• Stars
    star
    139
  • Rank 262,954 (Top 6 %)
  • Language
    Solidity
  • License
    GNU Affero Genera...
  • Created over 2 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Trust-minimized way to access offchain data onchain

Trustus

Trust-minimized method for accessing offchain data onchain. No, it's not a joke project.

just trust us bro

Introduction

Suppose we have:

  • A server with an API that provides some useful information (e.g. the weather in Philedelphia today)
  • A smart contract that wants to access said information from the server

How can we implement it? How can we let the smart contract access the offchain data from the server?

One way to do it is to use Chainlink to make an HTTP GET request to the server, but this is terrible!

  • We need to rely on Chainlink nodes, whose level of centralization is rather controversial
  • We need to hold LINK tokens in the contract and pay the nodes for each request
  • We need to implement a callback pattern, which is asynchronous and messy

Trustus offers a superior solution that is trust-minimized. Trustus-powered contracts do not rely on any third-party network of nodes, nor do they need to make payments for the requests or implement a callback pattern. The only centralized & trusted component is the server, which has to be trusted anyways, hence the term "trust-minimized".

How is this achieved? Two caveats:

  1. The server must implement the specific standard used by Trustus to format the data packet, as well as provide an ECDSA signature that verifies the data packet originated from the trusted server.
  2. The smart contract should take in the signed data packet as an input of the function that requires the offchain data and verify its validity. The contract should also keep track of which addresses are trusted to sign the data packets.

The userflow of a call to a Trustus-power smart contract looks like this:

  1. The user makes a request to the server to fetch the desired offchain data.
  2. The server returns the data packet as well as a signature signed using the server's public key, which should already registered as trusted by the smart contract.
  3. The user calls the smart contract, providing the data packet & signature as input.
  4. The smart contract verifies & consumes the data packet, and uses the offchain data during the call.

Installation

To install with DappTools:

dapp install zeframlou/trustus

To install with Foundry:

forge install zeframlou/trustus

Local development

This project uses Foundry as the development framework.

Dependencies

make install

Compilation

make build

Testing

make test

Signature generation

Trustus uses EIP-712 for signing structured data. The following is an example of signature generation using ethers.js.

const ethers = require("ethers");

const signer = ethers.Wallet.createRandom();

const domain = {
  name: "Trustus",
  version: "1",
  chainId: 1, // ethereum mainnet
  verifyingContract: "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC", // change to your Trustus contract's address
};

const types = {
  VerifyPacket: [
    { name: "request", type: "bytes32" },
    { name: "deadline", type: "uint256" },
    { name: "payload", type: "bytes" },
  ],
};

// The data to sign
const value = {
  request: ethers.utils.keccak256(
    ethers.utils.toUtf8Bytes("MyRequest(string)")
  ), // identifier for different types of requests your Trustus contract specifies
  deadline: Math.floor(Date.now() + 600), // 10 minutes in the future
  payload: ethers.utils.toUtf8Bytes("Hello world!"),
};

const signature = await signer._signTypedData(domain, types, value);

console.log(signature);

More Repositories

1

playpen

Playpen is a set of modern, gas optimized staking pool contracts.
Solidity
273
star
2

create3-factory

Solidity
260
star
3

vested-erc20

A wrapper ERC20 token that linearly vests an underlying ERC20 token to its holders.
Solidity
242
star
4

foundry-template

Minimalist template for foundry projects
Solidity
156
star
5

bunni

ERC-20 LP tokens for Uniswap V3
Solidity
124
star
6

universal-bridge

Unified interface for sending messages from Ethereum to other chains and rollups.
Solidity
103
star
7

foundry-docgen

JavaScript
50
star
8

pooled-cdai

Pools DAI, converts it into Compound DAI, and sends interests to a beneficiary. Users putting DAI into the pool receives Pooled cDAI (pcDAI), an ERC20 token which is 1-for-1 redeemable for DAI at any time.
Solidity
49
star
9

foundry-canary

Minimal repo for Foundry examples and reproducing bugs in Foundry
Solidity
46
star
10

bagholder

Reward holders of an NFT without needing their NFTs to leave their wallets
Solidity
46
star
11

token-migrator

A simple contract for migrating from an old ERC20 token to a new ERC20 token.
Solidity
35
star
12

RevS

RevS is an open source P2P library for building Peer-to-Peer based apps.
Objective-C
19
star
13

ethhead

JavaScript
17
star
14

fee-distributor

Solidity
15
star
15

mev-token

JavaScript
14
star
16

hardhat-template

My personal template for hardhat projects
TypeScript
11
star
17

zeroswap

AMM written in Zinc for zkSync, based on Uniswap v2
Rust
9
star
18

pooled-cdai-subgraph

The Graph protocol subgraph for Pooled cDAI
TypeScript
6
star
19

warpy-contracts

Warpy is Venmo + them 🔥 DeFi interests
JavaScript
6
star
20

blog

HTML
3
star
21

pooldai-frontend

TypeScript
3
star
22

YHack2017-Submission

Submission for YHack 2017
Python
3
star
23

RevS-Server

A server implementation using RevS.
Objective-C
1
star
24

pooldai

HTML
1
star
25

RevS-Test

A test client app using RevS for iOS
Objective-C
1
star
26

pool-dai-ui

Front end for Pool DAI
TypeScript
1
star
27

f12-landing-page

1
star
28

p2pLazer

An easy-to-use hybrid P2P library with high stability and success rate.
Objective-C
1
star
29

astrodrop-production

CSS
1
star
30

Concave-NFT-SC

hardhat
Solidity
1
star