Cross-chain data verification
Relaying information from one blockchain to another.
With the soon to be released MerkleBridge protocol, we can leverage blockchain state root information to verify information from one chain onto another.
The first application of this idea is the MerkleBridge asset transfer protocol which verifies the state of users locked/burnt assets to allow mint/unlock on the other side of the bridge.
But these on-chain verification techniques can be applied to any type of data stored in a contract state variable. This is done in 2 steps: first, verify that the contract exists in the general state Merkle tree and then verify that the contract variable data exists in the contract’s storage Merkle tree.
At regular intervals, the bridge operators multisign and anchor the general state root (taken from block header) of the connected blockchain. Then applications can verify some piece of data belongs to the state root by verifying inclusion Merkle proofs. The same methodology is used by light clients which only sync block headers and verify parts of the state with Merkle proofs.
This general state root is a trusted snapshot of the connected blockchain, and data can be proven from it.
Contract state object verification
An Aergo contract state object is defined as the following protocol buffer message:
message State {
uint64 nonce = 1;
bytes balance = 2;
bytes codeHash = 3;
bytes storageRoot = 4;
uint64 sqlRecoveryPoint = 5;
}We can verify that a contract’s state root is valid by verifying a Merkle proof of inclusion of the proto serialized state object in the general state root.
In Lua:
In Solidity:
The contract storage root is parsed from the protocol buffer bytes.
Source: https://developers.google.com/protocol-buffers/docs/encodingTag reference:+--------------+-----------+----------+--------------+
| field number | wire type | tag(hex) | tag(bin) |
| 1 | 0 | 0x08 | 0000 1000 |
| 2 | 2 | 0x12 | 0001 0010 |
| 3 | 2 | 0x1a | 0001 1010 |
| 4 | 2 | 0x22 | 0010 0010 |
| 5 | 0 | 0x2a | 0010 1010 |
+--------------+-----------+----------+--------------+Contracts can have 0 balance and 0 nonce, so their tags 0x08 and 0x12 are not always present in the serialized state.
In Lua:
In Solidity:
Contract state variable verification
Now that we have verified a contract storage root, we can again verify a Merkle proof of any storage variable in that contract.
See here for more details on Aergo Merkle proof verification:
Ethereum compatibility
Similarly, Aergo’s Lua smart contracts support Ethereum Account Serialization and Patricia tree Merkle proof verification natively with:
crypto.verifyProof(trieKey, {nonce, balance, root, codeHash}, anchorRoot, unpack(merkleProof))
Therefore data existing in Ethereum networks can be verified on Aergo networks.
Conclusion
Cross-chain data verification enables different types of applications like asset transfers with Merkle bridge, oracle data relaying from one chain to another, or proving data to someone that doesn’t have access to a private enterprise chain.
