Metaverse: Pillars of Creation (MPC)

Key Words:

1.) Hybrid Consensus Mechanism

2.) Dual Chain Archit ect ure
3.) Mining f or t okens (MST )
4.) 51% At t ack Solut ion
5.) Not hing-at -St ake At t ack Solut ion
6.) Funct ional Smart Cont ract s
7.) Decent ralized Social Credit Syst em (MARS)

Abstract

Met averse Pillars of Creat ion (MPC) is t he next major mainnet upgrade t o Met averse
since t he release of SuperNova in 2018. MPC support s a t hree-pronged hybrid
consensus mechanism composed of PoW+PoS+DPoS. T his hybrid consensus algorit hm
will prevent any 51% at t acks, PoS Not hing-at -St ake at t acks, and allow f or Met averse
Smart T oken (MST ) mining. MPC also int roduces t he Met averse Avat ar Reput at ion
Syst em (MARS), an open, decent ralized social credit syst em based on Met averse Digit al
Ident it y. In t he init ial whit epaper draf t , we described a t ype of programmable smart
asset s. In MPC t hese will be implement ed based on verifiable smart cont ract t emplat es.
While designing t he above f unct ions, we lay t he f oundat ion f or a layer-2 archit ect ure in
Met averse called Binary-Port -Chain. T he second layer chain f or st andardized digit al
ident it y and f unct ional smart cont ract s will help ent erprises connect highly scalable
services t o t he main Met averse chain. We call t his dual chain st ruct ure t he Met averse
Binary Syst em.

We will release MPC in t wo phases. In t he first phase, we upgrade t he consensus

mechanism, act ivat e MST mining, and set up t he MARS syst em. In t he second phase,
we plan t o implement programmable smart asset s and t he Met averse Binary Syst em.

Foreword

We divide Met averse development int o 4 main st ages:

1. First Release (February 2017 t o June 2018): issued ET P and provided t he basic
f unct ionalit y of digit al asset s
2. SuperNova (June 2018 t o March 2019): upgraded t he capabilit ies of digit al asset s
and added digit al ident it y
3. Pillars of Creat ion (March 2019 ~ 2020): dramat ically increase T PS, upgrade digit al
ident it y, and add smart asset s
4. Galaxy (~2020 and on): micro-inflat ion macroeconomic model, orient ed t o blockchain
dat a, will provide digit al ident it y and smart asset st andardized service prot ocols f or
art ificial int elligence.

MPC First St age

February 14, 2019: Release 0.9.0 f ull node inst allat ion package
March 1, 2019: Act ivat e t he Pillars of Creat ion prot ocol at t arget block height 1924000

MPC Second St age

July 2019

Metaverse Hybrid Consensus: Pillars of Creation

Overview

Pure Proof -of -Work (PoW) or Proof -of -St ake (PoS) consensus algorit hms have
limit ed t ransact ion speed (T PS) and do not meet t he scalabilit y requirement s of
mainst ream applicat ions. Blockchain designs addressing scalabilit y issues, on t he ot her
hand, are f orced t o make t radeoff s in t erms of securit y vulnerabilit ies. As f ar as t he
current blockchain indust ry scaling plans are concerned, t here are t wo main approaches:
1. Modif y t he consensus algorit hm it self t o improve T PS; or,
2. Modif y t he st ruct ure of t he t ransact ions t o improve T PS.
Met hod 1 is more f oundat ional t han met hod 2 and should be t he pref erred solut ion.
T hus, in MPC we consider a hybrid consensus mechanism t o improve T PS wit hout
compromising securit y. Since Met averse already operat es on PoW consensus, migrat ion
t o hybrid PoW-PoS consensus in MPC is relat ively st raight f orward and f ully compat ible
wit h t he current PoW mining regime.

Hybrid Consensus Mechanisms

Common hybrid consensus mechanisms can be divided int o t wo cat egories: PoW+PoS
and PoW+BFT .

PoW+PoS can be divided int o 3 cases:

1. PoW and PoS compet e in parallel t o generat e blocks: UBT C
2. PoW packaged t o generat e blocks, wit h PoS finalizing t he blocks: i.e. Decred,
Casper, Espers
3. PoW and PoS joint ly generat e blocks, wit h a fixed proport ion and order of block
generat ion

PoW+BFT (or ot her improvement s):

1. PoW generat es blocks and t hen finalizes t hem by BFT
2. PoW det ermines Leader, Leader is responsible f or writ ing key-block and micro-
block, mainly t o solve selfish-mining: represent ed by Bit coin-NG, including Credo,
Hcash

Metaverse Pillars of Creation (MPC)

Alt hough t he PoW algorit hm is relat ively simple and eff ect ive, it s securit y is a f unct ion
of hash power, raising t he possibilit y of 51% at t acks, selfish mining, and ot her relat ed
issues. By analyzing PoS, we know t hat we can choose PoW+PoS t o compet e f or t he
block generat ion based on t he f oundat ional and f ully compat ible PoW consensus
algorit hm. Finally, t he MARS syst em can act ivat e DPoS on t he Met averse chain. We
divide t he hybrid consensus Pillars int o t wo phases.

Pillars Phase 1
 Act ivat ion Point - block height 1924000
 Average Block Generat ion T ime is 25.02 seconds, PoW percent age y = 90%, PoS
percent age z = 10%

PoW Difficulty Adjustment

 Hash algorit hm is f ully compat ible

 According t o t he t heoret ical and act ual block t ime, t he current PoW block t ime is
about 33.5 seconds/block, will be adjust ed t o 28 seconds/block
 Cont inuous W blocks must cont ain one PoS block, W = 30
  T he difficult y is adjust ed t o t he f ollowing algorit hm t o make t he PoW block more
st able: When t he comput ing power increases sharply, t he growt h rat e is t he same
as bef ore, and when t he comput ing power decreases, t he comput ing hash power
drops much f ast er t han bef ore (beneficial t o t he miners)

1  bigint const interval = (bigint)(_bi.timestamp-_parent.timestamp);   

2  bigint const adjustvalue= max<bigint>(2 - interval /10 ,-99);       
 target = _parent.bits + _parent.bits/2048*adjustvalue;

Af t er calculat ion, due t o t he block generat ion, PoW miners will increase t heir revenue by
about 7% compared t o t he upgrade.

Designing PoS

 According t o z=10%, adjust t o 252 seconds/block, t he init ial block rewards of

0.3*0.95^3, at t enuat e every 500,000
 When t he PoW difficult y is lower t han a cert ain value, t he PoS get s a 50% ret urn (t o
be det ermined)
 PoS mining wallet must have at least one inbound connect ion

1 bigint const interval = (bigint)(_bi.timestamp-_parent.timestamp);   

2  bigint const adjustvalue= max<bigint>(18 - interval /10 ,-99);       
 target = _parent.bits + _parent.bits/2048*adjustvalue;

Pillars Phase 2
 Probable act ivat ion block - 2541142
 Average block creat ion t ime 16.35 seconds, PoW rat io y = 15/32, PoS rat io z =
1/16, DPoS rat io v = 15/32

Adjusting PoW Difficulty

 Hash algorit hm is f ully compat ible

 According t o t he t heoret ical and act ual block t ime, t he current PoW block t ime is
around 33.5 seconds/block, af t er adjust ment will be around 34.9 seconds/block
 T he difficult y is adjust ed t o t he f ollowing algorit hm, which makes t he PoW blocks
generat e more smoot hly, and t he difficult y is quickly adjust ed according t o t he t ype
of t he preceding block

1 bigint const interval = (bigint)(_bi.timestamp-_parent.timestamp);   

2  bigint const adjustvalue= max<bigint>(2 - interval /10 ,-99);       
3 if (prevs_header.is_pow_version() || prevs_header.is_pos_version()) {
4 adjustvalue *= 2;
5 target = _parent.bits + _parent.bits/2048*adjustvalue;
6 } else {
7 target = _parent.bits + _parent.bits/2048*adjustvalue;
8 }

Designing PoS (MPC Phase 1)

 According t o z=2/32, adjust t o 268 seconds/block

 When t he PoW difficult y is great er t han xxx or less t han xxx, PoS will gain 50%
(T BD)
 PoS mining wallet must have at least one inbound connect ion
 When PoS mining consumes any UT XO (1000ET P UT XO), t he UT MO recovery
period block height g(z) sat isfies t he f ollowing f unct ion:

Where z is t he difficult y of mining PoS.

Designing DPoS (MPC Phase 2)

Object ive:
1. T hrough t he model design, allow t he DPoS consensus t o be more st able in
generat ing blocks.
2. T he MARS score is t he core evaluat ion of t he block, considering t he qualit y of t he
nodes. Whet her t he node has a cert ificat e, whet her t he st aked amount is sufficient ,
and whet her t he node is act ively generat ing blocks are t hree aspect s f or evaluat ion.
T he cert ificat e reflect s t he management efficiency, normalcy, and guarant eed qualit y
of t he f oundat ion. T he st ake reflect s t he influence of nodes on t he net work, and
how act ively blocks generat e reflect s whet her t he node has f ulfilled it s due
obligat ions during t he operat ion of t he net work.
3. At t he beginning of each node replacement cycle, t here is also a node management
incent ive f or t he development of t he best nodes wit hin t he net work t hat will t ake
int o considerat ion t he number of nodes.

Cert ificat e at t ribut e:

Cert ificat e have t he f ollowing st at us:
 Act ivat ion st at e
 Inact ive st at e

Sufficient condit ions f or act ivat ion: Develop at least 23 secondary nodes
Necessary condit ions f or inact ivat ion: Inact ivat ed relat ive t o 2 million blocks
Not t ransf erable in inact ive st at e
Not t ransf erable in act ive st at e
Cannot t ake t he init iat ive t o cancel t he deact ivat ion

Design Cont ent :

 According t o v=15/32, adjust t o 34.9 seconds/block (release curve t o be
det ermined, convex int egrable f unct ion, alt ernat ive sigmoid)
 Init ial block generat es 23 wit ness cert ificat es
 Wit h a t ier one cert ificat e, you can set up 23~46 t ier t wo cert ificat es
 At least 23 nodes need t o st art at t he t ier one level t o open up mining (t he second
t ier cert ificat e recipient s must have 100,000 ET Ps and be t he first 100 users in t he
regist rat ion list ), t he first level cert ificat e holder get s anot her 158,000 ET P (if
mining t hen will be released, if not mining t hen will not be released)
 Ordinary invest ment invest ors can choose cert ificat e holders, rent t heir st ake t o t he
cert ificat e holder, and get t he proceeds f rom it
 T he possibilit y of DPoS wit nesses being elect ed is ent irely det ermined by t heir
MARS value

MARS Value = F (NodeCert , NodeSt ake, NodeBlockMiss)

NodeCert : t he cert ificat e explained above

NodeSt ake: t he st ake holding t he ET P
NodeBlockMiss: Missed st at ist ical value of t he blocks

1.) Overview of t he number of nodes, right s and obligat ions

T able 1

Node Number Right s Obligat ions

T ype

Tier 1 Node 23 1.) Hold a Level 1 certificate (valid
for two months)
2.) Generate up to 46 secondary
certificates
3.) Increase the MARS value after
activating the level 1 certificate,
valid for 2 million blocks
4.) Get block rewards based on the
block creation situation
1.) After obtaining the first level
certificate, develop at least 23
secondary nodes to participate in the
consensus and activate the validity of
the certificate.
2.) Actively participate in the block
creation, maintain the MARS value,
avoid freezing that will lead to the
revocation of the certificate

Tier 2 Node At most 1.) Hold a Level 2 certificate and 1.) Actively participate in the block
1058 increase the MARS value, valid for creation and maintain the MARS value
2 million blocks
2.) Get block rewards based on the
block creation situation

2.) MARS Design

MARS is aff ect ed by t hree f act ors: cert ificat e, st ake, and block miss rat e:

(1) Hold a valid level one or level t wo cert ificat e, and t he cert score is 30 point s.

(2) St ake number score: For example, 100,000 ET P corresponds t o 30.9 point s, and t he
f ormula is as f ollows:

(3) BlockMissRat e score: Definit ion - t he node EpochNum is select ed as t he candidat e

block node of epoch, t he 23 represent at ive nodes will t ake t urns t o creat e 230 blocks,
meaning each node will t ake t urns generat ing 10 blocks. If it is t he t urn of Node t o
generat e t he block, and Node misses t he block f or net work reasons, t hen
BlockCount <10. At t he end of t he current epoch, t he BlockMissRat e score of t he
EpochNum block of t he Node is calculat ed. T he f ormula is as f ollows:

Among t hem, NodeBlockMiss is t he block error rat e of t he Node f rom t he first t ime it
has become a candidat e. T he recursive calculat ion f ormula is as f ollows, and defines
NodeBlockMiss(0, BlockCount )=0:

3.) MARS relat ed incent ives, as well as node development incent ives (draf t )
The following are projections and are not final figures. These are subject to change as we
garner feedback from the community before MPC Phase II.
T able 2

Node T ype Act ion Incent ive

T ier 1 Node Earn a level 1 Earn 18,000 ET P, released in 12 mont hs

cert ificat e issued by Increase MARS scores, making it easier t o
t he Foundat ion generat e blocks

Develop 23 level 2 Earn 158,000 ET P, released in 12 mont hs

nodes in t wo mont hs, Increase MARS scores, making it easier t o
act ivat e t he cert ificat e generat e blocks

Block Creat ion 0.5 ET P：block reward

Secondary level 2 node number*0.01 ET P:
Node management reward x ET P: current
block's t ransact ion f ee
MARS value is st able and easier t o generat e
blocks

Level 1 cert ificat e is Decrease MARS scores, more difficult t o

revoked generat e blocks
Remaining locked ET P t hat is f orf eit ed t o
be ret urned t o t he Foundat ion

Level 1 cert if cat e Decrease MARS scores, more difficult t o

expires generat e blocks
 Level 2 node Level 1 cert ificat e t o be revoked, reducing
development f ails t he MARS score, making it harder t o
generat e blocks

MARS score is low f or Freeze t he Level 1 and secondary Level 2

an ext ended period of cert ificat es
t ime St op issuing t he locked ET P unt il t he node
cont act s t he f oundat ion
Af t er 3rd f reeze, will revoke Level 1 and
Level 2 cert ificat es

T ier 2 Node Obt ain t he secondary Earn 6,000 locked ET P, released in 6

level 2 cert ificat e mont hs
issued by t he t ier 1 Increase MARS scores, easier t o generat e
node and t he blocks
Foundat ion

Block Creat ion 0.5 ET P: Block rewards

x ET P: current block's t ransact ion f ee
MARS value is st able and easier t o generat e
blocks

Level 2 cert ificat e is Decrease MARS score, harder t o generat e

revoked blocks
Remaining locked ET P t hat is f orf eit ed t o
be ret urned t o t he Foundat ion

Level 2 cert ificat e Decrease MARS score, harder t o generat e

expires blocks

4.) Algorit hm Basic Flow

Basic Flow:
Wit ness-MARS combines t he Sat oshi Nakamot o's random number algorit hm, and t he
MARS score as a weight aff ect s t he probabilit y of select ion. If 1024 is insufficient , it
will be select ed according t o t he act ual person. If more t han 1024, t hen according t o
t he MARS ranking select ed pre 1024, t he MARS influence f act or is degraded t o PoS
only when it is st aked.
Competitive PoW-PoS hybrid block production

First , due t o similar block st ruct ure and consist ent block generat ion logic, we consider
t he simult aneous act ivat ion of PoW and PoS consensus. T he diff erence bet ween t he
t wo is t hat PoS has more coinst ake st ruct ure t han PoW, t hus we only need t o
simult aneously validat e PoS blocks and PoW blocks in t he verificat ion part of t he
consensus.

Figure: Flowchart of Blackcoin's PoS mechanism process:

Figure: Flowchart of UBT C's PoS mechanism：

T hese t wo mechanisms give us a design roadmap f or hybrid PoW+PoS consensus:
By modif ying t he Met averse code according t o t he above flowchart , we creat e a PoS
block in miner::creat e_new_block, set t hat block's version as block_version_pos, and at
t he same t ime add a coinst ake t ransact ion in t hat block‘s t ransact ions. As not ed
previously, a coinst ake t ransact ion has t he f ollowing specified t ransact ion f ormat s:
 input s, t he first ent ry represent s mining st ake UT XO;
 out put s, t he first ent ry is empt y;
 out put s, t he second ent ry is t he corresponding UT XO out put of t he first input
ent ry;

At t he same t ime, in order t o prevent ident it y f orging and block t ampering, t he PoS
block header also cont ains t he signat ure blocksig of t he ent ire block wit h t he wit ness's
privat e key.

In order t o act ivat e PoS we must f ulfill t he f ollowing condit ions:

1. lock a cert ain amount of ET P;
2. Hold a cert ain amount of ET P t hat can be used f or mining; a UT XO must meet a
cert ain level of mat urit y bef ore it can be used f or mining;

In order t o collect small UT XO and split large UT XO f or mining, each coinst ake
t ransact ion includes a small_collect and large_split f unct ion.

PoS also has a MARS score requirement t o f ulfill bef ore mining.

DPoS f ollower-block production

Met averse hybrid consensus also support s DPoS f ollower-block product ion, t hat is,
af t er a PoW or PoS block is produced it can be f ollowed by a DPoS block. First , a
DPOS consensus t able of wit ness candidat es is generat ed and regist ered as a Merkel
hash on t he block header recording which credent ials are valid and which are invalid.
T hen, wit nesses are randomly select ed according f rom t he DPoS regist ry, weight ed by
MARS score.

T he DPoS process is as f ollows:

1. DPoS miners are regist ered as wit ness candidat es;
2. Wit ness candidat es st ake a cert ain amount of ET P;
3. T he first block in each epoch randomly select s a group of wit nesses based on t he
proport ion of candidat es' st ake;
4. Wit hin an epoch, t he elect ed wit nesses produce a block;
5. T o avoid sit uat ions wit h offline wit nesses, wit nesses wit h f ar-below average block
product ion in each epoch are prohobit ed f rom part icipat ing in t he next round of
elect ions.

DPoS Block product ion:

As shown in t he chart above, a new DPoS block is creat ed in miner::creat e_new_block,

t hat block's version is set in block_version_dpos, and t he wit ness's public key is added
t o t he block header.

At t he same t ime, in order t o prevent ident it y f orgery and block t ampering, t he PoS
block header also cont ains t he signat ure blocksig of t he ent ire block wit h t he wit ness's
privat e key.

DPoS act ivat ion requires meet ing t he f ollowing t wo condit ions:
1. Init iat e a t ransact ion t o regist er as a wit ness candidat e;
2. Lock a cert ain amount of ET P as st ake.
Advantages of Metaverse Hybrid Consensus

PoS Analysis

A discussion of MPC design advant ages begins win an analysis of current PoS
variat ions, such as Pure PoS1.0/PoS2.0/PoS3.0, Dynamic PoS, Liquid PoS, Lease PoS,
and Forging PoS. All PoS implement at ions are based on t he f ollowing logic:

On t he PoS prot ocol, blocks are separat ed int o t wo dist inct t ypes: PoW blocks and
PoS blocks. T he PoS in t he new t ype of blocks is a special t ransact ion called
coinst ake (named af t er PoW special t ransact ion coinbase). In t he coinst ake
t ransact ion, t he block owner pays himself t hereby consuming his coin (or coin age),
while gaining t he privilege of generat ing a block f or t he net work and mint ing f or PoS.
T he first input of coinst ake is called kernel and is required t o meet a specific hash
t arget prot ocol, t hus making t he generat ion of PoS blocks a st ochast ic process
similar t o PoW blocks. However, a significant diff erence is t hat t he hashing operat ion
is done over a limit ed search space (more specifically one hash per unspent wallet -
out put per second) inst ead of an unlimit ed search space as in PoW. T hus, no
significant consumpt ion of energy is involved (King & Nadal, 2012).

In ot her words, PoS it self cont ains PoW, and in t he Pure PoS algorit hm, t he PoS part is
st rengt hened and t he PoW part is weakened. We analyzed PPCoin, NovaCoin, YaCoin,
and BlackCoin, and f ound t hat t he PoW+PoS hybrid mode was adopt ed early on.

T o generat e blocks on t he PoS algorit hm, t he f ollowing condit ions must be met :

hash(st ake_modifier, current _t ime, UT XO) < coin(UT XO) * difficult y

1. Users at every second (current _t ime) t raverse all of t heir UT XO, subst it ut ing int o
t he above f ormula t o see if it can sat isf y t he inequalit y condit ion. If it is sat isfied,
record t he corresponding UT XO in t he block and release t he block. (see Point 4)
2. St ake_modifier is t he value af t er hashing some of t he fields in t he previous block.
T his is added t o prevent users f rom knowing in advance when t hey have t he right t o
mine.
3. Difficult y will be dynamically adjust ed according t o t he recent block out put t ime t o
ensure a st able block generat ion t ime int erval.
4. Since we only need t o complet e t he hash calculat ion equal t o t he number of UT XOs
per second, t he required comput ing power is lower.
5. From t he inequalit y equat ion, we can see t hat t he more UT XOs are held, t he great er
t he amount of t okens in UT XO (coin(UT XO)), t he longer UT XO holds (age (UT XO)
or t he age of t he coin), and t he easier t he inequalit y is t o solve, t he easier it is t o
mine.
6. Generat e block reward set t ings f or coin(UT XO) * age(UT XO). T hat is, t he larger t he
UT XO amount and t he longer t he holding t ime, t he higher t he reward.
7. In order t o record eligible UT XO int o blocks and be compat ible wit h t he original PoW
mode, Peercoin designed t he logic of coinst ake: Keep t he original first t ransact ion
as coinbase, but t he required input quant it y must be equal t o 1, and t he input
 "prev.out " field must be set t o a null value, and t he out put quant it y must be great er
t han or equal t o 1. If t he second t ransact ion needs t o be coinst ake, t his requires
t he input quant it y t o be great er t han or equal t o 1, and t he first input is UT XO t hat
meet s t he condit ion, t he out put quant it y is great er t han or equal t o 2, and t he first
out put must be blanked, and t he second out put is block reward.

T he st ruct ure of a PoS block is as f ollows:

In some versions of PoS design, t he f ollowing f ormula is used:

hash(st ake_modifier, current _t ime, UT XO) < coin(UT XO) * age(UT XO) * difficult y

Due t o t he int roduct ion of t ime f act or, t here is t he possibilit y of a Coin Age
Accumulat ion At t ack. T hat is, t he node is shut down, and when t he age (UT XO) is large
enough, t he node mining is st art ed, t hereby saving power, which causes t he problems
t hat t he number of online nodes is t oo small and t he syst em is f ragile. Of course, it is
fine t o set an age limit , but doing so also loses t he meaning of age as a moderat or. In
summary, t he hybrid consensus Pillars will not consider t he scheme of coin age.

Potential Attacks

Not hing-at -St ake At t ack

In t he PoW mechanism, when t he ledger is f orked, t he PoW is a comput at ionally
sensit ive algorit hm. T he miner must choose a direct ion t o mine t o maint ain t he chain
wit h t he most difficult y. Due t o t he PoS mechanism being not sensit ive, PoS miners
t end t o mine in mult iple direct ions in an eff ort t o maximize t heir profit s. Over t ime, t he
chain t ends t o diverge rat her t han converge, so when most miners are mining t oget her
on mult iple f orked chains, it is easy t o have a double spend at t ack, so t he ledger of
t his chain is basically unusable.
Long Range At t ack
In PoS, t he speed at which each block is generat ed is much f ast er t han PoW.
T heref ore, a f ew unscrupulous nodes will t hink about rewrit ing t he ent ire blockchain
consensus ledger. In t he PoW consensus mechanism, t his is t he classic 51% problem: If
a node cont rols more t han 51% of t he hash power, t his node will have t he abilit y t o
reverse t amper t he ledger f or up t o 6 blocks. T his kind of inversion abrupt ly increases
t he number of reverse blocks, so even if you have more t han 51% of t he comput ing
power, it is very difficult t o t amper wit h more t han 6 blocks in reverse. However, in PoS,
t here is no const raint on physical comput ing power, t hen t he reverse t ampering wit h t he
ledger can achieve any block height . From t his perspect ive, PoS is not as saf e as PoW.

Bribe At t ack
T he bribe at t ack process is as f ollows:
1. T he at t acker buys a good or service.
2. Merchant s wait f or t he net work t o confirm t he deal.
3. At t his point , t he at t acker begins t o claim f or t he first t ime in t he net work and
rewards t he current longest chain t hat does not cont ain t his t ransact ion.
4. When t he main chain is long enough, t he at t acker begins t o give out more rewards
t o miners who mine t he chain t hat cont ains t he t ransact ion.
5. T he at t acker gives up t he reward af t er six confirmat ions are reached.
6. When t he goods arrive, t he at t acker gives up t he chain he select ed originally.

T heref ore, as long as t he cost of t he bribery at t ack is less t han t he cost of t he goods
or services, t he at t ack is successf ul. In cont rast , bribery at t acks in t he PoW mechanism
require t he bribery of most miners, so t he cost is ext remely high and difficult t o realize.

Alt hough pure PoS has many problems, PoS has bet t er flexibilit y t han PoW, so we will
consider solving t hese problems in t he Met averse hybrid consensus Pillars.

MPC Attack Resistance

51% Attack Resistance

Consider a t ypical 51% at t ack, as shown in t he f ollowing figure:

When an adversary init iat es a 51% at t ack or engages in selfish mining, a branch chain of
lengt h Q is accumulat ed at at t ack point A. When Q is great er t han S, t he at t acker
must sat isf y t he f ollowing when releasing t he Q chain:

When Q is great er t han or equal t o W=30, t he at t acker's Q chain is not accept ed;
When Q is less t han or equal t o W=30, t he at t acker's Q chain is st ill in a st at e where
t he securit y confirmat ion number is not reached;

When a PoS miner init iat es a Not hing-at -St ake at t ack at block B, it is det ermined by
t he subsequent PoW block C. T he PoS miner cannot maint ain a longer f ork chain.
Ent ering t he t hree-way hybrid consensus st age, t he DPoS block f ollows t he PoW block.
T he DPoS block prevent s at t acks on A' and C'; on t he ot her hand, if DPoS t ries t o
at t ack it will be reject ed by PoW and PoS blocks.

Sybil Attack Resistance

While no consensus algorit hm can current ly resist a Sybil at t ack, t he Avat ar MARS
score makes such an at t ack significant ly more cost ly, t hereby est ablishing a
crypt oeconomic incent ive st ruct ure t hat reduces t he probabilit y of Sybil at t acks t o
near-zero.

Conf usion Attack Resistance

1. A malicious act or could t amper wit h t he PoW block version, causing consensus
f ailure due t o a PoW block f alsely modified t o have a PoS block st ruct ure. A valid
PoS block must meet t hese condit ions:
a. block version is block_version_pos；
b. the block's first entry must be a coinbase tx;
c. the block's second entry must be a coinstake tx；
d. first coinstake tx input entry must represent the miner's stake UTXO;
e. first coinstake tx output entry must be empty；
f. second coinstake tx output corresponds to first input entry UTXO;
g. the witness's private key pair corresponds to the blocksig contained in the block
header;

A PoS block can only be valid when t he above condit ions are met , prevent ing a PoS-
PoW conf usion at t ack.

2. A malicous act or could t amper wit h t he PoS block version, causing consensus
f ailure due t o a PoS block f alsely modified t o have PoW block st ruct ure. A valid
PoW block must meet t hese condit ions:
a. block version is block_version_pow;
b. the block's first entry must be a coinbase tx;
c. there are no coinstake transactions in the block;
A PoW block can only be valid when t he above condit ions are met , prevent ing a PoW-
PoS conf usion at t ack.

3. T imest amp at t ack

T he t imest amp of a qualified block must meet t he f ollowing condit ions:
a. T he t imest amp cannot be earlier t han t he previous block's t imest amp;
b. T he t imest amp must be no lat er t han t he t ime of validat ion plus a narrow t ime-
window;

T he Met averse t ime-window is adjust ed t o 38 seconds. Since PoW and PoS t imest amp
validat ions are diff erent , t hus it is impossible t o cause consensus f ailure by t imest amp
conf usion at t ack. Wit h an average block t ime of 25 seconds, an at t acker could at most
produce 2 at t acking blocks; any more, and t he difficult y increases, slowing block
product ion and prevent ing a t imest amp at t ack.

P2P Network Carrying Capacity

T he t heoret ical limit f or t he P2P net work t o process all blocks is about 10 seconds.
Current ly Met averse block t imes are not suit able f or opt imizat ion t o around 15 seconds
wit hout f urt her improvement of t he P2P net work and wit hout uncle blocks.

Support f or Lightning Network（@MPC Phase1)

T he first st age of MPC will support Light ning Net work, a second-layer net work which
depends on t he underlying blockchain f or securit y. By using real Bit coin-like t ransact ions
and using it s nat ive smart -cont ract script ing language, it is possible t o creat e a secure
net work of part icipant s wit h high t hroughput wit hout significant ly compromising
securit y. Since Met averse t ransact ion st ruct ure is similar t o t he Bit coin net work, it is
relat ively simple t o develop our own LN implement at ion.

Adjustment of Original ETP Locking Reward（@MPC Phase1)

In MIP-2 we assessed t hat t he original ET P locking reward is unreasonable as it may

cause t ot al circulat ing supply t o reach t he maximum limit of 100 million ET P af t er 7-14
years. Given t he similarit y bet ween t he original locking reward and PoS st aking reward
f unct ions, we will convert all ET P locking rewards int o PoS and DPoS rewards. ET P
previously generat ed by locking will remain permanent ly. Due t o f ast er block t ime,
current ly locked ET P deposit s will be released ahead of schedule.

Upgrade of Digital Asset Protocol

MST Mining（@MPC Phase 1）

In order f or MST t o share t he asset dist ribut ion f unct ionalit y of Met averse consensus
algorit hm, MPC Phase 1 support s PoW mining and PoS mint ing f or MST asset s. In t he
second phase of MPC, PoW, PoS, and DPoS mining and mint ing will be support ed.
 All Met averse asset st ruct ures are UT XO-based, and we have made out put ext ensions
f or t he coinbase as f ollows:

1 {
2 "hash" : "bf4ca43a2c23c8d5b06",
3 "inputs" : 
4 [
5 {
6 "previous_output" : 
7 {
8 "hash" : "00000000000000000000",
9 "index" : 4294967295
10 },
11 "script" : "[ b71f0f ]",
12 "sequence" : 0
13 }
14 ],
15 "outputs" : 
16 [
17 {
18 "address" : "Miner's Address'",
19 "attachment" : // nomarl coinbase
20 {
21 "type" : "etp"
22 },
23 "index" : 0,
24 "value" : 94338400
25 },
26 {
27 "address" : "Miner's Address",
28 "attachment" : // new MST output for coinbase
29 {
30 "quantity" : 300000000,
31 "symbol" : "TEST001.MINING",
32 "type" : "asset-transfer"
33 },
34 "index" : 1,
35 "value" : 0
36 }
37 ],
38 }

MST Mining Flowchart ：

Specific st eps are as f ollows：
1. MST asset is designat ed mineable when creat ed;
2. MST asset is regist ered on mainnet and mining reward paramet ers are set ;
3. Miner designat es which MST asset t o mine；
4. Miner begins mining as usual; MST mining rewards will st art t o be included in t heir
coinbase rewards.

Asset Pricing Replacement Swap（@MPC Phase 2）

Ref er t o MIP-15

Digital Identity Protocol Upgrade

Open MARS Standard（@MPC Phase1）

Ref ers t o MIP-16

MPC Phase 2 will implement DPoS algorit hm ref erencing MARS scores

Compatibility with OIDC Unified Login Portal（@MPC Phase 2）

Avat ars inherit OIDC when a Met averse wallet is opened, providing decent ralized ident it y
services and allowing t he ext ension of Avat ars t o t radit ional int ernet applicat ions.

Metaverse Standard Identity Service（@Galaxy）

Precision airdrop service

Personal Achievement Cert ificat e service
Public blockchain dat a mining (AI-f riendly)
Metaverse Binary System - Galaxy

T here is a cont inual challenge f acing blockchain applicat ions, finding t he balance
bet ween T PS and decent ralizat ion. When t he T PS is upgraded, t his hurt s
decent ralizat ion, so we consider t he double-chain archit ect ure. T he current Met averse
inf rast ruct ure act s as a f oundat ion t hat has decent ralizat ion capabilit y. T he second
chain provides high T PS t ransmission capacit y and can be synchronized wit h t he DPoS
on t he main chain. T he problem wit h t he second chain is how t o adapt t o t he exist ing
syst em.

The Microeconomy of the Main Chain

T o be writ t en...

Binary Port

T here are many archit ect ural pat t erns, and we only discuss single-point applicat ions,
layered archit ect ure pat t erns, event -driven archit ect ural pat t erns, and micro-service
archit ect ure pat t erns. We will discuss where MBaaS should be in t hese archit ect ural
pat t erns.

The Relationship Between MBaaS and Wallet

First of all, MBaaS is a collect ion of services. T he represent at ion in t he syst em is a t ype
of service process, which is usually generat ed by t he wallet program.
Current ly we can operat e t wo modes:
1.) Wallet -segregat ed mode: Separat e f unct ions f rom t he wallet program int o a mult i-
process mode, wit h each process providing a light weight MBaaS;
2.) Wallet program unified mode: T he wallet program provides MBaaS, but can f orm a
mast er-slave relat ionship and make an int ernal dist ribut ed net work inst ead of
connect ing t o t he public net work. T he unified model put s higher demands on t he
opt imizat ion and st abilit y of t he wallet .

Separat ion mode

Met averse provides at least t he f ollowing basic module separat ion:

l  P2P Net work

l  T ransact ion verificat ion and resolut ion
l  Privat e key management
l  Persist ent block st orage
T he light wallet is t he first case of t he separat ion mode, f rom t he f ull node wallet .

Unified Mode
T he wallet program at least provides int ernal high-speed synchronizat ion, and t he
int ernal nodes change f rom final consist ency t o st rong consist ency, which requires t hat
int ernal nodes can achieve st rong consist ency when t he blockchain f orks.
Separat ion mode and unified mode are not absolut e, and t here may be a mixt ure in t he
act ual applicat ion. We will now discuss t he archit ect ural model.

Monolith Applications

Single-point applicat ions are divided int o client -side single-point applicat ions and
server-side single-point applicat ions. An example of t he server-side single-point
applicat ion is WordPress. If we want WordPress t o support MST , t he quickest way is
t o build t he Met averse wallet on t he t he WordPress backend, and t hen modif y t he
backend code t o call t he MST relat ed API. T he final int erf ace will display t he MST
t oken. T his sit uat ion is suit able f or a unified mode and rapid deployment . Single-point
applicat ions are more commonly used in t he Microkernel Archit ect ure mode. For
example, t he Met averse Avat ar is embedded in t he Eclipse IDE, which requires t he
Met averse light wallet t o be plugged int o Eclipse as a plugin. T his sit uat ion is suit able
f or segregat ed mode, such as a light wallet .

Layered Architecture

Layered archit ect ure is suit able f or bot h segregat ed and unified modes depending on
t he scope of t he layer st ruct ure. Segregat ed mode is clearly more suit able f or large-
scale layers such as a Service-orient ed archit ect ure (SOA). In segregat ed mode, MBaaS
can be placed on t he business layer as a st andard compenent as t he wallet API only
needs t o be compat ible wit h ot her modules on t he same layer. St ruct ural blockchain
st orage may be required f or a persist ent dat a layer, ot herwise t he wallet it self can
direct ly replace t he block st orage f unct ion. In unified mode, MBaaS is suit ed f or small-
scale applicat ions where it can direct ly ref er t o t he server node.

Event-driven Architecture

Event -driven archit ect ure is suit able f or segregat ed models. T his model f ocuses on t he
dist ribut ion and processing of event s. Looking at t he logic of blockchain, we can see
t hat t he blockchain is based on t ransact ions and a t ransact ion it self is an event .

In Mediat or mode, t he abilit y t o resolve t ransact ions is needed t o parse and redist ribut e
t ransact ion t ypes and dat a. For account st at us model, it must also read account
st at us; in Broker mode, each Processor can parse and det ermine t he t ransact ion
wit hout involving changes made by t he Broker.

T he above process is input as an event , and when t ransact ion out put is required, we
can t hink of t he wallet as a processor and only deal wit h t he business relat ed t o t he
blockchain, but here we may encount er t he problem t hat t he processor evolves int o a
cent ral processor. Because t he ult imat e goal of any core business flow is payment , t he
wallet processor will become a collect ion of aut hent icat ion, signat ure, and broadcast
t ransact ions, and will encount er significant perf ormance bot t lenecks.

T heref ore, t he net work module and t ransact ion verificat ion module in segregat ed mode
can be horizont ally ext ended. T o accomplish t his Met averse should provide a complet e
SDK t o support event dist ribut ion and processing.
Microservice Architecture

Microservice archit ect ure is suit able f or bot h unified and segregat ed models. In a unified
model t he wallet becomes a microservice component as long as t he wallet f unct ions are
sufficient ly cohesive. For example, a wallet can perf orm payment in component A and
perf orm t ransact ion validat ion in component B. T his requires t he wallet f unct ions t o
adhere t o t he microservices archit ect ure and t o provide a robust query-verif y API. On
t he ot her hand, t he archit ect ural concept of microservices fit s very well wit h segregat ed
models, t hus it is not difficult t o st andardize Met averse microservice component s.

Smart Contracts（@Galaxy）

St andard T emplat e Library of Smart Propert y

St andard T emplat e Library of Avat ar
Funct ional Language f or Smart Cont ract
Code T emplat e Upgrade Syst em Manager

References
 《PoW, PoS, & Hybrid prot ocols: A Mat t er of Complexit y?》ht t ps://arxiv.org/pdf /1
805.08674.pdf
 《2-hop Blockchain: Combining Proof -of -Work and Proof -of -St ake Securely》ht t
ps://eprint .iacr.org/2016/716.pdf
 ht t ps://git hub.com/mvs-org/mips/blob/mast er/mips/mip-2.md
 ht t ps://git hub.com/Nevacoin/nevacoin
 ht t ps://git hub.com/dashpay/dash/issues/2268
 ht t ps://git hub.com/mvs-org/mips/blob/mast er/mips/mip-16.md
 ht t p://newmet averse.org/whit e-paper/Met averse-whit epaper-v3.0-EN.pdf