The EMERsion of Blockchain: Uncovering the Secrets of Emercoin

In the first of a series of articles uncovering the range of applications of Emercoin-enabled blockchain technologies, we look at how this cryptocurrency came to be and how it is different from all the other specimens of the booming cryptocurrency industry.

Peer-to-peer networks grow in efficiency and reliability as the number of participants grows. This makes them a perfect tool for enterprise-scale and global-scale solutions that go way beyond “mere” financial applications. The world is starting to realize this now. At Emer, this was the idea that drove our growth from the very outset.

Emercoin Core

Historically, the Emercoin core was inherited from Peercoin, which in turn emerged from Bitcoin. Peercoin introduced one essential innovation called Proof-of-Stake (PoS) consensus. This allowed expanding and improving the then-existing Proof-of-work (PoW) algorithm.

Consensus is an algorithm used in a decentralized network to validate a certain version of a growing blockchain. Consensus results from all miners” using their own resources to “vote” for such validation. For this, they are rewarded with newly created cryptocoins. In other words, miners sell their “network trust maintenance” service in exchange for coins.

So how do we know who is entitled to vote?

It cannot be a wallet, because then one fraudulent user could create millions of wallets and use these ghost votes to validate any blockchain version they like.

This cannot be an IP address, either, for any ISP can fake a large network, creating hordes of ghost voters as well.

So voting requires a limited resource that cannot be replicated or faked.

For the Bitcoin system, Satoshi Nakamoto proposed a Proof-of-Work solution, which involves validation through computing capacity. Indeed, if the computing capacity of your computer is X, you may create N virtual sub-computers, but the aggregate computing capacity is not going to exceed X. In other words, the owner of such virtual sub-computers is not going to have more votes than a single user.

Then other consensus concepts were offered that focused on computing resources other than processors. For instance, Proof-of-Capacity was based on disk drive capacity. This provokes an arms race in the evolution of the cryptocurrency ecosystem. Miners keep investing in their hardware until their equipment depreciation expenses zero out the income generated by mining. Then they start complaining that “mining generates no gain” or “cryptocurrency is nothing but a swindle.”

Proof-of-Stake was a groundbreaking concept introduced by Sunny King in Peercoin. Peercoin limited voting capacity by its own coins. This helped avoid the arms race by replacing material resources (processors, disk drives) with virtual ones (coins). As a result, people stopped wasting material resources money and electricity in the pursuit of greater mining power.

The PoS algorithm, too,its flaws. For example, it is vulnerable to insider attacks. The latter are partially prevented by additional tools such as, e.g., dynamic checkpoints. In general, PoS has proven to be more secure than PoW.

The hybrid consensus protocol used by Peercoin is considered to be the most secure, and this is why we used it as the basis for the Emercoin project. To succeed, an attacker on Emer has to own 51% of the network’s aggregate computing capacity and 51% of its coin stock. Two barriers of different nature largely protect the network from being discredited.

Another reason Peercoin was chosen was the classic and mature Bitcoin code used in its core. It has not only been reviewed by many security experts, but also coped with several failed attacks.

Finally, we wanted to follow an industrial approach to projects, enabling maximum compliance with existing standards and specifications, and Bitcoin’s technologies and API have de facto determined the standards for the crypto industry.

Emercoin vs Bitcoin: Similarities and Differences

PoW+PoS vs PoW

As already mentioned, Emercoin uses a hybrid consensus protocol. taken from Peercoin. The only change we made was to increase the weight of PoS to approximately 80%. Thus, Emer is an essentially PoS-based cryptocurrency, with an auxiliary PoW tool.

SHA-256

Emercoin closes blocks using the same SHA-256 hash function. We chose it because it is an official standard and sufficiently secure. Besides, special ASICs have been doing SHA-256 mining for a while already, so miners can be confident that no new special-purpose hardware designed for another algorithm will provoke a complexity revolution to shake the network and consolidate the mining capacity in the hands of those who own such new hardware.

As a side note, we are against mining with general-purpose computers, as this approach is potentially hazardous for uninvolved parties. Before ASICs appeared, a number of computer viruses used the computing capacities of affected computers to mine Bitcoins. ASICs rendered such malware economically non-viable. Bur other cryptocurrencies mined through general-purpose computers are still exposed to this risk.

10-Minute Block Interval

Just like Bitcoin and Peercoin, Emercoin provides 10 minutes to close a block. A shorter time per block would result in more collisions with orphan blocks and a loss in network reliability.

Collision probability is calculated by dividing the network update time by the block closing time. The network update time depends on the network topology and load. Updating the Bitcoin network takes minutes. Other cryptocurrencies (e.g., Quark) that have reduced the block closing time to less than minute encounter constant fork exposure as soon as the network load becomes more or less substantial.

One may object by referring to Ethereum’s excellent Ghost protocol, which is not exposed to forks. Even though its orphan blocks (“uncles”) are not part of the resulting blockchain, they do take part in voting for a chain version, so the block interval can be reduced to about 20 seconds.

But this protocol has its own vulnerabilities. For example, a Ghost network is prone to network storms, when extreme amounts of traffic occur in Ethernet networks under a certain load. Simply put, the network is vulnerable because its update time is proportionate to its traffic. Under a critical load (too many transactions per second), the update time becomes comparable to the block generation time. In this case, different miners can independently generate candidate blocks to be included in the blockchain. And here comes a surprise: these blocks will contain the same transactions. So they will once again circulate through the network, multiplying the traffic, i.e., generating more network load, more delays, and more “uncles”. The network is going to behave as if it were exposed to a DNS/NTP amplification attack, with the same network nodes being both the attacker and the victim.

Moreover, only one candidate block is included in the blockchain. As the network used resources not only to compute that block, but also its fellow — blocks, which voted but were not included in the resulting blockchain, the trust in the accepted blockchain decreases dramatically. As a result, the network can be attacked with less than 51% of its aggregate computing capacity.

All in all, we believe that the approach proposed by Satoshi Nakamoto is still the best available.

Recomputing Complexity after Each Block

Unlike Bitcoin, which recomputes its mining complexity every 2016 blocks (i.e., approximately every two weeks), both the Emer and Peercoin networks do this after each new block, contributing to network reliability. Here is an example:

Suppose that after a scheduled complexity recomputation, 50% of Bitcoin miners cease working. By the way, this situation is not as unlikely as it may seem. This could happen if governments in countries that host large mining pools enact some laws to that end — as might well be the case soon in China. As a result, the intervals for closing blocks will double to 20 minutes, and the block size will double as well. Considering that many blocks today have reached the limit of 1 MB, chances are that many transactions would stay unconfirmed for days. This could provoke panic and more transactions by those wishing to sell at the current price, further aggravating the situation. It would take weeks for the system to recover.

A network that recomputes its complexity after each new block is not exposed to such a risk, as it instantly adjusts to the new miners’ aggregate computing capacity. Moreover, being predominantly a PoS cryptocurrency, Emercoin is not that much affected by mining and/or pools. Even if all the pools were to stop working at the same time, it would take just 20% more time to add a block, and the adjustment system would address this within just 24 hours.

Reassessing the Number of Awarded PoW Blocks

Emercoin has one more mechanism to keep its miner capacity more reliable, a negative feedback loop that uses the network’s hash rate (aggregated miner capacity). The point is that the miner’s reward is not fixed (as in the case of Bitcoin), but inversely proportional to the 4th root of the network complexity.

If Emercoin’s fiduciary value increases, i.e., more users start mining it, this contributes to the network complexity and thus reduces the reward for each block. As a result, the network becomes protected against high fiat inflation. Conversely, if miners lose interest in Emercoin for whatever reason, the system becomes much less complicated and retains miners by offering higher rewards.

In theory, the most efficient Emercoin mining strategy is to cooperate and mine using minimum capacity and sharing maximum income. However, this is improbable, because miners will face a variation of the the prisoner’s dilemma.

6% Annual Percentage Yield for PoS

As Emercoin is a PoS cryptocurrency, a miner may generate income with both mining hardware and coins in their wallet. We chose to pay PoS bonuses at the rate of 6% per annum. In other words, if coins used to close a transaction remain intact for more than one month, chances are that these can be used to close a block, generating a 6% APY for the owner. Once the coins are used, the idle period “burns out” and a new idle period begins for the new owner. In other words, 6% APY is the maximum PoS reward, which can only be received if the coins remain intact. Currently, the actual money stock increase through PoS APY is about 4–5% per annum. As Emercoin becomes more widespread and transactions more numerous, this value will decrease to match the rates typical for hard fiat currencies — although never completely nullified.

One may object that this 6% APY generates inflation, but it should be mentioned that Emercoin has a deflationary trend, i.e., the coin’s value is growing, and quite fast. This can be seen in its exchange rate, which has increased almost four-fold since the beginning of the year. This mismatch with the naive model is due to the coin value’s being linked to the corresponding economic value. Economic growth entails an increase in the coin value, so PoS has a negligible contribution to the overall money stock growth, compared to other factors.

Issuing and Nullifying Emercoins

One may conclude from the above that Emercoin money stock could grow perpetually. It seems to be true in the first approximation. Indeed, participants maintaining the consensus sell their services to the network and are rewarded with newly created coins. However, Emercoin has a mechanism that nullifies coins, thus balancing out the issuing of coins. It does so by taking a fee for blockchain services such as sending coins or purchasing accounts with the NVS. In other words, unlike Bitcoin, which has limits for issuing coins and has no tools to nullify them, Emercoin allows to issue them indefinitely, but also has an opposite process to balance it. Those participants who sell their services to the network are rewarded, and those who purchase services from the network pay for them.

At a rough estimate and considering currently available factors, a total of around 1 billion EMC will be generated within 80 years.

Revealing External IP Addresses

The first unique innovation implemented by Emercoin was the RFC5389 protocol, a STUN tool to reveal external IP addresses. After NAT, the wallet software needs to know the external IP address to function properly. Bitcoin used to, and others still do, receive it by addressing a centralized server (http://checkip.dyndns.org). It later switched to UPNP and manual configuration settings. We rejected this approach for several reasons, such as UPNP’s failing to work after a multilayer NAT. In the end, we decided not to use a centralized server at all, but to apply the STUN standard, which is used for similar purposes in VoIP. At the moment we manage the most complete list of public STUN servers available and use these servers within our STUN subsystem to identify external IP addresses.

Transaction Optimizer

The Transaction Optimizer is another unique innovation implemented in Emercoin.

Cryptocurrencies with transaction-containing blockchains require you to select a subset for spending when creating a new transaction. Bitcoin and other cryptocurrencies use a stochastic algorithm that takes 1,000 random samples to select a subset that contains an amount as close as possible to the required one. However, even if the wallet contains a subset matching the exact sum, the standard algorithm would almost always overlook it, creating a new transaction for payment and keeping the difference. This results in creating oversized transactions and generating a future transaction to spend the difference.

This algorithm also leads to the “gold dust” problem, resulting in a high number of low-value transactions.

Emercoin applies a dynamic programming approach to selecting the subset of transactions. This algorithm is guaranteed to find a perfectly matching subset, if it exists. Our assessments show that the average transaction amount has thus decreased by 5%, slowing down the blockchain growth.

Distributed Dynamic Checkpoints

PoS cryptocurrencies are vulnerable to some exotic, PoS-specific attacks. One of the most dangerous of them is the “insider attack”. If a fraudulent actor gains control over wallets that contain already-spent coins, they may emulate a rollback to a time when these wallets actually contained coins. Thus the actor would gain control over 51% of coins, build an alternative blockchain longer than the main one, and change the blockchain contents retrospectively.

These attacks may be prevented through checkpoints that limit the restructuring of the blockchain to a certain depth level. Bitcoin only uses hard checkpoints embedded in the wallet code; such checkpoints are updated with each wallet update. Peercoin and Emercoin, on the other hand, use dynamic checkpoints with checkpoint data sent online. This does not require any code updates on the customer’s end and enables constantly updating the checkpoint structure.

Peercoin provides for only one node to send the checkpoint data. If sent by several nodes, such data would generate a network conflict. Accordingly, the failure of this node would prevent the dynamic checkpoint data from being updated.

Emer, on the other hand, has implemented a distributed dynamic checkpoint algorithm, which prevents several independent nodes from sending duplicate checkpoint data. This contributes to network reliability, as checkpoints are still updated even if some of the nodes break down.

No Ethereum-Style Smart Contracts

Emercoin does not provide for such contracts and has no intention to introduce these. We are completely against such contracts for security reasons. We always believed that unauthorized downloading of Turing-complete operation-dependent code is critically dangerous, and the recent theft of $31M worth of Ether has proved us right.

Name-Value Storage (NVS)

The Name-Value Storage (NVS) subsystem is our core innovation with an external practical value, inspired by the Namecoin distributed-DNS cryptocurrency.

Unlike a similar structure in Namecoin, which had a hard focus on distributed DNS, the Emercoin NVS is a trusted distributed general-purpose storage system with shared control.

Simply put, this subsystem can store any binary data up to 20 Kb in size. These data points are linked to a search key of up to 512 bytes, unique for the entire network. Every record is associated with a payment address belonging to the corresponding wallet owner.

The payment address owner is the one and only person authorized to manage the record. Managing a record means creating a new record to replace the old one or transferring the ownership to another payment address. Old records are never erased and remain accessible from the relevant blockchain. Thus, each record has the full history of changes in its ownership.

Technically, a record in the blockchain is the outcome of a 0.01 EMC transaction (soon to be reduced to 0.0001 EMC), attributed to the payment address of the record owner. As such, this outcome contains the NVS contents. The record owner is the only person authorized to spend this outcome, as the private key to authorize the outflow may only be found inside their wallet. Spend this amount requires modifying the record’s value or other attributes, including the payment address. In the latter case, the record is transferred to the wallet that contains the beneficiary address.

The NVS subsystem may be addressed through a JSON API (similar to Bitcoin’s) or through the wallet GUI.

The Emercoin NVS system is what powers up all the Emercoin-based services that we will describe in our further posts, from 2017 to 2018 — so stay tuned.