MPT (Merkle Patricia Tree) 的疑问

注意有两种key.

state trie保存world state, key是账户地址,value是账户内容, i.e. {nonce, balance, code, storage}.

账户地址是20bytes的字符串, 每个bytes有8个bits, 4个bits称为nibble, 因此一个state trie key由40个nibbles组成,nibble的取值范围是[0, 16). 一个普通的tree node里面保存的,可以理解为nibble->子节点的对应关系。以一个nibble作为key, 取到的value是子节点的hash指针(=子节点rlp后的sha3),由此走到下一个节点。如果该子节点是叶子节点,value是account rlp的sha3 hash.

因为nibble有16种可能的取值,所以ethereum MPT实际上是radix=16的radix tree, 这是一个优化。ethereum MPT还优化了”孤枝“的情况,即某个branch很长,但是只有叶子节点,这个时候就可以把中间的一段给压缩为所谓的扩展节点。这是第二个优化。

关于 ETC

要在分叉上(classic)进行操作的朋友请注意,在分叉上操作之前最好先进行以下任意一步:

a) 在主链(ETH)上将币转移一次(接下来必须立即进行分叉上的操作,两步之间时间越短越安全)
b) 利用Vitalik提供的防止replay attack的合约进行一次转账 (绝对安全)

以防止自己在分叉上的操作被replay,影响主链上的资金安全。

The DAO 合约攻击信息汇总

原文:https://www.reddit.com/r/ethereum/comments/4oithy/a_too_big_to_fail_political_hard_fork_is_very/

A "too big to fail" political hard fork is very risky and could significantly hurt Ethereum beyond what TheDAO losses will cause.

Submitted 4 hours ago * by Rune4444

"大而不倒"的政治性的硬分叉非常危险,可能会对以太坊造成比TheDAO的损失更大的伤害

Setting the precedent of an ETH balance altering hard fork due to a Too Big To Fail fuck-up could permanently ruin Ethereums reputation, and cause competitors such as rootstock to take over Ethereum projects and users that don't want to be at receiving end of future political hard forks. Easiest way for me to illustrate this argument is: what happens if a government asks the foundation for "terrorist funds" to be seized or want a hard fork to seize funds by someone who hasn't paid their taxes?

因为“大而不倒”的原因而开一个修改以太币账户余额的先例可能会永久摧毁以太坊的声誉,类似rootstock的竞争者也许会借此机会超越以太坊,吸收不同意这个决定的用户。对此一个最简单的解释是:要是将来政府请求基金会锁住恐怖分子或是逃税犯的钱,改怎么处理呢?

I believe the best approach is to allow miners and exchanges to unilaterally censor transactions involving the ETH that has been stolen - with wide adoption this would effectively permanently lock up the ETH and ensure the attacker doesn't earn any money from their crimes, as well as preventing the ETH price from tanking due to the attacker dumping the stolen ETH.

我认为最佳的方案是让矿工和交易所针对性的处理与被盗以太币相关的交易 - 如果得到广泛支持这实际上永久性的锁住了这些以太币,保证攻击者不可能从他们的犯罪行为获得任何收益,同时又避免了由于攻击者抛售导致的以太币价格暴跌。

I am convinced it will be entirely impossible to push through a controversial hard fork to bail out the DAO and if it does happen it will split the community and destroy the value proposition of the current Ethereum blockchain.

我相信一个兜底The DAO的充满争议的硬分叉提案几乎不可能通过,如果通过我们的社区将会分裂,以太坊的价值主张将被摧毁。

Edit: I support the soft fork as proposed by vitalik here, it is the best middle way and the best way to prevent a hard fork from happening as it should be enough to remove the only legitimate argument for why a hard fork would benefit ethereum (prevent attacker from dumping ETH).

更新:我支持vitalik在这里提出的软分叉,这是最好的中间方案,也是阻止硬分叉最好的方法,因为它足够化解支持硬分叉的唯一有效理由(阻止攻击者抛售以太币)。

The DAO 合约攻击信息汇总

原文: https://www.reddit.com/r/ethereum/comments/4oj7ql/personal_statement_regarding_the_fork/

Personal statement regarding the fork

以太坊创始人Vitalik对分叉的一点个人看法

vbuterin on reddit

I personally believe that the soft fork that has been proposed to lock up the ether inside the DAO to block the attack is, on balance, a good idea, and I personally, on balance, support it, and I support the fork being developed and encourage miners to upgrade to a client version that supports the fork. That said, I recognize that there are very heavy arguments on both sides, and that either direction would have seen very heavy opposition; I personally had many messages in the hour after the fork advising me on courses of action and, at the time, a substantial majority lay in favor of taking positive action. The fortunate fact that an actual rollback of transactions that would have substantially inconvenienced users and exchanges was not necessary further weighed in that direction. Many others, including inside the foundation, find the balance of arguments laying in the other direction; I will not attempt to prevent or discourage them from speaking their minds including in public forums, or even from lobbying miners to resist the soft fork. I steadfastly refuse to villify anyone who is taking the opposite side from me on this particular issue.

我个人认为通过软分叉将以太币锁定在The DAO里面以阻止攻击的提议,从平衡的角度看,是个不错的主意,而我个人,也从平衡的角度,支持这个提议,我支持这个分叉的开发工作,支持矿工到时候升级客户端来支持这个分叉。然而我也认识到大家对这个提议有激烈的争论,无论哪一方的观点都有强力的反对。在事情发生后的一个小时里我收到了大量的消息希望我能有所行动,其中绝大部分希望能看到积极的行动。所幸的是我们不需要回滚交易,不会对用户和交易所造成不便,这更使我倾向于采取行动的一方。也有许多人,包括在基金会内部,倾向于另外一方。我不会阻止也不会反对另一方在公开场合宣传他们的观点,甚至是游说矿工来抵制这个软分叉。在这件事情上我会坚决的不与任何站在相对我另一方的人争辩。

Miners also have a choice in this regard in the pro-fork direction: ethcore's Parity client has implemented a pull request for the soft fork already, and miners are free to download and run it. We need more client diversity in any case; that is how we secure the network's ongoing decentralization, not by means of a centralized individual or company or foundation unilaterally deciding to adhere or not adhere to particular political principles.

矿工如果支持这个分叉,现在就有个选择:ethcore团队已经在Parity客户端里面实现了一个软分叉,矿工可以自由下载和运行。无论如何更多样化的客户端都是好事,这是我们保证网络安全运行的方法,不依靠任何中心化的个人或者公司或者基金会单方面的决定支持那一种观点。

The DAO 合约攻击信息汇总

CRITICAL UPDATE Re: DAO Vulnerability

紧急状态更新:关于DAO的漏洞

Posted by Vitalik Buterin on June 17th, 2016.

Vitalik Buterin on 2016/6/17

原文编译如下:

The DAO目前正遭受攻击,攻击者正在一点一点的把The DAO保管的以太币转向一个child DAO. 攻击者利用的是一个递归调用的漏洞,通过在The DAO的split方法执行过程中再触发split, 在一个交易过程中支取多次以太币。

从The DAO中漏走的币现在留在这个地址: https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490 。即使目前不采取任何措施,攻击者在27天之内也无法取走这些币。

这个漏洞只影响The DAO, 以太坊本身是完全安全的。

开发者社区正在提议进行一次软分叉。不会有回滚,不会有任何交易或者区块被撤销。软分叉将从块高度1760000开始把任何与The DAO和child DAO相关的交易认做无效交易,以此阻止攻击者在27天之后提走被盗的以太币。这之后会有一次硬分叉将以太币找回。

矿工和矿池应该照常处理交易,等待软分叉的更新。如果同意进行软分叉应在代码释出后尽快升级。The DAO token的持有者和以太币的持有者请保持冷静。交易所可以照常交易以太币。

原文链接:https://blog.ethereum.org/2016/06/17/critical-update-re-dao-vulnerability/

双层智能合约的讨论

对于非App node来说,只能做到保证整个消息格式正确,如果它还关心内容正确,只有执行一遍才行。

双层智能合约的讨论

我相信某些场景下这么做是可以的,实际上是一种折衷:

(independent message, independent interpreter) -> (agreed message, independent interpreter) -> (agreed message, agreed interpreter)

自然就会有这样的问题:有两个app,功能完全相同,由不同的两组人维护。现在你做了第三个app, 要选一个使用,怎么选呢?做一些调查,最后选择“相信”某一组人。如果这一组人作恶,再切换到另外一个app。

这样的synergy成本自然要比对执行也进行共识的成本高。对于公有链来说,我还是倾向于agree on both.

这种情况下只要你得到了大家公认的 REPLY, REPLY 里面的东西在各节点内部是咋出来的,你为何还需要关心呢?

reply里面的东西不是大家公认的。大家公认的只是这个reply*格式正确,内容*没有共识。

类似陪审团, 每个人作出的决策的原因我们不关心,只要大部分人判决 有罪 或者 无罪, 就OK了

区别:陪审团是通过大家认可的机制选出来的,app的运行者不是。一个app的执行结果不是大家公认的。如果app的运行者也通过共识产生,其实就变成DAO了。而DAO也需要一个基础,这个基础应该是(agreed message, agreed interpreter).

双层智能合约的讨论

只对message进行共识应该就是vitalik所说的“双层”结构。消息和执行是两个事物,只对消息进行共识保证不了app state的一致性,因为同一条消息的执行结果,不同的app可以有不同的意见。

我觉得synergy存在于很多地方,包括微服务里面,但是blockchain上的synergy有自己的特点:产生synergy的各方之间无需信任。对比微服务,都是自家做的,信任是天然的。

ps. GEB一书对此有深刻的分析:“意义”是数据和解释器共同作用的结果,仅仅“数据”是没有意义的。自然语言也仅仅在人脑中有意义,在不同的人脑中有不同的意义。

双层智能合约的讨论

看原文可能会清晰一点:

In particular, note that synergy is arguably one of the key distinguishing factors between Ethereum and so-
called "two-layer" attempts at blockchain-based smart contracts (eg. the now-discontinued Codius), that try
to treat the blockchain as purely a layer for keeping track of asset ownership (or even an even "dumber" pure
data layer) and ask each individual application to separately process smart contracts either through multi-
signature "notaries" or through users individually processing the blockchain and "interpreting" the result; a
design goal of synergy requires applications to agree on a common source of correctness for the result of
smart contracts that everyone agrees is secure, and so it simply makes economic sense to introduce such a
mechanism at protocol level and incentivize it as part of the consensus algorithm as a public good.

synergy要求contract之间相互认可计算结果,如果在协议里面把执行这块做了,能更好的利用已经存在于共识里面的激励设计。

但这样做仅仅是"makes economic sense", 不一定是最优的做法。就好像DAO和共识是两层分别有自己的激励设计一样,执行和共识自然也可以,对于不同的场景需要不同的考虑,需要设计者来权衡。

个人觉得单层的区块链也可以实现 SYNERGY, 而且封装性更好,是不是可以这样说?

没看懂这里的单层指的是?相对于codius来说ethereum算不算单层的?