First Algorand Dutch Auction — Transparent?

Written by jsign.uy | Published 2019/07/02
Tech Story Tags: blockchain | algorand-foundation | cryptocurrency | algorand | dutch-auction

TLDRvia the TL;DR App

First Algorand Dutch Auction — Transparent?

Last Wednesday, 19th June, was the first Algorand Foundation Dutch Auction; thus, the first Algos were issued.

Quick recap — How Dutch Auctions Work

The Algorand Foundation has the best resources for you to learn how their Algo auctions work:

To put it simply, the goal of the auction is to find the price that the market is willing to pay (known as the clearing price) for the amount of Algos auctioned.

As you may have read, this process is said to be fair, but why?

First, everyone pays the same price per Algo. Even if you placed your bid before the auction hit the clearing price, you will pay the clearing price.

Second, every person participating in the Auction has the same real-time information about what is happening. Everyone is in the same boat when making their bidding decision.

However, even if we think this sounds fair, what about the transparency of the final results? Should we trust the Algorand Foundation’s results for who received how many Algos at what price?

In this article, I’ll explain and give a step-by-step procedure, which you can execute yourself, that checks the official published auction result.

What are we trying to do here?

The official blog post of the Algorand Foundation mentioning the auction results can be found here. In that post, they claim the following:

The hash of this file has been committed to the Algorand Blockchain in Block 144366, Transaction HEDI522DR4L473W4NXPTTV55HBADGIFVH7C7XC3Z2D3TJZAKUQ7A.

The hash is KXT3GMGTXYEHBEVTSAL5BUFMVUOWUSMLX5R3JGBTN2WUCKIG7HNA and can be obtained through the following method: SHA512_256(“aO”||auction1.outcomes)

To validate this claim, we should understand what the public commitments mean in detail.

The auction1.outcomes file is a binary file that contains the results of the auction. This represents how many Algos each bidder won when the auction was closed. For now, let’s assume this file is correct.

To compactly and uniquely represent this result, the Algorand Foundation constructs a commitment hash which is the result of applying the SHA512_256 hash function on the file (with a prefix that indicates what kind of result the commitment corresponds to) — resulting in the output: KXT3GMGTXYEHBEVTSAL5BUFMVUOWUSMLX5R3JGBTN2WUCKIG7HNA.

Afterwards, they posted this hash result in the Algorand blockchain, which can be found in a transaction inside block 144366.

Even if the Algorand Foundation website is hacked and someone tries to trick people into thinking that the result is now different by supplying a new fake auction1.outcome file, it can easily be spotted since the hash of this file wouldn’t match the one committed to the Algorand blockchain. Since a blockchain is an immutable data-structure and forking isn’t possible by design, the auction1.outcome can’t be changed and continue to match with the committed hash.

However, what if this auction1.outcome wasn’t correctly calculated? How can we check the results transparently?

We can use auctionminion which is available in the recently open-sourced go-algorand repository. (thanks Naveed Ihsanullah, Algorand VP of Engineering Research, for letting me know about this).

This is the same command-line tool used by the Foundation to administer the auction and calculate the results, so let’s try to use it ourselves and see if the final output hash matches the one committed on-chain. Using this tool allows us to validate the result in a verifiable and transparent way, for two reasons:

  • The code is open-source, so we can inspect exactly how the auction calculations are made.
  • This tool source of data for the calculations will be our own node ledger, so we aren’t trusting some external entity node, and thus external data.

In short, we will compile from source-code the tool which will then use the auction bidding data contained in our node to regenerate the auction results. The hash of the regenerated auction results, auction1.outcome, can be compared with the one the Algorand Foundation committed in the blockchain. If the hashes are the same then we confirm the auction results are also the same.

Step-by-step verification steps

Let’s start completely from zero in an Ubuntu machine. To make these steps easy for you to reproduce, all the links to source-code will point to specific commits and not to branches that might change.

Step 1 — Run an archival node on the MainNet

To do this, we have two options, downloading the latest binary from the Algorand developer website, or building from source.

For the first option, you should follow the steps described in the Developer website. An important consideration is that the node’s data folder should have a config.json file where the Archival flag should be set to _true (_default is false). This flag should be set before starting the node the first time, or the local data will be in an inconsistent state.

Archival behavior is necessary because the default node behavior is to only keep a few hundred recent rounds of block data locally to minimize the storage requirements of a Node. If the auction occurred before this minimal kept range auctionminion will not find the auction blocks.

You can generate the config.json from the already existing config.json.example file located in the data folder.

Start the node and wait until it finishes syncing:

ignacio@ihagopian:~/node$ ./goal node status
Last committed block: 193153
Time since last block: 2.2s
Sync Time: 0.0s
Last consensus protocol: https://github.com/algorandfoundation/specs/tree/5615adc36bad610c7f165fa2967f4ecfa75125f0
Next consensus protocol: https://github.com/algorandfoundation/specs/tree/5615adc36bad610c7f165fa2967f4ecfa75125f0
Round for next consensus protocol: 193154
Next consensus protocol supported: true
Genesis ID: mainnet-v1.0
Genesis hash: wGHE2Pwdvd7S12BL5FaOP20EGYesN73ktiC1qzkkit8=

If you choose the second option (for extra transparency) run the node from the after building the source code (next step).

Step 2 — Download and build go-algorand from source

Be sure to have golang 1.12.x installed; if that’s not the case follow the steps here.

Then we should git clone the go-algorand repository and run a bash script which ensures all the dependencies for the project are installed.

mkdir -p ${GOPATH}/src/github.com/algorand
cd ${GOPATH}/src/github.com/algorand
git clone https://github.com/algorand/go-algorand
cd go-algorand
git checkout f105c21953cfd1e5dcd26ac28018f0a66b4b7930
sh ./scripts/configure_dev.sh #or use `bash` instead of `sh`

Since there’s an open issue about an extra dependency missing, you should now execute sudo apt-get install autoconf to be ready for building the tree.

Now, build the project: make install , this takes a while and will result in a bunch of binaries located in $GOPATH/bin .

If in Step-1 you wanted to run the node from the compiled source, you should create a data folder somewhere and should contain:

  • genesis.json file of mainnet that you can get from here.
  • config.json file configured with Archival set to true as explained in Step 1.

Then run: $GOPATH/bin/goal node start -d <pathPreparedDataFolder> and let it sync as mentioned.

Step 3 — Prepare auctionminion

Go to $GOPATH/bin where you should see the auctionminion compiled binary. Now run auctionminion -init . This should create a auctionminion.state file.

Edit the file like this:

{
 “AuctionKey”: “VCINCVUX2DBKQ6WP63NOGPEAQAYGHGSGQX7TSH4M5LI5NBPVAGIHJPMIPM”,
 “AuctionID”: 1,
 “StartRound”: 130000,
 “AlgodURL”: “http://127.0.0.1:8080",
 “AlgodToken”: “!!your algod.token value here!!”
}

The AuctionKey and AuctionID value is the key and ID to the auction we want to calculate the results. If you go to the Auction webpage, you can click on the Info section and see the auction data:

https://auctions.algorand.foundation/algorand/auction

This image also explains why StartRound should be set lower to the First Round value_._ We could set StartRound to 1, but this would unnecessarily scan a lot of blocks until reaching the start of the auction (you’re free to choose).

Finally, the AlgodURL and AlgodToken can be found in your node data folder in the algod.net and algod.token.

Step 3 — Run auctionminion and see the result!

Be sure that the node is running and in sync as we checked later, and run auctionminion (no flags/options). Actually, as long as the carpenter log trace shows your node is beyond block 145000 you will have enough data locally to complete the auction results validation.

Check if the last line of the output is:

Expected outcomes hash (if settled without cancelling): VeezMNO+CHCSs5AX0NCsrR1qSYu/Y7SYM26tQSkG+do=

Please note that auctionminion updates auctionminion.state in preparation for the next auction. If you would like to rerun this auction proof, you will need to restore the AuctionID and StartRound values of the auctionminion.state file.

Step 4 — Verify the result

We calculated the auction result and have the outcomes hash VeezMNO+CHCSs5AX0NCsrR1qSYu/Y7SYM26tQSkG+do= . If we see the settlement transaction of the auction, as we saw before, we can notice that this value matches the one in the outcomesHash:

https://algoexplorer.io/tx/HEDI522DR4L473W4NXPTTV55HBADGIFVH7C7XC3Z2D3TJZAKUQ7A

This is great news. Our auction outcomes run matches the one committed to the blockchain.

You may be wondering why the Algorand Foundation said that the outcomes hash was KXT3GMGTXYEHBEVTSAL5BUFMVUOWUSMLX5R3JGBTN2WUCKIG7HNA as we saw before? If you have good intuition about baseXX encodings, you’ll realize its the base32 encoding of the same value.

You can check this as follows:

ignacio@ihagopian:~$ echo VeezMNO+CHCSs5AX0NCsrR1qSYu/Y7SYM26tQSkG+do= | base64 — decode | base32
KXT3GMGTXYEHBEVTSAL5BUFMVUOWUSMLX5R3JGBTN2WUCKIG7HNA====

Conclusion

In this article, we verified the first auction results from the Algorand Foundation. To do this without trusting external binaries or data, we compiled from source to have an in-sync archival node, and the auctionminion tool to calculate the results.

Even if we don’t scrutinize the logic of the code that calculates the results, we know that the auction outcome is reproducible and irrevocably committed to the blockchain. If you want, you can check the source to understand how the logic flows.

Also, you may be interested in knowing more about the mechanics about auctions on-chain, where other components besides auctionminion participate.

<a href="https://medium.com/media/3c851dac986ab6dbb2d1aaa91205a8eb/href">https://medium.com/media/3c851dac986ab6dbb2d1aaa91205a8eb/href</a>

Published by HackerNoon on 2019/07/02
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy