Hacker News new | past | comments | ask | show | jobs | submit login
Lynx: Power-Efficient Cryptocurrency Using RPi [pdf] (getlynx.io)
31 points by xiii1408 22 days ago | hide | past | favorite | 17 comments

I'm pretty sure this Hybrid PoW doesn't work. All these arbitrary rules can be circumvented by an industrial miner by generating the right addresses at the right moment with right amounts of coin. It just needs some statistics.

I've seen a ton of proposals similar to this and even thought of a few myself, and all of them fail to prevent a motivated and funded attacker from monopolizing a plurality or even 100% of mining. The only way around this is to explicitly identify miners (like Libra a.k.a. Facebucks), but that introduces centralizing forces.

AFAIK proof of stake is the only approach that I've seen that could potentially work in principle but it has its own problems including encouraging wealth centralization, contributing to the deflationary nature of the currency, and being vulnerable to attacks by players with large fractions of the currency's float under their control.

This is a hard problem. PoW works but at absolutely mind boggling cost.

I think the fact that the reward address is part of the hash, and has to have the balance would prevent just swapping out the reward address.

You can just have multiple addresses each with the required balance.

You can. However, there is a 1 week delay in cashing out for a miner, and award is randomized. First to mine does not guarantee the mining award. To guarantee a reward, you’d need to run at least 4096 nodes, for a 1 block payoff.

So, a lot of staked addresses. That sounds like a good thing.

Transparency: I'm the founder of Lynx Core and I designed the 3 Hybrid PoW Rules.

The system has been running stable (but a little slow) for over a year and a considerable amount of research and time has been spent focusing on each of the 'arbitrary rules'. I would agree with your initial sentiment of the comment though, popol. Each of the rules can be circumvented. But look deeper.

Each of the individual Hybrid PoW Rules are designed to be part of a bigger picture. With a combination of time and money, a bad actor could overcome each one of the individual Rules, yes. The challenge lies in being able to coordinate and consistently overcome all of the Rules for a sustained contiguous series of blocks.

The first rule forces the miner to rotate reward addresses after a block win. Not a huge deal, to be honest. 60 blocks is the wait time. So an attacker would probably need to work with 61 addresses for starters. Research with GPU mining software and some research with ASICs show that this isn't an easy thing to do (right now). We all know that that isn't an excuse as once incentives exist to do it, some smart person will fork cgminer(?) to rotate reward addresses. It's only a matter of time. But it works for now, and since Lynx mining isn't profitable, the financial incentive to do it doesn't exit (yet).

The second rule requires the respective reward address to have a fluctuating minimum balance at the time the block is won. Kind of like PoS, but not really. You don't increase your chances of winning a block by having a greater balance, nor do you win a greater coinbase reward (plus fees). Also, the requirement amount is correlated to the network difficulty. Once the network diff starts to increase (due to an array of reasons including an attack with an ASIC) the minimum balance requirement in each address changes. The ceiling on the per address balance is 100 Million Lynx or ~$46k USD (at todays prices). The minimum is 100 Lynx or $0.46 USD at todays price. So today the cost to fund 61 addresses would be ~$28 USD. Again, not a big deal. But once the ASIC is enabled and the network diff changes, that cost increases quickly so funding those addresses might be prohibitive. (As a result, the system is the most secure as long as we have 2 or more concurrent attackers.)

The third rule is the most tedious. A random selection match must occur with a 1 in 256 chance of match. Without a match, the candidate block is flagged as invalid. As well, the network consensus rules will not pass a block that doesn't meet the requirement. The values for the match are embedded in the block header, so it's easily verifiable. Again, easy to overcome with time and money.

The 3 Rules operate on top of the normal business rules of Proof of Work that we are used to with Bitcoin/Litecoin. The design is inspired by the idea of not relying on a single threshold or security layer that is all encompassing to secure PoW, but instead rely on a combination of weak layers that when combined create a stronger solution. With effort, anyone can break a bamboo shoot, but breaking a bundle of bamboo is a near impossible feat.

It's been stable for over a year. The question remains. Does it really work? Did we implement it poorly? Does it scale? Interested in your thoughts. -ben

All these rules are nothing more than solomining theatre. An ASIC with one million times the hashrate of an RPi, driving one million solominer simulators, can earn as many rewards as one million RPis.

I don't see how it could work even in principle. If mining is profitable at all, what would stop a single miner from impersonating multiple miners? If it doesn't work, why would it be profitable to an intended user with RPi?

The intended design is for mining to not be profitable.

It looks like the phased introduction of Rules 1 and 2 have already achieved a breakup of mining power. There looks like the occasional ASIC miner that pops in, causes a disruption, and the miner leaves.

Time will tell if these set of incentives will achieve what the designer intended.

If mining is unprofitable doesn't that incentivize people to do underhanded things like Sybil attacks?

Sure. There are some other things to mitigate that. I forgot which rule, but one of them limits what a successful Sybil attack can do.

The whitepaper with the complete list of business rules and why those were chosen are worth reading.

Well exactly. As a system for preventing sybil attacks this doesn't do anything.

I'm a tiny bit disappointed that I can't open your website with the lynx web browser :)

As a fan of both the text-based browser and the cryptocurrency, I find the name collision humorous. We'll have to bring up the lack of lynx browser support with the devs :)

FWIW Lynx is not designed to be mined for profit. It's meant to turn that logic on its head and be mined only to secure the network and your investment in it. The rewards are very low and a high powered miner would waste FAR more costs on electricity than they would ever make attempting to attack it.

There's a service built on top of Lynx called Logware.io which is a data storage API service. A small amount of Lynx is burned to create each storage transaction. Over time this will both deflate the overall supply plus create natural buy pressure as the Logware company will eventually need to buy more Lynx for their own service to continue operating.

The more clients they get the more data will be stored thus the more Lynx will be burned.

If you'd like to learn more come hang out with us in Discord! https://discord.gg/yTfCs5J

Applications are open for YC Summer 2021

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact