DRUMORA
WHITE PAPER

OVERVIEW

Drumora is a Censorship Resistant Public Messaging Platform

Breakout Coin Services and Apollo Blockchain Systems present Drumora, a global, decentralized, censorship resistant public messaging platform built on an ultra-fast blockchain. Drumora users create posts and replies of up to 280 characters to engage in public discussion and disseminate timely information.

Drumora Tokenizes Posting and Voting Rights

The right to post and reply on the Drumora platform is tokenized by the native blockchain currency called Drumora (DRUM). To create posts and replies, accounts must vest a small amount of DRUM. Vesting DRUM also allows users to moderate posts. Moderation produces income for the moderators but not for the posters. Accounts that are negatively moderated will experience a reduction in their bandwidth allocation. Bandwidth is a measure of how many posts, votes, or transfers an account is allowed per day.

A second currency, called Mora (MORA) is similar to DRUM in that it can be transferred between accounts and vested. MORA must be vested to vote on block producers (called “witnesses”), who create a new block every three seconds. MORA can therefore produce income because witnesses can pay MORA owners for their votes. A single account with vested MORA can vote on up to 30 witnesses.

Both moderation power and rewards for moderation increase with coin ownership. Moderation can be both positive and negative. A sophisticated reward system encourages both honest moderation and the moderation of many posts. Negative moderation can effectively kill malevolent or spam accounts by prohibitively reducing their bandwidth allocation.

Drumora Has Blockchain Incentives for Participation

Drumora sets itself apart from other decentralized social media platforms in that rewards are directly aligned with coin ownership. This means that the reward pool is not wasted on posters, who generally immediately cash out their rewards, exerting constant sell pressure. The absence of a posting reward pool also removes incentives for self voting, ghostwriters, or other schemes that unproductively inflate the money supply, cause community discord, and undermine the legitimacy of the messaging platform.

Drumora Promotes Onboarding through Third Parties

To further promote onboarding, the Drumora will also supply and maintain open source tools for third parties to host websites that can create user accounts for a fee. Operators of these websites can expect profits and are encouraged to obtain customers, bringing not only revenue for the operators, but new users to the Drumora platform.

Drumora Emphasizes the Rights of Individuals

Drumora values above all the interests of blockchain account holders and their right to use their assets as they wish. Holders are under no obligation to perform any function whatsoever to retain their accounts or the assets belonging to those accounts. Drumora blockchain accounts and assets will never expire. Drumora accounts will never be threatened by any reclamation process. Accounts may lay dormant for any amount of time without risking the loss of associated blockchain assets.

Drumora asserts no code of conduct, informal charter, or constitution among participants. Instead it relies on well designed economic incentives to guide behavior that ultimately benefits the platform.

Drumora Enables Permissionless Adoption

Adoption is facilitated by a blockchain account faucet. Through this faucet, users obtain accounts by a process that requires nothing more than computation time on their own computers. Claims (called “work proofs”) to such accounts can be submitted anonymously to the blockchain through a web browser, which itself may even run behind VPN and/or Tor. Accounts claimed in this way require no permission from any specific entity, and are therefore called “permissionless accounts”.

Permissionless accounts are obtained intuitively with only a few clicks on the Drumora website or mobile app, which initiates the work proof calculation on the user’s browser. Permissionless accounts begin with a maximum bandwidth of one post or transaction per day. Like all accounts, bandwidth increases with increasing reputation or vested coins, and may decrease with loss of reputation.

Because permissionless accounts require an initial expenditure of resources and because the monetary value of the accounts is negligible without further expense, the blockchain faucet can readily bring in new users. However, the work proof poses significant barrier to spammers and the almost nonexistent value of new permissionless accounts make them useless to account farms.

Drumora Enables Permissionless Adoption

Drumora achieves 3 second blocktimes using what is known as delegated proof-of-stake (dPoS) derived from the same architecture used in EOS and Steem. In the Drumora system, 19 block producers (known as witnesses) and any number of standbys will take turns producing blocks in rounds, via a pseudo-random queue that reorders each round. These block producers are selected by community-wide voting, where each account may vote for up to 30 witnesses. Voting weight is proportional to an account’s total vested MORA. The top 19 witnesses will have an opportunity to sign a block each round, and one standby witness will also be chosen for each round. The frequency at which a given standby witness is chosen to sign blocks is proportional to the amount of vested MORA voting for it.

Platform Features

The essential components of the Drumora platform will be hosted on a blockchain with the following properties:

Ultra-fast 3 second blocktimes based on EOS/Steem architecture

Thousands of transactions per second

Efficient delegated proof-of-stake (dPoS) block signing

No transaction fees, no fees for posting

Posts are maximum 280 characters

On-chain exchange

Permissionless onboarding of new users

Named accounts

Reward structure aligns coin owner incentives with the health of the coin market

Encourages both honest and broad moderation

Infrastructure

Dedicated website

iOS and Android mobile app

Push notifications

Link shortener

Open source anonymous account creation utilities

Website gateway for permissionless onboarding

Open source permissionless onboarding utilities

Website tipbot, with easy, intuitive in-post tipping, (e.g. “/tip @userxyz 20 DRUM”)

Integration with other social media platforms

JUSTIFICATION

The most popular public messaging platform is Twitter, but it is broken because it is overrun by poor quality contributors and scams. This problem is all too apparent in cryptocurrency communities where practically every post is plagued by “ethereum giveaways” and impostors.

Breakout Coin Services and Apollo Blockchain Systems present Drumora, a global, decentralized, censorship-resistant public messaging platform built on an ultra-fast blockchain. Drumora users create posts and replies of up to 280 characters to engage in public discussion and disseminate timely information.

Prominent tweeters are often targeted for impersonation. Vitalik Buterin, for example, has changed his display name to Vitalik “Not giving away ETH” Buterin to notify Twitter users that he is not hosting ETH giveaways. The operators of these scams pose as prominent members ask users to send some amount of ETH and in return promise to send much more ETH in return. Of course they never send any ETH back to victims. It has been estimated by informal analysis that over $4.9M has been sent to ethereum giveaway scams (https://twitter.com/meridiocrypto/status/1005780789672464384).

 

Twitter is also known for censorship of controversial opinions from both ends of the political spectrum. While the goal of any messaging platform is civilized and open discourse, centralized control of speech will always result in a political bias, even if the intent is to be neutral. Drumora allows for moderated discussion, but the moderation is decentralized. Drumora is therefore less likely to result in a politically alienating platform because the overall bias is less severe. The reason is that Drumora moderation reflects the views of a diverse population and not the bias of a small group of operators.

 

Another problem with closed platforms like Twitter is that of identity verification and identity spoofing. One example involves the @StockCats twitter account, which has numerous impostors. Any effort to report these impostors requires the reporter to submit a government ID to twitter (https://twitter.com/StockCats/status/1002217516234625024). Submitting an ID to a private website exposes such users to risks of identity theft and potentially impinges free speech. For example a user can then be targeted by governments for expressing an opinion that may upset those with political power. Additionally, identifying information can be sold to downstream buyers, who may target the user in highly personalized scams.

ID verification on Drumora is conducted by community consensus and reputation. An account begins with a default reputation that may increase as the vested community upvotes the account’s posts. If an account owner wishes to associate itself with a real-life entity, it can make a post claiming that association and verify it through other messaging outlets already associated with that identity. If such claims to an identity cannot be met, the post claiming that relationship will be downvoted by the community, harming the reputation of the account making the claims.

An example of this process may help. Imagine that a famous individual, like Jack Dorsey (founder of Twitter), created an account on Drumora and this account made a Drumora post claiming to be Jack Dorsey of Twitter. This post could make a prediction that Jack Dorsey’s account on Twitter (@jack) would make a post within 48 hours validating the claim on Drumora. If the validation did happen, Jack Dorsey’s post on Drumora would be upvoted and this Drumora account’s reputation would improve. If the validation did not happen in a reasonable time, then the post on Drumora would be downvoted, and the account’s reputation (and bandwidth) might be irreparably harmed.

Presently, no blockchain public messaging platform challenges twitter. Perhaps the closest challenger is Steem, but Steem is arguably broken. It has a reward pool that is highly exploited because rewards go to both posters and voters. The fact that posters are rewarded breaks the incentive system because it relies on altruism for legitimacy, where voters direct a certain fraction of the reward pool based on their votes. This reward pool redirection leads to massive exploitation through ghost writers, vote proxying with shared profits, and other types of kickbacks.

Drumora aims to challenge twitter with a decentralized public messaging platform that is unlike any already in existence. Drumora removes the author reward pool altogether, perfectly aligning voting with incentives. Any rewards go to the voter, who is vested.

Incentives


Drumora will have incentives to moderate posts and replies by voting. Posts can be upvoted and downvoted. A post benefits from upvotes because upvotes (1) improve the reputation of the poster and (2) visibility on the Drumora trending page. Upvotes and downvotes negate each other. The scoring system, described below, simultaneously incentivizes (1) consensus and (2) vote distribution. Briefly, rewards to the voters will increase proportionally to the net vote on a given post, with net positive votes having slightly higher rewards than net negative votes.


The fact that positive votes and negative votes negate each other encourages agreement. For example, if an individual upvotes a post that is likely to be downvoted by others, the individual risks losing their share of the reward pool. Because agreement is encouraged, voters must vote based on whether they think future voters will agree. Making the best prediction relies on an objective evaluation of a post’s merit, which requires an honest assessment.

Post Voting

Exploitation

In Drumora it is impossible to exploit the reward pool because users are rewarded directly by the blockchain for performing a service to the platform. This situation is in contrast to other platforms, like Steem, where voters allocate the reward pool to posters, leading to exploitation. These exploits typically boil down to some form of self-voting. The following analysis demonstrates that self-voting provides no advantage on the Drumora platform.

In Drumora, voters are allotted about 20 full votes per day, so each vote depletes only a fraction of an account’s remaining voting power. Imagine an account makes a single post and upvotes itself. This vote depletes 5% of their moderation power. This account would have to make 19 more posts to utilize the remaining voting power. These 19 posts require work of some form.

The least work would entail a bot that makes 19 repetitive posts and votes each post up. This approach is suboptimal. First, it requires unnecessary effort to maintain a bot to create these 19 posts. Second, others, acting out of interest in the platform, to preserve the value of their coins, may see the repetitive posts and downvote some or all of them. These downvotes will significantly reduce rewards.

Self-voting may even attract a “conscientious whale” who, in acting in the interest of the platform, will decide to kill the repetitively posting account with a few giant downvotes. Moreover, the repetitive posts allow the whale to administer more damage than just a single post, giving the whale more ability to kill the account’s bandwidth allocation. If an account has prohibitive bandwidth allocation, it must go through a 25 week process of transferring vests to a new account. Clearly, it is safer, and potentially much more profitable to use these 20 votes on different posts, and not self-voting, which clearly offers no benefit while incurring unnecessary risks.

Bot Voting

One way to potentially exploit the reward pool is by voting randomly with bots. Perfectly random bot voting may result in some votes that have a high likelihood of being contradicted by future votes. A better bot voting algorithm is to only vote on posts that have previously received an upvote, using the evaluation effort of previous voters. An even better algorithm would empirically follow only voters that have a track record of voting on posts that achieve high consensus. We will call this latter type of voter a “curator”.

Even though bot voting in this highly optimized way that follows only good curators may seem lazy, it does not undermine the legitimacy of the Drumora moderation system. Good and efficient bots serve to amplify quality curation, which is beneficial to the platform. This analysis shows that as long as bot operators act in their own self interests, they will act in the interests of the Drumora platform, meaning that no special measures are necessary to discourage bot voting. Notably, to take monetary advantage of vote followers, good curators could sell their influence. To retain this influence over bots and its monetary value, good curators are strongly incentivized to continue quality curation.

Post Voting Summary

The key aspects of curation are:

It is more profitable to upvote than downvote because a post with net positive votes will earn voters more than a post with net negative votes.

It is more profitable to be an early voter on a post than a late voter.

The fact that positive and negative votes negate each other means that voters have a significant incentive to vote in a way with which others will agree.

Bot voters are incentivized to follow quality curators, amplifying curator influence to the benefit of the platform.

Because bot voting that is optimized in the interests of the bot operator ultimately benefits the platform, no reason exists to specifically discourage bot voting.

Token Transition

Figure 2: BRK Transition to DRUM

The Drumora blockchain assets DRUM and MORA are derived 1:1 from BRK and BRX, respectively. Drumora users who own BRK and BRX on the Breakout Chain will have access to DRUM and MORA by virtue of their private keys. Because there is nothing for users to claim in order to access their DRUM and MORA, users will not need to go through a messy claim process that lends itself to fraud via phishing and social engineering. (https://www.coindesk.com/eos-blockchain-arbitrator-orders-freeze-of-27-accounts/).

Figure 3: BRX Transition to MORA

BRX will be called MORA (represented as tokens marked by MRA here) on the new chain. BRX will be able to vote for block producers who secure the chain by validating transactions and performing other essential functions. Block production earns DRUM, called “block rewards”. Block rewards are denominated in DRUM, which can then be vested towards more post voting power.

The Drumora blockchain uses an account-based ledger, requiring that DRUM and MORA from the Drumora genesis block must be assigned to an account. These accounts will have names derived according to Appendix A. This is necessary because all blockchain assets, rights, and privileges are attached to accounts — and ownership (or control) of accounts is by virtue of public keys.

Names & Ownership

ACCOUNT NAMES

Accounts are named and these names have limitations. They must be 3 to 16 characters consisting only of lowercase letters, numbers, periods, and dashes. Periods can appear no sooner than the 4th character, nor later than the 4th from last character. Between two periods, or between a period and the start or end of the name, characters must come in groups at least 3 in length. These groups must start and end with a letter, but can otherwise contain dashes.

Account names can not be changed. If a user desires a new account name, the user must create a new account with the intended name and transfer assets to the new account. This transfer may or may not entail a 25 week divesting period.

DISPLAY NAMES

A display name, with much more relaxed rules than an account name, may be attached to an account through a special data field associated with the account, and stored on the blockchain. Although an account name is immutable, the display name can be modified. Once taken, the account name cannot be registered by anyone else. A display name may not exist in duplicate at any given time, meaning no two accounts can have the same display name simultaneously. If a display name is abandoned by a user, then another user may take it.

Display names are intended to be long, unique, and readable. One use is to give an indication of the real-world identity of their owner. For example, the President of the United States might take the display name “President of the United States”. It is up to the community of vested users to ascertain whether use of such a name constitutes impersonation, and vested users should moderate the account accordingly. Display names have other uses, such as indicating whether a user is giving away ETH, has a favorite pass-time, or is known by a nickname.

Account Recovery

The protocol has a blockchain mechanism for account recovery. To enable this feature, an account must specify a 3rd party account that can perform the recovery. The drumora.com interface to the proof-of-work account faucet will provide an entry field wherein users may optionally specify the recovery account. Individuals who feel strongly about denying 3rd parties any rights to their blockchain assets should consider leaving the recovery field blank.

User Interface

The website drumora.com will host a front end similar to the facsimile shown in Figure 4, which illustrates the home sharing screen that includes tools for voting on posts. The  mobile app home page will support a full sharing interface (Figure 5), a “you keep the keys” client-side wallet (Figure 6), and push notifications.

Figure 4: Drumora.com Sharing Home Screen

Figure 5: Mobile App Sharing Home Screen

Figure 6: Mobile App Wallet Home Screen

Onboarding

Blockchain Account Faucet

One problem for any decentralized social media platform is onboarding new users. Paid services have a drawback in that they charge high prices for new accounts because these services operate with a goal to generate revenue. The drumora.com website will make permissionless accounts available through a simple interface. The blockchain account faucet allows users to generate a work proof using their CPU (ran as javascript in their browser). The work requirement will need about 40 minutes on a single core of a new i7 or similar. Users may go to drumora.com, run the script in their browsers, wait for the work, then later finalize the process by submitting evidence that they have saved the account credentials (account name and private key). Permissionless accounts are created with the minimum vesting to make one post per day.

The account faucet allows the onboarding of new users without any investment except letting their computers run, and with complete privacy.

Third Party Account Creators

New accounts will also be available through 3rd party providers. Drumora, Inc. will create open source tools for any person to host an account creation service that earns revenue. Some users may wish to use these paid services rather than the permissionless account faucet because paid services can create accounts very quickly compared to the wait for a work proof. Additionally, many users may have low power devices that can not create a work proof in a reasonable time, or at the convenience of the user. Work proofs are described in Appendix B.

    1. Begin with the 160 bit HASH160 of the Breakout Chain compressed public key. This hash can be obtained directly from the blockchain in almost all cases.
    2. Use the raw bytes of this hash to seed the pseudo-random number generator MT19937.
  1. Use this seeded pseudo-random number generator to chose 16 characters from the lower case alphabet a-z, with replacement (i.e. the same letter can be seen twice in a name), using the python 2.7 random.choice() function.

The following example describes precisely how account names are derived from the block chain. To begin, the hex representation of the public key corresponding to address brr5cSGeQehxeae2qoVucMmNQkGeYGU5cT4 is

0376b70bfa4e074f201815d5b13b739cd9c2768d5f441c3caeede2286dc65ec19b

Typically, this long public key would never be observed in the blockchain, but starting here helps to understand name derivation.

If we call this string “pub”, the python code to generate the HASH160 would be

import random, hashlib, base64
alphabet = “abcdefghijklmnopqrstuvwxyz”
decoded = base64.b16decode(pub.upper())
sha = hashlib.sha256(decoded)
ripe = hashlib.new(“ripemd160”)
ripe.update(sha.digest())
h160 = ripe.digest()
hex_h160 = base64.b16encode(h160).lower()

The hex representation of the HASH160 (h160) for the above address is hex_h160:

bae587c2e3ea2e47858536da57263f5ddcd39cff

This value (h160) is what we typically observe in blockchain unspent outputs in what is known as a “pay to pubkey hash” (P2PKH), by far the most common way to specify the destination of a transfer. This is the value we use to seed the RNG.

random.seed(h160)

name = “”.join(random.choice(alphabet) for i in xrange(16))

The resulting name would be “vehbcovhonqelbdf”.

This derivation scheme ensures that each account name is compliant with the naming rules of Drumora. The resulting name set is deterministic and very collision resistant. For example, if there are 100,000 Breakout Chain addresses with unspent funds (a vast over-estimation), the chances of a single collision in the corresponding set of Drumora account names is about 1 in 8.7 trillion. The resulting long, random account names (like “vehbcovhonqelbdf”) are unlikely to have any value on their own. Upon genesis of the Drumora chain, users may immediately make new accounts with better names and transfer their assets to these accounts.

It should be noted that account names are different from public keys, which are assigned to accounts, conferring ownership, posting rights, voting rights, and other blockchain privileges.

Permissionless accounts can be acquired through a mechanism similar to Bitcoin’s proof-of-work. To obtain permissionless accounts, users will submit a work proof that minimizes the Lyra2 hash (https://ieeexplore.ieee.org/document/7377075/) which is a memory hard, ASIC and GPU resistant hashing algorithm. The hash value Vwork is simply

Vwork = H(n, H(account_name, k))

Where His the Lyra2 hash, n is a nonce, and k the public key. The work requirement is expressed similarly to BTC mining, where the hash value, evaluated as a large integer, is less than some target value. This work requirement will begin such that the average CPU core with 2 GB of memory would take about 45 minutes. Witnesses vote on the work requirement, with the target work being the average of votes, calculated each round of blocks. Calculation of the proof involves computing the hash, then if it does not satisfy the work requirement, varying the nonce. Once the has satisfies the work requirement, the user signs

(Vwork, n, account_name, k)

Work is done on H(account_name, k) instead of just (account_name, k), so that users may provide this hash to a third party for a work calculation, but the third party would not be able to guess the account name while the work was being calculated, preventing intellectual property theft of potentially valuable account names. These third parties could charge a fee for the work, with clients being those who do not own computing devices with sufficient resources to calculate the work proof.