Agreeing to Disagree: Interoperability in a World Without Compromise

Agreeing to Disagree: Interoperability in a World Without Compromise

I made a mistake when we designed Corda. I thought the attractions of an Ethereum mainnet-style ‘shared global network’ were so obvious that enterprise blockchain projects would follow the same model. But it turned out that every successful project wanted to run its own separate network. Looking back, they were right to do so! But it means we needed a new approach to interoperability. And two major milestones in 2023 will deliver it. 

Richard G. Brown, CTO at R3, 2023

Isn’t it amazing how well the Ethereum mainnet works? All those independent applications co-existing and interacting. A veritable Lego box of possibility that innovators can endlessly assemble and reassemble to solve hitherto unanticipated needs. Indeed, the entire basis of the DeFi revolution was the ability for contracts written by different people to ‘snap together’ seamlessly. We call this concept ‘composability’, and it is an under-recognised source of Ethereum’s success. 

When we designed Corda our aim was to achieve something similar for firms whose constraints – regulatory, privacy, performance – meant they couldn’t use a permissionless network but who nevertheless saw the benefits of doing business on a globally shared ledger, in synchrony with their trading partners. 

Corda has supported different contracts interacting directly with each other from the very first release in November 2016. And it’s why we established the Corda Network Foundation soon after to build a global Corda Network onto which these different applications could be deployed. 

But we soon began to notice something that we found quite vexing: every project wanted to have its own private ‘section’ of the Corda Network. They absolutely did not want some random third parties coming along and using their application in ways they hadn’t anticipated. We saw the same thing happen with the other enterprise blockchain platforms too.  

At first, I thought this was merely a problem of education. There were subtle privacy considerations that made it attractive to run standalone Quorum or Hyperledger Fabric networks, but Corda was explicitly designed to avoid these issues. Perhaps our customers just didn’t realise? 

I spent a lot of time explaining to customers why I thought they were wrong and wrote lengthy blog posts explaining what bad things happened if you weren’t prepared to share a network with other projects. Here’s an article from that time: 

“This means that assets earned on one application on a platform based on whatever codebases eventually emerge from the Enterprise Ethereum committees will not be easily usable on another. Each application will require its own identity, consensus and governance processes. The firms who deploy nodes to connect to these applications will be lumbered with expensively duplicated and incompatible infrastructure in their data centres. And the industry will then have to spend millions of dollars inventing ways to make these isolated applications interoperate with each other. The complete opposite of what the enterprise blockchain revolution is intended to deliver, and a complete replication of the technology nightmare firms find themselves in today.” 

I must have spent so many hours patiently explaining to my best customers that they were wrong about the future. They mostly found this quite annoying. 

Now, I’m not completely stupid. I did realise that telling a customer who asked for ‘X’ that they were mistaken and should actually be asking for ‘not X’ is an unconventional approach to relationship management. But there was also a vitally important engineering reality at stake: the Ethereum-style seamless application composability relies – in a fundamental way – on having all in-scope applications running on the same network. 

This insight – that ‘composability’ is extraordinarily valuable but works best when everybody is on the same network – was so important that I even went so far as to coin phrases, like ‘Universal Interoperability’, to explain to users of ‘enterprise blockchains’ why they had to get on board with the idea of running their applications on shared networks. This was self-serving on one level – only Corda could safely operate in this manner. But the fact it was true didn’t matter: customers absolutely did not want to do share networks. 

This triggered a lot of soul-searching and analysis. Why would projects be willing to share a network in the adversarial world of public crypto, but not be willing to share a network in the more controlled and regulated world we were building? 

I think there were two main reasons:

  1. First, there is the need to get very comfortable with risk and uncertainty: if you deploy a contract to a shared network you do have to accept that it will move some way out of your control. Somebody might use it for things you haven’t anticipated. Somebody might find a bug. Maybe they will exploit this bug. This is not a theoretical concern. These things happen, repeatedly, on public networks. Like all the time. Yet the benefits that arise from having a shared ecosystem of contracts on the same network evidently exceed the scary security costs that go with it in the permissionless case. But users of permissioned networks didn’t see it the same way, at least not in the early days.   
  2. Secondly, the direct implication of being on the same network as other parties is that you’re subject to the same rules as them too. You all have to agree on a huge number of arcane things: what is the minimum version of the protocol you’re allowed to use? How large is the largest permissible transaction? Who gets to decide if transactions have been confirmed or not? If there’s an identity verification service, who runs it? 

The answers to these questions can have far-reaching implications. If you’re on the cutting edge you may have to wait until a product feature, you need can be activated. If you’re a slower mover, you could find yourself forced to do a disruptive upgrade merely to stay in business. What happens if the identity verification service makes a mistake? Can you sue them? Can somebody sue you? Having your business strategy dictated by people over whom you have no power or influence can be scary place to be. 

Yet these questions of collective governance are unavoidable when running on a shared network, and everybody may have their own preferences as to the correct answers. Everybody has to find a way to agree.  On the successful permissionless networks, somehow, miraculously, they do! Yes – there is the occasional dispute, that sometimes leads to a schism within the community. But it’s interesting how rare such situations are in practice. 

What we found in the enterprise space, however, was that the dynamics are completely different. And so, each enterprise blockchain project – on any of the major platforms – has typically deployed to a separate network. 

This wasn’t a problem at first. My fears of chaos didn’t come true. This was because most projects were 100% focused on getting live, onboarding users and delivering value. Unlike public networks where DeFi became an end in itself, with composability as the enabler, private networks took a different path, focused on first making each individual project successful in its own right. 

But we’re now at the point where these projects do need to be able to interact with each other. Is their decision to deploy to different networks going to bite them, and do so big time? Happily, no! And this is thanks to two distinct projects, both of which will deliver real impact this year. 

The first project is a new interoperability protocol focused on the needs of regulated networks. This work has been trailblazed by several firms at the forefront of getting real-world enterprise blockchain platforms to work well together. HQLAx, running on Corda, and Fnality, running on Hyperledger Besu, an Enterprise Ethereum platform, were the first projects to reach the point where they needed to connect their applications. HQLAx is a sophisticated regulated digital asset network used by large financial institutions, and Fnality is a private-sector Central Bank Digital Currency (CBDC) platform. Each of them solves a pressing problem for large banks. But neither of them has an end-to-end solution for some of the problems these banks are trying to solve. For example, some HQLAx customers want to settle their trades in a high-quality cash instrument, such as the one provided by Fnality.  

This creates a need for a very specific type of interoperability: ‘atomic’ transactions between the two platforms. This is not a typical problem that anybody needs to solve in the permissionless space, since contracts typically only interact with contracts deployed on the same network. There was no direct prior art anybody could build on, so their engineers prototyped a solution. Earlier this year, tech firms including R3 and Adhara, joined the effort. This project has now reached the point where we are contributing our learnings to the broader Hyperledger interoperability initiative. A really powerful example of practitioners in the industry, facing real business problems, engineering a solution and donating it to the community for broader benefit.  

And the second project is the Next Generation of Corda itself. We never gave up on the dream of true seamless composability of enterprise blockchain contracts. The challenge set to the engineers building Corda 5 was: can we deliver the high-fidelity composability so beloved by users of permissionless networks, but do it in a way that works across differently governed networks, and which can be used to compose valuable enterprise solutions from existing applications? 

The design rests on an interesting insight that applies to those wanting to connect enterprise applications together: usually both parties in a transaction are represented on both networks. This opens up a design space that seems to have been previously overlooked and has allowed the Corda 5 team to come up with a composability solution that can span networks. It is to my knowledge unique. We’re going to trial it in a forthcoming release of Corda and, once we’re sure it works, we’ll work with the industry to extend it to any enterprise platform. We’re pretty sure that the concepts are universal. 

In 2018, I wrote that

“The win comes when we break down silos; when we enable data and assets to move without friction; when we avoid duplication; when we eliminate reconciliations and unnecessary integrations.” 

Richard G. Brown, CTO at R3, 2018

But my vision depended on everybody running on the same network. Five years later, thanks to the diligent work of the Corda engineers and unprecedented industry-wide cooperation, we have two complementary solutions coming to market in 2023 that deliver this promise but without forcing you to deploy your applications on networks you don’t control. 

  • Richard Brown

    Chief Technology Officer

The post Agreeing to Disagree: Interoperability in a World Without Compromise appeared first on R3.

Open Interoperability And The Future Of Blockchains For Business

Open Interoperability And The Future Of Blockchains For Business

The future of enterprise blockchain depends on the ability of different networks to work together seamlessly in a standards-based, open way.

Richard G. Brown, CTO at R3

The recent high-profile demise of some enterprise blockchain projects triggered an understandable new wave of criticism of the entire concept. These attacks are often unfair: contrary to popular perception, there are multiple highly successful projects delivering real value day-in day-out, on multiple platforms. But one of the attacks demands a thoughtful response: enterprise blockchain networks do tend to be deployed as separate networks for each application, rather than on large-scale shared networks as is popular with permissionless chains. It turns out there are good engineering reasons for this, but the critics are right to point out that it obliges those of us building such networks to explain how they are going to interoperate with each other, with as little friction as possible.

From ‘nice to have’ to necessity

Having worked in enterprise blockchain for nearly a decade, one of the questions I often get asked is: where is this all heading? I think the best answer is that we are witnessing the emergence of an open, connected network – of networks.

A useful way to think about this is to view each project from two perspectives.

First, each enterprise project is typically its own standalone network, solving a real and valuable problem: supporting high-value transactions, typically between banks and regulated financial institutions. This means deployment takes time and that they are subject to stringent rules and obligations to make sure they work and don’t undermine stability. As a result, they may often lack the same freedom of movement as public or permissionless decentralised contracts. So they are typically built and operated, at least initially, as their own networks.

Secondly, however, they were not intended to be standalone networks. Rather, the ‘end vision’ is that they connect with each other, solving different problems but nevertheless retaining the ability to openly and freely interoperate with other blockchain networks across the world, irrespective of which platform they are based on.

The industry is certainly beginning to move the needle on interoperability. Take Fnality and HQLAX, for example – two separate blockchains running on Enterprise Ethereum and Corda platforms respectively, that successfully interoperated with each other for cross-chain repo swap settlement last year. Or the Hyperledger Cacti Project – a multifaceted interoperability platform that is gaining attention.

But we should perhaps also take a step backwards. Is there really any reason why different networks use different technologies and hence need to solve the interoperability problem? And what, exactly, is the business driver in any case?

First the technical angle. Blockchains function based on unique rules, known as protocols, which include a method for reaching network consensus on transactions in a secure manner. And different platforms – Corda and Hyperledger Besu, say – have different strengths and weaknesses. So different projects have legitimate reasons for using different technologies. And since consensus is designed to work natively, transactions to other networks often cannot be verified through the protocols of the existing blockchain and so we need a way – an interoperability protocol – to link the networks in a reliable and secure way.

Forging the path towards interoperability

From the business perspective, the need for interoperability emerges very naturally from the need to solve two specific problems:

1. Asset bridging – Asset bridging occurs when a user desires to move an asset from one ledger to another. This is typically achieved through burn-mint or escrow-mint mechanisms, where each network behaves in tight synchronicity, coordinating between the escrowing or burning of the digital asset on one network and the minting of the same asset on the other network. Any time an asset is ‘bridged’ from one network to another, there is a need to securely immobilise the asset on the source network in lockstep with its re-appearance on the destination network. With this in mind, it is paramount that such bridging is carefully designed and tested. The need to ensure the asset exists in precisely one place at any time – and that the immobilised asset cannot be nefariously taken – is of critical importance.

2. Atomic swaps – Sometimes – and this is surprisingly common in the enterprise setting – there is a need to exchange assets that exist on different networks. For example, I might agree to send you a digital asset if and only if you send me payment for it. An atomic swap is the simultaneous exchange of two digital assets, each on distinct networks, each asset never leaving its own network. The swap must be ‘atomic’: both one-way transactions must either successfully complete or clearly fail in their entirety. In this case, a ‘failure’ of the swap can be seen as a feature and not a bug, as this eliminates the dangerous and potentially expensive outcome of only one leg of the transaction completing.

One chain at a time

The long-term vision of the enterprise blockchain industry should not – and was never intended to be – dominated by a small number of market players. Rather, it is better thought of as an interconnected ‘network of networks’ on multiple DLT platforms.

As well as a technology challenge, successful and safe interoperability needs open and active collaboration – not just within ecosystems, but across them. By working together and tapping into firms and individuals with market and technological expertise, we can reach the ultimate end goal of empowering market participants to control their assets across different networks securely, seamlessly and in a streamlined way.

  • Richard Brown

    Chief Technology Officer

The post Open Interoperability And The Future Of Blockchains For Business appeared first on R3.

Enterprise Blockchain: Past, Present and Future

Enterprise Blockchain: Past, Present and Future

Preparing for the Next Generation of Corda 

I gave a talk to an audience of financial and technology executives in Sao Paolo this week. It was an opportunity to share some reflections on the genesis of the Enterprise Blockchain industry, our successes and failures, and where things might be heading next. I realised that it might be a topic that a broader audience could be interested in. So here is a lightly edited version of what I talked about this week. 

What’s the big idea? 

Think about a big firm you’re familiar with. Perhaps it’s the one you work for. Chances are, if you operate in a competitive market, your firm makes pretty extensive use of Information Technology (IT), and you’re probably pretty good at it. 

It might not feel like your firm is good at technology, but the reality is that firms that are truly bad at IT have been outcompeted by those who figured it out. HR, Payroll, Procurement, Accounting… so much of the firm has been automated and optimised by IT that we don’t even notice it. 

But now look at the market in which your firm operates. The technology story is totally different. It’s lamentable. It doesn’t matter who you’re interacting with – suppliers, customers, lenders, borrowers, whomever – the situation is likely the same. Each of you have your own systems – which work perfectly well on their own terms – but which don’t connect to your counterpart’s. Information is endlessly duplicated – badly. Errors are rife. Paper, email and faxes are what passes for communications technology. It’s embarrassing. 

Yes – some processes in some markets work well. But it’s remarkable the extent to which they are exceptions to the rule. And it’s not as if we haven’t tried. The ‘B2B’ boom in the late nineties was one valiant attempt to apply the power of technology to optimise and automate entire markets. But, in general, the world has made slow progress. 

Enter Blockchain 

In the mid-2010s, we decided to try again. The rise of Bitcoin and emergence of Ethereum had shown it was possible to build global-scale networks that allowed disparate parties to connect, coordinate and transact. No one person controlled these networks. Anyone could connect. And, somehow, all the various participants were in sync. These platforms weren’t the answer, of course. But maybe they had some new insights we could learn from? 

Dozens of startups, R3 included, were founded during this time, based on the idea that maybe there were some new ideas we could use to take another ‘run’ at solving the problem of terrible market-level technology infrastructure.  

R3’s approach was to go the industry – financial services – which seemed to suffer most from the poor state of the ‘inter-firm’ technology landscape. We organised a systematic study of the problems, an analysis of how these emerging blockchain networks worked, and identified the features that a new platform would need to have if it were to have a chance of succeeding.   

The outcome of this process was Corda, now the world’s leading enterprise blockchain platform. Its key building blocks – the things that have made it such a powerful tool for industry optimisation are: 

  • A cross-firm shared ledger enabling collaborating parties to transact based on high quality data, without exposing internal data or systems, and with far fewer reconciliation errors. A ledger that could even become the industry’s system of record for some key questions such as ownership of assets (the terms ‘Digital Assets’ and ‘Tokenisation’ hadn’t been coined back then…) 
  • Process automation enabling parties to automate multi-step workflows that transcend organisational boundaries 
  • A permissioning system that provides high identity assurance and gives confidence to regulated entities that they can comply with their legal obligations to know with whom they are transacting 
  • A privacy-first design, allowing competitors to trade without revealing sensitive data publicly – only participants in a transaction get to see the details – unlike other blockchain-inspired approaches. 
  • All underpinned by an open source codebase and decentralised architecture allowing parties to interact faster, automatically, with no need to introduce new infrastructure or additional trusted parties. 

We’ve been delighted by how successful Corda has been, far beyond the narrow banking scenarios we originally designed it for. Broadly speaking, we’re seeing it being used to solve four main problems in ‘Regulated DeFi’: 

  • “Decentralised FMI”: Modernising the Financial Market Infrastructure firms that sit of the heart of the financial markets 
  • “Digital Assets”: Tokenising financial assets such as bonds, stocks and some derivatives to increase liquidity, reduce capital utilization and lower cost for issuance, trading, custody and corporate actions 
  • “Digital Currency”: Digitising national currencies to improve economic efficiency with resilience, instant settlement, and programmability  
  • Business Process Automation Across Multiple Parties: Digitising B2B value chains to improve traceability, reduce capital utilisation and remove reconciliation errors  

It has been quite a journey and we don’t take the trust firms such as DTCC, SDX, HQLAx, the Central Bank of the UAE, Ericsson and more have put in us lightly. 

What have we learned? 

But not everything has gone smoothly. Many Enterprise Blockchain firms have failed. Many projects stalled. And not every Corda project has been a success either.  

We started the planning for the next version of Corda by reviewing what we had learned from our work to date. The findings were so deep that next version of Corda is actually the next generation of Corda.  

We’ve made some significant changes. It turns out that the lessons we learned also have lessons for those who are building applications and so I wanted to share the top three here: 

Scaling economically 

When we first designed Corda, we assumed the technology’s adoption would follow a familiar path: first used for high-value/low-volume use-cases, and for the problems to which the technology is most uniquely suited. As a result, we optimised Corda for modest workloads, with each node deployed and managed by the firm whose data it managed. 

Instead, what we found was the complete opposite. The entire Italian banking industry started using it to reconcile millions of transactions every night! The United States is considering its use to transform how quadrillions of dollars of securities trades are settled each year.  These are not ‘low volume’ scenarios… 

And, unlike our expectation, many Corda deployments are actually partially centralised: firms want the knowledge that they could control their own node; the option value is extremely high. But it doesn’t mean they want to do it right away. In some deployments we see some firms’ nodes co-deployed on the same infrastructure. 

As a result, we needed to redesign Corda to make it massively cheaper to run at scale and far simpler to allow nodes to co-exist on the same infrastructure, whilst still providing security and isolation. 

The next generation of Corda is built with this insight at its core. Cloud-native, economically scalable, progressively decentralised. 

Sharing without sharing 

The Ethereum network is remarkable for a bunch of reasons, but one of them is the way in which multiple applications coexist on the same network and can be ‘snapped together’ like Lego bricks to ‘compose’ new applications. We assumed enterprise blockchains would need to work the same way. 

Turns out we couldn’t have been more wrong. Those building regulated networks to optimise a particular market tend to hate the idea of having other applications running on the same network. The testing, security and regulatory questions make their heads explode. Instead, they want to be able to deploy each application onto its own network. But these people are pretty demanding… they nevertheless still want to be able to link different applications seamlessly, with the right controls. This means we had added features to Corda that nobody was using and which made parts of the programming model over-complex.  

In the next generation of Corda we’ve completely rethought how applications are built. Now, applications can be deployed to standalone ‘application networks’ and developers can then combine or ‘compose’ these applications into new solutions using a new Corda Composability feature. This is something really quite novel and we’ll be writing a lot more in the coming weeks to explain the concept. 

We now know what the interoperability ‘exam question’ is 

When we designed Corda there were literally dozens of blockchain platforms vying for supremacy. We all knew that the applications being built would eventually need to interoperate with each other openly and without friction. But it wasn’t clear what those protocols should look like or how they should work. 

Happily, the answer is now clear. The ‘winning’ enterprise blockchain platforms are those based on Corda and those utilising the Ethereum Virtual Machine (EVM). And the interoperability solution that customers are demanding is the ability to ‘atomically’ swap assets between networks running on each of these two platforms. In short, ‘Corda-EVM Atomic DvP’ turns out to be the interoperability ‘exam question’. And Corda’s next generation is going to deliver precisely this, working in deep partnership with peers in the industry and neutral standards bodies. 


Contrary to what you might have heard, Enterprise Blockchain is alive, kicking and delivering immense value. The next generation of Corda builds on the platform’s success, as well as incorporating the lessons we’ve learned through hard experience at the coal face.  If you’re already an expert in this space, I hope you’re going to like what you see.  And if you’re new – or sceptical – it will soon be time to take another look. 

Richard G. Brown in Sao Paolo, April 2023

  • Richard Brown

    Chief Technology Officer

The post Enterprise Blockchain: Past, Present and Future appeared first on R3.

The Road to Interoperability: Setting the Scene

Richard G. Brown, CTO at R3, sets the context towards enabling an open, enduring and trusted digital economy. Richard discusses the critical role of interoperability between blockchain networks, key examples and what’s to come.

*” indicates required fields

The post The Road to Interoperability: Setting the Scene appeared first on R3.

Daodejing Chapter 4: The invisible and ineffable source

The way is an empty vessel; 
It is used and never fills up.
It is so deep that it is like the origin of all things. 
Blunt the sharpness…

Continue reading on Medium »