who can access a specific set of data and when), the access decisions are made based on the local copies of the blockchain database. However, this defeats the technology decentralized architecture and its consensus as the nodes need to trust the local blockchain database and make centralized decisions. Many promises have been made to resolve Bitcoin’s time issues in Ethereum and Hyperledger platforms. However, the time required for mining is still two or three seconds as compared to the milliseconds requirement.
NuGenesis chains easily run in the milliseconds needed for the IOT and PUF supply chain rapid and frequent communication. Rather than looking to store data locally or off-chain etc, NuGenesis prefer dedicated blockchain storage chains to be readily auditable precisely for their valuable data analytics in real time. The system validator nodes run on the randomness of the round robin protocol and monitored by AI and can achieve transaction speeds in the milliseconds. There are no requests from 1000’s of validators and fee actions. The streamlined validation process through the super nodes with byzantine fault tolerance and randomness via round robin monitored by AI, makes unnecessarily superfluous broadcasting through validation networks.
NuGenesis’ current innovation is the use of specially designed load balancers for blockchain. Load balancers are used on the internet to transact millions of transactions per second. There is no apparent limitation on the load balancer. All requests from wallets, apps etc come to the load balancer, whose role it is to send the data to the right chain.
The load balancers work on both the hardware level (routers, switches and dedicated systems) and software level. They allocate the data according to the utilisation of the relevant chain at the relevant time with where the data is supposed to be processed.
NuGenesis load balancers do not require a continence chain to reconnect the data from the separate chains because they have a blockchain ledger built into them with a consensus mechanism that records what is in each block and backs up to a storage chain.
With parallel processing of infinite blockchains running as para-networks, scaling up to 1,000 chains parallel processing data is efficient. Data is sent through the load balancer which keeps track of the database and storage of where data is sent in the storage chains. Data can be readily searched from the explorer on the load balancer.
With NuGenesis’ implementation of load balancers and consensus before packing on the load balancer, the more parallel network chains that are added, the more data is injected into block creation of the connected chains. Without a validation delay (validation occurring within a 100th of a microsecond), and accordingly there are more dramatic increases in the speed of transactions. The more chains that connect to the NuGenesis blockchain system with their own sovereign systems, they claim there is no extraneous pressure on any particular system. With parallel processing, the more systems, the faster the transactions processing.
The simplicity of storage chains to provide comprehensive ACL updates and modify providence information in milliseconds, may be better appreciated at each stage of the security service process. The primary security service commences with authentication. Public Key Infrastructure (‘KPI’) involved centralised certificate authorities (‘CA’) or decentralised web of trust (‘WoT’) to create, manage, use, store, and distribute the public encryption keys. Whilst CA require trust and have a single point of failure, WOT-based KPI also has the problem that they are unable to provide identity retention. That is, it is possible for a user to impersonate the identity or the public key of an already registered user.
Blockchain based KPI solutions include Pemcor which uses the hash-value of the certificate being stored in the blockchain. Others include Blockstack ID that uses Namecoin to build a distributed PKI system. Namecoin is a fork of Bitcoin that allows data storage within the blockchain transactions. It is implemented by defining a name-value pair that is used to store usernames and can be recorded in the transactions. Namecoin was originated to store the DNS names, allowing users to register their humanreadable name and associating names with the corresponding public keys. Blockstack modifies Namecoin by adding another namevalue pair dedicated for the public keys. The advantage of using Namecoin is that it already supports the name-value pairs in its transactions. Thus, the public key is the value and the name is the identity of the owner. Blockstack implementation binds the user identity to an elliptic curve public key which is one of the strongest public key cryptography mechanisms to date.
Where the limitations of storage, efficiency and scalability with these solutions become insurmountable are with privacy services. One approach used by NuGenesis for those private blockchains within public blockchains configurations is to completely hide the user’s identify within the trustworthy environment of permissioned users. Data anonymization and differential privacy mechanisms hide the identity of the user and make it difficult to link the data to its owner. Another approach used by NuGenesis is to utilise smart contracts to define the access control policies and make authorisation decisions. The is their IOT solution for allowing users to register their new resources and define their access policies through the smart contract associated with these resources.
“our social media platform will revolutionise privacy” says NuGenesis CEO Hussein Faraj:
“users will be able to set their own policies, through our smart contract upgrade to Digital Notarised Contracts (“DNC’s”), to control the rules of what the platform, advertisers and users in general get to see and do with their personal data, including setting immediate and perpetual micropayments for that use”.
Another approach to privacy is to utilise utilize the blockchain technology to verify access control logs for clouds in a federated cloud environment. The key idea is to use the smart contracts in defining the access rights and collecting the access logs from different clouds. The blockchain miners compare the access rights to the access logs. If a violation is detected, an alert is raised to be further handled by the
system.
This approach was implemented on top of the Ethereum platform. Results show that the system is resilient to many threats, including compromising the communication channel to modify the access rights, compromising the policy evaluation to allow unauthorized accesses, and compromising the logs to alter or delete them. However, latency, cost and scalability are the challenges that need to be considered for this platform to become practical. These problems disappear on the NuGenesis’ own layer 1 chains.
Data provenance security services deal with the auditability of the metadata that tracks and reports the originality of the data and the operations associated with them. In the age of social networking, cloud computing, IoT, and other distributed applications, data is an acute resource that is open and vulnerable to intrusions. The owners need to know not only the data originality, but also the manipulations and the accesses to the data along its lifecycle. For example, in IoT applications, the sensor data has to be tracked so that they get to the consumers without any unauthorized modification. Further, the consumers need to know how accurate the information is and what time it was sent. This can be achieved only by proper data provenance techniques. The same provenance requirements are applied to the healthcare data, the financial data, the governmental resource, or even scientific applications. Such applications are worldwide, generating massive amounts of data that need to be tracked. Hence, the provenance guarantees are crucial for these applications.
ProvChain, Data Prov, Provenance and BlockVerify excel in this field using blockchain based tracking systems, particularly for specialised use cases. Data Prov is used for drug trials and wheat production. BlockVerify tracks counterfeit products and its best uses are in pharma, luxury products, diamonds and electronics. For more general application says NuGenesis CEO, Hussein Faraj says “you need two things. Firstly smart contracts that are more robust, such as DNCs, in checking data originality, validity and timing of all changes and an unlimited storage chain with dedicated node for analytics”.