The Helium network is a massive decentralized LoRaWAN® network that compensates those who host physical hotspots by rewarding them with Helium tokens, or $HNT. This system is known as Proof-of-Coverage (PoC).
As the network has grown and awareness of this project has increased, there have been an increasingly large number of cheaters. When we discuss network gaming, we aren’t talking about people playing video games using LoRaWAN. We’re talking about abusing or exploiting the protocol and reward mechanism(s). This is most often performed by a bad actor looking to enrich themself.
Gaming, spoofing, hacking, and all types of bad behavior harm the network. Since there is a fixed amount of rewards distributed via PoC each month, each and every hotspot that is gaining more rewards than it deserves is decreasing rewards for everyone else. Also, this can affect the implicit trust in the network. Imagine deciding that a project is feasible due to asserted Helium hotspot coverage just to find out that some crucial hotspots have spoofed locations.
Though there are many other terms that could be used to classify specific behaviors, this article will use “gaming” as the catch-all term.
How is Gaming Classified?
Gaming can be defined as any interaction with the Helium network that is dishonest or harmful. Buying a new antenna because it potentially increases your earnings is not gaming.
Almost all gaming revolves around the practice of spoofing. When you assert your hotspot’s location for the first time, you are convinced to choose an accurate location.Through this “beaconing” system, coverage is proved. This article by Hans is the most thorough source material and includes real-life examples of spoofing.
However, what if a malicious user owns multiple hotspots and spoofs them all in the same place? Especially a place in which there are no genuine, legitimately asserted hotspots. Though they might be asserted in the Arctic Circle, maybe they’re all actually running inside someone’s bedroom in a small town in the United States.
It can be easy to identify flagrant cheaters just by using data on the blockchain. As you might imagine, this type of system was not implemented at the start, and there can still be false positives. The website Suspots provides a summary of indicators of suspicious network activity. These indicators include: TX_SCALES, PERFECT_LAYOUT, SIMILAR_WITNESS_LIST, LONG_WITNESS, RSSI_SNR_ODDITIES, IMPOSSIBLE_LOCATION, WALLET_ONLY, CUSTOM_FIRMWARE, SIMILAR_IP, HIGH_REWARDS, NO_LISTEN, NO_RESPONSE_MAPPER, NO_WITNESSES, and OTHER.
While many of these indicators may be descriptive, the Suspots project doesn’t appear to be open source, and there are no technical descriptions provided for some indicators. This leads to a lack of clarity. For example, how can you programmatically establish that a location is “impossible”?
Regardless, this is a useful community-organized project and there is overlap between this effort and what’s been undertaken by Helium, Inc.
Statement from Helium Inc. CEO
In response to recent comments in the discord diy-packet-forwarder channel, I am compelled to address the conversation surrounding network gaming and denylists (or “black lists”), and what’s being done about it. Helium’s mission has always been to build a global contiguous network. With the help of our community and the HNT incentive mechanism, we have created a useful global network. However, as the network has grown, so too has the prevalence of malicious activity and institutional cheating. This activity is an attack on the network. It seeks to game the system with the sole intent of exploiting proof-of-coverage rewards without providing any real value to the network. Since the beginning of the network, we have always monitored malicious activity and tested various anti-gaming techniques, including blackbox analysis in isolated scenarios to assess gaming behavior and the accuracy of our detection. All blockchains suffer from malicious activity and countermeasures are not uncommon. Until recently, no major action was needed.
However, in December network gaming grew to a point where I felt that honest hotspot hosts, and the integrity of the network, were at a material risk. At my instruction, I asked Helium Inc. developers to build a network protection mechanism to prevent malicious actors and other forms of institutional gaming from stealing any more rewards. Ahead of HIP-40, we planned to operate this mechanism until the community installed a community-governed moderation process. We have no desire to moderate a denylist unless entrusted with this role by the community through a governance process, and we have no desire to keep code proprietary, which is why we’re planning to open source everything—including the set of analysis scripts used today and data infrastructure that manages the denylist—after the self-regulating community process is in place. We acknowledge, however, that scripting these kinds of solutions can lead to some mistakes, which recently hurt some good Hotspot deployments. We’ve since made some improvements that we believe remove innocent actors from the list. These tests resulted in a lot of learning which will help the community as responsibility moves to the DeWi and the anti-gaming committee, driven by the community.
This brings us to HIP-40.
HIP-40 was proposed in late September. Its goal is to create a community-moderated backstop prevention mechanism that allows the network to deal with obvious gaming and spoofing situations. DeWi wanted to give the community enough time to debate before calling for a vote, but we think the recent gaming activity has forced our hand. We have started writing the code that would implement an initial version of HIP 40 and would like to bring it to a vote as quickly as possible. Once the results of the vote have materialized, we will abide by the vote. My hope is that HIP-40 passes and the DeWi staffs up to govern all anti-gaming work. When that happens, Helium will hand over the responsibility and code so that the community can self-govern. Testing and implementing anti-gaming techniques should be a decision and action taken by the community.
Additionally, it should be known that we’ve donated 1.5M HNT to the DeWi to drive and fund community endeavors such as anti-gaming and network expansion. We will continue to donate resources to the foundation as this is an important issue that will need continuous monitoring and improvement. I was, and still am, acting in the best interest of the network, and I stand by my actions. As the core founders of the Helium blockchain, I felt it was necessary to create and implement the tooling so that the network can build more efficiently. Centralized controls for anti-gaming go against everything we stand for, but I felt that it was a necessary action to protect the good actors as well as the integrity of the Helium Network overall. The denylist and the detection tools behind it have been an extraordinarily effective weapon against institutionalized forms of gaming such as large-scale attenuator and resistor networks. As a next step, I have asked DeWi to post two votes on https://heliumvote.com with two separate questions.
Should Helium, Inc continue to manage the denylist that is embedded in miner images until such time that a HIP-40 implementation is approved or if HIP-40 is rejected by the community?
Should Helium, Inc. publish the current denylist even though it may allow existing gaming hotspots to change their setups to avoid being detected?
These two immediate votes will run for approximately 48 hours (in block time) and the core developers will abide by any outcome that is agreed upon by the community. These votes are independent of the HIP-40 vote which will be the final community decision on whether or not this sort of mitigation tactic is approved by the community.
How is Anti-Gaming Implemented and Governed?
Though there are disparate decentralized efforts, including Reddit threads, discord channels, and Suspots.com, Helium Inc. has also taken an active role in penalizing and blacklisting those who game the network’s rewards system.
Following Capcom’s post in January, the two votes went through with overwhelming consensus. You can still view the results of Maintain Temporary Hotspot Denylist and Publish Temporary Hotspot Denylist. These votes concluded on January 14th, 2022.
With the denylist, all hotspots are imaged with a list of hotspots that are considered to be hacking. The list can be viewed here. It is updated frequently, almost daily, and there is a process that any blocked user can follow to appeal a block.
Some stakeholders were against the denylist being made public. The concern was that institutional spoofers could quickly reverse engineer the methods being used to detect them and further game the system. This will allow certain intelligent spoofers to be more agile but it is thought of as an acceptable temporary solution prior to HIP 40 being implemented.
The other concerns with these votes is that this governance was innately centralized, meaning this was implemented by Helium, Inc. This allows the parent organization to assert additional control over the project which concerns many in the crypto space.
HIP 40: Validator Denylist
HIP 40: Validator Denylist will provide a denylist to validators. Currently, the denylist is provided to hotspots. The proposal states that the DeWI PoC Committee will perform the important task of maintaining the list. When all consensus group members agree that a hotspot is on the denylist, any transactions from the hotspot will be invalidated and marked as denied.
This issue has attracted a fair bit of discussion and an intermediate solution, which was discussed above. This proposal, which likely has overwhelming support based on the two votes that already were conducted, should be approved and implemented soon. Much of the discussion surrounding this issue occurs on Discord.
Helium has a gaming problem. There is blatant cheating across the network that is costing legitimate hosts thousands of $HNT per month. Helium, Inc, along with DeWi, took aggressive action in early 2022 to help root out this problem. These proposals received massive community support. Much of the gaming observed in late 2021 has been reduced, and other measures to preserve integrity, such as HIP 40, should be voted on in the near future.