Lokinet: Understanding testnet vs. mainnet

We hope Lokinet will one day help revolutionise privacy and security online, but it’s currently still in beta. During the beta period, Lokinet and its SNApps — websites and applications that operate entirely over Lokinet — are running on the Lokinet ‘testnet’, rather than the ‘mainnet’. So what does that mean for Lokinet and its users?

What is the Lokinet testnet?

The Loki platform is in a stage of rapid iteration and constant development. During this period, we need to be able to safely test substantial changes to Lokinet without risking the integrity of the Loki network. Just like many video games with ‘public testing environments’ or ‘public beta environments’, Loki has a small network of Loki Service Nodes (our testnet) separate to the main network (the mainnet). This testnet, made up of a few dozen nodes, is used for testing cutting-edge features and changes to the Loki privacy suite.

Implications for Lokinet

Sybil resistance 

Right now, when you connect to the Lokinet beta, you’re connecting to the Lokinet testnet. This has some important privacy and security implications. When Lokinet moves out of beta, it will be running on the Loki mainnet, not the Lokinet testnet.  A critical aspect of the Loki mainnet’s security is its market-based Sybil attack resistance. Because the Lokinet testnet requires no stake a Sybil attack is can occur where a malicious actor rapidly starts up enough nodes that they can gain control of the network and perform passive traffic analysis. Gaining control of the majority of the network like this could allow a malicious actor to trace messages and information being transferred over the network, or even conduct a DDoS-style attack to force users or SNApps off the network. It’s absolutely crucial that any blockchain project has defense mechanisms in place to prevent such attacks.

Loki’s defense against Sybil attacks is to price attackers out of the market by requiring that new Loki Service Nodes ‘stake’ (lock up) a certain amount of Loki cryptocurrency before they can participate in the network. The staking requirement for starting up a Loki Service Node on the Loki mainnet means that it would cost a prohibitive amount to start up enough service nodes for an attacker to gain control.

One main issue with the Lokinet testnet is that because it is designed for feature testing, ‘staking’ isn’t required to start up a node. This means that Lokinet beta traffic could potentially be traced or intercepted by a malicious actor, and current Lokinet SNApps are vulnerable to specific styles of DDoS-type attacks.

Breaking changes

Another thing to be aware of is that we regularly make ‘breaking changes’ to the Lokinet beta software and the testnet itself. A breaking change is an update large enough that older versions of the software will no longer function. While this isn’t a security risk, it means that all Lokinet beta users need to stay on top of software updates, or risk losing access to Lokinet.

Where to from here?

Soon, Lokinet will be making the leap to the Loki mainnet. When it does, Lokinet will have the full protection of the Loki mainnet’s market-based Sybil resistance system, and Lokinet SNApps will be much better protected against malicious actors. We’ll have more to share with you on that front over the next few months. For now, keep in mind that there are certain limitations while the Lokinet beta is still running on testnet — and make sure you keep your Lokinet software up-to-date.

Weekly Dev Update #73

Hey Y’all, 

This week we made big progress on Lokinet and Loki Messenger. On the Loki Messenger side, we are putting most of our efforts into finishing multi-device support, which means solving lots of edge cases. For Lokinet, we are getting closer and closer to a 0.6.0 release which will allow cryptographic operations to utilise multithreading, and iron out a number of bugs found in 0.5.2. 

Loki Core


Lokinet

If you’re on our Discord you can catch Jeff, the lead developer of LLARP, live streaming as he codes at https://www.twitch.tv/uguu25519. He typically streams on Tuesday mornings, 9am – 12pm Eastern (US) time.

What went on last week with Lokinet: 

There was an increase in the public use of the Lokinet testnet this week. While we were encouraged to see the network being tested by real users, it’s important to remind the community that the current Lokinet release is still a testing, beta release!  Some things will change (i.e. break) between now and the final release on the Loki mainnet — most notably, protocol, private and public key cryptography has already changed in the dev branch and will result in (unavoidable) new keys and .loki addresses in 0.6.  We have our eyes set on a final, mainnet release but there may be additional, backwards-incompatible changes between now and then.

This week saw lots of activity, fixes, and improvements in the Lokinet dev branch, heading towards a 0.6 release. We have decided to clean up Lokinet internals by removing the home-grown JSON RPC HTTP server with a simpler JSON-over-zmq based approach. There were also various improvements to the debs (especially for routers), and we included several changes to make things work on xenial, while de-vendoring Libsodium in preference to the local system’s Libsodium library.

PR Activity:


Loki Messenger for Desktop 


Loki Messenger for Mobile (iOS and Android)

Loki Messenger for iOS:

Loki Messenger for Android:


Thanks,  

Kee 

Trusty Tyr Hardfork’s Killer Feature: Checkpointing

Loki cryptocurrency featured image

Loki’s Trusty Tyr Hardfork is now live, and with it comes a new feature: Checkpointing. While many of you will be familiar with this concept (especially if you read LIP-3), some of you may not, so here’s a quick explainer in simple terms.

Checkpointing is a process in which blocks (containing transactions) in a blockchain are locked by Service Nodes. For Loki, the blockchain is checkpointed every four blocks, or approximately every eight minutes. Once two consecutive checkpoints are placed, the blockchain history prior to those checkpoints cannot be changed.

Checkpointing is important because it prevents 51% attacks: a scenario in which a miner, or group of miners, gains control of 51% of the hash power of the entire network. With this control, attackers can produce a longer chain of blocks than the current chain, and force the protocol to switch to their chain. That is, from a chain which the network believes is true, to an alternate chain with potentially malicious intent. For example, with an alternate chain attackers could prevent new transactions from being confirmed, delay payments from some or all users from being received, render previous transactions invalid, and reverse transactions in order to double-spend. 

While 51% attacks are unlikely for larger market cap coins like Bitcoin or Ethereum (although hypothetically possible) due to the extremely high costs of gaining the required amount of hash power, it’s within the realms of possibility for smaller market cap coins like Loki. In comes Checkpointing to the rescue! Because Service Nodes lock a block every four blocks, an alternate chain containing conflicting transactions to the previous two checkpointed blocks will be rejected. In other words, as long you wait for two checkpoints to be placed, you will always be safe to accept funds, without needing to worry that the transaction might be reversed.

Loki Checkpointing adds an additional layer of security to our products, so you can trade and communicate with absolute freedom…and peace of mind. For a live feed of the latest blocks being checkpointed, go to https://lokiblocks.com/checkpoints.

New Ways to Connect with Loki Messenger

Loki cryptocurrency featured image

Did you hear the news? Loki Messenger v.1.3.0 is now available on all platforms across mobile and desktop. Here are some great reasons to get chatting on it.

Pics, Vids and GIFs

Got a funny video to share? A photo you’re dying to post? Or a GIF that perfectly expresses your innermost feelings? Loki Messenger’s got you covered. Now you can send all these files up to 10MB in size. Just tap that handy + button.

Chat Mentions

Calling all attention seekers! Forget about driving a red sports car, walking around with a boombox on your shoulder, or throwing a tantrum in a shopping mall… The best way to get someone’s attention is with an @mention. Simply type @, followed by the name of a contact, in your message. It’s a great way to cut through the noise in Loki Public Chat. (or, if you want to avoid the noise all together, you can opt out of it now too).

Performance and UI improvements

We know – under the hood improvements aren’t always as exciting as flashy new features. But every bump in performance, every improvement in the user interface, and every bug squished, leads to a better overall Loki Messenger experience. “It’s the little things that count…”

To try out these new features, download Loki Messenger v.1.3.0 here: https://loki.network/getstarted

Weekly Dev Update #70

Weekly Dev Update #70

Hey Y’all, 

Last week we released the Trusty Tyr 5.1.1 Binaries. All Service Nodes, mining pools and exchanges will need to update to these new binaries before block height 385824 (est. 7PM AEDT, 2019-10-23). Currently, approximately 78% of Service Nodes have upgraded, so if you are operating a Service Node, make sure you update in the next week so you stay on the correct chain.

In other news, the Loki Messenger team has sidelined multi device work for now since a key team member is on holidays. Instead, the Loki Messenger team are working on File attachments, profile pictures and @mentions, which should be delivered in a new release shortly.  


Loki Core


Lokinet

If you’re on our Discord you can catch Jeff, the lead developer of LLARP, live streaming as he codes at https://www.twitch.tv/uguu25519. He typically streams on Tuesday mornings, 9am – 12pm Eastern (US) time.

What Went on Last Week with Lokinet:

We merged a significant batch of performance improvements for Lokinet, which should allow for better performance scaling, particularly on multi-core machines. Work continues on implementing a Lokinet GUI, which will allow desktop users to easily control and view their Lokinet connection stats. This requires the underlying Lokinet daemon to be securely controlled by another process (the GUI), so we will need to do some rearchitecting of the Lokinet internals to allow for that. The plan here is for the interface to be used in both the GUI and also via a `lokinetctl` command-line tool that will allow command-line users (such as Linux greybeards and SNApp admins) to control some portions of Lokinet without having to edit config files.

PR Activity:


Loki Messenger for Desktop 

Loki Storage Server


Loki Messenger for Mobile (iOS and Android)

Loki Messenger for iOS:

Loki Messenger for Android:


Thanks,  

Kee 

5.1.0 Trusty Tyr Mandatory Upgrade

loki network coin wallet

Hey Everybody, 

Today marks the start of the mandatory upgrade period for the new Loki Core Trusty Tyr 5.1.0 release. Trusty Tyr adds a number of notable features to Loki Core, including: 

  • Fully enabled and enforced Service Node checkpointing 
  • Updated RPC Calls to reflect transaction checkpoint status
  • RandomXL stability updates
  • Extended Uptime credits to 48 hours from 24 hours 
  • Number of bug fixes for issues which caused Service Nodes to calculate incorrect winners for certain blocks
  • Increased uptime proof relaying robustness 
  • Fully Linear Staking requirement curve
  • “Export_transfers” is now available via RPC (see Lokidocs RPC documentation for more information).
  • Better integration with Loki Storage Server to enforce network reliability

We have set the hardfork height for block 385,824, ‬which is approximately 13 days away and should fall on  ~22nd of October 2019 UTC. 

If you’re running a Service Node, mining pool, or you’re full node operator, you will need to update to the new version of Loki Core to ensure that you stay on the correct chain. 

Non Service Node Operators 

For mining pools and (Non Service Node) full nodes, Loki binaries can be downloaded directly here: https://github.com/loki-project/loki/releases/tag/v5.1.0

Service Node Operators

Service Node operators running Loki Launcher should refer to this guide for updating: https://docs.loki.network/ServiceNodes/SNFullGuide/#updating-your-binaries

For those running Loki Service Nodes using the Debian releases, you can upgrade using this guide: https://docs.loki.network/ServiceNodes/DebianPackageGuide/#upgrading

As part of their update procedures, Service Node operators should also update their Loki Storage Server to the newly released Version 1.0.7. This should happen automatically if you follow the guides above. 

Thanks,  

Kee

Weekly Dev Update #69

Hey Y’all, 

Last week the Loki Messenger team continued work on limited multi-device support for mobile devices, and finished the last required changes to support @mentions on Desktop. The Loki Core team is almost ready to release Trusty Tyr 5.0.0 – we just want to fix a bug which previously caused some Service Nodes running lokid 4.0.5 to become stuck on an invalid chain.

Loki Core


Lokinet

If you’re on our Discord you can catch Jeff, the lead developer of LLARP, live streaming as he codes at https://www.twitch.tv/uguu25519. He typically streams on Tuesday mornings, 9am – 12pm Eastern (US) time.

What Went on Last Week with Lokinet: 

The Lokinet team (now including new addition Stephen Shelton – welcome!) spent some time discussing new designs for the Lokinet internals. In the long term, we’re aiming to make Lokinet easier to use for end-users with, among other things, a separation in the design to allow the integration of a graphical control interface. We’re also looking make Lokinet work on mobile devices. In the shorter term, we’re planning some significant performance improvements to the build process, a new starting point for iOS builds, and various command-line updates.

PR Activity:


Loki Messenger for Desktop 

Loki Storage Server


Loki Messenger for Mobile (iOS and Android)

Loki Messenger for iOS:

Loki Messenger for Android:


Thanks,  

Kee 

Does Pulse Make the Rich Richer?

Loki cryptocurrency featured image

Loki Improvement Proposal: POS Scheme Pulse

Recently we released our fifth Loki Improvement Proposal in which we outlined a new Proof of Stake scheme, Pulse. If it’s to be implemented, Pulse would have Service Nodes produce blocks, order transactions, and secure the blockchain, rendering miners in the Loki ecosystem no longer necessary.

While we’re excited about the potential of Pulse, and the improvements it can bring to Loki’s suite of privacy tools, we’re aware it has raised some questions and concerns within the community. The main one being: “Won’t it Just Make the Rich Richer?”

Transitioning from Proof of Work to Proof of Stake

Let’s imagine Loki transitions from its current Proof of Work / Proof of Service hybrid consensus mechanism to Pulse (Proof of Stake). In this scenario, the Loki Network will be made up of two parties: Stakers and Non-Stakers. 

Stakers are those who are running a Service Node, either by themselves, or with others in a pool. They have enough $LOKI to do so.

Non-Stakers are those who aren’t running a Service Node, because they don’t have enough $LOKI to meet the staking threshold, or because they’re choosing to hold their $LOKI instead. 

Service Nodes

With Pulse, Service Nodes will create blocks in the Loki blockchain every two minutes, and receive a reward ($LOKI) for doing so. Ninety-five percent of that reward will go to the Service Node Staker (or Stakers, if it’s a pool), and the remaining five percent will go to the Loki Foundation.

In order to run a Service Node, we recommends you stake at least twenty-five percent of the full staking requirement. At the time of writing, that is roughly 5,200 $LOKI, which equates to about 1,400 USD. So Stakers – those that have enough (and choose) to stake the recommended amount of $LOKI – will increase their wealth through the accrual of rewards. 

Furthermore, each time a Service Node creates a block, the overall monetary supply of $LOKI increases. Just like in a traditional economy, assuming everything in the market stays constant, when the monetary supply increases, so does the inflation rate. And when the inflation rate goes up, the purchasing power of the currency goes down. This means everybody’s $LOKI buys a little less than it did before. This is an unfortunate (but not uncommon) side effect for those that hold (and don’t stake) currency. 

However, the inflation situation is the same with Proof of Work consensus mechanisms. When miners create blocks, they also receive rewards, which in turn increases the overall monetary supply and drives inflation up. 

One major difference between Proof of Work and Proof of Stake consensus mechanisms is the size of the barrier to entry. The initial investment (fixed cost) required to mine cryptocurrencies – specialised hardware, constant electricity, and a high-speed internet connection – is much higher than the cost of running a Service Node – which is essentially the cost of renting and maintaining a VPS. In essence, you need a lot more financial resources to be a miner, than to be a Staker. 

Of course, in reality everything in the market does not stay constant. The real-world market cap of $LOKI fluctuates, and if it increases, everyone’s purchasing power increases. Same goes the other way. Regardless, there still exists an inequality caused by the barriers to entry for mining or staking. However, a barrier to entry is necessary* in order to keep the Loki Network protected from malicious activities like Sybil Attacks. 

Low barrier of entry allows more people to benefit from POS

The lower barrier to entry for Service Node operators is why Pulse is an attractive prospect for Loki. It means more people have the opportunity to participate in the rewards-based ecosystem (especially when compared to Proof of Work). Ideally, it also means more Service Nodes are in operation on the Loki Network, making our privacy products better for all. So we think it’s a win-win.

We love that our community is engaged, and challenges us to be better, which is why we’ve endeavoured to answer this question. If you have more, please keep them coming on our various social media channels.

Weekly Dev Update #68

Hey Y’all, 

Last week we released the 5.0.0 testnet binaries for lokid, which include enforced checkpointing and a number of P2P and uptime proof fixes. We’re running a Bug Bounty with a prize pool of 4000 $LOKI for finding bugs related to checkpointing, so jump in and get testing! 

Loki Core


Lokinet

If you’re on our Discord you can catch Jeff, the lead developer of LLARP, live streaming as he codes at https://www.twitch.tv/uguu25519. He typically streams on Tuesday mornings, 9am – 12pm Eastern (US) time.

What Went on Last Week with Lokinet: 

We released a minor update (0.5.2) which fixed a lingering issue in Lokinet that was causing a timeout of a few seconds every 10 minutes. We also held our first weekly dev meeting on a Mumble voice chat server entirely over Lokinet, and it worked perfectly with good latency and no drops at all! 

Recently, we’ve been interviewing for a new full-time Lokinet developer position, and I am pleased to report the role has now been filled with a great addition to the team starting this week. Jeff was on vacation last week (which explains the light number of PRs), but is back this week. With Jeff, plus the addition of our new developer, expect to see some interesting Lokinet developments soon.

PR Activity:


Loki Messenger for Desktop 

Loki Storage Server


Loki Messenger for Mobile (iOS and Android)

Loki Messenger for iOS:

Loki Messenger for Android:


Thanks,  

Kee 

Testing Bounties

Loki cryptocurrency featured image

Service Node checkpointing is now being enforced on testnet v5.0.0. We really want to make sure everything is running smoothly, so are inviting you to do your best to break checkpointing on the testnet! 

As a reward for the hard-working testers out there who manage to find bugs in v5.0.0, we have put a bounty system together: https://github.com/loki-project/loki/releases

The total reward pool is 4000 $LOKI.

Bounty Guidelines:

  • Attacks should be performed on the Loki testnet, where the most recent checkpointing code has been activated. 
  • The goal of an attack should be to invalidate Service Node checkpointing. Functionally, this means you should be able to get an unmodified lokid node to sync or switch to any alternate chain that competes with a mainchain with more than 2 consecutive checkpoints.

Some attacks you might try to execute are:

  • Targeted attacks that prevent Service Nodes communicating during consensus. 
  • 51% attacks on the mining network. 
  • Joining a dishonest minority of Service Nodes – please remove these nodes from the network once you finish testing as others may be trying to use similar methods.
  • Constructing special transactions/blocks. 

The following attacks are out of the scope of this bounty program and will not be rewarded: 

  • Gaining more than 51% of the Service Nodes on the Service Node network (this would be prohibitively difficult on the mainnet). Note: The 20 Service Nodes operated by the Loki team on the Loki testnet represent the “Honest Majority”.
  • Blanket DDOS attacks are not considered in scope as they would be prohibitively difficult on the mainnet given the size of the Service Node network.

Bug Severity will be decided arbitrarily by the Loki team. High severity bugs will earn 50% of the total prize pool at the time your claim is approved. Medium severity bugs will earn 20%, and low severity bugs will earn 5%.

Happy Testing!