基于消逝时间量的共识机制(POET)
来⾃于Intel project:Hyperledger Sawtooth,⽬前版本 PoET 1.0
PoET 其实是属于Nakamoto connus的⼀种,利⽤“可信执⾏环境”来提⾼当前解决⽅案(如⼯作证明)的效率。发布到Hyperledger 的PoET的初始参考实现是为抽象TEE编写的,以使其对任何TEE实现都保持灵活性。
PoET stochastically elects individual peers to execute requests at a given target rate. Individual peers sample an exponentially distributed random variable and wait for an amount of time dictated by the sample. The peer with the smallest sample wins the election.
红酒兑雪碧For the purpo of achieving distributed connsus efficiently, a good lottery function has veral characteristics:
Fairness: The function should distribute leader election across the broadest possible population of participants.
Investment: The cost of controlling the leader election process should be proportional to the value gained from it.
长江简笔画
Verification: It should be relatively simple for all participants to verify that the leader was legitimately lected.
现使⽤SGX技术构建TEE,using new cure CPU instructions which are becoming widely available in consumer and enterpri processors(现在Intel⾃家的cpu都⽀持了SGX)。PoET us the features to ensure the safety and randomness of the leader election process without requiring the costly investment of power and specialized hardware inherent in most “proof” algorithms. (这也是其卖点,具有proof-bad算法的⾼可扩展性,同时也具有低消耗,较⾼性能)
安然的意思它基于如下⽅式运⾏:
1. Every validator requests a wait time from an enclave (a trusted function).
2. The validator with the shortest wait time for a particular transaction block is elected the leader.
手机壁纸图片个性霸气
3. One function, such as “CreateTimer”, creates a timer for a transaction block that is guaranteed to have been created
by the enclave.
慈溪旅游景点4. Another function, such as “CheckTimer”, verifies that the timer was created by the enclave. If the timer has expired,
this function creates an attestation that can be ud to verify that validator did wait the allotted time before claiming the leadership role.保佑一切顺利的图片
The PoET leader election algorithm meets the criteria for a good lottery algorithm. 分布类似于其他彩票算法提供的分配。选举的概率与所贡献的资源成⽐例(在这种情况下,资源是具有可信执⾏环境的通⽤处理器)。An attestation of execution provides information for verifying that the certificate was created within the enclave (and that the validator waited the allotted time). Further, the low cost of participation increas the likelihood that the population of validators will be large, increasing the robustness of the connsus algorithm.
----------------------------------------------------
enclave:其实是SGX中的术语,A protected area in an application’s address space which provides confidentiality and integrity even in the prence of privileged malware.
PPK, PSK:PoET ECC public and private key created by the PoET enclave.
华为手机找回
关键的函数:
语言课
这⾥有三种情况:如果当前SGX安全时间⽐waitTimer中的时间要⼩,那么还没有到时间;如果⽐这个时间加Twt要⼤,那么该waiTimer失效了,过期(所以只能在Twt时间内处理);如果在区间内,则⽣成认证,并且置全局变量
WaitTimer activeWT 为NULL,该变量标识是否有可⽤的waitTimer对象
阶段:Sign-up Pha(包括client side 和 rver side):A validator has to wait for block to be published on the distributed ledger before participating in an election.
阶段:Election Pha:
客户端开启,从disk中调取密封的数据解密封,然后调⽤createWaitTimer函数,等待函数产⽣的duration时间,到了后及时调⽤creatWaitCertification函数,产⽣waitCertificate,将(waitCertificate, signature, block, OPK, PPK) ⼴播出去。其它的rver验证这些tuples,最后从所有合法的waitcertificate中找最⼩的duration为选举成功者。
(验证的过程中,好⼏点没看懂??还有,验证enclave产⽣的证书时,是在验证者的enclave中验证,还是在外部验证?)
安全考虑:设置Twt的⽬的是强制执⾏此约束以避免在⼀段时间内没有事务构建块的情况下,⼏个验
证程序在等待WaitTimers的持续时间后可能会保留,并且只有在有⾜够的事务可⽤时才⽣成WaitCertificate。在这⼀点上,他们都会发出他们的WaitCertificates,产⽣⼤量流量并可能导致分叉。超时缓解了这个问题。
关于 Multi-ur or Multi-ledger SGX Enclave Service:通过将⽤户名和分类帐输⼊参数设置为generateSignUpData()和unalSignUpData(),可以为多个⽤户或分类帐使⽤相同的包围区。 然后将注册元组(⽤户名,分类帐,PPK,PSK,MCID)密封到磁盘,⽤户名和分类帐⽤于⽣成⽂件名。 只要⽤户对服务进⾏⾝份验证,后者就可以将安全区解封,并使⽤与该⽤户(和分类帐)对应的⽂件中的注册元组。
