Diem: [Feature Request] Build on Nyzo - details about consensus

Created on 19 Jun 2019  Â·  3Comments  Â·  Source: diem/diem

Time as a currency
Proof of diversity requires active participation in the form of time and verifier behaviour in the blockchain to be allowed to exert a certain influence on the system as a whole. The proof-of-diversity blockchain uses verification cycles to establish the authoritative form of the blockchain. This is not proof-of-work, and it is not proof-of-stake. It is a completely new consensus mechanism that relies on diversity of participation for strength. While proof-of-diversity has its own concerns that must be addressed to ensure integrity of the blockchain, it is immune to the attacks and problems inherent to proof-of-work and proof-of-stake systems and at the same time very efficient.

The basic concept of proof-of-diversity is simple: The verifiers take turns producing blocks in a circular order, creating a cycle. Some simple consensus rules ensure that verifiers are neither added nor removed from the cycle too fast. (To read the specifics we recommend reading the Nyzo whitepaper and subsequent release notes)

image

How blocks are produced (above) — How new nodes join the cycle (below)
image

For a detailed overview, read the Nyzo design methodology by @jimtalksdata
While the consensus mechanism is called “Proof of diversity”, the result of proper diversification of verifiers stems from the consensus rules which are actively put in place and agreed upon by the network.

One key aspect in the case of Nyzo is that it requires a certain amount of time for a node in the queue to join the cycle. As previously mentioned, the open attack vector embedded in the classical proof of work consensus system does not care about time, it cares about calculations being solved, a definitive action with instant gratification for the miner participating. Here is where nascent altcoins whom decided to use the proof of work system are at risk, the immediately gratified nature of one entity’s influence on a network poses a real and unforeseeable threat to the health of the network and integrity of the blockchain state.

This stands in sharp contrast with the modus operandi of Nyzo and proof of diversity in general. In the case of a bad actor trying to gain control of the cycle in order to perform a blockchain reorganisation he must either acquire access to 50% of the private keys of the verifiers in the cycle or join the cycle repetitively until he has garnered 50% of the total verifiers in the cycle.

Each verifier in the cycle is capable of voting for a new queue node to become eligible to join the cycle, as in a democracy. Once the blockchain rules dictate that a new verifier is allowed to join the cycle, the top voted verifier who has more than 50% of the cycle verifiers voting for him is granted allowance to enter the cycle. By default the verifier automatically votes deterministically random for a verifier in the queue based on the last (50-block incremented) block hash resulting in an automated, unified and yet individually generated vote.

In the case of a bad actor trying to gain control over the cycle by adding new nodes to the queue there are several advantages stemming from the consensus mechanism as a whole, let’s take a look at a hypothetical scenario.

There are currently 10,000 queue nodes waiting to join the cycle and there are 1000 in-cycle verifiers, the amount of nodes allowed to join the cycle is currently 7 per day.
The bad actor first has to get a probabilistic advantage in the queue in order to join the cycle faster. Let’s say that the actor manages to successfully spin up 20,000 nodes, hereby gaining a 66% chance that he will join the next time.
The actor will now have to wait 30 days before all his nodes become eligible of joining the cycle at all, this preventive measure ensures proper resilience against botnets, proxies and credit card fraudsters looking to solidify their illegally-funded servers into a currency.
The 30 days have passed, during these 30 days the Nyzo community has had the opportunity to witness one entity spin up a large amount of nodes, they are able to respond before even a single node of the actor makes it in. (In the defense of the actor, he could choose to drip feed his nodes to become active over the period of one month, resulting in a 45 day incubation period.)
We have now reached a point in time where the actor has made a substantial investment to attack the network and has not earned anything by doing so.
The estimated cost at this point (20,000 * 4 dollars[30d]) = $80,000. A fair estimate considering the cost of servers and the intrinsic value of an IPv4 address.
The actor has piqued the interest of people involved with the project whom are able to respond to his actions.
Let’s say the actor is very lucky, nobody of the community took action and his nodes are now eligible to join the cycle at the same 66% advantage rate he had before. There are now 1210 (1000 + (7*30 days)) nodes in the cycle. At this point we drop down to 6 new additions a day.
Let’s say the actor is yet again very lucky and nobody of the community has noticed the actor’s nodes joining, resulting in the same advantage rate throughout the whole process from here on as well.
The actor is getting in +3.6/7 nodes every day.
After a week, +25/42 nodes.
After a month, +100/160 nodes.
After a year (still at the same unimaginable status quo!) +1200/1920 nodes.
At this point in time the attacker has spent more than one year of his time, there are currently more than 3000 nodes in the cycle and he has yet to reach the 40% mark. The attacker has spent more than $1 million and 1 year of his time and has not been able to attack the system.

The unpredictability of actions imposed by the network participants through blacklisting or other preventive measures makes the proof-of-diversity consensus mechanism fully resistant against such a bad actor.
In the mean time the attacker has figured out that he can in fact earn some Nyzo for participating in the network and make profit from participating instead of destroying the thing which earns him money.
The incentive structure ensures conformity of all network participants — the detectable nature of a blockchain re-organisation, the unrealistic luck in favor of the actor in this story and the ever-changing status quo make a 51% attack on Nyzo an unrealistic, time-consuming and costly feat.
As you can see, the power of time is immense and the implications on classical proof-of-work systems can not be overlooked.

Environment friendly
If all that was not enough to convince you of the implications of Nyzo and the proof of diversity system, we have one more advantage lined up.

By leveraging highly optimised and well structured code in combination with historical block consolidation techniques the node’s technical requirements are at a bare minimum. A verifier is capable of being ran on a low-tier Virtual private server. This results in a negligible CO2 emission which stands in sharp contrast with the current Bitcoin network and proof of work in general.

enhancement

Most helpful comment

Interesting. Cannot guess at intentions of the developers, but seems that they want to build on top of a permissioned blockchain platform. For decentralization however, general user adoption is required, which requires economic distribution in ways other than sheer hashpower or "legacy" assets at disposal. In that sense, the challenges faced by the two projects are similar.

To my knowledge, Libra uses a variant of BFT algorithm that has has been adopted by projects such as Cosmos. https://github.com/cosmos/cosmos/blob/master/WHITEPAPER.md#tendermint. While the concerns with PoW issues are alleviated as above, and it is heartening to see validators are penalized from deviations from consensus, the requirement for bonding collateral may pose an undue hurdle to some and may unfairly bias outcomes in favor of "legacy assets" again, since hashpower and collateral are essentially freely-convertible currencies. TIme-based selection algorithms could alleviate that due to the axiom of inconvertibility, and it is perhaps worthwhile to take a look at the current state-of-the-art in the space since then.

All 3 comments

Interesting. Cannot guess at intentions of the developers, but seems that they want to build on top of a permissioned blockchain platform. For decentralization however, general user adoption is required, which requires economic distribution in ways other than sheer hashpower or "legacy" assets at disposal. In that sense, the challenges faced by the two projects are similar.

To my knowledge, Libra uses a variant of BFT algorithm that has has been adopted by projects such as Cosmos. https://github.com/cosmos/cosmos/blob/master/WHITEPAPER.md#tendermint. While the concerns with PoW issues are alleviated as above, and it is heartening to see validators are penalized from deviations from consensus, the requirement for bonding collateral may pose an undue hurdle to some and may unfairly bias outcomes in favor of "legacy assets" again, since hashpower and collateral are essentially freely-convertible currencies. TIme-based selection algorithms could alleviate that due to the axiom of inconvertibility, and it is perhaps worthwhile to take a look at the current state-of-the-art in the space since then.

Closing out stale issue.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

n
Solexplorer picture Solexplorer  Â·  4Comments

http-km picture http-km  Â·  3Comments

csunny picture csunny  Â·  4Comments

uschen picture uschen  Â·  4Comments

gr0kchain picture gr0kchain  Â·  5Comments