Algorand ICO Review

Algorand ICO Review – A New Blockchain With a “Fast and Furious” Byzantine Agreement Protocol for Consensus

Algorand is a new cryptocurrency utilizing a “Byzantine Agreement on Steroids” consensus protocol that proposes a solution for blockchain scalability, long transaction confirmation times, and the high energy consumption with Proof-of-Work (PoW) blockchains.

Problem

Satoshi Nakamoto’s creation of Bitcoin introduced a revolutionary innovation into the world with a common trustless distributed public ledger.

The Proof-of-Work (PoW) consensus mechanism used to secure the public ledger and blockchain however faces several limitations:

  • Scalability issues – Bitcoin can only process roughly 7 transactions per second
  • Long transaction confirmation times of up to an hour (6 blocks) due to forks present in PoW blockchains
  • Securing the network is resource and computationally intensive with miners performing computations non-stop
  • Centralization of power in several mining pools due to the hardware, storage, and energy costs required for mining

Algorand seeks to solve the above limitations by providing an alternative consensus method for trustless distributed public ledgers allowing for wider mainstream adoption of cryptocurrencies, longer-term sustainability and security, and a greater degree of decentralization.


Solution

Algorand proposes a solution to the limitations imposed by PoW consensus blockchains by combining a revamped Byzantine Agreement protocol (BA*) with a cryptographic algorithm known as “Cryptographic Sortition”.

A test prototype of Algorand has demonstrated Algorand’s capability to perform with:

  • 125x the transaction throughput of Bitcoin whilst scaling well to 500,000 users
  • Transaction confirmation times within a minute and a significantly small probability of forks
  • Trivial computations that require a few seconds of computation and do not require extensive computing power, miners, or proof of work to be done
  • Security against strong adversaries in the network

Main Features & Tech Overview

The major challenge trustless distributed public ledgers face is having a consensus mechanism where users can agree and come to a consensus on what transactions are to be included and added into the next block of the blockchain.

At the same time, this consensus mechanism must ensure the safety and security of the network so that double spend attacks and fake transactions aren’t possible so there is a sense of trust, integrity, and confidence in the network.

If you prefer video, I cover the tech and features in this video review of Algorand:

Participants in the Algorand Network

The users in Algorand’s network are the people who hold Algorand’s token. These users fulfill three roles in the network in order to reach consensus and ensure the security of the network:

  1. Block Proposer – block proposers collect pending transactions in the network and create a new block with them, which is then “gossiped” out to other users in the network.
  2. Verifiers – verifiers receive proposed blocks from block proposers and verify their legitimacy by ensuring there are no fake transactions or attempts to double spend
  3. Observers – observers in the network observe messages (i.e. transactions and blocks) sent around the network to know which blocks have been agreed upon

Now that we know the role users play in the Algorand network….

How do these people actually get selected?

This is where “cryptographic sortition” comes in.

In the past sortition was the practice of randomly selecting officials from a large set of eligible individuals. This practice was used for centuries in the republics of Athens, Florence, and Venice.

A modern day example of “sortition” is the random selection of people that form a jury to trial court cases. The cryptographic in cryptographic sortition comes from the fact that the sortition (or random selection) of Algorand users is done using cryptographic algorithms.

The block proposer and verifier roles are the only selections made by the Algorand network, if a user is not assigned either role they automatically take up the role of an observer.

How Cryptographic Sortition Works

Random selection of roles in Algorand is done based on weighted possibilities using cryptographic sortition.

Weighted possibilities are calculated by dividing the amount of Algorand tokens a user holds by the total supply of Algorand tokens in the network, hence the probability of a user being chosen is proportional to the amount of money they own in the system.

You can consider cryptographic sortition like a lottery. If you hold more Algorand tokens – or if you buy more lottery tickets – your chances being chosen (or winning the lottery) increases.

Algorand uses a redesigned Byzantine Agreement protocol that has been named BA* for consensus.

In the BA* protocol multiple rounds are played with each round ending when consensus is reached on the next block to be added onto the blockchain. Each round of the BA* protocol includes multiple steps leading into the final step that concludes the round once a consensus agreement is reached.

The BA* Protocol in Combination with Cryptographic Sortition

The first step of each round in the BA* protocol consists of selecting users to fulfill a role with cryptographic sortition.

All users then perform a simple “Verifiable Random Function” (VRF) computation using their unique private keys to determine whether they’ve been selected, and if so, what role they will be playing in the upcoming step. After computing the VRF, users can instantly tell whether they’ve been selected or not.

“Will You Block Me?”

As a reminder, block proposers in Algorand collect pending transactions that are gossiped throughout the network to create the next block. Then they send this block out to other users, thus proposing the block to the network however before it is confirmed verifiers have to verify the legitimacy of the proposed block.

“YES!!! Of course I will block you… Or will I?”

The first step of every round in BA* consists of selecting the block proposers. Instead of just one block proposer, multiple block proposers are chosen to ensure liveness and that a block gets proposed so the BA* protocol can proceed on to the next step.

In Algorand’s technical paper they prove that selecting at least 26 proposers each round ensures a block gets proposed with a significantly high probability.

If 26 proposers are chosen, in order to minimize unnecessary block transmissions, each proposer is also given a priority rank such that the highest ranked proposer becomes the leader of all chosen block proposers.

When verifiers receive proposed blocks, they only have to store and record blocks they have received from the highest ranked proposers.

For example, if a verifier receives a block from the 5th ranked proposer, if any other blocks proposed comes from a proposer ranked 6 to 26 these blocks are disregarded. If a block proposed by the 2nd ranked proposer is received however, the verifier acknowledges this block and discards the 5th ranked proposer’s block.

(Block proposers receiving and sending transactions by gossiping to the network)

Block Verifiers

Once the first step concludes after the highest ranked block is propagated throughout the network, the next step begins.

This second step begins again with cryptographic sortition with the selection of a committee of verifiers who will cast a vote on the hash of a proposed block.

When a threshold number of votes is met for the hash of the proposed block (presumably this would be the highest ranked block assuming the proposer was honest), this concludes the second step and kicks off the third step.

In the third step a new committee of verifiers are selected who cast a vote again however this time they can only vote for (1) the hash of the proposed block that passed the threshold vote or (2) on the hash of an empty block. If the threshold amount of votes is reached for the hash of the proposed block, this leads us into the fourth and final step.

This last step includes selecting the final committee of verifiers, which is larger in size than any of the previous steps, where verifiers again cast a vote for either the hash of an empty block or the hash of the proposed block that passed the threshold amount of votes required in previous steps.

When final consensus has been met once a threshold level of votes is reached, the block gets added onto the blockchain thus concluding the round and initiating a new one for the next block to be added.

How the Fast and Furious BA* Protocol Works Granted the Majority of Users are Honest:

  1. New round starts and the first step is selecting block proposers who then gossip out a new block to other users in the network.
  2. Second step begins and a committee of verifiers is selected. This committee casts a vote on the hash of the highest ranked block they have received after verifying the legitimacy of the block
  3. Third step starts and a different committee of verifiers is selected. This new committee casts a vote on either (1) the hash of the proposed block that has passed the threshold amount of votes, otherwise they vote on (2) the hash of an empty block if the proposed block is invalid.
  4. Fourth and final step, a new committee of verifiers is selected much larger in size than the previous two committees and once again vote on either (1) the hash of the proposed block or (2) the hash of an empty block. As all users are acting honestly, they vote on the hash of the proposed block, which means final consensus has been met and the block is added to the blockchain.

Final Note

This is a simplistic overview of how Algorand works given that the majority of users are honest. For further details such as additional steps that are taken in the face of adversaries, please refer to Algorand’s white paper and theoretical paper.

Testing Algorand

A prototype for Algorand was implemented in C++ with roughly 5,000 lines of code using 1,000 Amazon EC2 virtual machines.

The prototype demonstrated Algorand’s ability to:

  1. Confirm 1MB block transactions within ~22 seconds for up to 50,000 users
  2. Scalability to 500,000 users with near consistent latency
    (NB: the latency in Figure 6 is 4x higher than Figure 5 above due to a bottleneck on bandwidth during testing.)
  3. Vastly improved transaction throughput of up to 10 MB block sizes equating to ~750 MB of transactions processed per hour, which is 125x greater than Bitcoin’s 6 MB of transactions per hour.
  4. Safety of the network and minimal negative impact when 20% of users in Algorand are malicious.

Roadmap

From the FAQ section from Algorand’s website:

Q: “What are the hashes in the Algorand roadmap?”

A: Algorand is deeply committed to continuous innovation. The hashes are committments to selected new innovations the Algorand team will unveil and deploy in the future. Hashes are computed as follows: SHA256(SHA256(msg) || SHA256(none)).

Algorand’s roadmap has been hashed and their plans moving forward are unclear.

They have stated their main priority at the moment is Algorand’s test network – we presume after this they will begin to look at implementing smart contract capability into the network, and then push forward to a mainnet.


Token Economics

Algorand’s token economics have not been released. This section will be updated once further information is available.


Potential Considerations

Algorand offers a potential solution to several problems faced in PoW blockchains, however Algorand is likely to face several challenges of their own.

Honest Majority of Users Assumption

The primary assumption made under Byzantine Agreement protocols in order to reach consensus is that the majority of users (two-thirds) must be honest, or in another way, no more than one third (33.3%) of users in the network can act maliciously.

If a group or sole adversary controls more than a third of Algorand’s money supply the security of the network would be in jeopardy.

Algorand founder Silvio Micali posits this as a fair assumption to make because if the majority of people in society didn’t act honestly, there would be no such thing as a “society”.

However because the majority of us do choose to abide by the rules and laws set out in society we function and co-exist harmoniously – for the most part – and society is not in a state of chaos and anarchy.

Algorand is likely to be most vulnerable and susceptible to such an attack shortly after mainnet is launched. This would be the most opportune time for a malicious party or entity to accrue Algorand tokens as the tokens would likely be the at the lowest available prices granted Algorand’s tokens appreciate over time.

For this reason, we envision Algorand will hold a sizable chunk of their tokens in a Foundation account allowing the network to mature so that the network will face less risk of such an attack as the value of the network appreciates. It is also possible that early investors and partners may be subject to lock ups to ensure tokens remain in the hands of honest users.

Disincentivizing and Incentivizing Users

Algorand has not expressed any intention toward implementing penalties or negative consequences for users who act maliciously in the network.

As all users are required to participate in the Algorand network, it’s likely incentives will be introduced to encourage participation in the network from all users.

If there are no incentives, users may forego participation thus resulting in a lesser amount of honest users in the network diminishing the safety and security of transactions.

Designing an appropriate incentive mechanism in conjunction with the BA* protocol will be a challenging feat. The chosen reward mechanism must ensure honest users are not encouraged to act dishonestly in order to secure rewards whilst at the same time still incentivizes them enough to participate in the Algorand network..


Potential Barriers to Entry for Participating

If users choose to participate it is possible they may face several barriers to entry barring them from doing so, this is especially true as Algorand’s network grows over time.

We have identified three potential barriers to entry:

  1. Compute power and hardware requirement
  2. Internet speed and bandwidth
  3. Storage capacity

1) Compute power and hardware requirement

The Amazon EC2 virtual machines (VM) used in the prototype each had 8 cores with up to 1 Gbps network throughput, this network throughput was capped to 20 Mbps to simulate commercial internet speeds.

When each of the 1,000 VMs were hosting 50 users representing a total of 50,000 users in the test network, CPU usage on the 8-core VMs measured in at roughly 40%, meaning each Algorand “user” consumed roughly 6.5% of core computing power.

This is not computationally intensive however it is likely that computing power could significantly increase if larger amounts of users and transactions are made throughout the network.

Moreover, a more obvious barrier to entry here is that a laptop or CPU is possibly required to be able to participate in the network.  If a user only has a smartphone or tablet it is unclear whether these devices would have sufficient computing power to participate in Algorand’s network.

2) Internet Speed and Bandwidth

When the Algorand prototype was tested with 1MB block sizes and 50,000 users, it was calculated each user used about 10 Mbit/sec in terms of bandwidth.

Future users of Algorand may have significantly slower internet speeds barring them from keeping up with the speed that transactions are occurring in the network. Users with slow internet speeds may not be able to participate or if they do, they may potentially slow down overall latency and confirmation times.

At the biggest block size of 10 MB, Algorand committed about 750 MB of transactions per hour. Assuming Algorand operates at this level, this equates to 18 GB of transactions processed in a day and 126 GB in the span of a week.

Users with limited internet bandwidth plans would be discouraged from participating in the network if the amount of transactions processed and downloaded reach these staggering heights.

3) Storage capacity

Due to Algorand’s high throughput of transactions and increased block sizes it is possible users could be barred from joining or participating in the network due to storage constraints.

With great amounts of transactions being processed at shorter intervals, the storage required for block certificates can easily reach levels that would limit users from participating in the network because of limited storage capacity on their hard drives.

Could Algorand Face the Risk of Centralization?

Even though Algorand proposes a solution to many limitations faced by PoW blockchains, it is possible Algorand may still suffer from a certain degree of centralization in the future due to the constraints listed above.


Team + Advisors

Research & Development

Prof. Silvio Micali – Founder

  • Laurea in Mathematics from University of Rome, PhD in Computer Science from University of California, Berkeley
  • MIT Professor for MIT’s Computer Science and Artificial Intelligence Laboratory since 1983
  • Co-inventor of zero-knowledge proofs with over 50 patents
  • Previously Co-Founded Peppercoin (micropayments startup) and Corestreet (software for authorizing and validating transactions) both of which were acquired
  • Recipient of the Turing Award (the Nobel Prize in Computer Science) for his advances in cryptography, Goedel Prize (in theoretical computer science) and the RSA prize (in cryptography)

Naveed Ihsanullah – Head of Engineering

  • Previously Senior Engineering Manager at Mozilla where he designed and led the Quantum Flow Program doubling the performance of Firefox within a year
  • Lead the adoption of WebAssembly, SIMD.js, Shared Array Buffer, and Binary AST for JS (BinjS) across all browser platforms to improve the performance of native applications
  • Ex-Principal Engineer of Bit9 (now Carbon Black)
  • Consultant to Fortune 500 companies including Boeing Jeppesen

Prof. Nickolai Zeldovich

  • Associate Professor of Electrical Engineering and Computer Science at MIT
  • Prof. Zeldovich’s work has been recognized by best paper awards at the ACM SOSP conference, ACM SIGOPS Mark Weiser award (2017), and MIT EECS Faculty Research Innovation Fellowship (2018) and more
  • Recent projects include CryptDB encrypted database, STACK tool for finding undefined behavior bugs in C programs, and Vuvuzela private messaging system
  • Involved in several startup companies including MokaFive (desktop virtualization), PreVeil (end-to-end encryption) and now Algorand

Jing Chen

  • Assistant Professor in Computer Science and Economics Department at Stony Brook University, Affiliated Member of the Stony Brook Center for Game Theory
  • Ph.D. in Computer Science from MIT with Masters and Bachelor of Engineering in Computer Science from Tsinghua University, China
  • Main research interests include distributed ledgers, incentive mechanisms, computational game theory, and algorithms

Sergey Gorbunov

  • PHD dissertation on building advanced cryptographic protocols received the Sprowls Doctoral Thesis Prize for best PHD thesis in Computer Science at MIT
  • Previously Assistant Professor at the University of Waterloo
  • Founder and CTO of Stealthmine

Georgios Vlachos

  • Masters Engineering in Computer Science from MIT (2017)

Derek Leung

  • Master of Science in Electrical Engineering and Computer Science from MIT
  • Wrote thesis on Vault (scalable cryptocurrency storage scheme) and helped develop Stadium (scalable metadata-private messaging system)

Adam Suhl

  • Bachelor of Science in Mathematics from MIT
  • Led numerous seminars on PGP and built a proof-of-concept blind signature Bitcoin tumbling service

The governance board includes:

Jamie Goldstein – Founder and Partner of Pillar

Albert Wenger – Managing Partner of Union Square Ventures

Steven KokinosCo-founder and Executive Chairman of Fuze

Economic Advisors

Andrew Lo

  • Professor of MIT’s Sloan School of Management and Director of Laboratory for Financial Engineering
  • Research Associate of the National Bureau of Economic Research, member of OFR Financial Research Advisory Committee, New York Federal Reserve Board’s Financial Advisory Roundtable, and FINRA’s Economic Advisory Committee

Christian Catalini

  • Theodore T. Miller Career Development Professor at MIT, and an Assistant Professor of Technological Innovation, Entrepreneurship, and Strategic Management at the MIT Sloan School of Management
  • Research focuses on blockchain technology and cryptocurrencies, the economics of equity crowdfunding and startup growth, and the economics of scientific collaboration

Kenneth Rogoff

  • Professor at Harvard University who served as Chief Economist at the International Monetary Fund from 2001 to 2003
  • Co-author of This Time is Different: Eight Centuries of Financial Folly and Foundations of International Macroeconomics
  • Among the top ten RePEc’s ranking of economists by scholarly citations

Shafi Goldwasser

  • RSA Professor of Electrical Engineering and Computer Science at MIT
  • Co-Leader of MIT’s Cryptography and Information Security Group
  • Expert in cryptography and complexity theory with awards including the Turing Award, Godel Prize, and Franklin Medal

Costantinos Daskalakis

  • Associate Professor of Electrical Engineering and Computer Science, MIT
  • Expert in Algorithms, game theory, learning, and statistics
  • Awards include the 2008 ACM Doctoral Dissertation Award and Game Theory and Computer Science Prize from the Game Theory Society

Vinod Vaikuntanathan

  • Associate Professor of Electrical Engineering and Computer Science, MIT
  • Co-Leader of MIT’s Cryptography and Information Security Group
  • Cryptography expert with awards including George M. Sprowls Award for best Ph.D. thesis in Computer Science, Alfred P. Sloan Fellowship, and Microsoft Fellowship

Maurice Herlihy

  • Professor of Computer Science, Brown University
  • Distributed Computation expert with awards including Dijkstra Prize in Distributed Computing, Godel Prize in theoretical computer science and more

Alessandro Chiesa

  • Expert in cryptography and faculty member of Computer Science at UC Berkeley
  • Co-inventor of Zerocash protocol and an author of libsnark (leading open-source library for succinct zero knowledge proofs)
  • Research includes areas of complexity theory, cryptography and security, and the theoretical foundations and practical implementations of zero knowledge proofs

Joseph Bonneau

  • Assistant Professor of Computer Science, New York University
  • Expert in cryptography with research interests in side-channel cryptanalysis, protocol verification, and privacy in social networks

Jill Carlson

  • Former Lead Business Development for Tezos Foundation and academic blockchain researcher at the University of Oxford
  • Former Strategy Lead for Chain (enterprise blockchain software company that worked with Nasdaq and the IMF) and previous bond and derivatives trader at Goldman Sachs

Partners

TodaCorp

TodaCorp and Algorand formed the joint venture Toda-Algorand Corporation in July 2017.

This joint venture combines Algorand’s distributed ledger technology with TodaCorp’s on-chain ledgerless protocol to offer an integrated, off the shelf-package for those seeking to implement scalable and decentralized blockchain technology in governments, businesses, or other blockchains and cryptocurrencies.

Investors

Pillar and Union Square Ventures have invested $4 million in Algorand’s seed funding round. The investment was a stock investment with an option to convert equity into tokens in the future.

Additional Resources:


Potential Questions for the Team

  • Any intention to incorporate Privacy/anonymity into the network? (Founder is co-inventor of zero knowledge proofs)
  • Smart contract platform/capability? Coding language? [EVM or build from scratch?]
  • Do at least 95% of users need to be connected often to ensure safety/security? (What happens if the strong synchrony assumption does not hold up?)
  • If owners of Algorand tokens don’t participate in the network, does this technically mean the % of money supply a malicious user required to launch an attack on the network falls below 33%, so if 10% of honest users NEVER participate in the protocol, does it mean malicious users only need 30% of the total money supply?
  • How big are blocks, or estimated blocks? Is it possible in the future if Algorand is adopted as a primary currency with thousands, millions, or billions of transactions a day or week the size of blocks would then centralize power to data centres/pools that can house the amount of data required
  • How is the probability of forks reduced to such a small number/percentage? Was this probabily selected or is it mathematically proven?

Leave a Comment