add tinychain legacy

Author: liamzebedee

docs/tinychain-legacy/.gitignore

@@ -0,0 +1,3 @@
+__pycache__
+*.db
+*.log

docs/tinychain-legacy/Pipfile

@@ -0,0 +1,20 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+pyparsing = "*"
+ecdsa = "*"
+pyyaml = "*"
+flask = "*"
+requests = "*"
+peewee = "*"
+sqlalchemy = "*"
+tabulate = "*"
+colored-traceback = "*"
+
+[dev-packages]
+
+[requires]
+python_version = "3.9"

docs/tinychain-legacy/Pipfile.lock

@@ -0,0 +1,113 @@
+tinychain
+=========
+
+**an ultralight blockchain core, written in Python.**
+
+tinychain is the smallest implementation of a blockchain (BFT replicated state machine) you will ever find. It reimplements the full bitcoin consensus (Nakamoto consensus) with a custom VM based on Brainfuck.
+
+1366 lines of code so far. inspired by [geohot's tinygrad](https://github.com/geohot/tinygrad).
+
+ * cryptography
+ * transactions
+ * consensus - Nakamoto POW
+ * VM’s - Brainfuck
+ * state machine
+ * gas markets
+ * protocol, RPC, and P2P networking
+
+Let the devs do what they do best - building cool stuff.
+
+| **Area**     | **Description**                                                                                                                                                                                                                                                                                            | **Status**  |
+|--------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
+| VM           | [Brainfuck](https://en.wikipedia.org/wiki/Brainfuck) smart contracts                                                                                                                                                                                                                                       | ✅⚠️ 60% Done |
+| Consensus    | Bitcoin / Nakamoto / POW with ZK-friendly hash function                                                                                                                                                                                                                                                    | ⚠️ WIP       |
+| Tokenomics   | Ethereum-like - native token + fixed exchange rate to gas                                                                                                                                                                                                                                                  | ✅ Done      |
+| Cryptography | ECDSA wallets, SECP256k1 curve (same as BTC), SHA-2 256 bit hash function                                                                                                                                                                                                                                  | ✅ Done      |
+| Networking   | P2P and RPC servers both use HTTP, gossip network architecture                                                                                                                                                                                                                                             | ⚠️ WIP       |
+| ZK proofs    | ZK for compression of tinychain. Use either [groth16](https://github.com/erhant/zkbrainfuck) or [halo2](https://github.com/cryptape/ckb-bf-zkvm) SNARK proofs for brainfuck. TBA we will rework consensus/crypto to use SNARK-friendly tech (MiMC/Poseidon hash function, SNARK-friendly signature scheme) |             |
+
+## Install.
+
+Requirements:
+
+ * Python 3.
+ * `pipenv`, `pip` or something like it.
+
+Instructions:
+
+```sh
+# Install dependencies.
+pipenv install
+pipenv shell
+```
+
+## Usage.
+
+Demo is a work-in-progress:
+
+```py
+# Run two nodes which will mine and sync.
+PYTHONPATH=./src python3 src/tinychain/consensus/bitcoin.py
+PYTHONPATH=./src python3 src/tinychain/consensus/bitcoin.py
+```
+
+## Why?
+
+It takes too long to digest the architecture of any modern blockchain like Ethereum, Optimism, etc.
+
+geohot took PyTorch and distilled it into >10,000 LOC. let's do the same for a blockchain.
+
+maybe we'll learn some things along the way.
+
+## What is a blockchain?
+
+It's really quite an interesting combination of many things.
+
+ * a blockchain is a P2P system based on a programmable database
+ * users can run programs on this database
+ * they run these programs by cryptographically signing transactions
+ * users pay nodes in tokens for running the network
+ * how is the cost of running transactions measured?
+ * the programs run inside a VM, which has a metering facility for resource usage in terms of computation and storage
+ * the unit of account for metering is called gas
+ * gas is bought in an algorithmic market for the blockchain's native token. This is usually implemented as a "gas price auction"
+ * the order in which these transactions are run is determined according to a consensus algorithm.
+ * the consensus algorithm elects a node which is given the power to decide the sequence of transactions for that epoch
+ * bitcoin uses proof-of-work, meaning that the more CPU's you have, the more likely you are to become the leader
+ * given the sequence of transactions, we can run the state machine
+ * the state machine bundles the VM, with a shared context of accounts and their gas credits
+ * and this is all bundled together in the node, which provides facilities for querying the state of database
+
+The goal of this project is to elucidate the primitives throughout this invention, in a very simple way, so you can experiment and play with different VM's and code.
+
+## Roadmap.
+
+ - [x] VM
+ - [ ] smart contracts
+ - [x] wallet
+ - [x] transactions
+ - [ ] CLI
+ - [x] state machine
+ - [x] sequencer
+ - [x] accounts / gas
+ - [ ] node
+ - [ ] consensus
+ - [ ] networking
+
+See `node.py` for design.
+
+## Feature set.
+
+ - **VM** and **state machine model**. Brainfuck is used as the programming runtime. It includes its own gas metering - 1 gas for computation, 3 gas for writing to memory. There is no in-built object model for now - there is only the Brainfuck VM, and its memory. Any program can write to memory and overwrite other Brainfuck.
+
+ - **Gas market / tokenomics**. Like Ethereum, this chain has a token and an internal unit of account called gas. There is no progressive gas auctions (PGA's) yet - for now it is a fixed exchange rate (see `gas_market.py`).
+
+ - **Consensus**. Bitcoin/Nakamoto consensus is currently being implemented, meaning the network runs via proof-of-work. In future, I hope to implement Tendermint proof-of-stake (see `consensus/tendermint.py` for more) with the token being staked actually hosted on an Ethereum network (L1/L2).
+
+ - **Cryptography**. ECDSA is used for public-private cryptography, with the SECP256k1 curve (used by Bitcoin) and the SHA-2 hash function with size set to 256 bits.
+
+ - **Networking**. The P2P protocol and node API server both run over HTTP. This was easy.
+
+```
+curl -X GET http://0.0.0.0:5100/api/machine_eval -H "Content-Type: application/json" -d '{"from_acc":"","to_acc":"","data":"+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++."}'
+```

docs/tinychain-legacy/README.md

@@ -0,0 +1,89 @@
+# Nakamoto consensus.
+
+Bitcoin consensus is really quite simple.
+
+```
+Block
+    Prev block hash
+    Transactions
+    Nonce
+
+Hashcash - a work algorithm, where you can measure CPU expenditure.
+
+Longest chain consensus
+Longest = chain with the most accumulated work
+
+What is work? 
+Accumulated hashpower (measured by hashcash solutions) that follows the difficulty readjustment schedule
+
+Difficulty readjustment - in order to regulate the block production of the network,
+the hashcash difficulty target is adjusted every epoch to target an epoch length of 2 weeks
+
+Epochs are defined every N blocks
+Each block includes a timestamp, which is regulated by the network to be close to real clock time
+
+
+Our algorithm for running this is really simple:
+- maintain a block DAG structure
+- each block has a parent and a nullable child
+- each block has its height (depth in DAG path)
+- each block has its accumulated difficulty stored with it
+- each block has its index
+
+The "tip" of the chain refers to the block with the most accumulated difficulty - this is the longest chain rule
+
+There are only 3 routines:
+- mine - produce blocks, gossip them
+- verify_block - verify the POW solution, the transactions and their signatures
+- ingest_block - add the block to the DAG
+```
+
+
+## Bitcoin architecture.
+
+```
+Miner thread
+-> works on mining next block
+-> mine(block) takes a block, which includes existing details like difficulty target
+-> can be restarted
+-> start_mining:
+    takes the current mempool (txs)
+    and the current tip (block)
+    and mines until we get a signal to stop
+    then restarts
+
+Before we mine, we figure out what the current difficulty is.
+
+When we receive a new block:
+- download any parents until we reach a common block
+- then verify the earliest block to the latest
+- we also recompute the difficulty for the epochs ingested
+- when this is all done, we restart the miner on the freshest tip.
+
+When we mine a new block:
+- broadcast the block
+- mine on this new tip
+```
+
+Finally networking:
+
+```
+ConsensusEngine calls protocol to gossip blocks
+Node uses ConsensusEngine to Sequence transactions
+Node uses transaction Sequence to run replicated State Machine
+Protocol uses Wire protocol to communicate over JSON-RPC HTTPS
+Node uses Protocol to receive user requests to send transcations
+Node receives user transactions and gossips them over network
+
+
+This doesn't even do fee markets yet. But it should soon.
+
+```
+
+
+And then on top of this- the launch:
+
+```
+People will download the "brainnode" software
+
+```

docs/tinychain-legacy/docs/bitcoin.md

@@ -0,0 +1,157 @@
+use crate::block::{Block, BlockHash};
+pub mod block;
+
+use std::fs;
+use std::cmp;
+use sha2::{Sha256, Digest};
+use std::time::{SystemTime};
+use ethereum_types::{U256};
+
+const DICT_PATH: &str = "data/dict.txt";
+
+// Returns the base-n representation of a number according to an
+// alphabet specified in `symbols`. The length of symbols is the
+// "base".
+// 
+// e.g. symbols = ["0","1"] is the binary numeral system.
+// 
+fn to_digits(num: u32, symbols: &Vec<&str>) -> String {
+    let base = u32::try_from(symbols.len()).unwrap();
+    let mut digits = String::new();
+    let mut n = num;
+
+    while n > 0 {
+        let i = n.rem_euclid(base);
+        if !digits.is_empty() {
+            digits += " ";
+        }
+        digits += symbols[usize::try_from(i).unwrap()];
+        n /= base;
+    }
+
+    digits
+}
+
+fn sha256_digest(content: &String) -> U256 {
+    let mut hasher = Sha256::new();
+    hasher.update(content.clone());
+    let digest = hasher.finalize();
+    return U256::from(digest.as_slice());
+}
+
+// fn current_time() -> u64 {
+//     match SystemTime::now().duration_since(SystemTime::UNIX_EPOCH) {
+//         Ok(n) => n.as_secs(),
+//         Err(_) => panic!("SystemTime before UNIX EPOCH!"),
+//     }
+// }
+
+fn solve_pow(target: U256, block: &Block, dict: &Vec<&str>) -> u32 {
+    let mut nonce_idx: u32 = 0;
+    let _base = dict.len();
+
+    let mut block2 = block.clone();
+
+    loop {
+        block2.nonce = nonce_idx;
+
+        // Build the outrage string.
+        // Convert nonce number into alphabet of the outrage wordlist.
+        // let outrage = to_digits(nonce_idx, &dict).as_bytes();
+
+        // Compute SHA256 digest.
+        let mut hasher = Sha256::new();
+        let buf = serde_json::to_vec(&block2).unwrap();
+        hasher.update(buf);
+        let digest = hasher.finalize();
+
+        // Convert to U256 number.
+        let guess = U256::from(digest.as_slice());
+
+        if guess < target {
+            // println!("solved target={} value={} dist={} nonce=\"{}\"", target, guess, target - guess, outrage);
+            // target = target / 2;
+            return nonce_idx
+        }
+
+        nonce_idx += 1;
+    }
+}
+
+fn main() {
+    let word_dict = fs::read_to_string(DICT_PATH).expect("Unable to read file");
+    let dict: Vec<&str> = word_dict.lines().collect();
+    let NULL_HASH: U256 = U256::from(0);
+
+    println!("Loaded dictionary of {} words", dict.len());
+    
+    // 
+    // Mining loop.
+    // 
+
+    // This implements a proof-of-work algorithm, whereby the miner
+    // searches for a value (`guess`) that is less than a `target`.
+    // The lower the target, the higher the difficulty involved in the search process.
+    // Unlike the usual PoW algorithms, the input content to the hash function is human-readable outrage propaganda. 
+    // A nonce is generated, which is used to index into a dictionary of outrage content, and then thereby
+    // hashed.
+    let genesis_block = Block {
+        prev_block_hash: NULL_HASH,
+        number: 0,
+        dict_hash: sha256_digest(&word_dict.to_string()),
+        nonce: 0
+    };
+    let mut prev_block = genesis_block;
+    let mut target: U256 = U256::from_dec_str("4567192616659071619386515177772132323232230222220222226193865124364247891968").unwrap();
+
+    let EPOCH_LENGTH = 5;
+    let EPOCH_TARGET_TIMESPAN_SECONDS = 5;
+    let mut epoch_start_block_mined_at = SystemTime::now();
+
+
+    println!("Starting miner...");
+    println!("  difficulty = {}", target);
+    println!();
+
+    loop {
+        let mut pending_block = Block {
+            prev_block_hash: prev_block.block_hash(),
+            number: prev_block.number + 1,
+            dict_hash: sha256_digest(&word_dict.to_string()),
+            nonce: 0
+        };
+
+        let guess = solve_pow(target, &pending_block, &dict);
+        let outrage = to_digits(guess, &dict);
+        println!("solved target={} value={} dist={} nonce=\"{}\"", target, guess, target - guess, outrage);
+
+        // Seal block.
+        pending_block.nonce = guess;
+        pending_block.prev_block_hash = prev_block.block_hash();
+
+        prev_block = pending_block;
+        println!("mined block #{} hash={}\n", prev_block.number, prev_block.block_hash());
+
+        // Update difficulty/target.
+        if prev_block.number % EPOCH_LENGTH == 0 {
+            // 5 seconds for epoch of 5 blocks
+            
+            let mut timespan = SystemTime::now().duration_since(epoch_start_block_mined_at).unwrap().as_secs();
+            if timespan < EPOCH_TARGET_TIMESPAN_SECONDS/4 {
+                timespan = EPOCH_TARGET_TIMESPAN_SECONDS/4;
+            }
+            if timespan > EPOCH_TARGET_TIMESPAN_SECONDS*4 {
+                timespan = EPOCH_TARGET_TIMESPAN_SECONDS*4;
+            }
+            
+            let epoch = prev_block.number / EPOCH_LENGTH;
+            let factor = timespan / EPOCH_TARGET_TIMESPAN_SECONDS;
+            target = target * timespan / EPOCH_TARGET_TIMESPAN_SECONDS;
+
+            println!("epoch #{}", epoch);
+            println!("adjusting difficulty timespan={}s factor={}", timespan, (timespan as f64) / (EPOCH_TARGET_TIMESPAN_SECONDS as f64));
+            
+            epoch_start_block_mined_at = SystemTime::now();
+        }
+    }
+}

docs/tinychain-legacy/docs/bitcoin.rs

@@ -0,0 +1,10 @@
+Missing pieces
+==============
+
+## ECDSA public key recovery
+
+In Ethereum/Bitcoin, we can recover the public key from a signature.
+
+The way this works - ECDSA public keys have two points (R1, R2), and on each point there is an (X,Y). For any given signature, you can recover two public keys - since ECDSA is based on squaring and there are two solutions to the square root (+ve and -ve). By encoding a value when you create the signature which specifies the parity (positive/negative) of one of these points, you can reliably recover the correct public key from the signature.
+
+I had some trouble implementing this.