At DevCon in 2015, I announced support for Ethereum on Microsoft Azure. It was a humble beginning consisting of a private Ethereum network and a corresponding “Hello World” smart contract. Now in 2018, Azure supports all the major blockchain platforms and can deploy a wide variety of network configurations from a lab environment to more sophisticated consortium networks targeted at production workloads.
Since that time, we have engaged with hundreds of customers across every industry and every corner of the world. We have learned a lot about what business scenarios are viable and what it truly takes to deliver an end to end blockchain solution.
A key learning has been what it takes to build and establish blockchain networks. We strive to improve the overall lifecycle of these networks with better management capabilities, governance frameworks, and integrations with the cloud services needed to build dapps. One of the most impactful observations we have shared with the broader community is a requirement for untrusted networks to support robust applications with multiple participants using varying trust model’s privacy for its participants and potentially outcomes.
The previous statement might seem simple at first, but it’s quite complex if you examine some of the aspects like robust, multiple participants, different trust model, and privacy. Using blockchain technology alone will not address these requirements.
I have previously written extensively on the need for trusted “off-chain” compute in my prior posts about Cryptlets and Enterprise Smart Contracts (ESC). These posts highlighted the use of Trusted Execution Environments (TEEs), or enclaves, to enable multi-party cryptography as well as attested computation that can be implemented natively with blockchains. But we have also found that the use of enclaves can enhance, optimize, and make more robust areas in a blockchain application stack.
For example, the Confidential Consortium Blockchain Framework uses enclaves to optimize the network or data layer. A blockchain node that uses the framework has a strong governance, privacy, and performance framework using enclaves at its base. Additionally, we’re exploring how enclaves can be used to optimize application logic for multi-participant contracts and applications.
As an active participant in the EEA Trusted Compute working group, which this week will release the V.5 of the Trusted Compute Specification, we will continue to explore, collaborate, and share techniques for advancing distributed multi-party applications and including them in our platform in an open way. Along those lines…
At DevCon4 we are pleased to release the Enclave-ready EVM (eEVM)
At DevCon4 in 2018, we are pleased to release an enclave ready Ethereum Virtual Machine. Specifically, this release:
- Is a C++ implementation of the EVM that can run within a TEE/enclave which has no operating system dependencies and can “run out-of-the-box” in an enclave.
- Is “gas-less”, i.e., it does not compute gas during contract execution.
- Supports the Homestead EVM opcodes.
- Executes existing EVM bytecode.
- Strictly decouples from storage and the replication engine/blockchain.
- Could execute in an enclave on the node or off-chain.
Released under MIT License.
This EVM is NOT:
- A new blockchain.
- A supported product offering.
- Intended to compete with any implementation.
This contribution demonstrates how TEEs like Intel® SGX technology can enhance the EVM with confidentiality. We expect that this codebase will be used as a starting point in projects across the ecosystem to have TEE-enabled EVM contract logic work on any blockchain or in off-chain compute scenarios. We will continue to share and contribute with the EEA Trusted Compute workgroup to include the capabilities into the open specification and API.
We believe that the eEVM can be complementary and integrate with existing projects like Sawtooth and Burrow with cross blockchain support via ABCI, an abstraction interface that allows for an EVM to connect to any blockchain. The eEVM’s capabilities can also help shape EEA standards for Trusted Compute for maximum interoperability. Partners such as Intel, Truffle, Quorum, and blk.io have already expressed interest in utilizing this technology.
“The open source eEVM and Trusted Execution Environments like Intel(R) Software Guard Extensions can help improve blockchain scalability and privacy by enabling off-chain Ethereum smart contract execution. With the eEVM released to open source and the EEA’s announcement of the Trusted Compute API, off-chain smart contract capability has been extended to any blockchain developer.”
Mike Reed, Director of Intel’s Blockchain Program Office
“With the eEVM, Microsoft is open-sourcing a core component of their already-impressive blockchain cloud infrastructure. This means that developers can take advantage of the wide array of existing Ethereum-based smart contracts and build richer applications that solve the issues enterprises face. At Truffle we’re excited because the eEVM provides a strong base for future platforms and tools in the enterprise space — tools we’d love to help develop. Microsoft’s strong stance toward interoperability makes this an easy win, and helps make enterprise blockchain developers’ lives easier in the process.”
Tim Coulter, CEO & Founder, Truffle Suite
“Microsoft are working at the leading edge of blockchain – directly contributing to the ecosystem with initiatives such as the eEVM, Enterprise Smart Contracts and contributions to the Enterprise Ethereum Alliance specifications. We’re proud to be partnering with them and excited about further opportunities for collaboration through web3j for Java developers and our Epirus platform.”
Conor Svensson, CEO & Founder blk.io and Technical Standards Chair, Enterprise Ethereum Alliance
We look forward to seeing the use of the eEVM evolve in the community. To learn more, review the EVM source code on eEVM.
Additional Ethereum community investments
Microsoft has been building with our partners and ISVs since the very early days of Ethereum. These integrations were initially focused on blockchain infrastructure and enabling the creation of private blockchains for labs allowing developers and architects to focus on building applications. Our first partnership was with ConsenSys to create the Ethereum Azure ARM templates and the first blockchain extension for Visual Studio, and released this at our premier developer event, //build.
Since then we have expanded our partner integrations to allow simplified deployment of a wide variety of blockchains and expanded to embrace containerized workloads with Kubernetes integration to be the most open blockchain cloud platform.
Developer productivity and tooling continues to be a pain point in the industry, which we are addressing with partners like Truffle to bridge the backend blockchain directly into the developer experience and IDE, such as VS Code extensions. Truffle boxes can package common applications and samples to execute in Azure Blockchain Workbench. Coming later this week the new integrated developer experience making it dramatically easier for developers to get started building Dapps will be available in the marketplace.
Blockchain infrastructure templates also have increased in complexity over the years. The use of blockchains has evolved and now provides additional knobs and dials for customers to customize the ledger to fit their use cases targeted for production. Features like pluggable consensus allow customers to choose the right consensus algorithm for their network at deployment. Our latest Quorum offerings include options for both RAFT and iBFT models, while also offering users a choice of privacy model, using either Constellation (Haskell based), or Tessera (Java based).
“The Azure team has been a leader in blockchain for enterprise with their early support and contributions to Ethereum, Quorum and EEA. They were the first to deploy Quorum as the first client for EEA and today’s updates to the Azure Quorum template reflect the adoption and demand we see across industries for Quorum.”
Samer Falah, Head of Engineering for Quorum
Additionally, customers have asked to move from establishing networks, to inviting new participants to join existing multi-node networks. This is one of the most challenging aspects of creating a scaled consortium. Leveraging our hyperscale cloud components in Azure for network connectivity, our templates now allow customers to provision new network members selectively with a simple user experience, dramatically lowering the bar for creating real consortiums with multiple business partners.
This week we’re also excited to announce that Pantheon from PegaSys is now available on Azure. Pantheon is a new type of offering that exposes a public node rather than the private nodes that enterprises have typically provisioned. Leading enterprises with private chains (closed consortiums) have realized that connectivity to multiple chains, including public ones, will be important. Pantheon provides a client that can enable this option for enterprises with a license that is more enterprise friendly. Built on Java, with seamless integration to web3j (the Java blockchain integration library), Pantheon makes it easier than ever for enterprise developers to embrace blockchain with their existing Java programming skills.
“Being available on Microsoft Azure from day one is key for PegaSys’ goal to be as easy to deploy as possible. The Azure team has a long history of bringing blockchain to enterprise cloud developers and we’re excited to work with Microsoft as they continue to add new tools for enterprises looking to deploy blockchains in production.”
Rob Dawson, Product Lead at PegaSys
Lastly, expanding beyond template and developer experience enhancements, customers have expressed a desire for private consortiums to have a matching decentralized storage companion. IPFS is a clear leader in this space for public Ethereum and has been working on private versions of IPFS for these customers.
We are happy to announce that later this week an IPFS solution will be available on the Azure Marketplace, allowing users to create multi-node storage network in less than 5 minutes. This offering also allows other consortium participants to add more nodes to this private companion network, while respecting the consortium’s authorization components.
Looking forward to a great week in Prague, come see us at the Azure booth and check out @MSFTBlockchain on Twitter for the latest news from Azure Blockchain.