What is Proof of Elapsed Time (PoET)?

20 July 2020

Medium min reading

which is proof of elapsed time, which is poet

Since its inception, the world of cryptocurrencies has been full of new ideas, and one of them is Proof of Elapsed Time (PoET). This is a completely new, innovative consensus algorithm with unmatched scalability.

PoET Origin

The origin of PoET dates back to 2016 when researchers from Intel, the world's largest processor creation and design company, began to participate in the project. Hyperledger, already led then by the Linux Foundation. At that time, Intel announced its participation in the project, in addition to the start of the development of Sawtooth Lake. This was an interesting blockchain development supported by Hyperledger seeking to develop technology for an extremely scalable private blockchain.

It was around this time that Intel introduced Proof of Elapsed Time (PoET) as a time-lottery-based consensus algorithm, protected by cryptography. A revolutionary concept that used all the technology that Intel can provide in its processors. In fact, the technology is strongly tied to Intel products to the point that it is not usable with warranties outside of its products.

How does Proof of Elapsed Time (PoET) work?

Basically what PoET does is create a trust ring where a group of participants are coordinated by a controller. This controller has the task of taking the work of the people in the trust ring and verifying that it is correct. To do this, the controller shares a stopwatch and a series of cryptographic tests that randomly enable participants to produce blocks within the blockchain.

Once a participant is chosen, it generates the block, develops the cryptographic test and sends it to the controller. When the controller receives the test, it verifies it and, if correct, accepts the block. Otherwise it discards it. Given this last decision, the timer starts again so that the selection process starts again and the test is generated by another participant. The process follows this cycle of repetitions allowing the operation of the network to be maintained indefinitely.

Of course this is a very simple way to explain how PoET works, but it will give you a general idea of the process, and will help you better understand the explanation that we will make next.

Start of the PoET selection process

The basis of the operation of PoET is in the selection process created by the process verification algorithm. The job of this selection algorithm is to give each participant a time object. We can see this time object as a countdown that has a certain amount of time described in it. At the end of that time, the stopwatch initiates an activation event for the participant, who from that moment becomes a generator of blocks. You can then see this time object as an alarm clock, which when it reaches the indicated time, the alarm will sound indicating that it is time to work to generate a block.

Randomness, the key to the process

This selection process is random and is powered by Intel's random number generation instructions, the instruction RDRAND. This unique instruction on Intel processors (although AMD also has an equivalent) generates random numbers in an accelerated way using the entropy (or chaos) that originates electrically within the processors. A process that theoretically generates very difficult to detect random numbers. This is the basis of this initial process, and it also tells us how extremely dependent PoET is on these processors.

But additionally, the only way a participant can become a block generator is by presenting a certificate that guarantees it. This certificate is generated using the SGX (Intel Software Guard Extensions) instructions. These instructions are specialized in cryptography, and are used to generate a secure digital certificate. The generated certificate is stored in a hardware vault (like those of hardware wallets, a HSM) or TEE (Trusted Execution Environment) that is inside the same processor.

Only participants who comply with having a valid certificate in the system, with public and private keys in their TEE, and who have a verified and active time object, will be able to participate in the generation of blocks using the PoET algorithm.

Generation phase

Now, when the participant receives his time object and it is activated, the generation process begins. From the precise moment in which the time object "wakes up" the participant, it is enabled to generate a block. All the previous process guarantees that this participant has complied with the pre-generation rules that are:

Generate a secure certificate using RDRAND, SGX and storing it in your TEE.
Share the certificate with the network. This in order to become an active and recognized participant within the network.

As you can see, these two steps are clearly access control points, which guarantee that no one who is not recognized by the central authorities of the network can participate in it. In short, we are dealing with a consensus protocol designed specifically for private or licensed networks.

Hash generation begins

The PoET generation phase is straightforward. The active participant or block generator must only take the transactions from the network, add them to the block, generate a hash for it, and issue it to the network to be accepted. The hash used may vary depending on the implementation, but it is feasible to use SHA-256, but without the need to do a proof of work as in Bitcoin, since PoET makes this unnecessary. It is enough to generate a hash associated with the information of the block to emit said block. In short, a process that shouldn't take anywhere near 0,1 seconds.

When generating the block, it is issued to the network together with a digital certificate of the participant. In this certificate there is a list of next network block generators, thereby closing the generation process.

Pros and Cons of PoET

Pros

It is an extremely efficient and scalable consensus and block generation algorithm.
The process is perfect for applying to private blockchain networks, in fact it is aimed at controlled business spaces.
The selection and acceptance of validators ensures that the network is resistant to external and internal attacks.
The generation process is decentralized. Its generation process is decentralized. Time objects and activation guarantee everyone will have the same opportunities to generate blocks.

Contra

Extremely dependent on Intel technology. Although the algorithm is free software and can be adapted to other platforms, the changes would make these networks practically incompatible or with serious incompatibility problems.
There are attack vehicles on these networks that exploit the known vulnerabilities of Intel processors.

How much do you know, cryptonuta?

Is a blockchain using Proof of Elapsed Time (PoET) highly scalable?

TRUE!

A PoET network can scale above one million transactions per second, although with the disadvantage that it is not an open and uncensored network like Bitcoin or Ethereum.

Vulnerabilities

While PoET is a conceptually very secure consensus algorithm, the structure it uses for works has begun to falter: Intel and its processors are riddled with bugs, which are publicly known but get no fix.

While there is no bug-free hardware or software, Intel has faced serious problems in the last 10 years. Problems that have been accentuated much more recently. Cases of vulnerabilities such as Meltdown, Spectre, SGX Crack, Prime + Probe, LVI, plundervolt, Replay SGX o Enclave, have a direct impact on PoET security. In fact, they have a direct impact on the general security of our computers.

Although the vehicles and means of attack are highly complex, they are possible and any hacker or group of hackers with resources can exploit them. Governments in their eagerness to control everything, spend fortunes to get hold of these types of vulnerabilities to develop tools that allow them to spy on their citizens and other governments, even the entire world if possible. In fact, there are suspicions that RDRAND, for example, is a Trojanized or intentionally weakened instruction to facilitate espionage.

Hardware vulnerabilities are the most risky

All this group of vulnerabilities to some extent can help create tools with the ability to break crypto. For example, a weakened RDRAND statement (as Intel is suspected to be intentionally doing) would allow the random number generator to be "predictable" knowing the internal characteristics of its operation, something only Intel knows. This could open the doors for algorithms that we consider safe as BEA, ECDSA, RSA or others may be violated when run on an Intel processor, compromising our security and money. This, which may sound like science fiction to inexperienced eyes, is a reality. In fact, there is already a precedent with the case of Dual-RDBG and Sony's PlayStation console. Remember that the anti-copy cryptography of this console was broken due to a security problem of this nature.

Fortunately no cryptocurrency project like Bitcoin or Ethereum, makes use of this type of instructions. A lot less Zcash o Monero, where developers are careful to the extreme with the quality of the cryptographic implementations they use. In addition, the same development of Bitcoin questioned known cryptographic tools, such as OpenSSL, abandoning its use in favor of its own tools. One more example of the seriousness of security in the development of this cryptocurrency.

PoET use cases

HyperLedger

The most important PoET use case is the HyperLedger project, where PoET is the default algorithm for solutions using the HyperLedger Sawtooth framework (framework and software development). Sawtooth is in fact the birthplace and development of PoET.

Continue the journey in ...

What is Proof of Burn (PoB)?

Author

Jose Segura

Engineering Department Coordinator

José Segura works as a problem solver in Bit2Me's IT team, where he started as Lead Engineering Manager and currently coordinates the entire department.