Deployment overview
Partisia Platform offers several deployment configuration options. When designing your deployment, you can choose among the options to meet your specific needs:
- A blockchain-only deployment is suitable when only blockchain functionality is required.
- One or more Execution Engines, which can run systems off-chain with access to external systems.
- An MPC cluster, running on top of the blockchain, is required to run multi-party computation (MPC).
- A reader node can be introduced to alleviate load on a heavily used blockchain node.
In turn, these components can be deployed in different ways:
- In a cloud environment
- In a self-hosted environment
- Using a hybrid approach, combining the previous options and involving multiple-organizations
The Components of Partisia Platform
Deploying a blockchain with Execution Engine nodes and/or an MPC cluster should follow these specifications to ensure scalability, availability, and security. This section outlines the key components and recommendations for setting up blockchain nodes, Execution Engines, MPC clusters, and reader nodes.
The Blockchain
Deploying the blockchain requires running a minimum of four blockchain nodes. More blockchain nodes can be added if needed.
Tip
Avoid placing all blockchain nodes in the same physical location, to ensure the availability of the blockchain.
The blockchain has a governance layer that implements the protocol to add blockchain nodes to the network.
Execution Engines
The Platform Blockchain provides Execution Engines and Off-Chain Components to enable integration with Web 2.0 technologies.
Execution Engines can run systems off-chain, with access to external components such as local storage and Web 2.0. These capabilities can be used to build confidential and auditable Key Management Services, Secret-sharing Services, among other types of services.
The Execution Engines listen to smart contracts specified in their configuration, and execute the part of the code called the Off-Chain Component in an asynchronous manner on a server distinct from the blockchain.
The security of an Execution Engine depends on the code of the smart contracts it processes, making the smart contract responsible for authentication.
MPC Cluster
Deploying an MPC cluster running the REAL protocol requires
- A deployment of the blockchain
- Four MPC nodes
Our MPC clusters use the REAL protocol. We recommend using four MPC nodes to run the protocol effectively.
Each MPC node connects to a blockchain node to receive updates about the blockchain's state. Each MPC node should connect to a different blockchain node. This way, if one blockchain node goes down, the other MPC nodes remain connected to the network.
For added redundancy between the blockchain nodes that produce blocks and the MPC nodes, we recommend deploying a reader node. This node acts as an intermediary, linking the MPC nodes to the blockchain.
Reader Nodes
Applications can use a blockchain node to requests the state of smart contracts and to send transactions to be executed. However, these requests can also be handled by a reader node. Diverting these requests to a reader node lightens the workload of blockchain nodes. This is considered an efficient practice because blockchain nodes can devote their resources to producing blocks. Reader nodes are part of the flooding network and thus have a copy of the blockchain, but do not take part in producing blocks.
Reader nodes expose the same API as blockchain nodes. Adding a reader node to a deployment improves the accessibility of your deployment without compromising the performance of the blockchain nodes.
The deployment layout
The blockchain and MPC cluster can be deployed in the cloud, in your own servers, or a combination of both.
It is up to you and your needs, where nodes are deployed. The following sections describe two common layouts and to explain security considerations behind each layout.
Cloud Deployment with Execution Engines
This is an example of a deployment of the Partisia Platform in the cloud which deploys execution engine nodes and a reader node:
In the example above, each of the execution engine nodes are deployed in a separate availability zone. This is to ensure that a single availability zone can be down, without the platform losing the ability to perform computation.
Each of the block producer nodes are deployed in its own availability zone. This is to ensure continued on-chain execution in the case of availability zones being down.
The browser can be deployed in any availability zone. Reader nodes should be deployed in availability zones to fit the need for access to the on-chain data. Applications viewing and interacting with the blockchain should have a reader node in the same availability zone to decrease the latency between the application and the blockchain. The browser uses a reader node to index the on-chain data, so a reader node should be deployed in the same availability zone as the browser.
Cloud Deployment with MPC clusters
This is an example of a deployment of the Partisia Platform in the cloud which deploys mpc clusters and a reader node:
This example is similar to the deployment with execution engines.
Each of the MPC nodes are deployed in a separate availability zone, to ensure that a single availability zone can be down, without the platform losing the ability to perform computation.
The security of the secrets sent to the MPC nodes is guaranteed by the fact that the data stored at any one node will not suffice to reveal the secret. To keep secrets secure ensure that each MPC node in the cluster is deployed to a different physical location.
Hybrid Deployment
The regulations and requirements are often different for each organisation, so if there are multiple organisations, that needs to participate in running the deployment, all they would need, is to deploy a blockchain node and a MPC node. The nodes can be deployed according to each organisation's preferences.
In the above figure, the platform is deployed between four different organisations. The nodes can be deployed in either the cloud or in the organisation's on-prem servers. Each organisation can then deployed a reader node to decrease the load on the blockchain node producing blocks from application's request for data or sending transactions to the blockchain.
On-site Deployment
Deploying the platform on only on-prem servers is also an option. We recommend that the nodes are running on separate, such that power outages etc, cannot affect multiple nodes at the same time.
Danger
- The security of the data stored in the MPC nodes relies on the MPC nodes being run in a distributed setup, where the nodes are physically located apart from each other.
- Deploying all the blockchain nodes in the same location is not recommended. The blockchains requires that there is atleast 3 blockchain nodes online for block production.