PROJECT DEEP DIVE

CoinList has long been a believer in the Orchid project, so after the mainnet launch of the Orchid protocol and their VPN last December we were excited to sit down with the Orchid team and discuss the project and its progress.

Justin Gregorius: To start, what is Orchid and what problem is Orchid solving?

Orchid: Orchid was founded in 2017 to help restore the open and accessible Internet for everyone. Orchid is the first incentivized, peer-to-peer privacy network. It’s a unique VPN market, powered by a digital currency, so paying for bandwidth doesn’t require any centralized party.

As the Internet grew, exploring freely became harder. Web 2.0 business models incentivized companies to watch and track us and sell our data. And in some places, limits were placed on the information we can see. But that is changing. The decentralized Web 3.0 being built on Ethereum is allowing the Internet to be reclaimed by its users. At Orchid we share in this mission. We use Web 3.0 technology to offer users better digital privacy today, so we can realize the original promise of Web 1.0 and explore freely again.

The goal of Orchid is to start a new network, ecosystem and Open Source movement to create new privacy tools with stronger protections and capabilities than exist right now.

JG: How does Orchid avoid ISP censorship and surveillance?

Orchid: Orchid helps obfuscate your browsing as you explore the Internet freely. Orchid allows your traffic to be routed between one or more VPN providers to mitigate the risk of being tracked. Rather than being forced to put complete trust in the idea that your VPN service is not selling your data, Orchid gives you the option to distribute trust across numerous VPNs. This impedes a single entity having access to the entire stream, which is what would be needed to decipher any data.

Different users have different objectives and use cases for employing privacy tools. Some are trying to access content from a geography where that content is blocked. Others simply want to browse the Internet while keeping their identity and activity private. Internet privacy tools play a vital part in protecting the privacy of dissidents, journalists, and others who are under threat from governments in many countries. This is why we responded to increased censorship of reporting on the coronavirus by providing Orchid free to journalists.

JG: Orchid enables clients to enable high performance onion routed circuits with a variety of potential users. Can you explain how this works and how this augments privacy on the network?

Like The Onion Router (Tor), Orchid uses onion routing to send packets through multiple randomly selected, statistically uncorrelated, intermediate routers before reaching the final destination. In the Orchid system, this layering ensures that the connection to each provider is separately encrypted. This layered encryption ensures a greater degree of privacy on the Orchid network.

JG: Can you elaborate on the different participants in this marketplace and how these different roles interact with each other?

Orchid: Orchid is a decentralized network routing market, allowing users to buy bandwidth from a global pool of service providers. To do this, Orchid uses the OXT token, our new VPN protocol for incentivized bandwidth proxying, and smart contracts with algorithmic advertising and payment functions. Orchid’s users connect to bandwidth sellers using a provider directory, and they pay with a pay-as-you-go model using probabilistic nanopayments so Ethereum transaction fees on packets are acceptably low.

VPN service in the app is purchased with OXT from the connected account, and you pay only for the bandwidth that you actually use. New Orchid users can open an account by creating an Ethereum address using Metamask or another Ethereum wallet, and purchasing at least $4 in OXT and $1 of ETH from CoinList or another exchange. Once the account is created, a QR code appears that contains account credentials that you can share with as many friends, family, or devices as you’d like. Anyone can copy or scan that account into the app for a 1-step setup.

The CoinList listing follows listings on Bittrex Global, OKEx, Gemini, Coinbase and Coinbase Pro, and five new Orchid app language translations (Mandarin, Russian, Indonesian, Korean, and Japanese).

JG: How does Orchid prevent sybil attacks within this marketplace?

Orchid: In any open network, there is the risk of agents creating multiple fake identities and presenting a large number of independent nodes that are working together. It is important to have a way to prevent one of these agents from overwhelming the system, while still maintaining the system’s open properties. Orchid uses a stake weighting system that defeats sybil attacks and aligns incentives.

The Orchid VPN client selects randomly from provider nodes in order to construct circuits with a low probability of collusion. We are able to select randomly through linear stake-weighted random selection. This means that an attacker would have no advantage by dividing their stake into multiple identities. This random selection policy requires a global list of node metadata, which we source from the Ethereum blockchain’s global node registry.

JG: Bandwidth providers must stake OXT in order to register their nodes and provide bandwidth. How does this process work and how are nodes selected?

Orchid: Service providers on Orchid run software similar to a typical VPN daemon for protocols such as OpenVPN, but instead speak the Orchid protocol. Orchid nodes maintain registration information in a stake registry and provider directory on Ethereum. The stake registry is optimized for enabling the Orchid app to automatically discover random servers in a decentralized environment, while the provider directory allows Orchid nodes to register metadata such as geolocation or additional services offered.

A provider stakes some number of OXT to create a stake deposit. Anyone can stake OXT on nodes using the smart contract. Clients select new nodes in proportion to their relative OXT deposit size. Larger stake deposits lead to proportionally more users, bandwidth, and revenue.

If the node is already at max bandwidth capacity, additional stake is effectively wasted.

Once digital currency has been locked into a stake deposit it can be used immediately for bandwidth provisioning. If the provider wants to withdraw digital currency from the staking contract, they have to start an “unlocking” process period, which involves a three month cool down where their funds cannot be used as a stake deposit or transferred elsewhere by the provider.

Whatever the amount of value that is exchanged in the Orchid ecosystem, a given seller’s relative stake amount, as a percentage of the total stake, provides them that same percentage of user traffic and dealflow. Assuming typical and honest selling behavior (no users drop them for bad service) this dealflow will translate into a similar portion of the total revenue. The staking decisions of sellers is left to their own choices.

JG: How do users pay for their VPN access on Orchid and how does that payment system support privacy for users and bandwidth providers?

Orchid: Orchid users pay for bandwidth from providers in the network using OXT. Instead of expensive VPN subscriptions, Orchid users only pay for the bandwidth they actually use, making for lower costs. OXT is paid to providers to incentivize them to offer bandwidth on the network.

A user paying for a traditional VPN service with a credit card is sharing information that is significantly more sensitive than an Ethereum address on the public blockchain — the VPN provider knows full name and complete address information for the credit-card paying user.

Orchid is committed to offering users greater privacy protection while running on a public blockchain, as well as transparency (see FAQ) about the limitations of privacy protection.

The Orchid app pays for its circuit by authorizing a continuous stream of tiny nanopayments to providers for the duration of the connection. While the nanopayment architecture locks user funds into a smart contract and only issues on-chain payments to providers very rarely, occasional winning tickets result in OXT payments posted on the public Ethereum blockchain. When that happens, the user’s Ethereum address, the provider’s Ethereum address, and a timestamp are stored publicly on the Ethereum blockchain. Note that the payment address of the provider is not a mapping to any single server; instead it is an arbitrary (and potentially temporary) payment address that the provider created specifically to receive funds. Also, the frequency of how often on-chain payments occur is configurable.

When considering anonymity, it is also important to understand whether the user is linked to the OXT used in their circuit. If the user purchased OXT on an exchange linked to their personal identity, then that entity could be compelled to give information that could deanonymize the user.

For use cases demanding greater protection, configuring a multi-hop circuit is a good option, as the user may pay for each hop from a different Ethereum wallet. If every wallet address is independently dissociated from the user, the full circuit is quite difficult to link back to the user.

JG: Orchid is built on Ethereum, which has had difficulties with scaling. How does Orchid plan to scale to a level that supports millions of nanopayments at a given time?

Orchid: The most common criticism of Ethereum is that it does not process transactions fast enough. This is true: currently, Ethereum only processes 12 transactions per second. At this level of throughput, Orchid would not be able to scale to support a large chunk of the world’s existing VPN market — currently estimated at 26% of the world’s population, or over 1 billion users, and growing at almost 15% per year.

In an ideal world, the Layer 1 blockchain would handle all transactions. But that is not feasible with Ethereum (or any other decentralized blockchain) in its current form. So to solve for the inadequacy in transaction processing speed, the team at Orchid developed a Layer 2 solution: our probabilistic nanopayments. They partly mitigate the throughput issue, scaling significantly further than would be possible on Layer 1. Truly superior scalability, though, will be achieved with the release of Ethereum 2.0. This upgrade, which is one of the Ethereum community’s top priorities, could conceivably allow Orchid to scale much further, to billions of transactions per second — enough to serve every Internet user.

Learn more 👉 www.orchid.com