status-im/eth2.0-specs
2
0
Fork 0
mirror of https://github.com/status-im/eth2.0-specs.git synced 2025-02-20 06:18:15 +00:00
Code Issues Projects Releases Wiki Activity

BLS-based RANDAO and custody (friendly to decentralised pools)

Browse Source 
Unlock decentralised pools using m-of-n threshold BLS signatures for both RANDAO and custody. We also simplify a bunch:

* Remove `randao_commitment` and `custody_commitment`
* Remove miscellaneous logic such as `repeat_hash`

(Side note: Dfinity seems to be working to reduce the communication complexity of BLS DKG (Distributed Key Generation) so validator pools should also benefit from that.)
This commit is contained in:
Justin 2019-01-21 18:41:29 +00:00 committed by GitHub
parent c60a4f13fc
commit 80940ddd37
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
specs/core/0_beacon-chain.md
View File

@ -250,6 +250,7 @@ Code snippets appearing in `this style` are to be interpreted as Python code. Be
| `DOMAIN_ATTESTATION` | `1` | | `DOMAIN_ATTESTATION` | `1` |
| `DOMAIN_PROPOSAL` | `2` | | `DOMAIN_PROPOSAL` | `2` |
| `DOMAIN_EXIT` | `3` | | `DOMAIN_EXIT` | `3` |
| `DOMAIN_RANDAO` | `4` |
## Data structures ## Data structures
@ -389,10 +390,6 @@ Code snippets appearing in `this style` are to be interpreted as Python code. Be
'pubkey': 'bytes48', 'pubkey': 'bytes48',
# Withdrawal credentials # Withdrawal credentials
'withdrawal_credentials': 'bytes32', 'withdrawal_credentials': 'bytes32',
# Initial RANDAO commitment
'randao_commitment': 'bytes32',
# Initial custody commitment
'custody_commitment': 'bytes32',
# A BLS signature of this `DepositInput` # A BLS signature of this `DepositInput`
'proof_of_possession': 'bytes96', 'proof_of_possession': 'bytes96',
} }
@ -423,7 +420,7 @@ Code snippets appearing in `this style` are to be interpreted as Python code. Be
'slot': 'uint64', 'slot': 'uint64',
'parent_root': 'bytes32', 'parent_root': 'bytes32',
'state_root': 'bytes32', 'state_root': 'bytes32',
'randao_reveal': 'bytes32', 'randao_reveal': 'bytes96',
'eth1_data': Eth1Data, 'eth1_data': Eth1Data,
'signature': 'bytes96', 'signature': 'bytes96',
@ -520,8 +517,6 @@ Code snippets appearing in `this style` are to be interpreted as Python code. Be
'pubkey': 'bytes48', 'pubkey': 'bytes48',
# Withdrawal credentials # Withdrawal credentials
'withdrawal_credentials': 'bytes32', 'withdrawal_credentials': 'bytes32',
# RANDAO commitment
'randao_commitment': 'bytes32',
# Slots the proposer has skipped (i.e. layers of RANDAO expected) # Slots the proposer has skipped (i.e. layers of RANDAO expected)
'randao_layers': 'uint64', 'randao_layers': 'uint64',
# Slot when validator activated # Slot when validator activated
@ -536,8 +531,6 @@ Code snippets appearing in `this style` are to be interpreted as Python code. Be
'exit_count': 'uint64', 'exit_count': 'uint64',
# Status flags # Status flags
'status_flags': 'uint64', 'status_flags': 'uint64',
# Custody commitment
'custody_commitment': 'bytes32',
# Slot of latest custody reseed # Slot of latest custody reseed
'latest_custody_reseed_slot': 'uint64', 'latest_custody_reseed_slot': 'uint64',
# Slot of second-latest custody reseed # Slot of second-latest custody reseed
@ -1195,7 +1188,7 @@ A valid block with slot `GENESIS_SLOT` (a "genesis block") has the following val
slot=GENESIS_SLOT, slot=GENESIS_SLOT,
parent_root=ZERO_HASH, parent_root=ZERO_HASH,
state_root=STARTUP_STATE_ROOT, state_root=STARTUP_STATE_ROOT,
randao_reveal=ZERO_HASH, randao_reveal=EMPTY_SIGNATURE,
eth1_data=Eth1Data( eth1_data=Eth1Data(
deposit_root=ZERO_HASH, deposit_root=ZERO_HASH,
block_hash=ZERO_HASH block_hash=ZERO_HASH
@ -1276,8 +1269,6 @@ def get_initial_beacon_state(initial_validator_deposits: List[Deposit],
amount=deposit.deposit_data.amount, amount=deposit.deposit_data.amount,
proof_of_possession=deposit.deposit_data.deposit_input.proof_of_possession, proof_of_possession=deposit.deposit_data.deposit_input.proof_of_possession,
withdrawal_credentials=deposit.deposit_data.deposit_input.withdrawal_credentials, withdrawal_credentials=deposit.deposit_data.deposit_input.withdrawal_credentials,
randao_commitment=deposit.deposit_data.deposit_input.randao_commitment,
custody_commitment=deposit.deposit_data.deposit_input.custody_commitment,
) )
# Process initial activations # Process initial activations
@ -1296,14 +1287,10 @@ First, a helper function:
def validate_proof_of_possession(state: BeaconState, def validate_proof_of_possession(state: BeaconState,
pubkey: Bytes48, pubkey: Bytes48,
proof_of_possession: Bytes96, proof_of_possession: Bytes96,
withdrawal_credentials: Bytes32, withdrawal_credentials: Bytes32) -> bool:
randao_commitment: Bytes32,
custody_commitment: Bytes32) -> bool:
proof_of_possession_data = DepositInput( proof_of_possession_data = DepositInput(
pubkey=pubkey, pubkey=pubkey,
withdrawal_credentials=withdrawal_credentials, withdrawal_credentials=withdrawal_credentials,
randao_commitment=randao_commitment,
custody_commitment=custody_commitment,
proof_of_possession=EMPTY_SIGNATURE, proof_of_possession=EMPTY_SIGNATURE,
) )
@ -1326,9 +1313,7 @@ def process_deposit(state: BeaconState,
pubkey: Bytes48, pubkey: Bytes48,
amount: int, amount: int,
proof_of_possession: Bytes96, proof_of_possession: Bytes96,
withdrawal_credentials: Bytes32, withdrawal_credentials: Bytes32) -> None:
randao_commitment: Bytes32,
custody_commitment: Bytes32) -> None:
""" """
Process a deposit from Ethereum 1.0. Process a deposit from Ethereum 1.0.
Note that this function mutates ``state``. Note that this function mutates ``state``.
@ -1339,8 +1324,6 @@ def process_deposit(state: BeaconState,
pubkey, pubkey,
proof_of_possession, proof_of_possession,
withdrawal_credentials, withdrawal_credentials,
randao_commitment,
custody_commitment,
) )
validator_pubkeys = [v.pubkey for v in state.validator_registry] validator_pubkeys = [v.pubkey for v in state.validator_registry]
@ -1350,7 +1333,6 @@ def process_deposit(state: BeaconState,
validator = Validator( validator = Validator(
pubkey=pubkey, pubkey=pubkey,
withdrawal_credentials=withdrawal_credentials, withdrawal_credentials=withdrawal_credentials,
randao_commitment=randao_commitment,
randao_layers=0, randao_layers=0,
activation_slot=FAR_FUTURE_SLOT, activation_slot=FAR_FUTURE_SLOT,
exit_slot=FAR_FUTURE_SLOT, exit_slot=FAR_FUTURE_SLOT,
@ -1358,7 +1340,6 @@ def process_deposit(state: BeaconState,
penalized_slot=FAR_FUTURE_SLOT, penalized_slot=FAR_FUTURE_SLOT,
exit_count=0, exit_count=0,
status_flags=0, status_flags=0,
custody_commitment=custody_commitment,
latest_custody_reseed_slot=GENESIS_SLOT, latest_custody_reseed_slot=GENESIS_SLOT,
penultimate_custody_reseed_slot=GENESIS_SLOT, penultimate_custody_reseed_slot=GENESIS_SLOT,
) )
@ -1474,12 +1455,9 @@ Below are the processing steps that happen at every `block`.
### RANDAO ### RANDAO
* Let `repeat_hash(x, n) = x if n == 0 else repeat_hash(hash(x), n-1)`.
* Let `proposer = state.validator_registry[get_beacon_proposer_index(state, state.slot)]`. * Let `proposer = state.validator_registry[get_beacon_proposer_index(state, state.slot)]`.
* Verify that `repeat_hash(block.randao_reveal, proposer.randao_layers) == proposer.randao_commitment`. * Verify that `bls_verify(pubkey=proposer.pubkey, message=proposer.randao_layers, signature=block.randao_reveal, domain=get_domain(state.fork, state.slot, DOMAIN_RANDAO))`.
* Set `state.latest_randao_mixes[state.slot % LATEST_RANDAO_MIXES_LENGTH] = hash(xor(state.latest_randao_mixes[state.slot % LATEST_RANDAO_MIXES_LENGTH], block.randao_reveal))` * Set `state.latest_randao_mixes[state.slot % LATEST_RANDAO_MIXES_LENGTH] = hash(xor(state.latest_randao_mixes[state.slot % LATEST_RANDAO_MIXES_LENGTH], block.randao_reveal))`
* Set `proposer.randao_commitment = block.randao_reveal`.
* Set `proposer.randao_layers = 0`.
### Eth1 data ### Eth1 data
@ -1570,8 +1548,6 @@ process_deposit(
amount=deposit.deposit_data.amount, amount=deposit.deposit_data.amount,
proof_of_possession=deposit.deposit_data.deposit_input.proof_of_possession, proof_of_possession=deposit.deposit_data.deposit_input.proof_of_possession,
withdrawal_credentials=deposit.deposit_data.deposit_input.withdrawal_credentials, withdrawal_credentials=deposit.deposit_data.deposit_input.withdrawal_credentials,
randao_commitment=deposit.deposit_data.deposit_input.randao_commitment,
custody_commitment=deposit.deposit_data.deposit_input.custody_commitment,
) )
``` ```