Foundations of Distributed Ledger Technology Part 6: Practical use-cases for DLT

DLT Foundations

In part one i described different types of DLT’s and how they reach consensus. In part two I described some more details related to blockchains. In part three i described components of DeFi. In part four I described how to make a business model on blockchains with DAOs. I In this part, I’m going to give some examples of applications that are based on DLT technology. But first I’m going to give you some fundamental knowledge about what characterizes Decentralized apps.

DApps = Decentralized Applications

DApps, explained in one sentence, are applications running on a DL. They were introduced with the Ethereum network in 2013, but are now available on most blockchains.

Characteristics of DApps

In a paper defining what a DApp should be, called “The General Theory of Decentralized Applications, Dapps”, four (actually six) characteristics are described:

1. A DApp must have open-source code.

2. It must work without third-party intervention.

3. It must be user-controlled, as in they propose and vote on changes that are automatically implemented.

4. All information must be held in a publicly accessible blockchain network. Decentralization is key, as there cannot be a central point of attack.

5. DApps must have some sort of cryptographic token for access and they must reward contributors in the said token, such as miners and stakers.

6. A DApp must have a consensus method that generates tokens, such as proof-of-work (PoW), proof-of-stake (PoW) or any other valid consensus algorithm.

What is neat with many truly decentralized apps is that they can still function even without central servers. It is because the communication is often P2P = Peer-to-peer and devices find each other with help of either blockchain nodes or other protocols.

Comparison to centralized apps

Mobile Payment

Let’s take a mobile payment provider as an example. Depending where you are in the world, imagine your most popular mobile payment app. For example: In Norway it’s Vipps, In Sweden it’s Swish and in the United States of America, it’s Venmo, as far as I know.

What is common with these apps is that they are all able to transfer fiat currency from one bank account to another almost instantly, but they only work for their local currency, inside their own country. The banks may also take various fees. The communication is client-server based and involves several third parties (banks). This means that someone could intervene in a transaction between two individuals. The server infrastructure is also a target for attacks.

Theoretical traffic flow of a traditional mobile payment provider. To be clear: I don’t know exactly how the traffic flow for Venmo’s service works. All I know is that it has to be a cooperation between american banks and Venmo to make the transactions possible.

With a decentralized crypto wallet app, the communication is P2P = peer-to-peer. The transaction is verified and registered by validation nodes, before it get sends to Bobs wallet address (how they reach consensus depends on which network used. See part 1). There are no third parties involved and works between anyone anywhere. Payment can be almost instantly and with very low fees (again, depending on the network used). There are no central servers to attack and the apps will work even if the developers have a power outage or gone bankrupt.

Alice sends stablecoins to bob. This token is available on multiple networks. A relatively small fee will be added to pay the validators to process the transaction. The difference compared to Venmo is that the validators are all independent nodes. None of them cares who you are or who you trade with.

Notes:

• Bob could be in France while Alice is in the U.S.A. The speed and cost of the transaction will be insignificant compared to if they were both in the same country.

• Also remember from part 3 that the wallet app doesn’t contain any tokens; they are stored on the DL. The wallet app is a key to access your funds stored on the DL. That is similar to bank accounts. The difference is that money stored in a bank is actually property of the bank, not yours.

• The service is very fault tolerant compared to a centralized service. As long as less than a 1/3 of the validator nodes are not compromised, the transaction will eventually get through.

Handling of External Data

All events and data generated on a blockchain is called "On-Chain data”. When doing transactions from one crypto wallet to another, there is no interaction with external sources required, and will therefore work fine with only on-chain data. However, many applications rely on data that doesn't originate on the blockchain. Such external data is referred to as "Off-Chain data".

Examples of DApp functions that require off-chain data is:

• Pricing of tokens

• Weather information for Insurance claims

• Outcome of sporting events for betting apps

• Random number generators for games

• IoT sensors for supply chain information

Examples of external applications that require on-chain data is:

• Website integrations to view information about events on the blockchain

• Computational offloading: the process of sending data from the blockchain to be calculated by external machines, to then be delivered back to the blockchain.

Blockchain nodes are however unable to gather this off-chain data. The only way they are able to gather off-chain data is through smart contracts.

Oracles

By Jeremy Perkins on unsplash.com

Oracles are links, like portals, between the "real world" and blockchain infrastructures. They are entities that provides real world data, also referred to as off-chain data, via smart contracts to blockchains. They work both ways (inbound and outbound) meaning that blockchain can receive data from the real world, and blockchain data can be sent to the real world.

Note: I’m aware that I’m using “DL” and “blockchain” interchangeably.

“Blockchain oracles are entities that connect blockchains to external systems, thereby enabling smart contracts to execute based upon inputs and outputs from the real world.” - Chainlinks definition

All oracles perform a few key roles. These capabilities include the ability to:

• Collect data from the real world.

• Verifies the data, signs it and puts it on-chain.

• Make the data accessible to blockchain nodes by storing it on a smart contract.

There are many types of Oracles, but these are, in my opinion, the most essential to know about:

Hardware and software oracles

Hardware oracles deliver data from the physical world. This could be information from camera motion sensors or Radio Frequency Identification (RFID).

Software oracles deliver data from digital sources such as websites, servers or databases. Real-time data, such as exchange rates, price variations and travel information, can be delivered through software oracles.

Centralized and decentralized oracles

A centralized oracle is managed by a single entity and serves as the smart contract's sole data source. Using only one source of information can be dangerous because the contract's effectiveness and trustworthiness is solely dependent on the organization in charge of the oracle. The fundamental issue with centralized oracles is that they have a single point of failure.

Decentralized oracles make the information delivered to smart contracts more reliable by not depending on a single source. The smart contract consults several oracles to assess the data's validity and accuracy; this is why decentralized oracles are also known as consensus oracles. Example of a decentralized oracle is Chainlink.

It is critical to make sure that the oracle data can be trusted. Always consider decentralized oracles before centralized oracles. Sometimes though, you might have to rely on one source. In that case make sure that the external source use watertight security mechanisms. At least don't use centralized oracles for anything important like price changes.

Human Oracle

By Conscious Design on Unsplash.com

Humans can of course manually enter off-chain data to an oracle. It could be manually gathered data from research. Because identities can be verified on the blockchain, the chances of a fraudster inputting data is very small.

Examples of DApps

Let’s look at a selection of DApps and how they are designed. Some of them I have tried myself.

Note: I have not researched every aspect of every app presented in depth. I could be wrong about some details. I just want to briefly give some examples of what DApps can do.

Decentralized IM = Instant Messaging

I have been writing about Signal earlier and how it is one of the securest IM apps available, but it has unfortunately some red flags. The biggest ones are where the funding comes from, and it’s centralized model. If Signals servers go down, which it could if it doesn’t get enough funding, then the app will not work anymore.

Status is an IM app that is built on a protocol called Waku, which is a fork of the Whisper Protocol, which is used and developed by Signal. Waku takes the great security aspects of the Whisper Protocol, like X3DH = Extended Triple Diffie-Hellman and the double ratchet algorithm, but tweaks them to work in a decentralized environment. What this means is that Status is not relying on any central servers to route messages. Instead, Status relies on the community of nodes to route messages for the users. People who run nodes are rewarded with SNT tokens*. SNT holders are eligible to vote for changes.

Note: How they are rewarded is a bit obscure to me at the moment but apparently one of the ways are through staking. There might be more use cases in the future, as the app seems to be still in development.

Everything about Status is completely Open Source.

The last detail I can mention is that it also includes a crypto wallet for the Ethereum Blockchain and a few others, which works very well for anonymous transactions.

Note: This app was available to download, but now it seems like it is being re-shaped and only beta and alpha access are available for Status 2.0. The old version still works however. If you scroll to the bottom at status website, you can still install status 1.20, on mobile only though:

Decentralized VPN = Virtual Private Network

Mysterium VPN provides a decentralized VPN solution. Why is it better than regular centralized VPN providers? While in theory they increase privacy and security on the web, there are three dilemmas:

1. Regular VPN providers are a single point of failure.

2. It is trust based. While certain VPN providers claim that they won’t log your data and sell it to third party, how do you verify that?

3. They are not immune to legal intervention. They can be forced to give out your data to authorities.

A few assumptions: A and B have the same VPN provider and have chosen the same internet gateway. What I’m trying to visualize is that the traffic has to go through a centralized service, regardless how many gateways you can choose from.

dVPNs don’t run on a centrally-controlled network of servers. Instead, they rely on their users to rent their unused internet bandwidth out to fellow users.

-From mysteriumvpn.com

Isn’t that nice? You can protect peoples privacy while reducing the cost on your over-sized bandwidth connection! You get rewarded MYST tokens for renting out your bandwidth.

If for example Bob’s internet connection goes down, Alice can instead use Cassandras internet connection, or Davids or whomever’s internet connection.

And of course, it is open source. Therefore anyone can setup their own Mysterium VPN node. That means that there is no centralized servers, and thousands of internet gateways to choose from. This gives following benefits over centralized VPN:

• Higher availability; thousands of connections to choose from.

• Better privacy; the application is designed with strong cryptography based on Wireguard, so nodes cannot eavesdrop on your traffic.

• Possibly lower latency as well.

For more information about the benefits of dVPN, read here:
https://www.mysteriumvpn.com/blog/what-is-a-decentralized-vpn

Mysterium VPN documentation:
https://docs.mysterium.network/general-information/about-mysterium-network

Decentralized File Storage

Google Drive and Onedrive are easy-to-use applications for backing up your data in the cloud. The problem is of course that your data is being stored on Google or Microsofts servers. Nextcloud is a great alternative if you want to self-host, but what if you don’t want to self host, and you don’t trust any centralized service to store your data?

IPFS = InterPlanetary File System is a way to store your data on blockchain nodes, instead of central servers.

Not only can IPFS store huge files, but it can also store web content, which mean that your website is not stored on just one server anymore, (or hosted from a VPS provider) but is available on the blockchain! This is what a decentralized Internet is all about!

A traditional webserver is stored on a central server somewhere. All incoming traffic is going to the same server. If that server fails, nobody can reach the website (unless there is a backup server). Compared to IPFS, the website exists on multiple nodes, resulting in smaller delays and higher availability, and more resistant to censorship.

This topic is so cool it deserves it’s own dedicated post. I’m just going to say: For you guys who wonder if you should scrap your Nextcloud server, don’t do it yet. Instead you can add support for external IPFS filestorage to your Nextcloud server.

Note: IPFS is not an application, but a network protocol that can be utilized by other apps.

Become a Decentralized Internet Service Provider

The physical Internet connections are becoming centralized. In some countries, 40% of connected users is held by one ISP alone. Arelion, previously known as Telia Carrier, is the biggest Internet backbone service provider with almost 70% of all the routes of the Internet. This causes a risk of the Internet being controlled by a few big corporations.

With Helium you can setup your own 5G hotspot at home and provide 5G connectivity to others. Your equipment will peer with other Helium 5G hotspots, if they are available in the area. You get rewarded with HNT tokens for providing Internet connectivity and for extending the coverage. The tokens are developed for the Solana Blockchain.

Helium is open source. Therefore there are plenty of compatible equipment to choose from. The Helium community also votes on what new features should be added.

“Since the Helium community approved HIP 19, dozens of Third-party Manufacturers and Vendors are producing and supplying Hotspots that mine Helium tokens for providing wireless connectivity.”

Note: Helium 5G connectivity is only available in the US at the moment. Only LoRaWAN hotspots, which are more suited for IoT stuff, are available here in Europe. However, it might work with a provider independent SIM card but I have not tried this myself.

Decentralized video conference

While Status is planning to include video calls, Jami is already out there (Jami doesn’t have a crypto wallet though).

As with Signal and other IM apps, centralized applications need to cover the cost of maintaining a considerable server infrastructure in order to provide their services. How does centralized services like Zoom cover their cost when you can use it for free? After reading some of Zooms privacy policy, there is no doubt for me that they are selling personal data to 3rd party.

The people behind Jami believes that it’s wrong to sell users personal data. They want to create an alternative that protects privacy, and gives the users full control of their data. They have made it their ethical mission.

Jami Technical details

Without going into to much details, that requires it’s own post, here are a few key concepts:

Basically instead of having a central point of failure (the server) that knows where everyone are, all nodes are more or less interconnected in a distributed network.

Paul Baran’s definition of what a distributed network is. According to this definition, Decentralized Applications could be seen as distributed applications.

The benefit of that is there is no requirement for servers. Instead the Jami clients are helping each other finding the way to the users. Therefore, communication with other clients doesn’t even require any blockchain nodes! This is however not without challenges.

• For clients to find each other without a central server, Jami clients use OpenDHT as a device discovery mechanism. DHT = Distributed Hash Table, is also used for IPFS.

• To make sure that usernames are unique without a central user database, Jami utilizes public key cryptography and blockchain technology (DLT). Specifically, they use a Layer 2 blockchain called JamiNS, that works on the Ethereum blockchain. This part is decentralized.

Note: Jami had problems with byzantine faults within their JamiNS blockchain a while ago. Because of that they have migrated all the users over to an SQL server temporarily. They are planning to migrate back to the Ethereum blockchain, but due to time and resource constraints, they have prioritized fixing stability and connectivity issues. I received this response from Jami:

“Yes, due to the lack of time and resources, we are still using an off-chain SQL database. [redacted] …we are planning to switch back to blockchain with Ethereum 2 by mid-summer [2024].”

Jami is completely open source and you can setup your own JamiNS node and OpenDHT Bootstrap node by following their documentation.

Jami Features

Jami covers most of the features that other video conferencing apps have. For more information, I recommend to read on their website.

List of features from jami.net

The only minor inconvenience is that Jami is not browser-based. Therefore, it requires that you install the application on your computer.

Conclusion

The greatest benefit with DApps are that they are autonomous, meaning they don’t require any servers to run. When looking for decentralized apps, I noticed that many of them were following the rules of General Theory of Decentralized Apps.

• They have their own tokens

• The communiy/tokenholders votes on what changes should be made

• Runs on blockchain technology

• Most of them are completely open source

Although all DApps might not fill all the criterias today, they might be added in the future. The most important thing is that most of them are at least open source.

This was the last part of DLT foundations. I have more DLT related posts in the pipeline, but they will be more focused on specific apps, protocols or networks.

Appendix

Noteworthy mention: Decentralized alternative to Google Street-view

I thought about including this app in the list of DApps because I like the concept. Unfortunately it has too many red flags for me to endorse it.

If you are stuck in a traffic jam and have location service turned on on your phone, you and the drivers around you are part of a dataset that other people might have use of. For example so they don’t end up stuck on the same road as you. Google make a ton of money on information that you provide, but wouldn’t it be more fair if you were rewarded for bringing that information to them?

Natix is an app that uses AI and blockchain technology to map traffic conditions that their users voluntarily give out. Types of information collected can be for example traffic congestion, available parking spaces and location of potholes. The users are rewarded with tokens for providing this information to Natix. This information can then be used to improve map applications, like Open Street Map.

The way Natix works is that it turns your smartphone into an advanced camera sensor. You just put your phone on your dashboard inside your car while the app is running and then off you go, earning NATIX tokens while you drive.

The benefit besides that you reduce the cost of driving is that this information can be more useful than what Google is able to collect from you.

Privacy and other concerns

Natix claims that their app is protecting your privacy, but when reading the privacy policy, all I can see is that they collect a ton of personal data, and may even share with some third parties like Internet Service Providers! Why is it necessary to collect OS type and even information about other apps installed? Some of it might be legitimate but give me a break! If I’m going to use this app, I’ll install it on a separate phone, or use it in an isolated environment, like Shelter. If you are a targeted individual, I wouldn’t recommend it at all.

Also, The app isn’t open source, at least not the AI function. That means it fails on a critical criteria of being a decentralized app. It also means that I cannot be sure how much personal information I’m actually giving out to Natix, even with the least amount of credentials entered.

It could be beneficial for humanity to share anonymous data, but it’s not worth it if you need to give up all your personal information just to earn a few tokens. Hopefully there will be an Open Source alternative that I can endorse in the future.