GRAFT Development Status Update June 2018

Supernodes and Real Time Authorizations

Let’s start from implementation of full supernode, which is essentially an implementation of real-time authorizations (RTA). Although we are close to the finish line, we do not release it yet to public alpha. We need more time for optimization, fine-tuning, and QA testing. One of the main reasons for the delay is an issue with communication. Unlike other two-layer cryptocurrency networks which use a separate mechanism for communication between their second-layer nodes, we reuse the existing peer-to-peer network as a basic transport. Our original algorithm finds the shortest and fastest routes between the supernonodes by maintaining a set of P2P tunnels through the network of cryptonodes. The main difference and greatest benefit of using the same communication base for two layers (both cryptonode and supernode networks) is not exposing the authorization sample’s supernodes – because in our design they are not required to have a public IP. Such design is the major difference and significant improvement comparing to other layer two implementations such as Dash masternodes.

Remember that one of GRAFT’s key differentiators and goals is absolute privacy initially provided by underlying CryptoNote blockchain protocol, which is the first layer of GRAFT platform. The fact that the auth sample supernode does not require a public IP attached to it makes GRAFT even more private and decentralized, because the supernodes are less dependant on regulated hosting providers. Without public IP the supernodes are “hidden” behind the large, distributed, and complex P2P network, which makes them less vulnerable to DDOS attacks. At the same time, the hosting and maintenance are less complicated and less expensive for supernode owners. (Note that wallet/POS proxy supernodes, which typically belong to service providers and large merchants, still require public IP address in order to be able to serve wallets and POS/payment apps).

However, such great benefits do not come for free. Along the way we found several issues in existing CryptoNote/Monero P2P communication implementation, which we are fixing in order to make it more efficient, stable, and suitable transport for our purposes. With that said, we anticipate the public alpha of supernode with RTA to be released by the end of July. Meanwhile, we will start a private alpha release for testing in a coupe of weeks, so if you are interested in helping us with preliminary testing please contact us at [email protected]

While working hard on RTA implementation and getting ready to its production launch, we realized that hosting a supernode, either full (authorization) or proxy/gateway, requires a special DevOps skill set, so we are working through making arrangements and building relationships to provide turnkey solutions to supernode owners and merchant service providers.

Payment Apps

We are continuously working on improving the Verifone terminal app so it will be fully polished for production by the time RTA is released. As Verifone have written on their merchant marketplace website, where GRAFT app is listed as the Featured Apps Partner, “Our app partners are working around the clock to help empower our merchants with applications that enrich the customer experience and provide business productivity.” This is absolutely true statement, there is not much to add. Since the Verifone certification was achieved last month, we have done several improvements such as UI redesign (in both terminal app and our wallet), enhanced configuration utility for merchants, integration with CoinMarketCap for real-time exchange rates, and some bug fixes. Also, we are working on Ingenico terminal app integration into their marketplace.

One of important and promising features we are planning to develop is using NFC (Near Field Communication) for initial engagement between the mobile wallet and terminal app, so instead of scanning QR code displayed on payment terminal the buyer will just wave the phone (the same technology is used by contactless payment cards and Apple Pay). Implementation of such a feature will help improve both buyer and merchant user experiences and reduce the overall transaction time. We will keep you posted about our progress in this area.

We just finished design and now are ready to start implementation of the payment gateway which will facilitate GRAFT payments on online shopping platforms. Once implemented, integration with GRAFT payment gateway, among other features, will bring to online merchants and buyers a unique combination of absolute privacy and instant transaction confirmations (using RTA) – something they have never seen before. Plus, after we finish RTA and move to accept broker implementation, they will be able to accept various cryptocurrencies, while keeping the same benefits of privacy and transaction speed.

Wallet Apps

We finally redesigned the app downloads page on our website, so now it’s easier to find all our apps, including wallets, and their releases for various mobile and desktop operating systems: iOS, Android, Windows, Mac OS X, and Linux. In recent wallet releases, we fixed some bugs and added new configuration options. The upcoming wallet release will support purchases with real time authorizations using full supernodes (currently it supports a limited version of RTA on testnet only).

CryptoFind App

As our app for discovering and listing crypto-friendly merchants is gaining more popularity among crypto enthusiasts, we periodically release new features and bug fixes. In recent CryptoFind version, in addition to bug fixes, we added a possibility to take a picture of the GRAFT sticker on the merchant’s window so the users can earn better bonuses.

Happy Grafting!

Summary Comparison of GRAFT Blockchain to Other Payment Solutions

GRAFT VS RIPPLE AND OTHERS: FOCUS ON BUYERS, MERCHANTS, AND THEIR PRIVACY

SINCE GRAFT USES CRYPTONOTE PROTOCOL, HAS THE MONERO COMMUNITY INDICATED SUPPORT FOR GRAFT?

ARE TENX AND OTHERS CRYPTO CARDS COMPETITORS?

HOW GRAFT IS DIFFERENT FROM OTHER CRYPTOCURRENCIES AND WHY IS IT BETTER FOR PAYMENT PROCESSING APPLICATIONS

HOW IS GRAFT DIFFERENT FROM DASH?

CASH, DEBIT, CREDIT, MOBILE, BITCOIN, OR GRAFT?

FEATURE COMPARISON – GRAFT VS. OTHER CRYPTO-CURRENCIES FOR PAYMENT PROCESSING APPLICATIONS

Graft vs Ripple and Others: Focus on Buyers, Merchants, and Their Privacy

Focus on Buyer and Merchant NeedsRipple’s is mostly focused on bank settlements, while Graft provide solutions to buyers and merchants. Buyers can pay anywhere with cryptocurrencies or plastic card using Graft wallet app. Merchants can receive payment from anyone using point of sale accepting both cryptocurrencies and plastic cards. Faster payment confirmations are provided by Graft supernode authorization sample, a process that is more similar to Dash masternode scheme. Unlike Dash masternode, however, Graft supernode is not a “wrapper” or a second tier as it is designed to be a monolithic code base that implements both real time authorization and blockchain settlement (mining) features. Such an architecture improves security of the real time authorization process, as payments cannot be settled “off supernode chain” by the “lower” level blockchain network nodes, without supernodes knowing about their existence. Thus, all Graft transactions are authorized instantly without requiring additional fee, by supernodes that are automatically selected by the network using combined proof of work and proof of stake algorithm. Focus on Absolute Privacy Ripple consensus protocol is different, and its main problem is that it does not provide privacy features: untraceability and unlinkability of payment transactions. Unlike Graft blockchain, all transaction information on the Ripple ledger is public. Ripple does not provide the privacy and untraceability that are demanded today by potential Graft users – both buyers and merchants. When we pay with credit card, we share our secret payment information (like credit card number) with some entities – the merchant, the issuing bank, the payment processor, the payment acquiring bank – but those entities are relatively trustable so they try not to share our secrets with the entire world, and no one else can see our transaction history without our or their permission. Oftentimes, however, they fail to keep our secrets (think Target and many other retail mega breaches). With Ripple or Bitcoin or most other cryptocurrencies that are not based on CryptoNote protocol, the story is exactly opposite: there is no central authority that “knows” our secret “card number” (private key), but at the same time anyone in the world can trace our payments on the blockchain and link them to our identities with minimum efforts. By Implementing CryptoNote and other features, Graft brings the level of untraceability of payment history similar to traditional credit and debit card system, while adding decentralization, privacy, and security, which are the features of any cryptocurrency that are absolutely impossible to achieve using traditional credit card payment technology.

Since Graft uses CryptoNote protocol, has the Monero community indicated support for Graft?

While Graft supernode code is being written from scratch, the blockchain CryptoNote implementation codebase is forked from Monero. We do not anticipate a direct and immediate Monero community support. However, we believe that our project attracts people from CryptoNote communities as it adds a lot of features that are not available in existing CryptoNote implementations. One example of such a feature is real-time authorization (instant confirmation). Another example is hidden transaction fee amount, which is exposed to public view in all existing blockchains. This table compares Graft with Monero, Bitcoin, Dash, and other cryptocurrencies. However, there are even more important features that are not simply enhancements of the CryptoNote protocol. No one needs just another blockchain, even if it provides better privacy. But Graft is much more than just “another blockchain”. Graft is innovative payment application platform which supports various payment and payout methods, either traditional or innovative. While providing “reference”, default implementations of applications and services, Graft ecosystem is open for any software vendors and service providers. We believe in diversity of payment methods and cryptocurrencies.

Graft mobile wallet and point of sale apps do not maintain a full copy of the blockchain for obvious reasons. Does it mean the wallet content is stored on supernodes which may compromise its security and privacy?

There are multiple elements of the Graft user wallet:
  • Private spend key – secret – required to spend money; stored in the wallet app
  • Private view key – “semi-secret” – required to see the balance and previous transactions
  • Payment address – public – required to receive money
In Graft, the Private spend key is always stored at the client (wallet) and never shared with the supernodes. Therefore, it is not the same as credit card when you share you card account number with the merchant, payment processor, and the bank every time you make a payment. If one of them is breached, your credit card can be stolen and used to make fraudulent payments. If any or even all supernodes are “breached”, they don’t have your private spend key so no one will be able to “use” your Graft account.
The Graft wallet balance is a “hidden” set of previous transactions. It is calculated by scanning all the previous transactions which are stored on the public blockchain but invisible without view key. Since mobile wallet app does not have direct access to the blockchain, the private view key is temporary shared with a single “proxy” (relay) supernode in order to retrieve the wallet balance; the supernode will not store this view key in any database so even if it’s “breached” the view key will not be disclosed in most cases. However, even if the view key is disclosed, it only allows to see transactions, not to spend any money.
Users (either buyers or merchants) with higher requirements for privacy can host their own private “proxy” supernode with full copy of blockchain. This way they will never share their view keys with the random “foreign” supernodes. Most probably, due to limited processing power and other resource limitations, such a private proxy supernode will not be able to participate in transaction processing and earn any block rewards or transaction fees, but it will still be able to validate transactions and view balances privately by scanning the local copy of the blockchain. For users who cannot or don’t want to host their own supernode but still don’t trust the entire network, Graft creates a special (free) cloud service with trusted proxy supernodes that are protected by multiple levels of security.

In order to process real-time authorization (instant confirmation) Graft network puts a “lock” on buyer’s account. How does it not violate one of the main goals of any cryptocurrency system – untraceability?

First of all, untraceability is not a feature of any cryptocurrency. As of today, CryptoNote is perhaps the only protocol that enables full privacy and untraceability. The beauty of Cryptonote is that it hides the details of transaction while still preventing double-spending. This is achieved through the use of key image which is unique “fingerprint” that represents the spending address and amount without disclosing any details about the buyer or the amount. By providing the key image for upcoming transaction to the network of supernodes, the buyer’s wallet will temporarily “lock” its “account”, so no other transaction with the same key image can happen until the locked transaction is settled or the lock is removed. If the buyer will try to finalize the transaction with the key image different from the one used in the original lock, such transaction will be rejected by the supernodes. On the other hand, the key image does not contain any information about the buyer, buyer’s wallet, or recipient (merchant). In addition, any traces of communication between the buyer (wallet app), the merchant (point of sale app), and the supernodes (selected proxy and sample supernodes) during authorization phases are completely removed once transaction is settled (written into the blockchain). Even transaction fees paid by merchant to authorizing supernodes are hidden from public view, which is another major privacy improvement comparing to all previous CryptoNote implementations that do not hide transaction fees.