11 posts tagged with "protocol"

Agenda: Discord thread

CAP Core team deliberated on the proposed CAPs:

1. Addition of a constructor to Soroban's flavor of Rust. CAP
   1. Team's concern was about potential break in compatibility, which Dima had addressed. There were no further concerns.
2. Addition of BLS12-381 curve and required field arithmetics - CAP
   1. Team's concern was about providing functions to check invalid input. It's too computationally expensive to do the check at the contract layer so the it may need to be implemented as a host function. Jay is seeking ecosystem input around use cases that require strict input validation.
   2. There were no further concerns.
3. Increase performance by upgrading Soroban's VM. CAP Discussion
   1. Team's comments were about accuracy of the measurement method but the demonstrated benefits of wall clock time were thought to be promising.
   2. There was a suggestion to expose performance improvements to contract developers thus creating the incentive to optimize contracts to leverage the improvements.
   3. There were no further concerns.

Discord agenda thread

Core Developers discussed the latest proposals to advance Stellar Core in this week's Protocol Meeting.

1. The proposal for addition of a constructor to Soroban’s flavor of Rust was introduced in a previous protocol meeting (previous meeting), documented in CAP-58. A constructor is a function that will only be executed the first time the contract is created.
2. In this meeting, Dima discussed the updates made since the last meeting:
   1. Default constructor - if a constructor is not defined explicitly, the contract is treated as if it has a constructor
   2. Semantics of the return value - if the transactions succeeds, it is required to return a valid value
   3. Constructor interaction with custom accounts - custom accounts must be aware of the context that they are authorizing.
3. Graydon discussed the upgrade to the Wasmi virtual machine, documented in CAP-60. Wasmi works by translating WebAssembly code to to an Internal Representation (IR) and then executing it. The upgrade is impactful in two ways.
   1. Translating from WebAssembly to IR takes longer but the execution of the resulting IR is performant.
   2. The upgrade introduces lazy compilation. Of all functions in a contract, only ones that are called in a given transaction will translated thus reducing both latency and fees.
4. Jay discussed addition of BLS12-381 cryptographic curve, documented in CAP-59.
   1. Addition of pairing-friendly elliptic curves enables zk-based applications. 11 host functions have been added to expose mapping, pairing, and arithmetic on the BLS12-381 curve.
   2. Examples case of BLS signature verification was presented. It consumed 26M instructions (running natively), which is promising given the per-transaction limit is 100M.
   3. There was general agreement that the interface is the right one as it allows a contract developer to implement a wide variety of use cases. Discussion continues in discord.
   4. Jay requested that developers should build applications against the function and give feedback.

A Core Dev, Dima, discussed the proposal to add constructor support to Soroban, Stellar's smart contract system.

Relevant links: Draft CAP, Ongoing discussion, Motivating Discord Thread

Key points discussed:

1. The proposal improves usability of Soroban for contract and SDK developers. A constructor gaurantees contract initialization thus reducing overhead contract code that's usually added to ensure initialization.
2. There was general agreement for the proposal, questions were primarily implementation-focused like whether constructors should handle arguments, what should happen with upgrades, backwards comptability with contract creation functions, and behaviour on wasm update.
3. The high impact topic of naming is put to ecosystem vote, please cast yours here.

1. Garand discussed changes to the State Archival proposal based on feedback received at Meridian 2023. The proposed changes are:

• Previously, a downstream system called the ESS (Expired State Store) would store expired entries. In the new proposal, There is no ESS. All Archived entries, as well as all information required to generate restoration proofs for those entries, is stored directly in the History Archive.
• RPC nodes can generate proofs for archived state during preflight
• Captive-core can be directly queried for archived state, meaning that RPC/Horizon instances can potentially service queries for archival state

2. The draft proposal
3. Ongoing discussion
4. Snapshot size is TBD; it's a function of bucket list size as well as memory and historic demands placed on the RPC.
5. Bloom filters are the likely solution for proof of non-exitance though they come with trade-offs. They enable fast and cheap lookup but are probabilistic not deterministic.
6. Further comments are welcome.

Piyal from Freighter discussed the proposal to standardize the wallet interface. Key points from the discussion are captured below. For full notes, please view the recording; and also refer to the proposal and the post on github discussions.

1. The draft proposal
2. Ongoing discussion
3. Requiring the network passphrase might be uneeded complexity.
4. Both WalletConnect and mobile wallets likely have significant differences than the proposed interface (which is targetted at browser extension wallets); and thus likely require a separate SEP. The said SEPs should be created by teams working on wallet integration with the said platforms.
5. What is the role of the Stellar Wallet Kit in the ecosystem and how does it play with the standard itself?
6. As next steps, Piyal will incorporate the suggestions from the ecosystem into the proposal.

Agenda thread

1. The Standards Working Group proposed changes to the SEP process that empower the ecosystem by making the current process more decentralized and ecosystem-friendly.
2. The process has already been used for several proposals over the last three months.
3. Esteblock from Soroswap shared their journey of participating in the proposal for Asset List (SEP-42) and implementing the proposed standard
4. Discussion continues in the proposal doc.
5. Next step is to get further ecosystem feedback then update the Github SEP repository with the updated SEP process.

Discord agenda thread

1. CAP Core Team deliberated over the latest proposals put forth by the Stellar ecosystem to advance stellar-core.
2. Nicholas and David from the CAP Core Team listened to the following proposals and discussed the proposals with the authors. a. CAP Core team will deliver their vote over email.
3. Proposals discussed:
   a. CAP-51: add support for secp256r1 verification; by @leigh
   b. CAP-53: create separate functions for extending the time-to-live for contract instance and contract code; by @tdep
   c. CAP-54: lower total costs by refining the Soroban cost model used for VM instantiation into multiple separate and more-accurate costs; by @graydon
   d. CAP-55: lower total costs by linking fewer host functions during VM instantiation in Soroban; by @graydon
   e. CAP-56: lower total costs by caching parsed Wasm modules within a Soroban transaction; by @graydon

Discord agenda thread

1. Tommaso (@tdep) proposed a core change to allow for extending instance and code TTL with separate values on the host environment to allow for more cost-efficient designs a. Proposal and discussion are captured in github discussions stellar-core#1447
2. Tommaso receieved feedback on the proposal as well as implementation. Since it didn't require a metering change, core devs thought it to be a quick change.
3. The ecosystem voted in favor of the proposal by upvoting the post on Github Discussions. 13 votes were recorded.
4. As next steps, a CAP will be authored to capture the proposal and put forth for approval from CAP Core Team.

Discord agenda thread

1. The meeting was focused on the process of adding host functions, using WebAuthN as the example use case; continued from the previous meeting.
2. Discussion of remaining concerns with adding secp256r1 verification host function from previous meeting.
   • What does it mean for secp256r1 to be added as a host function vs. as a signer type?
     • As a host function, user can sign soroban auth entries. Need another stellar account to fund and submit tx to the chain. The latter can be done by a stellar account which may be operated by a wallet or a contract.
     • __check_auth is invoked when the contract being interacted with calls require_auth
3. CAP-52 was drafted to introduce encoding/decoding functions for Base64, which is needed by WebAuthN. Considerations discussed in the meeting:
   • Performance: 1066 bytes that costs 1M instr to encode a 32byte hash; so the cost is very small and it’s questionable whether a host function is required.
   • Interface required two functions (encode/decode)
   • Implementation wise, WebAuthN requires url alphabet and padding, which decoder likely needs to support. Should we use symbols or ints? Do we need custom alphabets?
   • Do we really need more encoding schemes? Isn’t XDR enough?
   • Expensive auth mechanisms, i.e. webauthn, cannot be coupled with contracts with heavy business logic (which might be a lot of contracts), thus making adoption problematic.
   • We should probably add building blocks to enable the ecosystem to add new use cases.
4. CAP-53 was drafted to introduce encoding/decoding functions for JSON, which is needed by WebAuthN. Considerations discussed in the meeting:
   • Performance: 3.9Kb, 2.5M CPU instr.
   • If the size of the input blob is unknown, execution time will increase.
   • Valuable to have such a lightweight function that’ll be used in various place.
   • Interface: 11 functions
     • What to do with numbers and decimals? Add decimals and floats?
     • We only have to extract one field for WebAuthN but what about the general case?
   • The number type in JSON is decimal but soroban does not support that. How should this be handled?
   • Discussion around alternative interface and implementations.
5. Core dev concerns
   • Maintainability: if you add a host function, you have to maintain it forever. If there are more versions, we have to keep it around.
   • Expanded surface area for security bugs.
   • Should define a path where core dev is not in the implementation loop, as their schedules are packed with stability work. How to prioritize against stability work, which may get derailed due to new functionality such as what’s being currently discussed.
   • Next steps:
     • Core team to put together a plan for adding Base64. This is an important exercise that helps determine even more challenges of doing so. The output of this exercise may be that base64 shouldn’t in fact be implemented at this point.
     • Discussion around the JSON interface is to be continued.

Discord agenda thread

1. The proposal is to advance stellar-core by adding a host function to verify the secp256r1 signature, which is the most common elliptic curve used outside of the blockchain space. It is useful in connecting off-chain authentication interfaces with on-chain functionality.
2. Note that the proposal is not for a new signer type but a host function.
3. Leigh investigated adding support for the WebAuthN use case, by allowing a custom account / smart contract to sign soroban auth entries using a secp256r1-signed payload.
4. secp256r1 is supported by phones, passkeys, and enables an app to replace passwords. This is a massive benefit to user-facing applications like wallets.
5. Pros and cons of the interface: blockchains generally implement the recovery interface over the verification interface but verification is easier for developers as it reduces burden on the client and the network.
6. The WebAuthN use case requires encoding and decoding of base64 payloads and decoding JSON blobs, which is not currently supported in Soroban.
7. While there are hacky ways of accomplishing the latter, it’s not a great developer experience and final implementation is susceptible to breakages on updates.
8. It is also costly to bundle decoding with verification in guest.
9. Soroban has always led with a batteries included mindset. Keeping in line with that approach, it makes sense to further investigate and determine whether a host function makes sense for these as well.
10. Leigh’s implementation may require further evaluation of the crates used for ecdsa and p256.
11. Brief discussion around proposed process for adding of a host function by a non-core dev.

Discord agenda thread

1. The need for zk-enabling encryption curves like BLS12-381. Github thread.
2. Use cases that ecosystem is interestd in:
   1. Excellar, i.e. folks that kicked off this conversation by submitting a PR for BLS12-381, wants to add a DAO-controlled oracle where the elliptical curve provides the ability to add new DAO voters
   2. Zkbricks wants to build an L2 system for that enables secret state for arbitrary smart contracts
   3. Skyhitz wants to use stellar for efficient compute, cost, and scalability while using zk to prove ownership of high-value assets on another chain
   4. Use case enumeration continues in the discord thread.
3. Considerations for host function implementation
   1. Core devs questioned whether BLS12-381 was the right curve and also highlighted the need to determine the correct level of abstraction given there is a tradeoff between flexibility and efficiency. Lower level of abstraction will enable more flexibility but result in more hot loops in the wasm while a higher level of abstraction will be highly efficient but will restrict generality.
   2. ZkBricks thought that there is a need to directly expose pairings and group operations without any level of abstraction. The space is in active development and flexibility is needed to try out new approaches and proof systems. From the point of view of crypto agility, it would be good to expose a generic interface that supports a variety of curves in the backend.
4. Path Forward
   1. Core devs mentioned crypto curves can be experimented locally by linking rust crates, which it turns out, had failed in the past. This will be explored and fixed.
   2. ZkBricks and others will prototype locally and provide feedback.
5. What are the best practices for managing transactions in the frontend, with respect to transaction ordering.
6. Core devs confirmed that ordering is intentionally arbitrary.
7. Request for an API for current version of the environment/sdk
8. Github issue filed for the RPC to return versions of the current node.