Pay-in/Payout Exchange Brokers: Design and Economics

As mentioned in the original white paper, the network relies on pay-in and payout brokers to facilitate near instant payments with any fiat or cryptocurrency, and near-instant merchant payouts into any fiat or cryptocurrency. What follows is a more detailed description of how the system operates along with the fees that are present.

Pay-in broker takes a certain amount or risk accepting the cryptocurrency of payment while quickly releasing GRFT in exchange (without waiting for the cryptocurrency of choice confirmations). This risk for broker is mitigated by relatively small(er) retail transaction amounts and is subject to the authorization sample validating the transaction across originating currency network. The risk for the merchant is mitigated by a GRFT bond transaction equal to the amount of pay-in, which is generated by the broker at the beginning of transaction. The bond is put on hold by the authorization sample until the broker approves the altcoin payment to the merchant. As soon as the altcoin transaction (from buyer to the broker) is received and validated, the authorization sample approves the payment to the merchant and releases the GRFT payout (from the broker to the merchant). The broker is able to set different limits for different amounts / history and risk levels.

In exchange for this service, the pay-in broker substructs 0.25% exchange fee from the GRFT payment to the merchant, while the supernodes participating in the authorization sample charge their standard GRFT transaction fee (0.5%).

The following flow (sequence) diagram shows how bitcoin acceptance pay-in broker performs the exchange transaction and accepts bitcoin payment on behalf of merchant point of sale. The buyer can use any wallet supporting bitcoin. The merchant receives payout in GRFT.

Payout broker exchanges GRFT into the payout currency of choice as requested by the merchant. The transaction is asymmetrical – meaning that the second leg of the payment is usually longer (sometimes much longer) to settle on the receiver side. To make sure that the payout broker delivers the payment with no double-spending, the broker stakes a bond with amount equal to the amount of the transaction. The staking is done by putting on hold the GRFT payment from the merchant by authorization sample. If authorization sample detects (after the grace time) that the payout funds weren’t received by the merchant, it cancels the transaction and payout broker does not receive the GRTF payment from the merchant.

In exchange for this service, the pay-out broker receives 0.25% exchange fee. In addition, the authorization sample supernodes charge their regular transaction fee (0.5%).

Same exchange brokers can (and most likely will) alternate as a pay-in and payout brokers. For example, let’s review Bitcoin Exchange Broker (EB) which wants to perform both pay-in and payout exchange operations.

The broker has a Bitcoin wallet with 0.01 BTC in it. The broker receives a payout request from a merchant to exchange 100 GRFT to 0.01 BTC (assuming the current exchange rate is 0.01 BTC = 100 GRFT). The flow of such payout transaction between the broker and the merchant is shown in the diagram below.

The broker accepts the request and sends 0.01 BTC (minus bitcoin network fee) to the merchant, while the merchant generates the 100.75 GRFT payment (100 GRFT amount + 0.25 GRFT broker fee + 0.5 GRFT authorization sample fee) to the broker and transmits it to Authorization Sample. The sample puts 100.75 GRFT transaction on hold and notifies the broker who then sends 0.01 BTC to the merchant. Upon BTC transaction settlement (10-60 mins for the sake of argument and depending on the bitcoin network fees), the 100 GRFT transaction is released and the exchange broker now has the 100 GRFT payment plus 0.25 GRFT profit.

The broker can now switch into the pay-in broker mode. As pay-in broker, the EB receives a request to exchange 0.01 bitcoin into 100 GRFT. The broker accepts this request and transfers 100 GRFT (minus fees). As soon as 0.01 BTC is received, the broker is able to become a payout broker again and now has 0.01 BTC and 0.25 GRFT profit.

Assuming (conservatively) that a single pay-in/pay-out cycle takes 1 hour, the broker can make around 12% in a single 24 hour period (without compounding), making for a lucrative business model for the Exchange Broker* (*estimation only).

Beyond Merchant Payments: DEX

The system described above can function beyond the GRAFT intended payment ecosystem and extend into a real-time decentralized exchange (DEX). Due to the fact that the untrusted exchange operations (atomic swaps) are close to real-time to the outside entity leveraging the GRAFT authorization/validation layer (the network of GRAFT supernodes), the same atomic swaps can be extended to provide real-time exchanges, such as BTC<->ETH.

GRAFT Wallets are Safe and NOT Affected by Double Counting Bug

As you probably know, most exchanges recently took offline all CryptoNote wallets (including Monero) due to Double Counting Bug. We tried to reproduce an exploit of the double counting bug with GRAFT master (current GRAFT version) to prove that GRAFT is not affected. In order to do that, we have prepared a special testing branch with the exploit: https://github.com/graft-project/GraftNetwork/tree/double-accounting-exploit, where we duplicated the “add_tx_pub_key_to_extra” call inside “construct_tx_and_get_tx_key(…)” method in cryptonote_core/cryptonote_tx_utils.cpp. The destination wallet with the bug was supposed to show the wrong (doubled) balance after the transfer from the exploited source wallet.

The destination wallet (GRAFT master, private testnet) before the test transfer shows 20 GRFT balance:

Now, we are transferring 10 GRFT from the exploited source wallet (private testnet), trying to “trick” the destination wallet:

The destination wallet after the transfer shows the correct amount (30 GRFT):

Here is the destination wallet log:

So this case is already handled in current Graft version (1.2.1), which is based on Monero v11, and the bug seems to be introduced in Monero v12, where subaddress functionality was implemented.

Therefore, current GRAFT wallets are safe for all users including exchanges.

GRAFT Development Status Update June 2018

Supernodes and Real Time Authorizations

Let’s start from implementation of full supernode, which is essentially an implementation of real-time authorizations (RTA). Although we are close to the finish line, we do not release it yet to public alpha. We need more time for optimization, fine-tuning, and QA testing. One of the main reasons for the delay is an issue with communication. Unlike other two-layer cryptocurrency networks which use a separate mechanism for communication between their second-layer nodes, we reuse the existing peer-to-peer network as a basic transport. Our original algorithm finds the shortest and fastest routes between the supernonodes by maintaining a set of P2P tunnels through the network of cryptonodes. The main difference and greatest benefit of using the same communication base for two layers (both cryptonode and supernode networks) is not exposing the authorization sample’s supernodes – because in our design they are not required to have a public IP. Such design is the major difference and significant improvement comparing to other layer two implementations such as Dash masternodes.

Remember that one of GRAFT’s key differentiators and goals is absolute privacy initially provided by underlying CryptoNote blockchain protocol, which is the first layer of GRAFT platform. The fact that the auth sample supernode does not require a public IP attached to it makes GRAFT even more private and decentralized, because the supernodes are less dependant on regulated hosting providers. Without public IP the supernodes are “hidden” behind the large, distributed, and complex P2P network, which makes them less vulnerable to DDOS attacks. At the same time, the hosting and maintenance are less complicated and less expensive for supernode owners. (Note that wallet/POS proxy supernodes, which typically belong to service providers and large merchants, still require public IP address in order to be able to serve wallets and POS/payment apps).

However, such great benefits do not come for free. Along the way we found several issues in existing CryptoNote/Monero P2P communication implementation, which we are fixing in order to make it more efficient, stable, and suitable transport for our purposes. With that said, we anticipate the public alpha of supernode with RTA to be released by the end of July. Meanwhile, we will start a private alpha release for testing in a coupe of weeks, so if you are interested in helping us with preliminary testing please contact us at [email protected].

While working hard on RTA implementation and getting ready to its production launch, we realized that hosting a supernode, either full (authorization) or proxy/gateway, requires a special DevOps skill set, so we are working through making arrangements and building relationships to provide turnkey solutions to supernode owners and merchant service providers.

Payment Apps

We are continuously working on improving the Verifone terminal app so it will be fully polished for production by the time RTA is released. As Verifone have written on their merchant marketplace website, where GRAFT app is listed as the Featured Apps Partner, “Our app partners are working around the clock to help empower our merchants with applications that enrich the customer experience and provide business productivity.” This is absolutely true statement, there is not much to add. Since the Verifone certification was achieved last month, we have done several improvements such as UI redesign (in both terminal app and our wallet), enhanced configuration utility for merchants, integration with CoinMarketCap for real-time exchange rates, and some bug fixes. Also, we are working on Ingenico terminal app integration into their marketplace.

One of important and promising features we are planning to develop is using NFC (Near Field Communication) for initial engagement between the mobile wallet and terminal app, so instead of scanning QR code displayed on payment terminal the buyer will just wave the phone (the same technology is used by contactless payment cards and Apple Pay). Implementation of such a feature will help improve both buyer and merchant user experiences and reduce the overall transaction time. We will keep you posted about our progress in this area.

We just finished design and now are ready to start implementation of the payment gateway which will facilitate GRAFT payments on online shopping platforms. Once implemented, integration with GRAFT payment gateway, among other features, will bring to online merchants and buyers a unique combination of absolute privacy and instant transaction confirmations (using RTA) – something they have never seen before. Plus, after we finish RTA and move to accept broker implementation, they will be able to accept various cryptocurrencies, while keeping the same benefits of privacy and transaction speed.

Wallet Apps

We finally redesigned the app downloads page on our website, so now it’s easier to find all our apps, including wallets, and their releases for various mobile and desktop operating systems: iOS, Android, Windows, Mac OS X, and Linux. In recent wallet releases, we fixed some bugs and added new configuration options. The upcoming wallet release will support purchases with real time authorizations using full supernodes (currently it supports a limited version of RTA on testnet only).

CryptoFind App

As our app for discovering and listing crypto-friendly merchants is gaining more popularity among crypto enthusiasts, we periodically release new features and bug fixes. In recent CryptoFind version, in addition to bug fixes, we added a possibility to take a picture of the GRAFT sticker on the merchant’s window so the users can earn better bonuses.

Happy Grafting!

GRAFT Development Status Update May 2018

It’s time for another status update! Y’all are busy people, so let’s not waste any time and get right to the point.

Payment Apps

Let’s start from really good news – our Merchant Marketplace app just received certification from Verifone – big step towards GRAFT acceptance by brick-and-mortar merchants and a product of 6 months long development cycle in close communication with Verifone. We are working on improving this application as well as building apps for other major players in the area of hardware payment terminals such as Ingenico.

Also, we just started designing the online shopping cart integrations – the first implementation is going to be an integration with Shopify, one of the most popular online store platforms. While it’s not within GRAFT’s charter to produce all the integrations, we take it upon ourselves to provide reference integrations with few leading platforms, paving the way for the independent software developers to take GRAFT to all other platforms.

Blockchain

It’s not a big secret that GRAFT has been forked from Monero – in order to be able to reuse the best (as of today) implementation of Cryptonote protocol, which is the most secure blockchain protocol so far, at least for people who care about their privacy. The idea was (and still is!) to take the open source Cryptonote technology and use it as a tier-1 foundation of the future 2-tier application platform, when the 2nd tier consists of the network of full supernodes (please read the white paper for more details). So the GRAFT dev team was supposed to be mostly focused on design and implementation of the tier 2 from the beginning. Unfortunately, sometimes our plans diverge reality in unpredictable ways, and we admit that it was naive assumption. Instead of working on core development tasks, significant part of the team had to address several problems caused by network difficulty and timestamp manipulation attacks. As a result, we switched to more efficient difficulty adjustment algorithm, which is already used by a few other blockchains, and even managed to improve it. We also followed the majority of Cryptonote community and implemented ASIC-resistant code.

We appreciate a concrete help we receive from the community, including individual contributors zawy12 and jagerman – thank you guys! It’s also worth mentioning that our full time core dev team has been growing as well – we have added two senior core developers and project/product manager.

We are working on another potential modification – Cryptonote Heavy hash algorithm. Although the code change is ready, we are still testing, and haven’t made a final decision when (if at all) to switch to Heavy. We continue monitoring the situation in order to find the best time for changes that require major network update.

Real Time Authorizations (RTA)

Our top-most development priority right now is RTA and we’ve been hard at work doing the R&D and laying the foundation to meet our delivery timeframes. For those of you who are interested in details, here is the “10,000 foot view” of RTA – simplistic, optimistic sequence diagram of the RTA flow: Note that every line of text in this diagram correspondents to hundreds or even thousands of lines of the source code, so this diagram just demonstrates interactions between the main players, without going deeply into the details such as auth sample selection, fee distribution, message broadcasting, etc. We are working on various modules of the RTA so we could compile the full picture: supernode-ng server framework, porting DAPI/business logic into a new framework, and authorization sample communication, which includes both super-fast UDP-based direct communication protocol (for “urgent” messages) and “unhurried” protocol (for regular message transmissions) based on existing P2P implementation.

CryptoFind

Although CryptoFind was not designed to be the core product, its popularity recently skyrocketed, and so now we cannot imagine GRAFT without CryptoFind, which becomes the most comprehensive worldwide database of businesses that accept crypto. We have implemented some new features and improvements in CryptoFind since the last update: added a text search function, which allows you to find nearby points by name or type (cafe, store, refueling, etc.), enhanced the user interface, and created statistics page.

Network Monitoring

Also we are internally monitoring multiple parameters of GRAFT servers using special tools such as CloudWatch and Nagios, we thought that the community should be able to know about the basic status (“up/down”) in real time as well, without the need to ask and repeat the same questions on forums. So we have created a simple public network status monitoring page – don’t forget to check it out!

Happy Grafting!

GRAFT Major Network Update 1.2.1 at Block 68000

We just released a major network update 1.2.1. This update is intended to mitigate recent attacks on GRAFT blockchain and improve the stability of the block intervals. There are two major changes included in this release: timestamp manipulation prevention and improved difficulty adjustment algorithm. The major network update will be triggered at block 68000.

The block timestamp manipulation allows a miner with significant hashrate power to generate an alternative chain of several blocks and add it to the main chain. The corresponding code fix will disable this possibility.

The original LWMA-based difficulty adjustment algorithm used the same adjustment rate to increase and decrease difficulty. As the result, it was taking significant time to restore after a peak, leaving users suffering from a higher difficulty. In our novel approach, we introduce an adaptive adjustment rate, making return to a normal difficulty level faster. The mechanism detects a failing edge of the difficulty curve and change the rate accordingly, using the following formula:

The major network update is scheduled for block height 68000. Each GRAFT network node must be updated to the new software version before that block, otherwise, the node that wasn’t updated is going to be on the wrong version of the blockchain. Major network update means that if you are running the GRAFT network node (graftnoded daemon), you must upgrade it to the current software release as soon as possible. If you do not install the updated node before the block 68000, your node will be blocked by other nodes. Note that the users of GRAFT mobile and desktop wallets (GUI wallets) are not affected by the upcoming network update and don’t need to do anything – as long as they are still connected to the default proxy supernodes (if you are connected to your own supernode, however, do not forget to upgrade the underlying network node).

The source code of the version 1.2.1 is now released and available for download from master. The binaries of the new release are located here:

Ubuntu: https://s3-sa-east-1.amazonaws.com/graftbuilds/graft-1.2.1-20180422-release.tar.gz

Windows: https://s3-sa-east-1.amazonaws.com/graftbuilds/graft-1.2.1-20180422-win-release.zip

In order to check whether you are running the right version of GRAFT network node, launch graftnoded daemon in terminal window (in interactive mode) and type help command. If you are running the right version you should see Graft ‘Beta Lyrae’ (v1.2.1-release) in the first line of the help result.

GRAFT Network Major Update 1.1.2 at Block 64445

We decided to make the major network update even sooner due to the problems with ASIC and difficulty the nertwork has been experiencing over the past several days. The source code of the patch version 1.1.2 is now released and available for download from master. The binaries of the new release are located here:

https://s3-sa-east-1.amazonaws.com/graftbuilds/graft-1.1.2-20180417-release.tar.gz (Linux)

https://s3-sa-east-1.amazonaws.com/graftbuilds/graft-1.1.2-20180417-win-release.zip (Windows)

The major network update itself is rescheduled for block height 64445.

Each GRAFT network node must be updated to the new software version before that block/date, otherwise, the node that wasn’t updated is going to be on the wrong version of the blockchain. This release contains the ASIC-resistance changes in the hashing algorithm and enhanced difficulty adjustment algorithm, which are supposed to protect GRAFT blockchain from most hashing attacks and stabilize the block intervals.

As another reminder, major network update means that if you are running the GRAFT network node (graftnoded daemon), you must upgrade it to the current software release as soon as possible. If you do not install the updated node before the block 64445, it will be disconnected from the mainnet after block 64445.

In order to check whether you are running the right version of GRAFT software, launch graftnoded daemon in terminal window (in interactive mode) and type help command. If you are running the right version you should see Graft ‘Beta Lyrae’ (v1.1.2-release) in the first line of the help result.

Note that the users of mobile and desktop wallets are not affected by the upcoming network update and don’t need to do anything – as long as they are still connected to the default proxy supernodes (if you are connected to your own supernode, however, do not forget to upgrade the underlying network node).

Patch 1.1.1 Has Been Released – Major Network Update on Block 65110

We decided to make the major network update sooner in order to minimize the possibility of hashrate attacks. Patch version 1.1.1 is now released and available for download from master. The major network update itself is rescheduled for block height 65110, around April 14th.

Each GRAFT network node must be updated to the new software version before that block/date, otherwise, the node that wasn’t updated is going to be on the wrong version of the blockchain. This release contains the ASIC-resistance changes in the hashing algorithm and enhanced difficulty adjustment algorithm, which are supposed to protect GRAFT blockchain from most hashing attacks and stabilize the block intervals.

As another reminder, major network update means that if you are running the GRAFT network node (graftnoded daemon), you must upgrade it to the current software release between now and April 14th. If you do not install the updated node before April 14th, it will be disconnected from the mainnet after block 65110.

In order to check whether you are running the right version of GRAFT software, launch graftnoded daemon in terminal window (in interactive mode) and type help command. If you are running the right version you should see Graft ‘Beta Lyrae’ (v1.1.1-release) in the first line of the help result.

Note that the users of mobile and desktop wallets are not affected by the upcoming network update and don’t need to do anything – as long as they are still connected to the default proxy supernodes (if you are connected to your own supernode, however, do not forget to upgrade the underlying network node).

GRAFT Community Mining Pool – Required Miner Configuration Change and Software Update

IMPORTANT UPDATE April 12 – PATCH 1.1.1 HAS BEEN RELEASED – MAJOR NETWORK UPDATE ON BLOCK 65110

GRAFT Community Mining Pool (http://grftpool.com) has been updated to comply with the upcoming major network update which will change the hashing algorithm on April 14 (block 65110). In order to continue mining (even now, before the network update took place) you should update your miner’s configuration (and software if necessary) to be compliant with the recent changes. The new version of the miner with the new configuration is supposed to continue working after the network update as well, without additional changes.

You should change the current mining algorithm setting from “graft” (if you use XMR-Stak miner) or “cryptonight” (for other miners) to “monero7”. If your version of miner doesn’t support this algorithm, you need to update it to the latest version. Almost all popular miners already support “monero7” algorithm.

GRAFT 1.1.0 ‘Beta Lyrae’ Has Been Released

IMPORTANT UPDATE April 12 – PATCH 1.1.1 HAS BEEN RELEASED – MAJOR NETWORK UPDATE ON BLOCK 65110

We are excited to announce the release of major GRAFT network update version 1.1.0 ‘Beta Lyrae’ to the master / mainnet! Multiple tests are passed, and all the seed nodes are updated. The major network update itself is scheduled for block height 67850, about a week from now on April 17th. Each GRAFT network node must be updated to the new software version before that block/date, otherwise, the node that wasn’t updated is going to be on the wrong version of the blockchain. This release contains the ASIC-resistance changes in the hashing algorithm and enhanced difficulty adjustment algorithm, which are supposed to protect GRAFT blockchain from most hashing attacks and stabilize the block intervals.

As another reminder, major network update means that if you are running the GRAFT network node (graftnoded daemon), you must upgrade it to the current software release between now and April 17th. If you do not install the updated node before April 17th, it will be disconnected from the mainnet after block 67850. In order to check whether you are running the right version of GRAFT software, launch graftnoded daemon in terminal window (in interactive mode) and type help command. If you are running the right version you should see Graft ‘Beta Lyrae’ (v1.1.0-29ae686) in the first line of the help result. Note that the users of mobile and desktop GRAFT wallets apps are not affected by the upcoming network update and don’t need to do anything – as long as they are still connected to the default proxy supernodes (if you are connected to your own supernode, however, do not forget to upgrade the underlying network node).

And finally, we would like to thank everyone from GRAFT community who contributed to the first major GRAFT network update by providing their feedback! We appreciate your support! We look forward to working together on our next major milestone – alpha and beta releases of RTA (real-time authorization) functionality of full supernodes. Stay tuned!

Latest Testing Results of The Enhanced Difficulty Adjustment Algorithm

The upcoming GRAFT network update will take care of problems with hashrate attacks and instability of block intervals (in addition to ASIC resistance upgrade). We would like to share the most recent results of the new difficulty algorithm testing on the testnet. The first graph shows how the existing algorithm slowly adjusts to multiple spikes of the network hashrate: The second graph shows how the upgraded algorithm quickly reacts to virtually any change of the network hashrate: The release candidate build is finalized but we are still in a process of testing of the upcoming network update. We are still on track to release it next week, stay tuned to get further notifications about specific date/time. By the way, if you haven’t seen it yet, here is the most up to date and detailed GRAFT engineering roadmap.