• Stars
    star
    179
  • Rank 214,039 (Top 5 %)
  • Language
    TypeScript
  • Created almost 3 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Cooperative databases using smart contracts.

Vitra

██╗   ██╗██╗████████╗██████╗  █████╗
██║   ██║██║╚══██╔══╝██╔══██╗██╔══██╗
██║   ██║██║   ██║   ██████╔╝███████║
╚██╗ ██╔╝██║   ██║   ██╔══██╗██╔══██║
 ╚████╔╝ ██║   ██║   ██║  ██║██║  ██║
  ╚═══╝  ╚═╝   ╚═╝   ╚═╝  ╚═╝╚═╝  ╚═╝

Cooperative databases using smart contracts. Read the white paper.

Introduction

Vitra is a research project for exploring the limits of smart contracts without blockchains -- specifically, without using decentralized consensus algorithms like Proof-of-Work or Proof-of-Stake. Its purpose is research and education. Contributors are welcome, but the software is not stable and should not be used in production.

Overview

Vitra is a hybrid of blockchains and traditional databases. It takes inspiration from Certificate Transparency and Layer 2 Optimistic Rollups to create a hosted smart-contract protocol called "Execution Transparency (ET)."

Vitra databases use verifiable logs to record all transactions in a publicly-auditable structure. A contract written in Javascript then enforces the schemas and business logic of the database. By replaying the logs, users can audit the execution of the database and ensure that each participant is playing by the rules. Vitra also responds to every transaction with an inclusion proof, giving end-users an efficient solution to proving their data in the database.

When is this useful?

  • Public/community services that need to publish very sensitive data, like user encryption-keys or software packages. Vitra gives clear external auditability of every change that occurs, much like Certificate Transparency does for PKI.
  • Decentralized organizations where a database needs to be shared among people who don't totally trust each other. The smart contract ensures that the operator of the database can't cheat the community; it effectively protects users from the owners of a service.
  • Large multi-org collaborations (think enterprises with multiple vendors) where data-sharing needs to be coordinated and consistent. Vitra protects you from incompetance in the same way it protects you from malice: the system is transparent and self-auditing.

Vitra uses the Hypercore Protocol to implement its verifiable logs.

Tutorial video

Watch the tutorial video here.

Vitra tutorial video

Docs

Example

This very simple contract maintains a counter which can only ever increment. The contract exports two calls, get() and increment({amount}), which we can use to interact with the database.

/**
 * Counter
 *
 * This contract maintains a singe numeric value which can only be incremented. 
 */

import { index } from 'contract'

// database api
// =

export async function get () {
  const entry = await index.get(`/counter`)
  return Number(entry?.value || 0)
}

export function increment (opts = {}, emit) {
  const amount = typeof opts?.amount === 'number' ? opts.amount : 1
  emit({op: 'INCREMENT', amount})
}

// transaction handler
// =
 
export const apply = {
  async INCREMENT (tx, op) {
    const current = await get()
    tx.put(`/counter`, current + op.amount)
  }
}

You'll notice that transactions are handled in two phases: first publishing an operation with emit(), and then applying the operation with apply.INCREMENT(). This separation is because Vitra databases may have multiple participants who can generate ops, but only one executor who can execute the ops. When we verify a contract, we're replaying the emitted operations against the apply functions to make sure the executor has been honest.

Let's create a database using our contract. We'll use the API for this readme, but the interactive CLI is generally much easier.

import { Database } from 'vitra'

// Create the DB
const db = await Database.create('./db-storage-path', {
  contract: {source: COUNTER_CONTRACT}
})
db.swarm() // share on the hypercore network
console.log('New database created, public key:', db.pubkey.toString('hex'))

// Read the current state
const tx1 = await db.call('get', {})
console.log(tx.response) // => 0

// Increment a few times
const tx2 = await db.call('increment', {})
const tx3 = await db.call('increment', {amount: 2})
const tx4 = await db.call('increment', {})

// Wait for those increments to be processed
await Promise.all([tx2.whenProcessed(), tx3.whenProcessed(), tx4.whenProcessed()])

// Read the new state
const tx5 = await db.call('get', {})
console.log(tx.response) // => 4

As you can see, Vitra is a programmable database. We're interacting with the DB using the contract's API.

To verify the execution, we can use one of two methods: verify() or monitor(). The difference is whether we want to persistently verify or not; monitor will watch for new updates and verify them continuously.

await db.verify() // check all current state

const mon = await db.monitor() // persistently monitor transactions
mon.on('violation', console.log)

Generally we try not to violate a contract; violations are unrecoverable and will require users to switch to an entirely new database. This is on purpose: if a contract has been violated, then your database's executor has either suffered a serious technical issue, or they're trying to defraud you and shouldn't be trusted!

For this example, however, we'll force a violation to see what happens:

await db.index.dangerousBatch([{type: 'put', path: '/counter', value: 1}])

try {
  await db.verify()
} catch (e) {
  console.log(e) // => ContractFraudProof (The executor has violated the contract)
}

We just violated the contract by setting the counter back to 1. This particular violation is an unprompted change -- no operation caused this write -- but if the executor had responded to an operation with the wrong changes, or skipped over an operation, or tried to unpublish a change, it would be caught the same way.

License

MIT licensed, Copyright 2022 Blue Link Labs.

Future improvements

Transaction-result inclusion proofs

Calls to a contract (transactions) may produce one or more operations, and each operation may produce one or more changes (results). Operations are published by the contract participants by writing to their "oplogs," while the operation results are always published by the executor in the "index log." Using Hypercore, we're able to generate inclusion proofs for any log message.

Inclusion proofs are comprised of a log message's sequence number, the root hash of the log's merkle tree, and a signature over the root hash by the log's keypair. We can use the inclusion proof to independently verify that a log message was published by a log, and to prove mischief if the log owner ever attempts to unpublish a message.

Vitra can easily generate an inclusion proof for operations when handling a transaction because there's a local interactive session with the participant that's executing the transaction. For the results published to the index log, there's no guarantee of an interactive session as the participant may not be the executor. The Hypercore protocol has mechanisms for requesting log inclusion proofs over a connection (this is fundamental to the protocol) but the implementation embeds this in the replication logic and does not currently include APIs to fetch proofs for random messages in a log. By adding those APIs to Hypercore, we can add transaction-result inclusion proofs to Vitra's API.

Additional append-only fraud proof detection

Violations to the append-only constraint are currently detected when verifying an inclusion proof. It is possible to detect append-only violations more aggressively by checking for them during replication. (In this framework, forking explicitly with Hypercore's truncate() API and forking implicitly with split logs are both considered violations.)

Native-code contract runtime

Currenly Vitra is using [https://github.com/laverdet/isolated-vm] to execute contracts (via the Confine Sandbox framework). This could be optimized by replacing the Confine guest process with a C++ program that embeds V8, which would reduce the amount of marshalling between V8 contexts.

Edge-case protocols

Vitra is currently designed to follow the contract with no external mutations allowed. This means that operator error could leave a Vitra in an unrecoverable state. We could solve this kind of problem with "edge-case protocols." Some edge-case protocols to consider:

  • Contract rollback. A broken contract could leave the database in an inoperable state (e.g. a runtime error stops execution). An edge-case protocol for rolling back to a previous version could help solve this.

ZK-SNARKs

Vitra uses transaction logs and log-replays to audit execution of a database. Novel research in Layer 2 rollups has recently focused on using zero-knowledge proofs to create a more compact and efficient approach to auditing (ZK-Rollups). It should be possible to apply the same research to Vitra.

More Repositories

1

crdt_notes

918
star
2

local

An Ajax library that can target local JS code and web workers. (Replaced by ServiceWorkers!)
JavaScript
427
star
3

base-emoji

Output a buffer (0xdeadbeef) in emojis (❄️🐼🚓👅)
JavaScript
261
star
4

electron-browser

browser ui for electron, written in react
JavaScript
225
star
5

http-template-literal

Make HTTP requests the way TBL intended.
JavaScript
198
star
6

suggest-box

💬 decorates a textarea with GitHub-style suggestion popups (eg for emojis and users)
JavaScript
76
star
7

nodevms

A cryptographically auditable VM service using Nodejs and Dat.
JavaScript
69
star
8

dat-gateway

Quick Dat to HTTP gateway
JavaScript
47
star
9

infocivics

Information Civics paper
39
star
10

webterm

A web based command line interface (Beaker)
JavaScript
39
star
11

pauls-electron-rpc

My RPC solution for exporting APIs from the electron background process to renderers and webviews
JavaScript
37
star
12

citizen

A social web API for beaker/dat applications
JavaScript
32
star
13

pretty-hash

Output binary buffers as a nice shortened hex string
JavaScript
27
star
14

node-http-dat-forum

A Web forum built on Nodejs, Dat and HTTP
JavaScript
27
star
15

on-wakeup

Watches for the computer to fall asleep and then triggers an event callback on wakeup
JavaScript
26
star
16

diff-file-tree

Compare two file-trees, get a list of changes, then apply left or right
JavaScript
25
star
17

ctznry

A decentralized social networking webapp using CTZN
CSS
24
star
18

tmpdat

Create a temporary in-memory dat
JavaScript
23
star
19

parse-dat-url

Node url.parse updated to support versioned dat URLs.
JavaScript
20
star
20

libvms

API for running cryptographically auditable VM services.
JavaScript
20
star
21

multicb

Simple way to aggregate multiple node-style callbacks
JavaScript
19
star
22

dat-rss-reader

An rss-reader dat app
JavaScript
18
star
23

gsim

A little physics simulation which uses time-dilation to create attraction
JavaScript
18
star
24

json-lz

Simple self-describing JSON
17
star
25

hyper-sfw

Synced Files Workspace. A p2p collaborative filestructure built on Hypercore's Autobase.
TypeScript
16
star
26

example-atproto-rn-app

Demonstrates how to set up a React Native app to use the atproto api.
Java
14
star
27

scoped-fs

An FS wrapper that keeps all access scoped to a specific folder.
JavaScript
13
star
28

web-fritter

JavaScript
12
star
29

eco

Library of data types for building distributed applications on Phoenix/SSB
JavaScript
12
star
30

identify-filetype

Identifies the file-type of a buffer
JavaScript
11
star
31

hyper-vcr

A p2p version-controlled repo (built on hypercore)
TypeScript
11
star
32

ssbmail

encrypted mail
JavaScript
9
star
33

circular-append-file

A simple appendable-file interface which enforces a size cap by overwriting itself.
JavaScript
9
star
34

crdt_talk

JavaScript
8
star
35

hyper-search-experiments

A quick bench of FTS search indexes across multiple bees
JavaScript
8
star
36

pull-identify-filetype

Identify the type of file passing through the stream
JavaScript
7
star
37

ctzn.network

Website for the ctzn.network protocol
CSS
7
star
38

pauls-ui-kit

My basic UI kit for apps I make
HTML
7
star
39

webcomponents-yo

An experiment with WebComponents + the Yo-Yo rendering library
JavaScript
7
star
40

ssb-kvdb

A key-value database for Scuttlebot applications.
7
star
41

pauls-sliding-window-rate-limiter

Efficiently rate limit calls using a sliding window algorithm.
JavaScript
6
star
42

pfrazee.github.io

CSS
6
star
43

queryable-log

A structured append-only log which can be queried. Stores as ndjson and applies a log-size limit.
JavaScript
6
star
44

dat-source-explorer

A helpful widget for viewing the source of a dat site.
JavaScript
6
star
45

random-access-indexed-file

Continuous reading or writing to a file using random offsets and lengths (but for platforms that dont support sparse files)
JavaScript
6
star
46

electron-app-env

Apps environment using Electron
JavaScript
5
star
47

dat-profile-site

API for interacting with Dat Profile Sites.
JavaScript
5
star
48

example-self-mutating-dat-site

Example of self-mutating websites using the Dat APIs in Beaker
JavaScript
5
star
49

dat-imgbrowser

Browse image directories (dat app)
HTML
5
star
50

electron-tape

Tape testing harness for electron apps
JavaScript
5
star
51

vitra-confine-runtime

Confine runtime for "Vitra" scripts.
JavaScript
5
star
52

pfrazee.com

TypeScript
5
star
53

check-json-schema

CLI tool to check your JSON schemas.
JavaScript
4
star
54

zerr

custom js error construction
JavaScript
4
star
55

servware

An straight-forward Web server framework for Local.js
JavaScript
4
star
56

ctzn-editor

JavaScript
4
star
57

pull-ipc

Pull-stream wrapper around electron's IPC channel
JavaScript
4
star
58

nquery

local.js wrapper to jQuery so you can remotely operate on regions of the DOM
JavaScript
4
star
59

pause-offscreen

On web pages, hide gifs and pause videos when they're scrolled offscreen, to save CPU cycles
JavaScript
4
star
60

hyperswarm-bench

JavaScript
3
star
61

webshell

WebShell - An HTTP command-line environment with "fat" pipes, agents, creation-on-invocation, and GUI output (abandoned)
JavaScript
3
star
62

ssb-web-server-demo-app

A quick test/demo app for ssb-web-server
JavaScript
3
star
63

test-files

a set of test files
JavaScript
3
star
64

fuego

3
star
65

beakerbrowser-com-redirect

Archive site for beaker
TypeScript
3
star
66

process-sandbox

Run javascript in sandboxed child processes
JavaScript
3
star
67

textedit.pub

mutli-user text editing
JavaScript
2
star
68

scuttlebot-views

A materialized-views plugin for Scuttlebot
JavaScript
2
star
69

nodevms.com

Website for nodevms
CSS
2
star
70

mview

A CRDT view materialization library for distributed systems
JavaScript
2
star
71

autobee

An experiment with Autobase and Hyperbee
JavaScript
2
star
72

electron-bug-service-workers-failure

Demonstrates an issue registering service workers in custom protocols
JavaScript
2
star
73

log-reader

Simple demo dat app
JavaScript
2
star
74

dat-next-next-staging

Experimental quick-n-dirty file sharing tool on top of dat with a staging area
JavaScript
2
star
75

listen-random-port

Listen a node HTTP server on a random, unused port
JavaScript
2
star
76

preserved-feed-app

Just a backup of code pulled out of the beaker://feed experiment
JavaScript
2
star
77

simulated-autobee

An in-memory simulated autobee for testing
TypeScript
2
star
78

paulfrazee.com

The code and config for my personal site
JavaScript
2
star
79

muxrpc-validation

Validation library for muxrpc apis
JavaScript
2
star
80

slang

concatenative stack-based search language (turing complete queries)
JavaScript
2
star
81

pull-serializer

de/serialize pull streams
JavaScript
2
star
82

thepublisher-design

Design doc for a software publishing project
1
star
83

paste.space

post text dumps (like gists)
JavaScript
1
star
84

lugg

Take your $HOME with you
Shell
1
star
85

ssb-pub-status

a status-page server for ssb pub hosts
JavaScript
1
star
86

app-social

JavaScript
1
star
87

tintjs

Logicless templates
JavaScript
1
star
88

bezier-signatures

Repo to try out pubkey-signature rendering algorithms
JavaScript
1
star
89

wordgen

A random word generator
JavaScript
1
star
90

data-compression-talk

Slides and PDF for July 2016 Papers We Love: Data Compression
1
star
91

ssb-rawfeed

Small SSB feed-explorer tool
JavaScript
1
star
92

stack-assets-builder

live builds requests for js and css using browserify and less
JavaScript
1
star
93

protocols

DEPRECATED Protocol specs published at grimwire.com/rel
PHP
1
star
94

infiniscroll

infinite scroll web widget
JavaScript
1
star
95

peoplehere

JavaScript
1
star
96

input-url-detector

detect when a URL is in a textarea/input and automatically fetch info
1
star
97

ssbc.github.io

site
CSS
1
star
98

bdat

Beaker Dat CLI tool. Wraps Dat with new commands for Beaker.
JavaScript
1
star
99

example-deno-app

JavaScript
1
star
100

testify

A test-runner for beaker/dat apps
JavaScript
1
star