October 5, 2020 By Joshua Goldbard 3 min read

A new crypto payment system cuts transaction times from minutes to seconds.

When Bitcoin was announced in 2008, I was incredulous. The concept of a decentralized, anonymous accounting system running on a shared public ledger (or blockchain) with no middleman was intriguing. Bitcoin does, in fact, work quite well as a system of account, but what I really wanted was a payment system. Bitcoin transactions take anywhere from 10 minutes up to an hour to finalize and consume enormous amounts of energy, which means paying for a cup of coffee is pretty hard to imagine.

A little over two years ago, when I was considering the problem of mobile payments, my thoughts again sprang towards cryptocurrency. To make something people could actually use to pay for a cup of coffee, all I could think was: “That sounds hard.”

About 12 hours later, with a lot of help from a very smart friend, I’d drafted the initial design for MobileCoin. The goal of MobileCoin was to make a payment system for the place people live and work today—mobile messaging apps. Solving for that use case meant it had to meet the extremely stringent standards of mobile applications. MobileCoin had to be exceptionally fast, privacy-protecting, and energy-efficient, all while providing a world class mobile-first user experience.

A security-rich environment in the IBM Cloud

Due to mobile device constraints for memory, computation, and network access, it was necessary to host the application remotely, or in the cloud. You simply can’t hold the entire ledger on a mobile phone.

For this application, security is essential. Users would need to be able to access the ledger remotely in a trustworthy fashion. This led us to choose a piece of technology called a secure enclave. Enclaves provide users with some strong safety guarantees for accessing the ledger on a system they don’t control.

Choosing to implement the Intel Software Guard Extensions (SGX) secure enclave, we selected IBM’s service for accessing confidential computing on demand: IBM Cloud Data Shield. This solution provides both the security and the cloud environment we needed; we consider it a crucial component of MobileCoin’s solution.

Our network users have keys on their phones that never leave their devices. They use those keys to construct and send transactions over a secure channel to the enclave. The enclave verifies the sender’s signature, then federates the transaction to all enclaves in the network for further verification before writing it to disk. The enclave doesn’t reveal the transaction amount or the identities of the sender or receiver, providing an unprecedented level of privacy.

Teaming up to take on technology challenges

The IBM team played an integral role in implementing the IBM Cloud Data Shield solution and getting SGX up and running. SGX is radically different from other systems. It’s a highly restrictive environment regarding memory and performance, and it lacks much of the tooling that comes ready-made with regular CPUs.

Due to these limitations, we initially spent a lot of time working with IBM Cloud Data Shield engineers to make it function. We chose to write our application in Rust to guarantee safety and speed. SGX is bleeding edge, meaning it doesn’t have much support in standard Rust, so we had to implement our system from scratch to ensure we could trust it. As such, we were very grateful to have the IBM team working alongside us.

Calling all testers

Our efforts paid off with the launch of a test network for MobileCoin on April 9, 2020. We’ve since gained thousands of users globally — exclusively via word of mouth — with excellent results to date.

Transactions complete in less than five seconds (as opposed to upward of 10 minutes for a Bitcoin transaction). We’ve had zero failed transactions, and energy consumption is negligible.

Based on our successful collaboration to overcome the many obstacles we initially faced, we’re thrilled with the level of support we continue to receive from IBM. We expect to continue using IBM Cloud Data Shield.

Learn more

Was this article helpful?

More from Cloud

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters