Knowledge Base Home

Blockchain Key Concepts

Ethereum Virtual Machine

The Ethereum Virtual Machine or EVM is the runtime environment for smart contracts in Ethereum. It is sandboxed and completely isolated, meaning that code running inside the EVM has no access to the network, filesystem or other processes. Smart contracts even have limited access to other smart contracts.


The node encapsulates the EVM and is ultimately responsible for processing transactions, maintaining state and participating in p2p consensus protocols. The Kaleido platform currently offers Quorum and Geth as available client implementations. A fork of the main Geth interface, Quorum offers support for basic public transactions as well as private transactions through its ancillary “constellation” module. For more information on the Quorum client and its interaction with the constellation, please see the Private Transactions topic. The Geth client is the public Ethereum interface programmed in Golang, which unlike Quorum, offers support for solely public transactions.

Smart Contract

Ethereum smart contracts are most commonly written in Solidity, a high-level contract oriented language designed to target the Ethereum Virtual Machine (alternative languages such as Vyper or Flint can be utilized as well). Smart contracts contain the list of instructions to be executed when one of its functions is invoked, as well as optional restrictions on which parties can call a function. Solidity compiles into byte code (machine code), as do all EVM-compatible languages, and uses an application binary interface (ABI) to encode/decode data into/out of the machine code. Every deployed contract exists as an independent instance, with a unique address and state information constrained to itself.


In short, because distributed systems act independently when processing information (i.e. executing transactions) and updating state, there must be non-disputable agreement in the resulting states among the nodes. The process of achieving the agreement among the distributed nodes’ states is called consensus.

Two flavors of consensus are available alongside the Quorum client – Raft and IBFT. Raft consensus is a crash fault tolerant mechanism that provides high speed block committals, but is inherently reliant on the integrity of the “leader” node. Blocks minted in Raft consensus are not protected by either a unique hash or by validating signatures, and, as a result, it is technically feasible to modify historical data. Therefore, Raft should only be selected in scenarios of unequivocal trust. The second flavor, IBFT, is a byzantine fault tolerant protocol that follows the PBFT implementation allowing up to f number of dishonest (faulty) nodes to be tolerated in a network of 3f + 1 nodes. Additionally, IBFT offers further protections through the collection of signatures from the block proposer and voting validator nodes. Please refer to the Consensus Considerations blog post for a deeper dive on the advantages and drawbacks of each.

The Geth client currently offers clique Proof of Authority or PoA as the available consensus algorithm. PoA involves a set of nodes designated as trusted “signers” taking turns signing and disseminating blocks to the network. The algorithm prevents a signer from issuing multiple blocks in a row, and is dynamic such that the list of signers can be adjusted to protect against attack vectors.


The ledger in an Ethereum blockchain network consists of two key pieces – a hash-linked chain of blocks and a state trie. The hash chain is a cryptographically-linked series of immutable blocks that contain the record of all executed transactions on the network. Each block contains the hash of the previous block within its header, thus the term hash chain. The state trie, also referred to as world state, is the current state or value of any variables defined within the deployed smart contracts. In the case of Quorum, if a private transaction is initiated then the specified recipients will use the Quorum client’s private state trie to make state updates. Regardless of transaction class (public v private), all nodes maintain an identical copy of the blockchain. State information in an Ethereum blockchain is maintained by each node in a Patricia Merkle Trie, with the state trie of the last block containing the most up to date state information.


Transactions are the signed objects that deploy smart contract byte code or call available functions to update a contract’s state. All Ethereum transactions require a “gas” parameter representing the maximum number of computational steps the transaction execution is allowed to take. Public Ethereum requires a “gas price” for all transactions to prevent against malicious behavior, however in the scope of permissioned networks, the price can typically be set to zero. Regardless of gas price, all transactions must enter the network as a properly formed Ethereum transaction object with specified values (in hexadecimal or plaintext) for nonce, gasPrice and gasLimit, and the arguments for to, data and value expressed strictly in hexadecimal. They must also be signed with the secp256k1 private key bound to the sending Ethereum account.

A byproduct of the Quorum client’s flexibility, both public and private transactions are supported. Public transactions follow the same flow as core Geth, where all nodes use the EVM to execute the Ethereum byte code and update state in their public Patricia Merkle Trie. Private transactions make use of the constellation module and are configurable by specifying the private address (i.e. transaction manager public key) of the targeted node(s) in the privateFor parameter of the transaction payload. State information for private transactions is subsequently stored in the Quorum client’s private Patricia Merkle Trie. If a node is not specified as a privateFor recipient, it will have no visibility into the transaction inputs and rendered state information. See the Public & Private Transactions tutorial for a demonstration on transaction classes and state updates.


The majority of the Kaleido samples leverage the Web3.js client library, a popular Ethereum compatible javascript API that implements the generic JSON RPC specification. The core web3 package houses several sub modules that allow programmatic interaction with nodes, accounts, addresses, etc. Refer to the formal web.js API documentation on the available web3.eth classes and methods.  Alternative libraries (e.g. Nethereum, Web3j,, etc.) can be utilized as well; the choice is left to the developer.  Kaleido provides sample connection calls, viewable in the Video Tutorials section,  for a number of the proven libraries in use today.

Prev Anatomy of an Environment Next Private Transactions