Promise: A Startup Based on an Anonymous Paper Plans to Replace ACH

shutterstock_168102818-e1540920237208
31 October 2018

“It appears to be a replacement for the entire ACH system of banking.”

Taariq Lewis, the founder of multiple blockchain startups and the SF Cryptocurrency Devs engineers meetup, sent that note with an attached white paper to CoinDesk in early August.

“It’s really strange,” he said. “We received a copy of the white paper attached, anonymously. We’re not sure who wrote it, but it looks interesting.”

The U.S.’s Automated Clearing House (ACH) network has been in the cryptocurrency and blockchain industry’s sights for years. The system handles large batches of credit and debit payments for consumers, governments and businesses – around $47 trillion worth in 2017 – so replacing it would be no small feat.

But according to Lewis, this white paper – titled “Promise: A Decentralized, Peer-to-Peer, Proxy Repayment Protocol,” dated August 7 and written by a so-called Yoshiro Shinji – appears to have figured it out.

That Yoshiro’s proposed protocol is called Promise seems like an incredible coincidence, since Lewis had told CoinDesk on August 6 – the day before the paper’s listed publication date – that a startup he’d been building in stealth mode for months, Lyra Protocols, was now called Promise.

Perhaps even more of a coincidence, Lewis was routinely aware of the details of CoinDesk’s conversations with this Yoshiro Shinji, referencing answers Yoshiro had given to CoinDesk’s questions.

Still, Lewis, founder and CEO of Promise, contends he and his colleagues – Alan Szepieniec, a researcher at the Catholic University of Leuven and Promise’s chief scientist and cryptographer, and Giuseppe Ateniese, a professor of cryptography at the Stevens Institute of Technology and an adviser to Promise – were not the ones that wrote the white paper.

Yoshiro Shinji, he said, is a pseudonym for a group of people who are “really are passionate about cryptography.”

If something about this storyline seems familiar, consider that Szepieniec, Lewis and Ateniese have decided to reveal Promise’s master plan to supplant ACH on October 31, the 10th anniversary of the bitcoin white paper’s release.

In a follow-up paper published today, titled “Stronger Promises,” the three authors (whom this paper lists by name) expand on Yoshiro’s proposal for a blockchain employing “proxy re-signing.” This cryptographic technique, first developed in the 1990s at AT&T Labs, is what the Promise team argues will bring the payment capabilities offered by ACH to the blockchain.

But the new paper also adds features intended to make the chain appealing to businesses in the long term: privacy and quantum resistance.

And with that, according to Lewis:

“This is a business chain that’s going to last another 100 years.”

Once it launches, that is, which the team tentatively expects to happen in late 2019 or early 2020.

Beyond Alice and Bob

A great deal of ink has been spilled regarding blockchains’ ability to replace traditional financial infrastructure.

But according to Yoshiro’s white paper, “cryptographic peer-to-peer digital payment systems cannot yet fully emulate the automated payment flows common to the third-party payment processor systems used in current electronic banking transactions.”

Take bitcoin, for example. By design, all payments using the original blockchain are “push” payments authorized by the payer. To use cryptography’s stock characters – Alice signs a transaction, sending some bitcoin to Bob.

And that is fine for some use cases, but it makes automated payments of any kind a pain.

To pay suppliers or employees in bitcoin, businesses would have to initiate all of those transactions manually, even if they are predictable and recurring. Using bitcoin’s rudimentary scripting language, they could schedule a payment for later, but only by locking coins up in advance.

According to Lewis, Promise’s proxy re-signing technique will allow businesses to outsource such payments to third parties, as they often do in the fiat world using third-party payment processors.

So Alice gives Dan permission to make a payment to Bob every other week on Alice’s behalf, using a signature that appears to come from Alice. “We are aiming to enable payment ‘pull,'” Yoshiro told CoinDesk, “without payment channel commitments, via cryptographic primitives.”

As a result, Alice saves time and money, and Bob doesn’t have to frequently remind Alice to pay him.

While smart contract platforms such as ethereum have moved past the basic functionality of bitcoin, Lewis said that making proxy payments using these systems presents an obviously unacceptable security issue.

“I would literally need to write that private key into the smart contract and then the smart contract would run that transaction with my private key into the payment that you had directed,” he told CoinDesk, adding:

“So yes, you can do this with smart contracts, but then you have to expose the private key in the software for that to run.”

Meanwhile, the other option current blockchain systems provide – locking tokens up for future payments – appears to ignore the realities of financing a business. Firms rarely sit on hoards of cash sufficient to meet their accounts payable months or years in advance. Instead, many firms fund obligations such as payroll using short-term commercial paper and depend on cash flows to keep up with these payments.

In contrast, with Promise, “we can really have authorized, unsecured lending on-chain, something that was previously impossible,” Lewis said.

Proxy re-signing, he added, might be a “small piece of innovation,” but it’s “mind-blowing” because of the capabilities it brings to the world of public blockchains.

The pledges

The Promise data structure that allows Alice to outsource her payment authorization to Dan is called a “pledge” – a sort of smart contract proposed by Yoshiro that governs the way Alice, Bob and Dan’s public and private keys interact.

But according to Lewis, the original design was “unnecessarily complex,” not to mention a bit clunky.

For one, Yoshiro’s design used a privacy-enhancing technology called ring signatures. Lewis likened that technology to a Trabant, an East German car model that’s mentioned, if ever, as one of the worst cars ever built.

The Promise startup’s white paper, on the other hand, uses techniques Lewis likens to a McLaren, a British luxury sports car. These are mainly inspired by Mimblewimble, a project developed with the aim of improving bitcoin’s privacy protections.

Privacy was one of the main improvements the “Stronger Promises” authors aimed to make to the Promise protocol, said Lewis, who pointed out that none of the current privacy-oriented coins focus on “legitimate business,” instead focusing on “high-risk behaviors.”

The other major improvement that the startup aimed for was quantum resistance.

While many think the introduction of powerful quantum computers is still far in the future, they certainly pose a serious threat to the signature schemes that underpin most cryptocurrencies, including bitcoin and ethereum. For instance, some think that these computers will be able to derive cryptocurrency private keys from their corresponding public keys fairly easily, allowing someone with access to such a computer to spend anyone else’s coins.

“If you’re building a chain or if you’re innovating on a chain state, in 10, 20 years you will be innovating on a post-quantum chain,” Lewis told CoinDesk. “It’s not even a question of if, it’s simply a question of how many years.”

But to accomplish quantum-resistant privacy, the Promise team needed to create massive signatures. According to Lewis, that means the Promise block size will be perhaps 50 megabytes (bitcoin maintained a controversial 1 megabyte block size limit for a long time) – and that’s “just to get started on testnet.”

Referencing the fiery debate that eventually led to the bitcoin cash split, Lewis, who’s an active member of the bitcoin cash community, said:

“We’ve been arguing about blockchain sizes since 2014. In a post-quantum world, this is not even a debate.”

Sticking with openness

These aren’t the only ways that Promise stands out, though.

The startup has also made a commitment to building an open, public blockchain network secured by proof-of-work – in other words, miners – a decision that deviates from most blockchain projects focused on enterprise adoption.

Among those designing blockchains primarily for commercial use, there is a broad distrust of open, public networks, which can – and do – attract participants that reputable firms don’t want to do business with.

Proof-of-work blockchains, in particular, tend to receive a frosty reception from businesses, due to their openness – anyone with the capital and know-how can validate the chain, not just permissioned nodes – as well as their questionable environmental credentials.

The rationale for Promise creating a public blockchain, Lewis said, is to allow users to build an online credit reputation and control access to their payment history (the Equifax data breach has focused attention on the ills of centralized credit scoring).

“Public blockchain also means more competition for financial services,” he added, saying that technology leads to lower prices (though bitcoin transaction fees have occasionally spiked).

As for mining, Lewis acknowledged the environmental effects and said Promise would encourage “green mining.” But he called proof of work “a critical and important aspect to blockchain technology,” since it provides “economic incentives to those with electricity to secure the network.”

Case in point, prior to emerging from stealth as Promise, the startup – then called Lyra Protocols – partnered with Obelisk, a manufacturer of specialized mining hardware, to develop mining equipment specifically for its blockchain. That equipment was meant to be released to community members at the same time as the protocol’s (secret) hash algorithm became public.

The intention was to prevent a large mining hardware manufacturer like Bitmain from dominating the network early on, instead giving a head start to members of the community. Obelisk, though, has since failed to deliver other batches of miners on time.

Still, Lewis said Promise continues to work with Obelisk. But he added, “we’re really impressed that other people and other teams are coming to offer us their services as well.”

He declined to name other providers that Promise is working with but emphasized that specialized miners would ship before the launch of the protocol itself. 

And, in a final contrast to other recent blockchain projects, the Promise blockchain will launch with zero promise tokens in existence. The first 840 tokens will come into being when the genesis block is mined.

In one of the few comments Yoshiro gave directly to CoinDesk, they said:

“No premine. We are going back to mining and proof of work.”

Bridge locks image via Shutterstock