DaoliCloud (Digital Asset Open Ledger for Inexpensive Web3 Services) is an open, permissionless, inexpensive, and secure platform for all sorts of computers (hereinafter referred to as node or nodes) to participate in, and thereby become an Internet server. The DaoliCloud Platform has the following properties:
Let us provide some comments/explanations on these properties.
Property 1 means that a node participating in the DaoliCloud Platform is in the same fashion as a node participating in a public and permissionless blockchain. Indeed, the layer-1 software for the DaoliCloud Platform does implement a permissionless blockchain. With this property, the open ledger for DaoliCloud’s digital assets, like that for the existing public and permissionless blockchains, can also securely record transactions for a number of very useful digital assets that have been enabled by public and permissionless blockchains. These very useful digital assets are: decentralized-moneys, non-fungible-tokens (NFTs), or stable coins, etc. The DaoliCloud Platform can also support blockchain smart contracts to run on the decentralized nodes.
Property 2 suggests that the technical element underlying the operation of the DaoliCloud Platform has a much lowered cost than those underlying the operations of the existing public and permissionless blockchains, e.g., Proofs-of-Work (PoW) or Proofs-of-Stake (PoS). Indeed, to improve the operation efficiencies for, and to lower the transaction fees for the digital assets enabled by, the existing public and permissionless blockchains are two main motives for the work of the DaoliCloud Platform.
Properties 3–5 simply state that a node participating in the DaoliCloud Platform has the full capabilities that an SSL/TLS secured web-/apps-/cloud-server does. Since obviously a node of a permissionless blockchain has a public key, this public key can of course secure the node in the fashion of the SSL/TLS protocol. Moreover, the public key can also be bound to a human-friendly DN token for the digital asset open ledger to record the binding relation. Thus, a node participating in the DaoliCloud Platform can indeed function as an SSL/TLS secured web/apps/cloud server.
Properties 3–5 Enabled Service Examples: As a permissionless platform, a user can register a DN and/or an NFT-token for its participating node, and let the blockchain platform provide IP resolution and routing services, using the DN and/or NFT to access the node from the Internet, e.g., to view the original image of the NFT artworks which the node as a the Web server is servicing; when routing using the DN, the node can be used as a cloud server for the user’s own use or to provide Web services to others. As far as we know, the provision of such services is unknown for the existing public blockchains.
In the remainder of this writing, we will introduce the work of the DaoliCloud Platform in the following way. We first discuss and observe that a public and/or permissionless blockchain can have a wide range of and valuable applications. However, the popular mode of operation in the existing public blockchains has problems such as high operating costs and low service efficiency. Regarding how to lower the operating cost, and improve the service efficiency, of the public blockchain, we will give an open and detailed presentation to the working principle and system implementation of the DaoliCloud Platform.
Bitcoin began a very useful mechanism for public-key credential establishment. Let us describe the mechanism and reason about our appreciation of its usefulness as follows.
Securing a coin (digital asset) in a digital wallet (by the wallet’s public key), and recording the asset’s transaction(s) in the blockchain open ledger, Bitcoin, by way of digital asset transaction, manages security associations between a digital asset and a bunch of public keys. These security associations are managed as follows. Before taking place a transaction, the public keys of the asset transaction senders are securing the asset, and those of the asset transaction receivers are about to secure the asset. After completing the transaction, the latter bunch of the public keys become securing the asset, whereas the associations with the former are removed. The state changes of these security associations can be looked up from the open ledger of Bitcoin with the correctness proved by digital signatures using the involved public keys. That a digital asset has value for its transaction involvers means that these involvers will have self-concerned responsibilities to carefully verify the transaction enabling digital signatures. The cryptographically verifiable asset transaction evidence recorded in the open ledger does establish cryptographic credential(s) for the involved public key(s). Undoubtedly, so established public-key credential has the validity that makes a much better sense than the conventional public-key credential validity that crudely stipulates the credential owner to place in advance an unconditional trust on some centralized third party, e.g., a certification authority (CA), or a centralized web service provider.
Notice that the above argument for public-key credential establishment assumes absolutely no trust whatsoever on any third party. Therefore so established public-key credential can be referred to as “zero-trust public-key credential.”
Zero-trust public-key certificates are enormously useful. For example, a Web service system can greatly reduce the attack surface of the system by eliminating the unconditional trust on CA and/or on centralized service providers; users avoid the service costs of CA or third parties; users can also enjoy anonymity;; in addition, because there is no need to register in advance a participation identity, or pre-setup a public-key certificate, permissionless participation in a Web service system becomes practical.
Permissionless online participation in an open and scalable network system can easily lead to uncontrolled participation chaos. Not surprisingly, to organize an order out of permissionless participation caused disorder is a task of non-trivial difficulty. Order organization methods adopted by the existing public and/or permissionless blockchains have shown, with no exception, high blockchain operation costs and/or low service efficiencies (to discuss why in the next section). Consequently, digital assets enabled by these blockchains are in an unfavorable status quo of being rather expensive to transact. High blockchain operation costs, low blockchain service efficiencies, and expensive asset transaction fees are also likely responsible for a universally eminent phenomenon in decentralized finance (DiFi) enabled by such blockchains: DiFi digital assets have infamously volatile exchange rates (or highly risk stable-coin collateral), making them easily susceptible to speculative hype.
In summary, the remarkable usefulness of zero-trust public-key credential that the existing public and/or permissionless blockchains have creatively enabled has limited applicability to only a small number of “special-interest” digital assets, where the modifier “special-interest” means that the users of such digital assets do not care high transaction fees. Also, it has been difficult for zero-trust public-key credential to find wide applications.
So far known means for public and permissionless blockchains to organize enthusiastic permissionless participants into orderly blockchain functioning servers are with no exception about some voting mechanisms, such as Proofs-of-Work (PoW) voting for computing power, or Proofs-of-Stake (PoS) voting for wealth ownership. These voting mechanisms, while originally designed to sort out a fair order from unordered, possibly chaotic, participants, later turned out to be more important in preventing a so-called Sybil attack. The rationale for preventing the Sybil attack is to have the permissionless blockchain participants compete for who can spend more money, or take higher financial investment risks, as a fair means of gaining the entitlement to operate the blockchain (of course to allow the competition winner to profit from the operation). No matter whether the voting is PoW- or PoS-based, all formulations of voting give rise to competition with increasing fierceness. It is the increasingly fierce nature of the voting competitions that has led to the increasingly higher operational costs for running these voting based blockchains, and increasingly lowered efficiencies for such blockchains to serve their users, and for special-interest digital assets enabled by such blockchains to be expensive to transact, and with high volatility for speculation. Consequently and unfortunately, the greatly useful zero-trust public-key cryptography enabled by such blockchains have limited applications of poor scalability.
The DaoliCloud blockchain proposes a new, non-voting and non-competition model for public and permissionless blockchain, which can fairly organize orderly blockchain service providers out of chaotically unordered permissionless participants, and at the same time prevent Sybil attacks. Due to the avoidance of high cost and inefficient voting competitions, we hope that the DaoliCloud blockchain can have the following advantages: 1. Qualified blockchain resource (compute, storage, network) service provisioning participants would become numerous, and thereby they would have much improved efficiency for providing blockchain resource services; 2. The cost of using blockchain services would be much lowered, and thereby the blockchain enabled digital assets would become inexpensive to transact, and no longer be an easy target for speculation; 3. Most usefully, zero-trust public-key cryptography would become widely and affordably usable by a mass of users, and be suitable for pervasive applications, with the users and applications are in an open and scalable system. The advantage number 3 is the most important motivation for us to have been working on the DaoliCloud Platform.
In the Bitcoin whitepaper, Satoshi Nakamoto described a what he named “One-CPU-One-Vote” Bitcoin blockchain security design: every node connected to the Bitcoin network, including every online client wallet, regardless of its CPU capacity, speed, and price, can equally and fairly vote for the network’s security decisions. Because this design creates a completely decentralized blockchain network, Nakamoto firmly believed that Bitcoin based on this everyone-voting design would have very strong decentralized security. Also because everyone voting essentially constitutes everyone contributing compute resource equally, Nakamoto also hoped that this equal compute resource contribution design would by virtue of “give-and-take” dilute lowering the cost of using Bitcoin. Since every node connecting the Bitcoin network is contributing compute resources to the network, when using Bitcoin services (e.g., making transactions), it should also receive compensation in the form of cost-lowered services (e.g., reduced transaction fees). Unfortunately, the rational design of equality, fairness, and give-and-take broke down embarrassingly and irreversibly in real-world practice. Shortly after Bitcoin’s public operation, online client wallets lost their voting entitlement and the ability to provide computr resources to the Bitcoin network. As a result, users (mostly client wallet holders) have had to pay increasingly expensive fees when using Bitcoin services.
In fact, as far as the currently known public blockchains (especially Bitcoin) are concerned, online client wallets overall only constitute a net cost center, consuming expensive blockchain network resources. These expensive network resources are provided and maintained by some “permissionless” (the meaning of the quotation marks will become clear in a moment) blockchain operators who participate in competitions. Either (in the Proof-of-Work, PoW, mining model) these “permissionless” competing blockchain operators are PoW mining pools or farms whose scale grows larger and larger. The reason for this is that PoW blockchain operators need to continuously expand and upgrade the performance and scale of their mining equipment to have the upper hand in PoW hashing power, and for this, they need to constantly increase their operating expenses (mainly for mining electricity consumption). Or alternatively (in the Proof-of-Stake, PoS, voting model), they are PoS equity investment parties whose risk capital injection amounts keep increasing (due to the speculative nature of PoS). The reason for this is that PoS blockchain operators need to continuously increase their risk capital injection to compete for more PoS block generation rights. Therefore, for public blockchains based on PoW or PoS models, competitive maintenance of the dominant operation of blockchains means competitive increase of operating expenses.
As a result that all known “permissionless” blockchains use various online voting schemes to select blockchain database operators, the vast majority of the blockchain users, namely client wallet possessors, are excluded from the “permissionless” competition because each of them either has negligible compute power to contribute to a PoW blockchain, or only owns trivial assets to qualify block generation for a PoS blockchain. Their individual and uncoordinated participation in a “permissionless” online voting blockchain clearly cannot make any meaningful impact on the fair operation of the blockchain, let alone their client wallet CPU being counted in the “One-CPU-One-Vote” ideal fancied by Nakamoto. In fact, for an online voting system to have security, i.e., the authenticity and fairness of the votes, it depends on many hard-to-satisfy assumptions. Years of research efforts have shown that it is very difficult to design a secure online voting scheme for running in an open network environment. For example, there is a so-called Sybil attack applicable to PoW mining blockchains based on Nakamoto’s “One-CPU-One-Vote” ideal, where an attacker can use very low-cost methods to create a large number of fake votes that are very difficult to distinguish from real ones. The existing PoW and PoS public blockchains defend against Sybil attacks by requiring participants to engage in an endless and increasingly intense competition through PoW or PoS. Straightforwardly speaking, PoW competition is about spending money on machines and electricity, while PoS competition is about buying PoS service rights. Therefore, the qualified operators, i.e., service providers, formed by these public blockchains through fierce competition actually work in a closed environment with growingly higher entry barriers. Sybil attackers cannot effectively attack without spending a lot of, and growingly more, moneys.
For PoW “permissionless” public blockchains, not only are online client wallet users unable to contribute compute resources, but many powerful cloud servers are also unable to do so because they have no hope of winning in PoW mining without pooling with specialized mining hardware. For PoS “permissionless” public blockchains, the capital price of PoS equity can fluctuate dramatically due to speculation, and hence the proportion of nodes who qualify PoS block generation among all blockchain participants may even be lower than that in PoW mining. Currently known “permissionless” public blockchains have unfortunately all deteriorated into de-facto permissioned ones due to the permission threshold for obtaining blockchain operating rights through competitions being so high. Also in terms of network service quality, such permissioned public blockchains provide network services by only relying on a fraction of “smart” nodes, so-called full-nodes, to bear the burden of service requests from an overwhelmingly large population of “dumb” nodes, resulting in an inefficient and unreasonable design for network throughput. Fortunately, these public blockchains have discovered a few meaningful usecases which are either not very cost-sensitive, or favored by speculative investors. Decentralized moneys and Non-Fungible Tokens (NFTs) are two prominent examples of such special usecases.
A decentralized coin or an NFT-token is essentially a digital asset, and such a digital asset can be reliably, robustly, and securely routed to/from the Internet (when connected to a blockchain). The reliability and robustness of routing are due to the fact that each network service node in a public blockchain network acts as a network router and can broadcast the user’s request to the entire blockchain network. The security of routing is a more significant public blockchain service, which is worth further elaboration as follows. The wallet that stores decentralized-coins or NFT-tokens is strongly protected by public-key cryptography. The assets in the wallet can only be controlled or disposed of exclusively by the (asset) owner of the wallet. When disposing of a digital asset, the asset owner must use the private key protected by the wallet to sign the asset, where the private key matches the wallet’s public key. These useful security properties are enabled by public-key cryptography, and can be publicly verified using the wallet’s public key.
With the outstanding advantage of protecting private assets with public-key cryptography, the special assets of decentralized-money, NFT-tokens, although costly to use due to the low efficiency of the network services provided by public blockchains, and despite their users having been few due to their prices often fluctuating dramatically (possibly due to speculation), have played an important role in inspiring a new demand for Internet services, namely Web3. That is, these few types of special digital assets that have been proven to be feasible by the existing public blockchains are very meaningful, and there is a strong need to generalize them to a broader range of digital asset applications for a mass of users to own and have exclusive control of, at pervasively affordable costs to use.
There should be many usecases for general-purpose Web3 digital assets. For example, if a decentralized money has stable face values like a fiat currency does, and its transaction fees are low, then it does qualify a general-purpose Web3 asset and may become widely used. As another example, Web2 infrastructure services of domain name registration, resolution, and CA certificate issuance exist with various security risks due to their strong Web2 centralization attributes. In fact, domain names and CA certificates are essentially NFTs. In comparison with the known blockchain special-asset NFTs, DN and CA as NFTs would have much broader and practical usefulness, e.g., they are easy for human users to recognize, click-authentication, and -route, and have less speculative value. Thus, if low-cost NFT-style registration, resolution and authentication services can be developed for DN and CA certificate applications, then these services would also qualify as general-purpose Web3 digital assets, and might give rise to a very wide adoption. For yet one more example, with the routing-to-public-key service enabled by blockchain servers, a mass of client devices such as laptop PCs can become Web3 servers for https hosting web pages. The emergence of Web3 represents a revolutionary challenge to the current situation in which the vast majority of Internet digital assets are concentrated in the hands of a few large Web2 service providers. Of course, to promote the adoption of general Web3 digital assets, breakthroughs must be made to overcome the current limitation of public blockchains supporting only a few special digital assets with a small number of users.
DaoliCloud is a permissionless public blockchain technology that aims to provide a mass of users with a wide and affordable range of Web3 digital asset applications. The key to improving digital assets in this way is a new model for blockchain security and resource utilization, which can be described as follows. Every CPU participating in the DaoliCloud blockchain, especially every online client wallet’s CPU, can serve a “One-CPU-One-Firewall” security function to protect the local node itself against adverse effects of erroneous messages the node may receive from the blockchain network. Unlike the desperate situation of client wallets being ineligible to participate in PoW-mining-, or PoS-staking-, based global online voting, the “One-CPU-One-Firewall” security design is a local decision on accepting/rejecting blocking messages which appear in the blockchain network. A CPU of any grade, including a low-end one, can competently make such a local decision. Let us explain below why such a local decision is easy to make.
Messages that relate to appending blocks to the blockchain are called “kernel messages” and they are designed to have the following properties. (1) A kernel message is easily generated and verified because it includes a digital signature. (2) Kernel messages are only allowed to appear in the blockchain network at a globally aligned time interval, where a node can align its local time to a global time is due to a novel method of using a CPU’s local clock. (We shall explain this method in the next section.) With these properties for kernel messages, the DaoliCloud blockchain always deterministically appends a unique block (and thereby adds the chain height by 1) at a globally known time interval; that is, the chain never forks. For a non-forking blockchain, the local (applications) DB which is distributed at each participating node can be maintained (i.e., for the DB entries being created, searched, inserted, updated, or deleted) to be always in the search-key-sorted state, and hence the DB process can be complete in O(log n) time (n being the size of, i.e., number of items in, the DB). With this low time complexity, the applications DB of the blockchain can be quickly processed (e.g., against double registration of a DN token, or double spending of a coin), even the job is done by a low-end CPU.
The remaining “magic” in need of explanation is why and how the DaoliCloud blockchain can have a global clock for all participating CPUs of any quality grades to precisely align time for sending/receiving/forwarding the blockchain kernel service messages.
A low-end CPU today may have a rather inaccurate clock to drift clock cycles, either gain or lose the cycle counts, at rates of hundreds of parts per million (ppm) clock cycles. The DaoliCloud blockchain is designed to tolerate permissionless participation by very poor quality CPUs, as poor as to tolerate clock inaccuracy up to 1,000-ppm, for them to still be able to make fair and sound contributions to the blockchain. Consider letting the blockchain use a one-minute-long time epoch to append a block. Then the maximum clock drift of a 1,000-ppm poor CPU clock will not exceed 0.06 seconds in each one-minute-long epoch, or the maximum time gap between two such poor CPUs will not exceed 0.12 seconds (due to one drifting faster, and the other doing slower, each by maximum 0.06 seconds). Thus, the local clock of any-quality CPU is sufficiently accurate (with accuracy bounded by 0.12 seconds) to measure a one-minute-long epoch and become ready to execute a time event. The time events of DaoliCloud’s interest include, e.g., to broadcast, receive, or forward a kernel message. Consider that, e.g., one-second-long network latency is a reasonable network quality for a blockchain to have to bare with, then mixing the maximum of 0.12-second CPU clock error with second-long network latency, the blockchain would not be able to notice existing any clock inaccuracy. Further notice that, upon each time moment of receiving new kernel messages, a CPU begins to measure the next one-minute-long blockchain epoch. Therefore, with low or high qualities, all blockchain participating CPUs will align the beginning time of each blockchain epoch upon receipt of kernel messages. The DaoliCloud blockchain does have a global clock as the blockchain consensus, and this global clock has the network latency aligned accuracy forever.
To this end, we know that every node participating in the DaoliCloud blockchain, regardless of the quality of its CPU, is indeed capable of the security design function of “One-CPU-One-Firewall”, so that the node can accept semantically valid and time valid (kernel) messages, or reject invalid ones which are treated as attacking messages.
As a blockchain using kernel messages, DaoliCloud has pioneered the concept of a Blockchain Operating System (BOS), and implemented the new concept into a working system. The BOS lets a set of permissionless nodes be organized in an orderly manner, and grants them the privilege of broadcasting kernel service messages to saturate the entire blockchain network. So, the BOS message service features reliability, robustness and ease of authentication.
Generating a BOS message and verifying its authenticity, both jobs are very easy that can be competently processed by an online client wallet. Then broadcasting, receiving BOS messages, judging their correctness, forwarding correct ones or discarding erroneous ones, these are about all the tasks that every “One-CPU-One-Firewall” node in DaoliCloud is supposed to competently operate. The compute resource requirement for a node to provide such a firewall function is so low that in a lite (as lite as an Internet dust) software implementation, or in an expensive professional-grade heavy asset server hardware implementation, the resultant firewalls would function with no difference. More to the point, the local independent behavior of a “One-CPU-One-Firewall” cannot be remotely interfered with over the network, regardless of how weak the interfered target is, or how strong of the interfering party is. With this “One-CPU-One-Firewall” property, a mass of online client wallets in DaoliCloud are no longer being cost centers as in all known public blockchains, on the contrary, they become production centers. In large numbers and with wide physical distribution, the blockchain firewall function provided by online client wallets is very strong, reliable and robust.
Being able to combine online client wallets to a blockchain production center, DaoliCloud makes a significant change to the current blockchain status quo of placing the burden of the entire blockchain service requests over to a much smaller number of heavy-asset servers. In the new blockchain model of inclusively utilizing compute power of every online client wallet, the cost of a wallet obtaining blockchain services would be greatly reduced. A clear give-and-take scenario takes place here: for a wallet to use blockchain services, it has to connect to the blockchain network, and the connection makes the wallet to provide firewall service to the blockchain! In contrast, in the current status quo of only placing the burden of all users’ service requests over to heavy-asset servers, we know that a blockchain necessarily needs to find some rather clever, expensive, and often volatile pricing methods to enable the blockchain service provider to charge service fees to client wallets in order to compensate for the growing expenses related to participating in endless competition, such as increasing equipment resource investments, operational costs, or (speculative) venture capital investments. Through these comparisons, we have outlined why and how the cost of pervasive use of Web3 applications can be reduced to a level that can be widely affordable for (individual) users.
DaoliCloud uses a random noise algorithm to find random, redundant, orderly, and permissionless nodes, which are called “Uncles.” The random noise algorithm and its output are inspired by Ethereum blockchain technology. Ethereum rewards its Uncles for their noise block generation contributions, which can help save electricity consumption. However, DaoliCloud requires its Uncles to provide more meaningful blockchain services. Orderly Uncles are a set of physically decentralized nodes with logically centralized and consistent behavior to send simple kernel messages. In this working principle, Uncles serve as the kernel resource for the Blockchain Operating System (BOS). The most significantly meaningful BOS kernel layer (layer 1) service is a decentralized global clock, which allows any node in the blockchain network, including any online client wallet, to easily verify the robustness and accuracy of the clock against malicious interference. The accurate global clock establishes a global consensus on deterministic updating the blockchain DB (the local copy for each node). Useful BOS services on the application layer (Layer 2) include: (i) Decentralized payment transactions, in which moneys have stable face price and transactions have low fees, just like the cases for a fiat money. (ii) Naming and routing services for users’ Web3 digital assets, allowing users to use various decentralized identities (DIDs) to exclusively control and dispose of their digital assets, as well as for altruistic use of a name or an icon. With a large number of client wallets providing resource and security services, DaoliCloud can support affordable, public-key secured (such as through HTTPS hosts) Web3 services.
If the cost of participating in a permissionless blockchain is very low, and as a result of participation, the participants can be easily seen on the Internet (of course, under the premise that the participants are willing to publicize their wallet public key addresses by the blockchain and be widely visible), then in addition to digital assets such as decentralized coins, NFTs, and stable coins that can be used as decentralized transaction instruments, the blockchain will also have the potential to create some more general, useful, and interesting digital asset use cases . For example, the application scenario described below is achievable: a permissionless node in the blockchain, because it only needs to consume a negligible amount of its resource to maintain the operation of the blockchain, can have the bigger part of its resources (that is not needed for maintaining the operation of the blockchain) used for providing IT-as-a-Service (ITaaS) value-added cloud services, such as infrastructure as a service (IaaS), platform as a service (PaaS) , software as a service (IaaS), in exchange for service fee revenue.
Unlike the traditional ITaaS market, in which cloud service providers have to make a large amount of upfront capital investment to enter the market, and thus easily form a monopoly in the service providers side of the market, the ITaaS platform created by this blockchain has the following two new attributes. 1. In the market supply side: the permissionless participating nodes of the blockchain are nothing more than some mass-produced commodity cloud servers and/or personal computers (desktops and/or laptops) which are also ITaaS cloud servers and provide services, the barriers to market entry are very low; many small businesses, even a large number of amateur individuals, have sufficient capabilities to enter the service provisioning market, and can stay online for a long time to serve, and they gather together to become a significant chunk of the ITaaS cloud services providers. 2. In the market consumers side: the consumers of this blockchain-enabled ITaaS market will likely have a large number of users because they now enjoy a major improvement in service quality. This major improvement in consumer service quality is: ITaaS users are now the holders of blockchain wallets, so they have zero-trust public-key certificates, which can protect their data in the cloud with the security strength of public-key cryptography, and thus they no longer have to live the old lifestyle when using the traditional ITaaS cloud services, that are forced to obey some unconditional trust requirements imposed by the cloud service providers.
In the above exemplified blockchain usecase for the new ITaaS market, ITaaS, as online services being exchanged in between supplies and demands, actually becomes a blockchain asset. Not only is ITaaS resource a broadly useful, but it is likely to achieve enormous usage and transaction volume. This blockchain asset, because of in large volume of supply and demand, have the power to lower, level, and stabilize their prices. The low and stable prices of such useful blockchain asset are comparable to the prices of the digital assets that are blockchain transaction instruments (i.e., decentralized currencies, stable coins), so that there is a stable and low exchange rate between these two assets in that the latter (digital currencies) can be conveniently used as an online digital transaction instrument for purchasing the former (blockchain ITaaS asset). We believe that this low-cost, permissionless blockchain being able to publicize the Internet route-able addresses of participating nodes (making it convenient to become a cloud server), can not only generalize blockchain assets and commodify them for many valuable usecases, but also would help to promote the use of blockchain decentralized digital currencies for wider, fairer, less speculative, and more sustainable uses.
Blockchain Operating System (BOS). Decentralized Clock. Decentralized Identity (DID). Zero-Trust Public-key Cryptography. Web3 Services.