ProHoster > Blog > Utongi > Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?

Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?

Nhasi, chete masimbe haana kunyora nezve blockchain tekinoroji, cryptocurrencies uye kuti inotonhorera sei. Asi chinyorwa ichi hachizorumbidza tekinoroji iyi; isu tichataura nezve zvikanganiso zvayo uye nzira dzekuzvibvisa.

Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?

Ndichiri kushanda pane imwe yemapurojekiti paAltirix Systems, basa rakamuka rekuchengetedza, censorship-inodzivirira kusimbiswa kwedata kubva kune sosi yekunze kune blockchain. Zvaive zvakafanira kusimbisa shanduko mumarekodhi echitatu system uye, zvichibva pane idzi shanduko, ita rimwe kana rimwe bazi mune smart contract logic. Basa racho pakutanga rakanyanya kudiki, asi kana mamiriro emari emumwe wemapato ari kutora chikamu mukugadzirisa anoenderana nemhedzisiro yekuitwa kwayo, zvimwe zvinodiwa zvinoonekwa. Chekutanga pane zvese, uku kuvimba kwakazara mune yakadaro yekusimbisa meshini. Asi zvinhu zvekutanga kutanga.

Dambudziko nderekuti blockchain pachayo inhengo inozvimiririra, yakavharwa, saka zvibvumirano zvine hungwaru mukati me blockchain hazvizivi nezvenyika yekunze. Panguva imwecheteyo, mazwi ezvibvumirano zvakangwara anowanzoenderana neruzivo rwezvinhu chaizvo (kunonoka kwendege, mitengo yekuchinjana, nezvimwewo). Kuti zvibvumirano zvakangwara zvishande nemazvo, ruzivo rwakagamuchirwa kubva kunze kwe blockchain runofanira kuvimbika uye kusimbiswa. Dambudziko iri rinogadziriswa nekushandisa zvirevo zvakaita seTown Crier neDECO. Aya mashura anobvumira chibvumirano chakangwara pane blockchain network kuvimba neruzivo kubva kune yakavimbika webhu server; tinogona kutaura kuti ava ndivo vanopa ruzivo rwakavimbika.

Oracles

Fungidzira kuti kondirakiti yakangwara inoendesa 0.001 btc kuchikwama chako chebitcoin kana kirabhu yako yenhabvu yaunofarira ikahwina Mukombe weRussia. Muchiitiko chekukunda chaiko, kondirakiti yakangwara inoda kuendesa ruzivo nezve kirabhu yakahwina, uye akati wandei matambudziko anomuka pano: kwekuwana ruzivo urwu, nzira yekuiendesa zvakachengeteka kune smart kontrakiti uye maitiro ekuona kuti ruzivo rwacho. yakagashirwa muchibvumirano chakangwara inoshanda chaizvo inopindirana neicho chaicho?

Kana zvasvika kune kwakabva ruzivo, panogona kuve ne2 mamiriro: kubatanidza smart kontrakiti kune yakavimbika webhusaiti iyo ruzivo nezvemachisi mhedzisiro inochengetwa nechepakati, uye yechipiri sarudzo ndeyekubatanidza akati wandei masaiti kamwechete uye wozosarudza ruzivo kubva kwakawanda masosi. iyo inopa iyo data yakafanana. Kuti uone kurongeka kweruzivo, zvirevo zvinoshandiswa, semuenzaniso Oraclize, inoshandisa TLSNotary (TLS Notary Modification kuratidza Huchokwadi hweData). Asi pane ruzivo rwakakwana paGoogle pamusoro peOraclize, uye kune zvinyorwa zvakawanda pamusoro peHabrΓ©.Nhasi ndichataura pamusoro pezvinyorwa zvinoshandisa nzira yakasiyana zvishoma pakuparadzira ruzivo: Town Crier uye DECO. Chinyorwa chinopa tsananguro yemitemo yekushanda yezvirevo zviviri, pamwe nekuenzanisa kwakadzama.

Town Crier

Town Crier (TC) yakaunzwa neIC3 (Iyo Initiative yeCryptoCurrencies uye Zvibvumirano) muna 2016 paCCS'16. Pfungwa huru yeTC: kuendesa ruzivo kubva kune webhusaiti kuenda kune yakangwara kontrakiti uye ita shuwa kuti ruzivo rwunounzwa neTC rwakafanana nerwewebhusaiti. TC inoshandisa TEE (Trusted Execution Environment) kuratidza muridzi wedata. Iyo yekutanga vhezheni yeTC inotsanangura maitiro ekushanda neIntel SGX.
Town Crier ine chikamu mukati me blockchain uye chikamu mukati meiyo OS pachayo - TC Server.
Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?
TC Kondirakiti iri pa blockchain uye inoita senge kumberi kweTC. Inogamuchira zvikumbiro kubva kuCU (mushandisi smart contract) uye inodzosera mhinduro kubva kuTC Server. Mukati meTC Server mune Relay, iyo inomisikidza kubatana pakati peiyo enclave neInternet (bidirectional traffic) uye inobatanidza iyo enclave ne blockchain. Enclave ine progencl, inova kodhi inoita zvikumbiro kubva ku blockchain uye inodzosera mameseji ku blockchain ine siginecha yedhijitari, progencl ine chikamu cheiyo smart contract kodhi uye inonyanya kuita mamwe emabasa ayo.

Iyo Intel SGX enclave inogona kufungidzirwa seraibhurari yakagovaniswa ine API inomhanya kuburikidza ne ecall. Ecall inotamisa kutonga kune enclave. Iyo enclave inoita kodhi yayo kudzamara yabuda kana kuti kunze kwaitika. ocall inoshandiswa kudaidza mabasa anotsanangurwa kunze kwe enclave. Ocall inourayiwa kunze kweiyo enclave uye inobatwa senhare isina kuvimbwa nayo. Mushure mekunge ocall yaitwa, kutonga kunodzoserwa kune enclave.
Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?
Muchikamu cheEnclave, chiteshi chakachengeteka chinogadziriswa newebhu sevha, iyo enclave pachayo inoita TLS ruoko neiyo yakananga server uye inoita zvese cryptographic mashandiro mukati. Raibhurari yeTLS (mbedTLS) uye yakaderedzwa HTTP kodhi yakatumirwa kune iyo SGX nharaunda. Zvakare, Enclave ine midzi CA zvitupa (muunganidzwa wezvitupa) kuratidza zvitupa zvemasevha ari kure. Chikumbiro Handler inogamuchira chikumbiro chedatagram muchimiro chakapihwa neEthereum, inoibvisa uye inoiparadzanisa. Zvadaro inogadzira kutengeserana kweEthereum ine datagram yakakumbirwa, inoisaina ne skTC uye inotumira kuRelay.

Chikamu cheRelay chinosanganisira Client Interface, TCP, Blockchain Interface. Iyo Client Interface inodiwa kusimbisa iyo enclave kodhi uye kutaurirana nemutengi. Mutengi anotumira chikumbiro chehuchapupu achishandisa ecall uye anogashira timestamp yakasainwa ne skTC pamwe chete neat (atestation siginecha), yobva yasimbiswa neIntel Attestation Service (IAS), uye chitambi chenguva chinosimbiswa nesevhisi yenguva yakavimbika. Blockchain Interface inosimbisa zvikumbiro zvinouya uye inoisa kutengeserana pa blockchain yekuunza madhatagram. Geth mutengi weEthereum wepamutemo uye anobvumira Relay kupindirana ne blockchain kuburikidza neRPC mafoni.

Kushanda neTEE, TC inokutendera kuti umhanye akati wandei akatevedzana, nekudaro uchiwedzera kumhanya kwekugadzirisa ruzivo nekatatu. Kana paine imwe inomhanya enclave kumhanya kwaive 3 tx/sec, zvino ne 15 parallel running enclaves kukurumidza kunowedzera kusvika 20 tx/sec; kuenzanisa, iyo yakanyanya kumhanya yekushanda muBitcoin blockchain i65 tx/sec.

deco

DECO (Decentralized Oracles for TLS) yakaratidzwa paCCS'20, inoshanda nemasaiti anotsigira kubatana kweTLS. Inovimbisa kuvanzika kwedata uye kutendeseka.
DECO ine TLS inoshandisa symmetric encryption, saka mutengi uye webhu server vane encryption kiyi, uye mutengi anogona kufombera TLS chikamu data kana ichida. Kugadzirisa dambudziko iri, DECO inoshandisa nzira nhatu dzekubata ruoko pakati peprover (smart contract), verifier (oracle) uye web-server (data source).

Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?

Nzira iyo DECO inoshanda ndeyokuti verifier inogamuchira chidimbu che data D uye inosimbisa kune verifier kuti D yakabva kuTLS server S. Rimwe dambudziko nderekuti TLS haina kusaina data uye zvakaoma kuti mutengi weTLS aratidze kuti data yakagamuchirwa kubva kune chaiyo server (provenance yakaoma).

Iyo DECO protocol inoshandisa KEnc uye KMac encryption makiyi. Mutengi anotumira chikumbiro Q kune sevha yewebhu, mhinduro kubva kuseva R inouya nenzira yakavharidzirwa, asi mutengi uye sevha ndeyayo KMac imwe chete, uye mutengi anogona kubhaiza meseji yeTLS. Mhinduro yeDECO ndeye "kuvanza" iyo KMac kubva kumutengi (prover) kudzamara yapindura chikumbiro. Ikozvino KMac yakakamurwa pakati peprover uye verifier - KpMac uye KvMac. Sevha inogamuchira KMac kunyora mhinduro uchishandisa kiyi-chikamu oparesheni KpMac βŠ• KvMac = KMac.

Nekumisikidza nzira nhatu-kubata maoko, dhizaini yedhata pakati pemutengi uye sevha ichaitwa ine chivimbiso chekuchengetedza.
Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?
Paunenge uchitaura nezve decentralized oracle system, munhu haagone kutadza kutaura Chainlink, iyo ine chinangwa chekugadzira iyo decentralized network ye oracle node inoenderana neEthereum, Bitcoin uye Hyperledger, uchifunga nezve modularity: chikamu chimwe nechimwe chehurongwa chinogona kuvandudzwa. Panguva imwecheteyo, kuve nechokwadi chekuchengetedza, Chainlink inopa imwe neimwe oracle inotora chikamu mubasa kuti ibudise musanganiswa wemakiyi (paruzhinji uye akavanzika). Iyo yakavanzika kiyi inoshandiswa kugadzira chikamu siginecha ine sarudzo yavo kuchikumbiro chedata. Kuti uwane mhinduro, zvinodikanwa kusanganisa ese masaini masiginecha etiweki zvirevo.

Chainlink inoronga kuitisa yekutanga PoC DECO ine tarisiro pane yakatemerwa mari yekushandisa seMixicles. Panguva yekunyora, nhau dzakabuda paForbes kuti Chainlink akawana DECO kubva kuCornell University.

Kurwiswa kwezvirevo

Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?

Kubva pakuona kwekuchengetedza ruzivo, kurwiswa kunotevera kuTown Crier kwakatariswa:

  1. Rogue smart-contact kodhi jekiseni pane TEE node.
    Iwo musimboti wekurwiswa: kuendesa nemaune smart kontrakiti kodhi kuTEE, saka, munhu anorwisa akawana mukana kune node achakwanisa kuita yake (yehunyengeri) chibvumirano chakangwara pane iyo data yakadzvanywa. Nekudaro, kukosha kwekudzoka kunozovharirwa nekiyi yakavanzika, uye nzira chete yekuwana data rakadaro ndeyekuburitsa ciphertext pakudzoka/kubuda.
    Dziviriro pakurwiswa uku kunosanganisira enclave inotarisa iko kurongeka kwekodhi iri pane kero iripo. Izvi zvinogona kuwanikwa uchishandisa kero yekero apo kero yekontrakiti inotemwa nehashing kodhi yekondirakiti.

  2. Contract state ciphertext inochinja yadeuka.
    Iwo musimboti wekurwiswa: Varidzi venzvimbo panoitwa zvibvumirano zvine hungwaru vanogona kuwana chibvumirano chenyika mune yakavanzika fomu kunze kweiyo enclave. Anorwisa, awana kutonga kwenode, anogona kuenzanisa mamiriro ekusangana pamberi uye mushure mekutengeserana uye anogona kuona kuti ndedzipi nharo dzakapinzwa uye kuti ndeipi nzira yakangwara yekontrakiti yakashandiswa, sezvo iyo smart contract code pachayo uye nehunyanzvi hwayo hunowanikwa pachena.
    Dziviriro mukuona kuvimbika kweiyo node pachayo.

  3. Side-channel kurwisa.
    Yakakosha mhando yekurwisa iyo inoshandisa yekutarisa enclave memory uye cache kuwana mune dzakasiyana siyana mamiriro. Muenzaniso wekurwiswa kwakadaro ndiPrime uye Probe.
    Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?
    Attack order:

    • t0: Anorwisa anozadza iyo yese data cache yeabatwa maitiro.
    • t1: Munhu akabatwa anoita kodhi ine ndangariro yekuwana inotsamira pane yakavanzika data yemunhu akabatwa (cryptographic makiyi). Iyo cache mutsara inosarudzwa zvichienderana neiyo keybit kukosha. Mumuenzaniso mumufananidzo, keybit = 0 uye kero X mumutsetse we cache 2. Iyo data yakachengetwa mu X inotakurwa mu cache, ichibvisa iyo data yaivepo kare.
    • t2: Anorwisa anotarisa kuti ndeipi yemitsara yake ye cache yakadzingwa-mitsetse inoshandiswa nemunhu akabatwa. Izvi zvinoitwa nekuyera nguva yekupinda. Nekudzokorora kuvhiya uku kune yega kiyibhiti, anorwisa anowana kiyi yese.

Attack Dziviriro: Intel SGX ine dziviriro kubva padivi-chiteshi kurwiswa kunodzivirira kutariswa kwezviitiko zvine chekuita necache, asi kurwiswa kwePrime neProbe kucharamba kuchishanda nekuti anorwisa anotarisisa zviitiko zvecache zvemaitiro ake uye anogovera cache nemunhu akabatwa.
Town Crier vs DECO: ndeipi oracle yekushandisa mu blockchain?
Nokudaro, panguva ino hapana kudzivirirwa kwakavimbika pakurwisa uku.

Kurwiswa kwakadai seSpecter uye Foreshadow (L1TF), yakafanana nePrime uye Probe, inozivikanwa zvakare. Ivo vanokutendera kuti uverenge data kubva kucache memory kuburikidza neyechitatu-bato chiteshi. Dziviriro kubva panjodzi yeSpecter-v2 inopihwa, iyo inoshanda ichipokana nekuviri kwekurwiswa uku.

Nezve DECO, iyo nzira-nhatu kubata ruoko kunopa vimbiso yekuchengetedza:

  1. Prover Kuvimbika: Chirevo chakabirwa hachigone kunyepera ruzivo rwekutanga server uye hachigone kuita kuti sevha igamuchire zvikumbiro zvisiri izvo kana kupindura zvisizvo kuzvikumbiro zvinoshanda. Izvi zvinoitwa kuburikidza nekukumbira maitiro pakati pe server uye prover.
  2. Verifier Kutendeseka: Muongorori akabirwa haagone kuita kuti prover igamuchire mhinduro dzisiridzo.
  3. Kuvanzika: Iyo yakavharwa verifier inoongorora chete ruzivo rweruzhinji (chikumbiro, zita reseva).

MuDECO, chete njodzi yejekiseni yetraffic inogoneka. Kutanga, nekubata-maoko-matatu, mutsigiri anogona kumisa kuzivikanwa kwesevha uchishandisa nonce nyowani. Nekudaro, mushure mekubata ruoko, mutsigiri anofanira kuvimba netiweki layer zviratidzo (IP kero). Saka, kutaurirana pakati peverifier neserver kunofanirwa kuchengetedzwa kubva kujekiseni remotokari. Izvi zvinowanikwa nekushandisa Proxy.

Kuenzanisa kwezvirevo

Town Crier yakavakirwa pakushanda neyakavharirwa muchikamu cheseva, nepo DECO ichikubvumidza kuti uone chokwadi chekwakabva data uchishandisa nzira nhatu-kubata ruoko uye encryption yedata ine cryptographic kiyi. Kuenzanisa kwezvirevo izvi kwakaitwa maererano nemaitiro anotevera: kushanda, kuchengeteka, mari uye kushanda.

Town Crier
deco

performance
Nekukurumidza (0.6s kusvika kupera)
Zvishoma (10.50s kupedzisa protocol)

kuchengeteka
Kusachengeteka zvishoma
Yakachengeteka zvakanyanya

mutengo
Zvinodhura
Yakachipa

kuita
Inoda yakakosha hardware
Inoshanda nechero server inotsigira TLS

Performance: Kuti ushande neDECO, kubatwa kwemaoko-matatu kunodiwa, kana kugadzirisa kuburikidza neLAN kunotora 0.37 seconds, nokuda kwekubatana mushure mokunge kubatanidzwa kwasimbiswa, 2PC-HMAC inoshanda (0,13 s per kunyora). Kuita kweDECO kunoenderana neanowanikwa TLS cipher suites, saizi yedata rakavanzika, uye kuoma kwehumbowo hweimwe application. Kushandisa iyo bhinari sarudzo application kubva kuIC3 semuenzaniso: kuzadzisa iyo protocol kuburikidza neLAN kunotora anenge 10,50 masekondi. Kana tichienzanisa, Town Crier inotora angangoita 0,6 masekonzi kupedzisa application yakafanana, inove yakapetwa kamakumi maviri nekukurumidza kupfuura DECO. Zvinhu zvese zvakaenzana, TC ichakurumidza.

Chengetedzo: Kurwiswa kweIntel SGX enclave (parutivi-chiteshi kurwisa) inoshanda uye inogona kukonzera kukuvadzwa chaiko kune vatori vechikamu chechibvumirano che smart. Nezve DECO, kurwiswa kune chekuita nejekiseni remigwagwa kunogoneka, asi kushandisa proxy kunoderedza kurwiswa kwakadaro pasina. Naizvozvo DECO yakachengeteka.

mari: Mutengo wemidziyo inotsigira Intel SGX wakakwira kupfuura mutengo wekumisikidza protocol muDECO. Ndosaka TC ichidhura.

Practicality: Kushanda neTown Crier, yakakosha michina inotsigira TEE inodiwa. Semuenzaniso, Intel SGX inotsigirwa pane 6th chizvarwa Intel Core processor mhuri uye gare gare. DECO inokutendera kuti ushande nechero mudziyo, kunyangwe paine DECO kuseta uchishandisa TEE. Zvinoenderana nemaitiro ekuseta, kubatwa maoko kweDECO-nzira nhatu kunogona kutora nguva, asi ichi hachisi chinhu kana chichienzaniswa nekudzikiswa kwehardware kweTC, saka DECO inonyanya kushanda.

mhedziso

Tichitarisa zvirevo zviviri zvakasiyana uye tichizvienzanisa pamatanho mana, zviri pachena kuti Town Crier yakaderera kune DECO pamapoinzi matatu kubva mana. DECO inonyanya kuvimbika kubva kune ruzivo rwekuchengetedza ruzivo, yakachipa uye inoshanda zvakanyanya, kunyangwe kumisikidza-mapato matatu protocol inogona kutora nguva uye ine zvipingamupinyi zvayo, semuenzaniso, mamwe mashandiro ane encryption kiyi. TC inokurumidza kupfuura DECO, asi kudivi-chiteshi kurwisa kusadzivirirwa kunoita kuti ive nyore kurasikirwa nekuvanzika. Izvo zvinofanirwa kuverengerwa kuti DECO yakaunzwa muna Ndira 2020, uye hapana nguva yakakwana yapfuura yekufunga kuti yakachengeteka. Town Crier yanga ichirwiswa kwemakore mana uye yapfuura nemiedzo yakawanda, saka kushandiswa kwayo mumapurojekiti mazhinji kwakakodzera.

Source: www.habr.com

Voeg