some initial text for drand <> FVM FRC #1
Conversation
|
On Tue, Apr 4, 2023, 11:04 AM PM ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
On FRCs/frc-00yy.md
<#1 (comment)>:
It's true that SPs will always have an advantage - or at least the one
mining the current block. I assumed this proposal would have brought their
advantage down to a single block, although:
So in Filecoin,
the tx gets executed one block later
drand is fetched one more round before
Does this mean it takes 60s from selection of an SP to mine a block and
the block being official?
It takes 60s from a stand value being produced to being inserted into a
block released on network (and +30s I think to be "available on chain" via
randao etc)
As long as there is an advantage for someone,you can't guarantee anything
and you can't guarantee the advantage is not spread to multiple parties . A
SP is not necessarily a single party.
… —
Reply to this email directly, view it on GitHub
<#1 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AATSFCY2G3UEECBZEBB6ZZDW7N6T5ANCNFSM6AAAAAAWCBIFUY>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
Reasonable points - I still think it might be worth the change even though the threat model isn't improved that much. Either way it could be worth wider discussion so I've updated the FRC to give clearer details on what a change would give/not give |
FRCs/frc-00zz.md
Outdated
| ``` | ||
|
|
||
| The `encrypt` functions take raw message bytes and a block number which, along with the public key of the drand network, are passed into the function specified in [the timelock encryption paper](https://eprint.iacr.org/2023/189.pdf) released by the team. In short, the block number is hashed to a point on the G2 group of the BLS12-381 curve. That point is multiplied by a new point derived from the message and mapped onto the target group Gt, and the message is xor'd with the resulting point on Gt. | ||
| For larger messages originating outside the system, we recommend using a symmetric cipher such as [age](https://age-encryption.org/) to encrypt the message off-chain, and performing timelock encryption on just the symmetric key on-chain, in order to save gas fees, as the pairing operation is expensive. |
There was a problem hiding this comment.
If that's the recommendation of the FIP then it must come with the spec or stg with the FIP ?
I mean the FIP should be self contained, so looking at it we should be able to answer the question "how do we encrypt the transaction" "how do we decrypt it".
I would recommend for a very simple format, but given age is well documented maybe that can fly. The only thing that bothers me is that it's not doable in Solidity/EVM land to decrypt age so maybe it's worth finding a AEAD very simple that is implementable in solidity land. (but it's up for discussion to devs I guess if they're ok implementing the "decrypt" as a precompile or not)
There was a problem hiding this comment.
Perhaps it's worth having another FRC for best practices around AEAD on FVM/FEVM?
I had a look for some prior art on ethereum, but the best I could find was this draft proposal which quite loosely says "use ECIES + AES-CBC", but doesn't really provide any implementation details.
I don't see any impls of common symmetric ciphers on github in solidity, but I think we could port our impl of Chacha20Poly1305 to solidity fairly easily; whether that would be peformant or cheap... I'm not so sure.
A benefit of raising a separate FRC for it would be that it could be another rust precompile and comparatively cheaper
CluEleSsUK
force-pushed
the
feature/fvm-drand-fip
branch
from
14eee1a to
6abe6ba
Compare
the first: fetch current randomness the next (not implemented here): arbitrary BLS12-381 actor + timelock built-in actor
Co-authored-by: Yolan Romailler <[email protected]>
Co-authored-by: Yolan Romailler <[email protected]>
Co-authored-by: Yolan Romailler <[email protected]>
Co-authored-by: Yolan Romailler <[email protected]>
timelock interfaces
CluEleSsUK
force-pushed
the
feature/fvm-drand-fip
branch
from
6abe6ba to
05aee20
Compare
|
|
||
|
|
||
| ## Abstract | ||
| On 2023-03-01, drand launched the first practical Timelock encryption scheme to drand mainnet after undergoing a security audit and developing libraries and tooling to make it easier. |
There was a problem hiding this comment.
Should we hold on to see if we're re-spawning a new fastnet network with the patched signatures during the ceremony on June 7th or 14th?
Co-authored-by: Yolan Romailler <[email protected]>
…ject#838) * feat: add unfinished draft for SuperSnaps * Add some required updates * Add aggregate verification gas costs (#1) * Additional edits * Add gas plots and min/max aggregation sizes (#2) * Add supersnap gas plots * Add min/max values for the numbers of aggregatable proofs * Center justify gas cost table * Spelling, grammer, re-wording, etc. fixes (#3) * Apply review feedback * Apply review feedback and rebase onto FIP-0076 (filecoin-project#4) * Updates for FIP-0082 assignment * Update FIPS/fip-0082.md Co-authored-by: Jorge Soares <[email protected]> * Apply review feedback --------- Co-authored-by: DrPeterVanNostrand <[email protected]> Co-authored-by: Jorge Soares <[email protected]>
…nd Market Actors (filecoin-project#872) * fip for built-in Actor events * finish draft * fix formatting * changes as per review #1 * link FIPs * Apply suggestions from code review Applying editorial changes. Co-authored-by: Jorge Soares <[email protected]> * update Market Actor events * add FIP number * Apply suggestions from code review Co-authored-by: Jiaying Wang <[email protected]> --------- Co-authored-by: Jorge Soares <[email protected]> Co-authored-by: Jiaying Wang <[email protected]>
… Sector Activation events as per FIP discussion (filecoin-project#897) * fip for built-in Actor events * finish draft * fix formatting * changes as per review #1 * link FIPs * Apply suggestions from code review Applying editorial changes. Co-authored-by: Jorge Soares <[email protected]> * update Market Actor events * add FIP number * update fip-0083 to incorporate changes to market actor and sector activation events * Apply suggestions from code review Co-authored-by: Alex North <[email protected]> * change language --------- Co-authored-by: Jorge Soares <[email protected]> Co-authored-by: Alex North <[email protected]>
No description provided.