The ability to verifiably retrieve transaction or state data stored off-chain is crucial to blockchain scaling techniques such as rollups or sharding. We formalize the problem and design a storage- and communication-efficient protocol using linear erasure-correcting codes and homomorphic vector commitments. Motivated by application requirements for rollups, our solution Semi-AVID-PR departs from earlier Verifiable Information Dispersal schemes in that we do not require comprehensive termination properties. Compared to Data Availability Oracles, under no circumstance do we fall back to returning empty blocks. Distributing a file of 22 MB among 256 storage nodes, up to 85 of which may be adversarial, requires in total ~70 MB of communication and storage, and ~41 seconds of single-thread runtime (<3 seconds on 16 threads) on an AMD Opteron 6378 processor when using the BLS12-381 curve. Our solution requires no modification to on-chain contracts of Validium rollups such as StarkWare's StarkEx. Additionally, it provides privacy of the dispersed data against honest-but-curious storage nodes. Finally, we discuss an application of our Semi-AVID-PR scheme to data availability verification schemes based on random sampling.
翻译:以可核查的方式检索交易或国家数据存储于链链外的能力对于诸如滚动或剥离等链条缩放技术至关重要。 我们将问题正规化,并设计一个使用线性删除校正代码和同质矢量承诺的储存和通信高效协议。 受缩放应用要求的驱动,我们的半AID-PR解决方案与早期的可核实信息分散计划不同,因为我们不需要全面终止特性。 与数据可获取性 Oracle 相比,我们在任何情况下都不能返回空区。 在256个存储节点中分配22 MB的文档,其中85个可能是对立的,总共需要~70 MB的通信和存储,还有~41秒的单线运行时间(16秒),在使用 BLS12-381 曲线时, 我们的解决方案不需要修改像 StarkWarre's StarkEx 那样的“ ” 。 此外,它提供了分散的数据的保密性,防止诚实但有保证的存储机制的存储和存储,最后,我们讨论基于Sremi-PR AS-AV 的随机核查计划的应用。