Image for post
Image for post

Issues with the Layer Protocol and LRX.

Adam Zethraeus
Jul 9, 2018 · 7 min read

The Layer Protocol is a project that aims to provide a ‘distributed reputation, incentive, and payments’ system on the Ethereum blockchain. The Layer Foundation is planning an ICO in Q3 and has released a whitepaper (v1.0.1) with technical specifications. Layer is intended to be used by ‘asset sharing’ services like Airbnb, Zipcar, or ride hailing companies as a way to look up and rate the trustworthiness of their users. Layer shares a founding team with Spin, a dockless bike and e-scooter startup, and the team’s stated plan is to bootstrap Layer with Spin as its first consumer.

(See Addendum for comment from the Layer team confirming that the Layer Protocol is centralized, trusted, and unverifiable.)

A brief description of the protocol

The network will attempt to incentivize proper use by collecting an (undefined) ‘bond’ from companies before allowing them to query for Users’ reputation scores, charging companies for each query, paying Layer Nodes to do reputation calculations and report them quickly, and holding a bond associated with Layer Nodes to punish them if they report a reputation score which is not in line with the majority. The various bonds and costs decrease in line with good behavior. The incentives are intended to keep companies from acting as free-riders by not contributing back to the network and to keep Layer Nodes honest.

Important undefined implementation details

The identity system is not well defined. Details of how end user accounts are created and updated are totally omitted. It’s stated that end users are identified only by their real world information (i.e. not some keypair forced down on confused Lyft riders), but this information is noisy. For example phone numbers will be recycled and then re-used by other users on other networks. If two different credit cards are used by the same person on two different services how will the network eventually merge those two accounts?

Identified Issues

The public nature of the backing data store, or Layer Nodes, or blockchain.

The public nature is however ostensibly at odds with the value of the information. Note: companies like Lyft spend huge amounts of resources combating fraud.

The Layer Protocol appears to assume all asset providers would chose to pay the bond to be part of its ecosystem. However it’s unclear what’s to stop real world asset providers from behaving parasitically. Why would I, as Lyft, not simply search the the backing data store for reputation input into my existing fraud risk estimation service? Or, if it’s hidden or encrypted, run a Layer Node with access to it. Or, if Layer Nodes are run only by the Layer Network, observe the public blockchain to collect asset providers’ input about users? Remember, companies like Lyft already have all of the information required to map a user hash to a real world user — by design.

The solutions to this issue would involve encrypting the publicly available rating data, and so involve key exchange between the asset providers and a trusted centralized party (the Layer Foundation).

Usage data leakage

Layer Node Stake value vs. the value of the vended information.

Layer Node accountability is done via majority consensus of ‘all’ responding Layer Nodes (presumably within some SLA). Should a node be slow or return a value out of agreement with the majority its stake is forfeit. Assuming non-trusted entities can run Layer nodes, this system as described is vulnerable to a Sybil attack (the creation of cheap duplicate identities). Should honest nodes be crowded out by coordinated lying nodes, the honest nodes’ stake will be forfeit.

This means it’s financially reasonable to attack Layer in order to gain fraudulent access to a real world asset.

A potential solution to this is to implement a post-hoc accountability process, and make Layer Nodes provide a long running bond relative to the value of the assets themselves. Bond value may even have to be high for each individual node if competing nodes could be brought down at the cost of a denial of service attack (either via the public internet or via other actions on the network). Another solution is to make Layer Nodes private, or only be run by the trusted parties in the Layer Foundation. The whitepaper doesn’t explicitly state that this isn’t already the case, it just heavily implies it.

Shared asset providers

Final thoughts.

The only way to ‘fix’ this would be to do key exchange with a centralized, trusted, service. This would dispense with the value of using the blockchain as this system would no longer be trustless or verifiable. This would effectively render the Layer Protocol a SaaS enterprise, and companies would require contractual trust in the regular legal system before trusting them with their data.

Lastly, should Spin actually use Layer as their own reputation engine, they should expect competing companies to use the public data they provide as competitive intelligence.

Addendum

[The Layer foundation as a trusted centralized party] is our intended goal […] we’ll be the issuing authority of private keys initially -Derrick

Derrick explain that the Layer Foundation will indeed be the centralized trusted party supporting the Protocol. All public data will be encrypted, and the layer nodes will be initially trusted (and later perhaps incentivized with the type of very large bond I described). He didn’t propose any way for the Layer Protocol to migrate off of this trusted setup. Note that an attempt to do this migration would lead to the significant public-data issues described in this post. (He also confirmed data would be stored in IPFS).

Layer will therefor be a centralized and trusted software service, in the same manner as a regular SaaS business. Reputation on Layer is not verifiable by the asset providers or users, and the Layer Foundation doesn’t have any plans to change this. This means any asset provider using Layer would be irresponsible not to have a regular, legally enforced, contract for services from the Foundation.

The Layer Protocol is made slower and more complex by building on the blockchain. It gains no clear benefits from using this stack.

These issues are fundamental to the project; I don’t expect any asset providers beyond Spin to engage with the protocol — but I wish the Layer team the best of luck proving me wrong.


Addendum part 2.

Layer was but one blip in the 2018 blockchain speculator frenzy. It’s founders, Euwyn Poon and Derrick Ko, work for Ford.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store