Theta awarded patent application approval for USPTO Number 17/224,109 (“THETA-1005”) — Preventing denial-of-service attacks in decentralized edge networks using verifiable delay functions (VDFs) to prevent malicious attacks

Theta Labs has just received patent application approval for USPTO Application Number 17/224,109 (“THETA-1005”): “Preventing denial-of-service attacks in decentralized edge networks using verifiable delay functions (VDFs)”. The invention featured in this patent introduces significantly improved protection against attacks for decentralized networks like Theta Network. This patent approval follows previous Theta patents issued for decentralized data streaming and delivery, ultra-high transaction throughput micropayments, methods and systems for peer node discovery, and decentralized DRM via NFTs, creating a portfolio of patents to further differentiate and protect the Theta technology and ecosystem.

Client-server and peer-to-peer blockchain networks may be vulnerable to denial-of-service (DoS) attacks. A DoS attack refers to a technique to disrupt legitimate users’ access to the network. In some cases, the attack can be performed by overloading one or more nodes of the network with a large amount of data requests, leading to network congestion.

The proposed systems featured in this patent are used to reduce the likelihood of such attacks using verifiable delay functions (VDFs). VDFs refer to functions that require a predetermined number of computational cycles to complete. While VDFs and PoW/PoS both require an evaluator to spend some time to compute a puzzle, VDFs may involve sequential computations which cannot be parallelized, making specialized hardware unable to substantially speed up the puzzle computation. This mechanism can also be extended to a blockchain supported decentralized peer-to-peer data delivery network with digital rights management (DRM), non-fungible tokens (NFT) and decentralized finance (DeFi) applications.

The method is used in client-server networks, fully decentralized peer-to-peer networks, as well as in hybrid networks. In summary, if a server detects that a client is issuing requests at, for example, a higher-than-normal frequency, the server can issue a VDF puzzle with a random seed (sometimes called a “challenge”) to the client. The next request from the client then needs to contain the correct solution to the VDF puzzle before the server serves the next client request. The advantage of using VDF over Proof-of-Work (PoW) is that the VDF computation is not parallelizable. The VDF-based rate-limiting can be used in a client-server context, as well as in decentralized peer-to-peer networks. For example, if some malicious peer nodes in the network launch a Distributed Denial-of-Service (DDoS) attack on an honest node, the honest node can use the VDF-based rate-limiting mechanism to fend off the adversary.

The above-described mechanism can also be extended to a blockchain supported decentralized peer-to-peer data delivery network with digital rights management (DRM). In particular, after the second peer node (e.g., cacher peer node) has verified that the first peer node (e.g., the viewer peer node) is authorized to view the stream, the second peer node can be configured to generate an encrypted data stream and a corresponding data key to decrypt the data stream. Further, the second peer node (e.g., the cacher peer node) can transmit the encrypted data stream and the data key to the first peer node (e.g., the viewer peer node). Malicious nodes might attempt to DDoS the second cache node during the streaming session, but with VDF, the second cache node can effectively mitigate these attacks and continue to serve the honest nodes.