Understanding Loki Hybrid Consensus Algorithm

In the previous article of the technical paper review series, we explored FastFabric, Understanding FastFabric: How to scale Hyperledger transactions per second

In this article, we’ll review the hybrid consensus algorithm – LOKI, which is a privacy oriented blockchain system, which was built on top of Monero source code. Loki uses a hybrid proof of work/proof of service system offers a unique way to financially incentivise the operation of full nodes. There are lots of innovative features that loki brings in for a secure private communication.

The paper broadly has 9 section in it which are as follows-

  • Introduction
  • Basic Parameters
  • CryptoNote
  • Service Nodes
  • Loki Net
  • Loki Services
  • Snaps
  • CryptoNotes Alteration
  • Attack Prevention 
  • Governance

We would be combining some of these sections and would be providing just the summary and relevant information of each section. We would be skipping the Governance part from the paper as it only contains how the network maintenance, funding and voting happens.  The blog just focuses on the technical features of it. 

CryptoNote Element

As discussed in the introduction section the platform uses Monero as the core network. Monero is an evolution of the famous CryptoNote protocol which is the core logic behind all the privacy oriented, top in the market cryptocurrencies. CryptoNote protocol is based on ring signature, stealth addresses, and RingCT, these cryptographic functionalities help it to build confidential transactions, that hide the user details from users.

For the Loki ecosystem to maintain privacy, it is important to not only provide a medium of exchange that underpins the internal economy but to also minimise the risk of temporal analysis when interactions occur across Loki’s independent layers. For example, when engaging in layer-one transactional services, users should never lose the privacy guarantees they receive from the second-layer and vice versa.

[table id=1 /]

Consensus

The network uses a hybrid consensus algorithm- one for block creation and the other for incentivising the network users.

  1. Proof of work for block creation in the network
  2. Proof of service for incentivising the participants in the network 

As mentioned above the service node layers are responsible for the interaction with the core network and hence the incentivising mechanism is programmed at this layer. This follows a consensus called proof service which is a mutated version of the proof of stake. 

[contact_sales title=”Need help with Blockchain development?” desc=”Let’s work together!” btn_text=”View Our Services” url=”https://accubits.com/services/blockchain/”]

Block Creation And Rewards

As mentioned above in the Consensus section the block creation is done through the proof of work. Miners collect and write transactions into blocks and collect fees for doing so. The rewards are split up into 3 parts.

  1. 50% block creation rewards
  2. 45% service nodes which are staked at the beginning of joining.
  3. 5% reserve for future usage.

The service nodes are an integral part of the network most of its scalability comes through an incentivised node called service node. To operate a Service Node, an operator time-locks a significant amount of Loki and provides a minimum level of bandwidth and storage to the network. Node operators receive a portion of the block reward from each block.

The specification of block creation are as follows –

  1. Block creation time : 120 sec
  2. Difficulty Algorithm : Zawy LWMA
  3. Hashing Algorithm : CryptoNight Heavy

To register as a service node the operator needs to do a time locked amount on to the network which unlocks only after a minimum of 21,600 blocks which is roughly 30 days.

The Network

The core network is the part where the anonymity and the network protocols comes into play.The basic anonymity is achieved through onion routing. The network uses a low latency onion network protocol to achieve this. This network acts as a decentralised overlay network. Users can connect to individual Service Nodes and create bidirectional paths for packets to be routed through. The network can be used to access internally hosted services called SNApps.The system has a hybrid mixnet solution for this and uses a combination of Tor and I2p to achieve this

[table id=3 /]

Underlying all applications for Service Nodes is an anonymous routing protocol, which defines the way each Service Node communicates with its peers. Loki proposes a new routing protocol called LLARP which is designed as a hybrid between Tor and I2P to provide additional desirable properties versus any existing routing protocol. LLARP is built specifically to run on top of the Loki Service Nodes network and all LLARP optimisations consider this architecture. To understand the goals of LLARP, it is best to conduct an analysis of existing routing protocols and consider how LLARP improves upon them.

Snaps

Similar to the investment that miners make into hardware, each Service Node operator

freezes Loki coins when they begin to operate a Service Node. This frozen capital serves two purposes.

  1. Every Service Node operator has a sufficiently large stake in the success of the network. Should any Service Node operator provide poor performance to the network, or act dishonestly, they undermine and risk devaluing their own stake within the network.
  2. It provides an opportunity for more aggressive enforcement; if the network is able to effectively limit dishonest nodes from receiving a reward, then dishonest nodes must bear the opportunity cost of both the reward loss and the remaining lockup time on their collateral.

[contact_sales title=”Need help with Blockchain development?” desc=”Let’s work together!” btn_text=”View Our Services” url=”https://accubits.com/services/blockchain/”]

Loki Messenger

Messenger: Highly Secure messaging System which would be a decentralised, end-to-end encrypted private message system. There are two different approaches for sending messages in the system.

    1. Offline messaging
    2. Online messaging.

Online messaging uses higher bandwidth communication and messages are not stored in the service nodes .Once Alice knows Bob’s public key, she assumes he is online and tries to create a path to him. Alice does this by querying the DHT of any Service Node and obtains any introduction set that corresponds with Bob’s public key. In LLARP, introduction sets list the introducers that each user maintains. It is through these introducers that paths can be established. With Bob’s introducer, Alice now chooses three random Service Nodes to act as intermediary hops between her origin and her destination (Bob’s introducer). A path has now been established, through which Alice and Bob can transmit messages. If correctly authenticated, and using OTR, Alice and Bob can now communicate while maintaining a high-level of privacy.

If Alice fails to receive a response from Bob, she can then initiate the offline messaging process. Offline routing uses a modified version of Postal Services over Swarm (PSS). Swarms are logical groupings of Service Nodes, based both on their public keys and the hash of the block that their staking transaction first appeared in. Each swarm has a swarmID and consists of nine nodes. To send a message to Bob, Alice can use his public key to calculate which swarm Bob belongs to. With this information, Alice can anonymously route a message through the network to a random Service Node in that swarm. When a Service Node receives a unique message destined for its swarm, it must distribute that message to the other eight nodes in the swarm. All nodes are additionally required to store messages for their allocated Time-to-live (TTL). When Bob comes online, he can query any two nodes in his swarm for messages he can decrypt. Offline messaging is protected from spamming with a small proof-of-work that is attached to each message.

Security

The Loki team has done a pretty good job in addressing the privacy and security concerns that might arise in the network. Following are some of them- 

Dynamic Block Size

Like other CryptoNote coins, Loki does not have a fixed block size. Instead, the block

size changes over time, growing to include more transactions as the network reaches higher transaction throughput. The Loki block size scales by observing the median block size over the last 100 blocks and slowly retargets the maximum size of any new blocks accordingly.

Ring Signature Size

In cryptography, a ring signature is a type of digital signature that can be performed by any member of a group of users that each have keys. Therefore, a message signed with a ring signature is endorsed by someone in a particular group of people. In our case, these are used to hide real outputs among others in a given transaction. The size of a ring signature refers to how many mixins are used to construct the ring. Monero currently has an enforced minimum ring signature size of seven, with six mixins used alongside the real unspent output in a transaction

There was an interesting study by the Monero labs in which they conducted experiments with differing ring signature size. It was found that higher ring-sizes reduce the timeframe in which a malicious attacker who owned a large number of unspent outputs would be able to perform effective analysis of transactions.

Loki improves on monero  by statically enforcing ring-sizes, and setting the ring-size to ten. Statically setting the maximum ring-size protects users who construct

rings with more than nine mixins and setting the ring-size minimum to ten more effectively prevents an attacker who owns a large number of outputs from discerning the true outputs spent in a ring signature

ASIC Resistance

ASICS are special types of chips which are designed to do a particular task.  In the context of mining, ASICs are used to compute specific hashing algorithms. They pose a risk to decentralisation because they outpace all other mining methods, are manufactured by specific companies, have very limited distribution channels due to the specialised nature of the hardware, and they require significant capital costs to develop and operate profitably.The network uses a Crypto Night Heavy to protect ASIC operation against the proof of work algorithm

DOS Attack

To prevent both attacks, the network requires that a short proof-of-work be attached when both messages and paths are created. For messages, this proof-of-work is calculated as a Blake2b hash of the message. For path creation, the proof-of-work is sent along with the request for a node to be included in the path building process. To ensure scalability and accessibility for mobile users, the proof-of-work difficulty requirement is fixed based on the Time-to-live (TTL) of the message or the path, and not based on global network activity

[contact_sales title=”Need help with Blockchain development?” desc=”Let’s work together!” btn_text=”View Our Services” url=”https://accubits.com/services/blockchain/”]

IP and Packet Blocking

Deep packet inspection (DPI), aims to investigate the structuring of each individual packet that passes through a firewall, and selectively drop or block packets that appear to relate to a particular service

Much work has been done to design systems which evade DPI. Users can leverage types of pluggable transports which alter the signature of each packet aiming to appear as normal unblocked traffic. IP blocking is generally avoided by running domain fronting bridges which will encrypt traffic as HTTPS requests to unblocked services like Azure or Cloudflare. Once they reach the unblocked service, the bridge will forward the request to the desired location. In the case of domain fronting, it becomes difficult for a state level actor to prevent the flow of all traffic to popular bridges without causing significant disruption to the general usage of the internet.

Final Thoughts

The Loki project is a really intriguing project in the blockchain space. Although in the beta stage, they are doing a remarkable job in addressing a lot of the privacy concerns and chain analysis that de-anonymise the network transactions. The core element which is the service node is built in C++ and acts as a wrapper to the secure monero core. There are definitely some additional features like smart contracting and easy tokenization which are missing in the platform as of now, and it would be interesting to see if they can bring those features to the Loki network.

We have not mentioned the Governance part of the white paper in this section, Please refer to the original white paper if you are interested in it.

Reference

https://loki.network/wp-content/uploads/2018/10/LokiWhitepaperV3_1.pdf

Written by

Goutham Krisha

Goutham is a technologist and an experienced developer who specializes in Blockchain technologies and DLTs. Goutham’s recent emphasis has been on solutions built on Ethereum, Hyperledger, Tezos, smart contracts, and smart signatures, in particular, decentralized self-sovereign identity. He’s Helped clients, from start-ups to Fortune 500 companies, across North America and Asia, develop their blockchain strategy and build several decentralized applications using blockchains and smart contracts

More from Goutham Krisha →