By: Josh Taylor
Application networks are part of our ambitious plan to update Corda’s network model, delivering more privacy and more control while reducing operational complexity and cost. This blog post explores the moving pieces of these networks and the extra benefits they can bring.
New to Corda? Have a look through our official Corda Documentation to learn more about Corda’s capabilities and key concepts. We do assume in this post you know a bit about the Corda platform.
Customers in regulated markets have strong privacy and governance requirements and thus the majority of CorDapps are launched as private business networks, or released in shared networks but not yet interoperating the way we had anticipated. Application networks embrace this reality, reducing the scope of each network to a single bundle of applications all governed by the same rules.
You can learn more about why application networks are so important to us in our first and second posts of the series.
So does this mean we will end up with lots more of these networks isolated from each other? We will definitely end up with more networks but they won’t be isolated. In fact — Corda 5 will allow operators to join any network, and for those networks to interoperate following explicit interoperability protocols (rather than by implicitly sharing “read/write” access to a node vault). This is a big step forward to bring networks together.
Below are some of the key aspects of application networks in Corda 5.
Corda 5 deployments are represented as a Worker Cluster. This allows a single deployment to host multiple tenants, delivering cost savings. Each virtual node is created with its own identity, processing ability and data storage, meaning it’s segregated from any other virtual nodes on the deployment.
Virtual nodes makes it easy to join multiple networks. Rather than having multiple Corda deployments you can have multiple virtual nodes, allowing you to be easily represented in each network with separate identities.
CorDapps are packaged in a single file called CorDapp Package Installer (CPI) containing all the pieces required to join and participate in an application network:
- The location of the network operator
- A list of membership requirements
- Third party dependencies
- CorDapp logic
The building blocks of these applications are a new file format called CorDapp Packages (CPK). Packages are replacements of your flows and contract files and can be independently versioned. Each CPK runs in its own sandbox, isolated from other CPKs. This prevents dependency clashes and facilitates faster CorDapp development.
All individual CPK files are brought together to make a single CorDapp Package Bundle (CPB) by the ‘application publisher’, a new role. This application publisher is a single entity which can better coordinate multiple parties to create a single application bundle for a network. Composing apps together creates a strong technical dependency which can be felt during development and operationally during distribution and upgrading. Having an explicit role take on this responsibility reduces the effort required from all other parties, making cross-firm collaboration much easier.
The application publisher adds the information about the network and the file becomes a CorDapp Package Installer (CPI), which can be distributed to new members to begin onboarding and to existing members to perform upgrades.
The CPI file simplifies the onboarding process. A prospective customer must only obtain a single file, containing all necessary information to be able to request membership. This lets each member understand the pre-requisites of membership, so they can configure required attributes or get artifacts from third parties as needed.
Installing a CPI lets Corda verify all membership requirements on behalf of the applicant before requesting membership. For example, the network may mandate a valid identity certificate from an allowed list of certificate authorities, Corda will only request membership when this requirement is met. This gives each applicant more confidence that their application is well prepared and reduces some of the checks a network operator would carry out.
Public Key Infrastructure
Public key infrastructure (PKI) for Corda 5 networks becomes a lot more flexible by standardizing to comply with web and extended validation certificates allowing you to specify third party trust roots for both TLS and identity. For even more flexibility, you can specify multiple trust roots or even opt to avoid identity certificates entirely and rely on a different form of identification. This allows us to greatly reduce the complexities of the day-to-day operations of Corda networks, making them even cheaper to create and manage.
Membership Group Manager
Application networks will be created by the Membership Group Manager (MGM), a CorDapp which runs as a virtual node, meaning you can create/operate many application networks using the same Corda deployment. This avoids having to deploy and maintain separate software, keeping operational costs low.
- Approves/declines joining requests
- Temporarily/permanently suspends members
- Distributes network parameters
- Organizes and schedules Corda and CorDapp upgrades
- Monitors member’s Corda version
- Monitors member’s CorDapp versions
The customer demand for independently controlled business networks has led us to take a fresh approach to universal interoperability. Our new approach lets us fully embrace separate permissioned networks in the form of application-based networks, whilst still enabling two or more application networks to interoperate. Letting us have our cake and eat it too!
At CordaCon we showcased several explicit interoperability protocols we plan to introduce in the platform through the Corda 5 series. Make sure to check them out!
We are excited about application networks because they offer:
- Privacy — Discoverability limited to only members in your network
- Governance — More control within your network
- Composability — CorDapp dependencies made safe
- Interoperability — Unlocking value more easily between application networks
- Low cost — Networks created and operated through a CorDapp
- Faster development — Isolated CorDapp packages, avoiding dependency clashes in your app
- Straightforward go-to-market — Simplified distribution with a single ‘installer’ file