TrueBit - How to Fool a Blockchain

Ethereum
Turing-Complete World Computer

• verify Solidity source code!
• analyze the stock market!
• verify state transitions in private chains!
• evaluate neural networks!
• improve their own code!
• do fully-homomorphic privacy-preserving elliptic curve zkSNARK mixer stuff!

TrueBit - the Verification Game

Cooperation with Loi Luu and Jason Teutsch, based on "How to verify computation with a rational network".

Interactive verification mechanism proposed by Canetti, Riva, Rothblum: "Practical delegation of computation using multiple servers", 2011

Similar trust level as on-chain execution at fragment of costs.

Numbers

1 hour of computation on 4 GHz processor:
14400000000000 = 14.4 * 10¹² steps
If all agree: Almost no strain on the chain
Disagreement: Cheater found in 10 rounds with 640 bytes messages
Commitment to root hashes plus evaluation of single step only on-chain actions.

Behaviour even better on large pre-Merkelized data (blockchain, data from swarm, ...)