How does Mixin design a high-concurrency and fast-recognition lightning network under the constraints of impossible triangles?
Impossible Triangle: A distributed accounting system that cannot simultaneously satisfy scalability, security, and decentralization.
- Scalability: refers to performance, or concurrency
- Security: the account book is consistent
- Decentralization: The purpose of decentralization is to improve the survivability, the more thorough the decentralization, the stronger the survivability.
Bitcoin’s choice
Bitcoin chose security and decentralization, thus sacrificing performance. It is a correct decision 10 years ago. We can confirm: as long as there are computers and networks, Bitcoin will long live. For example, if you have a computer with a 1T hard drive and network, you can download the Bitcoin client and all the transactions history. It is totally free to create a wallet, accept and send Bitcoin. You can participate in mining, without anyone’s approval. Even if the world’s mining pools and professional miners give up mining, your laptop can continue to mine Bitcoin.
Not just Bitcoin, the probability of complete death of the public chain based on the POW algorithm, such as Ethereum, Zcash, Monero, Dash, etc., is very small, even including DogeCoin.
What will happen
There will be more POW-based blockchains, and some projects will gradually die out. Successful blockchain projects will try to provide quick confirmation mechanisms such as Bitcoin Lightning Network and Liquid, as well as Ethereum’s shading technology. There will also be new distributed ledger systems that provide a quick confirmation solution.
What kind of lightning network is safe for user
We believe that some of innovation in the lightning network is safe and some of them is dangerous
Safe Innovation
We know that the exchange itself does not affect the companies listed on the exchange. Because the exchange is just a high-speed trading platform, it only provides billing itself and earns income. Even if the exchange is gradually declining, people can choose to transfer their shares to other exchanges. Companies can also choose other exchanges to list.
Asset has survived during bear market, include Bitcoin and Ethereum, can be defined as an asset. An exchange that only provides opportunities for asset trading is safe. Because even if the exchange or lightning network gradually declines, people’s assets are still safe because they can withdraw asset out of the lightening network.
Dangerous innovation
Some lightning networks create a new asset when external cryptocurrency is deposited in. We believe it is a dangerous design because it create a kind of corporate bond. Once a company is in a hard times(probably all companies will encounter this problem), all those who have invested their assets into the lightning network face risk, because the company often failed to pay back asset already.
Even if the company wants to stop operating without operating difficulties, it is very difficult because the bonds he sent out are already in circulation and are already in the wallet of others. You can never quit the business.
Mixin’s choice
Mixin knows that every product has a life cycle. As 1 second confirmation, large throughput is the design goal. The ultimate decentralization is abandoned, and the pursuit of scalability and security is Very reasonable.
Based on this premise, the physical basis of the Mixin node can only be a high-speed, high-performance server. This is an important assumption that will be mentioned later.
Technical decision:
Abandon the account idea, use utxo
Implementing an account means having a consensus on the account balance or other attributes that are variable, causing the account to be a state machine. It is inevitable that there is a certain order for the operation of the account, otherwise the results produced on different nodes will be different. For example, a merchant obtained 1,000 Ethereums by selling virtual goods to 1,000 customers. Suppose the merchant now needs to pay 1 Ethereum to each of the other 1000 customers. The merchant’s account can generate 1000 transaction requests. Then send the transaction request to 50 full nodes to speed up, even if all these transactions are correct, but they can not be confirmed at the same time in the account model system, they must be in order one by one or batch confirmation.
Based on utxo, this account already has 1000 valid utxos, he can generate 1000 valid transactions, and these transaction requests are sent directly to 50 nodes, all transactions can be confirmed immediately. There is no state in UTXO data, and it even can not be considered as a database, because no delete and modify operations. There is no state sharing, so it can be handled asynchronously and asynchronously.
Use DAG instead of block to store the ledger.
DAG itself is a very mature storage technology solution. Byteball, IOTA, NANO all use the technology. Non-linear storage is achieved through DAG, each transaction is no longer arranged in a single order, but can be inserted at any time. Based on the utxo transaction model itself, the transaction order and storage unit order has been removed.
At the same time, since the subsequent transactions in the DAG structure must refer to the previous transaction, it makes the tampering of the old transaction record extremely difficult. Because this requires me to get a unified match for all the people who quote my trade.
Confirm the transaction with BFT instead of relying on the designated witness, or the number of references
There is a challenge when using DAG in a ledger is how to identify double spend and shadow-chain attacks. [Byteball] (http://byteball.org/) introduce a trusted witness mechanism. When both transactions are judged to be reasonable, the transaction with more trusted witnesses is considered a reasonable transaction. [IOTA] (https://www.iota.org) use an algorithm to select witnesses. [NANO] (https://nano.org/en) handles double spend by balancing-weighted-voting DPOS voting. hashgraph use BFT algorithm to determine whether a transaction on a stored record is valid.
Mixin’s approach to preventing double spend and shadow chains is that only transactions that have been signed by BFT will be recorded on the DAG.
1 second confirmation transaction based on BFT and utxo
A client sends a transaction to a node, the node signs it after verifying it, and then broadcasts the transaction in the node group. Other nodes receive the broadcast for inspection, verify transaction again and sign the result and then return it to the source node. The source node can know whether the transaction is valid according to BFT algorithm, and it will generate a valid signature result and send to all nodes for persistent synchronization. All nodes, when receiving a persistent sync block, will verify that the transaction. Node will be considered as an attacker if an incorrect signature from it is found. Looking back at this process, we can see that the Mixin node only verifies that utxo is valid when validating the transaction, does not rely on other information and the workload is almost fixed. Time is only related to cpu performance, hard disk performance. Remember our hypothesis? Mixin rely on high-speed, high-performance servers. The results of the Mixin test network show that a transaction can be transfer within 300 milliseconds. So one transaction can be confirmed in one second by 50 nodes.
conclusion
Through these four measures, combined with our goals and design premise, we can achieve a transaction system that is only limited by physical performance. Improving hardware include network, memory, CPU, and hard disk can effectively improve overall kernel performance.
Decentralization/survival ability comparison:
The Mixin network is not as strong as the Bitcoin network, but it is stronger than other DPOS based distributed ledger network.
