Privacy-infrastructure company Nym Technologies announced details of opening up its “Finney” testnet (named after the famous cypherpunk Hal Finney) for anyone to run a node on – with a few qualifiers.
Nym is developing a "mixnet," or a tool to obscure metadata tracking at a network level. The mixnet itself is hosted by a decentralized network of nodes. Nym said the system provides "full-stack" privacy, allowing developers to build applications that give users strong guarantees against metadata surveillance.
Nym’s initial testnet, launched in April 2020, was the victim of a Sybil attack. A Sybil attack is when a single actor tries to take over a network by spinning up multiple nodes that validate data and transactions on the network. If one actor has a disproportionate amount of control over the system, it compromises the system's underlying integrity because the nodes under the attacker's control could refuse to receive or transmit blocks on a blockchain. In November, a Sybil attack increased the initial testnet to more than 12,000 nodes overnight – about twice the size of the Tor network.
As a science fiction fan, Dave Hrycyszyn, chief technology officer of Nym, likens Sybil attacks to the Agent Smith move from the movie "The Matrix," where beleaguered actor Keanu Reeves has to fight thousands of identical opponents who can multiply at will. How do you beat an attack like that?
“You need to impose some kind of cost on the attacker to slow down or stop unwanted replication of attackers in your system,” Hrycyszyn said.
Countering Sybil attacks by staking on Nym
In the case of the Finney testnet, that cost now comes in the form of a staking token, HAL, which is based on the Tendermint blockchain and Rust-based Cosmos implementation. A HAL doesn't hold value; its purpose is purely for staking on Nym. The transition to this new testnet on April 15 removed the Sybil nodes from the previous network and now allows anyone who can claim a unique Telegram name to spin up a "mixnode."
“In Nym's case, the transition to mixnode staking means that anyone can start a node,” Hrycyszyn said. “But this is limited by the amount of available cryptocurrency that node operators can get hold of. Currently, we're slowly giving out testnet tokens in our Telegram channel, so the growth of the mixnodes in the network is slowed down by the need to request tokens at a rate we control.”
On the eventual mainnet, tokens will need to be bought, imposing a stronger limit on attackers.
Nym initially set an artificial limit of 1,500 nodes on the Finney testne,t but has now removed that cap.
“We're seeing rapid growth,” Hrycyszyn said. “Currently, we're at about 4,500 nodes, which is about 3/4 the size of Tor, making us one of the largest privacy systems in the world.”
Hrycyszyn was candid in saying that by opening the network to everyone, the Finney testnet is getting some people who come only for rewards but don’t know a single Unix command or how to run a server. As a result, the nodes they are running are mostly misconfigured.
While fewer of the nodes are high quality, Hrycyszyn said he is happy the network's architecture held up, as the Sybil attack increased the level of active Nym nodes from 500 to 12,000. But the staking dynamics will weed out poorly run nodes over the next few weeks and drive quality up.
“We have not yet started rewards by actual packets mixed but rather by pure uptime/presence,” he said. “Later this week when we change the rewards, these lower quality nodes will be eliminated.”
What are mixnets?
When thinking about a mixnet, it’s helpful to understand how the internet works today.
On a normal internet network, most traffic can be tracked. Browsers like Tor offer a degree of protection against network surveillance by running traffic through a number of relays to obscure a user’s location and usage. Such networks are still susceptible to metadata observation, however. Highly capable adversaries like the National Security Agency in the U.S. are able to see the timing of data packages being sent across a network to get an idea of what’s going on, even if they can’t see the actual content of the packages.
A mix network, or “mixnet,” on the other hand, (taking its name from the proxy servers it employs, called “mixes”) obscures the metadata left behind when data passes through a network.
Basically a mixnet acts like a game of Yahtzee, Hrycyszyn told CoinDesk previously, where the data packs are like dice: They get shaken around on the mixnet and come out in an entirely different manner than they went in.
Sam Hart, grant manager at the Interchain Foundation, the nonprofit behind Cosmos and a backer of Nym, said people think about virtual private networks and Tor as pretty different things, but Nym will allow users to have Tor-level privacy in any situation where they would use a VPN.
“Combining these two means the addressable user base is larger, and a larger anonymity set increases the overall privacy of the system,” he said.