Skip to content

R3 Corda

Kaleido supports Corda OS (open source) version 4.4, with support for Corda Enterprise coming soon.

Technical Overview

Corda is a distributed ledger technology (DLT) custom designed by R3 for enterprise use, with privacy as the foundational principle. Corda has many unique designs compared to most other blockchain technologies, most notably its not having a globally shared ledger, and only supporting private transactions involving only the counterparties plus an optional notary entity.

Corda protocol is built on a strong identity model, where every node's identity must be proven to be have been properly onboarded by using an x.509 certificate with a validated trust chain.

Signing identities only exist on the Corda nodes. Client applications in a Corda based solution are simply triggering the workflow that has already been registered on the target Corda node, and monitoring the progression of the flow. This is very different from Ethereum, where client applications plays a critical role in the transaction lifecycle, by holding the signing keys and signing transactions before they are submitted to the nodes. Essentially, Corda applications, or CorDapps for short, completely live on the Corda nodes.

Trust Model

Corda is custom designed for use in a permissioned network contenxt, where an elaborate onboarding process exists to allow trust to be established among the participants. Specifically, this is achieved by requiring every node to present an x.509 certificate that has been signed by the common trusted root of the network.

In addition, network participants' organizational identities are built-in to the certificate chain used by the nodes to communicate with each other, such that CorDapp contracts can specifically target counterparties by the organizational legal names.

A notary service in Corda plays the role of the neutral 3rd party that bears witness of the transaction event and ensuring that there are no double-spends. The notary service is a distinct group of nodes in a Corda network, and are separate from the Corda nodes that execute the contracts on behalf of the participating organizations. Therefore, trust must be assumed on the honesty of the notary service. The level of decentralization in a Corda network is directly tied to the makeup of the notary service.


Corda is entirely built on the philosophy that all transactions are “private”. Transactions are only sent to the specific counter-parties involved in the transaction. As a result, Corda architecture does not include a globally shared ledger, and Corda nodes do not broadcast transactions to the entire blockchain network as in Ethereum.

On the other hand, there must be a neutral 3rd party that can act as witness that the transaction has happened correctly, especially in terms of order relative to each other and free of double-spend. That is the role of the notary service. The notary service can be configured to run in either non-validating mode, or validating mode, depending on whether the notary is supposed to validate the transaction execution correctness or not.

Non-validating notaries only validates the uniqueness of of the inputs to prevent double-spending. This makes a privacy-preseving set up as the notary is not able to see the transaction details including the signer identities.

Note that Quorum and Hyperledger Besu provide similar private transaction support on top of the Ethereum shared ledger, where only the hash for the private transaction inputs are shared with the consensus service.

Validating notaries must look inside each transaction to check for execution correctness, so it requires full visibility to transaction details and essentially becomes a default counterparty to all transactions. As a result, using a validating notary requires higher level of trust to the organiztion operating the notary service.


Corda consensus is two parts: the nodes provide execution correctness, and the notary enforces uniqueness. The notary can be configured to validate execution correctness in addition to uniqueness check, but as discussed above it would require additional vetting and business relationships as the full transaction details from the counterparties would be visible to the notary.

Corda transactions are only concerned with bi-lateral or multi-lateral agreement among the counterparties, and as such there is no need to broadcast transactions to the whole network. Consensus in Corda is more about signatorial authorities and legal fulfillments, than distributed state consistency.

Programming Model

Corda design present some unique aspects to application developers. The smart contracts are made up of object models that should be very familiar to Java programmers: Contracts process Transactions that effect States transfers. A unique construct called Flow is used to coordinate the collaboration among the transaction counterparties to fulfill each party's own obligations. Transaction signing happens within the flow implementations. Flows can be considered the "clients" but they run on the network nodes instead of the application layer.

Corda transactions are modeled after the Unspent Transaction Output (UTXO) design, where each transaction consumes input states and produces outputs. Unlike an account model, where the account state is sequentially updated with each transaction, UTXO transactions are essentially indepdent of each other so they can be processed in parallel. The only constraint is that each transaction must consume inputs that have not been consumed already.

Smart Contracts

Corda smart contracts are JVM bytecodes that can be compiled from high level languages like Java, Kotlin and others. Of course all the developer tools built by the large Java community are applicable to developing Corda applications.

Kaleido's Corda runtime is built with JDK 11. To deploy CorDapps to Kaleido-managed Corda nodes, please compile your CorDapp jars with JDK 11.

Corda smart contract do not live "onchain", as there is no "chain", but instead must be individually administered by Corda node operators to sign, install, uninstall and upgrade.

Non-validating notaries do not need the smart contract jars deployed on them, as they are only concerned with hashes representing the inputs to check for uniqueness (must be unspent).

Industry Adoption

Corda has seen wide industry adoptions especially with the financial and insurance companies. Some of the major networks built on top of Corda include:

  • B3i: reinsurance network
  • Marco Polo: global trade finance network

For a deeper understanding of how Corda compares with Ethereum, as well as Hyperledger Fabric, visit our blog A Technical Analysis of Ethereum vs. Fabric vs. Corda