qtumproject / qips

Qtum Improvement Proposals
9 stars 2 forks source link

QIP-13: Add contract execution result hash to inputs spent by AAL transactions #13

Open Earlz opened 5 years ago

Earlz commented 5 years ago

Abstract

This proposal is to implement lightweight proofs of a contract execution and the corresponding result that is accessible to SPV wallets as well as capable of being utilized in smart contracts and off-chain systems.

Motivation

One research concept, dubbed "Proton Network", requires some proof published to a secondary blockchain that a withdrawal has happened through a smart contract on the main (ie, Qtum) blockchain. I've seen other concepts requiring the same functionality. There are currently two workaround options in Qtum, neither of which are optimal:

There is already a design for a new "delta tree" data structure for x86 which allows for proving that no contract execution is censored, as well as proving that a particular execution occurred and what the result is. However, this proposal goes further into making the proof lightweight and capable of being very explicitly tied to a particular transaction.

Specification

When an OP_CALL or OP_CREATE transaction occurs, even if the UTXO is 0 value, it is immediately spent as an AAL transaction. A new 0 value output is created which only encodes data (and thus can be safely trimmed without repercussions). The data included in the output:

Staggered in this case means that for example, if contract A and contract B were both executed and A was successful (0) but B was error (1), then the nodes would be encoded in this order:

Rationale

Strategy