Bernhard Scholz is the Chief Research Officer at the Fantom Foundation. He specialises in programming languages and his research focuses on smart-contract execution, security and performance.
Juan Angel is the Head of Marketing at the Fantom Foundation and in EP2 on their Vertical Blocks podcast he dives into the technical road map for Fantom with Prof Scholz.
Background on Bernhard Scholz :
Interested in computers from an early age and got his first computer in 1992
Learned to program in Basic
Studied computer science at the Technical University of Vienna
Co-Founded Sun Micro systems Labs in Brisbane:
Worked on identification of security bugs in system software
Solaris operating system was open-sourced, thus there was a threat of attacks so Sun Micro systems came up with a tool called Buffet
Company acquired by Oracle and Buffet still widely used among engineers to harden C/C++ code
Set up the programming language called Soufflé
Bernhard’s interest in Blockchain
To guarantee the survival of the programming language Soufflé he needed to find as many applications for it as possible
His students in 2016 and 2017 became very interested in blockchains
They discovered big issues with how to phrase and write security analysis for smart contracts
Started to work with decompilation technology and finding ways how to convert EVM byte code to something more machine comprehensible
This led to de compilers entirely written in Soufflé
How Solidity works and what Watchdog solves
Solidity needs an execution environment
Java an example of how this works - first there is a compiler which takes the Java program and translates it to Java byte code, then there is the Java virtual machine which executes the byte code
Blockchain setup is very similar - Solidity is first put through Solidity compiler that generates byte code (not a java byte code), it’s like an abstract machine (Ethereum Virtual Machine), then the Solidity program is executed on the blockchain
Sometimes these processes are so complex that the task of ensuring their correctness requires mechanical help
This leads to security analysis and Watchdog
Watchdog takes the byte code of Solidity (EVM), translates to something more comprehensible for a machine, performs complex analysis
Aim is to understand whether the program is doing what it’s supposed to do
Exploit Potential in Blockchains
The analysis of the correctness needs to be done on all levels
The Solidity compiler has no notions of correctness proofs - there potentially could be bugs in the compiler that translate to security vulnerabilities of the blockchain
By analysing EVM byte code more bugs can potentially be exposed by using Watchdog
The Fantom Virtual Machine
Seeking greater performance
Performance in this case is not only the number of transactions executed daily but also latency (how quickly a transaction can be settled on the ledger)
EVM was invented without having a large number of transactions on the blockchain, they couldn’t design virtual machine based on historical data
Fantom offers the advantage of very precise analysis leading to optimised design decisions for the EVM therefore allowing Fantom to scale
The current technology delivers a fraction of Visa or Mastercard’s number of transactions per day
Optimising blockchain
90% of the time only 10% of the code is executed (most of the time programs are iterating loops)
Performance analysis (profiling) was done in the last few months - looking carefully at what the programs are doing on the blockchain
Discovered that smart contracts execute the instructions only once - there are no loop constructs
This makes the classic optimisation techniques learned in the last few decades irrelevant
However, some smart contracts are executed again and again (e.g. swaps)
Security of system components
The holy grail of security is verification which is very expensive to achieve
An army of PhD students and professors is needed
Blockchains requires lots of proofs - proving the correctness of applications, proving the compilers, proving the runtime environment
Some partial proofs have been attempted but we don’t have it for the complete system
Full proofs gives us higher trust in the functionality of the system components running the blockchains
How validators work on Fantom
Fantom’s network consist of nodes replicating a ledger
Lachesis tries to keep the ledger consistent among these nodes, it’s done via asynchronous consensus protocol
Ethereum relies on miners solving a “puzzle” while Fantom relies on voting
Validators start voting on the consistency of the ledger and they have money attached to it (stake) earning them rewards
Issue is that the ledger is a database and it needs to be fast, much better storage techniques are needed for executing transactions
Empirical Research
Bernhard trusts only observations
The performance behaviour of the client software on the whole blockchain must be understood
Performance bottlenecks can be seen through these observations
Storage will be a hot topic in their research team
looking into execution behaviour of smart contracts
Stress testing the system, identifying the bottlenecks, crystallising the research questions, attacking these research questions and then handing them over to the development team
Assumptions on Scalability
Through profiling they had some revelations related to the performance behaviour of Fantom’s specific smart contract
Storage is a big issue, the 90-10 rule doesn’t hold for Fantom’s applications - need to focus on these aspects in the months to come
Solving problems using a scientific approach
First is the analysis, then identify the problems, from that synthesise a solution
Scarce resources need to be used wisely at Fantom
Building technical team to attack problems
Looking for academically trained people, with higher degrees that understand the scientific approach and are used to writing papers, with industrial research lab experience
Wasuwee Sodsong, PhD - used to work for SAP research in databases
Herbert Jordan, PhD - from Google, has extensive experience in industrial research labs, used to work as a research assistant at Oracle Labs
Bernhard and Jordan set up the Soufflé compiler
Kamil Jezek, PhD - Bernhard’s postdoc in Sydney, expertise in blockchain
Fantom has a perfect team for the performance but need to expand on the security front
Finance lessons related to staking
Bernhard has some experience in finance optimising portfolios
Currently working on a paper on optimising staking strategy by using compound interest