Dr. Christian Reitwiessner
@ethchris github.com/chriseth firstname.lastname@example.org
Ethereum Meetup Berlin - 2016-06-20
How does an Ethereum Smart Contract
All these operations need access to the "external world" or are very expensive.
Cooperation with Loi Luu (U. Singapore) and Jason Teutsch (U. Alabama), based on "How to verify computation with a rational network".
Interactive verification mechanism proposed by Canetti, Riva, Rothblum: "Practical delegation of computation using multiple servers", 2011
Make this work on a blockchain by adding economic incentives.
Task Giver provides fee, Solvers provide deposit and get rewards. Deposit is slashed if fraud is detected. Many parallels to Casper proof of stake.
Due to incentives, verification game will only be played in case of an attack. Attack is only successful if all attackers join forces. A single honest (and uncensored) actor can prevent any attack (51% attack → 100% attack).
If there is disagreement, verification game starts:
1 hour of computation on 4 GHz processor: 14400000000000 = 14.4 * 1012 steps
If all agree: Almost no strain on the chain
Disagreement: Cheater found in 10 rounds with 640 bytes messages
Commitment to root hashes plus evaluation of single step only on-chain actions.
Behaviour even better on large pre-Merkelized data (blockchain, data from swarm, ...)