Research On Capacity Expansion Technology For Public Blockchain

Blockchain technology can be described as a distributed ledger technology built on a P2P network,which can establish trust at a lower cost under a non-trust environment,is revolutionizing how people exchange values without a trust third party.Blockchain has demonstrated the great promise of utility over various fields.However,with the con-tinuous increase in the number of users and the scale of the system,especially in the high-frequency transaction scenarios,the public blockchain still has the problems of in-sufficient scalability,resulting in low transaction throughput and large storage overhead,which have become one of biggest obstacles that restrict the large-scale application of public blockchain.How to improve the scalability of the public blockchain has become a research hotspot in the current blockchain field.The main challenges of public blockchain capacity expansion technology are:(1)The sharding technology divides the network nodes into multiple shards.Through transaction sharding and state sharding,each shard can process a disjoint set of transactions in parallel and maintain a disjoint ledger,thereby increasing the system throughput and decreasing the per-node storage overhead.How-ever,the existing sharding technologies utilize a periodic random reorganization mecha-nism called network reshuffling to maintain system security.After network reshuffling,the nodes that have been allocated to a new shard need to download the state of the new shard before validating and processing transactions,resulting in long system startup and high network bandwidth overhead.(2)All nodes that have participated in the consen-sus protocol need to store all state data in RAM for quickly verifying transactions and blocks.With the continuous running of blockchain system,the state data will continue to grow,which would put much burden on full nodes.It is difficult to ensure that each full node can cope with such a high storage cost,which would lead to network central-ization.The stateless client technology uses the accumulator to compress the entire state data into a concise and fix-sized commitment.By providing a witness to the current state commitment,anyone can prove to the validators the correctness of a specific state,which can avoid storing the large state data.However,the existing stateless client technologies have the problem of low accumulator update efficiency,which results in severe limita-tions on system throughput.(3)Since the computing and storage resources on the chain are very limited,the existing off-chain ZK-Rollup technology moves the computing and state storage off-chain,and only puts the brief information of transactions on the chain,which can reduce the use of resources on the chain while avoiding introducing the data availability problem.However,the existing ZK-Rollup technology takes a long time to generate validity proof,which limits the throughput of the system.To improve the transac-tion throughput of the public blockchain and decrease the storage overhead of nodes,this dissertation deeply studies the techniques for state sharding,stateless client,lightweight sharding,and validity proof generation methods for ZK-Rollup.To address the state migration problem of the existing state sharding protocols,this dissertation proposes a novel state sharding protocol based on static network partition.In-stead of using network reshuffling,SSSN adopts a static network partition method,allow-ing nodes to freely join and exit any shard,thereby avoiding the performance loss caused by network reshuffling.To prevent malicious nodes from concentrating into a specific shard to initiate attacks,SSSN adopts a two-layer architecture which is composited by one root chain and multiple shard chains.The root chain is responsible for maintaining system security while the shard chains improve the system performance.To improve the efficiency of cross-shard transactions,SSSN proposes two types of cross-shard transaction processing methods:weak atomicity guarantee method and strong atomicity guarantee method.In the weak atomicity scenario,by splitting a cross-shard transaction into several intra-shard transactions,the efficiency of cross-shard transaction processing can be maxi-mized;In a strong atomic scenario,a cross-shard transaction can be processed by the root chain without cross-shard communication since it maintains all shard’s state.Besides,to further reduce the storage overhead of full nodes,SSSN adopts a checkpoint-based ledger pruning technology to delete redundant historical data without affecting transaction ver-ification and processing.Experiment results show that SSSN can completely eliminate the state migration overhead which appeared in the reshuffling-based state sharding pro-tocols.When the network bandwidth is limited to 13Mbps,the average of the current Internet bandwidth,the system throughput can reach 6500tx/s.To address the problem of low system throughput caused by the low efficiency of accumulator update in the existing stateless client technologies,this dissertation proposes a stateless client protocol called SBRSA based on RSA accumulator for UTXO-based blockchain.Since deleting items from the RSA accumulator requires a lot of computa-tional overhead,SBRSA uses the RSA accumulator to make STXO(Spent Transaction Output)commitment to replace the UTXO(Unspent Transaction Output)commitment.It can greatly improve the accumulator update efficiency since the STXO is an append-only data structure,avoiding performing time-consuming deletion operations.Under this,by providing the non-membership witness of the transaction inputs corresponding to the cur-rent STXO commitment,it can be proved that the transaction inputs have not been spent yet.Besides,to prevent malicious users from forging non-membership witnesses,it is necessary to further prove that the transaction inputs are actually generated before.Thus,SBRSA builds a TXO(Transaction Output)commitment based on MMR(Merkle Moun-tain Range),allowing verifiers to store only the MMR peaks to verify the existence of any UTXO.In addition,by introducing STXO cache,SBRSA extends the validity time window of transaction witness,thus reducing the frequency of witness update.Experi-mental results show that SBRSA can effectively improve the efficiency of accumulator updates.Compared with the existing works,SBRSA can improve the efficiency of the accumulator update from O(N~2)to O(N),which indirectly improves the throughput of the system.Aiming at the problem that the current blockchain system cannot directly run on nodes withs limited computing,storage and bandwidth resources,this dissertation pro-poses a lightweight sharding protocol called LSRC based on stateless client technology.In order to reduce the storage overhead,LSRC adopts the idea of stateless client pro-posed in dissertation.By introducing state commitment and chain commitment,LSRC implements a lightweight blockchain that allows nodes to only store the current state commitment to verify and process transactions.In order to reduce the bandwidth and computational overhead of each node,LSRC implements transaction sharding and state sharding on the stateless client,thereby avoiding nodes from processing and transmitting every transaction in the entire network.In order to prevent malicious nodes from con-centrating on a specific shard to make double-spending transactions,LSRC proposes a periodical network reshuffling mechanism based on VRF(Verifiable Random Function)and Rand Hound protocol to ensure that the proportion of malicious nodes in any shard is always within a safe range.Since the nodes store a small amount of data,the nodes only need to download the state summary of the new shard before starting work when network reshuffling is trigged,which reduces the bandwidth overhead and startup time of the sys-tem.Experimental results show that the LSRC can significantly reduce the computing,storage and bandwidth overhead of nodes,and it can be adapted to the low hardware con-figuration of resource-constrained nodes.Compared with the existing works,LSRC only requires a small amount of storage resources,and it only needs to download about 1MB of summary data instead of GB-level state when the network is reshuffled.To shorten the generation time of validity proof in off-chain ZK-Rollup technology,this dissertation proposes a distributed validity proof generation method called DKZR based on bounded recursive ZK-SNARK.Firstly,DKZR splits a large batch of trunca-tions into multiple smaller groups,and generates partial proofs for each group in parallel.Then,DKZR uses the partial proofs as the leaf nodes to build a proof tree,and merges the partial proofs layer by layer by using recursive ZK-SNARK.In order to reduce the dif-ficulty of recursive ZK-SNARK implementation,DZKR constructs a bounded recursive ZK-SNARK based on chain of elliptic curves,which relaxes the mathematical conditions for the construction of recursive ZK-SNARK.Besides,DZKR has developed a GPU ac-celeration toolkit for the time-consuming operations like FFT(Fast Fourier Transforms)and Multi-Exp(Multi Exponents)for ZK-SNARK,which further speeds up the time of the validity proof generation.The experimental results show that DZKR can greatly improve the generation speed of validity proof.Compared with the existing works,with the k layer m-tree,DZKR can reduce the generation time about m~k-~1/k times.In addition,the GPU acceleration toolkit can further shorten 50%time when building validity proof.