Following up on our discussions at the research summit, I want to raise the question if using an UTXO model to keep track of the balances on addresses would be beneficial for us or not.
Spoiler: I believe it is and I will try to argue why that is the case . I would really like to see a lively discussion around this topic since implementing the ledger state is one of the last stepping stones to a fully working prototype of the coordinator-less tangle and we would prefer to implement it âthe right wayâ straight away.
Status Quo
Currently, IOTA uses a balance model for keeping track of addresses where every address simply has a single value associated to it (its current balance). The ledger state can therefore be seen as a simple dictionary of addresses and their corresponding balances:
Address1 = Balance1
Address2 = Balance2
Address3 = Balance3
âŚ
The Problem(s)
When dealing with conflicts (double spends), it is hard to figure out which one of multiple transactions is actually performing a double spend and which transaction is using legitimate funds. This massively limits our abilities to efficiently deal with conflicts and increases the size of âconflict setsâ. See example:
Previously this was not a problem since the âheaviest subtangle winsâ rule of the whitepaper version of IOTA only had to make sure that the addresses of a particular subtangle never turned negative.
With our new voting based coordicide solutions, it is however necessary to identify conflicts as fast and as exact as possible (to be able to vote on them). We want to know exactly which transaction are conflicting because it massively reduces the amount of votes we have to exchange.
Another problem with using a balance model is related to reattachments. If somebody ever receives funds on an address that has already been spent from, anybody can just reattach the previous spend and empty the address again (even without having access to the private key of the address). This has already been used as an âattack vectorâ when users didnât follow the advice to use addresses only once (i.e. people receiving donations or other payments after the address has been used).
The Solution
If we would use a UTXO scheme to keep track of balances, then every address would not just contain its total balance but multiple sub-balances which carry a marker that indicates which transaction created the funds. Every coin on an address would therefore be uniquely identifiable and every spend names the exact coins that it wants to move. This would help us to identify conflicts and also stop malicious actors from spending newly received funds by reattaching an old transaction again. See example:
Additional Benefits
A UTXO model would also allow us to easily add features like âcolored coinsâ where people can mark IOTA tokens to have (and retain) a certain âmeaningâ. Considering that 99% of existing smart contracts try to simply create âtokensâ that are related to a certain use-case, this might be an interesting feature that would add a lot of value to the IOTA ecosystem.
I know that we have so far on purpose ignored the ICO craze but considering that the ICO hype is most probably over it might be time to consider the âreasonableâ use cases of colored coins:
- resource tokens (i.e. access tokens for a certain service that can be acquired upfront)
- tokenization of real world assets (company shares, entities like collaboratively owned cars and so on)
Especially the tokenization of real world assets is an extremely interesting use case considering the possible move towards a sharing and 0-marginal cost economy. In addition it would most probably support the token price if people would use IOTA tokens to model their use cases instead of some 3rd party chain (because creating a colored coin requires the acquisition of IOTA tokens first).
Pros / Cons
I want to conclude with a list of pros and cons that compares the UTXO model to the balance model. I will update this initial post with points of the following discussion so we will at the end have a complete list of the relevant aspects:
Pros:
- faster and more exact conflict handling (less overhead for voting based consensus)
- support for colored coins
- impossible to steal funds by reattaching old transactions
Cons:
- a little bit more complex to implement (computationally it should be equivalent)
- slightly bigger transactions (a few trytes extra) since we need to ânameâ the identifier of the coins that we are moving
PS: UTXO means âunspent transaction outputâ which simply means that instead of keeping track of only the balances, you also keep track of where balances came from and where they go when they are spent (just in case people are not aware of this).