The Dusk network makes use of a decentralized and privacy-oriented digital currency that evolves the CryptoNote protocol[12] through the groundbreaking discoveries in the field of Byzantine consensus and pseudo-random functions of world renown cryptographers such as Silvio Micali, Michael Rabin, Alexander Yampolskiy and Evgeniy Dodis. Dusk radically departs from any other blockchain by employing an adaptive consensus mechanism, called Segregated Byzantine Agreement (or SBA⋆), which does not require the com- putational intensity of proof-of-work and is a fairer alternative to proof-of-stake. Built on such consensus algorithm, Dusk is poised to be the first to simultaneously achieve previously conflicting goals of guaranteeing transaction untraceability and unlinkability, safeguarding user privacy, reaching transactional "finality" after a bound number of rounds within a single block election and achiev- ing virtually unbounded user scalability without any significant performance degradation.
The Dusk network requires a heightened security setup designed specifically to:
(1) Obfuscate IP addresses of the communicating peers (2) Prevent linkability and traceability of accounts
(3) Guarantee network performance
(4)
The Dusk Network And Blockchain Architecture
Scalable consensus and low-latency data transmissions for privacy-driven cryptosystems
Emanuele Francioni Dusk Foundation Amsterdam, The Netherlands emanuele@Dusk.network
Fulvio Venturelli Dusk Foundation Amsterdam, The Netherlands fulvio@Dusk.network
Implement efficient payment mechanism for high QoS appli- cations such as secure and anonymous voice calls
In order to satisfy a broad set of data transfer scenario, the Dusk network adds an additional layer of security to the IP protocol suite (used mostly in a peer-to-peer fashion). Through the adop- tion of a mix of established strategies and novel techniques, the Dusk network has been conceived specifically to protect the pri- vacy of the communicating peers from any form of eavesdropping while satisfying a variety of challenging use cases varying from fast communication (e.g. voice calls) to large data transfer (e.g. file transmission). Dusk circumvents the notorious unreliability of crowd-sourced infrastructures by embedding economic incentives into the core mechanism of the network itself. Such incentives are designed to encourage peers to partake in the network in a permission-less, anonymous and private fashion.
KEYWORDS
Dusk, blockchain, cryptocurrency, privacy, consensus, segregated byzantine agreement
1 INTRODUCTION
The Dusk network makes use of a decentralized and privacy-oriented digital currency that evolves the CryptoNote protocol[12] through the groundbreaking discoveries in the field of Byzantine consensus and pseudo-random functions of world renown cryptographers such as Silvio Micali, Michael Rabin, Alexander Yampolskiy and Evgeniy Dodis. Dusk radically departs from any other blockchain by employing an adaptive consensus mechanism, called Segregated Byzantine Agreement (or SBA⋆), which does not require the com- putational intensity of proof-of-work and is a fairer alternative to proof-of-stake. Built on such consensus algorithm, Dusk is poised to be the first to simultaneously achieve previously conflicting goals of guaranteeing transaction untraceability and unlinkability, safeguarding user privacy, reaching transactional "finality" after a bound number of rounds within a single block election and achiev- ing virtually unbounded user scalability without any significant performance degradation.
The Dusk network requires a heightened security setup designed specifically to:
(1) Obfuscate IP addresses of the communicating peers (2) Prevent linkability and traceability of accounts
(3) Guarantee network performance
This paper is published under the MIT International license. Authors reserve their rights to disseminate the work on their personal and corporate Web sites with the appropriate attribution.
WEB3 Symposium, April 2018, Amsterdam, The Netherlands
© 2018 Stichting Dusk Foundation, published under MIT License.
An
not make use of proof-of-work mining and therefore drops com- pletely CryptoNight and deviates substantially from the hashing algorithms therein adopted. In particular, Dusk uses what we call Segregated Byzantine Agreement (SBA⋆) protocol which enhances classic BA⋆ by implementing specific measures to protect peer privacy. SBA⋆ has been developed specifically to power the Dusk Blockchain and help meeting the aforementioned requirements. These efforts do not solely relate to the application layer but extend to the networking layer as well. This is why the Dusk protocol makes use of:
• Stealthaddresses:toprotecttransactionrecipientanonymity
• RingCT signature: to protect transaction sender’s identity
• Anonymous Network Layer: to protect the IP address of
the network peers; to provide secure data transfer mecha- nism; to implement off-line data retrieval strategy; to power the anonymous gossip network for transaction propagation and verification
• Non-Interactive Verifiable Secret Sharing Scheme: to conceal all but highest priority time-locked transactions from the participants to the Block Generation sortition
• Cryptographically Committed Provisioners: to protect the information about stake; to implement a division of re- sponsibilities between Block Generators and the electable Block Voters and Verifiers; to boost network efficiency by acting as state channel guarantors; to incentivise participa- tion to the network; to protect the balance information of transacting nodes; to prepare SBA⋆ for future expansion with non-balance and non-payment related weights such as storage contributed to the network (as in proof-of-storage), availability expressed in elapsed time since joining the net- work (as in proof-of-idle), etc.
2 PRELIMINARIES
2.1 Diffie-Hellman Hardness Assumption
In any group, a discrete logarithm loдb a is a number x ∈ Z such thatbx=a.
Most of the cryptographic building blocks related to this work are linked to the Diffie-Hellman assumption which uses the hard- ness of discrete logarithms in cyclic groups [13]. Considering a multiplicative cyclic group G of order p and generator [2] д, we can formulate the following assumption: given дa and дb for uni- formly and independently chosen a ,b ∈ Zp then дab performs like a random element in G of order p.
