Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

scratchpad of various design considerations #1

Open
gubsheep opened this issue Apr 4, 2022 · 1 comment
Open

scratchpad of various design considerations #1

gubsheep opened this issue Apr 4, 2022 · 1 comment

Comments

@gubsheep
Copy link

gubsheep commented Apr 4, 2022

  1. are leaves just field elements, or do we provide some convenience functions for people to store arbitrary data that we then hash into the field? currently to keep the protocol simple we are just going to go with field elements, and assume that any sort of hash digest stuff will happen outside (app developer chooses how to do this).
  2. multiset (i.e. forced sorting order) vs. array. multiset means that merkle trees are strictly considered to be accumulators of sets, and prevents duplicate multisets from existing (not sure that this is a bad thing). array gives strictly more affordances than multiset, in particular the ability to batch inclusion proofs on contiguous subsequences (i.e. if you're using pairs of adjacent leaves as [address, balance] tuples) and assign semantic meaning to ordering of leaves. seems like there isn't any reason to choose multiset over array, so just go with array
  3. when creating a tree on merkleroots.xyz, you must provide n leaf nodes
    option 1: n may be any positive integer (complete left-aligned binary tree)
    option 2: n must be a power of 2 (perfect binary tree but variable depth)
    option 3: n must be a protocol-constant power of 2 (perfect binary tree, constant depth)

@stevenhao: i think i support option 1 since it's most flexible. users who wish to use [perfect] binary trees for circom convenience can do so by manually padding their tree with a value they know to be safe. we can also provide api shorthand for this (e.g. {leaves: [...], size: 1024, padElt: 0 })
also, users who don't want to use perfect binary trees can use the trick where you check if any hash along the path is equal to the desired root: https://github.com/doubleblind-xyz/double-blind/blob/master/circuits/merkle.circom#L40
@abhilashi
Copy link

@gubsheep @stevenhao wondering if you had thoughts on

  • ways to represent changing Merkle trees of fixed size with updating leaves for e.g BAYC NFT holders list.
  • making these trees accessible to DAPPs where ZK proofs are not required but correctness of the tree itself is very important for e.g a grants DAO proposal reviewer would want to accumulate reputation on his address and also receive payouts on the same (doesn't necessarily need pseudonymity)
  • on-chain integration will be like the way Oracles work? are you thinking of more native integrations?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@abhilashi @gubsheep