CertiK Logo
CertiK Logo
Products
Company
incident-response
Back to all stories
Blogs
How NEAR Achieves Finality with Doomslug
10/10/2022
How NEAR Achieves Finality with Doomslug

Doomslug is one of the key innovations at work behind the scenes of NEAR Protocol that is driving the adoption of the platform. Without it, NEAR’s impressive speeds and scalability would be impossible. To understand what Doomslug is, and how it works to scale NEAR, we have to take a look at one of the primary metrics of blockchain architecture: finality.

This blog will do just that, unpacking what finality is, why it is important, and how NEAR achieves it with Doomslug. It will then underscore the importance of NEAR smart-contract audits as an essential tool for securing the NEAR ecosystem, and ensuring the benefits supported by Doomslug aren’t squandered to attack.

What is Finality?

Needless to say, the last few years have been an explosive time for web3, with new protocols, projects, and technologies being developed at an incredible rate. Many of these new technologies have focused on resolving blockchain’s notorious scalability problem, which has been the central problem in the sector for some time. Yet, in the rush to resolve scalability, many protocols have gotten stuck on a vital element within blockchain security, known as finality.

Transaction finality refers to the point at which a transaction handled by the network can be considered irreversible. This is understandably essential for the proper operation of the network; if transactions can be reversed, malicious actors may want to manipulate the network for their own gain. In short, an event recorded on a blockchain is only set in stone once it has achieved finality. Given that the irreversibility of transactions is an essential part of blockchain networks, how a network achieves finality is therfore crucial.

Yet there are a variety of problems that can arise in the effort to achieve finality that ripple out and cause negative network effects. The most obvious of these is the amount of time that it can take to achieve finality results in slow transaction times.

This is seen most clearly in bitcoin, in which a transaction takes around 60 minutes till it can be said to achieve finality. This is because bitcoin requires 6 subsequent blocks to be produced before a transaction is deemed immutable. Since the network can only produce a new block every 10 minutes, this means that it takes an hour till it achieves finality. This is known as its confirmation time, and is a key metric in measuring the speed of a network.

In the attempt to reduce confirmation time and reach finality quicker, newer projects have focused on a variety of approaches, from speeding up block production, to designing architectures that allow for fewer blocks to be produced before finality is reached.

What is Doomslug?

Recently, NEAR protocol implemented its innovative block production technique, Doomslug, which works to radically reduce completion time, and constitutes a major step forward in the search for faster finality.

Doomslug allows the NEAR protocol to achieve what it calls ‘practical finality’ after just one round of communication. After ‘practical finality’, another phase allows for ‘Full BFT Finality’ to be reached after the second round.

NEAR describes Doomslug Finality, or ‘Practical Finality’ as the point at which a block produced by Doomslug is irreversible unless at least one participant is ‘slashed’. (Slashing is a penalty implemented by Proof of Stake networks whereby a misbehaving node has its stake confiscated and redistributed amongst the remaining nodes).

With Doomslug, NEAR allows individual participants to produce and broadcast blocks that are then endorsed by other participants. These endorsements are then communicated to the producer of the next block. If the next block is unresponsive, these endorsements are then sent to the subsequent block, with accompanying recommendations to skip the unresponsive block. Then, once a participant has endorsements or skip messages from more than half of the other participants, they can produce their block.

This carefully balanced system allows for Doomslug finality, which is sufficient for most practical use-cases. In doing so, Doomslug reduces latency by 200% (in situations where finality is the main cause for the bottleneck).

In instances where full Byzantine Fault Tolerance (BFT) is required, NEAR uses a BFT finality gadget which provides full BFT finality after the second round of communication. In this system, Doomslug, in conjunction with the finality gadget, achieves finality at the same speed as other prominent consensus mechanisms such as Tendermint and HotStuff.

Additionally, Doomslug with a finality gadget comes with the added benefit of having guaranteed ‘Liveness’ – which is the quality in which a protocol is guaranteed to eventually agree on a value, and reach consensus. The NEAR team has also shown in tests that Doomslug performs well in recovering after long periods of network activity.

NEAR Smart Contract Audits

The incredible finality throughput enabled by Doomslug is a major draw for developers looking to build on NEAR, and will no doubt attract ambitious projects to the platform. For those that do, CertiK offers the vanguard in web3 security tools, designed to provide NEAR-based projects the best security posture available.

This begins with CertiK’s NEAR smart-contract audit, which brings together the cutting-edge in AI technology with leading experts in computer science to systematically seek out vulnerabilities and paths for attack in a smart contract’s underlying code.

Rather than a one-size-fits-all audit, CertiK’s NEAR smart-contract audit is specifically honed to address NEAR’s architecture. This has then been bolstered by our relationship with some of the most exciting projects in the NEAR ecosystem, including The Sandbox, Ampleforth, and TrueUSD. these collaborations have led to our development of a NEAR smart-contract audit that provides a nuanced understanding of the strengths and potential weaknesses of NEAR-based projects.

CertiK’s NEAR smart-contract audit reports work to identify, analyze, and provide steps to remediate potential threats, all in easy to understand, and actionable points. This clarity in delivering findings is an essential part of any NEAR smart-contract audit, as it allows for audited projects to improve their security as efficiently as possible.

Alongside our NEAR smart-contract audit, CertiK also offers the blockchain analytics tools, Skynet and SkyTrace, that work to provide in-time insights after a project is launched. Whilst soliciting a NEAR smart-contract audit before launch is foundational to a project's security, blockchain analytics tools such as these save precious time for teams when working to anticipate and respond to attack.

CertiK has continued to hone its security toolkit and has recently announced two new services alongside its NEAR smart-contract audit: CertiK KYC, and a Bug Bounty program.

With CertiK KYC, CertiK provides the first NEAR smart-contract audit to offer KYC verification for project teams. This vital tool helps to build trust between NEAR teams and their communities, which in turn drives investment and adoption.

CertiK’s new bug bounty program works alongside our NEAR smart-contract audit by enlisting handpicked white-hat hackers to seek out novel vulnerabilities and attack vectors in audited projects. This innovative new service provides NEAR projects with valuable insight into a hacker’s perspective, and is a vital new tool in the fight to stop attacks.