New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide hints for implementing a backend for a minimized version of Solidity #1
Comments
I'll extend the example to coincide with the example given on Discord of a trustless on-chain lookup into an off-chain database, since that appears to be one minimal example (in the sense of understanding, rather than implementation). Perhaps then another minimal example (in the sense of implementation) could also be made. @MichaelRiabzev-StarkWare wrote on Discord:
There are two definitions for I assume that contract Contract {
function verify(bytecode proof, uint256 db_hash, uint256 key, uint256 value) public {
if (proof(db_hash, key, value)) {
...;
} else {
REVERT;
}
}
} Given my interpretation, it seems to me that a "Solidity -> Cairo" back-end would actually need to generate EVM code at some point for this on-chain verifier. Isn't there a "... -> Solidity/EVM" component here at which the "I know a Cairo program ..." I think a high-level description of the pipeline would help me here. |
The proof is not an EVM bytecode at all, it is a STARK proof (academic paper:https://eprint.iacr.org/2018/046.pdf , lighter medium posts describing it: https://medium.com/starkware/tagged/stark-math). At a high level, a STARK proof attests to the knowledge of a valid execution trace, given some boundary constraints. For the case of Cairo we prove there is knowledge of a valid Cairo (architecture) trace, and the boundary constraints are:
Now, we will see how does the proof looks like (simplified). This explanation mostly focus on what a STARK proof is, and not as much on the higher flow, but I hope it does shed some light, does it help? |
Not really. What does a |
The shortest answer: we just published a related blog post: https://www.cairo-lang.org/cairo-for-blockchain-developers The short answer: The long answer: contract Puzzle {
function puzzle(solution, ERC20 coin) public {
if (is_valid_solution(solution)) {
coin.transfer(caller, 1);
}
}
} When the verification of a solution is a short computation, as described before ( On the other hand, we can implement the same logic in Cairo as well. We can use it to generate a proof, and verify the proof instead (simplified for the sake of clarity, more details in the blogpost). This would make us to change the contract to be something like this: contract Puzzle {
function puzzle(solution, proof, ERC20 coin) public {
if (is_valid_solution(solution, proof)) {
coin.transfer(caller, 1);
}
}
} Where This, of course, does not allow one to send funds directly on Ethereum, so how does StarkWare scalable exchange (L2) solution look like? It is very similar to common banks - the Cairo never changes actual asset ownership, only balance records (just like bank transfers don't make the bank employees move around cases full of dollars from one account to another). contract MyExchange {
function update_state(new_state_hash, proof) public {
if (is_valid_state_update(current_state_hash, new_state_hash, proof)) {
current_state_hash = new_state_hash;
}
}
} The Cairo program enforces the exchange rules (no creation of money out of thin air, no taking of money belonging to others with no permission, etc), and the proof attests that the new state_root is a valid new state - reached by applying only allowed operation on the previous state. Does this help? |
…server Created grpc server for Cairo run
I'm trying to understand what it means to compile a smart contract language to/through Cairo and still have it execute.
To get the ball rolling, here is a minimized variant of Solidity:
If I were to just compile this into EVM, I'd eventually have a
CALL
opcode that is triggered by some logic.Questions:
CALL
?Is it only a portion of the code that gets compiled to Cairo? Or is EVM eventually produced by Cairo?
The text was updated successfully, but these errors were encountered: