How Sui Ensures Asset Security
Read about the ways Sui ensures security of its digital assets.
Aiming to solve the blockchain trilemma, each blockchain tries to develop a trade-off between security, scalability, and decentralization. Security is a severe concern in this triangle. On Bitcoin and Ethereum, for instance, the security arrangements embedded in the blockchains seriously impede scalability or simply slow down transactions.
Sui's object-centric design enables digital asset creation and management, naturally leading to discussions about asset security. In this context, Sui provides several solutions to guarantee security to digital asset owners.
Private Key
A user has the sole right to sign a transaction with their assets using their private key, which guarantees that no third party will ever intervene with transaction execution.
This signature key must be kept private by the user and not be shared with anyone else. Never tell your private key to anyone!
It is advisable to use different addresses with different credentials for Devnet, Testnet, and Mainnet.
Code-Managed Assets
Shared and immutable objects are accessible to anyone but managed and controlled by packages (smart contracts). This ensures free access to the Sui ecosystem infrastructure: DEXes, lending platforms, Kiosk stores, and marketplaces. For each asset type, transactions run according to a set of rules defined by the Move code of the package by which this asset type is created.
Sui packages are immutable assets. They are subject to audits that can prevent malicious actions or unauthorized package modification. This makes Sui a trustless blockchain since users don't have to rely on the integrity of third parties.
While all transactions and assets within Sui are publicly visible, users can maintain privacy using multiple addresses or third-party services.
Transparency and Traceability
Each transaction creates new objects or mutates (updates) existing objects (assets). Such changes are called transaction effects (equivalent to events on other blockchains). They are available on-chain for further processing, and they can be tracked and checked in case such a need arises. Besides, particular objects can be added to the watchlist using webhooks.
Byzantine-Fault Tolerance
Like any other blockchain, Sui has to rule out the situation when more than 50% of the validators appear malicious. The Sui Protocol is designed so that no single validator or a group of validators can overrun the validator committee (validator set) as they process transactions. A 2/3 threshold of validators is needed to reach the Consensus. Such arrangements make a Byzantine attack next to impossible.
To read more about Consensus, go here.
Public Scrutiny by Delegation
Sui is a proof-of-stake protocol. There's a validator committee comprising active validators who process transactions to be added on-chain. The validator committee is determined at each epoch based on each validator's stake. Currently, to get on the validator committee, a validator must have a stake of 30,000,000 SUI.
Users have great power over validators since they can define which validators will enter the validator set by choosing the particular validator or validators to whom they delegate their SUI funds. Therefore, validators are encouraged to act in good faith by offering lower gas prices and showing good uptime. Underperforming validators are at risk of losing their delegations. Validators are held accountable, and users have a say in the future evolution of the Sui system.
Near-Instant Finality
When a transaction runs, time is still needed for it to become irreversible. This happens when a certain number of blocks are added on top of the block containing this transaction. This is called finality. Until this happens, there's a faint chance that the transaction can be double-run or intervened with.
Sui has a different approach since transactions are processed in parallel rather than one by one, as is the case with more traditional blockchain. Due to the Narwhal and Bullshark Consensus mechanism, global Consensus is not required on an ordered list of transactions. Only transactions involving shared objects must go through Consensus. This makes finality — the time needed for a transaction to become irreversible — next to instant on Sui. This also ensures that a transaction, once run, can not be reversed or hacked in any possible way.
Asset security arrangements make Sui a trustless blockchain.
Updated 8 months ago