πΒ Meridian Design Doc 03: Evaluation dissected
πΒ Meridian Design Doc 05: IE smart contract
See also the thread model Threat Model for SPARK Frauds and the proposal for retrieval attestations in Boost SPARK Content retrieval attestation
One of the main issues we face is whether the SPs are returning the file that they should be returning in the response body, and not just returning the headers which includes the signature chain. Specifically, an SP can create a valid signature chain that gives a proof of relay between the Station operator and the SP but can then simply return an empty response body. Then the evaluation of the signature chain will still be valid, even though no response body was returned.
We can simplify the Spark PoC by only using SPs that we can trust to return the right file in the response body.
This one seems complex but could lean on the existing code in Filecoin to prove possession of data.
The idea here is for the same CID to be used by a handful of Spark jobs and then for the hashes of the files to be compared by the orchestrator to make sure that the file was returned to the client who was then able to hash it.
t1, t2, β¦ tN. This client has access to the raw content being stored.tX
nonce value and encrypts it using timelock encryption so that it cannot be decoded before the window starts.nonce with the raw content and derives a constant-length proof in such a way that the proof is unique to this check and can be recreated only by having access to nonce and the entire content. (Example algorithm: SHA256(XOR(nonce, content))).nonce.nonce and retrieved content.