2. Content
• 1. Introduction
• 2. General structure
• 3. Transactions
• Inputs and Outputs
• File Contracts
• Proof of Storage
• Arbitrary Transaction Data
• 4. Protection mechanism
• 5. Host selection solutions.
• 6. Siafund.
• 7. Pros & Cons of Sia.
2
3. 1. Introduction
• Sia is a decentralized cloud storage platform develop by Nebulous.
• Peers on Sia rent storage from each other. Sia itself stores only the
storage contracts formed between parties
• Sia recommend storing data redundantly across multiple hosts
• By forming a contract, a storage provider(also known as a host)
agrees to store a client’s data, and to periodically submit proof of
their continued storage until the contract expires.
3
4. 2. General structure
• Sia is an altcoin which is resemble Bitcoin structure.
• Sia opts instead to use an M–of–N multi-signature scheme for all
transactions
• Sia also extends transactions to enable the creation and enforcement
of storage contracts, and the extension is:
• Contracts
• Proofs
• Contract updates
• Contracts declare the intention of a host to store a file with a certain
size and hash.(They define the regularity with which a host must
submit storage proofs.)
4
7. 3.1 Inputs and Outputs
• Every input must come from a prior output, so an input is simply an
output ID.
• Inputs contain spend conditions .
• Outputs contain merkle root hash .
7
8. Spend Conditions
• Spend conditions include a time lock and a set of public keys, and the
number of signatures required.
• An output cannot be spent until the time lock has expired and enough of
the specified keys have added their signature.
• The spend conditions are hashed into a merkle tree, using below as leaves
• time lock
• number of signatures required
• public keys
• In order to spend the coins, the spend conditions corresponding to the
address hash must be provided.
8
10. 3.2 File Contracts
• A file contract is an agreement(like SLA) between a storage provider
and their client. Contain:
• Allowance: a pre-paid amount of Siacoin meant to pay storage and
bandwidth costs
• Core of the file contract is “files merkle root”
• The file is split into segments of constant size and hashed into a merkle tree.
• The root hash, along with the total size of the file, can be used to verify
storage proofs.
• File contracts are also created with a list of “edit conditions,”
analogous to the spend conditions of a transaction.
10
11. File contracts also specify :
• Duration (by default 13 weeks)
• Challenge frequency
• specifies how often a storage proof must be submitted.
• creates discrete challenge windows during which a host must submit storage
proofs .
• submitting “valid proof” triggers an automatic payment to the “valid proof” .
• Payout parameters
• reward for a valid proof .
• reward for an invalid or missing proof .
• maximum number of proofs that can be missed .
11
12. 3.3 Proof of Storage
• During the contract, the hosts must submit Proofs of Storage to the
blockchain to demonstrate:
• They are online.
• They still preserve the client’s files.
• Storage proof transactions are periodically submitted to fulfill file
contracts.
• Each storage proof targets a specific file contract.
• Storage proof only contain
• contract ID
• the proof data.
12
13. Algorithm
• Hosts prove their storage by providing a segment of the original file and a
list of hashes from the file’s Merkle tree.
• Each storage proof uses a randomly selected segment. The random seed
for challenge window Wi is given by:
• If the host is consistently able to demonstrate possession of a random
segment, then they are very likely storing the whole file.
• 會產生隨機檔案中部分為64kb的file作為proof,
• 若他沒有持有完整的檔案,只有持有一半,那他會有50%的機率可以作弊猜中,但他得冒猜錯的
風險,不僅損失他從客戶收到的錢,而且也得損失他擔保的金錢(proof of burn)
13
14. 14
File
Segment
Root
Hash
As an address where the money are sent.
.....
File
Segment
File
Segment
File
Segment
Randomly ask provider to
Provide a file segment and its
relative hash as proof to
“file contract”.
15. Attack of Proof of Storage
• Block Withholding Attacks
• Attacker withholds blocks until they find one that will produce a favorable
random number.
• Clients can specify a high challenge frequency and large penalties for missing
proofs.
• Closed Window Attacks
• Miners could maliciously exclude storage proofs from blocks, depriving
themselves of transaction fees but forcing a penalty on hosts.
• Miners could extort hosts by requiring large fees to include storage proofs
• Use a large window size. Hosts can reasonably assume that some percentage
of miners will include their proofs in return for a transaction fee.
15
16. 3.4 Arbitrary Transaction Data
• Each transaction has an arbitrary data field which can be used for any
type of information.
• Nodes will be required to store the arbitrary data if it is signed by any
signature in the transaction.
• Nodes will initially accept up to 64 KB of arbitrary data per block.
• This arbitrary data provides hosts and clients with a decentralized way
to organize themselves.
• Arbitrary data could also be used to implement other types of soft
forks.
16
17. File Repair
• In versions earlier than 1.3.0 Capricorn, files had to be stored locally
in order to restore the redundancy.
• Now they are automatically downloaded from the available hosts and
uploaded to new ones.
17
18. 4. Protection mechanism
18
Host Protections Client Protections
• A contract requires consent from
both the storage provider and
their client.
• They can setting price on
contract to show how reliable
their services is.
• Host should protect themselves
from such Dos attacks .
(or they will receive penalties).
• Use erasure codes (Reed-Solomon
erasure coding),to safeguard against
hosts going offline.
• Downloads can be run in parallel
to maximize available bandwidth.
19. 5. Host selection solutions.
• Renter tracks hosts uptime and pick frequently chanllenge hosts to do
off-chain storage proof. (via micropayment channel).
• Proof of Burn: To combat Sybil attack, clients can require that hosts
that announce themselves in the arbitrary data section also include a
large volume of time locked coins.
• If 10 coins are time locked 14 days into the future, then the host can be said to have created
a lock valued at 140 coin-days. By favoring hosts that have created high-value locks
• Large coin-days means high quality guarantees.
19
20. 6. Siafunds
• By imposing a fee on all contracts to get revenue.
• When a contract is created ,3.9% of the contract fund(A 3.9% of the
renter’s allowance and a 3.9% of the host’s) is removed and
distributed to the holders of siafunds.
• By using Siafunds instead of premining.
20
21. 7.Pros and cons of Sia
Pros Cons
• Storage market place.
• Fully decentralized.
• Require collateral for hosting
• Only accepting siacoin as payment.
• Require entirely blockchain download.
• Currently not support streaming files.
21
22. Roadmap
22
Release
Feature
• Ability to repair files without having locally.
• Initial block sync time reduced.
• Simple File sharing.
• Ability to recover files using only wallet seed.
• Form file contract within 5 min instead of 60 min.
Short term
(Q1 2018)
• Video streaming support.
• Proper support tiny files. (from 40MB to ~ 100kbs).
• Automatic host pricing.
Medium term
23. Reference:
• Sia - Decentralized Cloud Storage - Presented by David Vorick at Mit
Bitcoin Expo 2016
https://www.youtube.com/watch?v=cR8YL05nq4A&t=14s
• Siacoin vs Storj https://www.youtube.com/watch?v=Kyy-mWn9Kv0
• Sia Roadmap https://trello.com/b/Io1dDyuI/sia-public-roadmap
23
Hosts同時得為proof 作補償,若proof遺失host會受到懲罰
用戶不用去驗證,而是會有礦工來做驗證
在未來 會支援two-way peg for Bitcoin channel.
Contract定義了Host該如何儲存檔案內容大小和hash值,並且要定期去提繳storage proof.欲更新Contract透過”contract updates”
, eschewing(避免) the scripting system entirely. This reduces complexity and attack surface.
用戶得自行將檔案下載回來(只有他自己有私鑰能做signature),再透過regnerating algorithm
來回復檔案的備份 Different user may share the same providers’ storage
必須要知道 黃色區域的值 才能建立出merkle tree root hash 使用該hash 包含的錢
用戶和host provider 制定好契約
將原始檔案切割並建立成 merkle root hash
可以用來驗證之後 host所提交的proofs.
The client software of the renter picks up 50 optimal hosts according to their scoring.
用戶可以在Sia的blockchain上找到有提供database的hosts,並與信任的hosts建立起contract.
These codes typically operate by splitting a file into n pieces, such that the file can be recovered from any subset of m unique pieces.
if only 10 out of 100 pieces are needed to recover the file, then the client is actually relying on the 10 most reliable hosts
如果只需要100個鐘的10個 就可以進行恢復,那用戶只要挑選10個最為穩定的hosts 來作為他儲存的對象
(那系統是否要幫用戶挑選最為適合的?)
用戶可以使用再產生檔案的code來復原他們的檔案,因為檔案會被切割成好幾等分,會分散並加密儲存在各個
Hosts中,即使平均上網絡穩定不高,但至少可以保有用戶對他檔案存取的最高穩定度
減少lantency 從最近的10個 減少download speed 從最快的10個hosts。 都可以平行去運作 以提昇總體傳輸效率