TRUST-TO-TRUST DESIGN OF A NEW INTERNET
Abstract:
The internet’s original design, guided by the end-to-end design principle, pushed all
application-specific logic and complexity to the edges of the network and kept the core
of the network focused on the simple task of delivering data. The original end-to-end
principle, however, did not explicitly account for trust and security. There are several
central points of trust and failure on the traditional internet. These include root servers for
the Domain Name System (DNS) and public-key infrastructure like Certificate Authorities
(CAs) that publish security certificates. Further, the success of cloud hosted services in the
last decade means that most user data is stored on remote servers and end-users need to
trust these remote servers for correct execution of their applications.
In this thesis, we present a new internet architecture that explicitly follows the trust-totrust
design principle, i.e., end-users don’t need to trust the core of the network for anything,
and end-users can use applications and services in a fully decentralized way. We make the
observation that cryptocurrency blockchains, like Bitcoin, can be used to bootstrap trust
for new nodes joining a network. We identify the various limitations, like high latency
and limited bandwidth, of contemporary blockchains and discuss how our architecture can
scale by moving most operations outside of the blockchain layer.
We detail our experience of running a large production system on top of a cryptocurrency
blockchain and how that experience guided our design. We present the implementation
of a new decentralized internet, called Blockstack, that takes the trust-to-trust architecture
from a theoretical concept to a production system. Deploying new systems by modifying
production blockchains is hard because it requires coordination and agreement from
several parties. We introduce virtualchains, a virtual blockchain constructed by processing
data from underlying blockchains, to enable the seamless introduction of new functionality
on top of blockchains without requiring any consensus-breaking changes. Blockstack is
already powering several fully decentralized applications, like OpenBazaar; it’s released as
open-source software and, to date, more than 70,000 domains have been registered on it.