What is money and how is it created? And how can we make a better financial system? Alan Verbner, an Ethereum Classic developer on Team Grothendieck at IOHK, started asking these questions as he lived through the volatile economic crisis in Argentina from 1998 to 2002. During this time, Argentina had defaulted on billions of dollars worth of debt. People protested in the streets and roared their disapproval of the government.

“I no longer believed that banks and money were necessary. Society will find a way to survive without them,” Alan said. He saw that local citizens in his country were unable to take their money out of the bank to access their savings, and long queues formed outside banks across Argentina as people desperately tried to get hold of their money. In January 2002, the government decided to devalue the peso, and abandon the peg to the US dollar, which resulted in the peso rapidly losing its value with respect to the US currency over just a few months.

Alan explains that this was when his interest in blockchain and cryptocurrencies began. He despised corruption and wanted to find an alternative solution for the citizens of his country.

Alan started to read more about Bitcoin, and researched the white paper by its creator, Satoshi Nakamoto. He was hooked, joined Argentina’s growing blockchain community, and the rest is history.

Since then, Alan focused his efforts on getting into the blockchain industry. Following his interest in computers, developed at an early age from the influence of his mother’s technology career as a bank IT professional, Alan studied at the Engineering University of Buenos Aires and became a software engineer.

After graduation, Alan created Atix, which is a company he co-founded with three friends from university. They work on software development, and half the company are working in the area of blockchain. Alan decided to base his company at Bitcoin Embassy, a key meeting place for many of the leading minds in bitcoin development in the country.

He is optimistic about the future of crypto in Argentina’s bustling blockchain community. "Our country has the ideal conditions for crypto development. We have highly skilled and passionate people looking to contribute to the industry. For example, our office is located in a building where about eight crypto companies have their space and meetups are held every week with interesting debates taking place," Alan said.

It was at Bitcoin Embassy where Alan met Charles Hoskinson, the CEO of IOHK, and he was given the opportunity to work in Team Grothendieck on Ethereum Classic development. They built and recently launched the beta version of an Ethereum Classic client, Mantis, in the functional programming language Scala.

On the programming language of choice for ETC development, Alan is a fan of functional programming because it has allowed him to create less verbose, more readable and secure code. For him, Scala is a solid and fun language to work with. It has a lot of tools and useful libraries, for example Akka). Last but not least, it runs on a Java virtual machine so he is able to support different platforms (see the Mantis documentation for instructions) without any extra effort.

Being a remote team based in Argentina, and working with other distributed teams in IOHK globally, has been less complicated than most would expect. Alan and the team ensures that they have the discipline and precision to make everything work like a Swiss watch. This includes two main goals, one is communicating successfully with daily standup meetings to discuss tasks and key blockers, and the second is a strong and well defined code review process to catch bugs and establish a consistent coding style.

As someone who lived through pivotal moments in a country where corruption and poverty have been two big themes in society, Alan envisions a future where blockchain can address these issues. He would love to see a world where blockchain technology is being applied to areas such as voting transparency, microlending and fair access to financial services, immutable government data release, and trusted financial systems for all. “We are yet to see the various use cases blockchain technology can contribute to. I'm confident that the ecosystem will mature and become part of our daily life,” Alan said.

To find out more about Alan and our other talented Team Grothendieck members working on the ETC development of Mantis, check out our IOHK team page.

Developing Cardano is no small feat. There is no other project that has ever been built to these parameters, combining peer reviewed cryptographic research with an implementation in highly secure Haskell code. This is not the copy and paste code seen in so many other blockchains. Instead, Cardano was designed with input from a large global team including leading experts and professors in the fields of computer programming languages, network design and cryptography. We are extremely proud of Cardano, which required a months-long meticulous and painstaking development process by our talented engineers. With that in mind, I’m pleased to report that we are finally reaching the end of development. The target launch date is September 29 and this is based on all current, known information. We had originally planned to launch by the end of August, so there have been a few additional weeks of development. The extra time was partly due to our team uncovering a few unexpected bugs which delayed testing of the overall network. It also took longer to set up Cardano’s internal test network than expected. But during those extra weeks, we have also been able to make enhancements to dramatically improve Cardano’s performance. 

One of the things engineers did to improve Cardano’s performance was to change the format of messages that are sent between nodes on the network. We upgraded our binary serialisation format from a custom version to one based on an open, common standard that means third parties, such as exchanges, will find it easier to build their own nodes, and our system becomes more transparent.

In recent weeks, engineers also made improvements to the network layer, rewriting code to make it run faster. The system is more stable under load and the number of transactions per second is higher. We are further improving the transaction speeds of the network and in the coming months after release will demonstrate our results. These two improvements took a few weeks to fully implement and test.

We have now added additional protection against DDoS, or distributed denial of service, attacks. The network’s core nodes have been placed behind firewalls, so they are not accessible from the public internet. This gives us some protection against this type of attack, because potential attackers can’t reach Cardano’s core nodes. To do this, we surrounded the core nodes with proxies, called relay nodes, which by contrast are visible to the internet. As their name suggests, these nodes relay messages to the core nodes. Even if there was an attack, the blockchain would be protected because the core nodes are not directly exposed.

We have also introduced improvements to Cardano’s delegation scheme, which keeps the network running even if its end users are not online, to strengthen it against attacks to its signature scheme. This provides an element of future-proofing by preventing attackers from stealing funds if new attacks against its signature scheme are discovered in the future. Cardano is based on proof of stake, so our solution is that Ada holders will have separate public-private keys for their coins and for their stake and the public key for the coins will not be published. This is the first step of a long term strategy to harden Ouroboros against quantum computers, a process which will require new research.

While all this work was going on during the past few weeks, the team has done a lot more testing, which is always good. We found bugs, which we fixed, and the testing gave us a better assurance of quality.

Recently, IOHK research – our Ouroboros and SCRAPE papers – were also accepted to two major conferences, ACNS in Japan, and Crypto 2017 in the US, and we were very proud our work has been recognised by the academic community and has been peer reviewed. A major exchange that has agreed to list Ada at launch has also been integrating with Cardano’s network. As a result, we have been adding some recommended features and minor changes.

All this development work has meant that Cardano’s code has changed, sometimes significantly. That means everything has to be retested. You can’t simply update code and assume that everything will be fine. The process of releasing a new version of the software takes a couple of weeks because that is how long it takes to test, and fix bugs and carry out tasks such as preparing new installers.

Development has been a lengthy process but we are now very pleased to share a detailed plan showing the launch countdown. Cardano is a unique and very special product and we look forward to passing it into your hands.

Testing is of course critically important to a cryptocurrency because the correctness and robustness of the system are what you rely on to keep your money safe, and ensure that you can spend it when you need to. So as you would expect, as our development team is getting ready for the Cardano mainnet release, testing is one of the main things that is on our minds.

There are many different ways in which we test Cardano and in this post we will talk about several.

Testing can be divided into two main kinds: functional and non-functional:

• Functional testing is about checking that all the system's components meet their specifications.

  Functional testing is done with components on their own, in which case we call it unit testing or component testing. It is also done with all the components together, in which case we call it integration testing or system testing.

  These kinds of tests are typically of the form: given some scenario, and certain inputs, the component or system produces the correct output or takes the correct next action.

• Non-functional testing reveals "how" the system behaves, including the performance of the system, the resources it uses and how the system behaves when under great load or attack.

We have a few major parts of the Cardano system: the core, the wallet backend and the Daedulus frontend. Different parts of the system are appropriate to test in different ways.

Public testnets

The most visible form of testing is of course the public testnets where we ask users to try the system out. This is a kind of beta testing. This is just the tip of the iceberg compared to all the testing we do internally, but it is still very useful because it covers a different set of problems compared to our internal tests.

Users have a huge variety of desktop computers, both in hardware and configuration. It is impossible for us to test all the combinations that our users have. So having lots of real users try out the system really helps to find those strange combinations where something does not work well, and gives us the confidence that we will not bump into similar problems for mainnet.

A testnet release helps us test usability of the system: our websites, the installers, the Daedulus interface and how many cryptocurrency concepts people need to know to use the system.

There is no escaping the fact that a public testnet release is in some ways more "real" than any test situations we can construct artificially. Though we can certainly push the system to breaking point using our internal stress tests, there are complexities of a real world deployment that are hard to replicate in an artificial test.

Finally, it also helps our team practice making public releases, which helps us work out the kinks in our processes so that we can avoid problems during the mainnet release or later updates. And it's not just our developers and technical operations teams, a successful launch also depends on our communications and support teams. The very process of getting questions, feedback and problem reports from users during the testnet phases helps us to make sure that our support teams have the right procedures in place so that we can be confident that they can help everyone effectively during and after the mainnet launch.

Automatic unit and component testing

We have an increasing collection of fully automatic functional tests that cover various important parts of the logic in the core and wallet backend. These are functional tests in that they check that each component meets its specification.

These tests are run automatically by our continuous integration system, which means they are run before any change to the code is accepted into our master branch. This helps to protect us against introducing regressions.

Wherever possible we make use of property based testing, rather than simple individual unit tests. Classic unit tests for a component tend to simply use a specific set of inputs and check that a specific output is produced. To comprehensively test a component in this style often requires a large number of specific pairs of input and expected output. This is laborious and tends to miss corner cases that programmers do not think of. By contrast, property based testing involves taking the component's high level specification and reformulating the specification as an executable property. That means that for any specific inputs the property can actually be executed to check that the property is true for those inputs. These properties are expressed in the same programming language as the code being tested. The technique then involves checking the property on hundreds or thousands of test inputs. The technique is to use systematic random generation to produce test inputs. This means that programmers do not have to think of lots of test inputs and it avoids human bias. So it tends to give much better test coverage with less effort.

Specifically, we use the QuickCheck system for property based testing. Perhaps the greatest advantage is that it makes developers think in terms of the specification and properties of their code, rather than individual inputs and outputs. This is a much higher level way of thinking about code and helps to produce simpler more reliable code.

System level tests and performance tests

While all the unit and component testing gives us confidence that each part of the system works ok on its own, system level tests are to check if the parts all work together as a whole.

For this we have to set up a cluster of machines and configure them to run the blockchain protocol together. The main functional test that we use works like this: we have a special transaction generator program that constructs tens of thousands of transactions and submits them to nodes in the cluster. The code is instrumented to record certain key events in a log file, such as when each transaction reaches each node. We let this run for around an hour. At the end of the run we have a tool that analyses the blockchain and the log files from all the nodes. This checks that all the transactions that were submitted did make it into the blockchain. It also checks if there were any unexpected forks in the blockchain or missing blocks. In normal conditions there will be no forks or missing blocks.

We can use the same basic approach to test the system when we deliberately attack it, such as taking out nodes, or preventing nodes from talking to each other for a while. In this case we expect temporary forks or missing blocks, but we can check that the system recovers properly.

We use the same basic approach for non-functional performance tests. We adjust the transaction generator to submit transactions at a higher rate to stress the system and see how high we can push the throughput before it hits a bottleneck. We can also check that even though the system has hit its maximum capacity it continues to function in a stable way.

Throughput, meaning transactions per second, is important but so is latency. By latency we mean how long it takes for a transaction to get into the blockchain. Our analysis tool can also determine the distribution of latency. A low latency with little variance shows us that transactions are flowing smoothly to the nodes that create blocks and that those nodes are creating blocks on time.

Frontend testing

Our Daedalus frontend team have a fully automated set of tests that cover every function of the user interface. In turn this also tests every interaction between the wallet frontend and wallet backend. So this also gives us an automatic integration test for the combination of the wallet frontend and backend.

Frontend testing is a bit different from most other testing. Most testing works by a test program directly using a program interface, whereas frontend testing requires interacting with an actual human interface. User interface testing frameworks simulate what a real user does: clicking buttons and typing in web form boxes.

The result is actually rather fascinating to watch: it's as if an invisible robot is sitting at the computer typing and clicking very quickly to set up accounts, send transactions and all the other things.

Security auditing

Counterintuitively, when it comes to cryptography and security -- which cryptocurrencies of course rely on completely -- testing is in fact not very effective. Testing usually shows us that the expected things do work, but it's hard to use normal testing to show that unexpected things cannot happen. And showing that some hacker cannot subvert the system is just the kind of thing that is hard to test for.

The solution is not testing but auditing by experts in cryptography and security. This means experts carefully reviewing the designs to check that the arguments for why the system should be safe are sound, and also reviewing the code to make sure the code matches up with the design.

Of course, the basic design for the proof of stake blockchain used in Cardano has already been peer reviewed by academic cryptographers. There are other parts of the system that we have had to develop in the last year -- beyond just the blockchain -- and the most security critical parts of those have been reviewed by our research team, and also by an external security audit team. Additionally, the security audit team have reviewed many of the most important parts of the code to check that the code matches the design.

Conclusion

A cryptocurrency system is a surprisingly complex piece of software and it has to work correctly, be robust to deliberate attacks and have good performance. Of course Cardano is a new from-scratch cryptocurrency, not based on any existing system, so all of it has to be carefully tested or reviewed.

Hopefully this post has given you some insight into how much is involved in testing Cardano, and how serious we are about security, robustness and performance.

Developing a secure proof of stake algorithm is one of the big challenges in cryptocurrency, and a proposed solution to this problem won the attention of the academic community this week in California. Several hundred cryptographers from around the world arrived at the University of California Santa Barbara on Sunday for the flagship annual event of their field, Crypto 2017. Over several days, they present cutting edge research for the scrutiny of their peers, while in the evenings they continue discussions with friends and colleagues over dinner on the university campus, with the inspiring backdrop of the Santa Ynez mountains meeting the Pacific ocean behind them.

Ouroboros, developed by a team led by IOHK chief scientist Aggelos Kiayias, made it through a tough admission process for the prestigious conference. This year, 311 papers were submitted and of those 72 were accepted. Only three papers at the conference were on the subject of blockchain. All three papers were supported by IOHK funding.

Speaking after his presentation, Professor Kiayias said: "We’re very happy that we had the opportunity to present Ouroboros at the conference. The protocol and especially its security analysis were very well received by fellow cryptographers."

"Our next steps will be to focus on the next version of the protocol, Ouroboros Praos which improves even further the security and performance characteristics of the protocol."

The Ouroboros protocol stands out as the first proof of stake algorithm that is provably secure, meaning that it offers security guarantees that are mathematically proven. This is essential for a protocol that is intended to be used in cryptocurrency, an infrastructure that must be relied on to carry billions of dollars worth of value. In addition to security, if blockchains are going to become infrastructure for new financial systems they must be able to comfortably handle millions of users. The key to scaling up is proof of stake, a far more energy efficient and cost effective algorithm, and as such this research represents a significant step forward in cryptography. Ouroboros also has the distinction of being implemented – the protocol will be an integral part of Cardano, a blockchain system currently in development.

There were two other papers presented at the bitcoin session on Monday. The Bitcoin Backbone Protocol with Chains of Variable Difficulty, was produced by a team of three researchers and included Prof Kiayias. It is a continuation of previous research into Bitcoin, which was itself the first work to prove security properties of its blockchain.

A third paper on the subject of bitcoin was presented, Bitcoin as a Transaction Ledger: A Composable Treatment.

Other notable talks at the conference included a presentation by John Martinis, an expert on quantum computing and former physics professor at the University of California Santa Barbara, who is now working at Google to build a quantum computer.

Leading cryptographers at the conference included Whitfield Diffie, pioneer of the public key cryptography that made Bitcoin possible, and Ron Rivest, Adi Shamir, and Leonard Adleman, who came up with the RSA public-key cryptosystem that is widely used for secure data transmission.

Ouroboros Praos researchers, left to right: Bernardo David, Alexander Russell, Aggelos Kiayias, Peter Gaži

We are excited to announce that there is now an Ethereum (ETH) client built specifically for the Ethereum Classic (ETC) community. The release of this beta client, Mantis, will take place today and is the culmination of seven months of work by the Grothendieck Team, the IOHK developers dedicated to Ethereum Classic. There are three reasons for the client. First, IOHK wants to demonstrate that it has the technical competency and culture to be a leader for the development of ETC. Second, IOHK wants to dispel the myth that ETC is a “copy and paste” coin that uses other people's code, and show that it is an independent and viable alternative to Ethereum. Third, the client is built in Scala, which is a functional programming language that offers security guarantees that other languages do not.

This release is comprised of the four functional milestones we have been working on since January.

• Blockchain download
• Transaction execution
• Command and query interface
• Mining integration

These are some of the features that made it into the beta release for the Mantis client:

• Mist Integration
  Connect the Mist browser to the Mantis client over HTTP.

• Multi-platform
  We have tested the application on recent versions of Linux (16.02), Mac OS (El Capitan, Sierra) and Windows (10, 8).

• Testnet and Private Chain Support
  The client supports synchronizing with the Morden testnet and also creating private chains.

• Documented Configuration
  Our client uses neatly formatted configuration files in the “conf” folder to configure the client, all the keys and values have descriptions to help the user optimize the client's utility.

We are also able to include a “Fast Sync” feature in this release. From start-up, the Mantis client (using default settings) will attempt to discover existing ETC nodes on the internet and fast sync the ETC chain from them. Fast Sync is fantastic feature for a blockchain client because it downloads a recent snapshot of the blockchain and this speeds up the process of setting up a properly functioning full node. It also downloads the entire blockchain history to have this available to other peers on request. Fast Sync is faster, and more convenient than downloading all of the blocks from peers, although this is also supported and can be switched using a flag in the configuration file.

Although Fast Sync is quicker, it is still slow by today's internet standards. For those who would like to get a node synchronized as fast as possible a “bootstrap database” has been provided. This database contains the whole chain up until August 2nd 2017. Users can download this large file, unzip it in their data folder and then start the Mantis client.

The Mantis client is now being passed into the hands of technically savvy community members. Enthusiasts, who are comfortable with a command line interface and are willing to install code that has not been fully tested, will have a lot of fun using the Mantis client and can provide us with valuable feedback. We would like to encourage anyone with the necessary technical skills to try out the client and report any bugs to the ETC Slack channel.

We will have more updates and news coming soon, and will share our progress with the community in the upcoming weeks. Please stay tuned for more details!