Sawtooth, as well as Fabric, define themselves as authorised blockchain network technologies. The network is defined as authorised because potential participants have to identify themselves and the network itself can decide whether or not to allow them to participate. These blockchains can use a consensus algorithm called Proof of Elapsed Time (PoET) which works as follows:
- Each participant in the blockchain network must wait for a random period of time;
- The first participant who completes the waiting period becomes the leader for the new block.
In order for this to work, it is necessary to verify that the participants actually wait for a period of time in a random way and that this is generated in a range equal for all.
PoET originates from Intel and is based on a special set of CPU instructions called Intel Software Guard Extensions (SGX). SGX allows applications to run trusted code in a secure environment.
Intel SGX
The Proof of Elapsed Time is based on two key points, managed by Intel SGX:
- A specialised hardware component can create a certificate that allows the code to be considered reliable;
- The trusted code is executed in a private environment. The rest of the application cannot inspect or interfere with the private and reserved storage space.
The first point allows a network participant to demonstrate to other participants that he is executing reliable and correct code for the network. Without this function, it is not possible for the network to know if a participant is actually running the PoET correctly.
The second point ensures that a malicious participant cannot cheat by manipulating PoET’s trusted code after it has already been set.
Details of the PoET Protocol
The details of the protocol are quite complex, but it can be simplified in two main steps.
Joining the network
- A new participant downloads the program to connect to the blockchain;
- When initialised, the program creates a new key pair;
- The participant sends an SGX certificate (which includes the public key of the trusted code that is executed on SGX) to the rest of the network as part of a request to participate.
Participation in the network
- The participant gets a timer object signed by the program and waits for the time specified by the timer;
- The participant then obtains a certificate (also signed with the private key of the trustworthy code) proving that the timer has finished and forwards it to the rest of the network;
- The network measures how often a given participant becomes a leader in order to detect participants with a possible compromised SGX system.
Potentially, this system is a much more energy-efficient approach than other consensus algorithms such as Proof of Work.
