Skip to content

Files

Latest commit

 

History

History
96 lines (71 loc) · 3.85 KB

00002.md

File metadata and controls

96 lines (71 loc) · 3.85 KB

EIP-00001: ECALL in Solidity and AVM

Author ieigen-max, robert
Status Designing
Type Private Smart Contract
Category Core
Created 2021-06-22

[toc]

EigenCC for Privacy Smart Contract

Terms

Client: instance of e-wallet,

  1. Manage the accounts of owner(especially the private key), including account creation, account import and export, etc.
  2. Account information display: such as token balance.
  3. Transfer function: send and receive token.
  4. Transaction signature.
  5. AES and ECC encryption and decryption.
  6. Interact with "Identity Management" smart contract on L1 Geth(like ethereum).

EigenCC: backend of TEE,

  1. Provide APIs for TEE interaction.
  2. AES and ECC encryption and decryption.
  3. Transaction signature.
  4. Privacy DAG execution.
  5. Upload and resolve the public key registration list.

L2: layer2 rollup,

  1. Provide tx, state proof, and signature rollup functions.
  2. Privacy DAG generation.
  3. Efficient rollup, staking and validation.

L1: base layer (ethereum, bitcoin, etc.)

Secret: the records including everything you create in the blockchain network;

How it work

  1. EigenCC issues a key pair according to public parameters (ring signature), seals the private key on the disk, then distributes the public key to L1 smart contracts; Image

  2. Client generates an AES key to encrypt it's secret, then encrypt the AES key by public key from step 1;

  3. Client makes a transaction with cipher as the input of PrivacyERC20, and submits the transaction to EVM contract on L2 Geth; Image

  4. The EVM contract on L2 Geth will initialize a context with the encrypted AES key, then there maybe exist multiple ecall in one contract method, which all are share one context. Finally, all the inputs and outputs from the ecalls will be composed into a DAG with ecall as it's nodes and the inputs or outputs as edge. Image

  5. At the end of each contract method, the DAG will be executed in EigenCC. EigenCC decrypts the AES key by the private key from step 1, and then decrepts the cipher by AES key, and executes the DAG, then encrypts the results by AES key;

  6. Store the cipher results into the EVM storage. Image

We use multi TEE computation and verification scheme, which can make computation verifiable for all EigenCC in the list. Image

How AES key update

If people leak their AES key, we should enable them to upgrade the AES key. Since AES key have been used to encrypt the secrets in the contract, Leaking means we lost the confidentiality of the cipher. We provide an re-encrypt function exposed by ecall.

The Privacy Operaters

  1. unary operations: not, or, and, xor
  2. binary operations: add, sub, mul
  3. recrypt: update the AES key, and re-encrypt the secrets
  4. where(cond, x, y): if cond is true, return x, else return y;

The Core Structs

  1. Context
struct Context {
    string ctx_id;
    int32 version; // AES key version
    mapping(bytes=>bytes) value; // value is cipher, key can be address or any other unique id
}

Use case

  • Privacy ERC20: The balance of each address is hided
contract PrivacyERC20 {
    use EigenPriv for *;
    Context ctx;
    function PrivacyToken() public view returns () {
        
    }
}

Copyright