Qtum (pronounced Quantum) has been turning a lot of heads in the crypto space. The Qtum Foundation is registered in Singapore and is a global project with a team located in Asia, the Americas, Africa, and Europe. The reason behind its surge of popularity is its USP – providing Ethereum’s EVM with Bitcoin’s secure UTXO model. On top of that, they secure consensus with the Proof of Stake 3.0 (POS 3.0) algorithm. In this guide, we will take a deeper look at Qtum and see why developers should start experimenting with their platform.
Combining the Best of Both Worlds
The most popular blockchains in the world right now are Bitcoin and Ethereum. Bitcoin, being the one that started it all, still remains the most secure blockchain in the space. Its UTXO (Unspent Transaction Output) model also helps in the high traceability of transactions. This is the reason why Qtum decided on the Bitcoin blockchain to be its foundation. On the other side of the equation, we have the Ethereum blockchain. Ethereum ushered in the era of smart contracts. Suddenly a blockchain wasn’t just a fancy way to transfer money anymore. Ethereum allowed developers from around the world to build their decentralized applications (dApps) on top of the chain. To incorporate smart contracts, Qtum developers have created an abstraction layer called “Account Abstraction Layer (AAL)” to allow the Ethereum Virtual Machine (EVM) to exist on top of Qtum’s UTXO blockchain. With this simple innovation, Qtum provides its users with a secure smart contract mechanism that is interoperable with both Bitcoin and Ethereum. This is a highly exciting proposition for both regular users and developers since scalability techniques that are being worked upon on both Bitcoin (the Lightning Network) and Ethereum (Raiden Network, Plasma, etc.) can be operable on Qtum, as long as the community consents to it. Speaking of interoperability, there are two more fascinating aspects that one must keep in mind:
To gain a complete understanding of SegWit, please check out our in-depth guide here. To give you a very brief understanding, SegWit stands for “Segregated Witness.” Before SegWit implementation, Bitcoin transactions were suffering from a scalability problem since they were unnecessarily bulky. The signature data added the extra bulk. By implementing SegWit, the signature data was taken out of the blocks and kept in a sidechain, running parallel to the main Bitcoin blockchain. Since Qtum is compatible with SegWit, it can reap its benefits.
Ethereum Smart Contract Compatibility
Qtum uses the Ethereum Virtual Machine (EVM) to make sure that Ethereum smart contracts run on Qtum and vice versa. This is an incredibly important functionality. Ethereum has the strongest developer community in the world. Via this functionality, Qtum can siphon in these developers to their platform. Ethereum dApps can also be easily ported to Qtum. What this also means is that developers can use Solidity, an already established language, to create smart contracts on Qtum.
Qtum and UTXO
To understand UTXO, you need to understand how transactions work in Bitcoin (and work the same for Qtum). To gain a layman’s understanding of how UTXOs work, think of how basic cash transactions work. Suppose your friend owes you $6. She reaches out to her purse and takes out a $5 and $1 note, and pays you back with it.
Now, if you owe someone $8, you take out the $5 and $1 that your friend had earlier paid to you and $2 that someone else had earlier paid to you.
That’s pretty much how transactions work in Bitcoin. The outputs of a previous transaction become the inputs of a future transaction. So, keep this in mind, and let’s look at how Bitcoin transactions work.
Suppose Alice needs to send some Bitcoins to Bob. To do this transaction, Alice’s wallet will make the outputs of her previous transactions the input of the new transaction.
So, suppose Alice needs to pull bitcoins from the following transactions which we shall name TX(0), TX(1) and TX(2). These three transactions will be added together and that will give you the input transaction which we shall call TX(Input).
Diagrammatically, it will look like this:
So, that is it from the input side, let’s check out what the output side will look like.
The output basically will have the number of bitcoins that Bob will possess post transaction and any remaining change that is left over, which is then sent back to Alice. This change then becomes her input value for a future transaction.
A pictorial representation of the output side looks like this:
Now, this is a straightforward transaction that has just one output (apart from the CHANGE), some transactions are possible with multiple outputs.
So, why did Qtum adopt the UTXO model? There are two main reasons:
- Firstly, to use a mature, stable and secure transaction model that is widely understood from the Bitcoin blockchain.
- Secondly, the UTXO model helped in the implementation of Simple Payment Verification (SPV). SPV will allow a light node to interact with smart contracts and verify transactions. Light nodes are nodes that only download a part of the blockchain instead of the complete blockchain.
Qtum and EVM
As mentioned above, Ethereum ushered in the era of smart contracts. Smart contracts are self-executing and automated agreements between two or more parties, which doesn’t require any legal intermediaries. That sounds pretty amazing, right?
However, where exactly do you execute these contracts? Smart contracts can be executed in one of the two following systems:
- Virtual Machines: Ethereum uses this.
- Docker: Fabric uses this.
Let’s compare these two and determine which makes for a better ecosystem. For simplicity’s sake, we are going to compare Ethereum (Virtual Machine) to Fabric (Docker).
So, Virtual Machines provide a better deterministic, terminable, and isolated environment for smart contracts. EVM integrates a gas mechanism to prevent infinite loops and spam (execution terminates when the contract call runs out of gas). Want to know more about gas? Click here.
Connecting UTXO and EVM
Since UTXOs and EVM are wildly different concepts, how did QTUM manage to connect them in their platform? Via the addition of the Account Abstract Layer (AAL). AAL acts as an interface layer between the UTXO and EVM. The beauty of the AAL is that its not confined to just EVM. Any virtual machine that is compatible with the AAL can execute on top of AAL.
So, before we venture further into AAL, let’s understand what abstraction means.
Abstraction means that anyone can use any system or protocol without completely knowing the ins and outs and all the technical details. Eg. When you use your iPhone, you don’t need to be a programmer or an engineer to operate it. You simply press on the screen to activate an app, or press on the call button to call someone. You don’t need to know how pressing certain apps activates the circuit inside the phone or how certain apps were programmed. Abstraction makes a sophisticated technology accessible to the masses by hiding the complexities.
For smart contract platforms and dApps, abstraction is pretty much the holy grail. If mass adoption really is the goal, then dApps need to run similar to a normal application. Similarly, Qtum should integrate EVM and UTXO in a way that it is straightforward for users and developers to interact with it.
So, to gain a better understanding of how AAL works, let’s see how a simple Bitcoin transaction works at the code level. During a transaction, your wallet will execute the following opcodes on your machine. This basically instructs the software to check if the public key of the transaction matches the signature or not:
The “Script” column has a bunch of keywords that are called opcodes. Bitcoin transactions are scripted by the combination of these opcodes. The AAL adds three more opcodes to the original Bitcoin list to enable smart contract support.
- OP_CREATE: Used to create new smart contracts.
- OP_CALL: Used to execute code inside an existing smart contract.
- OP_SPEND: Used to spend the value in a smart contract.
So, how do these opcodes process? Let’s take a look.
- The validator’s software parses the script in the Qtum transactions.
- When they come across one of these three opcodes, they set them aside to be processed by EVMs.
- The EVM contract transactions are then processed into a special “Expected Contract Transaction List,” which is executed by validator nodes.
- These transactions are then run against the EVM, with the resulting output being converted into a spendable Qtum tx.
- If, during the execution of a contract, the contract calls another contract with a value, that transaction is also turned into an explicit Qtum tx and attached to the current block.
The size of the Qtum UTXO can be managed fairly well since the OP_CREATE, OP_CALL, and OP_SPEND transactions are all spendable. When a contract self-destructs, the OP_CREATE transaction is spent, which removes it from the UTXO pool.
If you are a solidity developer, then it will be pretty straightforward for you to start coding on Qtum since it already leverages the EVM. If you are interested, then we recommend you to get started on their comprehensive developer’s guide.
However, as mentioned before, EVM is not the only virtual machine available on Qtum for smart contract execution. The Qtum team is developing an x86 smart contracts virtual machine for Qtum. This x86 VM will allow developers the flexibility to code smart contracts in popular programming languages like Rust and others.
Qtum and Proof of Stake (POS)
As mentioned multiple times already, Qtum uses a POS consensus model. Many of the modern blockchains have opted for a POS model because of the advantages it has over the classic POW model. POW or proof of work was the consensus model introduced by Bitcoin, wherein specialized nodes called miners solve cryptographically hard puzzles by using ASICs.
The problems with proof of work.
- Proof of work is an extremely inefficient process because of the sheer amount of power and energy that it eats up.
- People and organizations that can afford faster and more powerful ASICs usually have a better chance of mining than the others. This means that Bitcoin mining isn’t as decentralized as we want it to be.
- Since POW mining eats up real-world resources, it is highly detrimental to the environment.
Proof-of-stake, on the other hand, makes the mining process completely virtual. Let’s give you a brief overview of how POS works:
- The validators/miners lock up some of their coins as stake.
- After that, they will start validating the blocks. Meaning, when they discover a block that they think can be added to the chain, they will validate it by staking one or more UTXOs for 500 confirmations..
- If the block gets appended, then the validators will get a block reward, where the frequency of block rewards is proportionate to the amount staked by that validator.
Different projects use different variations of the POS algorithm. Ethereum will be using the Casper protocol, while Algorand uses pure POS. Then there are projects like EOS that use delegated POS
Qtum uses POS version 3 or POSv3, which is built for UTXO-based blockchains. Let’s look at the previous versions before arriving at POSv3.
“Coin age” is a term used to describe how long a UTXO has not been spent on the blockchain. POSv1 depends heavily on coin age. Higher the coin age, the more the difficulty is reduced. However, the problem with this approach was that people just stopped spending their coins! People only opened their wallet only when they needed it for staking. If a coin was old enough, it would almost instantaneously produce new staking blocks.
This version improves upon the previous version by eradicating the concept of coin age from consensus. Another significant change that they made among a host of updates was to use a completely different stake modifier mechanism from v1. This stake modifier happened to include the previous block time. Keep that in mind, when we discuss v3.
The block time included in POSv2 can make it vulnerable to a “short-range” attack where it was possible to mine an alternative blockchain by iterating through previous block times. Changes like these make POSv3 a much better version of POSv2.
POSv2 also used block and transaction times to determine the age of a UTXO, which is different than coin age. POSv3 determines the age of a UTXO by judging its depth in the blockchain (e.g., confirmations).
NOTE: Qtum recently added support for OP_RETURN opcode which allows for a vout to contain the public key for signing the block without requiring a full pay-to-pubkey script. This means a dApp provider can pay the gas for new dApp users, allowing for easier onboarding.
Looking deeper into POSv3
In a POW system, a random nonce is added to the hash of the block header and the resultant is hashed again. This hash, in turn, should be lesser than the overall network difficulty. Only then, is the block added to the main blockchain.
On the other hand, POSv3 has a kernel hash, which is composed of several pieces of data that are not readily modifiable in the current block. Here are some more features that must be kept in mind about Qtum’s POS system:
- The second transaction in every block is called a “coinstake transaction,” while the first transaction is an empty coinbase transaction.
- Each block must have at least one staking transaction.
- The block timestamp must have the bottom four bits set to 0 so the blocktime can only be represented in 16-second intervals.
- Only once every 500 blocks (about 18 hours) can a UTXO be used to produce a staking transaction.
Now let’s look into what a POSv3’s Kernel Hash is built from:
- The previous block’s stake modifier which is a hash of prevout transaction in PoS blocks and previous block’s stake modifier.
- The timestamp from the prevout transaction.
- The hash of the prevout transaction.
- The output number of the prevout (this is the output of the transaction is spent by the staking transaction).
- The current block time where the bottom four bits are set to 0. This particular feature changes during the staking process.
NOTE: A prevout transaction is the UTXO that is used to create a staking transaction. The only way to change the current kernel hash is to change the UTXO you’re using to create the block or change the current blocktime.
Now that we know how Qtum’s POSv3 works, let’s look at how it mitigates POS’ biggest flaw – the nothing-at-stake problem.
What is the “Nothing-at-Stake” problem?
Consider the following situation:
In the diagram above, we have the main chain (blue), which has been mined till block #53. However, there is a parallel branch originating from block #50 (red). What will happen if some malicious miners get together and keep mining on the red chain until it overtakes the blue one? All the transactions that have taken place in the blue blocks 51, 52, and 53 will be instantly null and voided.
POW blockchains are vulnerable to this 51% attack because hash power can be rented on a short-term basis.
Suppose malicious miner Alice wants to mine on the red chain. Even if she dedicates all of her hash power to it, she won’t get any other miner to join her on the new chain. Everyone else will still continue to mine on the blue chain because it is more profitable and risk-free to mine on the longer chain.
POW is easy to mount a 51% attack with rented hash power. Hence chain splits are problematic for all but the largest POW blockchain (bitcoin).
However, things look a little different when you bring in POS. If you are a validator, then you can simply put your money in both the red chain and blue chain without any fear of repercussion at all. No matter what happens, you will always win and have nothing to lose, despite how malicious your actions maybe. However, the red chain would have to stake with a greater number of coins (network weight) to be successful, and unlike POW where an attacker can rent hash power, POS requires actual coin ownership.
This is called the “Nothing-at-Stake” problem.
Ethereum’s Casper protocol mitigates this by using a punishment mechanism. Basically, the malicious validators get punished by having their stake slashed. Qtum plans to provide a different solution to the nothing-at-stake problem and will never punish stakers that misbehave other than kicking them off the network. They believe that no software can be made perfect, and so the risk of a bug causing the staker to misbehave and lose millions of dollars is unacceptable to them. The following points must be kept in mind to understand Qtum’s mitigation of the nothing-at-stake problem:
- Using checkpoints and the 500 confirmation maturity for staking transactions.
- They will put some of the data on the Bitcoin blockchain that can be later verified through SPV. This makes sure that an attacker can’t lie about when a particular block was created.
Also, it must be noted that Qtum feels that the nothing-at-stake problem is a little overblown, especially wrt to their system because:
- It can get very costly to construct the setup for the attack.
- Even when everything is setup, the rest of the nodes still need to follow your lead, which is a long shot.
- Anyone can easily detect it by checking centralized off-chain resources such as block explorers.
- The checkpoints can be added to the code at a more frequent pace to do faster releases. This will make sure that these malicious nothing-at-stake chains will never have any significant amount of power.
Decentralized Governance Protocol
Another feature of Qtum is DGP (Decentralized Governance Protocol) introduced to modify blockchain parameters quickly and seamlessly without the need for a hard fork. DGP is built using smart contract technology and is able to adjust block size (up to 32 MB) and change the gas amounts for various smart contract operations.
So, the block size and gas parameters can be changed through a governance process on-network with no new software required to be downloaded, and no actions have to be taken from network stakeholders and node operators. Hard forks will still be required for changes in consensus or new virtual machines, for example.
Qtum is one of the most exciting projects in the space. By combining UTXO, EVM, and POS – Qtum provides a platform that is unique, secure, and innately scalable. Due to its connection with the EVM, Qtum can easily attract the already vibrant solidity developer community and give them an option to port their dApps onto their platform. It will be very interesting to see how this project grows in the near future.