search

integritee-network / pallets

Other
10 stars 14 forks source link

SBliFF v1: Semi-Blind Faith Finality V1 #242

Closed brenzi closed 4 months ago

brenzi commented 6 months ago

The most simple finality for Integritee TEE-validated sidechains only guarantees the following:

  1. next finalized block is a lineal descendant of previous finalized block
  2. block number is monotonically increasing
  3. ShardConfig is respected
    • only authenticated TEE's within a potentially limited set are authorized to propose finality candidate blocks

from the chain's perspective, the validateers are trusted to only supply legit blocks. They are, however, not trusted to be up to date with either the chain state nor its peers

Therefore, there is no need to know intermediate block hashes to accept new blocks. We can relax (1) and just make sure the validateer knows all blocks between our last finalized block and his proposed candidate block

SBliFF specification

storage:

dispatchables:

confirm_imported_sidechain_block(
  shard,
  latest_finalized_ancestor: (BlockNumber, BlockHash),
  finalization_candidate: (BlockNumber, BlockHash),
)

ensure(authorized for shard)
if finalization_candidate.number <= last_finalized_block.number: fail
if latest_finalized_ancestor.number != last_finalized_block.number: fail
if latest_finalized_ancestor.hash != last_finalized_block.hash: fail

last_finalized_block = finalization_candidate
clangenb commented 6 months ago

From what you told me about the finality before, I have thought about the finality conditions of BliFF, and I came up with the same conditions and I think they are sufficient for finalizing sidechain blocks.

I am uncertain about the naming though, which part of this is 'faith'? There is no faith involved IMO, we know that a registered sidechain validateer knows by design all blocks between latest_finalized_ancestor and finalization_candidate. I am saying this because I am a bit wary of the word faith, which might foster the misconception that we indeed have to believe instead of knowing something at some point, which is not really trust creating.

brenzi commented 6 months ago

yeah, definitely not a marketing term ;-) I was just tempted to refer to https://en.wikipedia.org/wiki/Blind_Faith not meant to be serious ;-) still: the faith remains from a chain perspective in the guarantees of SGX and our design to ensure integrity of sidechain blocks