Stateset Whitepaper

Dom Steil
Dom Steil


A statically generated progressive web application layer on top of an interoperable decentralized, replicated, authoritative global state machine with minimal trust between nodes would allow for the creation of a distributed enterprise sales and finance automation platform. Such a network would have many useful applications in eCommerce, finance, insurance, healthcare and more. We present Stateset, a distributed sales and finance automation network, and describe in detail how it achieves the goal of a globally distributed system shared between firms, providing a secure and state-of-the-art platform for managing sales and finance operations. Stateset is built on 10 fundamental technologies; Cosmos-SDK Blockchain Application Framework, a UTXO based State Machine, Tendermint BFT Consensus Engine, Trusted Executable Environments (TEE) for Private and Verifiable Computation, a Deterministic JVM (DJVM), IPFS for content addressed networking and storage, IBC for transport, authorization and ordering with other blockchain networks, Next.js React framework, Hasura GraphQL API Engine and Agoric.

Stateset Network

Stateset is a next-generation, secure, sales and finance automation platform for the world. There will be a collective oneness for all businesses where contracts, assets, capital, transactions and messages can be securely transacted freely without intermediaries or enforcement agents. Our vision for the enterprise software, SaaS computing and financial services industry is there will be an interoperable network of blockchains using a composable set of distributed b2b business and financial workflows that have a shared common global view between organizations. In Stateset, data is owned by the customer and the business processes are shared between a global network of nodes transacting sale and finance information. Modules for different processes between counterparties are richly composable and distributed amongst a network of peers and nodes in the network. We exchange the paradigm of custom implemented and siloed workflows withing one organization for a new orchestrated, shared and agreed upon set of flows between nodes in a globally distributed network. We imagine entire value chains of trade partners onboarding into the network in groups of producers or consumers, lenders or merchants, brokers or providers, controllers or processors of data subjects; any form of party and counterparty. Robust data mapping has been built into the platform to ensure that these types of trade partners are using a platform the is logically centralized but organizationally decentralized across network participants. This is the natural progression of computing. Going from on-premise databases, to distributed cloud multi-tenant instances, to a completely decentralized global platform for business to business workflows involving sales, finance, back office and other key revenue driving processes. Stateset is the infrastructure for the future of this computing paradigm. There will be a network of interoperable economically incentivized blockchain networks; the cornerstone of the infrastructure of global economy over the next two decades.

Data and processes will be implemented upon multiple blockchain protocols that are local to specific regions but that interact with each other through the infrastructure layers. These sections will have their own form and order of transactions and be able to interchange assets with Stateset UTXOs leveraging the same replicated and highly available cluster of nodes communicating via ABCI. There will be an internet of blockchain nodes that are used for consumer and business applications built on many different blockchain core protocols. Stateset has delivered a structured format and set of workflows with deterministic transactions outputs for sales and finance automation that are traversable between the nodes at a point-to-point network layer. Stateset is going to displace legacy enterprise software, on-premise and cloud business solutions; with next-generation technology that is more secure and robust. It is built on state-of-the-art Byzantine Fault Tolerant engine and an enterprise-grade, distributed state machine. It will be a constant, an infrastructure and shared system of record network of nodes that are able to exchange assets, messages and other types of state and information securely and instantly across the globe. B2B Enterprise Applications B2B enterprise software for sales, service, marketing, finance, middle and back office functions; are mission-critical for revenue driving within an organization. This is the initial focus for workflows being built into Stateset. Stateset redesigns these b2b applications from first principles as a set of shared workflows between organizations. We have designed lead generation, lead sharing and lead management across organizations. Account and Contact management with robust Controller and Processor data mapping built in for GDPR and CCPA compliant data subject adherence and consumer data privacy. Contract management software for buy side and procurement as well as sell side contracts with shared execution logic between organizations. Case, Application, Contract, Invoice and Loan Lifecycle management using auto-executing and reconciliation free workflows across counterparties. Order Management across the entire value chain with auto-replenishment between vendors and merchants. Invoice and Billing Management with mitigation of counterparty risk related to non-payment and non-performance. Asset Management that is native to the ledger and no longer siloed within one organization. Documents are file storage that is content addressed and proxy re-encrypted for secure uploading and sharing with participants in a completely verifiable manner. Stateset is the future of b2b sales and finance software. Stateset has been developed from first principles for companies to run their mission critical revenue driving operations, accelerate working capital lifecycles and accelerate growth across their entire value chain. The following technologies are state-of-the art developments that are critical to the Stateset Network and Stateset Platform. Our mission is to create a fast, state-of-the-art user interface to access a network of organizations powered through a distributed b2b state machine for revenue driving sales and finance operations. The following are technologies used to accomplish the mission.

Traversing Blockchains UTXOs, unspent transaction outputs, are one of the fundamental innovations by Satoshi Nakamoto when developing the Bitcoin Blockchain Network. Protocols such as CKB Nervos and Corda both leverage the UTXO model. Stateset is a distributed state machine built on the Corda Blockchain protocol that does not order all transactions as one single virtual execution that forms the blockchain; instead, it defines states and transactions, where every transaction consumes (multiple) states and produces a new state. In the Stateset Network the transactions are also validated and signed by a third-party notary node and replicated through a cluster of notaries nodes using Tendermint BFT and ABCI. The stateset can be thought of as the global set of UTXOs in Bitcoin, the global UTXO of cells in Nervos or the UTXOs of sales and finance automation states in Stateset Network.

Stateset Network Stateset at the infrastructure level is comprised of a distributed network of Corda Nodes used for business to business workflows. The network allows for net new nodes on the network to join and leave the network at will with unspent output recovery with other nodes in the network through the cluster of notary nodes. The Stateset Network is the authoritative, single state across multiple networks using a deterministic virtual machine. Stateset Network is logically centralized but organizationally decentralized across 1000’s of organizations around the world that are managing front, middle, back office and working capital lifecycles. The network leverages a thin waist and uniform peer-to-peer networking protocol for assimilation and standardization across the network. An organizations services on the network consists of the docker containers for user interface, Graphql engine, Spring REST service and each nodes PostgreSQL. Containers are provisioned using CodeShip and Terraform and are orchestrated using Kubernetes. Docker files are used to containerize the application as well as to update different services on the network. PostgreSQL is used as the underlying RDBMS. Known entities on the network will be identifiable on Stateset upon login and known entities on the network are able to be directly transacted with in a secure and privacy preserving manner. Nodes on the network are able to instantly communicate with other nodes on the network in real-time on a global transaction network that is secured and replicated in trusted executable environments. All of the business information that is executed will be the same shared business execution logic across same across every node in the network. Shared execution logic ensures that counterparties are viewing the same exact data when transacted with. There is not concept of global state but a set of peer-to-peer UTXO sets across a globally distributed network of a nodes. The UTXO sets are maintained between companies for post-contract and asset lifecycles and managing data mapping processes across organizations. Double spending of input states is prevented using a cluster of nodes using Tendermint BFT which communicate with the Stateset State Machine using ABCI (Application Blockchain Interface).

Stateset Notary Clusters Notaries on the network leverage the Tendermint BFT algorithm for coming to consensus on the Stateset network. There are 7 notaries for every notary cluster in the Stateset network. The pluggable consensus is used as a replicated state machine for UTXO based consensus based on probability. Transactions that are occurring on the network have to choose a Notary before executed. Notary clusters relay the transaction as validating or non-validating notary nodes. ABCI is used to communicate the state machine workflows on the Stateset Network with the Notary Clusters using Tendermint BFT to reach consensus on the validity of transactions. The Notary Cluster keeps a running chain height on top of key value store that is highly available and globally distributed for notarization of transactions. The Stateset Notary Cluster prevents double spending of input states on the Stateset Network. Stateset workflows initiate the state changes and creates transactions outputs once signed and verified by the notary cluster. Each state points to a notary responsible for ensuring transaction uniqueness, i.e., that each state is consumed only once.

HSM and Key Management

Keys will be managed by the companies that are the legally known entity on the network. The Key Management is leveraging a HSM to secure the keys to sign messages on the network. The cryptographic operations that are performed by the HSM are key generation and signing. The private key material is stored in the HSM if the node is configured to use an HSM. The public keys are stored in the HSM (if configured for the node) and the respective key stores, which is the node key store for the node CA key and legal identity of the organization on the network. The certificate chain is stored there as well. The certificate chain is not stored in the HSM. Operations involving the private keys such as signature generation will be delegated by the node to the HSMs, while operations involving the public keys will be performed by the Stateset node. A Stateset node, including a notary node, must have all its keys in the same KeyStore or HSM. Splitting the keys across a combination of different key stores and HSMs is not supported. Stateset Agents Agents are unique to every known identity on the network. Based on what information it knows about the current state of the business, it will start business processes and flows on the network. The Stateset network will have agents living on the network that are instantiating flows between entities on the network. The agents will also be able to give the same answer to everyone across the network. The Agents will be operated via voice and text using a deep learning based Natural Language Understanding RNN. The latest advancements is using XLNet Autoregressive pretraining for language understanding. XLNet maximized sequence using all possible permutations of the factorization order. The factorization order is arbitrary and the target is ambiguous producing start of the art results. Data from the Stateset Network can be extracted from the PostgresDB and used for training data for the Stateset Agent. This will enhance the ability for the Agent to execute workflows on the network. The RNN is called upon via voice and text and the agents are able to traverse the different networks to execute transactions. The agents are able to effectively leverage the RPC calls on the network to configure parameters or metadata about the chain. A custom metadata page is accessible via the agents for updating the parameters of the network. The agents are leveraging natural language processing to perform intent and entity detection from a given utterance. The agents are stateless and query directly from the blockchain networks. Many abstractions of the agent will be available depending on the endpoints. One of the most anticipated endpoints will be audio that are calling to the agent to perform state changes on the network such as transactional operations and querying state from the blockchain networks. Other anticipated application will be voice usage in VR and AR systems to make wake call at which point the agent would be leveraged as a broker between the different API endpoints and chains.

SGX Nodes and Differential Privacy

Intel SGX will provide the trusted executable environment (TEE) for an encrypted ledger. Enclaves create a tamper-proofed space for programs to execute, so that they can process data without the owner of the physical hardware being able to inspect or interfere with it. This allows organizations to run computations without anyone having access to them creating powerful tool for solving problems involving multiple nodes in the network. Anywhere collaboration is needed but trust is expensive can benefit from enclave technology. TEEs also present the opportunity to integrate differential privacy on the Network of nodes performing privacy preserving analytics on the business network of nodes. Differential privacy with a Stateset node is implemented as an augmentation to the Corda Nodes SQL database used a ledger. This is attached to the Corda JVM is a parameter in the node configuration file and leveraged at the state layer. Leveraging queries to retrieve ledger states that have been recorded in the Stateset Nodes vaults. The state could include personal identifying information (PII) or other types of customer data that does not belong to the Node operator nor the owner of the node. Stateset allows for performing privacy preserving data analytics and machine learning on the Stateset Node is utilizing differential privacy on the SQL database that is used as the storage layer of the distributed business network.

Stateset Network Governance Governance of the Stateset Blockchain Network will be done on chain using the modules given by the Cosmos-SDK. This includes all upgrades across the network for platform versioning. These include governing limits associated with max transactions and message sizes and the computation that occurs across the network. Governance also includes the acutal core committers to the codebase and the ownership of the technology. The Stateset Network is Open Source Software licensed under Apache 2. This means that developers can contribute to the opensource version of the protocol.

Stateset Network DevOps Stateset uses continuous integration / continuous deployment using CodeShip, Terraform, and Kubernetes Engine on Google Cloud Platform (GCP). The Terraform Provider for Stateset deploys the Hasura instance with a Cloud SQL Database Proxy Container connecting to the Postgres Database running on Cloud SQL. On net new customer sign up; a terraform script is called upon and deploys the entire stack of containers in gke with a prefix dependent on the customer’s nodeName. Docker Containers and Docker Compose can also be used to standup initial networks. Consul is used for service mesh networking and service registry discovery for the Stateset Network. 3 Consul Servers are used to manage agents that are sidecars for services running on the Stateset Network. These agents are able to broker message back to the Server cluster which uses Raft consensus to come to a single source of truth on the services that are running on the network. Kubernetes on GKE with Consul based mesh networking provides visibility into the network infrastructure and services that are running.

Virtual/Augmented Reality Interface VR/AR will be used as a graphical user interface and input layer for interacting with Stateset. Stateset leverages virtual and augmented reality headsets as well as Augmented Reality from mobile devices to interact with the Stateset network. The primary input mechanism is voice leveraging Natural Language Processing to activate flows on the network. The flows are leveraged to make state changes across the Stateset network. Hololens will be used as an interface into the ledger specifically how to visualize the current state of the contracts that have been deployed on the network. The ability to see the transactions that have occurred in a simple interface that multiple companies can operate on is essential.

IBC IBC is like TCP/IP for Blockchain Networks. Interoperability is a key component for developing the next generation of blockchain and cryptographic networks by having traversable and configurable chains that have metadata that is immutable but data that is mutable. Metadata can control governance structures, consensus algos, modifications for different type of blockchain transaction mechanisms and other types of modules. The inter-blockchain communication protocol is a catalyst for the polycentric interchain. Different application specific blockchain networks are going in to be used in different use cases. They currently cannot talk to each other, transfer packets, between blockchains such as token transfers, signatures, votes and other types of transactions. Currently all of the assets on different chains are siloed. Use the unique features of each chain communicate. IBC is a messaging protocol for the interchain. Authenticated, Ordered and Route topology between networks. IBC enables chain innovation and continuous innovation across multiple state machines. Stateset specializes in sales and finance automation with a focus being interoperable with other state machines and smart contracts in the IBC ecosystem: IBC/APP: Application-layer packet semantics. Relayer during the hackathon. Application layer protocols sit on top of IBC. Cross-Chain account abstraction: delegate control to another chain. What state machine interacts. Interchain code relocation: transport contracts in packets. IBC/TAO: Transport, authencation ordering. Transport data from Stateset to another blockchain network: Authenticating that the data came from Stateset and is going to a different blockchain network or state machine. Authenticating that data came from another Blockchain network is interacting with the Stateset Blockchain Network. The Ordering abstraction allows to reason about the ordering of the transactions. IBC Protocol Stack consist of clients, connections, channels, packets, modules: • Client: verifying consensus transcripts • Connections: associating two chains. Created with a handshake. Paired set of identifiers. • Channels: data pipe between two modules. Channels handle Ordering Semantics and routing Semantics. Smart Contracts. Agoric’s JavaScript contracts on Swingset. Transfer of data between modules on different chains. • Packets: Where the action happens. The core messages, can contain different types of data. Token transfers, votes, etc. analogous to the core o one transfer from one to another o start a transfer on one chain o send an outgoing queue on the other o message on the other chain to receive that data o and client to verify data o send an acknowledgement that it completed o time out packets as well o after certain amount of blocks that packet can timeout • Module A wants to send some packet Module B on another. A relayer does the physical transfer. Routes it to Chain B. It goes to the module via Cosmos IBC.

Plaid Plaid is being used for our allowing our customers to securely connect their bank accounts to the Stateset Platform. Stateset uses Plaid for its underwriting models and for connecting our merchants and lenders bank accounts to the Stateset Network. This is to create an access token that allows us to generate a report that is used by the lender to review account holder information, assets and other transaction history. Plaid is a core component of the finance automation component and working capital automation of the Stateset Network. Combined with the Stateset Network, it allows us to have access to not only provide financial data but eventually service the loans and credit or debits accounts accordingly. The buyer, the seller and the lender compare the receivable details, approve the transaction, change records of ownership, and arrange for the transfer of cash. All three parties will be part of nodes on the network.

Next.js and GraphQL Stateset Platform provides a user interface to call workflows between organizations and read state from one organizations node using graphql and the next.js react framework. The platform is closed source is a client for calling Stateset but is not required to use the Stateset network. Entities can choose to build their own clients for interacting with the Stateset Network. The Stateset platform is managed service which is hosted using serverless functions powering server rendered react web pages and statically generated web pages connected to cms systems. Next.js is quickly becoming the leading web application framework and coupled with GraphQL it is a fast, responsive and best-in-class framework for developing a web interface to interact with the Stateset Network. GraphQL on top of the Postgres Nodes allows us to create subscriptions on states to receive the data in real time at the network level. The graphql engine combined with react hooks and the next.js routing is a great combination for traversing the stateset in real-time and implementing transaction workflows across companies. We recognize that contracts could be much more composable and written in the same language as our interface layer, JavaScript. Combined with graphql, we could create the secure third-party component system for developers to build on the Stateset platform. This is large part will be powered by Agoric’s SES technology and Smart Contract framework.

Agoric Smart Contracts On our roadmap we are looking into how we can leverage Agoric’s composable smart contracts written in JavaScript. They are secure based on Principle of Least Authority (POLA) and composable based on the Vat Model of the Electronic Rights Transfer Protocol (ERTP). Agoric’s long time goal is to move the diverse, vibrant world economy onto the decentralized web using safe smart contracts. Agoric is system for software agents participating in markets. Smart Contracts are a contract-like arrangement, expressed in code, where the behavior of the program enforces the terms of the contract without the need for a trusted enforcement agent. All invoke and agree upon what happened. Idea to be able to communicate between machines; interoperate between chains. Built on top of a layer of execution where there are modules that are used for smart contracts. Using JavaCcript we can send promises to other smart contracts. Agoric’s secure subset of JavaScript can create promise which is the result of something happening on another chain. For example an auction on another chain, send a bid, and get a promise; when the auction is complete the contract gets back the result. This same method can be applied to money, digital access, escrow, auctions, futures, forwards, derivatives; finance abstractions as components in JavaScript. Communicating network of contracts between composable networks. derivatives; finance abstractions as components in JavaScript. Object-oriented model for contractual arrangements in real-world markets. JavaScript can be used to write secure programs: • Object-capabilites (ocaps) • Only refs carry causality • Reference graph === Access graph • Principle of Least Authority (POLA) • Distributed Secure Cross-chain Messages • Vat level IBC. And the CapTP protocols. • Multiple Vats in a single chain. • Vat unit of synchrony • Swingset is a unit of determinism. • Swingset nano=kernel • Order of message delivery among the vats in the swingset is deterministic. • Object in one vat can effectively hold the capability to an object in another vat. • The Vat is unit of portability and migration. With the capabilities. • The logic should be completely independent on what chain its running on. Further: Object-oriented message passing, along with encapsulation and polymorphism, enables modular programming. Adding this property to an object system transforms it into a capability system. In a capability system, only connectivity begets connectivity. In a capability system, an object’s authority to affect the world outside itself is determined solely by what references it holds, since the only way the object can cause an external effect is to send a message via one of these references. Consequently, the mechanics of reference-passing determine how authority can change over time. Any secure system of electronic rights must solve at least three problems: • How to represent who currently has what rights. • How to enable rights holders to exercise those rights they have, and no more. • How to enable rights holders to securely transfer these rights. The static reference relationships among objects exactly represent who currently has what rights Commerce is a rich set of market interactions that emerge when territory and abilities are abstracted into “rights”, and a rich set of arrangements that emerge for the mutually acceptable transfer of these rights. For large scale electronic commerce, we should concern ourselves with those rights which are both representable electronically and enforceable electronically, and with mutually enforceable arrangements for their transfer. These instruments represent the discovery of many new kinds of rights, and ways of deriving these rights from more primitive rights.

Conclusion We have proposed a system for distributed sales and finance automation workflows without relying on a single cloud based multi-tenant entity. We started with the usual framework of enterprise processes within a company related to revenue driving applications but is incomplete without a way to share state and the business process between different organizations in the value chain. To solve this, we proposed a peer-to-peer network of nodes that are able to use a flow framework for b2b transactions that are notarized using Tendermint BFT to record a history of all transactions that quickly is replicated across a cluster of notary nodes. This creates an authoritative shared system between organizations around the world for sales, finance and commerce.