9.8 KiB

Raw Blame History

Overview

Learn what IBC is, its components and use cases. {synopsis}

What is the Interblockchain Communication Protocol (IBC)?

This document serves as a guide for developers who want to write their own Inter-blockchain Communication Protocol (IBC) applications for custom use-cases.

Due to the modular design of the IBC protocol, IBC application developers do not need to concern themselves with the low-level details of clients, connections, and proof verification. Nevertheless a brief explanation of the lower levels of the stack is given so that application developers may have a high-level understanding of the IBC protocol. Then the document goes into detail on the abstraction layer most relevant for application developers (channels and ports), and describes how to define your own custom packets, and IBCModule callbacks.

To have your module interact over IBC you must: bind to a port(s), define your own packet data (and optionally acknowledgement) structs as well as how to encode/decode them, and implement the IBCModule interface. Below is a more detailed explanation of how to write an IBC application module correctly.

Components Overview

Clients

IBC Clients are light clients (identified by a unique client-id) that track the consensus states of other blockchains, along with the proof spec necessary to properly verify proofs against the client's consensus state. A client may be associated with any number of connections to multiple chains. The supported IBC clients are:

Tendermint light client: The default for SDK-based chains,
Localhost (loopback) client: Useful for testing, simulation and relaying packets to modules on the same application.

Connections

Connections encapsulate two ConnectionEnd objects on two seperate blockchains. Each ConnectionEnd is associated with a client of the other blockchain (ie counterparty blockchain). The connection handshake is responsible for verifying that the light clients on each chain are correct for their respective counterparties. Connections, once established, are responsible for facilitation all cross-chain verification of IBC state. A connection may be associated with any number of channels.

Proofs and Paths

In IBC, blockchains do not directly pass messages to each other over the network. Instead, to communicate, a blockchain will commit some state to a specifically defined path reserved for a specific message type and a specific counterparty (perhaps storing a specific connectionEnd as part of a handshake, or a packet intended to be relayed to a module on the counterparty chain). A relayer process monitors for updates to these paths, and will relay messages, by submitting the data stored under the path along with a proof to the counterparty chain. The paths that all IBC implementations must use for committing IBC messages is defined in ICS-24 and the proof format that all implementations must be able to produce and verify is defined in this ICS-23 implementation.

Capabilities

IBC is intended to work in execution environements where modules do not necessarily trust each other. Thus IBC must authenticate module actions on ports and channels so that only modules with the appropriate permissions can use them. This is accomplished using dynamic capabilities. Upon binding to a port or creating a channel for a module, IBC will return a dynamic capability that the module must claim in order to use that port or channel. This prevents other modules from using that port or channel since they will not own the appropriate capability.

While the above is useful background information, IBC modules do not need to interact at all with these lower-level abstractions. The relevant abstraction layer for IBC application developers is that of channels and ports. IBC applications should be written as self-contained modules. A module on one blockchain can thus communicate with other modules on other blockchains by sending, receiving and acknowledging packets through channels, which are uniquely identified by the (channelID, portID) tuple. A useful analogy is to consider IBC modules as internet applications on a computer. A channel can then be conceptualized as an IP connection, with the IBC portID being analogous to a IP port and the IBC channelID being analogous to an IP address. Thus, a single instance of an IBC module may communicate on the same port with any number of other modules and and IBC will correctly route all packets to the relevant module using the (channelID, portID tuple). An IBC module may also communicate with another IBC module over multiple ports, with each (portID<->portID) packet stream being sent on a different unique channel.

Ports

An IBC module may bind to any number of ports. Each port must be identified by a unique portID. Since IBC is designed to be secure with mutually-distrusted modules operating on the same ledger, binding a port will return a dynamic object capability. In order to take action on a particular port (eg open a channel with its portID), a module must provide the dynamic object capability to the IBC handler. This prevents a malicious module from opening channels with ports it does not own. Thus, IBC modules are responsible for claiming the capability that is returned on BindPort.

Channels

An IBC channel can be established between 2 IBC ports. Currently, a port is exclusively owned by a single module. IBC packets are sent over channels. Just as IP packets contain the destination IP address and IP port as well as the source IP address and source IP port, IBC packets will contain the destination portID and channelID as well as the source portID and channelID. This enables IBC to correctly route packets to the destination module, while also allowing modules receiving packets to know the sender module.

A channel may be ORDERED, in which case, packets from a sending module must be processed by the receiving module in the order they were sent. Or a channel may be UNORDERED, in which case packets from a sending module are processed in the order they arrive (may not be the order they were sent).

Modules may choose which channels they wish to communicate over with, thus IBC expects modules to implement callbacks that are called during the channel handshake. These callbacks may do custom channel initialization logic, if any return an error, the channel handshake will fail. Thus, by returning errors on callbacks, modules can programatically reject and accept channels.

The channel handshake is a 4 step handshake. Briefly, if a given chain A wants to open a channel with chain B using an already established connection:

chain A sends a ChanOpenInit message to signal a channel initialization attempt with chain B.
chain B sends a ChanOpenTry message to try opening the channel on chain A.
chain A sends a ChanOpenAck message to mark its channel end status as open.
chain B sends a ChanOpenConfirm message to mark its channel end status as open.

If all this happens successfully, the channel will be open on both sides. At each step in the handshake, the module associated with the ChannelEnd will have it's callback executed for that step of the handshake. So on ChanOpenInit, the module on chain A will have its callback OnChanOpenInit executed.

Just as ports came with dynamic capabilites, channel initialization will return a dynamic capability that the module must claim so that they can pass in a capability to authenticate channel actions like sending packets. The channel capability is passed into the callback on the first parts of the handshake; either OnChanOpenInit on the initializing chain or OnChanOpenTry on the other chain.

Packets

Modules communicate with each other by sending packets over IBC channels. As mentioned above, all IBC packets contain the destination portID and channelID along with the source portID and channelID, this allows modules to know the sender module of a given packet. IBC packets also contain a sequence to optionally enforce ordering. IBC packets also contain a TimeoutTimestamp and TimeoutHeight, which when non-zero, will determine the deadline before which the receiving module must process a packet. If the timeout passes without the packet being successfully received, the sending module can timeout the packet and take appropriate actions.

Modules send custom application data to each other inside the Data []byte field of the IBC packet. Thus, packet data is completely opaque to IBC handlers. It is incumbent on a sender module to encode their application-specific packet information into the Data field of packets, and the receiver module to decode that Data back to the original application data.

Next {hide}

Learn about how to integrate IBC to your application {hide}

9.8 KiB Raw Blame History