GRAFT Weekly Development Status Update November 5th, 2018

Hi everyone, this is our weekly update on GRAFT development activities.

RTA Alpha

GRAFT developers are currently launching RTA Public Alpha, which is targeted for November 12th, 2018, while preparing to start working on RTA Beta.

There are several goals for the RTA Public Alpha testing stage:

  • Find potential issues and bugs that cannot be found on a low scale network of closed alpha (about 50 participants/supernodes)
  • Allow supernode owners to get familiar with the supernode setup and maintenance processes so they will be fully prepared for the RTA Beta launch on the mainnet
  • Allow the supernode owners to estimate the earnings on the real network (the stimulus transactions will be running on public alphanet on the same or similar scale as they will be available on the mainnet after the Beta launch)
  • Most importantly, work on preparing the network for the mainnet launch by allowing community to discover any security holes and potential exploits

We would like to thank our community, and especially the alpha test group, for their continuous feedback, finding issues, and suggesting solutions – you guys ROCK!!

Anti-ASIC Major Network Update

Last week GRAFT network was successfully updated (“hard forked”) with a new version of GRAFT software that introduced a new variation of the PoW hash algorithm which prevents ASIC mining. The major network update has applied a new variation of CryptoNight hash algorithm (CN variant 2) which is currently ASIC-resistant.

The major network update (aka hard fork) in GRAFT mainnet was triggered on Wednesday, October 31st at block 207,700. As a reminder, major network update means that if you are running a GRAFT network node (graftnoded) you must upgrade to the latest software. If you haven’t done it yet, please do it ASAP, otherwise your node will be either disabled or connected to the wrong chain. Note that users of GRAFT mobile and desktop wallets are not affected by the hard fork and should not do anything.

Customer Facing Applications

While the core GRAFT developers were focused on RTA Alpha, other developers continued working on hardware payment terminal apps, exchange brokers, and payment gateway for service providers. More specifically, last week they were working on the following tasks:
  • Exchange Broker Bitcoin status monitoring
  • Payment Gateway Email service enhancement
  • Verifone Terminal app error handling
  • Verifone Terminal app new UI
  • Payment Gateway DAPI status monitoring

Please see below the screenshots of the new Verifone terminal app UI. The new UI, remastered for accepting payments in multiple cryptocurrencies, is being tested now before submitting to Verifone for recertification. Currently, both GRFT and BTC are supported on GRAFT and Bitcoin mainnets, with more altcoins coming very soon.

Finally, some in the community have expressed concerns about the issues they identified that are not getting addressed in a timely manner or being “ignored”. We would like to assure you that we take all the comments and pull requests very seriously. The timing of when those get addressed has to align with our development timeline though as each request has to be carefully evaluated, integrated, and set up for proper testing.

In terms of the team’s skill set, we want to assure everyone that we have one of the most capable teams we’ve ever had the privilege of working with over our longish careers. We have over 150 years of combined experience and education in the field among us and multiple PhD’s and professional certifications on the team. We have built very robust and secure systems at the core of Cisco, Sonicwall, NCR, and HP in the past. We study relentlessly and leverage the best known methods in the field and the latest research being done out of MIT and Stanford.

We take this project very seriously and pour our heart and soul into it, using everything we know, but most importantly – leveraging what already works. Payment-processing blockchain is not the place for wild experimentation.

With that said, we look forward to more pull requests in the spirit of a real community open source project.

Looking forward to another exciting week and Happy GRAFTing!

How GRAFT is Going to Conquer the Crypto Payments World. Part 1: Blockchain and CryptoNote

Slava Gomzin, GRAFT Co-Founder

Although we have created a lot of materials explaining GRAFT (both existing features and future developments), including countless technical or semi-technical pages, marketing brochures, blog posts, and educational videos, it’s often difficult to see the whole picture while going through all of the specifics. A focus on the multiple features and their design details can obscure the view of the entire system, creating a so-called “you can’t see the forest through the trees” effect. We are getting many questions from supporting community members as well as potential customers and partners about “the big plan”: what is the ultimate goal, and how exactly are we going to achieve it? Whereas the answer to the first part of this question is quite simple and short, the answer to the second part requires some time and efforts. In this series of blog posts we will iterate through the various GRAFT features and try to explain why they are there, and how they help achieve our ultimate goal: Conquest of the crypto payments world.

Part 1: Blockchain and CryptoNote

Let’s start from the very beginning with the blockchain, or layer one of GRAFT. The blockchain is maintained by a peer-to-peer network of computers, or network nodes. We refer to these network nodes as “cryptonodes” to distinguish them from our “supernodes” (a.k.a. “masternodes” in other networks), which constitute the second layer of the GRAFT network (to be explained in a future blog post). The GRAFT blockchain is based on the CryptoNote protocol, which is the most private blockchain protocol in use as of today. In order to save time and resources, we used the luxury of the open source principle and forked the initial code of the GRAFT cryptonode from Monero — the best implementation of the CryptoNote protocol. In addition to acquiring fundamental privacy features “out of the box”, forking Monero provided a high degree of confidence in our blockchain from day one of the mainnet existence. It’s important to note that the code of GRAFT supernodes, which we create from scratch, is also open source, so essentially everything that we add on top of the previously existing features is also available for others to reuse.

Now let’s go back to the initial question and apply it to the blockchain layer: Why a brand new blockchain and why CryptoNote?

We’ll start with the new, dedicated blockchain: Yes, it would have been easy-peasy to run the GRAFT ICO on ERC20 or a similar token, as most people do these days to avoid blockchain maintenance, mainnet, mining, emission, seed nodes, etc. However, creation of the GRAFT payment network requires our own blockchain because we have to modify the cryptonodes as we develop the supernodes so they will support each other and work together. Without the ability to modify the code, we wouldn’t be able to create the network of supernodes and implement features like real time authorization or exchange brokers on top of any existing blockchain or token platform. In addition, there are features such as payout tokens, loyalty points, store credits, gift certificates, and discount coupons that are required for merchants — all of these are based on the merchant tokens platform, which cannot be built without a dedicated blockchain.

Now for CryptoNote: it’s not just “nice to have”, it is absolutely required in order to be competitive with traditional payment systems such as Visa network or PayPal. Ironically, Visa and PayPal provide much better privacy to their customers than most existing cryptocurrencies such as Bitcoin and Ethereum. Let me explain. When you swipe/insert your payment card at the point of sale terminal, or click the PayPal’s pay button online, there are two entities in the world that are aware of your transaction: the payment network (Visa or PayPal in our case) and the merchant. In reality, of course, there are more organisations that “know” about your transaction because the payment network is more complex. This network includes, at the very least, the issuing bank (the one that gave you the payment card), the acquiring bank (the one that approves the payment), the payment gateway (the one that routes your transaction to the right payment processor/acquiring bank) and the payment processor (which processes the payment and merchant’s payout). However, in any case, this list of organizations is limited because they are under security and privacy regulations, and they have typically implemented some decent security controls that protect your transaction records from prying eyes. Of course, everyone in this list can be hacked or give away your info to a law enforcement agency, but this is a different story (which is, by the way, another good reason to switch to cryptocurrency payments and throw away your plastic cards!). For the sake of simplicity though, let’s assume that random people cannot gain access to your data in most situations.

Finally, let’s see what happens with blockchains. The key innovation of Bitcoin (the first blockchain and cryptocurrency) was the open ledger that is accessible to every node participating in the network because your transaction must be verified to make sure you are not trying to spend your money twice. But this also means that anyone in the world can see your transactions and how much money you have in your wallet! Now, unlike plastic cards, Bitcoin wallets are, in principle, anonymous because transaction records are not directly linked to your identity. At first glance, this feature appears to compensate for the fact that your transaction records are laying there in plain sight on the blockchain for anyone to see. Well, the problem is that there are ways to link addresses to identities. Once this happens, all of your transactions magically become visible forever because the blockchain is always there and it cannot be erased!

Fortunately, there is a solution: the CryptoNote protocol, which hides the sender’s address, the recipient’s address, and the transaction amount , while still preserving the ability to validate each transaction and prevent double spending — and it’s all thanks to advanced cryptography! One day I am going to explain how it works in layman’s terms to unveil the beauty of CryptoNote and its cryptography (the same as I have done to explain RSA and Elliptic Curves cryptography in my book about Bitcoin payments). But for now, let’s just take it on faith that CryptoNote ensures a high degree of privacy for all participants. Moreover, on top of existing CryptoNote features, GRAFT adds even more privacy and hides transaction fees!

Summary of Part 1:

Why a brand new blockchain and why CryptoNote?

The dedicated blockchain allows GRAFT to create a merchant token platform. This is required for features like payout tokens and loyalty programs, and the second layer supernode network, which enables special retail features such as real time authorizations and exchange brokers.

The Cryptonote blockchain protocol provides an absolute privacy to all participants of the transaction, which is required in order to compete with existing payment platforms such as Visa or PayPal that are more private than most exciting (non-Cryptonote) cryptocurrencies.

To Be Continued — Part 2: Supernodes and RTA

GRAFT Merchant Tokens: Introducing VChains

Merchant token is a simple smart contract that allows creating a private token that belongs to its owner. Unlike some other smart contract and token platforms, creation of GRAFT merchant token does not require any programming and can be done by anyone.

The business features described below are typically associated with using complex third party service providers and high implementation costs, which makes those services inaccessible for small to medium size businesses and expensive to large businesses. GRAFT Merchant tokens allow any merchant to implement those important business features with minimum efforts and low cost.

Types of Merchant Tokens

Store Credits

Store Credits are typically utilized by merchants for performing purchase returns and exchanges, when return cannot be done using the original payment method, or the merchant’s return policy does not allow the full refund. Store Credit essentially transforms return to exchange, so the merchant does not lose the customer and associated revenue.

Store Credit Token can be linked to the item price in local fiat currency, so the customer can use those tokens during next purchase “instead” of or in addition to the payment with local fiat currency. Store Credit tokens usually either do not expire or have very distant expiration date as they are basically replace the fiat currency.

Loyalty Rewards

Loyalty Rewards is powerful marketing instrument which attracts customers and increases spending. Loyalty Rewards can be awarded with each purchase, or as one-time bonus, or using other models. The rewards than can be used to makes purchases of particular items or all items, or converted to cash. Loyalty Rewards are not necessarily linked directly to fiat or crypto currency as they can be spend to provide discount or buy a special “unique” reward items that are not available for sale using other methods of payment.

Loyalty Rewards usually have relatively close expiration date. This way the merchant “stimulates” earning more rewards and eliminates accumulation of very large amounts of reward points that can become useless.

GIft Certificates

Gift Certificates can be issued by merchant in order to attract customers. In order to increase the effect, gift certificates can be sold with discount (for less than their nominal price). Gift Certificate tokens usually either do not expire or have very distant expiration date as they are basically represent the fiat currency.

Discount Coupons

Discount coupons can be used for one-time or long term promotions. The coupons can be distributed publicly or to individuals, in wallet or paper form. The coupon then can be scanned by point of sale in order to get discounted or even free item.

Transactions with Merchant Tokens

Create

Creating new merchant token (“smart contract”). Can be done using point of sale app.

Renew

Renew merchant token (“smart contract”). Can be done using point of sale app.

Add

Add more merchant tokens to the circulation.

Issue

Merchant’s point of sale sends merchant tokens to the customer wallet or prints a paper wallet.

Redeem

Customer redeems merchant tokens at merchant’s point of sale using wallet app or paper wallet.

Merchant Token Fees

All the merchant token fees are paid to the current supernode authorization sample.

Merchant Token Transaction Fees

Merchant always pays the token transaction fee, which means the buyer never pays the fee. A regular transaction fee is applied to each transaction with merchant token, including adding, issuing, and redemption. As GRAFT fees are proportional to transaction amount, the fee is calculated based on 1 token = 1 GRF, although it’s not necessarily that the token has any direct link to the GRF or other currency. It’s important to note that GRAFT fees are calculated based on logarithmical formula so there is no danger of paying high fee on large amounts.

Initialization and Renewal Fees

The initial Create transaction implies a special higher fee because it is associated with naming a token. In order to prevent “domain squatting”, the initial fee is set to a reasonable amount that prevents massive abuse. Initialization fee of 5 GRF is required to generate a new merchant token smart contract (Create transaction). The renewal fee is 10 GRF.

VChain

VChain allows creating a virtual chain of stores so multiple point of sales can be “connected’ to the same private “virtual blockchain”. Thus, there is a dual meaning of word “Vchain”: virtual chain and virtual blockchain. Vchain creates a private common platform for managing merchant tokens and items catalogue.

Merchants can create their own private vchain which is going to be accessible only by this particular merchant and contain all information about its tokens. Vchain allows connecting multiple points of sale or even creating a chain of multiple stores. Points of sale that belong to the same vchain can issue and accept the same merchant tokens, use the same shared item catalog stored and maintained on the blockchain, generate aggregated transaction reports, and more.

Buyers can use vchain to link multiple wallets so they can manage multiple accounts and move funds between those accounts without paying fees. This feature is useful for family and corporate accounts.

VChain Fees

There is initialization annual fee of 5 GRF for creating a new Vchain smart contract. The renewal fee is 10 GRF. Those fees are required to securely process the smart contract and prevent system abuse. There is a separate annual fee of 10 GRF for adding another point of sale or wallet to the vchain.

All vchain fees are paid to the current supernode authorization sample.

Summary Comparison of GRAFT Blockchain to Other Payment Solutions

GRAFT VS RIPPLE AND OTHERS: FOCUS ON BUYERS, MERCHANTS, AND THEIR PRIVACY

SINCE GRAFT USES CRYPTONOTE PROTOCOL, HAS THE MONERO COMMUNITY INDICATED SUPPORT FOR GRAFT?

ARE TENX AND OTHERS CRYPTO CARDS COMPETITORS?

HOW GRAFT IS DIFFERENT FROM OTHER CRYPTOCURRENCIES AND WHY IS IT BETTER FOR PAYMENT PROCESSING APPLICATIONS

HOW IS GRAFT DIFFERENT FROM DASH?

CASH, DEBIT, CREDIT, MOBILE, BITCOIN, OR GRAFT?

FEATURE COMPARISON – GRAFT VS. OTHER CRYPTO-CURRENCIES FOR PAYMENT PROCESSING APPLICATIONS

Graft vs Ripple and Others: Focus on Buyers, Merchants, and Their Privacy

Focus on Buyer and Merchant NeedsRipple’s is mostly focused on bank settlements, while Graft provide solutions to buyers and merchants. Buyers can pay anywhere with cryptocurrencies or plastic card using Graft wallet app. Merchants can receive payment from anyone using point of sale accepting both cryptocurrencies and plastic cards. Faster payment confirmations are provided by Graft supernode authorization sample, a process that is more similar to Dash masternode scheme. Unlike Dash masternode, however, Graft supernode is not a “wrapper” or a second tier as it is designed to be a monolithic code base that implements both real time authorization and blockchain settlement (mining) features. Such an architecture improves security of the real time authorization process, as payments cannot be settled “off supernode chain” by the “lower” level blockchain network nodes, without supernodes knowing about their existence. Thus, all Graft transactions are authorized instantly without requiring additional fee, by supernodes that are automatically selected by the network using combined proof of work and proof of stake algorithm. Focus on Absolute Privacy Ripple consensus protocol is different, and its main problem is that it does not provide privacy features: untraceability and unlinkability of payment transactions. Unlike Graft blockchain, all transaction information on the Ripple ledger is public. Ripple does not provide the privacy and untraceability that are demanded today by potential Graft users – both buyers and merchants. When we pay with credit card, we share our secret payment information (like credit card number) with some entities – the merchant, the issuing bank, the payment processor, the payment acquiring bank – but those entities are relatively trustable so they try not to share our secrets with the entire world, and no one else can see our transaction history without our or their permission. Oftentimes, however, they fail to keep our secrets (think Target and many other retail mega breaches). With Ripple or Bitcoin or most other cryptocurrencies that are not based on CryptoNote protocol, the story is exactly opposite: there is no central authority that “knows” our secret “card number” (private key), but at the same time anyone in the world can trace our payments on the blockchain and link them to our identities with minimum efforts. By Implementing CryptoNote and other features, Graft brings the level of untraceability of payment history similar to traditional credit and debit card system, while adding decentralization, privacy, and security, which are the features of any cryptocurrency that are absolutely impossible to achieve using traditional credit card payment technology.

Graft Pre-Sale on NEM Platform

We are very happy to announce that Graft token pre-sale will be conducted using a token based on NEM Mosaic, a smart contract token platform. The Graft NEM based tokens (Graft:token) will be exchanged to GRF coins once Graft network becomes operational, which is preliminary scheduled for the end of the year. We are seeking to sell 135,000 Graft:tokens for 353.7 BTC. Pre-sale will start on September 15th 2017 at 15pm UTC and end on September 22nd 2017 at 15pm UTC. The pre-sale price of one Graft:token (0.001843 BTC / 0.028 ETH / 28.06 XEM) is 30% less than the final sale price which is set to 0.00262 BTC / 0.04 ETH / 40.09 XEM.

The Graft coin is called Graft (GRF), and is the “fuel” of the Graft platform. GRF are cryptographic tokens that will enable purchasers to transact and operate services on the Graft platform when it is launched by Graft. GRF is required for participation in Graft network activities, including but not limited to operating the full supernodes, which provide instant confirmations and other important network services. The total supply (maximum number) of GRF is 18,446,744. The majority of GRF will be created as a block reward by supernode operators during several years of mining. Since Graft uses combined Pow/PoS algorithm, 500 GRF will be required to deposit as proof of stake in order to operate the full supernode. For more details about its uses in the network, please see Graft white paper or/and Frequently Asked Questions.

At the time of the pre-sale, the Graft platform will not have been launched. Purchasers in the pre-sale will acquire Graft:token (NEM based smart contract tokens) in exchange for BTC, ETH, or XEM. 135,000 Graft:tokens pre-sold in this manner can be exchanged to GRF coins created in the Graft genesis block. Graft will allocate equivalent amount of GRF purchased in the pre-sale in the genesis block. The genesis block will constitute the inception of operation of the Graft network.

Graft mobile wallet and point of sale apps do not maintain a full copy of the blockchain for obvious reasons. Does it mean the wallet content is stored on supernodes which may compromise its security and privacy?

There are multiple elements of the Graft user wallet:
  • Private spend key – secret – required to spend money; stored in the wallet app
  • Private view key – “semi-secret” – required to see the balance and previous transactions
  • Payment address – public – required to receive money
In Graft, the Private spend key is always stored at the client (wallet) and never shared with the supernodes. Therefore, it is not the same as credit card when you share you card account number with the merchant, payment processor, and the bank every time you make a payment. If one of them is breached, your credit card can be stolen and used to make fraudulent payments. If any or even all supernodes are “breached”, they don’t have your private spend key so no one will be able to “use” your Graft account.
The Graft wallet balance is a “hidden” set of previous transactions. It is calculated by scanning all the previous transactions which are stored on the public blockchain but invisible without view key. Since mobile wallet app does not have direct access to the blockchain, the private view key is temporary shared with a single “proxy” (relay) supernode in order to retrieve the wallet balance; the supernode will not store this view key in any database so even if it’s “breached” the view key will not be disclosed in most cases. However, even if the view key is disclosed, it only allows to see transactions, not to spend any money.
Users (either buyers or merchants) with higher requirements for privacy can host their own private “proxy” supernode with full copy of blockchain. This way they will never share their view keys with the random “foreign” supernodes. Most probably, due to limited processing power and other resource limitations, such a private proxy supernode will not be able to participate in transaction processing and earn any block rewards or transaction fees, but it will still be able to validate transactions and view balances privately by scanning the local copy of the blockchain. For users who cannot or don’t want to host their own supernode but still don’t trust the entire network, Graft creates a special (free) cloud service with trusted proxy supernodes that are protected by multiple levels of security.

In order to process real-time authorization (instant confirmation) Graft network puts a “lock” on buyer’s account. How does it not violate one of the main goals of any cryptocurrency system – untraceability?

First of all, untraceability is not a feature of any cryptocurrency. As of today, CryptoNote is perhaps the only protocol that enables full privacy and untraceability. The beauty of Cryptonote is that it hides the details of transaction while still preventing double-spending. This is achieved through the use of key image which is unique “fingerprint” that represents the spending address and amount without disclosing any details about the buyer or the amount. By providing the key image for upcoming transaction to the network of supernodes, the buyer’s wallet will temporarily “lock” its “account”, so no other transaction with the same key image can happen until the locked transaction is settled or the lock is removed. If the buyer will try to finalize the transaction with the key image different from the one used in the original lock, such transaction will be rejected by the supernodes. On the other hand, the key image does not contain any information about the buyer, buyer’s wallet, or recipient (merchant). In addition, any traces of communication between the buyer (wallet app), the merchant (point of sale app), and the supernodes (selected proxy and sample supernodes) during authorization phases are completely removed once transaction is settled (written into the blockchain). Even transaction fees paid by merchant to authorizing supernodes are hidden from public view, which is another major privacy improvement comparing to all previous CryptoNote implementations that do not hide transaction fees.