Shard Enclaves, Private Data, Private Code Concepts

Merging Private and Public blockchains on a Single Layer


An objective of SagaChain is to support a mix of fully trustless and partially trusted accounts, nodes, shards, and software. To accomplish this SagaChain introduces the concept of shard enclave. Enclave meaning private or segregated within the SagaChain as a whole.

Enclave Shard, Node, Account and Code

· The enclave nodes are authorized to execute transactions on enclave accounts — such a node may be exclusive, or a mix of enclave accounts and general accounts.

· Enclave code is supported by “enclave language runtimes”. That is, specialized language runtimes that only execute enclave code — e.g. private classes.

o A hard limit for security purposes is that private classes can inherit from open classes, but not vice versa.

· Blocks created by an enclave shard may contain private enclave transactions — such transactions consist of the SagaPython transactions script, the hash of the output state of the enclave accounts, and the hash of the output log.

o The enclave blockchain does not include the actual output state. All such state is assumed to be stored off-chain and outside the scope of the SagaChain for verification purposes. A new node joining SagaChain can only verify that blocks from an enclave shard are wellformed with respect to enclave account transactions, not that the state of such accounts is valid.

· Conversely, an enclave node can obviously validate the enclave transactions.

· An enclave shard consists of enclave nodes authorized to view the enclave data, execute enclave code, and generate shard blocks containing opaque transactions.

Even though non-enclave nodes cannot validate enclave accounts, they do need to account object information — this is needed to determine that the account is an enclave account. However, any details of objects owned by the account are opaque to the rest of SagaChain.

An enclave account and a non-enclave account can message each other, provided appropriate permissions exists. However, the transaction can only be executed on the enclave shard. The resulting transaction output must include the full non-enclave account state update.

SagaCoin Management Rules with Enclave Shards

· The amount of coin that an enclave node can mint is prorated based on the number of non-enclave account transactions. That is, enclave-only transactions do not count toward coinbase minting.

· Gas unit charges apply to all transactions both enclave and non-enclave. Because enclave transactions are opaque to the rest of SagaChain, the gas units charged are the average of all non-enclave transactions in the block, with a lower limit of a rolling global average per-transaction gas-unit charge — (which is tbd but can be calculated). This forces the enclave clients to follow the general gas costs, which enforces the Foundation transaction tax on enclave transactions without requiring knowledge of the actual transactions.

· An enclave account, by definition has no SagaCoins assigned to it. An enclave account could send a message to a non-enclave account that causes SagaCoin to be transferred to another non-enclave account — this would be a means for accounts to pay each other without exposing the balances.

Enclave Shard Groups

Designating Nodes and Accounts for Enclave Shards

A node must be authorized to execute transactions on a given shard. Nodes are represented by node accounts. Authorization of the node account enables the node to execute on the shard. Enclave shards must be explicitly created as opposed to dynamically created with SagaChain scaling. Such nodes may be exclusive to such shards or may be available for other shards. Nodes joining an enclave are considered permissioned. The means for exchanging the authorization material is specific to the enclave users and outside of scope for SagaChain. However, SagaPython classes may be developed to facilitate shard, node and account authorizations.

Enclave transactions

Transactions between enclave accounts and non-enclave accounts are only executable on the enclave, as the enclave account execution is dependent on the enclave nodes. Messages can be resolved between open accounts and enclave accounts by the CMI normally. The method tables of enclave classes must be globally visible, while the method code may be encrypted or kept off-chain completely. The resulting blocks with transactions between enclave and non-enclave accounts must include the non-enclave account state updates as part of the transaction results just as any open transaction.

Enclave Minting Prohibition

Enclave Partial and Full Breakaway

Any shard that “breaks away” will appear to have terminated by SagaChain. Further, the accounts shall not have their state updated. Thus, a break away is a one-way operation, with no return.

Private Class Code

Private code consists of methods of private classes. A private class is an object that is owned by an enclave account. The CMI shall not execute a transaction on an enclave account on a non-enclave node. Therefore, dynamically adding private language runtimes to non-enclave nodes is prevented.

A requirement for an enclave node is that it is able to execute all private code for the enclave. If this is not enforced, then the consensus validation protocol for the enclave shard will fail. It is up to the enclave operators for enforcement and outside of scope for SagaChain.

Private Class Inheritance

Conversely a public class may inherit from a private class. Just as with the private inheritance above, the private class forces execution to be restricted to enclave shards. Further, a non-enclave account is restricted from executing private class code of any kind. Therefore, any transaction involving inheritance of a private class implies that the transaction’s account state updates are opaque. There is little value in a public class inheriting from a private class.

Cross-Enclave Messaging



Founder & CEO at A Foundation building Decentralized GlobalOS and a Single, World Class Tree.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Holdmann

Founder & CEO at A Foundation building Decentralized GlobalOS and a Single, World Class Tree.