There’s a lot of hype around blockchain technologies at the moment, especially in the ongoing cryptocurrency initial coin offering (ICO) bubble. But that hype gets in the way of technologies that can help businesses manage assets and collaborate where trust is an issue. The underlying shared-ledger model that powers the blockchain is a powerful tool, and one that has a lot of potential.
So it’s not surprising to see Microsoft look at ways of building blockchain technologies into its Azure platform, first with Project Bletchley, and now with its Coco Framework.
Intended to support enterprise blockchains, the Coco Framework is designed to be used in private. That gives it a performance advantage over public cryptocurrency blockchains and services, because they use large amounts of compute power to run a massive, scalable, and above all transparent network. In a public network, transactions require significant “proof of work” to be considered legitimate, making them slow and hard to use in many business scenarios.
Coco is not a blockchain but a set of foundations
The Coco Framework isn’t a blockchain protocol. It’s a way of building a collection of trusted nodes, with tools for ensuring consensus between them and for managing confidentiality. Once you have this in place, you can bring in an existing blockchain protocol to set up and manage your distributed ledger.
Microsoft has already tested Coco with the Ethereum platform for blockchain-facilitated contracts, and it suggests that other tools, like Quorum and Corda, should also be compatible. It’s perhaps best to think of Coco as a layer between secure computing technologies and the blockchain.
Microsoft’s Azure CTO, Mark Russinovich, says at the moment blockchain is not ready for the enterprise beyond using cryptocurrencies. “As opposed to public ledgers and bitcoin, enterprises want to use blockchain in a consortium environment, where there are multiple parties, different organizations, or different groups in the same organization that want to get rid of the friction of a centralized ledger. … A blockchain’s distributed ledger gives them an opportunity to get rid of the middleman and have full transparency about the interactions between different organizations.”
At the heart of the Coco Framework is the idea of a consortium, a group of entities that might be individuals or companies, or even applications or services. Instead of an open public network, it’s closed and private, more akin to the EDI systems used to link companies with suppliers than the public internet. It wouldn’t be hard to see an EDI tool for, say a shipload of containers, running on Coco: Everyone with goods on the ship could see where the ship was, monitor the status of their containers, and share bills of lading and other key documentation needed for customs processes.
TEEing up security in Coco
Where Coco differs from other blockchain implementations is its support for trusted execution environments (TEEs), building on the security technologies built into the processors used in Azure’s infrastructure and on the secure virtual machines that host the elements of a Coco application.
The use of secure enclaves (the same technology used by Apple in iPhones and iPads for its Touch ID security) “avoids some of the issues associated with existing blockchain implementations, allowing the members of a Coco consortium to agree on both a constitution for the consortium (defined in code) and on the version of the code that’s being run, Russinovich notes.
With a TEE, the code can’t be modified without the rest of the consortium seeing that it’s been tampered with, because one TEE can validate the software running on another. The same technologies also ensure that communications between TEEs are secure and can’t be eavesdropped on from outside a TEE.
Once a transaction is made in a Coco Framework application, it’s broadcast to all the nodes in a consortium and then used to update the blockchain ledger. Because each node trusts the rest of the network, consensus can be reached without having to check for malicious transactions or for conflicts with the ledger.
Coco makes blockchains secure, private, and fast
The result is a network that’s secure and private, where there’s no need for complex, computationally expensive “proof of work” calculations. Plus, your network updates itself with familiar distributed computing quorum rules.
The result is a blockchain that runs at distributed-database speeds. Without those expensive calculations, it also doesn’t need the power-hungry custom hardware used by Bitcoin and other cryptocurrencies – which currently use the energy that would power more than 1.3 million US households.
Beyond its exploration of Coco for enterprise-oriented blockchain-style use, Microsoft has been experimenting with the Coco Framework to host existing blockchain implementations, like Ethereum. In the public Ethereum network, transactions are processed at a rate of around 20 per second, with a latency of 10 to 20 seconds. Running the same code on Coco Framework TEEs, the processing rate jumps to 1,500 transactions per second, with a latency of 100 to 200 milliseconds. It’s a lot faster, offering nearly the 2,000 transactions per second handled by Visa’s credit card network.
A blockchain running at database speeds is a game-changer, especially when linked to modern thinking around handling consistency in distributed systems. Many of the complexities of working with the cloud at scale are consistency problems. By building a trusted network between trusted nodes in the cloud using a blockchain, you can treat the blockchain as the root of trust for your applications, knowing that it will be as up to date as possible—and that even if you can’t see the latest transactions in the network, you can trust that they will appear once and once only, and that they will be in order.
Coco enables a blockchain for the business world
The Coco Framework can also work with software from outside the blockchain, so if you’re using it to handle smart contracts (like those in Ethereum), you can validate the contract against external data. Perhaps you’re using a smart contract to buy and sell currencies, selling when the rate drops outside a specific band. Connecting your Coco application to a trusted source of rates can automate the smart contract, triggering transactions outside the Coco Framework while recording them in its private blockchain.
Much of what’s in the Coco Framework is independent of Microsoft technologies, and it’s easy to see it running on Amazon Web Services or on private servers. But Russinovich suggests that it’ll find a natural home on Azure’s global cloud: “I can imagine a consortium network formed completely on top of Azure, with member nodes operated by independent parties around world, where they happen to get low latency access to member nodes through the Azure backbone.”
Microsoft is doing more than imagining such a reality: “We’re working right now on a project to more deeply integrate with our infrastructure services like key vault and using Azure monitoring for full lifecycle management of nodes in Azure,” Russinovich says, “It might even going to almost serverless approach to smart contracts where customers simply write a smart contact and submit through a portal to a ledger and underneath the hood magic happens to submit that transaction to the network, authenticating with Azure credentials.”
We’ll learn more in 2018, when Microsoft releases the Coco Framework on GitHub as an open source project.