BNBSmartChainLightClient is an implementation of the BNBSmartChain Light Client in Solidity as an MapoContract.
BNB Smart Chain relies on a system of 21 active validators with Proof of Staked Authority (PoSA) consensus that can support short block time and lower fees. The most bonded validator candidates of staking will become validators and produce blocks. The double-sign detection and other slashing logic guarantee security, stability, and chain finality.
The validators changes every epoch,each selected validator address is written to the epoch block in the extraData field of the block header. after half the number of validators of the block begins production and validation of the block.These validators participate in the consensus protocol by signing blocks that contain cryptographic signatures signed by each validator's private key.
If we want to validate a transaction, we need to validate the block header that the transaction is in,to validate a block header and we need to validate the signature of the block header.
by tracking validators changes light node can verify all bsc transations.
How to verify
updateBlockHeader
keep track of the validator's changes by continuously submitting epoch block headers to light client.The submitted epoch block must be signed with the private key by one of the validator's submitted in the previous epoch. so we initialize an epoch and store the validator's address can keep committing the next epoch block over and over again.to improve certainty, multiple blocks need to be submitted as confirms.
function verifyHeaderSignature(
BlockHeader memory _header,
uint256 _chainId
) internal pure returns (bool) {
(bytes memory signature, bytes memory extraData) = splitExtra(
_header.extraData
);
bytes32 hash = keccak256(encodeSigHeader(_header, extraData, _chainId));
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
if (v <= 1) {
v = v + 27;
}
address signer = ecrecover(hash, v, r, s);
return signer == _header.miner;
}
check if miner is in the corresponding validatorSet.
The light client can verify the epoch blocks after it has the epoch validatorSet.to verify the receipt should first veriy the block transation receipt in.verify the block is similar to the update block,won't go into it again.
we know that receipts from block transactions form a receipt patricia-merkle-trie. the block field receiptsRoot is the root of the tree. after we verify the block we can trust the receiptsRoot.
so we can build proof of the transation receipt off chain submit to light client to proof transaton receipts.
function validateProof(
bytes32 _receiptsRoot,
ReceiptProof memory _receipt,
address _mptVerify
) internal pure returns (bool success, bytes memory logs) {
bytes memory bytesReceipt = encodeReceipt(_receipt.txReceipt);
bytes memory expectedValue = bytesReceipt;
if (_receipt.txReceipt.receiptType > 0) {
expectedValue = abi.encodePacked(
bytes1(uint8(_receipt.txReceipt.receiptType)),
bytesReceipt
);
}
success = IMPTVerify(_mptVerify).verifyTrieProof(
_receiptsRoot,
_receipt.keyIndex,
_receipt.proof,
expectedValue
);
if (success)
logs = bytesReceipt.toRlpItem().toList()[3].toRlpBytes(); // list length must be 4
}