This article is a translation of the German IOTA Beginner’s Guide by Schmucklos.
Adaptive PoW – A Rate-Control Algorithm for More Protection and Fairness in the Tangle
The IF is researching new algorithms to avoid congestion or bottlenecks in transactions in the Tangle. Malicious nodes that cause damage via spam, DOS attacks or similar must be prevented from negatively affecting the network. Therefore, a control mechanism for the transaction rate of each node is essential to keep the Tangle running smoothly in the future. Beyond this standard anti-spam requirement against malicious nodes, the IF wants to develop an algorithm that achieves some level of fairness and guarantees that nodes with low computational power still have a high probability of having their transactions approved. The IF believes these are fundamental requirements to accelerate technology adoption.
A first possible way to address the problem of transaction rate control in the Tangle is to build a reputation system for Nodes that rates them and classifies them as “trustworthy” or “untrustworthy” if necessary. To this end a “good reputation” should be hard to get but easy to lose. If a node approves an invalid transaction, attempts to spam the network, or exhibits similar bad behavior, it is identified and digitally branded by other nodes. As a result, that node is classified as “untrusted” and its transactions are very likely not to be approved.
However, a reputation system is only a general-purpose approach, so it is not specific to transaction rate control. For these reasons, IF is exploring a new type of adaptable transaction rate control algorithm based on the following ideas:
- some computational effort is required to perform a transaction
- the computational overhead required to perform multiple transactions in a short time interval increases incrementally
- while fast nodes can issue transactions more frequently, nodes with low computational power are still guaranteed to have their transactions approved with high probability
The two main components of the algorithm necessary to achieve the above goals are assigning a global identity to each node and to the actual adaptive transaction rate control mechanism that is based on different proof-of-work difficulties. Global node identities are mandatory to implement a transaction rates control mechanism in a distributed system. If each node has an identity, public-key cryptography can be used to sign a transaction and tamper-proof it to its issuing node. By introducing identities, a distributed system becomes vulnerable to Sybil attacks*, in which a malicious entity masks many fake identities and uses them to overcome transaction rate control and launch a coordinated attack or spam the network.
*Sybil attack is an attack on peer-to-peer networks by creating false identities. The attack may be aimed at, for example, influencing majority voting and network organization, deliberately slowing down the network, disrupting connectivity on the network, or, for example, eavesdropping on communications between other peers.
The IF wants to make such a Sybil attack more difficult through so-called resource testing, where each node identity must prove possession of certain hard-to-acquire resources. The IF has decided in its algorithm to prescribe a certain number of Iota Tokens as resource / security (stake) and to implement a simplified version of proof-of-stake. These are necessary requirements for each node with identity and only nodes with a minimum amount of Iota tokens as collateral are allowed to perform transactions. The number of IOTA Tokens (Stake) is not reduced. The new kind of customizable proof-of-work allows each node to issue transactions while penalizing spamming actions.
As an additional security measure, the IF wants the total number of transactions issued by a node to be limited. The higher the security (stake) of a node, the higher the number of transactions that the same node can issue. This threshold provides two benefits. First it ensures that even a user with infinite processing power cannot arbitrarily spam the network and second, a proper choice of threshold can minimize Sybil attacks.
The discrepancy between smaller general-purpose devices and optimized hardware in terms of proof-of-work performance lies in the speed of computations. Therefore, any proof-of-work based transaction rate control would ultimately disregard smaller resource poor devices. Conversely, a purely stake-based system would lead to a centralization in which only the “rich” users (nodes) can participate.
For a good transfer rate control algorithm, the IF would like to combine the two approaches mentioned above. Slow nodes with low collateral (stakes) can do a few transactions at cheap rates, while at the same time faster nodes cannot spam the network due to a limit on the number of transactions.