-
Notifications
You must be signed in to change notification settings - Fork 35
Evaluate including state roots in the L1Block predeploy #110
Comments
The commitment doesn't have to be exactly the block-hash or state-root, as long as the fault proof can determine the final output. We could post the hash of the block-hash and state-root, to make either one of these simple and efficient to access (only provide 32 byte witness, instead of full header). Generalizing this: we can post SSZ hash-tree-roots of typed data. Eth2 already defines a SSZ format for The format is efficient and well-defined, there are implementations in many languages, and it integrates nicely with other merkle-proofs of the beacon-state that we might see after The Merge. More about SSZ: it defines both encoding/decoding, as well as merkleization, for typed data-structures. The merkleization is a simple binary tree shape. More resources:
And many many implemenations: ethereum/consensus-specs#2138 (2 of which I actively maintain) |
@protolambda Sounds great! Is there a Solidity library for SSZ proofs? I think if we go with this and it doesn't exist, we'll need to commit to make such a library available. |
@norswap no solidity library yet, although there is a multi-proof format that early light client implementations use (lodestar, and teku as server I believe). The multi-proof format is simple:
All subtree-sizes at any position can be determined by subtracting the left from the parent to get the right. Navigation through the proof is More realistically though, most contracts only need specific data, and would just hardcode the specific proof decoding and not need any offsets (the tree shape is statically defined based on the type). We could also define a SSZ type like:
So e.g. your solidity might end up looking like Or In this tree-encoding you basically collapse (just present the hash) all nodes that serve as witness or value, and expand every node that has children. SSZ uses SHA-256. Some of the libraries can easily swap for KECCAK-256, but we could also just use the SHA-256 precompile to compute the merkled form. You can find more merkle tree proofs/types/background/etc from ETH2 here: https://github.com/protolambda/eth-merkle-trees |
I believe this was lost because it was not linked to the project board, and not critical to the deposit rollup release. Moving this to Tender Loving Care milestone for future consideration of improvement. |
I think we could fairly easily add an extra
_stateRoot
argument to the L1Block.sol contract.Based on community input from here.
This issue is for tracking purposes. Brief comments are welcome below, for long form discussions, please open a Discussion and link back to this issue.
The text was updated successfully, but these errors were encountered: