If we have a way to prove that two merkle trees are different then we can solve the following problems.
If we solve problem 1, we don't have to solve problem 2.
Storage IPFS hashes
Store data via IPFS hash
- Client gives IPFS hash to miner
- Miner turns it into a PieceCID
- Miner makes the deal with IPFS CID field and PieceCID field
- When a user gets the file back from the miner, they can check if the file matches the IPFS CID
- If the IPFS CID is not matched, then they can post a proof that this mapping was incorrect
- Find the branch of the IPFS DAG and the branch of the PieceCID where the data differ
- Generate a merkle proof for each
- (Option: if the proof is too big: SNARK those proofs)
- Send proof on-chain
SNARK Friendly Data Structures: Simpler IPLD for SNARK friendly circuits
Poseidon CommD on-chain for faster SnapDeals
Make the proofs for SnapDeals to be super cheap by having CommD generated with Poseidon without the client running Poseidon.
- Client gives ShaCommD to miner
- Miner turns it into PoseidonCommD
- Miner makes the deal with PoseidonCommD and ShaCommD
- When user gets the file back, they can check if their file matches ShaCommD
- If the file does not match ShaCommD, they can post a proof
- Find the branch of PoseidonCommD and the branch of ShaCommD where the branch disagree
- Generate merkle tree proof for each
- (Option: if the proof is too big: SNARK those proof)
- Send proof on chain
- Who puts the collateral to be slashed? can we reuse the deal collateral?