The internet has evolved significantly since its inception, spawning the creation of global protocols, frameworks, and new classifications of developers. This has resulted in centralization difficulties, unnecessary complexities, and diminished quality standards loaded with vulnerabilities. The Nexus Tritium, Amine, and Obsidian (TAO) Framework will uproot these historic flaws by recomposing digital relationships. This article provides an overview of the TAO Framework, recent Application Programming Interface (API) improvements, and associated benefits.
As a new era emerges, many platforms are driving excessive emphasis on blockchain. It is often described as an exclusive magical technology, motivated primarily by value speculation. This dilemma is similar to the internet’s, causing decelerated adoption and crippling costs while enabling proprietary industries to exploit deficiencies (i.e. Hardware Wallets, Patented Products, etc.).
Nexus views the blockchain as a foundational element of a larger framework. The TAO Framework, named after the three phases of deployment, utilizes a seven-layered software stack powering a register-based process virtual machine. It is designed to deliver a diverse range of outcomes simplistically and effectively. The stack layers and descriptions are reflected below with the “Ledger” being the Three Dimensional Chain (3DC).
Inspired by the Open Systems Interconnect (OSI) model, the design provides a scalable foundation with provable security properties. It abstracts the developer away from the blockchain, being valuable as a development framework even for conventional applications (Apps).
Lower Level Library (LLL)
The Lower Level Library (LLL) is the foundation for the framework and interwoven throughout each layer to improve performance, extensibility, and reliability. Architecturally, it is an interchangeable construct requiring development of templates and modules for specific functions. The LLL-TAO or TAO Framework is a series of LLL templates and data models accessible through a JSON-based API, allowing any type of developer to improve their application’s security, scalability, and robustness.
The LLL contains three main components: Cryptography (LLC), Database (LLD), and Protocol (LLP). There are several representations of LLD in the stack; Ledger, Register, Operations, and API. The LLC is primarily applied at the Ledger layer although it can be implemented elsewhere. As a component of the Network Layer, the LLP is designed to be a light, fast protocol that allows a developer to customize their packet design and message interpretation.
TAO Use Cases
For most businesses and organizations, technology transformations translate to delivering customer value expeditiously and effectively. Typically, security considerations are an afterthought due to their invasive nature, high costs, and latency, especially with regard to user experience. Rapid yet tightly budgeted development is key to deploying on-demand services and applications with limitless scaling capabilities.
To unlock this value while incorporating the necessary security for compliance obligations is an enormous undertaking. Included below are use cases and benefits that can be achieved.
- Cost effective secure Software Development Lifecycle (SDLC)
- Identity, privacy, and elevated security solutions
- Authentication, authorization, and rights deployment
- Continuous deployments and integrations
- Consistent instruction sets for provisioning
- Multi-language application support
- Dynamic scaling characteristics
- Quickly build and iterate
The remaining sections highlight three new API methods, including basic use case examples.
The race to standardize the identity industry has led to a wide range of protocol implementations. For instance, OAUTH2, SAML2, OpenID, and many other authentication options are just scratching the surface. In a previous article, Decentralized Identity (DID), we discussed the risks and implications involving centralized credential systems, and solutions being created using Nexus.
Currently, blockchain authentication relies on at least 256 bits of entropy and disciplined management practices to prevent disastrous consequences. A recent study has shown that over 20% of Bitcoins have been lost since the network was launched. Fortunately, the days of losing blockchain access via cryptographic compromise and private key mismanagement are finally over.
The User API is synonymous with Signature Chains (SigChains) that provide a familiar authentication mechanism with elevated security while removing the burdens of private key management. SigChains enable the use of cryptographic techniques to authenticate users into a system removing the need for various protocols and third-party products. When the API generates a DID, the genesis identifier creates a unique hash of this username defined on blockchain. The below table outlines the methods currently available for the User API.
The Crypto API provides the ability to manage public-private key pairs, encrypt/decrypt data, and the associated public key hashes. These are held in the SigChain crypto object register that can be used internally and externally by third-parties. The nine named keys in the crypto object register are: auth, lisp, network, sign, verify, cert, app1, app2, and app3. This register is generated automatically as part of the genesis transaction when a SigChain is created via the User API.
Each entry in the crypto register is a 256-bit hash of the public key for an asymmetric key pair. The scheme used to create the key pairs is configurable, supporting both Brainpool and FALCON. This API provides numerous options for secure development of Apps and DApps alike. Additionally, third-party plug-ins, modules, and products are rendered unnecessary using SigChain capabilities.
As a use case example, a practitioner provides a medical scan to a patient in a PDF. A hash of the data can be associated with a SigChain pointing to the original file. This association provides unequivocal proof of ownership when linked to the DID. However, this could be susceptible to attacks if copied and another asset linking on blockchain is created. To mitigate, the timestamp and nonce from the rightful owner must be verified, preventing document forgery. The following table includes the Crypto API methods:
The Peer-to-Peer (P2P) API allows for encrypted and authenticated end-to-end communications between users or DApps. By utilizing a username or genesis ID, a self-signed certificate, authenticated by the Crypto object register, can be used to open a secured connection directly to a node. This negates the need for a Certificate Authority (CA) to combat Man-in-the-Middle (MITM) attacks. A role usually reserved for secure proxies or advanced firewalls, can now be achieved with the TAO Framework. Additionally, this API also provides the ability to transmit encrypted data on the network.
The P2P connection request contains the Internet Protocol (IP) address of the sender and is broadcast over the network to locate the authenticated peer. If the connection request is accepted, a socket will be opened. Due to the nature of the connection, a requesting node must be internet-accessible from the peer with a public IP address or have port forwarding enabled on the Internet Service Provider (ISP) router. This is a short-term requirement until the Location Identifier Separation Protocol (LISP) and Re-encapsulating Tunnel Router (RTR) have completed development. Included below are the API methods:
The Nexus TAO Framework is an indispensable architecture for all types of developers, from blockchain DApp creators, to traditional web designers and beyond. It is important to remember that all sessions are authenticated, enabling user control and traceability, thus eliminating systemic problems inherent to the internet. This cultivates designs that can effectively eradicate spoofing, snooping, and other risks commonly associated with the interconnected world of today.
Featured image: Nexus Blockchain