A Decision Model for Choosing Patterns in Blockchain-based Applications

Dilum Bandara
Dilum BandaraResearch Scientist at Data61, CSIRO
Australia’s National Science Agency
A Decision Model
for Choosing
Patterns in
Blockchain-based
Applications
CSIRO Data61
Xiwei Xu, Dilum
Bandara, Qinghua Lu,
Ingo Weber, Len Bass,
and Liming Zhu
18th IEEE Int. Conf. on Software
Architecture (ICSA 2021)
Blockchain Patterns
Data Management Patterns
Data Migration Patterns
Self-Sovereign Identity Patterns
Smart Contract Patterns
Security Patterns
Interacting with External World
Deployment Patterns
Payment Patterns
2 | Australia's National Science Agency
https://research.csiro.au/blockchainpatterns/
• Selecting a collection of patterns is
non-trivial
• Distinct pattern collections
• Lacks details on relationships among
patterns
• Fragmented trade-off analysis
• Can a decision model guide the
selection of blockchain patterns?
• Assists developers & architects in selecting
patterns for blockchain-based applications
• Pattern’s quality trade-offs
• Relationship among patterns
Motivation
3 |
EuroPLoP ’18, July 4–8, 2018, Irsee, Germany Xiwei Xu, Cesare Pautasso, Liming Zhu, Qinghua Lu, and Ingo Weber
2 PATTERN X: ORACLE
Summary: Introduce the state of external systems into the closed
blockchain execution environment through the oracle. Fig. 1 is a
graphical representation of the pattern with the external oracle
solution approach.
Context: From the softwarearchitectureperspective, blockchain
can beviewed asacomponent or connector within alarge software
system. In the case the blockchain is used as a distributed database
for moregeneral purposesother than nancial services, theapplica-
tionsbuilt on blockchain might need to interact with other external
systems. Thus, the validation of transactions on blockchain might
depend on states of external systems.
Problem: Theexecution environment of ablockchain isself-contained.
It can only access information present in the data and transactions
on the blockchain. Smart contracts running on blockchain are pure
functions by design. The state of external systems are not directly
accessible to smart contracts. Yet, function calls in smart contracts
sometimes need to access state of the external world.
How can function calls in smart contracts beenabled to access
the state of the external world from within smart contracts?
Forces: Theproblem requiresto balance the following forces:
• Closed environment. Blockchain is a secure, self-contained
environment, which isisolated from external systems. Smart
contractson blockchain cannot read thestatesof theexternal
systems.
• Connectivity. In addition to thedatafound on theblockchain,
general-purposeapplicationsmight requireinformation from
external systems, for example, context information like geo-
location information, or weather data from a Web API1.
• Long-term availability and validity. While transactions on
blockchain are immutable, the external state used to vali-
date a transaction may change or even disappear after the
transactions wereoriginally appended to the blockchain.
Solution: Toconnect theclosedexecution environment of blockchain
with the external world, a oracle is introduced to evaluate condi-
tions that cannot be expressed in a smart contract running within
the blockchain environment. A oracle is a trusted third party that
provides thesmart contracts with information about the external
world. When validation of a transaction depends on external state,
the oracle is requested to check the external state and to provide
the result to the validator (miner), which then takes the result pro-
vided by the oracle into account when validating the transaction.
The oracle can be implemented inside a blockchain network as a
smart contract with external state being injected into the oracle
periodically by an o -chain injector. Later, other smart contracts
can access the data from the oracle smart contract. A oracle can
be also implemented as a server outside the blockchain. Such an
external oracle needs the permission to sign transactions using its
own key pair on-demand. Extra mechanisms might be needed to
improvetrustworthiness of the oracle, for example, a distributed
oracle based on multiple servers and M-of-N multiple signature.
Through using oracle, thevalidation of transactions isbased on the
authentication of the oracle, rather than the external state.
1https://openweathermap.org/api
On-chain Off-chain
Blockchain
Oracle
Other components in system
Oracle
Injector
Validation
result
Figure 1: Oracle Pattern
Consequences:
Bene ts:
• Connectivity.Theclosedexecution environment of blockchain
is ĂIJconnectedĂİ with external world through the oracle.
The applications based on blockchain can access external
states through the oracle and use the external states to vali-
date transactions.
Drawbacks:
• Trust. Using oracle introduces a trusted third party into the
system. Theoracle selected to verify theexternal stateneeds
to be trusted by all the participants involved in relevant
transactions.
• Validity. The external states injected into the transactions
can not be fully validated by miners. Thus, when miners
validate the transaction including external state, they rely
on the oracle to check the validity of the information from
external world. Long-term availability and validity. It could
happen that while transactions are immutable, the external
stateused to validatethem may changeafter thetransactions
wereoriginally appended to the blockchain.
Related patterns: ReverseOracle(Section [Y])
Known uses:
• Oracle in Bitcoin is an instance of this pattern 2. Oracle
is a server outside the Bitcoin blockchain network, which
can evaluate user-de ned expressions based on the external
state.
• Orisi3 on Bitcoin maintains a set of independent oracles.
Orisi allowsthe participants involved in a transaction to se-
lect aset of oraclesand de nethevalueof M beforeinitiating
aconditional transaction.
• Gnosis4 is a decentralized prediction market that allows
users to choose any oracle they trust, such asanother user
or a web service, e.g. , for weather forecasts.
2https://en.bitcoin.it/wiki/Contract#Example_4:_Using_external_state
3http://orisi.org/
4https://gnosis.pm/
Australia's National Science Agency
4 |
Blockchain-Based Application Design
Australia's National Science Agency
5 |
Approach
Create Decision
Models
• 5 design aspects
• Identified selection
paths based on
related patterns
• Derived quality
impacts & trade-offs
from forces &
consequences
Evaluate
• Correctness,
completeness, &
usefulness
• Interviewed 6 domain
experts
• 3 from industry
• 3 from academia
• 2-5 years
experience in
multiple projects
Refine Models
• More precise
explanations of
quality trade-offs
• Included/excluded a
few patterns
• Improved definition
of graphical notation
Australia's National Science Agency
6 |
Decision Model Notation
Australia's National Science Agency
7 |
Data Management
– On-chain
• Main quality measures
• Integrity
• Consistency
• Transparency
• Performance
• Cost efficiency
Australia's National Science Agency
8 |
Performance
• Main quality measures
• Integrity
• Transparency
• Performance
• Cost efficiency
Australia's National Science Agency
9 |
Data Management –
Off-chain
• Main quality measures
• Privacy
• Flexibility
Australia's National Science Agency
10 |
Security – Authentication
• Main quality measures
• Integrity
• Transparency
• Upgradability
• Interoperability
• Privacy
• Recoverability
Australia's National Science Agency
11 |
Security – Authorization
• Main quality measures
• Security
• Flexibility
• Lost key tolerance
• Interoperability
Australia's National Science Agency
12 |
Oracle
• Main quality measures
• Performance
• Availability
• Data credibility
• Cost efficiency
• Transparency
Australia's National Science Agency
13 |
Smart Contract
• Main quality measures
• Performance
• Security
• Cost efficiency
• Modifiability
• Consistency
Australia's National Science Agency
Interview Results
14 |
Overall feedback: 5/6 positive, 1/6 neutral
Usefulness
+ Guided tour for pattern investigation
+ Graphical illustrations bring
structure into the design process
+ Useful for understanding rationale of
design decisions, evaluation, &
documentation
- Not novice friendly
- Difficult to compare against a single
NFP
Completeness
+ Focus on application design
- Missing patterns
• Deployment, Configuration,
Governance, Legal concerns
Improvement
• Automated design tool
• Real-world case studies
Australia's National Science Agency
Summary
15 |
• Contribution
• Decision models that assist developers &
architects in selecting patterns for
blockchain-based applications
• Future work
• On-line decision tool
• Collect feedback through pattern website
to improve decision models iteratively
https://research.csiro.au/blockchainpatterns/
Australia's National Science Agency
Australia’s National Science Agency
Dilum.Bandara
@ieee.org
linkedin.com/in/dilumb/
1 of 16

Recommended

Smart Contract Security Testing by
Smart Contract Security TestingSmart Contract Security Testing
Smart Contract Security TestingDilum Bandara
672 views21 slides
01 - Introduction to Distributed Systems by
01 - Introduction to Distributed Systems01 - Introduction to Distributed Systems
01 - Introduction to Distributed SystemsDilum Bandara
1.2K views35 slides
PUBLIC AUDITING FOR SECURE CLOUD STORAGE ... by
PUBLIC AUDITING 	             FOR SECURE CLOUD STORAGE                       ...PUBLIC AUDITING 	             FOR SECURE CLOUD STORAGE                       ...
PUBLIC AUDITING FOR SECURE CLOUD STORAGE ...Bharath Nair
1.6K views42 slides
Privacy Preserving Public Auditing for Data Storage Security in Cloud by
Privacy Preserving Public Auditing for Data Storage Security in Cloud Privacy Preserving Public Auditing for Data Storage Security in Cloud
Privacy Preserving Public Auditing for Data Storage Security in Cloud Girish Chandra
22.2K views105 slides
Privacy preserving public auditing for secure cloud storage by
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storageMustaq Syed
1.9K views17 slides
Privacy preserving public auditing for regenerating code based cloud storage by
Privacy preserving public auditing for regenerating code based cloud storagePrivacy preserving public auditing for regenerating code based cloud storage
Privacy preserving public auditing for regenerating code based cloud storagekitechsolutions
810 views5 slides

More Related Content

What's hot

Privacy preserving public auditing for secure cloud storage by
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storageShakas Technologies
682 views8 slides
Privacy preserving public auditing for regenerating-code-based cloud storage by
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storageparry prabhu
1.9K views1 slide
Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co... by
Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co...Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co...
Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co...Migrant Systems
1.7K views11 slides
Security Check in Cloud Computing through Third Party Auditor by
Security Check in Cloud Computing through Third Party AuditorSecurity Check in Cloud Computing through Third Party Auditor
Security Check in Cloud Computing through Third Party Auditorijsrd.com
211 views3 slides
cloud computing preservity by
cloud computing preservitycloud computing preservity
cloud computing preservitychennuruvishnu
4.8K views22 slides
Access Control for Linked Data: Past, Present and Future by
Access Control for Linked Data: Past, Present and FutureAccess Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureSabrina Kirrane
2.6K views42 slides

What's hot(20)

Privacy preserving public auditing for secure cloud storage by Shakas Technologies
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage by parry prabhu
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
parry prabhu1.9K views
Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co... by Migrant Systems
Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co...Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co...
Shared Authority Based Privacy-preserving Authentication Protocol in Cloud Co...
Migrant Systems 1.7K views
Security Check in Cloud Computing through Third Party Auditor by ijsrd.com
Security Check in Cloud Computing through Third Party AuditorSecurity Check in Cloud Computing through Third Party Auditor
Security Check in Cloud Computing through Third Party Auditor
ijsrd.com211 views
cloud computing preservity by chennuruvishnu
cloud computing preservitycloud computing preservity
cloud computing preservity
chennuruvishnu4.8K views
Access Control for Linked Data: Past, Present and Future by Sabrina Kirrane
Access Control for Linked Data: Past, Present and FutureAccess Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and Future
Sabrina Kirrane2.6K views
Privacy preserving public auditing for regenerating-code-based cloud storage by LeMeniz Infotech
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
LeMeniz Infotech883 views
Privacy preserving public auditing by vmshimavm
Privacy preserving public auditingPrivacy preserving public auditing
Privacy preserving public auditing
vmshimavm639 views
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING by Kayalvizhi Selvaraj
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGESECURITY IN CLOUD COMPUTINGPRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGESECURITY IN CLOUD COMPUTING
PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING
Kayalvizhi Selvaraj7.3K views
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt by Girish Chandra
Privacy Preserving Public Auditing for Data Storage Security in Cloud.pptPrivacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Privacy Preserving Public Auditing for Data Storage Security in Cloud.ppt
Girish Chandra19.4K views
Oruta privacy preserving public auditing for shared data in the cloud by Nexgen Technology
Oruta privacy preserving public auditing for shared data in the cloudOruta privacy preserving public auditing for shared data in the cloud
Oruta privacy preserving public auditing for shared data in the cloud
Nexgen Technology 7.3K views
Oruta privacy preserving public auditing for shared data in the cloud by Adz91 Digital Ads Pvt Ltd
Oruta privacy preserving public auditing for shared data in the cloud Oruta privacy preserving public auditing for shared data in the cloud
Oruta privacy preserving public auditing for shared data in the cloud
Privacy preserving public auditing for secure cloud storage by IEEEFINALYEARPROJECTS
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storage
Attributes based encryption with verifiable outsourced decryption by KaashivInfoTech Company
Attributes based encryption with verifiable outsourced decryptionAttributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryption
a novel approach for data uploading by IJAEMSJORNAL
a novel approach for data uploadinga novel approach for data uploading
a novel approach for data uploading
IJAEMSJORNAL15 views
Content-Centric Networking (CCN) by Dilum Bandara
Content-Centric Networking (CCN)Content-Centric Networking (CCN)
Content-Centric Networking (CCN)
Dilum Bandara973 views
Authentication on Cloud using Attribute Based Encryption by Ankit Raj
Authentication on Cloud using Attribute Based EncryptionAuthentication on Cloud using Attribute Based Encryption
Authentication on Cloud using Attribute Based Encryption
Ankit Raj758 views

Similar to A Decision Model for Choosing Patterns in Blockchain-based Applications

BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha... by
BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha...BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha...
BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha...Big Data Value Association
884 views56 slides
Blockchain testing strategy by
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategyrajni singh
980 views18 slides
IRJET- Credible Data through Distributed Ledger Technology by
IRJET-  	  Credible Data through Distributed Ledger TechnologyIRJET-  	  Credible Data through Distributed Ledger Technology
IRJET- Credible Data through Distributed Ledger TechnologyIRJET Journal
37 views5 slides
Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag... by
Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag...Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag...
Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag...Dilum Bandara
230 views19 slides
BlockChain-1.pptx by
BlockChain-1.pptxBlockChain-1.pptx
BlockChain-1.pptxHussainPashaShaik1
11 views43 slides
DECENTRALIZED ECONOMIC SYSTEMS by
 DECENTRALIZED ECONOMIC SYSTEMS DECENTRALIZED ECONOMIC SYSTEMS
DECENTRALIZED ECONOMIC SYSTEMSBlockScience
3.2K views32 slides

Similar to A Decision Model for Choosing Patterns in Blockchain-based Applications(20)

BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha... by Big Data Value Association
BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha...BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha...
BDVe Webinar Series - Ocean Protocol – Why you need to care about how you sha...
Blockchain testing strategy by rajni singh
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategy
rajni singh980 views
IRJET- Credible Data through Distributed Ledger Technology by IRJET Journal
IRJET-  	  Credible Data through Distributed Ledger TechnologyIRJET-  	  Credible Data through Distributed Ledger Technology
IRJET- Credible Data through Distributed Ledger Technology
IRJET Journal37 views
Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag... by Dilum Bandara
Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag...Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag...
Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Ag...
Dilum Bandara230 views
DECENTRALIZED ECONOMIC SYSTEMS by BlockScience
 DECENTRALIZED ECONOMIC SYSTEMS DECENTRALIZED ECONOMIC SYSTEMS
DECENTRALIZED ECONOMIC SYSTEMS
BlockScience3.2K views
The Blockchain as a Software Connector by Cesare Pautasso
The Blockchain as a Software ConnectorThe Blockchain as a Software Connector
The Blockchain as a Software Connector
Cesare Pautasso6.5K views
AWS re:Invent 2016: Blockchain on AWS: Disrupting the Norm (GPST301) by Amazon Web Services
AWS re:Invent 2016: Blockchain on AWS: Disrupting the Norm (GPST301)AWS re:Invent 2016: Blockchain on AWS: Disrupting the Norm (GPST301)
AWS re:Invent 2016: Blockchain on AWS: Disrupting the Norm (GPST301)
Amazon Web Services17.8K views
Blockchain and BPM - Reflections on Four Years of Research and Applications by Ingo Weber
Blockchain and BPM - Reflections on Four Years of Research and ApplicationsBlockchain and BPM - Reflections on Four Years of Research and Applications
Blockchain and BPM - Reflections on Four Years of Research and Applications
Ingo Weber1.4K views
Blockchain for Digital Transformation in Banking by Floyd DCosta
Blockchain for Digital Transformation in Banking Blockchain for Digital Transformation in Banking
Blockchain for Digital Transformation in Banking
Floyd DCosta1.1K views
Introduction to Blockchain Governance Models by Gokul Alex
Introduction to Blockchain Governance ModelsIntroduction to Blockchain Governance Models
Introduction to Blockchain Governance Models
Gokul Alex220 views
Introducing new Proof-of-Stake based networks - Why your network participatio... by Michael Ng
Introducing new Proof-of-Stake based networks - Why your network participatio...Introducing new Proof-of-Stake based networks - Why your network participatio...
Introducing new Proof-of-Stake based networks - Why your network participatio...
Michael Ng743 views
Block-Chain Oriented Software Testing Approach by IRJET Journal
Block-Chain Oriented Software Testing ApproachBlock-Chain Oriented Software Testing Approach
Block-Chain Oriented Software Testing Approach
IRJET Journal52 views
The Microsoft vision for Blockchain by ASPEX_BE
The Microsoft vision for BlockchainThe Microsoft vision for Blockchain
The Microsoft vision for Blockchain
ASPEX_BE940 views
Advanced Blockchain Strategies by SEOExp
Advanced Blockchain StrategiesAdvanced Blockchain Strategies
Advanced Blockchain Strategies
SEOExp3 views
Blockchain: No Thunder No Wonder by Ali Al-Sherbaz
Blockchain: No Thunder No Wonder  Blockchain: No Thunder No Wonder
Blockchain: No Thunder No Wonder
Ali Al-Sherbaz1K views
Meeting of the Blockchain Community and discussion about the cryptocurrency b... by recheck
Meeting of the Blockchain Community and discussion about the cryptocurrency b...Meeting of the Blockchain Community and discussion about the cryptocurrency b...
Meeting of the Blockchain Community and discussion about the cryptocurrency b...
recheck124 views

More from Dilum Bandara

Smart Contract Testing by
Smart Contract TestingSmart Contract Testing
Smart Contract TestingDilum Bandara
363 views19 slides
What's not a cloud by
What's not a cloudWhat's not a cloud
What's not a cloudDilum Bandara
516 views7 slides
Blockchain - A Catalyst for Solving Age-old Distributed Systems Problems by
Blockchain - A Catalyst for Solving Age-old Distributed Systems ProblemsBlockchain - A Catalyst for Solving Age-old Distributed Systems Problems
Blockchain - A Catalyst for Solving Age-old Distributed Systems ProblemsDilum Bandara
224 views18 slides
Protocols for Fast Delivery of Large Data Volumes by
Protocols for Fast Delivery of Large Data VolumesProtocols for Fast Delivery of Large Data Volumes
Protocols for Fast Delivery of Large Data VolumesDilum Bandara
208 views20 slides
Internet Architecture and Design Philosophy by
Internet Architecture and Design PhilosophyInternet Architecture and Design Philosophy
Internet Architecture and Design PhilosophyDilum Bandara
903 views26 slides
Cloud Computing by
Cloud ComputingCloud Computing
Cloud ComputingDilum Bandara
452 views34 slides

More from Dilum Bandara(20)

Blockchain - A Catalyst for Solving Age-old Distributed Systems Problems by Dilum Bandara
Blockchain - A Catalyst for Solving Age-old Distributed Systems ProblemsBlockchain - A Catalyst for Solving Age-old Distributed Systems Problems
Blockchain - A Catalyst for Solving Age-old Distributed Systems Problems
Dilum Bandara224 views
Protocols for Fast Delivery of Large Data Volumes by Dilum Bandara
Protocols for Fast Delivery of Large Data VolumesProtocols for Fast Delivery of Large Data Volumes
Protocols for Fast Delivery of Large Data Volumes
Dilum Bandara208 views
Internet Architecture and Design Philosophy by Dilum Bandara
Internet Architecture and Design PhilosophyInternet Architecture and Design Philosophy
Internet Architecture and Design Philosophy
Dilum Bandara903 views
Transactions and Concurrency Control by Dilum Bandara
Transactions and Concurrency ControlTransactions and Concurrency Control
Transactions and Concurrency Control
Dilum Bandara4.2K views
Physical and Logical Clocks by Dilum Bandara
Physical and Logical ClocksPhysical and Logical Clocks
Physical and Logical Clocks
Dilum Bandara9.6K views
Content Delivery Networks (CDN) by Dilum Bandara
Content Delivery Networks (CDN)Content Delivery Networks (CDN)
Content Delivery Networks (CDN)
Dilum Bandara3.1K views
Message and Stream Oriented Communication by Dilum Bandara
Message and Stream Oriented CommunicationMessage and Stream Oriented Communication
Message and Stream Oriented Communication
Dilum Bandara17.9K views
CAP Theorem and Split Brain Syndrome by Dilum Bandara
CAP Theorem and Split Brain SyndromeCAP Theorem and Split Brain Syndrome
CAP Theorem and Split Brain Syndrome
Dilum Bandara1.1K views
Communication in Distributed Systems by Dilum Bandara
Communication in Distributed SystemsCommunication in Distributed Systems
Communication in Distributed Systems
Dilum Bandara925 views
02 - Topologies of Distributed Systems by Dilum Bandara
02 - Topologies of Distributed Systems02 - Topologies of Distributed Systems
02 - Topologies of Distributed Systems
Dilum Bandara3.1K views
Use of Technology in Toll Collection & Management by Dilum Bandara
Use of Technology in Toll Collection & ManagementUse of Technology in Toll Collection & Management
Use of Technology in Toll Collection & Management
Dilum Bandara578 views
Big data, Security, or Privacy in IoT: Choice is Yours by Dilum Bandara
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is Yours
Dilum Bandara276 views
OWASP Top 10 2017 - New Vulnerabilities by Dilum Bandara
OWASP Top 10 2017 - New VulnerabilitiesOWASP Top 10 2017 - New Vulnerabilities
OWASP Top 10 2017 - New Vulnerabilities
Dilum Bandara243 views
Acceptable Use Policy Making by Dilum Bandara
Acceptable Use Policy MakingAcceptable Use Policy Making
Acceptable Use Policy Making
Dilum Bandara61 views
Acceptable Use Policy Making by Dilum Bandara
Acceptable Use Policy MakingAcceptable Use Policy Making
Acceptable Use Policy Making
Dilum Bandara59 views
10 key elements of a research paper - A writers perspective by Dilum Bandara
10 key elements of a research paper - A writers perspective10 key elements of a research paper - A writers perspective
10 key elements of a research paper - A writers perspective
Dilum Bandara310 views

Recently uploaded

360 graden fabriek by
360 graden fabriek360 graden fabriek
360 graden fabriekinfo33492
122 views25 slides
Agile 101 by
Agile 101Agile 101
Agile 101John Valentino
9 views20 slides
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h... by
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...Deltares
9 views31 slides
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated... by
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...TomHalpin9
6 views29 slides
Headless JS UG Presentation.pptx by
Headless JS UG Presentation.pptxHeadless JS UG Presentation.pptx
Headless JS UG Presentation.pptxJack Spektor
8 views24 slides
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx by
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptxanimuscrm
15 views19 slides

Recently uploaded(20)

360 graden fabriek by info33492
360 graden fabriek360 graden fabriek
360 graden fabriek
info33492122 views
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h... by Deltares
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
Deltares9 views
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated... by TomHalpin9
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
TomHalpin96 views
Headless JS UG Presentation.pptx by Jack Spektor
Headless JS UG Presentation.pptxHeadless JS UG Presentation.pptx
Headless JS UG Presentation.pptx
Jack Spektor8 views
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx by animuscrm
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
animuscrm15 views
Gen Apps on Google Cloud PaLM2 and Codey APIs in Action by Márton Kodok
Gen Apps on Google Cloud PaLM2 and Codey APIs in ActionGen Apps on Google Cloud PaLM2 and Codey APIs in Action
Gen Apps on Google Cloud PaLM2 and Codey APIs in Action
Márton Kodok6 views
Software evolution understanding: Automatic extraction of software identifier... by Ra'Fat Al-Msie'deen
Software evolution understanding: Automatic extraction of software identifier...Software evolution understanding: Automatic extraction of software identifier...
Software evolution understanding: Automatic extraction of software identifier...
Fleet Management Software in India by Fleetable
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India
Fleetable11 views
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko... by Deltares
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
Deltares14 views
Advanced API Mocking Techniques by Dimpy Adhikary
Advanced API Mocking TechniquesAdvanced API Mocking Techniques
Advanced API Mocking Techniques
Dimpy Adhikary19 views
DSD-INT 2023 Process-based modelling of salt marsh development coupling Delft... by Deltares
DSD-INT 2023 Process-based modelling of salt marsh development coupling Delft...DSD-INT 2023 Process-based modelling of salt marsh development coupling Delft...
DSD-INT 2023 Process-based modelling of salt marsh development coupling Delft...
Deltares7 views
BushraDBR: An Automatic Approach to Retrieving Duplicate Bug Reports by Ra'Fat Al-Msie'deen
BushraDBR: An Automatic Approach to Retrieving Duplicate Bug ReportsBushraDBR: An Automatic Approach to Retrieving Duplicate Bug Reports
BushraDBR: An Automatic Approach to Retrieving Duplicate Bug Reports

A Decision Model for Choosing Patterns in Blockchain-based Applications

  • 1. Australia’s National Science Agency A Decision Model for Choosing Patterns in Blockchain-based Applications CSIRO Data61 Xiwei Xu, Dilum Bandara, Qinghua Lu, Ingo Weber, Len Bass, and Liming Zhu 18th IEEE Int. Conf. on Software Architecture (ICSA 2021)
  • 2. Blockchain Patterns Data Management Patterns Data Migration Patterns Self-Sovereign Identity Patterns Smart Contract Patterns Security Patterns Interacting with External World Deployment Patterns Payment Patterns 2 | Australia's National Science Agency https://research.csiro.au/blockchainpatterns/
  • 3. • Selecting a collection of patterns is non-trivial • Distinct pattern collections • Lacks details on relationships among patterns • Fragmented trade-off analysis • Can a decision model guide the selection of blockchain patterns? • Assists developers & architects in selecting patterns for blockchain-based applications • Pattern’s quality trade-offs • Relationship among patterns Motivation 3 | EuroPLoP ’18, July 4–8, 2018, Irsee, Germany Xiwei Xu, Cesare Pautasso, Liming Zhu, Qinghua Lu, and Ingo Weber 2 PATTERN X: ORACLE Summary: Introduce the state of external systems into the closed blockchain execution environment through the oracle. Fig. 1 is a graphical representation of the pattern with the external oracle solution approach. Context: From the softwarearchitectureperspective, blockchain can beviewed asacomponent or connector within alarge software system. In the case the blockchain is used as a distributed database for moregeneral purposesother than nancial services, theapplica- tionsbuilt on blockchain might need to interact with other external systems. Thus, the validation of transactions on blockchain might depend on states of external systems. Problem: Theexecution environment of ablockchain isself-contained. It can only access information present in the data and transactions on the blockchain. Smart contracts running on blockchain are pure functions by design. The state of external systems are not directly accessible to smart contracts. Yet, function calls in smart contracts sometimes need to access state of the external world. How can function calls in smart contracts beenabled to access the state of the external world from within smart contracts? Forces: Theproblem requiresto balance the following forces: • Closed environment. Blockchain is a secure, self-contained environment, which isisolated from external systems. Smart contractson blockchain cannot read thestatesof theexternal systems. • Connectivity. In addition to thedatafound on theblockchain, general-purposeapplicationsmight requireinformation from external systems, for example, context information like geo- location information, or weather data from a Web API1. • Long-term availability and validity. While transactions on blockchain are immutable, the external state used to vali- date a transaction may change or even disappear after the transactions wereoriginally appended to the blockchain. Solution: Toconnect theclosedexecution environment of blockchain with the external world, a oracle is introduced to evaluate condi- tions that cannot be expressed in a smart contract running within the blockchain environment. A oracle is a trusted third party that provides thesmart contracts with information about the external world. When validation of a transaction depends on external state, the oracle is requested to check the external state and to provide the result to the validator (miner), which then takes the result pro- vided by the oracle into account when validating the transaction. The oracle can be implemented inside a blockchain network as a smart contract with external state being injected into the oracle periodically by an o -chain injector. Later, other smart contracts can access the data from the oracle smart contract. A oracle can be also implemented as a server outside the blockchain. Such an external oracle needs the permission to sign transactions using its own key pair on-demand. Extra mechanisms might be needed to improvetrustworthiness of the oracle, for example, a distributed oracle based on multiple servers and M-of-N multiple signature. Through using oracle, thevalidation of transactions isbased on the authentication of the oracle, rather than the external state. 1https://openweathermap.org/api On-chain Off-chain Blockchain Oracle Other components in system Oracle Injector Validation result Figure 1: Oracle Pattern Consequences: Bene ts: • Connectivity.Theclosedexecution environment of blockchain is ĂIJconnectedĂİ with external world through the oracle. The applications based on blockchain can access external states through the oracle and use the external states to vali- date transactions. Drawbacks: • Trust. Using oracle introduces a trusted third party into the system. Theoracle selected to verify theexternal stateneeds to be trusted by all the participants involved in relevant transactions. • Validity. The external states injected into the transactions can not be fully validated by miners. Thus, when miners validate the transaction including external state, they rely on the oracle to check the validity of the information from external world. Long-term availability and validity. It could happen that while transactions are immutable, the external stateused to validatethem may changeafter thetransactions wereoriginally appended to the blockchain. Related patterns: ReverseOracle(Section [Y]) Known uses: • Oracle in Bitcoin is an instance of this pattern 2. Oracle is a server outside the Bitcoin blockchain network, which can evaluate user-de ned expressions based on the external state. • Orisi3 on Bitcoin maintains a set of independent oracles. Orisi allowsthe participants involved in a transaction to se- lect aset of oraclesand de nethevalueof M beforeinitiating aconditional transaction. • Gnosis4 is a decentralized prediction market that allows users to choose any oracle they trust, such asanother user or a web service, e.g. , for weather forecasts. 2https://en.bitcoin.it/wiki/Contract#Example_4:_Using_external_state 3http://orisi.org/ 4https://gnosis.pm/ Australia's National Science Agency
  • 4. 4 | Blockchain-Based Application Design Australia's National Science Agency
  • 5. 5 | Approach Create Decision Models • 5 design aspects • Identified selection paths based on related patterns • Derived quality impacts & trade-offs from forces & consequences Evaluate • Correctness, completeness, & usefulness • Interviewed 6 domain experts • 3 from industry • 3 from academia • 2-5 years experience in multiple projects Refine Models • More precise explanations of quality trade-offs • Included/excluded a few patterns • Improved definition of graphical notation Australia's National Science Agency
  • 6. 6 | Decision Model Notation Australia's National Science Agency
  • 7. 7 | Data Management – On-chain • Main quality measures • Integrity • Consistency • Transparency • Performance • Cost efficiency Australia's National Science Agency
  • 8. 8 | Performance • Main quality measures • Integrity • Transparency • Performance • Cost efficiency Australia's National Science Agency
  • 9. 9 | Data Management – Off-chain • Main quality measures • Privacy • Flexibility Australia's National Science Agency
  • 10. 10 | Security – Authentication • Main quality measures • Integrity • Transparency • Upgradability • Interoperability • Privacy • Recoverability Australia's National Science Agency
  • 11. 11 | Security – Authorization • Main quality measures • Security • Flexibility • Lost key tolerance • Interoperability Australia's National Science Agency
  • 12. 12 | Oracle • Main quality measures • Performance • Availability • Data credibility • Cost efficiency • Transparency Australia's National Science Agency
  • 13. 13 | Smart Contract • Main quality measures • Performance • Security • Cost efficiency • Modifiability • Consistency Australia's National Science Agency
  • 14. Interview Results 14 | Overall feedback: 5/6 positive, 1/6 neutral Usefulness + Guided tour for pattern investigation + Graphical illustrations bring structure into the design process + Useful for understanding rationale of design decisions, evaluation, & documentation - Not novice friendly - Difficult to compare against a single NFP Completeness + Focus on application design - Missing patterns • Deployment, Configuration, Governance, Legal concerns Improvement • Automated design tool • Real-world case studies Australia's National Science Agency
  • 15. Summary 15 | • Contribution • Decision models that assist developers & architects in selecting patterns for blockchain-based applications • Future work • On-line decision tool • Collect feedback through pattern website to improve decision models iteratively https://research.csiro.au/blockchainpatterns/ Australia's National Science Agency
  • 16. Australia’s National Science Agency Dilum.Bandara @ieee.org linkedin.com/in/dilumb/

Editor's Notes

  1. Recurring solutions to commonly occurring problems Many blockchain pattern collections are proposed by academia and industry Happy because there’s a patter for everything. Your life is easy as you don’t need to recreate solutions to common problems Soon you will realise the reality of having to play with too many pattern where it’s difficult to identify a set of patterns that can work together
  2. How can developers & architects navigate from pattern to pattern until a suitable combination of patterns that can meet the design goals is found
  3. Decision models are created to map elements in the problem space to the elements in the solution space. We were also able to see new relationships as we had a holistic view Where details were unavailable, we had to add our judgement and experience
  4. High-level design goal – mostly influenced by a business goal/objective Inclusive gateway – 1 or more paths Exclusive gateway – only one of the paths Parallel gateway – all paths NFPs relevant for a specific context may be missing
  5. Ensure critical patterns aren’t missed Enhances value by making the relationship among patterns explicit Subjective bias Interview participants are from industry and academia All experienced blockchain practitioners or active researchers Reproducibility Applied our expert knowledge to identify new relationships and selection paths Necessary trade-off to bring structure into decision model