Pell Chain Intro
Pell Chain is a Proof of Stake (PoS) blockchain built on the Cosmos SDK and Tendermint PBFT consensus engine. This architecture provides Pell Chain with a fast block time of approximately 5 seconds and instant finality, meaning that no block confirmations are needed, and no reorganization is allowed. The Tendermint PBFT consensus engine has demonstrated scalability to around 300 nodes in production, with the potential to increase to over 1000 nodes in the future through upgrades incorporating BLS threshold signatures.
Under ideal network conditions, the Tendermint consensus engine used by Pell Chain can achieve transaction throughput of over 4000 transactions per second (TPS). However, it's important to note that cross-chain TPS may not reach these levels due to limitations such as external chain latency, TSS key-sign throughput, and the speed of external node RPCs, among other factors.
The architecture of Pell Chain consists of a distributed network of nodes, commonly referred to as validators. These validators function as decentralized observers, reaching consensus on relevant external states and events and updating external chain states through distributed key signing. Pell Chain accomplishes these functions in a decentralized, trustless, permissionless, transparent, and efficient manner.
Each validator within the network comprises two key components: Pell-Core and Pell-Client. Pell-Core is responsible for producing the blockchain and maintaining the replicated state machine, while Pell-Client handles observing events on external chains and signing outbound transactions. These components are bundled together and operated by node operators. Anyone with sufficient staked bonds can become a node operator and participate in the validation process.
Validators
Pell Chain utilizes the Tendermint consensus protocol, which is a partially synchronous Byzantine Fault Tolerant (BFT) consensus algorithm. In this system, each validator node votes on block proposals, with voting power proportional to the amount of staked coins ($PELL) they have bonded. Validators are identified by their consensus public key and are required to be online continuously, ready to participate in the ongoing block production process.
In exchange for their services, validators receive block rewards, along with potentially other forms of compensation such as gas fees or processing fees, all proportional to the amount of staking coins they have bonded. This incentivizes validators to maintain their network presence and contribute to the security and efficiency of the Pell Chain.
Observers
Another set of crucial participants in the Pell Chain consensus process are the observers, who are responsible for reaching consensus on external chain events and states. These observers monitor externally connected chains for specific transactions, events, or states at particular addresses through their full nodes of these external chains.
Observers are divided into two primary roles: sequencer and verifier.
Sequencer: The sequencer's role is to discover relevant external transactions, events, or states and report them to the verifiers. The system requires at least one sequencer to function properly.
Verifier: Verifiers are responsible for verifying the information provided by the sequencers and voting on Pell Network to reach consensus. The system relies on multiple verifiers to ensure accuracy and trustworthiness.
Importantly, the sequencer does not need to be inherently trusted, but the system requires at least one honest sequencer to maintain liveness and ensure that relevant external events are accurately detected and reported. This division of roles between sequencers and verifiers helps ensure the integrity and reliability of the Pell Chain's consensus on external chain events.
Dynamic Hidden Committee and Signer
The Dynamic Hidden Committee (DHC) plays a crucial role in Pell Chain, ensuring the security of payment channels. It consists of multiple verification nodes within the Pell Chain, represented by the nodes connected with red, blue, and green edges. The DHC operates by hiding node identities and rotating nodes periodically. Additionally, two committees can establish a bidirectional payment channel.
The DHC is a core component in Pell Chain, enabling it to achieve a security level on par with or even exceeding that of Bitcoin. Each committee manages the private keys for specific blockchains, including Bitcoin, to verify messaging security.
The unique Ring VRF election algorithm is introduced to ensure the privacy and randomness of the committee members' identities. All committee operations occur within a Trusted Execution Environment (TEE), maintaining the confidentiality and integrity of the system.
Key technical aspects include:
The network comprises several TEE nodes, from which a random selection of nodes forms the DHC, with a fault-tolerant threshold (default is 9 out of 15).
TEE nodes are unaware of their committee assignment or the identities of other members within the same committee, preventing collusion and targeted attacks. This is facilitated by the Ring VRF algorithm.
The Ring VRF algorithm, based on Zero-Knowledge Proof (ZKP) and Verifiable Random Function (VRF), elects committee members, with each committee generating a virtual key and a collective account address using Multi-Party Computation (MPC).
If any TEE nodes go offline or crash, new nodes are introduced, and key shares are regenerated via a key handover protocol.
Even if all nodes within a committee are operational, the system periodically reselects nodes to maintain the original committee, enhancing security.
TEE nodes store key shares and execute core codes, including Ring VRF, MPC, and other essential peripheral programs.
In essence, the DHC mechanism in Pell Chain creates an impenetrable "black box." As long as Pell Chain remains secure, each dynamic hidden member is secure. To successfully attack the system, an attacker would need to control the majority of nodes in Pell Chain. However, due to the immutability of programs within the TEE, attackers could only cause network downtime without seizing assets within the network.
In practice, all the roles mentioned above (except for the sequencer) are typically collocated within the same computer node. This means that these roles share the same software and credentials, such as validator keys, bonded stakes, and the associated rewards or slashing penalties.