Unitalk with Sami Maleka of Truebit: the Marketplace for Verifiable Computation
Originally posted on 14, Dec. 2018.
Ethereum is known as a distributed global computer using blockchain technology. Developers can upload code onto the blockchain, and the miners work together to ensure the correctness of the results. Developers need to pay a certain amount of Ethereum as a reward, called gas. Ethereum guarantees the correct implementation of smart contracts through the method of network-wide verification. It guarantees security, but it requires a lot of computation, and the price of gas is high.
TrueBit is one of the solutions for the expansion of the blockchain chain. It was originally designed to solve the gas restrictions of the Ethereum smart contract.
The basic principle of TrueBit is: users upload the code that they need to execut;, an outsourcer (Solver) executes and earns commissions; others (Verifier) supervises the correctness of code execution. Ethereum uses smart contracts as the ultimate arbitration, to award the good punish the evil. In the vast majority of cases, Sovler will execute the code honestly and provide the correct results. The nodes on the chain do not need to be fully verified, which greatly reduces the computational burden on the chain and saves the user’s consumption of gas.
Nice having you with us, Sami! Can you introduce yourself and Truebit first?
Hello! I’m Sami, and I’m developer at Truebit. Truebit is a protocol for verifiable computation on blockchain, more precisely Ethereum for now.
What is Truebit’s modular system composed of?
Smart contracts: incentive layer for handling the incentives that are needed to ensure that the system has enough participants, a contract for handling the interactive verification game, and finally a contract that can execute one step of code onchain (called judge contract)
Offchain interpreter that can be used to compute the results, intermediate states that are needed in the verification game and also the merkle proofs that are needed by the judge contract. JIT can be used to speed things up (work in progress)
The client software that combines these two pieces.
Also there is a runtime and a tool to link it to wasm modules that are generated by emscripten, so that syscalls for file access can be used for input and output.
The participants of the system are called solvers and verifiers. Solver is a participant that proposes a solution to the computation, and verifiers can challenge that solution if they disagree.
How does a dApp/project interact with Truebit protocol? How to input and output any kind of data with Truebit?
Mostly Truebit will be called from other smart contracts. First piece of input Truebit needs is the program code. The hash of that code is part of the smart contract that uses Truebit, and if the code is invalid or unavailable, that smart contract is not secure.
Then there is the list of “files” that can be used for input and output. They can be stored in IPFS or onchain. If they are not stored onchain, the smart contract has to ensure that they are available, otherwise the smart contract is not secure.
Why did you choose WASM? What kind of programming languages does Truebit support?
WebAssembly has good compiler support and also it has good JITs.
Currently Truebit supports C/C++ and Rust, but any language that can be compiled to WASM should work. Note that LLVM has a WASM backend that can be used for many languages.
The current version of WASM is intended for languages without GC, but in future that might be supported, and the GC can perhaps be implemented in the runtime anyway.
What is the “Verifier’s Dilemma”? How does Truebit deal with the dilemma?
Verifier’s Dilemma means that if blockchain nodes have to perform expensive computations to check the blocks, they might not have incentives to run the node, or they might just skip those computations.
In Truebit, only a small part of participants have to perform the expensive computations so they can be rewarded enough.
What is Truebit’s “Verification Game”? Can you explain it in real-world analogy?
If a solver and a verifier disagree on the result of a computation, they can use interactive verification to find a step where they disagree. So they agree on the state of computation on one step but disagree on the next step. This basically works the same way as a guessing game, where participant A selects a number from one to million, and another tries to guess what it is, and A tells if the guess is smaller or larger than the number she selected. If the guesses are done systematically, the clearly the game takes a logarithmic time.
I learned that Solvers and Verifiers have to pay a certain amount of deposit when they are working on the code. How much should they pay? What’s the proportion?
Solver and verifier pay the same deposit, it should be enough to cover the Ethereum gas cost of the verification game. Part of the deposit should be burned so that participants won’t just use it to transfer funds. Also if the solver doesn’t post the promised result, there will be a timeout and the deposit will be slashed. Part of the deposit may be given to the task giver as compensation for delays.
Perhaps there could be another deposit that is made by the solver, it could be used to give instant finality to the result.
How does the judge pinpoint where the disgreement between the Solver and Verifier lies?
Solver and verifier use the verification game to find out where the disagreement is. Solver can then execute that step with the judge contract to prove that it was performed correctly.
What is “forced error” mechanism? How is it implemented?
It is a form of probabilistic payment, where solver might periodically post wrong solutions to ensure that the verifiers are “awake”. The solver will commit to a random value, and then this will be combined with a blockhash to determine whether the solver should post the “forced error”. The verifiers that detect this error will get the “jackpot”, but this isn’t any huge value, just large enough so that it makes sense to transfer it onchain.
Have you visited China and what’s your outlook on China’s role in Web 3 revolution?
Only once, and it was over 10 years ago, so I don’t have any first hand experience to base my outlook on. Probably China has the most resources to develop Web3 further.
Is it possible that the solver and verifier work together just to get the reward? For example, the solver make an error on purpose and notify the verifier about it?
If the solver makes an error, and verifier challenges, verifier would only get the reward from the deposit of the solver to cover the cost of verification game.
What are the use cases of Truebit?
Well, the basic use case is to get rid of the gas limit in Ethereum. One application people are currently working on are Livepeer, they want to use Truebit for verification of video transcoding. Also there are cryptographic primitives like bulletproofs that people are working on, they cannot currently be executed in Ethereum.
What’s the difference between Truebit and Golem? What’s your advantage?
Truebit is intended for performing deterministic tasks, the advantage is that only one honest participant is needed to ensure correctness then.
How do you guarantee effective data storage?
Truebit doesn’t have a data storage solution (except for storing it onchain), but in principle, Truebit can use any data storage that provides content hashes, like Filecoin, Swarm, shards. Currently there is a support for loading data from IPFS, but there is no way to guarantee data availability.
How do you know that there will be someone who will take you to the court?”
Most of the task reward will be distributed to verifiers, so that gives an incentive to perform that. But there are some issues, for example somehow sibyl attacks must be prevented so that one participant cannot send many verifications and then get too large part of the reward.
How do I actually submit a task to Truebit to be solved?
Smart contracts can submit a task by just calling the main Truebit contract with the program code and input for the task. Truebit will then call back to that contract to give the result.
[The copyright of this article belongs to Unitimes. Please contact us at firstname.lastname@example.org if you want to repost the article. Opinions expressed by contributors belong to themselves.]