TYCHE
Draft Status: First version draft (v0). This document describes an early-stage design and may change significantly during development.

High-Frequency VRF Mining & Oracle Protocol

Transforming Proof of Work into shared public infrastructure.

Tyche is an immutable protocol that combines VRF-style signature-derived validity with the EIP-918 mining interface. Designed for sub-second block times, initiating on MegaETH, Tyche unifies issuance security, randomness integrity, and oracle utility.

Join the Discussion View Source Code

Abstract

Tyche addresses propagation unfairness in low-latency EVM environments. By binding mining validity to signature-derived proofs and exposing canonical mining/oracle read interfaces, Tyche transforms mining into manipulation-resistant, high-frequency decentralized VRF infrastructure.

Context & Design Targets

Why Legacy PoW Breaks on Low-Latency EVM

When block times approach sub-second cadence, linear PoW race outcomes are increasingly decided by physical proximity, mempool topology, and sequencing asymmetry. This weakens fairness and increases stale-work externalities.

Initial Target: MegaETH (Expanding to all high-speed EVMs)

Design Objectives

  • Open, permissionless mining under EIP-918 flow.
  • Cryptographically verifiable VRF proof binding.
  • Deterministic on-chain randomness.
  • Unified feedback loop for miners and users.
  • Resist manipulation via damped controls.

System Architecture

The protocol is deployed as a tightly coupled set of immutable runtime contracts with one-time factory wiring and no owner pause paths in operational logic.

TycheToken

Core utility token for mining alignment, staking, and oracle fee settlement.

TycheController

Handles mining validation, reward accounting, and oracle randomness aggregation.

OracleFeeManager

Epoch-damped oracle fee management with bounded per-epoch movement.

ShareDAG

Manages round-scoped share ingestion, indexing, and finalize sequencing.

SettlementAuction

Provides liveness incentives for decentralized round finalization.

External Interfaces

EIP-918 Mining Surface

Exposes standard functions like mint, getMiningTarget, and getMiningChallenge for compatibility with existing mining clients.

function mint(uint256 nonce, bytes32 challenge, bytes proof) external;
function getMiningTarget() external view returns (uint256);
function getMiningChallenge() external view returns (bytes32);

Oracle Surface

Provides getLatestRandom and round-indexed historical randomness for external contract consumption.

function getLatestRandom() external view returns (bytes32);
function getRandomAtRound(uint256 roundId) external view returns (bytes32);
function isRoundFinalized(uint256 roundId) external view returns (bool);

Consensus Core

Signature-based VRF Mining

Miners use ECDSA keypairs for mining sessions. For a given challenge, they compute a proof (π) and random output (V).

Proof (π) = Sign(sk, hash(Challenge || nonce))
$$\pi = Sign_{sk}(keccak256(Challenge \parallel nonce))$$
Output (V) = hash(π || nonce)
$$V = keccak256(\pi \parallel nonce)$$

Validity Conditions

  • Recover(hash(Challenge || nonce), π) == miner_address
  • Output (V) ≤ Target_miner
  • Strict Replay Resistance: One share per miner per challenge.

Aggregated Randomness

Final round randomness is produced by XORing all valid share outputs, significantly reducing single-miner influence.

FinalRandom = V₁ ⊕ V₂ ⊕ ... ⊕ Vₙ
$$FinalRandom = \bigoplus_{i=1}^{n} V_i$$

DAG Network Layer

Shares are admitted asynchronously and attached to a round-scoped DAG. Timeout downgrades preserve liveness while requiring linkage to anchor lineages.

Reward & Dual-Purpose Staking

Staking provides both governance power (vTYCHE) and direct mining difficulty relief. The target is stake-adjusted to preserve fairness.

Effective target per miner (Target_i):

$$Target_i = BaseTarget \cdot \frac{S_i}{\sum_j S_j} \cdot \left(1 + \alpha \log_2\left(\sum_j S_j + 1\right)\right)$$

Where S_i is staked TYCHE. This preserves diminishing returns while making stake utility concrete for both mining and oracle governance.

Sybil Neutrality

Splitting stake positions across addresses does not increase total target share, ensuring architectural robustness.

Emission Backbone

Mint ∝ R₀ · e⁻ᵏᴰ + Tail $$Mint \propto R_0 \cdot e^{-k \cdot D_{cum}} + Tail$$

Follows a decayed issuance curve with a non-zero tail to ensure long-term incentive alignment.

Oracle Fee Economy

70% Burn
30% To Stakers

External queries pay TYCHE fees, creating deflationary pressure while yielding returns for long-term holders.

Damped Governance

Prevents manipulation by bounding fee movement per epoch and requiring time-weighted staking (vTYCHE).

Max per-epoch fee movement (±5%)
$$F_{epoch+1} = \max(F_{min}, \min(F_{epoch} \cdot 1.05, \max(F_{epoch} \cdot 0.95, F_{voted})))$$

Security Model

Implemented Defenses

  • VRF proof verification with strict replay protection.
  • Low-s ECDSA enforcement to remove signature malleability advantage.
  • Registered key activation delay to reduce precomputation ambush.
  • Multi-share XOR aggregation to dilute randomness manipulation.
  • Damped fee governance with floor and step constraints.

Threats in Scope

  • High-frequency transaction spam targeting verification.
  • Strategic withholding during round finalization.
  • Fee-governance manipulation by short-horizon capital.
  • Oracle call-volume shocks.

MegaETH Initial Presets

Launch baselines calibrated for sub-second block times on MegaETH.

Parameter Baseline Value
Min Difficulty 130
Difficulty Cap 6500
Auction Target Delay 2s
Auction Slope 13
Stake Lock Duration 720s
Min Oracle Fee 0.001 TYCHE
Vote Epoch Duration 3600s

Contribute to Tyche

Tyche welcomes review and contribution on economic parameters, gas profiling, and protocol integration patterns for high-speed EVMs.

Submit Issue Open Pull Request