-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
1d277a8
commit 4f23db1
Showing
2 changed files
with
184 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,109 @@ | ||
| --- | ||
| title: 一种支持链下数据存储证明的Hash算法 | ||
| description: 在默克尔树的根Hash上进行升级,让保存在链上的数据Hash可以通过对应的密码学流程和简单的博弈流程提高其数据的可用性和可靠性。 | ||
| author: Liu Zhicong,waterflier | ||
| discussions-to: <URL> | ||
| status: Draft | ||
| type: <Standards Track, Meta, or Informational> | ||
| category: ERC # Only required for Standards Track. Otherwise, remove this field. | ||
| created: 2023-12-21 | ||
| requires: 721,1155 # Only required when you reference an EIP in the `Specification` section. Otherwise, remove this field. | ||
| --- | ||
|
|
||
|
|
||
| ## Abstract | ||
|
|
||
| <!-- | ||
| The Abstract is a multi-sentence (short paragraph) technical summary. This should be a very terse and human-readable version of the specification section. Someone should be able to read only the abstract to get the gist of what this specification does. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| ## Motivation | ||
|
|
||
| <!-- | ||
| This section is optional. | ||
| The motivation section should include a description of any nontrivial problems the EIP solves. It should not describe how the EIP solves those problems, unless it is not immediately obvious. It should not describe why the EIP should be made into a standard, unless it is not immediately obvious. | ||
| With a few exceptions, external links are not allowed. If you feel that a particular resource would demonstrate a compelling case for your EIP, then save it as a printer-friendly PDF, put it in the assets folder, and link to that copy. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| ## Specification | ||
|
|
||
| <!-- | ||
| The Specification section should describe the syntax and semantics of any new feature. The specification should be detailed enough to allow competing, interoperable implementations for any of the current Ethereum platforms (besu, erigon, ethereumjs, go-ethereum, nethermind, or others). | ||
| It is recommended to follow RFC 2119 and RFC 8170. Do not remove the key word definitions if RFC 2119 and RFC 8170 are followed. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 and RFC 8174. | ||
|
|
||
| ## Rationale | ||
|
|
||
| <!-- | ||
| The rationale fleshes out the specification by describing what motivated the design and why particular design decisions were made. It should describe alternate designs that were considered and related work, e.g. how the feature is supported in other languages. | ||
| The current placeholder is acceptable for a draft. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| TBD | ||
|
|
||
| ## Backwards Compatibility | ||
|
|
||
| <!-- | ||
| This section is optional. | ||
| All EIPs that introduce backwards incompatibilities must include a section describing these incompatibilities and their severity. The EIP must explain how the author proposes to deal with these incompatibilities. EIP submissions without a sufficient backwards compatibility treatise may be rejected outright. | ||
| The current placeholder is acceptable for a draft. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| No backward compatibility issues found. | ||
|
|
||
| ## Test Cases | ||
|
|
||
| <!-- | ||
| This section is optional for non-Core EIPs. | ||
| The Test Cases section should include expected input/output pairs, but may include a succinct set of executable tests. It should not include project build files. No new requirements may be be introduced here (meaning an implementation following only the Specification section should pass all tests here.) | ||
| If the test suite is too large to reasonably be included inline, then consider adding it as one or more files in `../assets/eip-####/`. External links will not be allowed | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| ## Reference Implementation | ||
|
|
||
| <!-- | ||
| This section is optional. | ||
| The Reference Implementation section should include a minimal implementation that assists in understanding or implementing this specification. It should not include project build files. The reference implementation is not a replacement for the Specification section, and the proposal should still be understandable without it. | ||
| If the reference implementation is too large to reasonably be included inline, then consider adding it as one or more files in `../assets/eip-####/`. External links will not be allowed. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| ## Security Considerations | ||
|
|
||
| <!-- | ||
| All EIPs must contain a section that discusses the security implications/considerations relevant to the proposed change. Include information that might be important for security discussions, surfaces risks and can be used throughout the life cycle of the proposal. For example, include security-relevant design decisions, concerns, important discussions, implementation-specific guidance and pitfalls, an outline of threats and risks and how they are being addressed. EIP submissions missing the "Security Considerations" section will be rejected. An EIP cannot proceed to status "Final" without a Security Considerations discussion deemed sufficient by the reviewers. | ||
| The current placeholder is acceptable for a draft. | ||
| TODO: Remove this comment before submitting | ||
| --> | ||
|
|
||
| Needs discussion. | ||
|
|
||
| ## Copyright | ||
|
|
||
| Copyright and related rights waived via [CC0](../LICENSE.md). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| # ERC-XXXX 公共数据Hash (需要起一个更好的名字,不只用在公共数据里)公共数据Hash一种适合公共数据的新的Hash算法,相比全文Hash,有下面优点 | ||
| 0. 公共数据的Hash的设计目标是能支持一种相对够用的存储证明,推荐所有链上存储 | ||
| 基于Nash共识的存储挑战的基本逻辑 | ||
| 1. 其构造并未降低安全性 | ||
| 2. 适当的PoW设计 | ||
| 挑战: 插入位置 (0-1024),nonce | ||
| 结论: 选择插入原始nonce后的最合适叶子节点, 然后在插入位置之前插入自己的地址,再计算新的Nonce以让根hash符合难度条件 | ||
| 10个块后结算,10个块内有人证明存在更合适的叶子节点可以拿走该用户的质押币。 | ||
| 风险: 要防止对未充分散布的文件进行PoW奖励,因为别人没有完整数据,所以无法对其进行最合适叶子节点挑战 | ||
| 3. 基于该Hash对现有ERC的扩展建议 | ||
|
|
||
| ## 目录结构 | ||
| 1. 算法说明文档 | ||
| 2. 生成数据hash的工具(nodejs,python,rust) | ||
| 3. 对数据进行验证的solidy代码 | ||
| 4. 对数据进行PoW构造的工具 | ||
| 5. 对数据进行PoW验证的Solidy代码 | ||
|
|
||
| ## 可验证Hash格式 | ||
| 目标:存储证明里大量的数据只需要保存在 | ||
|
|
||
| 节点hash的大小是16byte, 1024/16*2 = 32, 2^32*1K = 4T | ||
|
|
||
| 针对特定PH的存储证明(最短) | ||
| 1.块高度,说明是基于哪个快得到的nonce和pos | ||
| 2.m,说明哪个叶子节点在插入了nonce后的根hash最小 | ||
|
|
||
|
|
||
| 挑战者: | ||
| 1.提交一个更合适的m | ||
| 2.给出path_to_m | ||
| 3.给出m_leaf_data | ||
|
|
||
| 提交存储证明的奖励是x(立刻得到),供应方需要质押x*3 | ||
| 挑战成功可以得到x*3的奖励 | ||
|
|
||
|
|
||
| ## 私有数据存储证明 | ||
| 0. 用户(User)持有待保存的原始私有数据D | ||
| 1. User决定把数据保存到供应商A,为A准备一个一次性的秘钥K,D通过K加密后得到K' | ||
|
|
||
| 2. User认为供应商A丢失了数据,在链上提出挑战(一个Hash值) 32bytes | ||
| 3. 供应商如果没有丢失数据,可以在Calldata里包含leaf_data。挑战结束。供应商获胜。 | ||
| 4. 如果供应商认为Hash并不包含在D'中,提出挑战非法 1byte | ||
| 5. 用户通过Call Data中的index,默克尔路径来证明挑战合法,用户获胜。 | ||
|
|
||
| 新方案 | ||
| 用户->nonce | ||
| 供应商->m ---> timeout,supplier_win | ||
| 用户->new_m,path_new_m,leaf_data_new_m ---> user_win | ||
|
|
||
|
|
||
| ## 公共数据存储证明 | ||
|
|
||
| 0. 能提交存储证明获得奖励的用户被称作Supplier,Supplier需要准备一定的质押币。 | ||
| 1. 区块高度为n的区块Hash得到 32bytes的nonce值和 32-992 的插入位置Pos | ||
| 2. 为了生成正确的存储证明,Supplier遍历所有的叶子节点,在该位置插入nonce值,选择最合适的叶子节点m。让插入后的根Hash最小 | ||
| 3. Supplier在插入位置之前再计算一个32bytes的noise值,使得新的LeafData可以让默克尔树根Hash符合一个难度条件(比如最低位多少是0).对于同时进块的存储证明,难度高者胜出并得到奖励。 | ||
| 4. Supplier把存储证明{m,path,leaf_data,noise}提交到链上,即为一个有效的存储证明。可以拿到奖励.不需要PoW的场景可以进一步简化到 {h,m} | ||
| 5. 链无法验证m是否正确,但其它拥有全量数据的Miner,如果发现m是伪造的,可以提交真实的{m,path_m,leaf_m} 来对已上连的存储证明进行挑战并在成功后赢得Supplier的质押币。 | ||
|
|
||
| ## 为什么私有数据和公有数据的存储证明不同? | ||
|
|
||
| 公有数据方案的缺点是用户需要保存完整的数据才能挑战一个证明。而私有数据方案只需要保存一个挑战数据字典就好了。正确使用这两种方案可以有效的减少不同场景下的数据存储量。 | ||
|
|
||
|
|
||
|
|
||
| ## 公共数据存储证明不解决什么 | ||
| 不解决数据是否是公共的问题,也不解决数据是否被访问的问题。该证明的存在只是说明该数据的副本是存在的。 | ||
|
|
||
|
|
||
| ## 已知问题 | ||
|
|
||
| 这种Hash结构的文件拼接问题?文件A,文件B巧妙的构成文件C,然后利用文件A和文件B的存储证明就可以构造文件C的存储证明 |