The AO Protocol: A Decentralized Open-Access Supercomputer

Sam Williams Ivan Morozov Tom Wilson Tyler Hall

[email protected] [email protected] [email protected] [email protected]
Vincent Juliano Alberto Navarro
[email protected] [email protected]
DRAFT-9
September 6, 2024

Abstract

This paper delineates the protocol of the AO com-

puter, a decentralized computing system inspired by
the actor-oriented paradigm. It establishes a single
system image capable of supporting numerous parallel
processes without the constraints typical of current de-
centralized computation models, emphasizing network
verifiability and minimized trust requirements. The
architecture of AO is extremely modular, facilitat-
ing seamless integration with existing smart contract
platforms and allowing customization across compu-
tational resources, virtual machines, security mechan-
ics, and payment mechanisms. Key functionalities in-
clude unrestricted resource utilization for hosted pro- Figure 1: The AO computer architecture takes a modular
cesses, direct integration with Arweave’s data storage approach to its construction: Each logical responsibility is
capabilities, autonomous activation of contracts, and a split into an appropriate subnet, the participants of which
comprehensive message-passing layer for inter-process
each engage in a peer-to-peer market for the provision of
coordination. This protocol focuses on providing a
their services.
terse overview of the computer’s mechanics, in order
to accompany its formal protocol specification.

protocol-enforced limitations on size and form, while also

1 Introduction maintaining the verifiability (and thus, trust minimization)
of the network itself. Further, AO’s distributed and mod-
The AO computer is the actor oriented[13] machine that ular architecture allows existing smart contract platforms
emerges from the network of nodes that adhere to its core to easily ’plug in’ to the network, acting as a single pro-
data protocol, running on the Arweave[8] network. This cess which can send and receive messages from any other
document gives a brief introduction to the protocol and process.
its functionality, as well as its technical details, such that Instead of enforcing one set of choices upon all users
builders can create new implementations and services that of the computing environment, AO is built in a modular
integrate with it. form: Allowing users to choose which virtual machines, se-
The AO computer is a single, unified computing environ- quencing models, message passing security guarantees, and
ment, a Single System Image[14], hosted on a heterogeneous payment options work best for them. This modular envi-
set of nodes in a distributed network. AO is designed to ronment is then unified by the eventual settlement of all
offer an environment in which an arbitrary number of paral- messages – each sharing the same format – onto Arweave’s
lel processes can be resident, coordinating through an open decentralized data layer. This modularity creates a unified
message passing layer. This message passing standard con- computing environment suiting an extremely wide set of
nects the machine’s independently operating processes to- workloads, in which every process can easily transfer mes-
gether into a ’web’ – in the same way that websites operate sages and cooperate.
on independent servers but are conjoined into a cohesive, AO’s core objective is to enable trustless and cooperat-
unified experience via hyperlinks. ing compute services without any practical bounds on scale.
Unlike existing decentralized compute systems, AO is ca- This allows for a radically new design space of applications
pable of supporting the operation of computation without that were not previously possible: Blending the benefits

1
 Figure 2: The inter-node communication flow while processing a typical request from a user (in this a transfer). Red
lines indicate the path of information between nodes as a result of the originating message, while the magenta and blue
lines follow the path of subsequent messages. Green lines trace an example distribution of the content of these
messages – ensuring their long-term data availability – between nodes on the Arweave network.

of smart contract applications (services without requiring 2.1 Arbitrary numbers of processes (’con-
trust in anything but code), and traditional compute envi- tracts’) running in parallel
ronments (Amazon EC2, etc.).
In AO, applications are built of any number of communi-
cating processes. Inspired by the original actor model[19]
and Erlang[16], AO does not allow processes to share mem-
2 Core Functionality ory between one another, but does allow them to coordi-
nate via a native message-passing standard. Each of these
processes can then be operated at the full speed of the com-
aos—a decentralized operating system for AO—allows de-
puting resources that are available, without interfering with
velopers to launch command-line processes that function
one another. By focusing on message-passing AO enables
like smart contracts within its decentralized network. This
scaling mechanics that are far more similar to traditional
process is similar to starting a server on a cloud service, but
web2/distributed systems environments, than traditional
with decentralization and trustless computation as key ad-
smart contracts.
vantages. These processes operate without being confined
to any particular location, enabling seamless user interac-
tions across the network. The outcome is a ‘Single System 2.2 Unbounded resource utilization in pro-
Image’—a unified, global computing platform that tran- cesses
scends physical and scalability limits, collectively used by
all participants. Essentially, AO forms a vast, scalable com- Building on the lazily-evaluated architecture of the original
puter where users can interact with any process, promoting versions of SmartWeave[25] and LazyLedger[5] later known
a highly collaborative ecosystem. as Celestia[11], nodes in the AO network do not need to
For users, AO represents a shared computer on which perform any compute at all in order to reach consensus
they can execute multiple processes. These processes are about program state transitions. State is implied ’holo-
not confined to any particular servers or under the do- graphically’ by the Arweave-hosted log of messages to the
minion of any single individual or group. Once activated, process. Compute costs are then delegated to users who
these processes deliver their services with cryptographic se- can either calculate their own states, or request execution
curity, ensuring unbiased and perpetual operation. This by nodes of their choosing.
design empowers users with the ability to rely on services
that maintain their rights consistently over time, fostering
2.3 Access Arweave, a native unbounded
a trustable environment for interaction with the system.
hard drive
When compared to existing decentralized and distributed
computation systems, the AO protocol offers a number of AO processes can seamlessly load and execute data of any
novel mechanisms and features. In this section we will run size directly into their memory and write back to the net-
through some of the core benefits it provides in turn. work. This setup eliminates the typical resource constraints

2
and enables fully parallel execution, dramatically expand-
ing the possibilities for application development beyond
the limits of traditional smart contract platforms. Con-
sequently, it opens the door to sophisticated applications
requiring extensive data handling and computational re-
sources, such as machine learning tasks and high-compute
autonomous agents.

2.4 Autonomously activating contracts

In traditional smart contract environments (like Ethereum,
Solana, Polygon, etc.), contracts ’wake up’ to perform com-
pute at the request of a user transaction. This creates an
environment in which programs are not ’live’ unless a user
interacts with them, lessening the scope of applications that
can be built on top. AO removes this limitation by allowing
contracts to have scheduled ’cron’ interactions that auto- Figure 3: Nodes from applicable subnets cooperate in the
matically wake them up and execute compute at set inter- AO computer protocol in order to fulfil user interactions.
vals. Any user, or indeed the process itself, can pay a node Each member of the respective subnets competes in a
to ’subscribe’ to a process in order to trigger the evaluation scale-free marketplace with other nodes to offer highest
of the compute at the appropriate frequency. quality of service (including minimized fees and latencies)
for end users.

2.5 Modular architecture supporting ex-

tensions to determine the trustworthiness of these messages, as de-
scribed in the below sections.
AO’s core architecture is an open data protocol that any-
one can build an implementation of. Everything – the se-
quencers, message passing relayers, and even the virtual 3.2 Messages
machine of the system—can be swapped out and extended
Every interaction with a process in AO is represented by
at will. This flexibility will allow the existing smart con-
a message. At their core, messages are ANS-104[6] com-
tracting systems in the Arweave ecosystem (Warp, Ever,
pliant data items. Users and processes (via their outboxes
Mem, et al) to plug into AO and be able to send and re-
and messenger units) can send messages to other processes
ceive messages from the unified network. This will also
on the network by way of scheduler units. Messages in
allow all of these smart contracting systems to share some
AO have semantics between that of UDP[20] and TCP[21]
of the same infrastructure and tooling, making for a more
packets: Delivery is guaranteed to occur only once, but if
coherent experience of compute on Arweave.
the message is never forwarded by a messenger unit—or the
recipient never actually processes it—then its delivery will
3 Architecture Overview not occur.

Now that we have established the purpose and features of 3.3 Scheduler Units (SUs)
the AO computer network, we will consider the core com-
ponents of its construction. The fundamental elements of Scheduler Units are responsible for the single assignment of
AO are as follows: atomically incrementing slot numberings to the messages
that are sent to a process. After assignment, schedulers are
required to ensure that data is uploaded to Arweave and
3.1 Processes thus made permanently available for others to access. Pro-
Processes are the network’s unit of computation. Processes cesses have free choice of their preferred sequencer, which
are represented by a log of interacting messages stored can be implemented in a variety of ways: Decentralized,
on Arweave, as well as an initialization data item. Pro- centralized, or even user-hosted.
cesses define their required computing environment (its
VM, scheduler, memory requires, and necessary extensions) 3.4 Compute Units (CUs)
in their initialization. While processes are represented at
the consensus level in this way, they also imply a state which Compute Units are nodes that users and messenger units
can be calculated by computing units that satisfy the re- can use in order to calculate the state of processes in AO.
quirements and choose to execute the process. As well as While SUs are obligated to sequence the messages of pro-
receiving messages from user wallets, processes are also for- cesses they have accepted, no CU is required to calculate
warded messages from other processes via messenger units. the state of a process. This gives rise to a peer-to-peer mar-
The developers of processes are given free choice as to how ket for computation, where CUs offer the service of resolv-

3
ing process state in competition with one another—trading parallel systems (machines and networks with many phys-
off price, the computation requirements of the process, and ical threads). These capabilities give rise to a ’process-
other parameters. Once computation of a state is com- oriented’ form of programming, in which the developer nat-
pleted, the CU will return to the caller a signed attestation urally splits their computation into many cooperating and
of the output (logs, outboxes, and requests to spawn other parallel components in order to achieve their goal. While
processes) of the resolution of a specific message. CUs may Erlang is not extremely well known amongst mainstream
also generate and publish signed state attestations that computing circles, it is used in a significant number of envi-
other nodes can load—optionally for a UDL[17] specified ronments where high performance is a necessity: Telephony
fee. switches[16], instant messaging services like WhatsApp[15],
etc.
3.5 Messenger Units (MUs) The AO computer derives its process-oriented approach
from Erlang directly. Erlang offers clue evidence that an
Messenger Units are nodes that relay messages around the environment in which distributed computation is achieved
AO network according to a process called pushing. In through processes that pass messages but do not share
essence, when MUs push a message around the system they memory can be highly efficient. AO applies this approach
send it to the appropriate SU for a process, then coordinate to the domain of smart contracts, while also offering a single
with a CU in order to calculate the output of the interac- system image for an Erlang-like environment for the first
tion, and then repeat the process recursively for any result- time.
ing outbox messages. This process continues until there are
no more messages to push. Users and processes can also pay
a MU to subscribe to a process, pushing any messages that 4.3 Smart Contracting Platforms (Ex.
result from its timed cron interactions. Processes can also Ethereum)
optionally label a message as a cast—leading the MU to
Ethereum is a decentralized computing network in which all
send the message to its SU, but not listen for a response. In
users share memory and a single thread of execution. Orig-
this way, AO is able to provide a vibrant environment that
inally based on an idea of adding Turing Complete compu-
gives users and processes maximal choice—VM, payment
tation to a blockchain[2], Ethereum morphed into a project
method, scheduler type, messaging security, and more—
to build a ’world computer’[18]. Upon launch, Ethereum
without requiring consensus on costly computation itself.
was able to demonstrate the power of trustless computa-
tion of arbitrary code – without the production of an inde-
4 Related Work pendent blockchain network – for the first time. While the
network gained immense traction with users and develop-
There are no direct analogies to draw upon that describe ers, the core network’s throughput has not improved since
what AO is and the experience of using it. There are, how- it launched in 2015.
ever, many adjacent projects and networks that can be used Instead of attempting to scale the base network past the
to contrast with AO in order to elucidate its properties. In processing capacity of a single, small thread of execution,
this section we discuss each in turn. the Ethereum ecosystem has pivoted to a ’rollup-centric’
roadmap[1]. This approach to scaling focuses on support-
ing additional ’rollup’ networks that inherit some[24] of the
4.1 The Actor Model properties of Ethereum, but not all of them. At the time
The Actor Model, introduced by Carl Hewitt, Peter Bishop, of writing, there are 14 rollups in the Ethereum ecosystem
and Richard Steiger in their paper, A Universal Modular with more than $100 million of total value represented in
Actor Formalism for Artificial Intelligence[19], serves as a their programs. Each of these 14 rollups represents another
foundational framework for understanding and implement- single thread (a ’process’ in AO terms) of computation that
ing concurrency in computer systems. This model posits can be performed in parallel. By building from the ground-
that the fundamental unit of computation is the “actor,” up to focus on parallel execution rather than shared mem-
an entity that can make local decisions, create more actors, ory, AO offers a completely novel architecture that supports
send messages, and determine how to respond to messages an arbitrary number of independent processes, while main-
it receives. This approach to system design and program- taining the ability for programs to be decentralized and
ming facilitates the creation of distributed, highly concur- trustless.
rent, and scalable applications.
4.4 Decentralized Compute Marketplaces
4.2 Erlang
In traditional smart contract platforms such as Ethereum,
AO is largely inspired by the Erlang computing environ- a shared-thread architecture restricts each user to only exe-
ment and its programming language. Erlang is an im- cuting small computational tasks. This inherent limitation
plementation of the actor model which offers extremely constrains both the complexity and scalability of opera-
lightweight processes, handled by schedulers in the run- tions on the network, thereby impeding the potential for
time, in order to enable efficient utilization of massively more computationally intensive smart contracts.

4
4.4.1 Decentralized Large-Scale Computing Net- processes can send messages to each other to facilitate com-
works munication.
Unlike AO, Urbit does not achieve decentralized consen-
Several networks, such as Akash[4], aim to facilitate large-
sus on its interaction logs. Practically, this means there
scale computing in a decentralized context. Unlike plat-
is no canonical agreement or guaranteed availability of its
forms that prioritize verifiable and reproducible computa-
‘rollups’ — consequently, the state of its processes remains
tions, Akash and similar networks provide a decentralized
uncertain. In this respect, Urbit shares characteristics with
marketplace for container hosting services. This model sup-
Akash and other decentralized compute marketplaces but
ports the execution of traditional, non-deterministic pro-
also allows for the verifiable migration of computation from
grams on x86 architecture physical machines, though it
one host to another, if the host is agreeable to the transi-
compromises the ability to create trustless services char-
tion. AO advances this model by ensuring that logs of mes-
acteristic of smart contracts.
sages to a process are accessible via Scheduler Units (SUs),
which upload them to Arweave. This enforcement of log
4.4.2 Advancements in Virtual Machine Technolo- availability decentralizes user processes—no longer confined
gies to a single computation node—allowing their state to be re-
solved by a distributed network of Compute Units (CUs) in
AO allows developers to choose their preferred Virtual Ma-
real-time. This architectural difference provides AO with
chine (VM), with the initial reference implementation fo-
the necessary attributes for deploying trustless smart con-
cusing on WebAssembly (WASM). WASM containers in
tracts and supporting a vast number of processes. This
AO can manage up to 4 GB of memory—a limit expected
capability is further enhanced by the fact that processes
to increase with the adoption of WASM64, thereby en-
can be holographically represented; their message logs are
abling prolonged duration computations. The rich com-
permanently accessible, even without any CUs currently
pilation tools within the WASM ecosystem support a di-
attached to execute them.
verse range of programs, exemplified by recent uses in exe-
cuting LLM transformer models[10], speech recognition[9],
and compute-heavy image manipulation software like Pho- 4.6 Internet Computer Protocol
toshop[3] in web browsers.
The Internet Computer Protocol (ICP) shares some objec-
tives with AO, such as creating a decentralized verifiable
4.4.3 Holographic State Mechanism in AO
computation environment. However, the mechanisms and
Despite its substantial computational capacities, AO main- architectural choices within ICP diverge significantly from
tains traditional smart contract execution capabilities due those of AO, leading to different operational paradigms and
to its holographic state mechanism. Rather than achieving potential limitations.
consensus on the state of the computation itself, AO en- ICP employs a single Byzantine Fault Tolerant (BFT)
sures that logs of interactions are recorded and accessible mechanism across its ’subnets’, a design choice that man-
on Arweave. This setup projects a ‘hologram‘ of the state, dates consensus on the results of computations. This ne-
meaning that while the state may not have been computed cessitates that every node within a subnet execute every
by any participant yet, it is guaranteed to always produce step of each computation, inherently limiting the amount
the same outputs when computed. Furthermore, the holo- of computation that can be feasibly performed due to scal-
graphic state system, powered by message logs on Arweave, ability constraints. Furthermore, ICP adopts a monolithic
allows AO processes to react to implied messages on a timed protocol structure, enforcing uniform consensus and execu-
basis, thereby facilitating proactive actions. tion parameters across all resident containers.
Coupled with its holographic state mechanism, AO also By contrast, AO employs a modular approach, where
offers a distributed network of Compute Units that provide different network responsibilities are segmented into sub-
cryptographically signed attestations about the results of components with flexible parameters. This design philoso-
computations. These compute nodes engage in a compet- phy extends, for example, to allowing processes within AO
itive market, which serves to reduce the costs associated to choose their virtual machines and security parameters
with resolving the holographic state, thereby enhancing ef- — defining an environment tailored to their specific needs
ficiency for users. rather than conforming to a one-size-fits-all model.
Additionally, AO’s core design focuses on achieving con-
4.5 Peer-to-Peer VM hosting sensus around the inputs to processes, rather than exclu-
sively on the outputs. This approach permits processes
Urbit[26] is a peer-to-peer computation system with some in AO to operate for any desired length of time, enhanc-
similarities to AO. By focusing on the transfer and avail- ing the system’s adaptability and application scope. More-
ability of interaction logs, Urbit offers a distributed com- over, AO’s governance is minimized, resembling Bitcoin’s
pute environment where ’servers’ can be ported from one model, where the network operates in a truly permission-
physical host to another. During the transition, the log less manner without the intervention of any controlling or-
of interactions with the hosted computation can be exe- ganization. In contrast, ICP employs a governance-heavy
cuted to recalculate the current state. Additionally, Urbit approach where a DAO can revoke participation rights and

5
has the authority to de-platform any container it deems nec- signature produced by the MU. Each process has the au-
essary. This centralized control is akin to a public-company tonomy to decide how to respond to messages from different
operated by its shareholders, potentially leading to discrim- signers, allowing them to choose their own security model
inatory practices against certain protocol uses. based on their needs. This setup enables various security
Furthermore, ICP’s security model is based on node op- mechanisms with different trade-offs (like latency, cost, and
erators undergoing ‘KYC’ processes with the DAO, lacking efficiency). Further, each process’s state transitions can
protocol-enforced economic incentives that guarantee exe- be calculated independently, without relying on messages
cution fidelity. This contrasts with AO’s economic model, from other processes, allowing the network to scale without
which is designed to foster a competitive, open market that needing to fully verify all processes for any single message
naturally aligns node behavior with network health through validation.
economic incentives. Security mechanisms in the AO network are based on a
universal principle: Attestations on the outcomes of mes-
sage interactions with processes should be cryptographi-
5 Network Security cally validated and economically secured. The AO data
protocol provides cryptographic validation, while the AO-
The AO protocol adopts a modular approach to its tech- Sec Origin security process ensures economic security. To
nical architecture, imposing minimal specific requirements achieve this, the AO-Sec process allows any network par-
on its resident processes. This principle extends to AO’s ticipant to:
security mechanisms as well. The core components of the
network—its data protocol, sub-unit role division, and in- • ‘Stake’ a token representation of economic value in the
tegration with Arweave—offer a framework for building se- process itself. While staked, this collateral may be
cure computations without mandating a single approach subjected to votes that may lead to its ‘slashing’ –
for all resident applications. This flexibility enables the removal from the ownership of the ‘staker’ – upon the
network to adapt to a wide variety of use cases, supporting agreement of other stakers.
its mission to provide a universal protocol for decentralized • Deposit economic value into a ‘sub-staking’ process,
computation. In this section, we explore the construction granting it authority over the funds, allowing it to
of AO’s modular network security architecture, the formal slash or return them according to its own rules. self-
process model that underpins it, and two exemplar security administered rules.
processes that will be available in the live network: ”AO-
Sec Origin’ and SIV. Afterwards, we will present the eco- As an additional feature, The AO-Sec Origin process also
nomic fundamentals that set the base for a market around offers ‘back-stop’ liveness and Scheduler Unit (SU) failure
this security model. recovery mechanisms, detailed in section 5.6.1.

5.1.2 Economic Security

5.1 General Overview of the Security
Model The AO network requires a native token to support all
safety mechanisms, implementing economic security for
In addition to allowing varied security mechanisms to be processes that rely on the protocol. As a consequence, the
layered on top of its data protocol and data replication AO token is introduced into the system to underpin the
system (Arweave), AO supports the stacking of security network’s ’AO-Sec Origin’ security process. It serves as a
processes on top of one another, enabling users to freely liquid and common unit of value for additional economic
combine their benefits and trade-offs. Two such mecha- mechanisms layered above it, as described in the section
nisms are: ’AO-Sec Origin’, which provides rehypothecat- above. In order to achieve this in the most neutral way
able collateralized message passing, and SIV, a mechanism possible, the token’s launch mechanics have been designed
for incentivizing Sybil-resistant attestation sets for network
to closely resemble Bitcoin’s monetary policy and have been
actions (see sections 5.6 and 5.7 respectively). While theseoptimized to effectively bootstrap the network’s economic
systems can be used independently, stacking them together security layer. Thus, AO has no preordained token alloca-
yields both Sybil-resistant and collateralized message trans-
tions for any type of network participants. Instead, every
mission. To further showcase how modular security en- token is distributed proportionately to the value of assets
hance the network, we now describe how security can be introduced into the system, with all movements generating
passed along processes by means of staking economic value. demand for economically secured message passing. These
mechanisms are described in detail in Section 7.
5.1.1 Hierarchical Security With the introduction of the AO token, an economic
framework emerges from which any number of downstream
Processes in AO operate independently with deterministic security mechanisms can be constructed. These security
verifiability of their individual states. As previously de- mechanics reside in their own AO processes, which users can
scribed, processes coordinate through a system of message deposit their AO tokens into in order to participate. Rather
passing, relayed by Messaging Units (MUs). Each of these than offering a single security mechanic that is globally ap-
relayed messages comes with a cryptographically verifiable plied to all users, choice is instead granted to both staked

6
service operators and clients to find a mutually acceptable Notably, as the ao data protocol focuses on providing
means of interaction. As a result, a market is created in a universal format for decentralized and verifiable compu-
which varied security mechanisms compete for acceptance, tation, it does not enforce a specific virtual machine, nor
while a unified token offers a mutually admissible liquid any associated parameters. Subsequently, when a devel-
unit of economic value to underpin them. oper creates a new process on ao, they can specify all of
The versatility of this security model will allow for the the parameters necessary for units in the system to deter-
possibility to leverage new technologies, such as ZK proofs, ministically execute it. These parameters are added as tags
to validate the integrity of messages within the network on the spawning data item and may include (but are not
without the need of the core AO protocol to undergo any limited to):
changes. However, economic security will continue to be es-
sential for providing message ordering and data availability. • The maximum amount of memory that the process
Only significant breakthroughs in distributed and crypto- should be able to use.
graphic systems, which are not anticipated in the near fu-
ture, could jeopardize the integrity of this economic model. • The maximum number of operations (optionally
In summary, when considering the totality of all of its weighted, according to the specification of the virtual
components, AO’s technical and security mechanics offer a machine) that the process may consume while evalu-
radically novel techno-capital construction. The network ating a single message.
provides its users:
• Any extensions to the virtual machine that the pro-
1. A trustless computing environment that supports an cess requires (access to a virtualized local file system,
arbitrarily sized workload; hardware-optimized encryption instructions, etc.), as
defined by the virtual machine specification.
2. Efficient markets for the provision of each of the ser-
vices inside that environment; The state of Pi at a given time step, S(Pi ), is determined
by:
3. Customizable, user-defined security mechanisms that
S(Pi ) = F (Logi , Envi )
allow many varied workloads with differing require-
ments to exist in parallel and interoperate with one where F is a function, defined by Envi , computing the state
another; based on the message log.
The outbox of new messages to be sent to related pro-
4. A novel, and more coherent token economic model for a
cesses as a result of a message is described as follows:
network that does not experience block-space scarcity.

In the following section, we set to formalize the general Outboxm = F (Logi , Envi , m)
risk model for AO processes, which will allow us to ana- where m refers to the originating message.
lyze how different AO (sub-)staking security modules ad-
dress specific protocol needs. The two main modules that
dissipate these risks are ’AO-Sec Origin’ and ’SIV’ – a sub- 5.2.2 Messages
staking process of AO-Sec which offers a simple and fast
Let Mij represent the j th message in Pi . Mij is represented
AO attestation consensus protocol.
as an ANS-104 compliant data item. The delivery status
D(Mij ) can be represented as:
5.2 Formal Security Model of the AO (
Computer 1 if delivered
D(Mij ) =
To develop a coherent model of threat vectors in the AO 0 else
network, we need to define its core components: processes,
messages, and attestors. With this foundation, we can then The AO data protocol employs at-most-once delivery se-
examine the key roles in the protocol, their behaviors, and mantics, as detailed in [22], atop which additional guar-
the specific threat models associated with each. antees are provided by the maintenance of message logs
on Arweave through its data persistence protocol. These
guarantees ensure that undelivered messages that result
5.2.1 Processes
from Pi may always been delivered later by re-computing
Let Pi represent the ith process. Outbox(Pi ) from its message log on Arweave.
Define Pi = (Logi , Initi , Envi ), where:
5.2.3 Attestations
Logi is the ordered sequence of all messages for Pi .
Initi is the initialization data for Pi . Let SU denote the stake for a unit performing attestations
U , representing the value of locked tokens committed by the
Schedi is the scheduler for Pi .
unit to ensure economic security for action it is involved in.
Envi is the computing environment for Pi . The stake is defined as:

7
 5.4.1 Mechanics

SU =tokens committed by S in a staking process. Should Attestj be determined to be incorrect by other par-
ties in the staking process, they should have the author-
SP =the active staking process of the attestor.
ity to commence a slashing operation against SCU . Subse-
Once staked, the tokens SU for any A may be subject quently, M U s can employ the results of λ(Pi , mj ) from a
to slashing as a result of malicious behavior, in accordance CU, with economic guarantees bounded by SCU , ensuring
with the ruleset of its active (sub-)staking process (SP ). a secure and reliable framework.

5.3 Scheduler Units 5.5 Messenger Units

Upon receiving a message m, a SU, denoted as SUPi for Messenger Units (MUs) act on behalf of the user in order
process Pi , performs the following operations: to move messages between processes in the system. By per-
forming this task, called pushing, MUs are able to orches-
1. Assignment: SUPi assigns m a unique incremental trate any number of processes in order to perform specific
nonce, n, reflecting the order of receipt relative to other tasks for users.
messages within the same process. This assignment is
formalized as: 5.5.1 Mechanics
a(m) = (m, n, σ(SUPi , m, n)) 1. M Um receives a message mi from a client or user.

where σ(SUPi , m, n) denotes the cryptographic signa- 2. The message mi is then forwarded to the scheduler SUk
ture of SUPi over the message m and its nonce n. for assignment and publication, ensuring it receives a
unique slot in the process’s ordering.
2. Persistence: The signed assignment, along with the
message, is persisted onto the Arweave data layer, en- 3. M Um requests the outbox of a chosen CUl for any
suring its availability and integrity within the network. new messages that have been generated as a result of
processing λ(Pi , mi ).
5.3.1 Mechanics
4. If there are new messages in the outboxes, M Um takes
Secure staking processes should SUPi , denoted as SSUPi , each new message, signs it, and forwards it to the ap-
should be subject to slashing by an acceptable and active propriate SUk , recursively continuing the process.
staking process SP under the following conditions:
The recursion ends when there are no more new messages
1. If SUPi fails to perform the assignment for m or mali- given by CUl for all prior messages, signifying the end of
ciously drops m, SSUPi will be slashed to penalize the the processing cycle for the user’s interaction.
non-compliance.
(
¬a(m) ⇒ Slash(SSUPi ) ∅ if M = ∅
Push(M Um , M ) =
Process(M, M Um ) otherwise
2. If SUPi performs the assignment for m but fails to
persist the signed assignment and message onto the where;
Arweave data layer, resulting in a ‘gap’ in the log for
Pi , SSUPi will also be slashed.
{SUk (σ(M U, m)) | m ∈ M }
¬P ersist(a(m)) ∨ ¬P ersist(m) ⇒ Slash(SSUPi ) Process(M, M U ) =
∪ {Push(M U, CUl (m)out ) | m ∈ M }

3. Assigning a slot more than once with the same nonce

to different messages: σ(M U, m) returns m signed with MU’s private key.
∃m1 , m2 ; m1 ̸= m2 ∧A(m1 )n = A(m2 )n ⇒ Slash(SSUPi )
5.5.2 Message Acceptance
5.4 Compute Units Messages are propagated via P ush(M Um , m), either di-
rectly by the Messenger Unit M Um or by external initia-
Compute units execute the virtual machine (defined by
tors. Upon receipt, processes evaluate these messages and
Envi ) function λ for Pi on given a message:
their signatures to decide on subsequent actions: either to
λ(Pi , mj ) = ⟨ΦPi , Outboxj , Attestj ⟩ engage (α), ignore (ι), or request re-transmission with dif-
ferent security parameters (ρ). These may include using an
where ΦPi is the new process state, Outboxj is the set of alternate security subprotocol (a different staking process),
any resulting outbound messages, and Attestj is a signed or a different stake quantity or time. This protocol em-
attestation of the computation. powers processes within the AO network to delineate their

8
security requirements for message interaction, symbolically 5.6 The AO-Sec Origin Process
represented as:
We now examine the function and design of the ‘AO-Sec
 Origin’ process, which serves as the backbone of security
α, if security criteria are met,

on the AO network. This foundational process underpins
Decision(Pi , m, σ) = ι, if it is to be disregarded, the economic security mechanisms for all subordinate mech-

ρ, if re-transmission is required.

anisms within the network, ensuring robust network in-
tegrity.
In the event that M Um is discovered signing an invalid The AO-Sec Origin process acts as the primary custo-
message, stakers within the given staking process should dian and issuer of the network’s staking tokens, holding
enforce a slashing operation against the stake of M Um , de- ownership records and user-defined properties regarding all
noted as SM Um . stakable units. It also provides the back-stop security func-
tions for the reliable operation of the network, including
¬M U m ⇒ Slash(SM Um ) staking, slashing, and unstaking of tokens. Finally, AO-Sec
Origin facilitates the reassignment of processes in response
Moreover, should the invalidity stem from a Compute to failures or breaches of protocol by Scheduler Units (SUs),
Unit’s (CU ) attested result, λ(Pi , mj ), M Um may assert such as liveness issues or double-signing.
a claim against the CU’s stake, SCU , contingent on the
staking process’s framework. This relationship is defined 5.6.1 Trustless Scheduling Guarantees
as:
¬λ(Pi , mj ) ⇒ T ransf er(SCU , SM Um ) The Ethereum ecosystem has successfully pioneered a novel
approach to ‘sequencing’ (giving unique ordering to, and
ensuring availability of) transactions in decentralized net-
5.5.3 Stake Aggregation works [1]. Rather than focusing on providing traditional
To securely relay messages across the network, MUs may Byzantine Fault-Tolerance (BFT) to every transaction in
need to aggregate attestations from multiple CUs to meet normal operating conditions (which incurs significant costs
the security requirements of the processes. This aggrega- – both in performance and economic burden), equivalent
tion ensures that the combined stake is sufficient to up- safety can be provided by the ability to trustlessly fallback
hold the integrity and trustworthiness of the message being to traditional decentralized consensus only when necessary.
transmitted. In this paradigm, users gain the full benefits of decentral-
The process of stake aggregation operates as follows: ization (liveness, censorship resistance, and trustlessness),
without the necessity of bearing the cost of multi-party
1. A MU identifies the security requirements specified by consensus upon sequencing. Concretely, the communica-
the process for a given message. tion complexity of AO’s approach compares to traditional
blockchains as follows:
2. The MU then collects attestations from available CUs,
each contributing a portion of the required stake. Network Best Average Worst
AO Network Ω(1) O(1) O(n log n)
3. These attestations are aggregated into a single stake Traditional Blockchain Ω(n log n) O(n log n) O(n log n)
bundle, effectively pooling the security guarantees
from multiple sources. Table 1: A comparison between the communication
complexities of message settlement on AO and traditional
4. The aggregated bundle is then relayed through the
networks [12].
Scheduling Unit (SU) to the process (operated by a
CU).
Scheduler Units can encounter three primary types of
This bundled approach to stake aggregation allows for a faults, each of which has a different resolution mechanism
streamlined and efficient transmission of secured messages, in the AO-Sec Origin process. Their details are as follows:
ensuring that each message meets the predefined security 1. Liveness: In which a processes active SU (SUp in our
criteria before it is processed by the recipient CU. More- formal model) is offline or non-responsive to requests
over, by utilizing a composite of attestations, the system to schedule specific messages (censorship).
enhances the resilience and fault tolerance of message han- Resolution: At any time, any network participant
dling, distributing the risk among multiple CUs and thereby may raise a challenge on the AO-Sec Origin process
mitigating potential points of failure. for the responsible SU to schedule any message onto
[ Logi for process Pi . If the SU does not respond to the
Aggregate(M Um , m) = σ(CUi , m) challenge within the given period (set by the process
CUi ∈C during initialization), Pi becomes unhosted.
At the discretion of the CU or the process itself, attesta- 2. Double Assignment: A malfunctioning or malicious
tions from specific CUs may be required. SU may provide two signatures for the same ‘slot’ for

9
 a process (∃m1 , m2 ; m1 ̸= m2 ∧ A(m1 )n = A(m2 )n ), issues of honest or dishonest majorities in the AO-Sec Ori-
leading to ambiguity in the ordering of messages. gin staking committee. The result of this, is that processes
Resolution: Upon acquiring evidence of a double as- that do not choose to be exposed to optional voting me-
signment of slots (A(m1 )n and A(m2 )n ), any partici- chanics (typical in modern PoS networks) have mechanistic
pant in the network may submit both assignments to trustless operation guarantees that do not require them to
the AO-Sec Origin process. This causes Pi to become have faith in the integrity of the node operators over time.
unhosted. Notably, (m1 )n (the first mn to be submit- In order for the AO-Sec Origin process to confer the
ted to the process) becomes the selected message at trustless guarantees listed above, it itself must be hosted on
Logi for Pi . This essentially performs the function of a more traditional blockchain. Because AO’s data protocol
‘fork recovery’ in a traditional blockchain, restoring an allows free choice of the type of SU that a process resides
unambiguous total ordering to the process. on, AO-Sec Origin is able to use Arweave’s Byzantine Fault
Tolerant (BFT) consensus algorithm [7] as its host. This
3. Non-Publication: Sometimes, due to negligence or mechanism functions in the same way as SmartWeave and
malfeasance, the entity scheduling a process might fail other, first generation smart contracting techniques on Ar-
to publish a message for which it has provided an as- weave [25]. By operating in this way, liveness of the AO-Sec
signment (A(m)n ). If this happens, a Computation Origin process is ensured, thereby extending these proper-
Unit (CU) attempting to calculate the state S(Pi ) for ties to all processes within the AO network. These proper-
a process, as Logi would be incomplete. ties even extend to any other sub-staking security processes
Resolution: Any participant in the network can raise inside AO: In the event that their SU stops hosting them,
a challenge, requiring that the Scheduling Unit SUP these processes can fallback on Arweave’s robust BFT con-
(or any other interested party) publish the message mn sensus. This system allows for rapid transaction process-
directly to the AO-Sec Origin process within a speci- ing by these sub-staking processes under normal conditions,
fied timeout window. If the challenge fails, the process with the security of traditional BFT mechanisms available
Pi becomes unhosted at Logn−1 . Unlike other AO-Sec in emergency situations.
Origin operations, non-publication challenges may in-
volve the forced publication of large messages, which
can be costly. To mitigate this burden, processes have 5.6.2 Markets for re-hosting processes
the following two options at their disposal during ini-
tialization: In the event of challenge failures in AO-Sec Origin, pro-
cesses may be moved to an unhosted state. In order to
(a) Specifying additional non-publication chal- trustlessly resolve these scenarios, any willing SU may send
lenge processes: During launch of a new com- an unscheduled (unreplicated, or assigned) ‘dry-run’ mes-
putation, users may choose to specify an addi- sage to the process in order to gain its assent to become
tional process that must be monitored by its the host for the process. In an unhosted state, the process
corresponding SU in order to respond to non- is unable to send messages to other processes or change its
publication challenges. These processes imple- state (as the dry-run input message to the process itself has
ment the same interface as the AO-Sec Origin not been assigned a slot), but it is able to respond to the
process, operating as sub-staking modules on the caller in expressive ways. It may:
network. In the event of SU faults on the ad-
ditional non-publication challenge process, they 1. Accept the SU’s offer to become its host (accepting the
too can fallback to the AO-Sec Origin process, fees that the SU quotes for its operation).
due to the hierarchical security structure that it
provides. SU operators may choose at their dis- 2. Ask for further information from the SU. In this sce-
cretion to charge greater fees to host a process nario, the SU is able to retrieve this information and
that has additional non-publication challenge ad- dry-run the interaction with the process again. Despite
dresses specified, as they must observe the process the lack of ability to modify its own state during its
to check for challenges over time. unhosted phase, through this mechanism the process
(b) Allowing stakers to vote on data availabil- is still able to interact with the full AO environment
ity: Some processes may choose to allow staked in order to decide whether to accept the offer.
members of the AO-Sec Origin process to vote on
whether the data is available, rather than forc- 3. Reject the offer without further request.
ing publication of the data itself. If the process
specifies this option, the cost of forced-publication Once a SU has produced a message that leads to an affir-
may be saved (which may be reflected in a lower mative response from the process, they may submit their m
hosting fee by SUs), but creates exposure for the to AO-Sec Origin in order to become the valid host (SUp )
process to the majority of the stakers’ opinions. for the process. Through this mechanism processes are able
to ‘negotiate’ with would-be hosts and gain the necessary
Notably, in every resolution scenario aside 3B (an op- information needed to decide the most appropriate new SU,
tional, secondary approach) the process is not exposed to avoiding any need for ‘forced-assignment’ by votes.

10
5.6.3 Sub-Staking and Sub-Ledger Processes

The parallel design of the AO network allows for the im-

plementation of further sub-staking and sub-ledger mech-
anisms. These ’child’ processes enable the deployment of
AO tokens across a wide variety of security frameworks and
payment systems:
Sub-Staking Processes: These processes offer cus-
tomizable security configurations to cover the spectrum of
diverse needs of network participants. By enabling bespoke
security, the network grants participants with high adapt-
ability and robust protection for their processes, ensuring
close alignment with their specific requirements.
Sub-Ledgers: Sub-ledgers are processes that enable the
parallel execution of payments while holding a token bal- Figure 4: Utilizing the SIV sub-staking process
ance in the parent process. They are versatile, capable of significantly reduces the probability of deceptive actions
extending beyond mere token storage to include a range by an attacker with each additional attestor, while the
of functionalities that enhance transaction processing effi- costs for clients increase linearly with more stake-time
ciency. As delineated in the AO Token Specification, sub- access.
ledgers facilitate the seamless transfer of tokens between a
parent process and its child processes, provided these ad-
here to the established token interface standards [23]. Trust 3. Improved guarantees on the single-assignment of slots
in the originating module of a sub-ledger allows for users to for processes.
be represented by the process with the parent token without
direct intervention, thereby circumventing potential bottle- The operational framework of SIV includes a determinis-
necks in the primary process. Additionally, if the module tic ordered set of attestors assigned to audit other stakers’
(its compiled code) managing a sub-ledger is considered activities. Clients requiring staked operations can mandate
trustworthy, the balances maintained across these processes the inclusion of SIV, specifying the necessary number of
may be regarded as fungible. Tokens received from one sub- attestors’ signatures for result validation. This flexible at-
ledger of a parent (in this case, the AO-Sec Origin process) testation requirement allows clients to effectively balance
may be deemed indistinguishable from those received from their needs for security, cost, and latency.
another. This architecture permits an indefinite expansion SIV’s consensus mechanism is notably streamlined, al-
of parallel processes, which in turn is capable of supporting lowing for users to choose between complete consensus on
an indeterminate volume of simultaneous transactions. results when needed, or otherwise operate with partial con-
Through this structure, the security properties of the sensus to increase efficiency. In other words, clients can
AO-Sec Origin process are transitively applied to custom- define the exact number of participants needed for a given
built security mechanisms downstream while enabling pay- action, thereby controlling the cost and latency impacts of
ments in the network’s native token at arbitrary throughput consensus on outputs. This strategic choice empowers users
rates. to achieve complete consensus on results, while normally
operating with partial consensus which remains computa-
tionally efficient at O(1) complexity, contrasting with the
5.7 Exemplar Sub-staking Process: SIV O(n) complexity typical of full blockchain networks.
The SIV sub-protocol enhances the foundational security SIV primarily enhances security by providing Sybil-
features of AO’s staked message transfer system by intro- resistant attestations. These complement AO’s economic
ducing an additional layer of Sybil-resistance, ensuring the safeguards, such as the over-collateralization of messages
possibility to stake in single-assignment mode, and bol- based on their potential economic impact. By achiev-
stering data availability guarantees. Particularly, SIV in- ing consensus on messages and actions through stochas-
tegrates a lightweight, low-latency consensus mechanism tically validated attestations from a dynamically sized set
through result attestations, tailored for deployment in spe- of attestors, the likelihood of a staker deceiving a client
cific scenarios within the AO network as per requests by decreases exponentially with each additional attestor in-
either a process or a user. These scenarios include: volved, as illustrated in Figure 4.
The probability that all attestors are Sybils controlled by
1. Consensus among Sybil-resistant staked parties on an attacker is mathematically represented as:
messages resulting from network computations.  s n
P (s, n) =
100
2. Enhanced assurances against the rehypothecation or
’re-staking’ of security collateral within the fraud de- where P denotes the probability of all attestors being Sybil,
tection time frame specified by a message recipient. s represents the stake percentage controlled by the attacker,

11
and n indicates the number of attestors requested by the rewards are eliminated and transaction throughput is as-
client. sumed to be infinitely scalable. Under these conditions,
The operational sequence of a SIV sub-staking process is the scarcity of block space would effectively be nullified,
detailed as follows: leading to minimal transaction fees. Consequently, the eco-
nomic incentives for network participants to maintain secu-
1. Any party can trustlessly initiate a new process with rity would be significantly reduced, thereby increasing the
the SIV module by specifying operational parameters vulnerability of transactions to potential security threats.
such as memory and instruction limits, supported VM
Solana exemplifies this theoretical model in practice, il-
environments, minimum stake time periods, and fraud
lustrating that as network scalability increases, fee revenues
penalties.
correspondingly diminish. In the absence of substantial
2. Post-initialization, AO service operators meeting the transaction fees, the principal source of security funding
SIV criteria can partake by aligning their tokens with is derived from block rewards. These rewards essentially
the SIV instance via the AO-Sec Origin process. function as a tax on token holders, manifesting either as op-
erational overhead for those electing to stake their tokens
3. With the closure of each epoch, the process entropy personally, or as a gradual dilution of their proportional
is renewed, integrating new stakers and reshuffling at- ownership within the network for those who abstain from
testor sequences to ensure comprehensive coverage of staking.
all active stakers. Earlier, we presented the need for an AO token as a uni-
4. Stakers aggregate necessary attestations to fulfill client fied representation of economic value to support security
requests, optimizing response times by paralleling at- mechanisms within the network. Below, we discuss how
testor responses. the market for security emerges in AO, how participants
can benefit from dynamic stake exclusivity and how this
5. Clients validate these attestations against the current market reaches equilibrium by calibrating its parameters.
attestor set, ensuring all responses are duly signed and
relevant.
6.1 Establishing a Market for Security
6. Stakers can issue a termination notice at any time, al-
lowing them to withdraw from attestation obligations In contrast to the examples above, AO introduces a novel
and transfer their duties to the next staker in the se- approach where users purchase the specific level of secu-
quence. rity required for each message they send. This model al-
lows users to ”insure” their messages to the level of security
5.7.1 Ensuring Attestor Liveness deemed necessary by their counterparts, facilitating a tai-
lored and efficient allocation of security resources. This
In order to address any unresponsive or non-compliant au- direct relationship between message security and user ex-
ditors, SIV incorporates a mechanism to automatically re- penditure obviates the need for subsidizing security through
move them from the committee after a preset duration. block rewards or collective fee-bargaining mechanisms.
Should an auditor fail to respond to a staker’s challenge Furthermore, AO’s model creates a competitive market
within a preset duration, they are automatically removed for access to the network’s stake that underpins security.
from the committee. This ensures continued responsiveness Since security is purchased on a per-message basis, a dy-
and reliability within the network. However, to prevent po- namic marketplace for staking emerges, where the price of
tential abuse of this system, stakers initiating a challenge security is determined by supply and demand rather than
must pay a fee. This fee, calculated as a stake-weighted fixed network rules. This market-driven approach promotes
average of all stakers’ proposed rates, is burnt to regulate efficient pricing and allocation of security resources, provid-
the token supply and align staker incentives towards main- ing robust security tailored to the actual needs of users and
taining a robust, fair-priced attestation mechanism. avoiding the one-size-fits-all model of traditional network
mechanics.
This economic model not only enhances efficiency but
6 Economic Model also aligns the incentives of all network participants by di-
The typical economic model of blockchain networks like Bit- rectly correlating the cost of security with its consumption.
coin, Ethereum, and Solana, revolves around the concept This alignment potentially reduces the overall operational
of buying access to scarce block space, with security being costs of the network.
subsidized as a byproduct. Users pay transaction fees to in-
centivize miners or validators to include their transactions 6.2 Stake-Exclusivity Periods
in the blockchain. However, this model inherently depends
on the scarcity of block space to drive fee revenue, which An integral feature of AO’s security framework is the im-
in turn funds network security. plementation of ’stake-exclusivity’ periods. This security
In the context of Bitcoin’s security architecture, which mechanism enables the recipient of a message to designate
is fundamentally underpinned by block rewards and trans- a specific time window during which the stake used to se-
action fees, consider a hypothetical scenario wherein block cure the message is exclusively reserved—preventing it from

12
being ‘double spent’—for that particular message’s trans- 8% annual return, is $2.28. Message recipients are em-
mission. Throughout this exclusivity period, the staked powered to select their preferred over-collateralization ra-
collateral is locked, rendering it unavailable for other uses, tio and stake-exclusivity duration, effectively balancing risk
thereby ensuring its availability for potential slashing if dis- against the cost of service access. This flexibility is a tes-
crepancies in the message are later identified. tament to the network’s underlying economic principle: of-
This feature significantly enhances the trustworthiness fering a customizable environment where users and services
of the transmission process by allowing recipients to set can adjust parameters—such as stake amounts and time-
a ”stake-exclusivity” period that matches the security re- frames—to meet the demands of their specific operations.
quirements of their specific transactions. Stakeholders can
customize security measures based on the perceived risk 6.3.2 Market Dynamics and Equilibrium
and value of the message. For critical or valuable messages,
extended exclusivity periods can be set, providing sufficient The equilibrium in the AO staked messaging market is in-
time for necessary challenges and verification by concerned fluenced by the interaction between the demand for security
parties. This arrangement not only bolsters security but (driven by the value and stake-exclusivity time of messages)
also strengthens the integrity of the message verification and the supply of stake capital (influenced by staker re-
process. turn expectations). The demand for security stake can be
expressed as a function of the quantity of transactions Q
and their average value V̄ , adjusted by the average stake-
6.3 Time-Value of Stake
exclusivity period Ē:
In the AO model, each message that is passed requires the
user to compensate for the ’time value of stake’ — the op- Ē
D = Q · V̄ ·
portunity cost of locking (single-assignment) of capital for Tannual
a specific duration to secure a message. This mechanism where Tannual is the total number of the units in a year
plays a critical role in determining the pricing dynamics for which stake exclusivity is being considered (for exam-
within the AO system. ple, 525,600 for minutes). This formula reflects the total
demand for stake capital in terms of the average economic
6.3.1 Economically Rational Security Pricing value that is active in message security at any given time.
Consider a user who wishes to insure a message worth $1 The supply of economic utility from staked capital S, is
million with a stake-exclusivity period of 15 minutes. The modeled as the product of the total stake available K and
cost of insuring this message—paying for the time value of the expected return rate R:
the stake—can be modeled as a function of the expected
annual return rate desired by the stakers. For instance, if S =K ·R
stakers expect a 10% annual return on their engaged cap-
This equation reflects the total economic value that the
ital, the cost of securing this message can be derived from
staked capital is expected to generate over a year. Here,
the pro-rata share of this expected return over the exclu-
K represents the volume of AO tokens actively committed
sivity period.
to securing the network, and R is the annualized expected
The formula for calculating the price, P , of securing a
return on these staked tokens.
message for a period E in a given unit (minutes, seconds,
Equilibrium in the staking market D = S is achieved
etc.), given the total insured amount I and the annual ex-
when the demand for security, D, matches this supply of
pected return rate r (expressed as a decimal), is defined as
economic utility, S:
follows:
Ē
  Q · V̄ · =K ·R
R Tannual
P =I· ·E
Tannual Solving for the required return rate R, which balances
where: the supply and demand for staking utility, yields:

I is the total collateral provided for the insurance, Q · V̄ · Ē

R=
R is the annual expected return rate of the staker, K · Tannual
E is the stake-exclusivity period. This formula calculates the equilibrium return rate R. If
this calculated R is higher than the current market rate of
For a message with collateral of $1 million with a 15-minute return, it indicates a deficiency in staking capital relative
exclusivity period and a 8% expected return rate: to the demand for security. Consequently, more capital will

0.08
 flow into staking, increasing K until the new equilibrium
C = $1, 000, 000 · · 15 = $2.28. is reached. Conversely, if R is lower than the market rate,
525, 600
it suggests an oversupply of staked capital, leading some
This calculation indicates that the time-value price for stakers to withdraw their funds, thereby reducing K until
a 15-minute exclusivity on a $1 million stake, assuming an equilibrium is restored.

13
6.3.3 Peer-to-Peer Market Dynamics
The AO network’s decentralized, peer-to-peer market struc-
ture inherently allows nodes to independently set their own
fees for staked message passing services, without enforcing
global pricing. This flexibility lets them dynamically adjust
to market demand and supply changes, fostering competi-
tion and boosting responsiveness. Nodes that offer com-
petitive rates and terms naturally attract more users, op-
timizing their returns and leading to an efficient market
equilibrium.
This mechanism promotes market efficiency while lay-
ing the foundation for well-defined token valuation met-
rics. The process of analyzing the volume and value of
secured messages, along with competitive return rates, es-
tablishes a comprehensive framework for real-time token Figure 5: Growth of the AO token supply over time. AO’s
valuation, which is dependent on the network’s perceived model follows Bitcoin’s, modified to generate a smooth
security, utility, and demand. emission curve – with ’halvings’ representing a half-life,
rather than an abrupt change to the emissions per time
period.
7 AO Token Minting
Once an efficient market for security on the AO network has The minting of AO tokens begun with the launch of the
been defined, it is essential that the AO monetary policy AO testnet on February 27th 2024, 1700 GMT. After a
guarantees that no party has an unfair economic advantage. period of 4 months, users looking to mint AO with assets
To achieve this, we now set to outline a minting process other than Arweave´s native token AR have the option to
that distributes new tokens only to network participants deposit and bridge qualified assets into the network. From
who have a direct economic interest in leveraging the token the moment this functionality is enabled, two thirds of the
for its intended purpose of securing the AO network. supply of newly minted AO tokens is distributed to users
that hold bridged assets in the AO network. AR holders
7.1 AO supply growth over time will continue to receive one third of the ongoing supply. In
the case where no qualified assets are bridged into AO, AR
AO will have a total supply of 21 million tokens. New holders will continue to receive the totality of new tokens.
tokens are minted every 5 minutes, accumulating to a This monetary policy heavily rewards those that bring
monthly rate of 1.425% of the remaining supply. As a assets into the AO network in order to bootstrap the fly-
result, the circulating supply follows an exponentially de- wheel of economic activity inside it. Parties that bridge
caying emission curve, with the amount of minted tokens qualified assets will be entitled to a share of the AO token
effectively halving every 4 years. In contrast to the Bitcoin supply for as long as their assets remain in the network.
network, where the coin reward per block is abruptly cut in We can express the number of AO tokens minted per
half every 4 years, the AO network will always disperse the wallet UR as
same proportion of the remaining tokens every 5 minutes,
leading to a smooth – rather than step-function – decrease (
1
in the emission rate. · TR · URAR + 32 · TR · URB if TB > 0
UR = 3
Given the absence of pre-mined tokens or other discre- TR · TRAR if TB = 0
tionary supply shocks, the circulating supply of AO tokens
can be predicted with full certainty at any point in time where TR is the total number of AO tokens minted per time
since genesis (see figure 5). period, TB is the total amount of bridged assets per time
period, URAR is the per wallet share rate for holders of AR
7.2 Distribution of the AO Token Supply tokens, and URB is the per wallet share rate for holders of
qualified bridged assets.
Arweave serves as the structural foundation for the AO net- With this formula we can now calculate the appropri-
work. It not only enables its security mechanisms, but its ate reward rates for AR token holders URAR as well as
native token AR allows for messages on AO to be stored addresses that own bridged assets URB .
and subsequently validated in a truly decentralized manner.
For this reason, AR addresses holding a balance will be el-
7.2.1 Reward rate per wallet for holders of AR
igible to receive AO for as long as tokens are minted. This
tokens
minting mechanism is designed to create a natural align-
ment of interests of AR token holders with the AO network The amount of AO tokens awarded for holding AR is de-
that should foster the mutual success of both networks in termined by the ratio of the AR an address holds compared
the long-term. to the supply of AR.

14
 Then, the per wallet share rate for holders of AR tokens ‘native’ chain), and another one on the AO network itself.
URAR can be expressed as The smart contract on the AO network generates derivative
tokens that represent the bridged native assets. The deriva-
UAR tive tokens are freely transferable on the AO network. Once
URAR = P|U |
U
i=1 ARi the yield bearing asset has been deposited into a bridge, the
where UAR is the number of AR tokens in the user’s wallet, owner is given a representation of that token that is com-
and U is the set of users. patible with the AO network token standard, e.g bridged
‘stETH’ is represented in AO as ‘aoETH’. Users can then
freely move and stake their tokens across the network, while
7.2.2 Reward Rate per wallet for bridged assets
passively minting AO. Assets can be withdrawn from AO
If more than one qualifying asset is bridged to AO, the AO by their owners at any time, after which the earning of new
tokens awarded for holding bridged assets are distributed AO tokens for those assets ceases.
according to the relative value and native yield of those
assets. In case of only one qualifying bridged asset, 100% 7.3 Ecosystem Development
of the AO tokens are distributed according to the holdings
of that asset. If no qualified asset is bridged to AO, the The AO minting and distribution design presented above
AO tokens are allocated to AR token holders who will then encourages any interested party to move liquidity into the
receive the total of newly minted AO tokens, as was the AO network, providing powerful incentives to grow its econ-
case in the early AO testnet. omy. As a direct result of this model, unlike most modern
The reward rate distributed according to a specific qual- blockchain networks there is no central party with control
ified bridged asset TRBn can be expressed as over a treasury of AO tokens in order to drive ecosystem
 development and adoption. Since the supply of AO tokens
 P V (Bn )·Bny if |B| = 1 cannot be altered or controlled, AO token holders cannot
|B|
TRBn = i=1 V (Bi )·Biy be directly or indirectly taxed for future enhancements to
0 if |B| = 0 the network or discretionary initiatives.
where V (Bn ) is the total value of all units in a bridge, By In order to support the further development of the AO
is the native yield of a qualified bridged asset, and By is ecosystem, the network offers two mechanisms of funding
the set of qualifying bridged assets. for its growth:
The per wallet share rate for a specific qualified bridged 1. A Permissionless Ecosystem Funding, and
asset URBn depends on the volume held per wallet relative
to the total volume bridged to AO. It can be expressed as 2. Permaweb Ecosystem Development Guild (PEDG)
UB The funding rate of these ecosystem growth mechanisms
URBn = P|U | n
will decrease in accordance with the rate of decay that the
i=1 UBi
AO token mint curve is subject to. As AO token mint-
where UBn is the value of qualified bridged asset per wallet,
ing diminishes over time, so too will the funding available
and U is the set of users.
through these methods – leaving the protocol as neutral,
Subsequently, the total reward share for each user URB
public infrastructure.
is the summation of the product of their reward share for
each asset and the reward rate for that asset:
7.3.1 Permissionless Ecosystem Funding
|B|
X Permissionless Ecosystem Funding is a token issuance me-
URB = URBn · TRBn
chanic that offers an opportunity for developers to fund
n=1
their applications and establish thriving communities of di-
verse tokenholders, while also heavily incentivizing partici-
7.2.3 Criteria for Qualified Assets and Bridges
pation in their protocol’s economic mechanisms. Users that
The main criteria that bridged assets must fulfill in order bridge their assets into AO have the ability to interact with
to qualify for payments of newly minted AO tokens are: a wide variety of applications. By doing so, they not only
provide liquidity to these apps, but also temporarily give
1. The asset must be mature, with a diverse and liquid the right for their native AO yield to the process – providing
market. it with a stream of funding.
2. The asset type must be yield-bearing. Developers that are able to attract capital for their ap-
plications will automatically have the mandate to decide
For this criteria to be fully met, assets must enter AO via the best use of this long-term source of revenue. Builders
bridges that offer the functionality to split the underlying may choose to use all of these funds for their application, or
asset from its native yield in order to fund the growth of share these AO tokens amongst their users. They can even
the network. utilize this flow of new AO tokens to fund other relevant ap-
Bridges to the AO network consist of two smart con- plications and services, if they prefer. Liquidity providers,
tracts, one on the network the assets are bridged from (the on the other hand, have the freedom to decide the apps and

15
teams they wish to fund based on their preferences. In this malleability, custom-made user security, and economic effi-
way, a permissionless, meritocratic, and transparent rev- ciency. These design choices address not only common limi-
enue stream is provided to developers of new applications, tations of current iterations of widespread systems, but also
freeing them from the need to request grants or investment expand the spectrum of applications and use cases that are
funding from centralized parties. possible with a combined, trustless computer that is shared
by all that wish to participate in the network.
7.3.2 Permaweb Ecosystem Development Guild
(PEDG)
References
The PEDG is an alliance of dedicated AO ecosystem orga-
nizations and builders that develop, grow, and maintain the [1] A Rollup-Centric Ethereum Roadmap. https : / /
infrastructure necessary for the AO network. The PEDG ethereum- magicians.org/t/a- rollup- centric-
is funded using a similar mechanism to the Permission- ethereum-roadmap/4698. Accessed: 2024-04-24.
less Ecosystem Funding route of other project’s in the AO [2] Adding Turing Complete computation to a blockchain.
ecosystem. As their objective is the growth of the wide-span https : / / bitcointalk . org / index . php ? topic =
of the AO ecosystem, their funding comes from the native 428589. Accessed: 2024-04-24.
yield generated by bridged assets, while they are in use [3] Adobe Photoshop in the Browser Thanks to Em-
on the AO network. This mechanism essentially provides scripten, Web Components and Project Fugu. https:
ecosystem growth funding without token sales or a ‘pre- //www.bram.us/2021/10/27/adobe- photoshop-
mine’, which also naturally ebbs in relevance to the ecosys- in - the - browser - thanks - to - emscripten - web -
tem’s economy as its inflation rate slowly decays. Rather components- and- project- fugu/. Accessed: 2024-
than funding a single ‘core team’, this yield is distributed 04-24.
amongst a diverse set of teams and builders contractually
committed to the growth of AO. At the time of AO’s token [4] Akash Network Whitepaper. https://whitepaper.
launch, PEDG was composed of 5 ecosystem partners that io / document / 633 / akash - network - whitepaper.
collaborated on the launch of the AO network, with more Accessed: 2024-04-24.
being added as the protocol matures and grows. [5] Mustafa Al-Bassam et al. LazyLedger: A Distributed
Data Availability Ledger With Client-Side Smart
Contracts. 2019. url: https : / / arxiv . org / pdf /
8 Conclusion 1905.09274.pdf (visited on 04/24/2024).

The AO protocol presents a significantly differentiated de- [6] ANS-104: Bundled Data v2.0 - Binary Serialization.
sign in the realm of decentralized computing by implement- url: https://github.com/ArweaveTeam/arweave-
ing a model based on the actor-oriented paradigm. This standards/blob/master/ans/ANS-104.md.
approach enables the AO network to operate without the [7] ar.io. Arweave Block Header 1278126. 2023. url:
traditional constraints faced by similar systems, primar- https://arweave.net/block/height/1278126.
ily through its modular architecture and a flexible security [8] Arweave. Arweave. 2024. url: https : / / arweave .
model. These features enable the network to adapt to the org (visited on 04/24/2024).
diverse needs of its users, creating a more versatile and ef-
ficient environment for decentralized applications. [9] Candle Whisper - Speech Recognition in WASM.
Central to AO’s design is its capacity to support an un- https : / / huggingface . co / spaces / lmz / candle -
limited number of parallel processes. This capability sig- whisper. Accessed: 2024-04-24.
nificantly boosts the network’s scalability, also allowing for [10] Candle-phi1-phi2 Wasm Demo. https : / /
the coexistence of various configurations for bespoke oper- huggingface . co / spaces / radames / Candle -
ational requirements. This capability significantly boosts phi1-phi2-wasm-demo. Accessed: 2024-04-24.
the network’s scalability, also allowing for the coexistence [11] Celestia. Celestia: The First Modular Blockchain Net-
of various configurations for bespoke operational require- work. 2024. url: https://celestia.org (visited on
ments. 04/24/2024).
Moreover, AO’s economic model diverges from tradi-
[12] Bogdan S Chlebus, Dariusz R Kowalski, and Mar-
tional blockchain architectures by eliminating reliance on
iusz A Rokicki. “Average-time complexity of gossip-
block rewards for network security. Instead, it introduces a
ing in radio networks”. In: International Colloquium
market-driven security mechanism where the safety level of
on Structural Information and Communication Com-
processes is directly correlated with users’ needs and their
plexity. Springer. 2006, pp. 253–267.
corresponding willingness to pay for insurance. This shift
aims to optimize resource utilization and align incentives [13] Wikipedia contributors. Actor model. 2024. url:
across the network, fostering economic efficiency and rein- https : / / en . wikipedia . org / wiki / Actor _ model
forcing long-term system resilience. (visited on 04/24/2024).
To conclude, the AO protocol proposes a new perspec-
tive on decentralized computing; one that prioritizes system

16
[14] Wikipedia contributors. Single system image. 2024.
url: https://en.wikipedia.org/wiki/Single_
system_image (visited on 04/24/2024).
[15] Ericsson to WhatsApp: The Story of Erlang. https:
//thechipletter.substack.com/p/ericsson-to-
whatsapp-the-story-of. Accessed: 2024-04-24.
[16] Erlang.org. Erlang Programming Language. 2024.
url: https://erlang.org (visited on 04/24/2024).
[17] Forward Research. Introducing the Uni-
versal Data License. Accessed: 2024-04-
24. 2024. url: https : / / mirror . xyz /
0x64eA438bd2784F2C52a9095Ec0F6158f847182d9 /
AjNBmiD4A4Sw-ouV9YtCO6RCq0uXXcGwVJMB5cdfbhE.
[18] Ethereum Foundation. World Computer. https://
www.youtube.com/watch?v=j23HnORQXvs. Accessed:
2024-05-24. 2016.
[19] Carl Hewitt. A Universal Modular Actor Formalism
for Artificial Intelligence. 1973. url: https://www.
ijcai . org / Proceedings / 73 / Papers / 027B . pdf
(visited on 04/24/2024).
[20] IETF. RFC 768: User Datagram Protocol. Accessed:
2024-04-24. 1980. url: https : / / www . ietf . org /
rfc/rfc768.txt.
[21] IETF. RFC 791: Internet Protocol. Accessed: 2024-
04-24. 1981. url: https://datatracker.ietf.org/
doc/html/rfc791.
[22] Butler W Lampson, Nancy A Lynch, and Jørgen
F Søgaard-Andersen. “Correctness of at-most-once
message delivery protocols”. In: Proceedings of the
IFIP TC6/WG6. 1 Sixth International Conference on
Formal Description Techniques, VI. 1993, pp. 385–
400.
[23] Forward Research. ao Token and Subledger Spec-
ification. https : / / cookbook _ ao . g8way . io /
references / token . html. Accessed: 2024-05-24.
2024.
[24] Scaling Ethereum with Layer 2 Rollups. https : / /
l2beat.com/scaling/summary. Accessed: 2024-04-
24.
[25] Arweave Team. SmartWeave. https://github.com/
ArweaveTeam/SmartWeave. June 2022.
[26] Urbit Whitepaper. https : / / media . urbit . org /
whitepaper.pdf. Accessed: 2024-04-24.

17