Proof of Scarcity and Sybil attacks

In this article we’ll examine proof of scarcity by using the electromagnetic spectrum as a method to protect against Sybil attacks.

Identities on P2P Networks

Since distributed ledgers were invented, different systems have been brought to light to protect the networks from attacks. The most well known and widely used of these methods is called Proof or Work (PoW), but alternatives include Proof of Stake (PoS) and Proof of Bandwith (PoB).

All of these systems have something in common: they compromise some scarce and expensive resource to protect against identity forgery on a network. This is done in a way that makes it extremely impractical to create nodes that propagate fraudulent information to mislead some portion of the legit nodes.

The term Sybil comes from Sybil Dorsett, a pseudonym of a book character written by Flora Rheta Schreibe (1973) that suffers from multiple personality disorder. A Sybil attack occurs when an attacker successfully manages to mount a set of peer-to-peer network nodes that broadcast illegitimate data, and is able to convince other nodes that this it is supplying legitimate information.

Most DLTs work over a P2P network with some sort of reputational system based on identities. Decentralization is achieved through a scheme in which nodes interact and regulate themselves without the need of a centralized intervention. If a node misbehaves (e.g. propagates inconsistent blocks data), others in the network will punish it by not listening to what the malicious node says for a period of time.

To Sybil attack a network you need to have the ability to create a decent amount of nodes (identities) broadcasting illegitimate data. It is fair then to say that the more difficult it is to create an identity within the network, the more difficult it will be to conduct a Sybil attack.

Proof of work (PoW) and the Coordinator (Coo)

In general we could define proof of work as a system that demands the usage of some finite/scarce/expensive resource to ensure that a request is genuine. A captcha, for instance, is a PoW consisting of your brain trying to figure out what those hieroglyphs say. The whole idea behind this type of mechanism is to avoid spam or Denial of Service (DoS) attacks. You can submit that captcha protected form as many times as you can read and input whatever the blurry image says.

In DLTs, proof of work is needed to avoid attacks such as the one described earlier. As I write this article, IOTA is safe from Sybil attacks because of the existence of a coordinator (Coo) that tells the nodes where the legitimate network is. This instance makes impractical to forge identities on the Tangle since nodes will detect attackers illegitimate nodes and blacklist them immediately.

The coordinator is temporary, analogous to the training wheels of a child earning to ride a bike. This article will discuss IOTA in its post-coordinator state which means that IOTA would be susceptible to Sybil attacks the same way Bitcoin or Ethereum are right now.

Proof of work and Sybil attacks

Let’s take the Bitcoin network to illustrate the way PoW allows protection against Sybil attacks. Bitcoin requires miners to find each block nonce, using a hell of a lot of computing power in the process. As the years go by, the “difficulty” needed to solve the hashes and discover a new block every 10 minutes continues to increase. This means that ever more computational power is needed to keep the same rhythm.

We highlighted the fact that Sybil attacks were about identity forgery. From this, one could infer that this attack on Bitcoin would demand a vast amount of full nodes broadcasting an alternative version of the Blockchain to the others. However, that alone is not enough – and this is where proof of work makes sense: attacker’s nodes can’t fake the current mining difficulty without being spotted as illegitimate and ignored. Every node gets this information straight from the blockchain. So, to pass a block as valid, fake nodes would need to have access to enough hashpower to mine them. That’s means a lot of money put into mining to try to feed your victim’s node with false block data.

Although we took Bitcoin as an example, this is applicable to almost every other DLT project as well. You need some sort of system to make this attack extremely impractical. The solution could involve computational power (PoW), your stake of a given crypto (PoS), or any other scarce resource such as the electromagnetic field. The idea behind using the EM field introduces the concept of Network Bound Proof of Work (NBPoW), brought to life by Sergey Ivancheglo.

Network Bound Proof of Work (NBPoW)

If you google NBPoW you might find that Sergey Ivancheglo (a.k.a Come-from-Beyond) has been talking about this for a while. It was subject of discussion on Twitter with Buterin by the end of 2017, and there are posts on the Hello IOTA forum with records of conversations had within the old Slack #tanglemath channel.

The IOTA Foundation even added an entry on its FAQ to answer NBPoW questions:

However, computational power is not the only scarce resource. Bandwidth is also a scarce resource. The scarcity of bandwidth is already becoming apparent as the world moves from 4G to 5G, and in the heated debates over net-neutrality. It is a basic economic law that when a scarce resource increases in demand faster than its supply, its price will rise. If a network’s total available bandwidth is saturated, bandwidth will become costly. Thus, in the future, instead of requiring an arbitrarily determined computational cost using Proof-of-Work, the natural scarcity of bandwidth due to the physical laws of the world in which we live will effectively accomplish the same thing — that is make it infeasibly costly for an attacker to issue more transactions than the cumulative flow of honest transactions.

Despite the fact of having no official documentation yet, NBPoW was discussed with members of IF/IEN/community recently, resulting in some interesting brainstorming.

To me, it all started when Ivancheglo pointed me to the Bandwith Allocation Wikipedia entry after I asked for some pointers toward understanding NBPoW. After reading, I quickly saw that the nature of the EM spectrum made it a good candidate for resource constraints.

One of the things didn’t fit for me was the idea of putting together the use of the EM spectrum and proof of work, inherently associated with computational work. The PoW part in this new system was a chunk for which I could not find a place in my head. After some research, I think it’s just confusing nomenclature, and it wouldn’t surprise me if eventually they just change the way it’s worded. “Proof of Bandwidth” is already taken, and I suspect that is the reason why we’re left with the confusing “NBPoW” terminology.

Dive into the rabbit hole

As we saw in the examples given earlier, PoW made identity forgery very impractical and provided a mechanism to protect network participants from Sybil attacks. The idea of NBPoW is to use the EM spectrum in scenarios where radio waves are involved. Things like Wifi of Lifi can control the way nodes interact with each other. This can be done because of the way in which radio frequency based networks work: the number of neighbors that can be present in a given location of the spectrum is limited. An attacker trying to spoof or take the place of another neighbor in the spectrum would be extremely difficult.

Following the concepts in the On the Use of Radio Resource Tests in Wireless ad hoc Networks paper, a work recommended by Serguei Ivancheglo some time ago on the#tanglemath Slack channel, resource testing can be used to determine if a set of identities possess fewer aggregated resources than would be expected.

This paper, writen by Diogo Monica, Joao Leitao y Luis Rodrigues from the INESC-ID of Lisbon states:

Radio resource tests operate under the assumption that it is possible to establish a bound to the resources available to a single node. Two non-sybil identities must, therefore, be capable of demonstrating that they own more aggregate resources than those available to a single node. Different kinds of resources can be tested, including computational power, storage capacity, and network bandwidth.

NBPoW is all about your place in the EM spectrum and its inherent limitation to one neighbor per zone around your current position (think in terms of 8 zones around you, covering 360 degrees from your perspective). Assuming that nodes cannot simultaneously transmit in more than one channel, it is not possible for a malicious node to replace one of the neighbors you’re in contact with.

Check the following graphic: you are in the center surrounded by 8 honest nodes. As long as you have a node in one zone, that node’s place can’t be occupied by another one (malicious or not) because you can only have one node per channel/zone.

The 8 surrounding zones being used by valid nodes guarantees that the content being communicated from them is not corrupted since 100% of possible traffic is utilized, leaving no room for a Sybil attack.

Conclusion

Network Bound Proof of Work is based on the use of various radio resource tests (RRT) to detect Sybil identities and ignore malicious nodes, securing the legitimacy of our neighbors. This system is only usable with radio devices and will not replace Proof of Work fully, which means the traditional PoW will continue being used in the appropriate scenarios.

IoT devices using Wifi, Lifi, or any radio wave based medium could use the scarcity of the EM spectrum and the channels limitation shown above as a measure to protect against identity forgery on the network.

A comprehensive EM spectrum based identity protection system could be very useful for Economic Clustering scenarios in which many devices don’t possess the requisite computation for more traditional PoW.