Asset verification

In general, Tosi can issue and verify any kind of asset or data which can be computed using a general-purpose computer, with some restrictions when private data is involved.

Tosi works in a very cost-efficient manner: computing, storage and transaction data is significantly cheaper to conduct in Tosi than for example in Ethereum (layer 1) and in Arbitrum (layer 2).

When a publisher issues an asset, the network of Tosi nodes verify the authenticity of the asset by

  • checking that the asset’s data contract is available on IPFS, and then

  • executing the data contract using off-chain computation with the publisher’s bundled input data as input.

Data availability proof

In order to replicate the computation, it is important that the input data bundle and the existing state is available for verifier nodes to download. Data availability proofs are a proof that if a given node would attempt to download the data through IPFS, it would be possible to do within reasonable time with high probability.

Tosi provides a solution for the data availability problem typically suffered by rollups and appchains by providing Tosi datachains a node committee. This committee is elected by a large enough random subsampling using the Weighted Random Sampling algorithm of nodes in a network where all of the nodes stake some amount of TOSI tokens. Tosi leverages the provided randomness proof for the source of the randomness needed for the algorithm.

If the entire committee selected agrees that the data for a particular datachain update is downloadable through IPFS, the probability of it being unavailable is extremely low. This is since the majority of staking nodes within the Tosi network are expected to be honest, and because it takes just one honest committee member to be picked to prevent the issuance of a fraudulent data availability claim.

For example, assuming that 33% of the network is dishonest, there are 100 nodes with equal stake weight, and 16 nodes are randomly picked into a committee, there’s a 1 out of 1,153,459,631 chance that all of the 16 nodes are dishonest. In practice, this is an extremely unlikely event.

Off-chain computation

In order to ensure the correct execution of a data contract, there are a number of computation proof techniques available to Tosi datachains with different trade-offs. Tosi main chain will, through its governance, whitelist certain computation techniques as acceptable for underlying datachains.

Initially Tosi accepts and uses optimistic off-chain computation, which is a technique whereby a claimer issues a claim that a data contract resulted in a particular result after conducting the execution of it using a virtual machine. Then node verifiers replicate the complication and raise a dispute if the result doesn’t match.

Benefits of this technique include that very large computation can be conducted off-chain and is as secure as the underlying claim medium. Disadvantages of this is that a long enough challenge period has to exist to make sure that

  1. disputers have enough time to replicate the computation, and

  2. a too expensive blockchain censorship attack would have to be mounted to block any dispute messages.

Tosi chain’s computation proof techniques are currently built on top of Cartesi Compute, with additional elements such as:

  • Aggregation of computational claim transactions through the Tosi sequencer

  • Quick, non-deterministic evaluation of a data contract using QEMU x86-64 emulator

  • Assumption of deterministic behavior of the data contract in addition to deterministic behavior of VM

  • Ability to run and deterministically verify data contracts compiled for X86-64 instruction set

  • An incentive model for node verifiers to be rewarded for catching fraud

Other potential off-chain computation technologies include Truebit (WASM microcode VM), and Optimism Cannon (MIPS VM). Similar techniques are used also in Arbitrum Nitro (WASM subset VM). However, these technologies typically suffer from there being no incentive model for verification.

Zero-knowledge proof

Through off-the-shelf zero-knowledge proof types made with RiscZero, a ZK-STARK technology, Zippie’s data verification offering allows the ability to verify confidential company data setup using a simple user experience and verify these proofs within the public verification process.

Zero-knowledge computation proofs provide a cryptographic proof of a particular program having been executed with a secret input and yielding a particular output where it can be assumed that this program was executed without being tampered with.

Last updated