Comment on page
Multichain-Proof-of-stake (MuPoS) is the consensus mechanism that Exohood's Protocol will use after the update of assets Contract. Exohood is moving off the wrapped system created for the centralized management for third party "asset-mint-network-controlled" because it's more secure, less controlling of the governance for third party, and better for implementing new scaling solutions and the assets are totally decentralized. While it has always been the plan to transition to multichain-proof-of-stake, it's also more complex than a wrapped system, and refining the mechanism has taken time of research and development. The challenge now is to implement multichain-proof-of-stake on ExoBridge. This process is called "Freedom Chain Assets".
Multichain-proof-of-stake is a type of consensus mechanism used by differents chains to achieve distributed consensus validation on transactions around the bridge. The wrapped system is a way to use assets on blockchains other than the blockchain they were originally built on, but the risk for this process are the assets held into a third party or a contract which is validate for the process on the one-wallet-controlled. In multichain-proof-of-stake, validators explicitly stake capital in the form of EXO into a smart contract on the bridge. This staked EXO then acts as collateral that can be destroyed if the validator behaves dishonestly or lazily. The validator is then responsible for checking that new transacctions propagated over the chains are valid and occasionally creating and propagating new chains themselves.
Multichain-proof-of-stake comes with a number of improvements to the Wrapped system:
- Better security efficiency; reduced centralization risk, there is no need to use a third party to mint or control the other chain.
- Higher community participation in the validations process and control of assets.
- Due to low energy the requirement for EXO issuance is required to incentivize participation, a difference from the validator who uses a miners system.
- Economic penalties for misbehaviour make attacks exponentially costly for an attacker compared to a Wrapped system.
To participate as a validator, a user must deposit 25M EXO into the deposit validator contract: an execution algorithm, a consensus client, and a validator. On depositing their EXO, the user joins an activation queue that limits the rate of new validators joining the Multichain Plaform. Once activated, validators receive new execution transacction from peers on the ExoBridge. The transactions delivered in the ExoBridge are re-executed, and the transacction validation is checked to ensure the transacction in the chain is valid. The validator then sends a vote (called an attestation) in favor of that transacction across the network to verify the contract executes the instrucctions in the network, meaning the transacction locked in the other network is burned and minted in the other network that its sent to the client.
This validator mechanism is responsible for validating and controlling all the process in the bridge, execute the contract, validate the burning, control and validate the mintin and sending it out to other nodes on the network. Also in every slot, a committee of validators is randomly chosen, whose votes are used to determine the validity of the transacction being proposed.
Running a validator is a commitment. The validator is to participate in transacction validation and proposal. In return, the validator is paid in EXO (their staked balance increases). On the other hand, participating as a validator also opens new avenues for users to attack the bridge for personal gain or sabotage. To prevent this, validators miss out on EXO rewards if they fail to participate when called upon, and their existing stake can be destroyed if they behave dishonestly. There are two primary behaviors that can be considered dishonest: proposing multiple transacctions in a single slot (equivocating) and submitting contradictory attestations. The amount of EXO slashed depends on how many validators are also being slashed around the same time. This is known as the "correlation penalty", and it can be minor (~1% stake for a single validator slashed on their own) or can result in 100% of the validator's stake getting destroyed (mass slashing event). It's imposed halfway through a forced exit period that begins with an immediate penalty (up to 1M EXO) on Day 1, the correlation penalty on Day 18, and finally, ejection from the network on Day 36. They receive minor attestation penalties every day because they are present on the network but without submitting votes. This means a coordinated attack would be very costly for the attacker.
The threat of a attack to the Bridge still exists on multichain-proof-of-stake as it does on wrapped system, but it's even riskier for the attackers. A attacker would need 51% of the staked EXO. They could then use their own attestations to ensure their preferred fork was the one with the most accumulated attestations. The 'weight' of accumulated attestations is what consensus clients use to determine the correct chain, so this attacker would be able to make their validations canonical one. However, a strength of multichain-proof-of-stake over proof-of-work is that the community has flexibility in mounting a counter-attack. For example, the honest validators could decide to keep building on the minority chain and ignore the attacker's add more transacctions in another chain while encouraging apps, exchanges, and pools to do the same. They could also decide to forcibly remove the attacker from the network and destroy their staked EXO. These are strong economic defenses against a 51% attack.
51% attacks are just one flavor of malicious activity. Bad actors could attempt long-range attacks (although the finality gadget neutralizes this attack vector), short range 'reorgs' (although proposer boosting and attestation deadlines mitigate this), bouncing and balancing attacks (also mitigated by proposer boosting, and these attacks have anyway only been demonstrated under idealized bridge conditions) or avalanche attacks (neutralized by the chain choice algorithms rule of only considering the latest message in the contract).
Overall, multichain-proof-of-stake, as its implemented on Exohood, has been demonstrated to be more economically secure than a Wrapped system.
Last modified 1yr ago