overview

Layer 0 Scaling: Has Everyone Conceded?

The network layer (Layer 0) has long been considered a key bottleneck in blockchain scaling. Since the demise of Napster and the rise of more decentralized architectures like Gnutella and BitTorrent, P2P networks have been considered necessary to ensure censorship resistance, and are often seen as a necessary compromise that trades off efficient centralized architectures performance for better security. Decentralization, people say, has to come with sacrifices. In the debate over block size, it remains an open issue to set the minimum bandwidth requirement for nodes in a P2P network to determine the maximum block size while maintaining a low fork rate and sufficient decentralization. Communicate effectively.

Protocol developers have attempted to overcome network bottlenecks in various ways, either by designing consensus algorithms that do not lead to orphans (Structured DAGs), increasing resource requirements (Solana), limiting consensus nodes (EOS), or by moving transactions off the P2P network (Lightning). In Bitcoin, the most well-known means of accelerating block propagation are still compressed blocks, Graphene, FIBRE (a relay network protocol of the same name voluntarily maintained by Matt Corallo), Falcon, etc. Mesh spynets. However, none of these solutions can securely solve the fundamental problem of the network layer to significantly increase the throughput of the blockchain, which is the key to Layer 0 scaling.

secondary title

Inspired by content delivery networks (CDNs) in web 2.0, centralized relay networks (CRNs) are often used to speed up block delivery. They replace P2P communication with a cloud-based overlay for an optimal low-latency multicast topology with global coverage.

Bloxroute Labs, the operator of such a centralized relay network, has proposed a set of measures called provable neutrality to prove the trustlessness of their system. We discuss testing these measures below, examining whether these mechanisms successfully demonstrate trustlessness, and concluding that centralized relay networks (CRNs) are always biased and therefore an extremely insecure isolated extension solution. We list some basic and fairly well-known key attack scenarios that should serve as a checklist for designers of future Layer 0 scaling solutions and inspire the design of Marlin.

Check for provable neutrality

Bloxroute maintains trustlessness by preventing blacklist-based censorship (the act of censoring blocks based on content and/or origin), an approach that requires miners to first publish encrypted blocks on a centralized relay network, and then publish encrypted blocks in what the miners deem encrypted. When the block has reached the main part of the network, the decryption key is distributed through the P2P network. Additionally, miners can send garbage blocks (test blocks) to check if the centralized relay network censors them using their IP address, and if so, send their valid blocks using the anonymity network. Unfortunately, as shown below, these measures fail to prove the trustless nature of the system and expose the blockchain to a new round of attacks.

secondary title

Censorship resistance, a property that ensures transactions are not blocked from being recorded on the ledger because of their purpose or because of parties who use the blockchain as a goal of financial freedom. Therefore, block producers should be able to operate without fear of retaliation for blacklisting transactions. Today, blockchains ensure this property by designing consensus algorithms that require an attacker to coordinate a large portion of the network to be able to check whether a block is included in the blockchain as long as it passes through the network's main Partial spread. Gossip and full nodes are essential to ensure the latter requirement.

Whitelists: However, any centralized relay network can impose IP address-based whitelists. The relay network can prioritize blocks from whitelisted IP addresses (in the case of benign profit drivers), or can completely exclude the transmission of blocks from non-whitelisted miners (according to requirements given by government authorities, centralized relay directives that the network needs to follow).

Miners build on the first valid block they receive. When competing, miners produce blocks almost simultaneously, and miners that take longer to propagate are more likely to be orphaned. Under the current system parameters, the simultaneous mining of blocks is almost infrequent. However, in networks where more aggressive system parameters are used to increase throughput, the probability of this happening increases significantly.

secondary title

Competition at the network layer is difficult to detect. Worse, this priority propagation can be further masked by giving disadvantaged miner blocks occasional higher priority (high enough that the bias doesn't become apparent, but low enough that the victim's running above is not feasible).

Extortion: Threats to Miners' Existence

secondary title

As the centralized relay network becomes the gatekeeper of the blockchain network, the public chain effectively becomes a permissioned chain. While centralized relay networks can quietly centralize blockchains and quietly threaten miners to be kicked out for business reasons, government authorities can also force centralized relay networks to ensure only KYC miners are registered with them to transfer data over their network.

secondary title

The previously described censorship-resistant mechanisms rely heavily on miners producing blocks, rather than premature gossip of decryption keys. This is a questionable assumption, since miners are incentivized to propagate their blocks as quickly as possible (a prerequisite for such a relay network). With the relay network not biased towards any particular miner, the competition for block propagation becomes a competition for decryption key propagation.

secondary title

In a normal gossip network, the validity of the block is checked first, and the propagation of invalid blocks is prevented to avoid DoS to the network. The encryption of blocks, however, opens up a new (D)DoS attack vector that has never been seen before on a network using a centralized relay network. Since encrypted blocks cannot be checked for validity, they are blindly forwarded to all subscribing miners. This has actually been described as a feature earlier (see test block). As a result, it is easy for a centralized relay network to spread a large amount of garbage invalidating DDoSing miners' blocks, and full nodes of the network using it.

While simple DoS attacks are easily prevented by rate-limiting nodes, any geo- or IP-based heuristics to prevent DDoS on centralized relay networks are unlikely to be fair. Since permissionless networks allow any miner to join the network and produce blocks without any subscriptions, and a given miner is required to use Tor to prevent censorship, any identity-based heuristics to prevent DDoS make the system vulnerable to the fact that there is no central Miners with a previous "reputation" registered with the Relay Network are not fair. Since the centralized relay network effectively realizes multicasting, the DDoS attack on the centralized relay network not only reduces the service quality of the centralized relay network, but also consumes the resources of each miner and improves the efficiency of the attack.

2. Miners of smaller partitions lose revenue as their chains become orphaned

3. More vulnerable to selfish mining attacks

As Maria points out in her work, hostile targets at the AS level are also capable of performing such attacks. Mining pools protect themselves from potential mishaps through a high degree of multi-homing (connecting through multiple Internet service providers). However, centralized relay networks, as a single entity with control over the overlay network, have the potential to carry out such attacks on their own, either under government coercion or for commercial reasons. Coupled with priority propagation, blockchain reorganization becomes easier.

meaning

secondary title

In cases where the centralized relay network itself acts as a hostile target, it first seeks to establish a monopoly in the field. The traditional way to achieve these goals is to protect technology through patents and eliminate competition through predatory pricing. For example, Bloxroute Labs has filed seven patent applications. Plus, it costs next to nothing. However, this strategy may help attract blockchain developers to rely on them for increased throughput, as they see it as providing higher throughput for free, with no apparent downside.

Once established, centralized relay networks may continue to raise fees in the future and squeeze fees from protocols that wish to interfere with rentiers.

secondary title

A misbehaving centralized relay network should be easy to deal with, right? Let's consider the options of the victim blockchain community.

(1) Completely remove their reliance on centralized relay networks: Community sentiment against centralized relay networks may lead protocol developers to completely remove centralized relay networks from their architectures. Blockchains whose throughput increases by (10^n)x may suddenly see their throughput drop by (10^n)x. Applications built on such blockchains will crash until they can Migrate all state and logic to a new high-throughput chain that does not rely on a centralized relay network. Imagine the state of Youtube, Facebook, Instagram with internet bandwidth reduced from 100+ mbps to a maximum of 10 kbps! Also, unintegrating the centralized relay network requires a hard fork! Given this extreme but plausible possibility, application developers geared toward long-term builds may never choose to build on a chain that relies on a centralized relay network.

(2) Replace the centralized relay network with another: In order to avoid a hard fork and effectively kill the Dapp ecosystem built on the blockchain, protocol developers can consider replacing it with another more "credible" Centralize the relay network, or run their own. But if Bloxroute is any indication, it will take more than $10 million in funding and more than two years of development to build one. Therefore, if blockchains do not integrate multiple centralized relay networks from the beginning, they may not have many resources in difficult times.

"Ultimately, if operating a centralized relaynet ecosystem is profitable, it will likely replicate the growth of mining pools, allowing infrastructure providers and a few major players to dominate the market. However, the failure cases of centralized relay networks are very different and relatively more detrimental to blockchain protocols. While the blockchain can function even in the face of failures by mining pools and infrastructure providers running nodes at home and remote locations, the centralized relaynet architecture described earlier fails to provide Alternatives that do not affect quality of service in the event of a relay network failure.

secondary title

Entrapment Techniques: Goldfinger Attacks

The attacker's motivation is based on something outside of the Bitcoin economy. For example, such a hostile target could be a law enforcement or intelligence agency looking to weaken Bitcoin holdings. Likewise, hostile targets may have large short positions in the Bitcoin exchange market.

While Kroll introduced the attack specifically against the Bitcoin blockchain, the attack is valid against any decentralized network. Given the damage that centralized relay networks can do to blockchain networks, they make attractive targets for hostile targets seeking to harm such networks.

Companies like Chain Analysis, Elliptic, and CipherTrace could work with the centralized relay network to receive additional data to optimize transactions if the centralized relay network is also used to propagate transactions.

Stripping Governance

So, are relay networks fundamentally bad?

Quite the opposite! Centralized relay networks are great. They ensure that a greater percentage of hash power is used to secure the main chain. In fact, almost nothing can avoid the existence of a private relay network. Most protocols indirectly incentivize their creation. Large Bitcoin mining pools are able to privately coordinate to transfer blocks to each other in a single packet, regardless of their size. This unfair advantage is so severe that Matt runs a relay network at his own expense (to allow for more diverse topologies), actively encourages other operators to run separate fiber networks, and Bitcoin limits the block size to ensure There are minimal efficiency gains through this centralization scheme (there are many other reasons for imposing this limitation, such as initial sync time, full node storage and verification requirements, etc. are beyond the scope of this paper).

The downside is the mechanisms used to guarantee trustlessness when this network of private relays is promoted as a radically scalable solution. It is in this context that relay networks become the difference between centralized and decentralized, as permissionless P2P block propagation via gossip protocols is no longer a viable option.

secondary title

the way forward