Heimdall — Vaibhav Chellani — The all — seeing & all — hearing protector of Matic!

Credits: Pepakura Helmet Heimdall by GimpeeIndustries

Matic Network has a three-layered security architecture in which there are the following entities involved:

1) Block Producers -aka BOR chain: These are involved in batching transactions in blocks to ensure faster confirmation times

2) Validator Layer — aka Heimdall: These are validator nodes that batch the blocks produced by the block producers and push them to the Ethereum

3) Network Watchers -They are actors on the Ethereum, and use fraud proofs to challenge any transaction that they deem fraudulent on the sidechains.

Matic Network -Simplified Architecture Diagram

For better context on Matic’s architecture please refer to the article:What is Matic Network?
Matic Network provides scalable, secure and instant Ethereum transactions using side chains
Get set to deep-dive into Heimdall!

Heimdall is a large group of validator nodes that serve as a bridge to connect the Ethereum chain and Bor. Anyone can become a validator and run a validator node on Matic chain by staking on Ethereum chain.

Responsibilities of validators under Heimdall include the following:

  1. Verifying transactions in the blocks produced by block producer nodes
  2. Creating the Merkle root of 256 or more blocks
  3. Reaching consensus among validators and pushing the Merkle root to the Ethereum
  4. Communicating with other validator nodes and reaching consensus on the set of blocks to be included in a checkpoint
  5. All validators on receiving a checkpoint, verify it querying their block producer nodes if the Merkle root in a checkpoint matches with the Merkle root they produced for the same set of blocks
  6. Pushing a checkpoint to the mainchain after it has been validated by 2/3rd majority of validators on Heimdall

This is what a checkpoint looks like ?

Heimdall chain makes sure that block producer nodes don’t commit any sort of fraud, hence they don’t trust any information they receive from Bor. Heimdall relies only on Ethereum as a source of truth, for everything ranging from incoming new validators, exiting validators, to reward distribution to validators, etc happens on the Ethereum chain. After a validator related action is performed on smart-contract, the validator can submit a validatorJoin or validatorExit or validatorUpdate transaction on Heimdall. All validators query the smart-contract that manages the validators and validates transactions on Heimdall.

Here are some of the problems we have faced while designing the validator node:

  1. Ethereum and Heimdall are friends for sure, but they don’t share `states` with each other, hence sharing information between these two disjointed chains is difficult.
  2. Ethereum stores all information about who Heimdall has appointed as validators, but has no idea which validator will decide the proposer for the next checkpoint.
  3. Validators on Heimdall need to prove that they have agreed on a checkpoint by signing on it. The signatures would be checked on-chain, Tendermint usesed25519curve like bitcoin whereas Ethereum uses secp256k1so a change of signature scheme on Tendermint chain had to be performed to make it Ethereum compatible.
  4. Data on smart contract changes as validators enter, exit, and new state changes occur. How is a newly synced node supposed to validate transactions which involve interaction with another chain in such cases?

Maintaining sync between Ethereum and Heimdall is hard, but not impossible. In the course of development, we came up with several approaches to solve these issues. It took us many iterations on the drawing board to make this work elegantly.

Here is how sending a checkpoint via Heimdall works right now:

  1. Proposer selected from the validator pool creates a checkpoint by calculating the Merkle root of 256 blocks or more while verifying transactions inside the blocks.
  2. A proposer proposes a checkpoint to all the validators. The checkpoint contains meta information about it so that all other validators can validate it.
  3. All validators on receiving a checkpoint checks if the Merkle root for the given blocks matches with what they have.
  4. If the checkpoint is correct, the validators using the Tendermint consensus engine gossip votes to each other.
  5. Once the checkpoint receives votes from 2/3+ of all validators, the checkpoint is queued on Heimdall to be sent to the Ethereum.
  6. This is when the proposer picks up the votes and submits them on the Ethereum proving to the smart contract that the checkpoint has achieved consensus on Heimdall.
  7. The smart contract on Ethereum chain maintains a record of how many checkpoints have been received and by whom were they submitted and other essential data.
  8. Once the transaction on Ethereum is successful the proposer sends another transaction on Heimdall called ACK ; which contains the checkpoint number which has been assigned to the checkpoint by the smart contract to all the validators that the checkpoint transaction has been accepted by Ethereum.
  9. Everyone is such a skeptic on Heimdall that they themselves check with Ethereum whether the checkpoint was right or not and only then process the transaction. It follows the adage — “Don’t trust. Verify” to the boot.
  10. And finally, a checkpoint is confirmed on Heimdall ?

But but but… What if a proposer doesn’t submit a checkpoint? ?

11. After a certain interval, the next validators in line send a NoAck transaction to all validators, signaling that a checkpoint hasn't been submitted to the smart contract in a long time and they want to send a checkpoint.

12. Heimdall checks if this is true and allows the next proposer in line to restart the process ?

This two-phase checkpointing allows us to easily keep both the chains in sync and helps us punish proposers who did not submit checkpoint and reward good validators.

We hope this post gave you an overview of how the Validator layer interacts with Ethereum. We will be continuing this series to give you a deeper insight into Heimdall.

May Heimdall reign long!

More from the Polygon Blog
Polygon Reaches First Sustainability Milestone by Achieving Network Carbon Neutrality

Polygon has made a major first step toward becoming carbon negative with the retirement of $400,000 in carbon credits representing 104,794 tonnes of greenhouse gasses, or the entirety of the network’s CO2 debt since inception.  The milestone comes after Polygon in mid-April released its Green Manifesto, part of its broader vision for sustainable development. The […]

Read More
State of Governance #2: Identity & Reputation

Clink Clank For a period of time, democracy in ancient Athens was exercised in a peculiar way.* Every eligible voter, when entering the hall, would receive a single pebble to be cast in one of two urns during assembly, signifying approval or disapproval on an issue. Athenians, understanding the significance of votes being cast anonymously, […]

Read More
Accelerating the Energy Transition With Reneum on Polygon

Given the urgency of the climate crisis, it may come as a surprise that the fossil fuel industry receives about half a trillion dollars a year in government subsidies. The truly shocking part is that renewable energy alternatives get less than a third of that. Reneum is trying to right the imbalance by using blockchain […]

Read More
Polygon Funds Web3 Development With $100,000 Pledge to Gitcoin Grants Round 14 

Polygon is donating $100,000 to Gitcoin Grants Round 14 to ramp up the on-going support for new projects building on the Polygon ecosystem. The core team has already pledged $1 million to Gitcoin over five quarterly grants until December 2022 in order to help and encourage the growth of Web3. Who is eligible Applications for […]

Read More
Why Neobanks Will Lead TradFi’s Shift to Web3

Conventional wisdom has it that traditional finance (TradFi) and decentralized finance (DeFi) go together like vampires and garlic. But there is one area of TradFi where that black-and-white picture shades into gray. This is the case for why neobanks will be key to bridging these two worlds. Neobanks, or digital banks, are basically banks without […]

Read More