Guardians of Blockchain (GOB), one of the top Guardians in the Orbs PoS Universe, took the initiative and presented Tal with a series of challenging questions that they felt needed addressing regarding the Orbs Network current state. The result is this stimulating Q&A that we felt was just too interesting not to be shared with the entire community.
Before starting Orbs I was employed as the engineering manager for Kin by Kik and I was tasked with launching the Kin dapp on Ethereum. It was supposed to be a dapp with potentially millions of users since it was connected to Kik’s messenger that had millions of users. Launching a dapp that can support millions of users on Ethereum was almost impossible. From this process, I came to the conclusion that current blockchain technologies cannot scale to meet the needs of enterprise businesses and consumer businesses, and blockchain will hit a roadblock when it eventually arrives to the mainstream. My passion was to design a new blockchain stack that can support these use-cases. I left Kik to pursue this passion and created Orbs. By the way, Kik ended up forking Stellar and created their own blockchain solution to deal with the scale issues but I felt at the time that their solution had too many compromises on decentralization.
Orbs started in the midst of the “dapp hype” - it was the time when every real-world company thought about launching their own dapp on the blockchain. The companies listed above are all spin-offs of real businesses that existed before blockchain - Ironsource for example is a successful ad business that existed years before that time and still exists today. What the world eventually learned was that dapps are not easy to build. The big “dapp hype” where every company (like Kodak for example, completely unrelated to Orbs) created a dapp - eventually stopped. The reason, in my analysis, was not the infrastructure - it was the business model. Dapps are decentralized businesses with a decentralized business model. It turned out that centralized businesses like IronSource cannot become decentralized overnight - this change is too big. Almost all of these businesses stopped their dapps, but not because of the infrastructure. The crypto ecosystem hype moved away from web3 dapps to other things like enterprise blockchain and defi. Orbs started focusing on these new areas. IronSource for example does not have any blockchain project today.
I think that blockchain should be very interesting to security experts and white hackers. It’s true that blockchain is decentralized - but it does not mean it’s not hackable. Any protocol can have security vulnerabilities and of course that any blockchain can have security vulnerabilities. The great thing about the blockchain ecosystem is that everything is open source and all the protocols are well known and open. The blockchain ecosystem relies on the global community of security researchers to review the code and review the protocol and point out security vulnerabilities before they are exploited by black hat hackers. Since blockchains tend to hold data of great value - consider the Bitcoin ledger of example - there’s a lot of appeal in looking for vulnerabilities in the protocol and the implementation.
Since Ethereum is a fully decentralized project, there is very little chance it will “go down” - the reason is that it’s enough that any one person in the world wants to keep Ethereum alive, then Ethereum will continue living. That’s the great thing about blockchain - it’s unstoppable and does not rely on specific people/companies. A more possible scenario is that Ethereum makes changes that make it unsuitable for Orbs anymore. If this happens, the community behind Orbs can choose to rely on another blockchain instead, even relying on Bitcoin can be possible. This will require some changes in the Orbs protocol but is possible. We currently still see Ethereum as a leader in public blockchains and think relying on it brings a lot of benefit to Orbs and makes it more secure - you can see my blog post that explains it.
The definition of a Sybil attack is creating many duplicate identities by the same entity in order to influence the decisions made in the system. Any system that relies on stake to make decisions (PoS governance for example) is well protected from Sybil attacks. The reason is that the amount of stake an entity has is given - it does not matter if this entity puts all the stake in one identity or splits the stake between a million identities. The voting power is identical in both cases. There are many other popular blockchains that rely on a smaller number of validators (EOS is one example). The reason for that is mostly performance and scalability - it’s much easier to scale networks with fewer validators that are operating more powerful nodes. In any case, because the stake in the system is held by the delegators and not the validators and there are potentially a limitless number of delegators, the system is fully decentralized and the delegators ultimately choose who the validators are. This is very similar to how a democracy works. You have the general public that chooses a smaller government to do the day-to-day operations, but the public is free to change them if they don’t like their policies anymore.
I definitely agree! Blockchain is much more than tech. It’s about community decisions and community governance. The more active the community, the more decentralized the project. This starts with the guardians - they are the representatives of the community and I want to see them taking more active roles in the network. Processes that we will have to work on for example are discussions in the community on protocol upgrades. If you look at other successfully decentralized projects like Ethereum, you will see that many initiatives came from the community. I don’t think someone like me should assign these roles, but people who care in the community should say - I want to start organizing X and maybe contribute some mechanism for doing it and if the community likes this direction then more people will jump on board and this will become the new way of doing things. I am very open to hear your ideas and where you want to contribute, don’t be shy.
I think the top guardian does not hold 30% by themselves. The community behind this guardian, multiple delegators that chose this guardian to be their representative, holds 30%. Think about it like in politics, there is a political party that holds 30% of the power. If you look at all the democracies in the world, and democracy so far is the best way of governance that gives power to the public, having a party that holds 30% support is very common. I think this is the case in most countries and these countries have democracies that are considered fair. Also, I think the power dynamics in a young network like Orbs are not yet established. When the votes that the guardians hold start affecting the stakeholders more, then stakeholders will be pickier on which guardian they choose. The more responsibility that guardians take in leading the network, I think that delegators will choose them based on their policies and not only based on how much rewards they give. Also, one of the great things in blockchain voting is that it can scale. With democracy politics, you can’t ask every person’s opinion on every decision. With blockchain, you actually can. More mature governance models may be able to allow the delegators to vote too on decisions and only if they don’t vote, the guardian’s vote will take over, which may allow decisions on important topics to be taken by the network as a whole.
How would the team plan to achieve those features of blockchain?
During the initial V1 stage, the scenario you described was relatively unlikely due to the registration process that all Validators were required to go through in order to identify themselves as part of the onboarding process.
With the implementation of V2 and its unification of the Validator and Guardian roles, this scenario will be eliminated in a more decentralized manner. Each Guardian, who now will also be processing transactions the same way Validators did under the prior model, will only have voting power in the network in proportion to its stake. Thus, setting up additional multiple Guardian/Validators will not have any impact on the ability of an attacker to impact the fairness or security of the network, as each node will only have an impact proportionate to its stake. Thus, carrying out this type of attack would either require the attacker to split its stake between multiple Guardians, which would not give it more power than it had before the split, or to acquire additional tokens, which would disincentivize it from harming the network.
We agree with the proposition that it is preferable for the validator pool to be public and permissionless. This is why in V2 that is launching later this year, the pool of validators is open to the public (provided that they have sufficient stake) and not selected or vetted in any way by the Orbs team. There is no more whitelist from the core team - this was a temporary phase during V1 for helping the network mature. The roles of Guardians and Validators are combined in V2 and Validators are required to collect delegated stake in order to be elected to the committee. The nodes operating the network will be the ones representing the most stake and running their node correctly according to the protocol.
See the response above, which explains that the V2 unification of the role of Validator and Guardian will serve to eliminate this problem. Registering additional Guardians/Validators will not aid a Sybil attacker because the voting power of each depends on the stake of Orbs tokens that has been delegated to it. Adding 500 additional Validators for $500 per month would not increase an attacker’s voting power or ability to impact the network, unless they were to simultaneously increase their delegated stake, which would create disincentives to attack. Since the nodes operating the network will be the ones representing the most stake, an attacker will need a very large sum in order to attack.
In addition, there’s another important security mechanism designed in the network which is the separation of block producers and validators. Assume that a very valuable enterprise wants to run on the network and the risk of attack is very high for their high value app. They can set up their virtual chain in a way that only their own nodes can produce blocks in the virtual chain (select transactions and place them into blocks). The public validators of the network will only be signing their blocks in this case and verifying their contents. This separation makes the cost of attack very high because an attacker in the public network will only be able to cause a denial of service and will not be able to steal money since they can’t propose new blocks, only avoid signing them. The enterprise will still enjoy the guarantees of decentralization because only the public third-party validators approve their blocks.
By the way, I agree on the points that you mentioned from AMA that in the beginning of a business setup, it is important to bootstrap from the central points.
I think since blockchain is a new technology and concept, it might make changes, shapes, evolving in set up as it gets more developed and dealing with actual problems. I also think the protocols and infra should be in step with the network's growth (in business & financial revenue on the network wise) and have a solid basis especially in the beginning and midway until the networks are fully permissionless for the project to be complete and maintained by healthy incentive structure <---but wouldn't it be difficult? would it be possible to have a working permissionless infra with the right behaving incentive structure or at least not jeopardizing the network?
We agree that moving from the approaches used to bootstrap a network to full decentralization once the network matures is a delicate and challenging process. That is why we believe that taking measured and well-thought-out steps, based on the lessons learned from the actual experience of the network and the combined collaborative efforts of all participants in the network, is essential to this process.
But, despite the challenges, we think at the end of the day it is possible for full decentralization to be achieved without harming the network. The proposed next version - V2 which is launching later this year, involves significant steps in this process, and we expect that the lessons learned by the entire community will help facilitate further strides in this direction down the road.
As I understand the best knowledgeable people of application to business usages of distributed ledger or blockchain tech is IBM (Hyperledger).
Regarding IBM, we believe that the Orbs network occupies a different niche. IBM does not, to our knowledge, intend to move to a permissionless/public model or involve public validators in their system in any capacity. IBM deals with private and permissioned blockchains that are based on Proof-of-Authority and not Proof-of-Stake/Proof-of-Work. As you note below, Orbs’ concept of a permissionless/public blockchain for enterprise use is still a relatively unique concept and Orbs is still the most developed of any project thinking along these lines.
Another advantage of the Orbs network over IBM is its flexibility – while IBM offers no path from private blockchain to a public blockchain, Orbs offers users who have elected to deploy a private instance of the Orbs blockchain (as was done by Yes24) as an initial matter and then seamlessly transition to using the public blockchain. IBM does not offer this ability. In addition, the business model of IBM is not token-based. Hyperledger doesn’t have a token economy. IBM’s business model is classic professional services and consultancy. This is completely different from how Orbs operates.
Similarly, to our knowledge, Libra is also involved in a completely different field – payments - the development of an open and borderless cryptocurrency and payment system. This does not really operate in the same playing field as Orbs, which is an infrastructure project for business applications.
The unique position of Orbs as I understand is a hybrid part of private block producers with public validators.
As noted above, we don’t really see Libra as a major competitor because their mission is in the payments and currency space and they don’t appear to be looking to serve as a blockchain infrastructure for business uses. As such, we don’t think that whatever they launch will be something that is optimized to compete with Orbs for this type of infrastructure use.
We also don’t expect that a company like Hyperledger would transition to a concept based on a permissionless, public blockchain. This is for a variety of reasons, including the fact that a company with the profile of IBM is unlikely to be willing or able to create the type of token economy that would create the incentives necessary for public blockchain to work. Generally speaking, it’s very difficult for traditional companies like IBM and Facebook to adopt a decentralized token economy. These are centralized companies with traditional shareholders, they are not decentralized projects that are community-governed like Orbs is.
In general, we do believe that the Orbs network has “first mover” advantages due to its being unique in this space. Some of this has to do with the core substance of the network – in our view, Orbs is better designed to meet the requirements of real businesses and solves the problems such businesses would have using blockchain in a more elegant way. This is due to the work that was done in the past with real businesses and all of the discussions that we had to learn about their requirements. Even where the potential users did not ultimately choose to launch a blockchain-based system, the knowledge gained from this communication is reflected in the design of the network.
In addition, being the most-developed project in this space has business advantages in that, when companies are ready to make the transition to a public blockchain, the Orbs network is simply a more viable candidate because it has something already built and operating. This explains the real and significant interest that the network has received from major entities already.
As the number of business users increases, these advantages should be even more pronounced.
Learn more about the Guardians of Blockchain.