Vitalik: How to improve resistance to censorship of bloc proposal schemes

ETH中文网 view 14953 2021-12-18 09:44
share to
Scan QR code with WeChat

Special thanks to Francesco for sharing key ideas for Solution 2, and to Francesco, Justin Drake, Alex Obadia and Phil Daian for their comments and ideas.

How does the concept of separating proponent / builder of blocks work?

In today's market, block advisers (now miners, post-joint validators) pick the pool industry to pay the highest and most direct points. indicates which ones will be wrapped in the next block. This allows traders to use complex strategies to choose markets for the package, or to package their own markets to gain the benefits such as arbitrage and DEX liquidation (MEV only for brevity) to recover. The complexity of these strategies translates into stable costs for operational miner or validator nodes, and is beneficial to midstream pools that use these strategies on behalf of their participants.

The Separation of Block Proponent / Builder (PBS) approach addresses this problem by separating the responsibilities of proposing blocks and generating blocks. A special type of operation is called to create and execute an exec block body (basically a list of operations, those operations are important to the block) and send quotes. . The role of the advertiser is simply to get the result with the highest bid. It should be noted that the announcer (and everyone else) does not know the details of the block attack until the contestant selects the competition block header (i.e. say the body of the block also selected). This identity document is necessary to avoid "VPD theft". Indeed, the user is able to recognize the idea of ​​MEV extract from the designer and copy it without giving it to the developer.

What's wrong with PBS's resistance to censorship versus the status quo?

The first is the current state. Suppose you have 150,000 fuels in industry and your current fuel limit is 30m (the target is 15m). Strong investors have tried to censor the industry. In today's stock market, if the industry is willing to pay the starting price on top of one or two oil strategies, blockchain advisers will be happy to close. Do this. In order to investigate the exchange where the supplier is willing to pay x for the packaging, the opponent must keep the price below 150,000 for X / fuel. This will eventually result in the removal of another user from the contest because the prize is too high, and if the prize starts high enough to entice them to try checking out the others, then the user leaves. Zone can do the trick with the more expensive the price. bulk charge .. In order to save, the attacker usually has to pay for each (X / 150k) * 10m = X * 66.7 (approx x * 20,000 per hour).

Now let's look at the situation with PBS. Block makers always outperform other users because they have better processes and better access to data for modern users to run portfolios that simply deliver the business ("as a sufficient order") or extend MEXICAL lead times. . Suppose there is a special disaster that the creator ("Watch Builder") wishes to investigate. To note:

M is a challenge for a quiet manufacturer that has no commercial impact.

P = X-basefee * 150k is an indicator of the total exchange rate of the trade action.

MP is an uncensored builder challenge if he can pack the victims swap.

A is the benefit the test provider receives (equal to the difference between the cost the SRM test provider can earn and the more expensive the SRM test candidate can earn).

M A is in charge of the competition, whether or not there is a commercial victim (because the manufacturer does not want to pack the victim in exchange)

If P> A, the manufacturer refuses to place the P-A odds higher than the No Profit Bet (MA) censored by the manufacturer. In order to maintain the rating, Manufacturers increase their MP rating and would have to lose an AP so that they perform better than the Manufacturers did not monitor (and still for every match winning A, so the total loss is equal. P) is not visible. The cost therefore remains very high. But it is much cheaper than X * 66.7 per hole.

Vitalik:如何提高区块提议者方案的交易抗审查性

If P 0 in this case the surrounding attacker. the second constructor The result is equal to the probability that the second constructor wraps the victim before the attacker (eg, because k≥1).

In the end, on average, middle-class producers neither earn nor lose money. This is because the opponent loses B when he lies to him, wins P when wrapping the rally, and assumes P = B above. Reducing the measurement ratio to less than 2 makes math easier and more profitable for third-party developers. You can connect to all information by setting the starting number.

The situation for N> 2 is more difficult because interference can occur. What is a simultaneous business grouped into two secondary operations? However, for example the second developer uses an independent concept, you can control the collision (according to the simulation script, if the first is 2, whatever number is set, P is close to 1/4).

In fact, the numbers above are almost non-pessimistic. The censored transactions can be conditioned by the second builder after a few holes, which constitutes a counterattack. In addition, the cost of trading is not always lower when it is completed, so in practice P only needs a few percent of B in many industries. Instead, the above is proof of availability. This means that secondary developers can adopt solid strategies and profit from the attack.

After knowing the details of the key performance, why not let the second manufacturer pick the transitions that don't include the chain of small objects?

A bit field contains enough information to encode the information into a smart contract to understand how the attacker benefited at the time of the SRM. Also, if you have a lot of medium producers, you need to tidy up the bit fields. So that only turns the second race into big races.

Solution 2: You can still use broadcast ("Hybrid PBS") but only as "final package".

Another way to prevent censorship is to share the current market value with PBS. This approach requires the lawyer to oppose censorship. Although 95% of commentators are successful in accepting bribes, they only claim that they don't see the change and only accept the blockages created by the PBS mechanism, and an additional 5% use these ideas in between. . Continuous damage was recorded after 20 openings.

Here's how this process works: In each location:

1. The broadcaster reports on crList, a list of companies which it believes should be grouped together (eg a number that can be used in sufficient situations and balances, instructions and maximum rates). This list can only be exchanged against a single sender. The proxy also signs and declares a crListSummary file containing the tx.sender and tx.gaslimit of each tx in the crList.

2. The system creates a physical format which must be included in the crListSummary.

3. The advertiser accepts the block header request.

4. Physical editor. Credentials should check if block.gasused gaslimit> block.gaslimit in crListSummary or if the sender is the sender in an exchange in a block, respectively (sender, gaslimit).

To save a lot of space, there are several ways to sort the crList in the tx.gaslimit command and then want the content to have only (i) the Merkle proof of the first change. The bit fields of transactions that cannot be packaged in crList and (ii) are in block crList. Anyone can identify it by building part of the tree before Merkle Proof and making sure it matches Merkle Proof.

Although the solution, if the publisher does not follow the design of the crList, the developer will not be able to safely publish the information that has been processed. In this case, the developer should not comment directly, just as an advertiser does not publish a crList at all.

➤ Merger of PBS and stateless person

The second main objective of PBS is to ensure that legitimate personnel do not have an entire state (once the Verkle tree is deployed). PBS will accomplish this because only if developers need to create actual content, developers need to send evidence (cookies) to their blocks, allowing them to stateless user-verify blocks.

In order to extend this tool to this concept, all exchanges must be done with simple documents proving the equivalence and the number of suppliers of the exchange. If the user has no status, this monitoring information can be extended through intermediate lines (eg by optional developers).

Hybrid How hybrid PBS interferes with secondary bottoms (e.g. ERC 4337)

The ERC 4337 radically changed the concept of censorship-resistant gaming by decoupling the Ethereum-level business concept from the business strategy of the target user product. In the final analysis, we try to make sure that the target user is resistant to censorship. When the two are equal (as is the case today), it can be considered anti-censorship for businesses. However, in ERC 4337 the switch has been associated with a multi-user device (in ERC 4337 this is called a user interface).

In "normal" PBS, this difference is not significant because the process is directly related to the performance of the block. Developers can create performance blocks that have multiple functions (“native”), or built-in functions that have processes that encapsulate multiple user functions, or a mixture of the two. The machine in both is the same and there is a slight difference between the wrapper and the wrapper.

If the second function is used to prevent censorship, the machine is still the same. There is a difference in handling the status quo and ERC 4337 users work when using Hybrid PBS. The denial of censorship of business as it stands is directly acknowledged, but the denial of censorship of the activity of ERC 4337 users is provided only directly.

ERC 4337 and Hybrid PBS require minor modifications to accommodate censorship resistance in the world of Hybrid PBS. To understand why, first take a look at the first issue where the ERC 4337 will remain censorship resistant.

ERC 4337 "Marketing" which allows users to relate directly to the concept of "second blocks" mentioned above. If the given ERC 4337 user task is not packaged by the developer for verification, then anyone (we call it "middleman") can create a fake secondary trade execution block that contains the user and him. Of course, monitors can remove user revenue from packaging in a timely manner, but this is not always the case, so the average relay will benefit in the same way as the wizard above. The description of the concept part is the same.

An important problem with this argument is that "rarely" is incorrect. This is due to the difference between the second function and the ERC 4337 switch. For the second operation, the main plane and the body of the second plane are sent at the same time. Therefore, the parties cannot see what the other is doing and they cannot run away. However, in the case of industry ERC 4337, the manufacturer can still see the market and can play.

Solution 1: Repair the ERC 4337

You can configure the ERC 4337 like this: Users must be able to specify a relay that accepts packages. This will protect your work from "clicks" (but verifying developer integration with users can still be helped by developers, as developers The patch that will do the test will have the same number but different. User Manipulated Repeaters are executed preventively).

Method 2: Repair the hybrid PBS

The required operations on crList were performed before all other operations. This prevents the developers from running away. However, in practice, the use of these features may cost the requester more. This is because swapping in crList itself may reverse the SRM, which may reduce the revenue from SRM auctions. Thus, this approach can encourage applicants to use a variety of methods for constructing crList, which brings media back into media.

concludes

PBS is industrial research. Reducing the risk of centralization of consumer products induced by the SRM is essential for any blockchain that wishes to manage its status. But just as important is protecting the producer base from other forms of censorship loophole.

Here I prefer short term hybrid PBS. Hybrid PBS offers both the advantages of current models and “pure” PBS.

It maintains the existing censorship, as even altruistic supporters can wrap all submissions based on reviews from other sponsors and affiliates.

The essential requirements for the removal of the SRM are auctioned off to a specialist group, which reduces the risk of the SRM piloting the base of consumer electronics because the validators do not need to touch the SRMs.

Since the declarer does not need to complete the block directly, the validator can be stateless. In other words, significantly increasing the blocking capacity of a level makes it more secure.

Ultimately, hybrid PBS and multiple abstraction reliability issues may be the reason to explore the concept of secondary execution blocks that form in parallel with the primary execution block.

Additionally, the arguments in this article provide some interesting reasons, and finally, you might want to consider familiarizing yourself with the ERC 4337 user interface of the process. In the short term, the ERC 4337 is required to maintain an additional ERC contract. Because the change will come sooner. But in the long run, writing that down in the process layer and allowing the user to define the goal of the process process can provide many ways to protect the user from being compromised.

btcfans公众号

Scan QR code with WeChat

Link
Disclaimer:

Previous: Bankless Year-End Summary: Encrypted Networks Will Overthrow Old Power Systems Next: 30 snapshots of page 163 of Block's annual report

Related