Introducing EOSIO 2: Enhancing Performance, Improving Security, and New Developer Tools
October 16th, 2019
EOSIO 2 was built with developers in mind. Our focus: make it faster, simpler, and more secure to build on EOSIO.
We believe the single biggest bottleneck for blockchain development is the speed in which they can execute smart contracts.
EOSIO was the first blockchain software to use a WebAssembly (WASM) engine to improve performance, but in time, we outgrew existing general-purpose WASM engines and knew we could do more.
Our solution: build our own, designed from the ground up with blockchain in mind. EOS VM, our purpose-built blockchain WASM engine, runs the EOS Mechanics WASM CPU benchmarks up to 16x faster than Binary, which was released with EOSIO 1.0.
Next, we wanted to solve the barrier to entry for new developers — those heading to an #eosiohackathon or building on EOSIO for the first time. Typically, setting up a blockchain development environment is a multi-step process that can take hours, even days, to complete. That’s why we’re building the EOSIO Quickstart Web IDE, a development tool that allows new developers to go from start to ready-to-build in minutes.
Finally, for any developer, one of the critical pain points to onboarding new users to blockchain applications in safeguarding private and public keys, and the security risks created if done incorrectly. With this release of WebAuthn support for EOSIO, developers can begin testing transaction signing with WebAuthn in their EOSIO applications, providing a level of security for private keys that don’t exist in blockchain today.
Continue reading for further explanation of the four major components included in the EOSIO 2.0 Release Candidate:
- EOS VM: A high-performance WebAssembly (WASM) engine specialized for blockchain applications that facilitates more efficient use of system resources when processing smart contracts and substantial performance gains.
- EOSIO Quickstart Web IDE: A powerful, new, self-contained, web-based integrated development environment for building EOSIO smart contracts and associated web applications. It can be set up in minutes, run in any browser, and helps lower the barrier to entry for new EOSIO blockchain developers.
- WebAuthn Support: A widely accepted secure authentication standard that enables transaction signing without browser extensions or additional software.
- Weighted Threshold Multi-Signature Block Production Support: A secure way for block producers to use different keys to sign blocks on primary and backup block production hardware.
We have developed a new purpose-built WebAssembly (WASM) engine, called EOS VM, to meet the growing demands of secure deterministic execution on EOSIO blockchains. Although well-suited to their purposes, Binaryen and WABT interpreters have issues with unbounded memory allocation, protracted loading time, and stack overflows, and they lack a sandbox on runtimes. Combined, these issues curb overall performance and reliability.
As an initial WASM solution, the Binaryen interpreter was released in June 2018 with EOSIO 1.0, and it was replaced in September that year with EOSIO 1.3’s support for WABT, offering a 2x performance gain. With EOSIO 2, we’re releasing a new WASM engine called EOS VM, comprised of three components, each with its own features and offering specific performance enhancements.
A Trio of Powerful Components for Blockchain WebAssembly Execution
The EOS VM Interpreter is a WebAssembly interpreter providing extremely fast parsing/loading, and deterministic and efficient time-bound execution. Designing the interpreter from the ground up has enabled us to make room for future debugging support for smart contracts.
The EOS VM Just In Time (JIT) compiler is a WebAssembly compiler that takes WASM and generates native code on the fly. This architecture enables very fast execution of WASM smart contracts and provides significant performance benefits over interpreters like WABT, Binaryen, and the EOS VM Interpreter. The sheer speed of this JIT solution allows us to use it on the blockchain without the long block compiling times of other solutions.
The EOS VM Optimized Compiler is the third component of EOS VM and it uses a specialized compiler framework (LLVM) that leverages a multipass compilation architecture. The resulting native code from the Optimized Compiler is often an order of magnitude faster than the same code executed within WABT, Binaryen, EOS VM Interpreter, and EOS VM JIT. Most importantly, it is even faster than the existing WAVM engine, but unlike WAVM it can be used safely on the blockchain utilizing our tier-up design.
Extremely Fast Execution
Our benchmark for the different components produced the following performance enhancements in our test environments:
The above performance benchmarks show the relative strengths of various EOS VM components. EOSIO 2 features EOS VM JIT as the front line compiler for most smart contract execution, while the EOS VM Optimized Compiler attempts to compile the same smart contract in the background and deploy it for extremely fast subsequent execution on the chain. This tier-up architecture enables EOSIO 2 to leverage both fast startup and optimized compilation of smart contract code.
EOS VM and its components are also highly customizable, so developers can implement its various facets in a specific manner suited to their desired functionality. Learn more by referring to the EOS VM repository on GitHub.
Significant Improvements to Network Code
We have added multi-threading support to net_plugin. Almost all the processing in the net_plugin, including block propagation, transaction processing, block/transaction packing/unpacking, and other processes are now handled by separate threads that are distinct from the main application thread. By isolating these processes we have seen significant improvements in transaction processing and block processing performance on multi-producer EOSIO networks. More details are available in the EOSIO 2.0.0-rc1 release notes.
EOSIO Quickstart Web IDE
Enhancements in EOSIO 2 were made with developers in mind, and this new tool will make it much easier to get started, share, and collaborate on EOSIO projects.
Setting up a development environment for EOSIO currently entails a multi-step process, run locally on the developer’s computer, that may be quite complicated for those who are just onboarding. Now in the alpha support stage, the EOSIO Quickstart Web IDE intends to remove barriers to entry for developers. Run in the cloud, it enables new developers to set up a smart contract and web app development environment along with a fully integrated single-node personal testnet, so they can go from getting started to building in minutes.
The EOSIO Quickstart Web IDE makes EOSIO more accessible to new blockchain developers, simplifying the process and making it quick and easy to start learning EOSIO development. Developers can begin with demo applications, seamlessly make changes, and see updates in real-time, as well as commit code to git repositories right from the browser.
We look forward to receiving feedback from the community as new developers start building with the EOSIO Quickstart Web IDE.
WebAuthn Support for EOSIO
WebAuthn is a standard for strong user authentication collaborated on by the World Wide Web Consortium (W3C), the Fast Identity Online (FIDO) Alliance, with help from Google, Mozilla, Microsoft, Yubico, and others. WebAuthn allows you to use a hardware device for authenticating and signing transactions in a browser without extensions or other software installed on your device.
WebAuthn creates cryptographic key pairs on devices like a YubiKey and shares only the public key with a remote server over a secure and authenticated channel. By managing authentication credentials entirely within hardware devices, WebAuthn has been shown to essentially mitigate entire classes of attacks such as phishing. Since the hardware device is essential, and passwords are not stored on a central server, implementing WebAuthn-based authentication can even help prevent high-profile data breaches where passwords are stolen.
With this release of WebAuthn support for EOSIO, developers can begin testing transaction signing with WebAuthn in their EOSIO applications. EOSIO support for WebAuthn is a step towards secure and seamless transaction signing without needing to keep track of private keys or other account information. We are continuing to investigate mechanisms to support both community-facing and enterprise-level participants who wish to adapt their applications for WebAuthn integration, and we encourage application developers to join the first wave of early adopters testing the private applications of this technology.
Weighted Threshold Multi-Signature Block Production
Block producers must be able to provide high availability for their core service of running the blockchain. A common approach to achieve this is redundant infrastructure that efficiently maintains block production in the event of a hardware malfunction or networking issues. Weighted Threshold Multi-Signature Block Production is the first of many features that seek to provide block producers with a complete, high-availability solution.
Current consensus rules require exactly one cryptographic block signing key per block producer. This key, whether stored on disk and loaded via software or protected with a hardware wallet, represents a single point of failure for the operations of a block producer. If that key is lost or access to the hardware module that contains it is temporarily unavailable, the block producer has no choice but to drop blocks, impacting the whole network’s throughput.
To improve the security and scalability of block production, weighted threshold multi-signature block support provides a permission layer that allows for multiple block signing keys in a flexible scheme that will enable redundant block signing infrastructure to exist without sharing any sensitive data. Read more about weighted threshold multi-signature block production on GitHub.
We continue to regularly iterate new features into the EOSIO software suite to provide developers access to higher-performing software enhancements, a secure means of transaction signing, and robust authentication protocols. Community participation is encouraged, as feedback provides insight into the specific needs of developers. If you would like to offer feedback on the release candidate of EOSIO 2 and work more closely with our team to improve EOSIO for developers, you can contact our developer relations team at firstname.lastname@example.org.
To keep up-to-date with future announcements, you can also subscribe to our mailing list on the EOSIO website. We are excited to be regularly improving the usability of the software for EOSIO developers as we continue to lay a foundation for the mass adoption of blockchain technology.