Monero recently hit the spotlight for less than ideal reasons: Qubic, a newer cryptocurrency project, essentially launched an attack on the network through mining incentives, reaching a significant portion of the hashrate and causing chain reorganizations. This has caused significant drama, and the community is actively looking for solutions to beef up security.

I just may have found the ideal combination of solutions.

Is It Actually a Problem?

So while many sensationalist news headlines spread inaccurate or exaggerated information, the truth is, this is a serious issue. A single miner was able to override 6-9 blocks several times this month. The fact that a miner from a much smaller cryptocurrency project was able to gain a significant portion of the hashrate, and mine 10 blocks in a row, should be concerning.

A determined, well-funded adversary could attack the network and reverse transactions, all without any specialized hardware that would be rendered useless if the coin went to zero. For any cryptocurrency that wants to stand up to nation-states, this should be unacceptable.

It's like someone pulling a gun on you and shooting at you: just because you weren't actually shot doesn't mean you didn't come close. You can argue all day long that there's no way that their aim was good enough to actually hit you, but it's better to just not be in a position to be shot at in the first place.

The Privacy Exploit

There's another angle I haven't seen covered yet: the severe privacy vulnerabilities that a mining attack with this goal in mind could create.

https://inleo.io/@thedessertlinux/monero-exploit-discovered-ceo

Essentially, statistical analysis was shown to be able to reduce Monero's effective ring (decoy) size from 16 to about 4.2. Combined with a flooding attack (where an attacker floods the network with transactions to load up the decoy set with their own), that number can be drawn down to about 1.3. Read this article for more info.

These attacks can be made much easier when combined with a significant portion of the network's hashrate. At a minimum, if an attacker controls, say, half the hashrate, the blocks they mine will probably contain about half the transactions from their flooding attack, meaning they can do it at a 50% discount, since they will receive those transaction fees. But they can also mine empty blocks, or mine only their own transactions, significantly increasing the ratio of their transactions vs. honest ones, or lessening how many transactions they need in order to make up the majority on the network.

Now, Monero is working on Full-Chain Membership Proofs (FCMP++), which basically expands the decoy set from 16 to any output ever on the chain. This should make all these attacks ineffective, even when combined. In the meantime, however, the threat is very real.

The Dash Solution: ChainLocks

@Dashpay, a purely proof-of-work chain for most of its history, implemented a function called ChainLocks to mitigate 51% attacks in 2019.

Essentially, a rotating quorum of masternodes, which are collateralized (staked, basically) nodes, lock in the first-seen block mined on the network. Any blocks built on chains other than the ChainLocked one will be rejected. This not only prevents 51% attacks, but also selfish and secret mining (which Qubic successfully pulled off), making the chain more efficient and resistant to even more minor mining attacks.

If for whatever reason a ChainLock fails on one block, locking the next block will retroactively lock the entire previous chain. If an attacker manages to compromise the whole masternode network (which would require acquiring a large percentage of the coin supply), then ChainLocks fail, but the underlying proof-of-work network continues to work as if there were no ChainLocks at all. In other words, the worst case is that we'd end up in the same situation we are in now, relying on the current mining setup.

Monero doesn't currently have masternodes, but could implement something similar, except with the sole purpose of securing the chain through ChainLocks instead of also working on instant transaction settlement, governance, the data layer, etc.

The Zano Solution: Zarcanum

The Monero community may not want the public nature of masternode collateral, however. Thankfully, there exists technology that allows staked nodes to keep their stakes private. Enter Zano.

Zano, a proof-of-work/proof-of-stake hybrid which uses essentially the same privacy tech as Monero, implemented Zarcanum, which essentially keeps stakes private. A masternode-type node on Monero could secure the chain with ChainLocks while keeping its stake private by using an approach similar to Zarcanum.

Now, Zano already shares very similar code to Monero, and is protected against 51% attacks, so an easier solution to implement may simply be porting over Zano's tech. However, Zano is technically partially proof-of-stake (staked nodes do produce blocks), and some in the Monero community may be concerned about a departure from a purely mining-based consensus mechanism, whereas ChainLocks keeps the mining layer and merely fortifies it.

Consider ChainLocks to be PoW++.

The Nano Solution: Open-Representative Voting

There's one final hurdle: both Dash and Zano's models involve splitting the block reward between miners and masternodes/stakers. With an already limited coin emission thanks to the tail emission and not much fee revenue yet, the Monero community may not want to reduce the security budget allocated to miners. They may also be philosophically opposed to staking rewards.

This is where Nano comes in.

Nano uses Open-Representative Voting (ORV). Basically, users direct their funds to "vote" for representative nodes, and can change their vote at any time. The nodes with the most funds voting for them qualify as principal representatives. This looks sort of similar to a delegated proof-of-stake model, except one major difference: neither representatives nor voters receive any block rewards or fees.

This would work well with a Monero + ChainLocks model since none of the security budget would be taken away from mining, and it would leverage one of Monero's biggest strengths: its active, resilient community. We've seen the community rallying around mining to counter the Qubic attack. It's much more their speed to assemble their funds and use them to vote for recognized representatives during an attack than it would be to simply trust paid validators to be honest.

By implementing ORV from Nano kept private by Zano's Zarcanum to select node quorums to secure the chain via Dash's ChainLocks, Monero could get next-level chain security while still remaining 100% proof-of-work, not changing its security budget at all, and leveraging its active community's participation. A uniquely-Monero solution to 2025's challenges.

When Monero overhauls its security model as the system described above, and implements FCMP++, it will be ready to take on almost whatever adversaries the world has to throw at it. The day that comes I will be very excited for Monero!

Posted Using INLEO