Oxen Actually Seems Cool

2021 July 31

[cryptocurrency] [info] [money] [opinion] [oxen] [privacy] [tech]

Disclosure

At the time of writing this post (2021 July 31), here was my "investment" in cryptocurrencies:

≤ 0.05 BTC (≤ 2,500 USD)

I had purchased mostly as something to use for online purchases and to play with, as I was actively studying Bitcoin when I bought it.

a very small amount of Steem (I don't remember how much, but definitely less than 10 USD worth... probably closer to 0.50 USD)

the same amounts in the relevant forks of the above

I did not own any $OXEN.

I also briefly worked at a cryptocurrency-related company, and I have some stock options in that company. I tried looking up the company for the purpose of this disclaimer, and it may now be defunct (I'm not sure how to tell).

(For the sake of this disclosure, I'm setting aside philosophical debates about the meaning of "ownership" and understanding it in the way that maximizes the amount of stuff that can be considered "mine".)

This is to say that I may have stood to benefit financially from more people using cryptocurrency in general, but I did not own any of the specific cryptocurrency I was discussing.

This disclosure statement was added on 2021 November 5.

Cryptocurrencies

It's no secret that I'm cynical about cryptocurrencies.

Here are some issues with cryptocurrencies:

Proof-of-work is destroying the planet.
Under capitalism, the rich and powerful grow richer and more powerful. Making a new money system where power is effectively inherited from the old money system just provides a new platform for this trend to manifest. Decentralization doesn't magically happen when you base the system on existing power dynamics.
Cryptocurrencies generally provide very poor privacy.
Much of the point of cryptocurrencies is to push right-wing libertarian/anarcho-capitalist political ideologies.

This is a non-exhaustive list.

However, there are also good things about cryptocurrencies.

Cryptocurrencies which are sufficiently decentralized are not beholden to the whims of companies. They can't, for example, refuse to provide service to sex workers doing legal work or sites like WikiLeaks.
Cryptocurrencies (while perhaps technically harder to use than traditional banks and other money companies) have a lower administrative barrier for entry than other methods of transferring money via the Internet. You can just use them. You don't need an account anywhere, or a credit card, or an ID. Addresses just come from random numbers.
Cryptocurrencies make it possible to accept money without providing your government name or other such personal information to the sender. This can enable people operating anonymously or under pseudonyms to still acquire money safely. (This does not negate the fact that most cryptocurrencies have poor privacy.)
Cryptocurrency software is generally free software whereas online banking and other money services generally require nonfree software. (Of course, there's absolutely no reason it needs to be this way, but it is.)

It would be nice to have a better alternative to something like Bitcoin. Let's look at Monero and then Oxen, a cryptocurrency I'm actually interested in using.

Monero

Oxen is based on Monero (a CryptoNote coin). Monero is popular among privacy advocates (as well as criminals who know better than to use bitcoins for illegal purposes). It uses multiple mechanisms to protect the confidentiality of transactions. Here's what they do and a brief explanation of how I think they work (based on my current understanding).

Ring signatures obfuscate the sender of a transaction.

The sender selects an unspent transaction output that belongs to them, along with some other transaction outputs. The sender then constructs a ring signature, which is a proof that...

they have the ability to spend one of the selected outputs
the output in question has not been spent prior

...without revealing which output is being spent. In other words, Monero has a built-in mixing function.

Ring confidential transactions (RingCT) obfuscate the values transacted.

I don't yet understand Pedersen commitments, but I think the basic idea is that the input and output values are encrypted with a function that's homomorphic under addition, so anyone can verify that the sum of the inputs equals the sum of the outputs without having to know any plaintext values.

RingCT also includes a range proof, which ensures that all values are legal (non-negative, and not too big). We wouldn't want something like Bitcoin's value overflow incident to happen.

Stealth addresses obfuscate the receiver of a transaction.

Basically, Alice generates a random number and combines it with Bob's public key in a way that Bob and only Bob will have the private key.

This Stack Exchange answer provides a much better explanation than I could give.

Monero also uses the RandomX PoW algorithm, which is designed to be ASIC-resistant. Unfortunately, it's still PoW, which is to say, it is competitive waste.

Monero's privacy features are enticing, and I'd be interested in using it if it wasn't proof of work.

Enter Oxen

Oxen (formerly Loki) is based on Monero, and it inherits Monero's privacy features. Unlike Monero, Oxen is a proof-of-stake (or "proof of service") coin.

Proof of Stake

If I may borrow an analogy from Twitter user WKDart, proof of work is like running a pollution machine which makes its owner money. "It doesn't make anything, it just. Pollutes. And makes money."

In such a system, people with more money can afford more powerful pollution machines and make more money. The rich get richer and more powerful.

Proof of stake does away with the pollution machines and jumps straight to "the rich get richer and more powerful". It doesn't address the systemic wealth inequality issues in play, but hey, we got rid of the pollution machines, so I'll call that a win.

The Loki whitepaper proposed a hybrid PoS/PoW currency. Oxen has since dropped PoW altogether. Oxen is a non-wasteful privacy coin. That's cool and actually has the potential to be useful. I would like to use such a money system.

Oxen Service Nodes

Oxen isn't just a proof-of-stake CryptoNote coin, though. In addition to staking their money, Oxen Service Nodes also provide infrastructure for some decentralized applications like Lokinet (a Sybil-resistant Tor-like anonymity network, the reference implementation of LLARP) and Session (an anonymous, encrypted chat app based on Signal, but without the interesting cryptography).

Note that this isn't like Ethereum, where smart contracts are run on-blockchain; the Service Nodes just act like proxy/storage servers for onion routing, temporary message storage, etc. Lokinet is like Tor, except that unlike Tor nodes, Lokinet nodes (Oxen Service Nodes) are required to stake 15,000 $OXEN (which is supposed to make Lokinet resistant to Sybil attacks) and maintain certain performance requirements. Running a site on Lokinet is very much like running a site on Tor. It's still a client-server model.

Oxen Name System

Basing a PKI system on an append-only public distributed ledger is a way to have identifiers which are all 3 of...

Short
Decentralized
Secure

Oxen has the Oxen Name System (ONS) for this. This allows users to register short usernames which are mapped to public keys for the Oxen cryptocurrency, Lokinet (.loki domains), and Session.

Fast Transactions

One problem with Bitcoin is that transactions take a long time (~10+ minutes) to be confirmed and even longer to be considered irreversible (~1+ hours). This provides a major barrier for use in time-sensitive environments like in-person purchases.

Oxen has 120 second block times, reducing these times to ~2+ minutes and ~16+ minutes, respectively. (16 minutes is based on 2 checkpoints passing after 8 blocks. Depending on when the transaction is confirmed and how checkpointing works, the actual minimum might be fewer. I wasn't super careful with the math here.)

Additionally, Oxen has a system called Blink for instant transactions.

These fast transactions should help Oxen to be more usable than its peers.

Conclusion

I'm actually interested in using Oxen as a privacy-focused way of transferring money over the Internet without destroying the planet in the process.

I also think it's cool that it provides infrastructure for some decentralized applications, even when I don't actually like those applications. (Lokinet seems potentially good, but I haven't yet found any sites I like on it. As with Session, I do have the criticism that a network that by definition is run entirely by rich people does not feel very trustworthy to me. But not requiring (as much) trust in the infrastructure is kind of the point of onion routing, so maybe it's okay.)