-
Notifications
You must be signed in to change notification settings - Fork 1
SMIP-0003: Global state data, STF, APIs #13
Comments
moved from branch |
Discussion: Account Abstraction.
|
I think you meant the opposite here, a "user" account can have no code. Actually, the way I think about it, all accounts have code: at minimum, a "basic user account" uses a very simple template with send, receive, and withdraw functionality, using ED25519. Think about it like a multisig contract with only one signer. (Since the code is in fact contained in a template, there's only a pointer, so the actual on-mesh account size is tiny, only a few bytes.) CC @YaronWittenstein Agree on the pros. I'd add that a user can implement whichever signature scheme they want - they're not bound to ED25519.
The actual code can be implemented as a precompile, i.e., still run natively in go-spacemesh. It doesn't need to run in the VM. There would be a minimal amount of overhead associated with context switching into and out of the VM, but I think it's manageable, and even this, we could probably work around cleverly if necessary (e.g., we could probably avoid calling into the VM at all for the most common templates - the entire template could become a precompile).
I think it's worth digging a little deeper into this - how compact we could make transactions of this sort, and how much overhead there might be with account abstraction. Another downside here is that it makes metering a little more complicated. Typically, if the sig check fails, gas is not charged for a tx - but if you let the user write the sig check code, you have a catch-22. There are lots of ways to work around this (provide a hardcoded set of trusted sig check templates, refuse to perform more than a certain basic amount of work before charging gas, etc.). |
By definition of the STF, I had something more like this in mind: https://community.spacemesh.io/t/formal-specification-of-stf/88. |
Global state design - data + apis
UPDATE (5/26): renamed "meta-mesh" to "global state" for clarity
UPDATE (5/31): added "Scope" section; updated list of open questions
Scope
What's in scope for this proposal:
What's out of scope for this proposal:
Motivation
Spacemesh aims to build and release a minimally viable cryptocurrency mainnet which is powered by the Spacemesh consensus protocol. The primary use case of any cryptocurrency is the ability of anyone to transact w/o limitations. Transacting means the ability to submit transactions and to know the results of transactions executed by the system that a user may be involved in (as a sender, receiver, signer, etc...). Another important use case is smeshers getting rewards and transaction fees for honest participation in the protocol. For miners, it is utterly important to know exactly what fees and rewards they got credit for, in what time (layer) did they get rewarded and why did they get rewarded a specific amount in a layer.
The data required to implement these use cases on the most basic level does not live explicitly in the core Spacemesh distributed data structure we call the mesh due to the design of the Spacemesh consensus protocol.
This document aims to define what data needs to be collected, stored and made available by a Spacemesh node in a way that will enable Spacemesh to be a minimally viable cryptocurrency.
Specifically, this document lays out what data will be stored by a Spacemesh full node in addition to the core mesh data required by the Spacemesh consensus protocol, and how and when these data should be computed by a Spacemesh full node. While there's team consensus about the contents of the mesh, further attention and thought are needed around what data are needed that are not explicitly stored in the mesh.
The Spacemesh data API provides access to these data as mesh data alone is insufficient for many API consumers. A consensus on the above is required to design a functional API and to design API clients such as backup agents, explorers, wallets, and dashboards. All of these clients consume Spacemesh data and most of them require data beyond the basic, raw mesh data.
This formulation is important due to the special and unique design of the Spacemesh consensus protocol and mesh and the implication of the consensus protocol design on creating a functional cryptocurrency based on it.
The Mesh
Core data that the Spacemesh protocol provides decentralized consensus on is called the "mesh." The mesh is made from the contents of numbered layers starting from layer 0 at genesis. Each layer is made of ordered lists of zero or more immutable data structures: blocks that contain transactions. The mesh consists of all layers from genesis to the present, as determined by the Spacemesh consensus protocol.
By design, the mesh doesn’t include any data regarding the execution of transactions (including transaction processing results or side effects) and may include duplicate transactions in the same layer or even across different layers. The goal of the Spacemesh consensus protocol is to get all honest full nodes who participate in the protocol to agree (eventually) on the contents of all layers.
The contents of a layer (and therefore the mesh) can change over time while the Spacemesh protocol is executing. For example, the Tortoise protocol may change the contents of a layer as was determined by the execution of the Hare protocol. A self-healing process may change the content of past layers.
A transaction included in the mesh may fail to execute due to several conditions only known at runtime (i.e., the time when the full node actually attempts to execute the transaction in situ). Transaction processing doesn’t change the immutable transaction stored in the mesh. (See STF, below.)
The mesh doesn't store any additional data besides the contents of layers described above. (TBD - does it include state root hashes of previous layers?)
Global state data
The global state is an abstract data structure that includes all data, essential to a minimally viable cryptocurrency, that are not explicitly stored in the mesh. These data can be computed implicitly from mesh data. In addition to the global state, we also need to consider data structures emitted from the STF as side effects of the process of updating the global state.
Global state of layer n is define to include the following data:
accounts db
.transaction receipt
.) - a side effect of changes to global state.Block rewards
andtransaction fees
awarded to smeshers who submitted blocks to the layer - a side effect of changes to global state.App events
: events emitted by execution of apps (see caveat below) - a side effect of smart contract execution.Full node core data includes both the mesh and the global state and the Spacemesh data API should provide access to both mesh and global state data.
The STF (State Transition Function)
The global state can only modified by the state transition function (STF). It cannot be modified any other way. The STF is executed per layer. The global state of layer n is defined as the global state after the STF was executed for layer n.
STF INPUT
n-1
- this is essentially access to the accounts and app state db state at layern-
'.STF OUTPUT
The output of the STF is the global state of layer
n
. This includes all changes to global state data members and new data items created by the STF, e.g., new reward events and new transaction receipts.STF EXECUTION
The STF executes the transactions from the list in sequence and is responsible for generating and storing a transaction receipt for each execution in the global state.
The transaction execution initiated by the STF modifies the global state on a per-transaction basis. So transaction
b
executed after transactiona
should have the global state which includes changes to data created by the execution of transactiona
.Each transaction is executed based on its type: app transactions are executed by SVM and simple coin transactions by a coin transaction execution function. The STF is responsible for properly executing these transactions by using the SVM runtime and other transaction execution-specific modules.
When a transaction fails to execute, any changes it did to the global states should be rolled-back, these include any account or app state changes and generated events Note that some failed transaction may still change global state because gas will be paid as tx free to the miners of the blocks of this layer.
In addition to processing all the transactions from a list, the STF should compute the rewards and the transaction fees for layer n and update the state of the accounts that should receive rewards and transaction fees as part of the global state computation at layer n. These rewards and fees modify the global state (account balances). Rewards and tx fee computation should happen only after all the txs have been executed so the correct tx fee amounts to be distributed between the layer's smeshers are known.
Design Considerations
An STF for a specific layer number may be executed more than once because a layer’s contents may change (see The Mesh, above). For example, the STF is executed when the Hare protocol agrees on the contents of a layer but will be executed again if the Tortoise protocol or self healing changes the contents of that layer.
The state root hash is a hash of the global state of a layer computed by the STF. It is a compact binary representation of the global state of a layer. It is not yet clear if the mesh will include state root hashes for previous layers in ATXs or blocks (see discussion here). If it is included then the STF can compare its own computed state root hash with the state root hash from the mesh and alert the user if there’s a mismatch. This is not as strong as the state validation features provided by most other major cryptocurrencies, but it can help to more quickly identify full node bugs and runtime errors.
Including the results of transaction execution (receipts) in the global state is an important product requirement for a cryptocurrency. Without these data, users have no way to know if a transaction they (or a transaction counterparty) sent to the network was successfully executed or not, and if there was an error, what the error was (e.g., insufficient funds at execution time, a runtime error, etc.).
Empowering users to use a full node to know the results of their transactions instead of relying on a trusted third party and "bank teller" is arguably one of the most basic feature of a cryptocurrency - a distributed transaction processing system where users submit transactions and can tell the effect of their transactions on coin balances and app state. There is no major cryptocurrency design which does not have this basic feature. It is hard to imagine from a user perspective a cryptocurrency without this feature. It will certainly not be very useful or usable to end users.
One of the most important features of crypto wallets is the ability to display the results of any transaction that touched the user's account. This has implications on the global state data and the Spacemesh data API design. It is quite hard to imagine a cryptocurrency that can’t tell its users the results of the most basic actions these users are interested in: executing basic financial transactions.
App events are only emitted via a full node low-level API as they are created, and are not stored in global state. Maybe we can exclude them from the definition of the global state and think about them as emitted metadata by the STF that can be stored by full node clients if they subscribe to it (Tal's suggestion).
Open Questions
Answer: archive and full nodes where full nodes only store side-effects (rewards, receipts, events) for up to a fixed number of layers from the current layer and where archive nodes store all global state side effects from genesis.
Answer: Properly handling reorgs requires additional design review.
Answer: yes, each layer tx input list must not include a tx that was in an input list in a previous layer.
Answer: with the design proposed above that full node hold recent layers side effects.
Answer: Lane to further discuss with Iddo and make a recommendation.
Answer: currently not. The mesh doesn't store any global state data.
Transaction Status
Note that the term "transaction status" at present may be used to refer to three different kinds of concerns:
We propose to refactor transaction result out of transaction state as follows:
The
TransactionState
is computed by a full node pre-STF and doesn't reflect any transaction processing by the STF, only transaction processing as far as the mempool and the mesh are concerned.TransactionResult
encapsulates the results of transaction execution by the STF. The result can only be known once an STF attempted to execute the transaction.The
TransactionResult
is one field of aTransactionReceipt
. ATransactionReceipt
also includes the layer number when the transaction was executed. Note that it is the only data structure that includes execution side effects such as gas used and transaction fee charged. Note that one transaction may result in multiple receipts, if the layer changes and is rerun later (as described above), or if the transaction is included in multiple layers.The text was updated successfully, but these errors were encountered: