Front running protection and general "timed encryption"

[nikkolasg]

The goal of this discussion is to scope out interest for using a new feature from drand network and how this could be implemented in Filecoin with FVM.

Timed Encryption

Drand is working on an upcoming feature that will allow anyone to encrypt a message "to a specific point in time in the future" such that when the randomness associated with that time in drand is released, anyone can decrypt the ciphertext. The technical description on how this work is described here.

Application

Think of this feature as if the drand network is able to keep a secret for some specified amount of time. We can apply this technique to prevent front running, a massive problem in the space which is gonna become relevant for FIL as well once the FVM is in place. We can also do sealed bids, and other fancy lotteries in this way. Note I am hoping this feature would become relevant in other blockchains as well.

Application to Filecoin with FVM

The general idea is to (1) encrypt transactions (2) submit them onchain to a special actor (3) another special cron actor will decrypt the txs at the right time.

Precomputation

Given we already have drand randomness onchain, ideally we would not have to do anything special to the protocol. However, given the decryption is relatively expensive (1/2 pairings per ciphertext), then we can allow anyone to provide pre-computed elements per encrypted txs. More concretely, that means at decryption time, the block producer would need to precompute elements (offchain so can be quite fast and parallelized), one per tx, and submit them onchain as well, as a special "precomputed" type or stg.

Actors

I am not knowledgeable enough in the Filecoin architecture to detail precisely the approach but having discussed with some engineers, it appears we could use a TimedEncryption actor that receives those encrypted transactions and keep a key value map so any actor/tx can use this Actor. Then we would have a Decryption actor that is called for each epoch where there is something to be decrypted, with the precomputed elements, and execute the messages.

Order of execution: Note in order to prevent front running, we need the execution of decrypted transactions to happen first within the block execution logic (Otherwise a miner can simply put his own transaction before since he can decrypt all encrypted txs first at the time he's building the block). That requires the development of a "pre-execution" cron actor or stg.

---

What do you think about this idea ? Anyone willing to help out flesh out the details ? I am happy to help with anything drand related, but as you can see I know less about the Filecoin intrinsics.

[kaitlin-beegle]

Hi @nikkolasg! This was an idea submitted quite awhile ago. However, as we prepare for the FVM to go live in less than two months, I wanted to ask if this is still a proposal you're interested in developing?

[steven004]

This is a promising proposal, while lots of details need to be discussed. It is related to the cron actor design. The discussion #242 @anorth proposed could be considered with this together. I would think a good cron design will enable a lot of things for Filecoin.