Mainframe is a distributed and decentralised communications platform that combines the best features of networking protocols and applications while also maintaining the highest level of security and user sovereignty. Their goal is to create the web3 communications layer, built on top of today’s internet protocol.
Web services today are built using underlying protocols and services that are susceptible to centralisation, surveillance and manipulation. As the internet became more commercial in the mid-1990’s large companies such as Google and Facebook became intermediaries between consumers and the underlying internet protocols being used, thus capturing value through higher layers in the protocol suite. Users have as a result lost control over their data and by default their privacy. We as end users are now locked into using these proprietary applications and services. The original internet protocol layers were designed without user privacy and data security.
There are various weaknesses in the Internet Protocol Suite on which the modern internet is built. Each layer in the Internet Protocol (in blue) depends on the services and technology in the layer below it. These layers have inherent data and security flaws which are highlighted below:
- Addressing: An Internet Service Provider (ISP) is responsible for ranges of IP addresses, thus allowing authorities to identify users and geographic location of an IP address with ease. Fully decentralized addressing is achieved using peer-to-peer networks that create a layer of abstraction above which the geographical locations of nodes can’t easily be determined, preventing them from being targeted.
- Domain Name System (DNS): This essential feature for practical internet communication associates memorable text with network addresses. Services that rely on DNS are subject to disruption by governments and corporations that control infrastructure and tamper with DNS responses or publish alternative DNS records. Decentralised applications avoid these barriers by providing a blockchain-based alternative name resolution protocol.
- Certificate Authorities (TLS/CA): The problem of Transport Layer Security (TLS) and its reliance on the certificate authority (CA) system creates centralised points of failure and targets for attack. Numerous organisations have been targeted in phishing attacks whereby malicious actors generate valid certificates that are signed by trusted certificate authorities. This lack of security needs to be addressed to deliver higher levels of authenticity assurance.
- Mail protocols (SMTP/IMAP): These protocols created decentralisation in that anyone can set up a mail server; however, they have no built-in security mechanisms and were designed around conventional client-server architecture. These protocols lack the real-time responsiveness that users have come to expect from Slack or WhatsApp and SMTP is not end-to-end encrypted by default.
- Encrypted peer-to-peer/group chat: Although Slack and WhatsApp create convenient places to communicate with colleagues, the data is visible to the service provider, who must safeguard it and keep services running smoothly. Fully encrypted peer-to-peer/group chat product offerings are coming to market, but they rely on centralised infrastructure for operation and storage of client data, thus creating the risk of data loss or service disruption. Distributed private chat product offerings allow user sovereignty by hosing on customer-rented cloud infrastructure; however, fully decentralized messaging requires unhosted architecture, where the entire application infrastructure runs on incentivized peer-to-peer protocols.
The Mainframe communication platform intends to provide unparalleled security, including:
- Data privacy: Full end-to-end and group encryption
- Surveillance resistance: Node relationships are opaque.
- Censorship resistance: Hidden node relationships prevent communication interference.
The platform consists of protocol and transport layers incentivized by token economies, along with software development kits which enable easy integration with popular languages, operating systems and devices, as well as smart contracts and oracles for token exchange and ease of interoperability with MULTIPLE blockchain protocols such Ethereum, NEO, RSK and Tezos.
Mainframe’s communications infrastructure is entirely decentralized and unhosted. It is a Kademlia-based peer-to-peer network used to execute blockchain transactions. Mainframe removes the underlying geographically-traceable Internet transport layer and randomly assigns addresses to each peer or node in its network. Monetary value can be exchanged between nodes on this network using blockchain tokens. Mainframe provides additional protocols above this transport layer for secure communications.
Each Mainframe node can offer various peer-to-peer (p2p) service interfaces for application layers, including interfaces for blockchain transactions, packet routing, packet holding, file storage, and data services. Each of these p2p services is provided by peers operating in incentivized cooperation with one another, without reliance on any managed infrastructure.
The Mainframe platform has the following unique features:
Multicast Encryption: Mainframe provides protocols for one-to-one and one-to-many encryption; packet encryption is an integral part of its transport protocols and cannot be circumvented. Packets intended for multiple nodes can be sent in multicast mode. This allows sender and nodes routing multicast packets to send a single packet instead of duplicates along any route that will reach two or more of the intended recipients. Its shared key negotiation protocol ensures that multicast packets are only encrypted once for multiple recipient nodes.
Configurable Dark Routing: By using configurable dark routing, packets are routed to each node whose address matches the partially disclosed destination address, a subset of nodes matching this receive the packet. Therefore, it is impossible for those viewing the transaction to tell who the intended recipient is. Only the intended recipient can decrypt the packet.
Nodes, therefore, need to determine the level of address specificity (or luminosity) when addressing packets. Mainframe provides algorithms to help determine sensible luminosity settings based on privacy requirements for different uses. Since packets are not fully addressed, session management becomes more challenging as nodes need another means of identifying packets they are interested in viewing. Mainframe addresses this through previously agreed-upon topic ID inside packets. Their session management protocols help applications keep track of and initiate separate data streams in packets. To outside observers the communication patterns are opaque. Thus the Mainframe network is highly resistant to surveillance and node-specific targeting for denial of service attacks. The combination of encryption and dark routing creates an unprecedented level of security and privacy.
Node Service Incentivisation: Nodes publish their services and prices using a service discovery protocol via Mainframe. By allowing nodes to agree upon services, pricing, and a medium of exchange, the impartiality and interoperability of the network are protected, and a wider array of stakeholders have stronger incentives to participate in the P2P network. Settlement for services rendered by nodes occurs off-chain. This increases the risk of default but allows the participants to avoid frequent costly transactions on-chain.
‘Unhosted’ architecture: Mainframe’s resilience and strength come from the fact that it is both distributed and decentralized. This type of network architecture allows the network to survive node loss or denial of service attacks against any subset of nodes. In this way network participants can join or leave the network, but the distributed network can grow and heal around nodes. As the network expands, the number of possible routing paths between any two nodes increases; their protocol will ensure that nodes try to discover new pathways when a peer is dropped to maintain an optimal overlay network. No entity or central authority (not even Mainframe itself) will be able to control or disrupt the operation of the network. In addition to this resilient network structure, the service layers have been designed with redundancy in mind, storing individual shards of data ACROSS multiple notes and designating multiple nodes to perform requested services. The network service layers are designed to support development of “unhosted” or fully decentralised applications; without the need for service provision or infrastructure maintenance by node providers.
Interoperability: Mainframe intends to build a truly inclusive development community, creating software development kits for working with Mainframe code on all popular platforms and languages, in order of developer demand. The network will also provide oracles and smart contracts for interacting with the token-based incentivisation layers on multiple blockchains.
Mainframe tokens (MFT) have various uses within the Mainframe ecosystem for incentivising:
- the efficient relay of packets between peers;
- packet delivery from sender to receiver;
- reliable decentralized file storage;
- reliable decentralized data services; and
- as a medium of exchange for marketplaces on the mainframe platform.
Conceptually, I love this project and the deep strategic thinking behind it. Mainframe’s team has not tried to ‘fix’ what is broken with the internet protocol suite; they have reimagined what ‘unhosted’ architecture might look like. More importantly, they have envisaged HOW this would operate in practice, the principles behind the architecture, the incentivisation behind node services, and its interaction with multiple blockchain protocols through oracles and smart contracts. Together they create a truly functional view of what an ‘unhosted’ P2P network would look like in action and have set out their roadmap. Their MVP beta – Onyx, a messaging application, was launched in January this year.
What I find most exciting is that they have in many ways through their architecture created a ‘cloaking’ device for transactions across nodes through their use of multicast encryption and configured dark routing. This has always been the weakness within blockchain protocols – data vulnerability as it transacts across nodes. Mainframe creates next level privacy and security across the Mainframe P2P network nodes thus reducing the threat of denial of service attacks or hacking of transactional data. Although bad actors can see the transactions between nodes, there is no way to know which packet contains what part of the data you wish to see, or which node can decrypt the packet data upon receipt. This, therefore, shields transactions even as they move across nodes.
Finally, by creating node service pricing transparency through the service delivery protocol, they also create a free market for node services governed by the nodes themselves. I also love the fact that their token is not so much for sale as it for joining their movement to create web3 – only participants will be considered for allocation in the private sale. Mainframe is attempting to design the holy grail for communications: data privacy, transaction security and interoperability across blockchain protocols.
By CeAnn Simpson