Each week, we host top names in DeFi on the CertiK Security Leaderboard Live AMA. The CertiK Security Leaderboard is your one-stop shop for everything security related in DeFi. Head over to CertiK.org and check out the ranking of dozens of projects, their security scores, Skynet statistics, and much more data.
This week we had the pleasure of speaking with Alan Chiu who is the CEO of Enya. Enya has been working with OMG Network to develop a next-generation platform built to scale and augment Ethereum. Enya's privacy technology combined with OMG's Layer 2 research and development, will make OMGX one of the premier platforms for developers of decentralized applications. The OMG Network is a decentralized, public network that allows high throughput, low-cost peer-to-peer transactions. With the OMG Network, anyone can transact value across geographies, asset classes, and applications. The OMG Network allows you to access, manage, and transact with digital assets that are kept securely on the blockchain.
If you missed the chat, don’t worry: here’s a recap of some of what was discussed.
* * * * * *
How do you guys achieve such low transaction fees in comparison to L1 Eth?
Alan: Let's go back to the first principles. When you think about how Ethereum works, every single node has to perform the same kinds of computations to arrive at the exact same stage - all across the network. That's why its capacity constrains and it is expensive. One of the ways to scale is to take the computations off the main chain, perform them in such a way that the results can still be trusted, and stored on the main chain. The heavy lifting is done on what we call layer two and that's the approach that we take.
Security and transparency are two things that people frequently worry about with L2 or off-chain movement.. is there anything that you want to touch on in that realm?
Alan: Yeah absolutely. The whole area of verifying that the computations are conducted correctly and there's a way, for whatever reason, the layer two is not doing what it's supposed to be doing. There needs to be a way for the community/for the users to be able to detect any potential fraudulent transactions and be able to revert any of these transactions that are not supposed to happen in the first place so in the case of an optimistic rollup there are processes that are called verifiers and fraud proofers that take on this responsibility. At the highest level at OMG our philosophy is to maximize community involvement as much as possible. The direction we're moving into is to bring our community along in running these verifiers and fraud provers in catching fraud together as a community because the more eyes that are watching the layer 2; the more secure it's going to be.
One of the missions of Enya and OMGX is giving users control of their data as people have been moving to browsers that give back a bit more of that privacy and user owned everything is a driving force of the Web 3 revolution. What made this mission important to you?
Alan: This mission is super important to us because we have seen the risks of centralizing data around large data lakes or around really centrally controlled entities where the individuals have lost control; once they've handed over the data they've come lost complete control of what happens to the data afterwards and that has led to all kinds of security breaches that we keep hearing in the news. To solve this problem of course one approach could be you could keep erecting higher walls/thicker walls to protect the centralized data repositories but that's an arms race with the attackers. The fundamental way to solve this problem is to not aggregate the data into one central location in the first place so you don't create this honeypot that is attracting all kinds of attackers. One of the best ways is to leave data in the individual's hands; we call it self sovereignty.. There are many different terms we can throw at it but fundamentally that's the idea and you still, as a user, want personalized services and you do want to take advantage of the data that you have to use the products and services that you want right. This is why we're on this mission to use technology to help bridge that gap.
OMGX is the deliverable of your partnership with OMG.. can you dive into what OMGX is and sort of how it differs from any of previous products from OMG?
Alan: Sure, OMGX is a new layer two solution that we've built together. It's EVM compatible and if you already have smart contracts that are running on Ethereum main chain, it will take you very little work to migrate to OMGX and start enjoying much lower transaction costs right away. We've launched a public testnet on Rinkeby that you could use today and we're driving as fast as we can towards the mainnet beta. In addition to being EVM compatible, we also have built our own solutions for handling fast exits. When you withdraw your funds, you can certainly still choose to go through that seven day window to wait for your withdrawals or you can pay a small convenience fee and withdraw your funds almost immediately. This is a distinguishing feature that we build in-house based on our research called quasar. In addition to that, we also have a token called OMG that is one of the most widely held tokens in the ecosystem and the whole OMG community is very excited to participate on DeFi protocols that will be deployed on OMGX. We're also adding to this powerful platform the ability for smart contracts to invoke code that runs off chain so you can run them on AWS or other platforms in order to perform computations that are too complex or too expensive to run within a smart contract and we are calling this capability extensible smart contracts.
So has OMG become a multi-chain L2 Plasma and the OVM roll-up of OMGX?
Alan: Yes, exactly. So OMG Plasma is still running and it's still available for developers that wish to take advantage of the high throughput token transfer capabilities of plasma. The X is the second chain that we're rolling out.
How are fees calculated on OMGX? Any estimates as to what fees will look like?
Alan: We're still fine-tuning the the final fee structure but in general it's going to be a function of how much volume we can pack into a certain unit of time because ultimately we still need to pay Eth in order to store the state routes on the main chain so there will be some costs involved and the more transactions there are to spread those costs around the more savings we can deliver. We're looking at anywhere between 10x to 50x types of cost savings.
If you swap L2 to L2 / cross-chain using Quasar, which L2 side gets the LP fee?
Alan: That's a very good question. One of the aspects of OMGX is that we would love to have the community involved as much as possible. So over time, as we begin decentralizing the governance of the network, these are the types of decisions that the community will be able to make together as part of that governance. It makes more sense, for given how widely held the token is, for the community to come together and discuss these issues and hash them out rather than just have a few of us sitting in our offices behind our computers to just make the make a decision that's going to impact all the participants on this network. That's a core pillar of DeFi governance.
What is the benefit in using OMGX over Optimism PBC or Arbitrum?
Alan: Many of the benefits are that you get fast access from day one and you don't have to wait, we are not dependent on partners to deliver that capability, and in addition our fast exit mechanism is based on a swap based mechanism backed by liquidity pools. We will be putting in assets to back these pools in the beginning but we're not stopping there. We're also opening up these pools for any of our community members to stake their tokens and have a cut off the convenience fees that users will be paying to enjoy the fast exit convenience, again going back to this overriding principle of maximizing community involvement, this is another way for the community to help make the network better and they also get to enjoy some of financial returns from convenience fees so that's a huge deal for the community and that delivers benefits to other users and then on top of that if you're a developer that wants to marry the benefits of decentralization with the power of, for example machine learning, today is just too too expensive to run a machine learning classifier in a smart contract but with our extensible smart contract capability you can invoke a machine learning classifier that's running off chain and bring the results back into your contract and take advantage of these computer science advances that are happening every every day and now we can start bridging the decentralized blockchain world with the machine learning world with a secure computation world with a lot of advanced computational capabilities that until now have been out of reach from smart contract developers.
Can you dive a little bit into your auditing experience with CertiK, why you chose CertiK, and how was the process for you?
Alan: It was a great process. We actually looked at many different other firms and we decided to go with CertiK because the CertiK team was very responsive, the turnaround time was very fast, and we went through a number of iterations going back and forth with the comments, they made comments back, and overall it resulted in a more secure and better outcome. The CertiK team didn't identify any severe issues at all, the issues were minor to informational, but our team really appreciated the level of attention to detail, professionalism, and responsiveness demonstrated by the CertiK team. We will definitely will come back again.
What's on the long-term roadmap for you guys? What is the vision for OMG?
Alan: There is still a lot to be done. We're just at the starting line I would say. In addition to building out fast exits, extensible smart contracts, and augmenting ethereum, there's a lot of tool chain support that needs to be built out as well. Again, it has to do with maximizing community involvement and making it as easy as possible for a lot of developers to build on OMGX. One example is our partnership with Web3 API. We really believe in the Web3 vision and what the Web3 API team is working on so we're jointly creating client-side SDK’s, the language agnostic, so that we make it as easy as possible for developers to build web applications that interact with OMGX and as Ethereum itself evolves with the different fee structure that's coming online next month. With Eth2 coming online it's almost like a living organic ecosystem with OMGX as the layer two. We are tightly coupled with Ethereum itself so we're going to be evolving alongside Ethereum; so there's a lot of work to be done. Ultimately, it's about creating the most powerful, widely adopted, decentralized ecosystem possible.
Do you guys think that you could implement some kind of ID verification to maintain regulatory compliance? Having bad actors or sanctioned states operating on a private network can be a cause of issue.
Alan: Well the way we look at it is we are part of the whole decentralized infrastructure on which applications are built, so oftentimes the responsibilities for KYC or verifying the identity of the customers or users falls on the application layer as opposed to the infrastructure layer. So we don't see ourselves getting into the business of providing identity verification services. There are many other projects who've been working on solving these challenges especially in the decentralized settings for many years and they're experts at it. We do believe that we provide the most compelling infrastructure to support what they do and we're really hoping that the different regulatory bodies will, over time, learn to appreciate how the decentralized world functions a little differently than a centralized world and come up with regulations that are sensible and protect/keep us safe. Ultimately that's what it's about, keeping consumers safe but at the same time not preventing innovations from blossoming in the decentralized world.
* * * * * *
That wrapped up this week’s AMA with Alan from OMG. For more AMA sessions with top DeFi and crypto projects, keep an eye on our social channels and subscribe to our YouTube channel.
🌏 Auditing and Pen-Test Website: https://certik.io/
🌐 Skynet & CertiKShield Website: https://certik.org
🐦 Twitter: https://twitter.com/certik_io
🐦 Twitter: https://twitter.com/certikorg
💻 Github: https://github.com/CertiKProject
📚 Medium: https://medium.com/certik
✉️ Telegram: https://t.me/certikfoundation
This interview has been edited for clarity and concision.