Yin Cheng 2021-11-24 08:08:30 阅读数:655
Further application ：
（1） Savings wallet . hypothesis Alice Want to keep her money safe , But she is worried about losing or being stolen by hackers . She put the ether in and Bob In a contract signed , As shown below , The contract is a bank ：
（1）Alice Up to... Can be extracted per day alone 1% Capital of .
（2）Bob Up to... Can be extracted per day alone 1% Capital of , but Alice You can use her private key to create a transaction cancellation Bob Withdrawal authority of .
（3）Alice and Bob Together, you can withdraw funds at will . In general , Every day 1% Yes Alice enough , If Alice If you want to withdraw more cash, she can contact Bob Ask for help . If Alice Your private key was stolen , She can find... Immediately Bob Transfer her funds to a new contract . If she loses her private key ,Bob You can put the money out slowly . If Bob Showing malice , She can turn off his withdrawal authority .
（2） Crop insurance . One can easily create a financial derivatives contract using weather conditions rather than any price index as data input . If an Iowa farmer buys a financial derivative with reverse compensation based on Iowa's rainfall , So if you encounter drought , The farmer will automatically receive compensation funds, and if there is enough rain, he will be very happy because his crop will harvest well .
（3） A decentralized data publisher . For difference based financial contracts , In fact, I passed “ Xie Lindian ” It is possible for the protocol to decentralize the data publisher . The working principle of Schelling point is as follows ：N Party provides input values to the system for a specified data （ for example ETH/USD Price ）, All values are sorted , Each provides 25% To 75% Nodes between values will be rewarded , Everyone has the incentive to provide the answers that others will provide , The answer that a large number of players can really agree is obviously the correct answer by default , This constructs a model that can theoretically provide many numerical values , Include ETH/USD Price , The Berlin temperature is even the result of a particularly difficult calculation of the decentralization protocol .
（4） Cloud computing .EVM Technology can also be used to create a verifiable computing environment , Allow the user to invite others to perform the calculation, and then selectively request evidence that the calculation has been completed correctly at a certain randomly selected checkpoint . This allows you to create a desktop that any user can use , It is possible for laptops or dedicated servers to participate in the cloud computing market , On site inspection and safety deposit can be used to ensure that the system is trustworthy （ That is, no node can profit from deception ）. Although such a system may not be suitable for all tasks ; for example , Tasks requiring advanced interprocess communication are not easy to complete on a large node cloud . However, some other tasks are easy to implement in parallel ; Projects such as genetic algorithms can be easily carried out on such a platform .
（5） Point to point gambling . Any number of point-to-point gambling protocols can be moved to Ethereum's blockchain , for example Frank Stajano and Richard Clayton Of Cyberdice. The simplest gambling agreement is actually such a simple contract , It is used to bet on the difference between the hash value of the next block and the guessed value , Based on this, more complex gambling protocols can be created , To achieve near zero cost and no cheating gambling services .
（6） Forecast market . Whether there is an Oracle or a Sherin coin , Forecasting the market will be easy to achieve , The forecast market with Schelling coins may prove to be the first mainstream as a decentralized organization management agreement “futarchy” application .
（7） Centralized market in the chain , Based on identity and reputation systems .
Implementation of improved ghost protocol ：
“ ghost “ agreement （"Greedy Heaviest Observed Subtree"(GHOST) protocol） By Yonatan Sompolinsky and Aviv Zohar stay 2013 year 12 Innovation introduced in January . The motivation of ghost protocol is that the current fast confirmed block chain is plagued by low security due to the high invalidation rate of blocks ; Because it takes time （ Set to t） Spread to the whole network , If the miners A Dug out a block and the miners B Happened to be A The block spread to B Another block was excavated before , The miners B The block will be invalidated and will not contribute to network security . Besides , There is also the problem of centralization ： If A It's a network with the whole network 30% The power of the mine pool B Have 10% Calculation power ,A Will face 70% All the time, there is a risk of voiding blocks, and B stay 90% Obsolete blocks are being generated all the time . therefore , If the void rate is high ,A Will simply be more efficient because of a higher share of computing power , Combine these two factors , The fast block chain generated by blocks is likely to lead to a pool having a share of computing power that can actually control the mining process .
just as Sompolinsky and Zohar Described as , By calculating which chain “ The longest ” Include waste blocks when , Ghost protocol solves the first problem of reducing network security ; That is to say , Not only the parent block of a block and earlier ancestor blocks , Obsolete descendant block of ancestor block （ In Ethereum terms, it is called “ Shu block ”） It is also added to calculate which block has the maximum workload to support it . We have surpassed Sompolinsky and Zohar The protocol described to solve the second problem – Centralization tendency , Ethereum pays “ Shu block ” Identify the waste block that contributes to the new block confirmation 87.5% Reward , Put them into the calculation “ Nephew block ” Will be rewarded 12.5%, however , Transaction fees are not awarded to the uncle . Ethereum implemented a simplified version of the ghost protocol that only goes down to the fifth layer . Its characteristics are , Waste blocks can only be used as Uncle blocks by the second to fifth generations of their parents , Not the younger generation of further relationship （ For example, the sixth generation of the parent block , Or the third generation of grandfathers ） Included in the calculation . There are several reasons for this . First , Unconditional ghost protocol will bring too much complexity to calculate which tertiary block of a given block is legal . secondly , The unconditional ghost protocol with the compensation used by Ethereum deprives the miner of the incentive to mine on the main chain rather than a public attacker's Chain . Last , The calculation shows that the five layer ghost protocol with excitation is even when the out block time is 15s In the case of 95% Above efficiency , And have 25% The benefit of centralization is less than 3%
Because each published transaction to the blockchain takes up the cost of download and verification , There needs to be a normative mechanism including transaction fees to prevent indiscriminate transactions . The default method used by bitcoin is purely voluntary transaction fees , Rely on miners to act as gatekeepers and set dynamic minimum costs . Because this method is “ Market based ”, Enables miners and transaction senders to determine prices based on supply and demand , So this method has been successfully accepted in the bitcoin community . However , The problem with this logic is , Transaction processing is not a market ; Although it is attractive to intuitively interpret transaction processing as the service provided by miners to senders , But in fact, the transactions recorded by a miner need to be processed by each node in the network , Therefore, the largest part of the cost of transaction processing is borne by the third party rather than the miner who decides whether to include the transaction . therefore , There is a great possibility of a tragedy of the Commons .
However , When a special and imprecise simplified assumption is given , This loophole in the market-based mechanism magically eliminates its own influence . The argument is as follows . hypothesis ：
When the expected reward is greater than the cost , Miners are willing to dig . such , Because miners have 1/N The opportunity to process the next block , So the expected return is kR/N , The treatment cost of miners is simple kC. So when kR/N > kC, namely R > NC when . Miners are willing to record transactions . Be careful R Is the cost per step provided by the transaction sender , Is the lower limit for miners to benefit from dealing with transactions . NC It is the cost of processing an operation in the whole network . therefore , Miners are only motivated to include transactions where the benefits outweigh the costs . However , There are several important deviations between these assumptions and the actual situation ：
Speculators whose job is to destroy the Internet , Political enemies and lunatics do exist , And they can set up contracts intelligently so that their cost is much lower than other verification nodes . The above first 1 Points Drive miners to include fewer transactions , The first 2 The number of points has increased NC; Therefore, the effects of these two points at least partially offset each other . The first 3 Point and No. 4 Point is the main problem ; As a solution, we simply establish a floating upper limit ： No block can contain more than BLK_LIMIT_FACTOR Times the moving average of the long-term index, more operands . In particular ：
BLK_LIMIT_FACTOR and EMA_FACTOR Yes, temporarily set to 65536 and 1.5 The constant , But there may be more in-depth analysis .
Calculation and Turing complete ：
It should be emphasized that Ethereum virtual machine is Turing complete ; It means EVM The code can perform any conceivable calculation , Including infinite loops .EVM There are two ways for code to implement loops . First , JUMP Instructions can make the program jump back to somewhere in front of the code , There are also permits such as while x < 27: x = x * 2 The same conditional statement JUMPI The instruction implements conditional jump . secondly , Contracts can call other contracts , There is the potential to implement loops through recursion . This naturally leads to a problem ： Can a malicious user have to shut down by forcing miners and all nodes into an infinite loop ？ This problem arises because of a problem in computer science called downtime problem ： Generally speaking, there is no way to know , Whether a given program can finish running in a limited time .
As described in the state transition section , Our scheme solves the problem by setting the maximum number of calculation steps for each transaction , If it exceeds, it is calculated that it will be restored to its original state, but the cost will still be paid . Messages work in the same way . To show the motivation behind this scheme , Consider the following example ：
（1） An attacker creates a contract that runs an infinite loop , Then an activation cycle transaction is sent to the miner , The miners will handle the transaction , Run an infinite cycle until the gas runs out . Even if the gas runs out, the transaction stops halfway , The deal is still right （ Go back ） And the miners still earn the cost of each step from the attackers .
（2） An attacker creates a very long infinite loop with the intention of forcing the miner to calculate for a long time, so that several blocks have been generated before the end of the calculation, so the miner cannot record transactions to earn fees use . However , The attacker needs to publish a STARTGAS Value to limit the number of executable steps , Therefore, the miner will know in advance that the calculation will take too many steps .
（3） An attacker sees a file that contains information such as send(A,self.storage); self.storage = 0 The contract is then sent with a transaction that is only enough to perform the first step and not enough to perform the second step （ That is, withdraw cash without reducing the account balance ）. Contract writers don't have to worry about defending against similar attacks , Because if the execution stops halfway, all changes are replied .
（4） A financial contract works by extracting the median of nine dedicated data publishers to minimize risk , An attacker took over one of the data providers , Then press this DAO The variable address call mechanism described in this chapter is designed to change the data provider to run an infinite loop , Any attempt to force funds from this financial contract will be suspended due to the depletion of gas . However , The financial contract can set gas restrictions in the message to prevent such problems . The replacement of Turing completeness is Turing incompleteness , here JUMP and JUMPI The instruction does not exist and only one copy of each contract is allowed to exist in the call stack at a given time . In such a system , The above cost system and the uncertainty surrounding the efficiency of our scheme may not be needed , Because the cost of executing a contract will be determined by its size .
Besides , Turing incompleteness is not even a big limitation , Of all the contractual examples we envision internally , So far, there is only one need to cycle , And even this cycle can be 26 Replaced by a repetition of a single line of code segment . Considering the serious trouble and limited benefits of Turing completeness , Why not simply use a Turing incomplete language ？ In fact, Turing incompleteness is far from a simple solution . Why? ？ Please consider the following contract ：
Now? , Send such a transaction to A, such , stay 51 In one transaction , We have a need to spend 2^50 The contract calculated in step , Miners may try to detect such a logic bomb in advance by maintaining a maximum number of executable steps for each contract and calculating the number of possible execution steps for contracts that recursively call other contracts , But this would prohibit miners from creating other contracts （ Because above 26 The creation and execution of contracts can be easily put into a single contract ）. Another problem is that the address field of a message is a variable , So generally speaking, it may not even know in advance which other contract a contract will call .
therefore , Finally, we came to an amazing conclusion ： Turing's complete management is surprisingly easy , In the absence of the same control, Turing's incomplete management is surprisingly difficult , Then why not make the agreement Turing complete ？
Currency and issue ：
The Ethereum network contains its own built-in currency, Ethereum , Ether plays a dual role , Provide major liquidity for a variety of digital asset transactions , What's more, it provides a mechanism to pay for transactions . In order to facilitate and avoid future disputes （ See current mBTC/uBTC/ Cong's argument ）, The names of different denominations will be set in advance ：
10^18: The etheric
This should be regarded as “ element ” and “ branch ” perhaps “ The currency ” and “ Cong ” An extended version of the concept , In the near future , We expect “ The etheric ” Used as an ordinary transaction ,“ Finney ” For Micro Trading ,“ Saab ” and “ Wei ” Used to discuss costs and implementation of the agreement .
The distribution mode is as follows ：
（1） Through the offering , Ethereum will be in the form of BTC 1337-2000 The price of ether , A mechanism designed to raise funds for Ethereum organizations and pay developers has been successfully used on other cryptographic currency platforms . Early buyers will enjoy a large discount , Proceeds from the sale BTC It will be used exclusively to pay the salaries and rewards of developers and researchers , And projects invested in the cryptology currency ecosystem .
（2）0.099x （x For the total sale amount ） Will be assigned to BTC Early contributors to development prior to the success of financing or other deterministic financing , Another one 0.099x Will be allocated to long-term research projects .
（3） There will be... Every year since the launch 0.26x（x For the total sale amount ） Dug up by miners .
Issue breakdown ：
The permanent linear growth model reduces the risk of excessive concentration of wealth in bitcoin , And give people living in the present and future a fair opportunity to get money , At the same time, the incentive to acquire and hold ether money is maintained , Because in the long run “ Money supply growth rate ” It tends to zero . We also infer that , With the passage of time, there will always be the loss of money due to carelessness and death , Suppose the loss of money is a fixed proportion of the annual money supply , Finally, the total money supply in circulation will stabilize at a value equal to the annual money circulation divided by the loss rate （ for example , When the loss rate is 1% when , When the supply reaches 30x when , Every year, 0.3x Dug out at the same time 0.3x The loss of , Reach an equilibrium ）.
In addition to the linear distribution mode , Like bitcoin, the supply growth rate of ether currency tends to zero in the long run .
Centralization of mining ：
Bitcoin mining algorithm basically allows miners to slightly change the block thousands of times , Until the hash of the modified version of a node is less than the target value （ It's about 2190）. However , This mining algorithm is vulnerable to two forms of centralization attacks . The first one is , The mining ecosystem is specially designed to improve the efficiency of bitcoin mining by thousands of times ASICs（ ASIC ） And computer chip control . This means that bitcoin mining is no longer highly decentralized and egalitarian , It requires the effective participation of huge capital . The second kind , Most bitcoin miners actually no longer complete block verification locally ; Instead, it relies on centralized ore pools to provide blocks . This problem can be said to be very serious ： In writing this article , The two largest ore pools indirectly control about the whole network 50% Calculation power , Although when a pool or consortium tries 51% The fact that miners can switch to other pools during an attack alleviates the severity of the problem .
Ethereum now aims to use one based on each 1000 A mining algorithm that randomly generates a unique hash function from a random number , With a sufficiently wide computational domain , Advantages of removing dedicated hardware . Such a strategy will certainly not reduce the benefits of centralization to zero , But it doesn't have to be . Note that each individual user can use their personal laptop or desktop to complete a certain amount of mining activities almost free of charge , But when it comes to 100% Of CPU After utilization, more mining will require them to pay for power and hardware costs .ASIC Mining companies need to pay for power and hardware from the first hash . therefore , If the benefits of centralization can be maintained at (E + H) /E following , So even ASICs Ordinary miners who have been made still have room to live . in addition , We plan to design the mining algorithm so that mining needs to access the whole blockchain , Force miners to store completed blockchains or at least be able to verify each transaction . This eliminates the need for a centralized ore pool ; Although the ore pool can still play the role of smoothing the randomness of income distribution , But this function can be controlled without centralization P2P The pit is finished just as well . In this way, even most ordinary users still prefer light clients , By increasing the number of all nodes in the network, it also helps to resist centralization .
Scalability is a common concern of Ethereum , Just like bitcoin , Ethereum also suffers from the dilemma that every transaction needs to be handled by every node in the network . The current blockchain size of bitcoin is about 20GB, Per hour 1MB The rate of growth . If bitcoin network processing Visa Class 2000tps Transactions , It will be every three seconds 1MB The rate of growth （1GB Every hour ,8TB Every year, ）. Ethereum may experience similar or even worse growth patterns , Because there are many applications on Ethereum blockchain , Not like bitcoin is just a simple currency , However, the fact that all Ethereum nodes only need to store state rather than complete blockchain history improves the situation .
The problem of large blockchain is the centralization of risk . If the block chain size increases to, for example 100TB, The possible scenario will be that only a very small number of large businesses will run all nodes , Regular users use light SPV node . This will increase the profit of all node partnership fraud （ For example, change the block reward , To themselves BTC） Risk concerns . Light nodes will not be able to detect such fraud immediately . Of course , At least there may be an honest all node , And in a few hours, information about the fraud will pass through Reddit Such channels leak , But it was too late ： No matter what efforts ordinary users make to abolish the generated blocks , They will all encounter and launch a successful 51% Attack huge infeasible coordination problems of the same scale . Here in bitcoin , Now this is a problem , but Peter Todd A suggested change can alleviate this problem .
In the near future , Ethereum will use two additional strategies to deal with this problem . First , Because the mining algorithm based on blockchain , At least every miner will be forced to become a full node , This ensures a certain number of full nodes . secondly , what's more , After processing each transaction , We will include the root of an intermediate state tree into the blockchain . Even if block validation is centralized , As long as an honest verification node exists , The problem of centralization can be avoided by a verification protocol . If a miner posts an incorrect block , This block is either in the wrong format , Either state S[n] It's wrong. . because S That's right. , There must be the first error state S[i] but S[i-1] That's right. , Verify that the node will provide the index i, Together with the processing APPLY(S[i-1],TX[i]) -> S[i] Subset of required Patricia tree nodes . These nodes will be instructed to perform this part of the calculation , Look at the resulting S[i] Is it consistent with the previously provided value .
in addition , What's more complicated is that malicious miners publish incomplete blocks to attack , There is not enough information to determine whether the block is correct . The solution is to question - Response agreement ： The verification node queries the target transaction index , The light node receiving the challenge information will cancel the trust of the corresponding block , Until another miner or verifier provides a collection of Patricia's ideas as correct evidence .
review ： Decentralized applications
Ethereum protocol was originally provided as a highly common language, such as contract on the chain , Withdrawal restrictions and financial contracts , An upgraded version of cryptography currency with advanced functions such as gambling market . The Ethereum protocol will not directly “ Support ” Any application , But the existence of Turing complete programming language means that theoretically any contract can be created for any transaction type and Application . However, the more interesting thing about Ethereum is , The Ethereum agreement goes further than pure money , Around decentralized storage , Decentralized computing and decentralized forecasting market, as well as protocols and decentralized applications established by dozens of similar concepts , It has the potential to fundamentally improve the efficiency of the computing industry , And by adding the economic layer for the first time for other P2P The agreement provides strong support , Final , There will also be a large number of applications that have nothing to do with money .
The concept of arbitrary state transition implemented by Ethereum protocol provides a platform with unique potential ; And closed , For example, data storage , Agreements designed for a single purpose, such as gambling or finance, are different , Ethereum is open in design , And we believe that it is extremely suitable as a basic layer to serve the extremely large number of financial and non-financial agreements in the coming years .
Want to get the coinage technology and a full set of virtual machine information
Blockchain technology exchange QQ Group ：756146052 remarks ：CSDN
Wechat of Yin Cheng College ： remarks ：CSDN
版权声明：本文为[Yin Cheng]所创，转载请带上原文链接，感谢。 https://netfreeman.com/2021/11/20211108224341569N.html