Version: v1

For the complete documentation index, see llms.txt

The origins of sidechains and partner chains

The original side chain research set the foundations for scalability, which further evolved into a partner chain framework, where a mature network like Cardano interacts with Midnight, its first partner chain.

The evolution of scalability

Midnight builds upon a long line of research and development at Input | Output (IOG). This journey began with the 2019 academic paper Proof-of-Stake Sidechains, and continuing with the evolution of the partner chain framework that allows for secure, private computation linked to a public settlement layer.

Midnight, as the first partner chain to Cardano, inherits security from the existing, highly decentralized, mature network. This means that developers can experiment with bold new features – like programmable privacy in the case of Midnight – without having to build a resilient infrastructure from scratch.

What is a sidechain?

A sidechain is a separate blockchain that runs in parallel with, and depends on, the main chain. It acts like a specialized subsystem where developers can implement custom rules, different languages, or other performance or security features without affecting the stability or speed of the primary chain.

Essentially, the goal of sidechains is to enable blockchain scalability or new functionality, while interoperability with the main chain makes it usable. Within a sidechain system, there are typically two chains, the main chain and the side chain, that are connected via bridges. These bridges enable the transfer of assets between the chains and allow smart contracts on different chains to interact.

One of the defining features of sidechains is that they are heterogenous. This means that the ledgers in the network do not need to be clones of one another; they can vary wildly in their design and operation, as follows:

Different parties: Maintained by distinct sets of validators or miners.
Diverse consensus mechanisms: One chain might use Proof-of-Work (PoW) while another uses Proof-of-Stake (PoS), or other consensus mechanisms.
Varied assumptions: Security may rely on a majority of hashing power, a majority of stake, or even a single trusted operator (eg in a private bank ledger).

How to verify cross-chain transactions

Imagine a system of two ledgers, A and B, connected by a bridge. To maintain consistency, the maintainers of ledger B must verify that incoming transfers from ledger A are legitimate. Since maintainers of ledger B cannot automatically access records on ledger A, several verification patterns are used to achieve this:

Direct observation: Nodes on ledger B run a full node (full or light-client) of ledger A. They can access everything, but are hardware-intensive.
Certificate-based:
- Optimistic: Assumes transactions are valid unless a fraud proof is submitted.
- Signature by full population: All maintainers of ledger A collaboratively produce a stake-based threshold multisignature (like Mithril) on the state of the chain.
- Signature by a small committee: Cleverly selected to faithfully represent the whole population.

The certificate-based approaches may be further augmented by the use of SNARKs for better efficiency.

Security and the firewall property

What security guarantee do we expect from a system of ledgers interconnected in this way?

For each of the ledgers in the ecosystem, its necessary security assumption (e.g. honest majority of stake) can be either satisfied or violated. Security assumptions are considered monotone, which means that once a ledger’s underlying assumption is broken, the ledger is classified as failed. In this model, security is not recoverable; once the violation occurs, the ledger can no longer be trusted to provide its original guarantees.

To protect the ecosystem, the PoS Sidechains paper formalizes two critical requirements for the entire system:

Individual security

As long as each ledger’s specific security assumption is satisfied, it must provide the standard features, in a nutshell:

Safety: Settled transactions remain settled forever;
Liveness: Valid transactions will eventually be settled.

The firewall property

The firewall property aims to ensure that the failure of one ledger must not endanger the security of other connected ledgers. This is a vital concept in Midnight’s design.

If Sidechain A is compromised, a user on the Cardano mainnet or sidechain B should not see their assets or consensus integrity at risk. The risk of a failed ledger must be contained.

Technically, this condition is captured by requiring that in case any ledger ever fails and the list of transactions it carried is lost irreversibly, there must exist an “explanation” list of transactions that it could have contained that is consistent with the contents of all the remaining—still secure and operational—ledgers, in the sense that together they result in a valid state of the overall system.

Why this research matters for Midnight

Midnight is built on these exact principles and as the first partner chain of Cardano, the framework defined in this research paper ensures that while Midnight offers specialized ‘shielded’ transactions and data protection, the Cardano mainchain remains firewalled from it, ensuring the robustness of the whole ecosystem.

Learn more

More details on the various ways sidechains interact, how they might support each other via merged staking, and the detailed logic behind the firewall property discussed above can be found in the research paper Proof-of-Stake Sidechains.

The evolution of scalability​

What is a sidechain?​

How to verify cross-chain transactions​

Security and the firewall property​

Individual security​

The firewall property​

Why this research matters for Midnight​

Learn more​