Add spec for proofs

[MavenRain]

No description provided.

[hansl]

I think an attribute here would be better, as:

• Attributes are meant to be optionally implemented, with clear rules when implementation is missing (request handlers reject them, response handlers ignore them) which actually makes sense here,
• Adding fields to messages is a bit like releasing a new version of HTTP. Attributes are the mechanism to enhance them (similar to HTTP headers[1]),
• Servers can advertise which attributes they support, but with this ALL servers should implement proofs, which is unreasonable.

So I'd rather have a system similar to async support; a request attribute, a response attribute and a server attribute that indicates support for those. This way servers can advertise they support proofs, clients can ignore proofs, and if proof is requested the server should bail out as it cannot provide it, and client can then re-request without the attribute if it chooses so.

[1] there is an argument that HTTP headers are different as they are optional while attributes require handling or fail, but in this specific case it is actually beneficial.

[MavenRain]

Acknowledged . . . will refactor this into a proof attribute

[hansl]

I'd like to put the thoughts of this document into a separate specification document and not rely on implementation specific documentation.

Note that using specific implementations is not something the spec should recommend or even mention.

[MavenRain]

OK, I can put the binary structure into a separate adoc

[fmorency]

Nice, thanks! Minor changes.

@hansl is there an issue somewhere tracking this feature?

[fmorency]

This attribute number is already taken in #73, and @hansl has taken #73 in #86.

You should probably use 14!

[fmorency]

I like the way they present it in https://github.com/liftedinit/merk/blob/develop/docs/algorithms.md#binary-format

Their example makes everything very clear.

[fmorency]

Add EOF EOL

[fmorency]

EOL EOF

[hansl]

I'm going to reiterate this. It's nicer for diffs to have a newline at the end of a file.

I'm also okay if you want to add an .editorconfig or .env file to this repo.

[fmorency]

Can you add a link to the CDDL file? See other .adoc for examples.

[hansl]

Suggested change

	key-value-pair = [3, (0 => bstr, 1 => bstr)]
	key-value-pair = [3, bstr, bstr]

[hansl]

Should point to the Hash Scheme section of this document. I have a feeling we'll have more than one later too, so if you want to create a new document and point to it that'd be even better.

[hansl]

No need.

[hansl]

Describing a Merkle tree and how to calculate the proof is fine, but we should separate the Merkle tree part from the description of the hashing itself.

[MavenRain]

@hansl I've moved this part to a separate doc and referenced. To clarify, is it right that the attribute id says use the hash scheme, or does it say use what merk currently uses as the hash function (blake3)?

[hansl]

I'm going to reiterate this. It's nicer for diffs to have a newline at the end of a file.

I'm also okay if you want to add an .editorconfig or .env file to this repo.

[fmorency]

Thanks, @MavenRain!

[fmorency]

Is the attribute mandatory?

[fmorency]

I would not put any implementation detail here.

We should be able to query the server and retrieve the hashes it supports.

[MavenRain]

@fmorency I believe this contradicts what @hansl just requested.

[fmorency]

@hansl WDTY?

[fmorency]

This is not exactly true, as our merk fork doesn't implement the second preimage attack mitigation, i.e., it doesn't have the 0x00 and 0x01 prefixes.

I would try to keep the specification general. Some of our users might use other storage implementations.

[MavenRain]

@fmorency My understanding is that we're to use the attribute-arg to allow for the ability to change the implementation, and this describes the default implementation. Also, I believe @hansl intends for us to incorporate the prefix changes that are currently in the upstream repo.

[fmorency]

Some comments/suggestions!

[fmorency]

Suggested change

	= Proof Attribute (#3)
	= Proof Response Attribute (#3)

[fmorency]

Suggested change

	This is a uint representing the hasher to be used in constructing proofs.
	This is a `uint` representing the hasher used in constructing the proofs.

[fmorency]

Suggested change

	* 0 - merk default hash (see xref:../../spec/proof_hash_scheme.adoc.)
	* 0 - `merk` default hash (see xref:../../spec/proof_hash_scheme.adoc.)

[fmorency]

What will go here?

[hansl]

The response attribute should be a map, it should contain at least 2 values:

1. the root hash, and
2. the proof itself.

Add an optional block height for now, but make it a attribute-related-index.

Suggested change

	proof@response-attribute-arg = [ + ( node-hash / key-value-hash / key-value-pair / parent / child ) ]
	proof@response-attribute-arg = {
	; Root application hash.
	0 => bstr,
	; The proof operations.
	1 => proof,
	; Extensible attribute related indices for extra information (implementation specific)
	* attribute-related-index => (),
	}
	proof = [ + ( node-hash / key-value-hash / key-value-pair / parent / child ) ]

And then in a separate CDDL 3_proof/0_blockchain.cddl file, get the following in:

proof@response-attribute-arg //= {
    ; Block height.
    [3, [0, 0]] => uint
}

[hansl]

Missing key and value length. This is closer:

Suggested change

	kv_hash = H(0x00, key, value)
	kv_hash = H(0x00, key.length, key, value.length, value)

[hansl]

Same as above.

[MavenRain]

Actually, the node hash does not have the lengths in the hash.

Outdated