数据扣留与欺诈证明：Plasma不支持智能合约的原因

The author geek's clues about why it has been buried for a long time and will strongly support it mainly point to two points. It is unreliable to realize it under the Ethereum chain, and it is easy to have data detention. Once the data detention proves to be difficult to develop, the mechanism design itself is extremely unfriendly to the smart contract, especially difficult to support the contract state to migrate to these two points, which makes it basically possible to adopt or approximate the model. In order to understand the above two core points, the full name of what we start with the data detention problem is literally translated into data. Usability is now misused by many people, so that it is seriously confused with historical data. But in fact, historical data can be found and storage proves to be equal. According to the statement of the Ethereum Foundation, the problem is simply to discuss the data detention scenario and to explain what the data detention attacks and problems mean. We need to briefly talk about it first and use a tree-like data structure called in Ethereum or most public chains as a summary directory of all accounts or record the status of each block. The leaf node at the bottom of the package transaction is composed of original data such as transaction or account status. These pairwise sums are repeated and iterated, and finally a graph can be calculated. The bottom of the graph is that the original data set corresponding to the leaf node has a property. If a leaf node at the bottom changes, the calculated data set will also change, so the corresponding original data set will be different, just like different people have different fingerprints, which is called proof verification technology. The above picture shows this property. For example, if Li Gang only knows the numerical value in the graph and doesn't know what data it contains completely, we have to prove to Li Gang that it is indeed related to the graph or that the hash of the proof exists on the corresponding tree. We only need to submit the data block marked gray to Li Gang without submitting the whole or all its leaf nodes. This is simplicity. When the leaves of the underlying record are particularly large, for example, there are about ten thousand data blocks, and at least there are only two data blocks in the graph. According to the sum of blocks, it can be constructed to prove that the data block exists on the corresponding platform. This simplicity is often used in Bitcoin Ethereum or cross-chain bridge. The light node we know is actually Li Gang mentioned above. He only receives the block header from the whole node instead of the complete block. Here, it should be emphasized that Ethereum uses the so-called Merkel tree as the summary of all accounts. As long as the state of an associated account changes, it will change. The transaction tree will also be recorded in the block header of Ethereum. One difference between the abbreviation of transaction tree and state tree is that the data represented by the bottom leaves are different. If the number contains a transaction, the leaves of the transaction tree represent this one. Another difference is that the overall data volume is particularly large, and its bottom leaves correspond to all addresses on the Ethereum chain. In fact, there are many outdated state hashes, so the corresponding original data set will not be published in the block, only recorded in the block header, but the original data set of the transaction tree is the data in each block. It will be recorded in the block header, because the light node only receives the block header, only knows it and can't deduce it completely, which is determined by the nature of the sum hash function, so the light node can't know the transaction data contained in the block and doesn't know what changes have taken place in the corresponding account. If Wang Qiang wants to prove to a light node that the block header containing the known light node's know number of a transaction in theNo. is known, then the above problem is transformed into proving that it exists in the corresponding tree at this time. Wang Qiang can often use the lightness and simplicity of the light node sum mentioned above in many cross-chain bridges based on light client scheme. For example, the bridge will set up a contract on the chain to receive the block headers of other chains. For example, when the first block is submitted to the contract on the chain, the contract will verify the validity, such as whether the signatures of nodes in the network are sufficient. If it is valid and a user declares that he initiated the cross-chain from to, he should be packaged into the first block. In other words, it is proved that the cross-chain initiated by ourselves can correspond to the top of the block No.1, but the bridge will compress the calculation required for verification through zero-knowledge proof, further reducing the verification cost of the cross-chain bridge contract and the data detention attack. After talking about it, we went back to the beginning of the article, which was discussed as early as years ago. The original paper conducted an archaeological study on the source of the problem. In the file, it is said that some data fragments that the blockers may deliberately hide are released to the public with incomplete blocks, so that the whole node can't confirm the correctness of the transaction execution state transition. At this time, the blockers can steal user assets, such as transferring all the coins in their accounts to other addresses, but the whole node can't judge whether they have done this because they don't know that the complete transaction data contained in the latest block is honest in public chains such as Bitcoin or Ethereum. The whole node will directly reject the above invalid blocks, but it is light. The point is different. They only receive the block header from the network and only know and don't know whether the two corresponding original blocks are effective. In fact, there is a brain hole in this situation in the Bitcoin white paper. Satoshi Nakamoto once thought that most users would tend to run light nodes with lower configuration requirements, and light nodes could not judge whether the block header was effective. If an invalid and honest one, the whole node would give an alarm to the light node, but Satoshi Nakamoto did not make a more detailed analysis of this scheme. Later, he and the founder were here. On the basis of other predecessors' achievements, data sampling is introduced to ensure that all honest nodes can restore the complete data of each block and issue an alarm note when necessary. Data sampling is not the focus of this paper. Interested readers can read the misunderstanding of geek's past articles on data availability. The fraud of data publishing and historical data retrieval proves that it is simply an expansion scheme that only publishes the block header to the internet. The state of each account is a complete transaction data set. Changes are only released under the chain, in other words, just like the cross-chain bridge based on light clients, which is realized by contract on the chain. When users declare that they want to cross assets, they have to submit proof that they really own these assets. The verification logic of assets crossing is similar to the bridge mentioned in the previous article, except that the bridge model is based on fraud proof rather than proof, which is closer to the so-called optimistic bridge network. As for the purpose of the challenge period, we will explain below that there is no strict requirement for data release. The sorter just broadcasts each block under the chain. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=62753