Earn $52 of OXT Free with Coinbase!
Simply click the link above to get started or read through the white paper below to learn more.
Orchid: A Decentralized Network Routing Market
Jake S. Cannell, Justin Sheek, Jay Freeman, Greg Hazel, Jennifer Rodriguez-Mueller, Eric Hou, Brian J. Fox, and Dr. Steven Waterhouse.
We present Orchid: a decentralized market for anonymous communication and virtual private networking.
Extant privacy solutions are either opaque commercial services with concomitant centralization risks or free peer to peer networks which lack the proper aligned incentives for service quality and economic security at scale.
Orchid is a bandwidth market where node providers stake tokens to advertise their services using the Ethereum blockchain.
Clients construct single or multi-hop onion routed circuits by selecting nodes randomly weighted on stake and filtered on secondary criteria (price, location, etc.). Staking aligns incentives against operator malfeasance and linear stake weighting in particular neutralizes sybil attacks.
Orchid uses a probabilistic payment system which scales to millions of transactions per second, enabling a highly liquid bandwidth market without a trusted central party.
Payments at packet scale allow high frequency trustless interactions by reducing the implicit floated balances
between transactors to miniscule levels.
The Internet, once a free and open frontier, is today increasingly fractured, surveilled, and censored.
As governments and corporations have become ever more effective at monitoring, inspecting, and blocking connections, demand for privacy and anonymity tools such as VPNs (Virtual Private Networks) has grown mainstream.
While VPNs work well enough for most use cases, they suffer from inherent weaknesses in the centralized trust based model.
Users have little assurance that their VPN provider is not secretly logging and sharing data due to government coercion or the lure of additional revenue.
The recurring payment and pricing models of VPNs create lock-in effects, preventing users from cheaply and rapidly switching between providers when one is blocked or slow.
Current peer to peer systems such as Tor or I2P construct multi-hop circuits to hide route information from any single party.
However these systems are free and thus suffer in terms of both performance and security. Performance and quality
suffers because of poor incentives and the very limited supply of donated free bandwidth. Security likewise suffers from the low takeover cost for an attacker to provide a significant fraction of total network bandwidth.
What is needed is a peer to peer privacy network with proper economic incentives and nanopayments, allowing
clients to construct single or multi-hop routes from a unified global pool of nodes from many distinct providers. An open market system can ensure that the supply of bandwidth, provided by profit motivated sellers, can scale
elastically with growth in demand from users.
The use of cryptocurrency contractual mechanisms can provide the necessary incentives against malicious behavior.
There are several core challenges driving our design: traffic analysis, sybil attacks, and the random selection problem. We describe each briefly before describing Orchid itself in detail.
It is quite difficult, in theory and practice, to send a message without leaking any information to parties other than the recipient. In A mixing network, first proposed by Chaum, messages are routed through a number of proxy nodes, randomly reordered at each step, and encrypted in layers like envelopes containing envelopes.
Onion routing, a later development adopted by Tor, uses the same layered encryption concepts combined with unique random proxy node paths (circuits) for each persistent connection instead of a single shared circuit for greater scalability. Traf ic analysis is still a potential problem, but can be overcome at a significant performance cost by bandwidth burning (padding) and/or random message delays. Collusion is another serious problem: if at least every other node in the circuit is cooperating they can infer the complete circuit.
In any open network, agents can create many fake identities, presenting as a large number of independent nodes which in fact are all actually colluding. Retaining the property of openness while preventing a single attacker from overwhelming the system can be difficult. One solution to this problem is proof-of-work, originating in
HashCash, later adopted by Bitcoin, and proposed as a sybil defense in the earlier Orchid 0.9.2.
Proof-of-work requires each node to expend computational resources to prove their identity. Creating many fake identities would thus require a proportionally higher cost expenditure.
Proof-of-burn is similar in effect but requires only proof of destruction of crypto-currency, which has the advantage that the value of the currency burnt is redistributed to the currency stakeholders rather than fully wasted. Proof-of-stake based cryptocurrencies require users to stake currency to receive block rewards and participate in the network. We use a stake-weighting system to defeat sybil attacks and align incentives, providing key economic security advantages.
To construct secure circuits with a low probability of collusion, we need to select randomly from relay nodes in a way which is immune to sybil attacks. We accomplish this with linear stake-weighted random selection, which is Sybil-Orthogonal : an attacker gains no advantage by dividing their stake into multiple identities.
scheme also provides a simple effective means of load balancing, and has subtle additional benefits even in the case of a minimal one-hop circuit (where collusion is less relevant). Implementing a global random selection policy requires that clients have available a global list of node metadata. The earlier Orchid 0.9.2 proposed a custom Chord based DHT (Distributed Hash Table) for this purpose. For simplicity we now use the Ethereum blockchain (and it’s underlying DHT) directly to provide the global node registry.
Orchid is a decentralized platform enabling clients to compose high performance onion routed circuits with a variety of potential uses, powered by a new stochastic nanopayment system to fund such circuits. Bandwidth providers running Orchid server software obtain and then stake Orchid Tokens (“OXT”, an ERC20 compatible
1 crypto-currency) in an Ethereum directory smart contract to receive traffic and revenue in relative proportion to their stake deposit size.
Clients find nodes through stake weighted random selection, which we have implemented as a smart contract function, using a tree data structure. Clients then pay nodes using probabilistic nanopayments sent as frequently as once per second. Multi-hop circuits can use an account per hop or indirect onion payment forwarding to reduce information leakage from the payments themselves.
Circuits can fail for technical or economic reasons (ie when the circuit specific cost of a client’s traffic exceeds their current budget), and are simply resampled on failure. The core mechanisms of our design are surprisingly simple, but naturally the devil is in the details.
Privacy has long been a concern in networking, especially as ever more of our information moves online and more vulnerabilities are exposed each day.
Many of our foundational computer networking protocols and practices arose in an academic or hobbyist culture of high trust between 1961 and 1989 and are still used in modern phones, laptops, and desktops. All of them were 2 3 fundamentally unhardened and blind to economics.
The default operations are like a mail system full of machine typed postcards, lacking verification and subject to undetectable modification or replacement while in flight . 4
Internet Service Providers (ISPs) tend to be utility companies, which are notorious for cooperating with (or being 5 run by) authoritarian regimes while manipulating services to harm users while improving their bottom line.
While ISPs tend not to utterly destroy the value of their data transmission services (with some exceptions ), 6
academics certainly didn’t think of their original task as designing protocols that minimized the degree to which ISPs can corrupt voluntary bilateral client/server relationships enabled by the existence of private data transmission pipe monopolies.
Even in non-authoritarian countries, cable companies, telephone companies, or specialized firms have begun to lobby representative governments to legalize commercial espionage and explicitly violate the original norms around forwarding all packets.
Facebook’s popularity has declined dramatically since 2014 (and in 2019 ranked 94th out of the top 100 visible organizations, slightly ahead of Trump Org, and the U.S. Government itself) . 7
However, users can simply stop visiting Facebook, and have begun to do so. ISPs, by contrast, serve low viscosity markets, and 60 million Amercians are facing a literal broadband monopoly.
While attempts at hardening popular protocols have been made, there are few (arguably zero) generically fully safe fire-and-forget protocols. For example, SSH is relatively secure and widely used, but traffic analysis attacks were identified in 2003 and as of 2019 patching of the issue in real code is quite haphazard . 8
Unhardened protocols sent through untrusted ISP routers isn’t a pressing concern for most users, but many people do access the internet through coffee shops, airport, or hotel WiFi. Spying, service degradation, and price gouging is somewhat common in all these situations, because these situations recreate the ISP-like incentives in small.
When free WiFi implementations are sometimes attempted, the reduced technical budget can lead to buggy configurations which accidentally let users spy on each other.
In public perception, all of these challenges and more blur together into a vague sense that the internet in general, and especially the Internet accessed via wifi, is full of spying in a confusing and potentially dangerous way.
In the corporate world, Virtual Private Network (VPN) technology began seeing mass adoption initially as a way to allow employees (especially employees who travel or telecommute) to create an encrypted tunnel from a wider (default untrusted) networking context back into a secure work intranet. This setup was called a “VPN” because the
tunneling software enabled people to “Virtually” be “inside” their secure “Private Network”. It does not fully solve the problem of protocol hardening (the shape and timing of the traffic tends not to be protected) but sending a mixture of hardened and unhardened protocols through such a tunnel at least protects against injection attacks, and some kinds of inference attacks.
The rise of VPN services in corporate environments enabled basically the same technology to be repurposed (using similar tunneling concepts) and offered to consumer markets. In this new ecosystem there is no employer to fulfill the role of a local trusted authority, leading to various attempts by technologists, entrepreneurs, and researchers to
explore various solutions for more trustworthy secure networks.
Consumer VPNs occupy a niche along this spectrum of possible solutions, Tor occupies another, and attempts to improve on Tor have typically foundered on the challenges introduced by incentives and payments (or lack thereof).
To read more of the white paper please click the link below.
To get your free OXT from Coinbase Click the link below.
All information above is provide from the white paper released by Orchid on behalf of the OXT Crypto.