Green: Implemented, but not merged yet
Blue: Needs to be implemented
Yellow: To be removed
Here is a high-level architecture of the pallet domain and other components (Subspace v2 Master - Domains)
Domain: an enshrined rollup that performs settlement or execution for the consensus chain. Each domain uses a standard set of permissioned runtimes but may have a user-defined configuration.
Domain Operator: an account, that by staking SSC, operates a domain node and takes the responsibility of producing new bundles, validating transactions, and executing transactions within a specific domain. Operators also watch for fraud and challenge other potentially fraudulent operators.
Domain Subnet: a separate P2P gossip network for each domain (following which protocol?)
Domain Bundle: a collection of transactions for a domain that are ready for execution
Execution Receipt (ER): a commitment to the execution of a domain block, included in the bundle
Domain Block: a derived block that consists of transactions from one or more bundles, ordered by the consensus chain
Fraud Proof: proof that shows that a commitment to some block with an execution receipt is invalid
Canonical Schnorr verifiable random function (VRF)
vrf_sign(secret_key, transcript) →
Runs VRF on a single input
transcript, producing the
vrf_output and corresponding short
vrf_proof. The resulting
vrf_signature is a set
vrf_verify(public_key, transcript, vrf_signature) →
proof and verifies
proof for an input
transcript and the corresponding
We currently use Schnorrkel/Ristretto x25519 (also known as sr25519) as its key derivation and signing algorithm.
A canonical (deterministic) scheme is necessary for these cases to prevent attackers from repeatedly signing until they produce an election solution that meets the threshold (as part of a grinding attack).
Hashes provide succinct commitments to arbitrary data.
keyed_hash(key, message) denotes a keyed hash.
hash(message) denotes hash, the default case when the key is empty.
The hash function used is BLAKE2b-256 unless otherwise specified. Substrate primitives (i.e., block hashing) use BLAKE2b-256.