New transaction type: Associations. Mainnet upgrade is coming!

Main • Published on: Apr 17, 2020 • Last updated: Apr 30, 2020

For the first time since the launch of LTO Network, we’ll be introducing a new transaction type: associations.

The LTO Network public chain, as part of the NXT blockchain family, has a fixed set of transaction types. This makes it possible to optimize for and focus on specific use cases. Up till now, the LTO public chain has revolved exclusively around anchoring transactions, which can be used for timestamping and data verification.

Anchoring allows off-chain applications to benefit from the unique properties of blockchain, like immutability and decentralized consensus. Any application uses anchoring in more or less the same way, meaning that the type of use cases are very limited.

Associations also allow off-chain applications to benefit from the blockchain. However, unlike anchoring, the concept is relatively abstract, allowing them to be used in many different ways.

Acknowledgement

An association transaction marks an acknowlegement from one addresses to another. This isn’t the first transaction type to establish an acknowlegement on LTO Network. A lease transaction acknowledges that a node may use the tokens of the address for staking.

Associations, on the other hand, have no effect on the consensus layer of the blockchain. They purely exists for validation by off-chain applications.

Organizations can use associations to acknowledge that the holder of an address is an employee. Diplomas and certificates could also be acknowledged through an association.

The difference between simply hashing and anchoring a certificate, is that associations relate to an account which in terms relate to a public key.

Chain of trust

Authentication on LTO Network, like most on blockchains, in done through public key cryptography. All transactions on LTO Network are signed using private keys. The public/private key pairs can also be used off-chain, to cryptographically sign data.

Public keys can be embedded in a certificate, as done for SSL/TLS. It may also contain additional information like an organization name and an address. The certificate is signed by a certificate authority, acknowledging that the information in the certificate is valid.

The signing authority may not directly be a known trusted party by the recipient. Through an intermediate certificate, another party can endorse the intermediate authority. This isn’t limited to a single intermediate certificate. A series of such certificates form a chain from a trusted root authority to the signing party. This is called a chain of trust.

Traditional PKI vs Blockchain

In a traditional public key infrastructure, the end-entity will create and submit a certificate request, and receive a certificate that's signed by the certificate authority (CA). The identity of the end-entity can be validated by handing over all the certificates in the chain. The makes the certificate is self-authenticating.

Unfortunately, certificates can’t be revoked in the same way as they are issued. Authorities may publish a revoke list, which must be checked before accepting the certificate. But this requirement negates the self-authenticating properties of a certificate, relying on the information provided by a trusted third party.

In case of SSL certificates for domains, this is a minor issue. Revocation only needs to be done in case an error was made, and thus is rare. In other cases revocation is more important. If a certificate has been issued to an employee, it's vital that the certificate is revoked when the employees leaves the organization. Propagation in this case must also be fast.

Association transactions provide an alternative method to establish a chain of trust. Issuing and revoking is straightforward, both requiring a single blockchain transaction. Transactions propagate through LTO network in seconds and are acknowledged within a minute.

As additional benefit; association transactions are timestamped and immutable, which mitigates potential conflicts due to ambiguity.

Relying on LTO Network for trust and security removes a serious hurdle for organizations to start using public key cryptography.

For more information, please read the technical documentation:

How to participate in the upgrade?

A new version is made available on Github and a new image on Docker Hub for everyone to review and download.

As a node operator, you would need to pull & restart and then include the new features. Scroll down for instructions.
As a leaser, you could cancel your lease if you want to abstain, you can spin up your own node to vote directly yourself, or you could check with your node operator what their stance on the new feature voting is - and remain steady.
As an inactive token holder, you can choose any of the two options!

To make it easy for Ankr nodes, the service will be upgraded with the recent features. You can decide to spin up your own node before that happens, it's all in the hands of the token holders.

The voting period is set for 10,000 blocks which is around 7 days. In order to pass through, it would need 80% or more of the votes. Since LTO public blockchain is a Proof of Stake variation, it would mean that 80% of blocks within the voting period need to contain the “approval stamp” for the new features. Once the features are voted in, it will take another 10,000 blocks for the upgrade to get activated. If 80% is not reached after 10,000 blocks, the vote will start again.

For staking stats and nodes, see the LTO Tools.

Voting starts at block 680,000 - April 20, 16:37 UTC.

For Nodes

First, add feature vote to docker-compose.yml:

– LTO_FEATURES=10,11

Pull the latest image and restart node:

docker-compose pull
docker-compose down
docker-compose up -d

If and when the voting settles with the 80% majority, and before 7 days of activation elapse, make sure to upgrade your node. Otherwise, it will unsync and stop mining.

Feature voting is not new for many LTOnauts as it happened before with smart accounts during summer 2019. See how it went: