The Byron release back in September of 2017 was an experiment for IOHK. It's the first cryptocurrency we have launched as a company. It's the first time we've had to manage public release cycles, segregated stakeholders (general public, exchanges, developers, etc). Furthermore, the Cardano project has a half dozen software companies collaborating thus we are forced to invest a huge amount of time in coordinating, communication and timezone overheads.
Since the September release, we've learned a huge amount about all of these processes and also in dealing with the needs of our broader community. We certainly haven't achieved a Nirvana like state of perfection, but processes have definitely improved.
I'd like to share some of these improvements as they are mostly hidden from the general public, yet have a huge impact on our ability to deliver a long term roadmap. First, since September, IOHK has built a tremendous amount of project management capacity led by Elieen Fitzgerald: https://iohk.io/team/#pmo and https://iohk.io/team/eileen-fitzgerald/.
Under her department, Eileen has managed to capture business requirements, draft project charters, improve our resource allocation and budgeting processes, improve development estimates, get better weekly reporting and manage the inter-dependencies between projects. We also have had an increasingly easier time managing third party relationships like our partnership with Runtime Verification on the K framework, IELE and smart contract research.
Some of the outputs of these processes are that we are moving to regular release cycles for Cardano with the first cycle starting next week on Friday. Our hope is to cut a develop branch for release and then run the release through a rigorous QA cycle currently planned for one month. Over time, this cycle can be shortened through automation and parallel processes speeding up delivery. Thus updates will become more frequent, higher quality and encumber less user disruptions.
The goal of the PMO department is to ensure when we give a date for delivering a feature, a release or a major update that the date and quality is met. This goal is one of the hardest to achieve for a software company and much more so given the nature of software we build, but it's also incredibly important for those who rely upon us for their own commercial interests.
Over time our project management methodology will become increasingly public and eventually be ported into a public github repository. We'd like for IOHK's approach to be a creative commons process that other software companies and projects in our space can benefit from and add to as they pursue their projects. Also, we'd like to explore lighter weight versions of the processes for DApp development so that our developer community can follow best practices.
Second, dealing with exchanges and other actors such as Ledger, we've been systematically redesigning Cardano's architecture, APIs and other components to be more friendly for those who wish to use our software. For example, you can see our new APIs here.
Another output has been moving our development towards a specification driven process. The first component of Cardano SL to be ported is our wallet backend with the following formal specification:
|Figure 1: Cardano SL's Formal Wallet Specification|
The goal is that each part of Cardano will be specified in a format similar to the one above. These specifications are implementation independent, will eventually be analyzed using formal methods and can be used as a basis for test suites and improvement proposals.
We are also aware that many want to build their own mobile clients or modified software. To this end, we've been exploring the best way of discussing a unified backend architecture. I would personally like to see dozens of wallets and great user experiences for Cardano materialize, but I'd also like to make sure that these experiences are useful, secure and easy to deploy if possible.
Over the coming months, large chunks of Cardano's code will be ported over to- or replaced with- these specification driven designs. This likely won't be directly felt by our users. Rather just indirect symptoms such as things getting faster like recovery from seed, less issues connecting to the network, smaller memory and disk footprint as well as other improvements.
As we now have the talent, processes and clear roadmap, Byron will continue to rapidly improve and become more feature rich. The release we are cutting next week to QA will include paper wallets, much faster wallet restoration and numerous other fixes. We expect it to clear QA in mid-May and for updates to be released monthly thereafter to our users.
Third, the most anticipated upcoming release is Shelley. Shelley is a massive project with many workstreams and scientific dependencies. It also contains many social processes involving community coordination and management. Effectively, Shelley is about turning over the network fully to the users thereby decentralizing as much as possible.
The work we have done with Byron has given us operationally a great deal of knowledge about the best way of iterating towards Shelley; however, special care has to be placed in the consensus side of things. IOHK developed a custom proof of stake protocol called Ouroboros for Cardano. It has never been used in a cryptocurrency before and has a completely original design.
Thus we have been extremely focused on a proper deployment of Ouroboros to the general public. Byron is running a version of Ouroboros with delegation locked to core nodes under the control of IOHK, CF and Emurgo and block rewards turned off, but when Shelley comes this cannot continue. Staking rights will be returned to the ada holders and delegation will be fully under their control.
To be clear, Ouroboros isn't a forced delegated proof of stake protocol like EOS or Bitshares. It's a pure proof of stake protocol where every active Ada account is factored in for epoch elections. Anyone who holds Ada in a normal address in the global UTXO has a probability of being elected as a slot leader regardless of the amount of Ada they hold.
However, the reality is that most will not want or have the ability to host consensus nodes and consistently show up to fill the slots they have been elected to commit. Thus, we developed a delegation system and the concept of stake pools for those users.
Concisely, anyone can run a stake pool. There isn't a minimum threshold of Ada or a special club. Rather there will be a blockchain based registration system and a special transaction type to register a stake pool on-chain. Registered pools will be listed in the delegation center of Daedalus and pulled directed from the Cardano blockchain thereby preventing censorship or bias.
Over the last few months, we've had to invest a huge amount of careful design and security thought into the process of delegation. It turns out there are dozens of factors and scenarios to consider from cold staking to automation of rewards. But we have converged on a reasonable design for the Shelley release, which will be released soon on eprint.
The summary is that Ada holders can create a delegation certificate for their Ada they hold and register it on the Cardano blockchain. This process effectively separates stake rights from the spending keys for their Ada addresses. Thus the delegation certificates can live in Daedalus, but the spending keys could be key offline on a paper wallet or ledger device for example.
Delegation will be done via a special transaction and from a user experience viewpoint via the delegation center in Daedalus. One will find a stake pool they want to delegate to, select it, and click a delegate button. It's just that simple. As we launch Shelley testnets, we'll experiment with different user experience flows from length of delegation to partial delegation (splitting stake between pools).
Another advantage of this process is that unlike Bitcoin mining pools, as our protocol natively understands delegation, it can automatically pay rewards to those who delegated without trusting the pool operator. At the end of each Epoch, our goal is to close the reward pool via a special transaction paying all those who delegated proportionally to their delegation amounts.
Some benchmarks and threshold will have to be conducted over the coming months to optimize for space and prevent penny-flooding attacks. We will also need to explore different user experiences including notifications and other UI considerations.
A natural question to ask is how will we ensure that when Shelley launches there will be enough stake pools to ensure a reasonable amount of decentralization? How will these pools establish their brand and reputation? We considered these concerns and decided to open enrollment for a collection of beta testing stake pool operators.
The goal with this process is to identify a set of 50-100 independent entities geographically well distributed who would like to run a stake pool as a business. We will progress as follows:
- Collect as many applications as possible via: https://staking.cardano.org/ until the end of April
- Process and winnow applications until we have a good set of 50-100 candidates
- Invite the candidates into the IOHK slack and begin discussions about hardware configurations, deployment strategy, docker images, etc etc
- When the Shelley testnet is launched, invite the stake pools to register and work closely with them to beta test various scenarios and experiences
These beta testers will not get a special advantage or consideration when Shelley launches. They are just necessary to test Shelley's design and ensure our assumptions and choices are reasonable as well as improve deployment strategy and documentation. When Shelley launches, there will be a grace period where all those who desire to register a stake pool can do so and Ada holders will be free to choose to delegate to anyone they want.
Once the grace period expires, auto-delegation will be turned off and rewards turned on. Cardano will be fully decentralized.
In closing, Cardano is a huge project. There are so many brilliant minds, great engineers and parallel efforts that it's difficult to capture all of it in a single post much less just convey our progress. What's amazing to me is that we have really gotten great processes established and are daily moving forward (a fan made a great website showing our daily commits: https://cardanoupdates.com/).
What's also amazing to me is how quickly our scientific research is moving from the lab to code. Ouroboros has gone through over a dozen revisions and now is converging to a state where we can bootstrap from the genesis block without a checkpoint (an industry first for proof of stake). Our sidechains research is state of the art with a paper coming soon in May.
We have also brought game theorists and programming language theory experts together. The output has been incredibly innovative with new accounting languages like Marlowe:
|Figure 2: The Marlowe Programming Language|
And an increasingly richer theory for incentives for stake pools, network maintenance other other topics requiring an honest majority for Cryptocurrencies to run properly.
I'm astounded how we are able to think in systems now and by the quality of the people on the Cardano project. It's taken years to build this team and go from dream to regular status reports. I look forward to achieving our milestones and seeing Cardano change the world.