Squatting in TCRs with Bonded Tokens
To get started on token curated registries, I recommend the TCR reading list.
I have been researching use cases for TCRs to help the scientific ecosystem in OSN. I’ll be doing a series of posts to outline some strengths and weaknesses that I’ve found with different variations of TCRs. This post is about TCRs that use a bonded or continuous token as their native token.
TCR Tokens = Divisible Tickets
In current TCR designs, the sole utility for the native token is for candidates to apply to be part of the curated list. You can think of the tokens in a TCR as divisible tickets that grant the right to occupy a slot in the list. The min_deposit variable determines the cost of a ticket, expressed in the native token.
It’s useful for the tickets to be divisible and represented as tokens. It allows for flexible voting during challenges, and grants more granularity when designing the monetary policy. But as a mental model, it’s helpful to visualize them as tickets, to study a particular dynamic going on in the system.
Squatting
Cybersquatting is the practice of acquiring something (usually a domain or ID in a platform) with the intent of profiting from reselling it, instead of using the item for its intended purpose.
A common example is that of DNS squatting. You can view DNS as a registry with non-fungible and non-divisible tickets that grant ownership of a particular slot. Each possible name for a website can be purchased, but the rights to one name can’t be directly exchanged for the rights to use a different name. Squatting is a problem in DNS, and likely going to be a problem in ENS as well, as stated by Vlad Zamfir.
“The value of a registration to users is subjective. It is therefore impossible for the registry to know that one registration is more valuable to users than another without relying on oracles.” Vlad Zamfir
The protocol can’t know if someone if buying to speculate on price and resell (sometimes for millions of dollars) or if it’s a purchase looking to provide a valuable service on that domain name.
But at least names are non-fungible. So squatters have to predict and buy the specific names they think will be valuable in order to profit.
Squatting in Bonded TCRs
TCRs have a greater weakness to squatting than DNS. This is because the rights to occupy any slot in the list are completely fungible.
If I buy 1000 * min_deposit tokens, I buy the rights to occupy 1000 slots, or at least to attempt to occupy 1000 slots. I don’t have to pick which ones, I can just own any 1000 slots.
This fungibility property really comes into play when the TCR uses a bonded token. With a bonded token:
- There’s no initial distribution scheme that could ensure a large number of different parties share ownership of the token.
- Ether can be used at any time to mint tokens directly from the smart contract, and it’s held in a reserve contract. The ether can be withdrawn by simply burning the tokens.
- The prices when minting and burning tokens are controlled by the TCR monetary policy. They increase as the reserve grows and decrease as it shrinks.
I can effectively own a slot by taking advantage of these properties.
The difference between buy (burn) and sell (mint) prices with the smart contract allows the creation of a market for prices in between. So If I mint 1000 * min_deposit tokens from the contract, I can put them up for sale at a slightly lower price than the next minted token, making buying my tokens the cheaper choice.
List Takeover
As long as the approximate target list size is known, someone could print enough tokens to cover the min_deposit for all of them, effectively buying all tickets, and then extort newcomers by charging just below the price to mint new tokens. That way, all candidates would end up paying maximum price, instead of just the last candidate to be accepted.
In an attempt to limit this strategy, we could make the TCR token non-transferable, to prevent an external market being created. This is very difficult to implement in practice because there are many workarounds to keep on trading ownership of the tokens, even if the tokens themselves are not transferable. But even if you could prevent external markets, this solution is easy to bypass if a squatter mints tokens to cover all expected slots, and then sells one min_depositunit for every new one that gets minted by other candidates. This way they can still charge full price to every candidate.
If candidates were for some reason forced to buy from a list that had a monopoly in a particular market, someone could technically print many more tokens than necessary to cover all slots, and be able to sell at a greater profit by kidnaping the contract in this way.
In an attempt to diminish the information available to squatters, we could try to obscure the current list size. if the algorithm to mint tokens is public, and it should be for transparency, it’s impossible to hide the number of min_depositunits printed. As long as that number is smaller than the expected list size, it’s profitable to follow this strategy.
We could also experiment with obscuring the expected list size. This is dealt with on a case by case basis. It’s hard to hide the info that could lead a squatter to estimate total list size. Even if an accurate total estimation is not possible. It’s also hard to create useful TCRs for lists of unknown size, but that will be elaborated on a future post.
Such a profit maximizing strategy is unlikely to be followed in all but the most extreme circumstances. A list that is too heavily exploited would have trouble gaining traction in the open market.
Batch Squatting
A squatter could have a less profitable strategy by making smaller, more conservative predictions and buying tokens in smaller batches.
It would always be more cost effective for candidates to purchase tokens from the squatter than to mint new ones. As the squatter tokens are running out, she can buy a new batch to resell and maintain the dynamic. What’s likely to happen is for multiple squatters to take batch strategies, making the total fees incurred by candidates more similar to the ones paid during the list takeover strategy.
Squatting Incentivised By Design
I’ve avoided using the words attack and attacker on purpose when discussing these strategies. The problem is not that they’re exploits that we need to deal with, but that squatting and speculation are the explicit strategies that TCRs incentivize in order to work.
Adding a bonded token into the mix means that ether used to purchase tokens is stored in a reserve, instead of being sold in a market. It also means that there is no initial token distribution scheme to ensure that different parties hold the token. This allows a squatter to much more easily hijack token issuance and monopolize it to extort extra fees from candidates.
If you’re interested in discussing or learning more, you are welcome to join our telegram and continue the conversation.
