Tuesday, 4 April 2017

Corda - First Impressions

Today I was lucky enough to attend my first day of training on Corda, an "an open-source distributed ledger platform designed to record, manage and automate legal agreements between businesses".

Roger Willis and Richard Green did a fantastic job and I walked away excited for the 2nd day of training tomorrow. Between then and now I've got a whole load of thoughts/questions on my mind...

Corda isn't a traditional blockchain

Corda doesn't have the concepts of blocks or mining that you will find in Bitcoin and Ethereum. Transactions are purely point-to-point and validated individually in Corda. This stands opposed to the others which group up transactions and calculates a hash for all of them together (turning them into a block).


What is there to stop the transaction history being modified? Well transactions are digitally signed and assuming all parties keep their private key safe, no one can realistically change history. On top of this, the ledger isn't reliant on mining and is designed to be immutable. This means that the only change parties expect to see is on current state.

Data Privacy

Transactions aren't broadcast globally to the entire network and only sent on a need-to-know basis. This protects against data leakage as parties in the network don't have free access to monitor who everyone is interacting with. Keeping the data contained also limits the damage if your private key is somehow compromised because your encrypted data isn't freely available to a potential attacker.

Throughput & Scalability

The removal of miners and the lack of proof of work means that a Corda network's throughput is bounded primarily by the network and the execution of the contract code. Combine that with the fact that transactions don't need to be broadcast to all nodes and you are looking at a network that is faster & handles more messages (that other DLTs).

It should be reiterated that not relying on Proof of Work removes the need to...

This happily translates to a platform which doesn't require a warehouses full of dedicated servers to run.


The elephant in the room is that of security. Given that Corda is not based on a Proof of Work algorithm it cannot be proven to be cryptographically secure in an untrusted environment.

The argument is that heavily regulated financial environments have some degree of trust within them, which comes in the form of the regulators. This forms the basis for Corda's reliance on Notaries which validate all transactions. This inevitably centralises the system and provides a focal point for attack. Nevertheless this isn't anything new and it is a problem which is dealt with today.


To wrap this post up, I think the overwhelming feeling from today was of productivity.

Corda keeps things simple and thus the concepts are easy to pick up. There is a load of great documentation to help you out and the main repository comes bundles with some excellent demos.

As opposed to Ethereum, Corda is based on the JVM. I cannot emphasis enough how much of a god-send that is. Dealing with Solidity in Ethereum was a headache and the ecosystem of tools/libraries available to you there is laughable. With Corda you can use IntelliJ! You can write Java! Or even Kotlin if you feel like being ridiculously productive ;)

Very excited and more thoughts to come!

No comments:

Post a Comment