Authors: Hongbo Wen (Riema Labs/UCSB), Hanzhi Liu (Riema Labs/UCSB), Shuyang Tang (Riema Labs/SJTU), Shuhan Cao (Riema Labs), Domo (Layer 1 Foundation), Yu Feng (Riema Labs/UCSB)
Special thanks to Binari (Founder of BestinSlot.xyz & opi.network) and Alex Tagga (Co-Founder of OYL) for the detailed design discussions.
TLDR: The Modular Indexer uses stateless computation to enable users to self-verify the correctness of meta-protocols (e.g., BRC-20 and BRC-420) indexer checkpoints, with minimal communication costs.
Introduction
Before the emergence of inscriptions and ordinal protocols [1], Bitcoin was limited in its applications due to the Turing-incompleteness of its script language. Fortunately, with recent advances in techniques, Turing-complete off-chain execution layers are established via Bitcoin indexers. Yet, existing indexers have their data integrity and availability strongly dependent on the honesty of indexers. Specifically, for an off-chain execution layer, the indexer could tamper with the data leading to bogus states for the user. To mitigate the data integrity problem, the user could download and maintain up-to-date data from the Bitcoin blockchain and verify the validity of the output by executing her indexer. However, doing so will include the need for substantial storage capacity and processing power to manage the ever-expanding blockchain.
Due to the integrity and cost of maintenance concerns mentioned above, one native solution is to leverage a decentralized indexer network to conduct the computation. However, since the network is completely permissionless, the consensus mechanism of the existing decentralized indexer network is vulnerable to Sybil attacks, which enable malicious indexer operators to provide users with false states, such as asset ownership and spendable balance.
To solve this issue, we propose a modular indexer architecture that enables a truly decentralized, fully user-verified indexer network. The key challenge here is to design a mechanism that allows users to verify the validity of the states provided by the indexers efficiently and cost-effectively. Our insight is based on the following crucial observation: the expensive integrity checking of execution over whole-state transitions can be reduced to checking the validity of a tiny amount of checkpoints through the design of proper cryptography protocols.
Thus, data integrity and availability are guaranteed even in the case of a majority of malicious committee indexers. Ideally, our modular indexer would safely bridge the gap between the Bitcoin layer-1 and all meta-protocols (e.g., BRC-20 [2] and BRC-420), and contribute to the further prosperity of the Bitcoin ecosystem.
Architecture
In a fully user-verified modular indexer network, Bitcoin remains the most basic trusted consensus and data layer. The indexer obtains the protocol state corresponding to each Bitcoin block by reading data on Bitcoin and performing computations. Users can obtain the protocol state corresponding to the block height and block hash through the following two methods:
- Users run a full Bitcoin node and operate an indexer that saves full states. This is the most reliable method, but running a full Bitcoin node with a full-state indexer requires significant storage resources, which are unaffordable to normal users.
- Using the key, a user queries the value from the indexer in the decentralized network. The indexer returns the result (i.e., QueryResult) to the user. However, this currently common practice cannot prevent scenarios where malicious nodes provide bogus data.
Currently, a decentralized network composed of indexers cannot prevent Sybil attacks because its consensus layer lacks a penalty mechanism and cannot punish these malicious indexers, i.e., it lacks economic security. However, when the indexer network functions solely for the execution of data that has already reached consensus on Bitcoin, based on predefined protocols, the need for an additional consensus layer becomes unnecessary. Instead, it has to provide users with proofs for each execution result, which is inefficient. To address this challenge, we propose the modular indexer architecture. It allows users to efficiently verify whether the states and query results provided by the indexer are trustworthy under the assumption that at least one honest indexer node is present (1-of-N trust assumption).
As shown in the figure, the modular indexer architecture involves the following roles:
- The committee indexer is responsible for reading each block of Bitcoin, calculating protocol states, and summarizing these states as a polynomial commitment namely checkpoint. Whenever the committee indexer obtains a new Bitcoin block, it generates a new checkpoint for the protocol and publishes it to the data availability layer for users to access.
- The data availability layer, notably including Nubit [4], the first bitcoin-native DA layer, is responsible for data publication and ensuring data availability at the checkpoints.
- The indexer is responsible for sending the results and the corresponding proofs to the queries of the users. Based on the checkpoint stored in the DA layer, users can verify the validity of these results using the provided proofs.
- The light indexer is a lightweight client operated by users, which can query the necessary parts of the protocol state from the indexer, verify the corresponding proofs, and when the checkpoints provided by multiple committee indexers are inconsistent, utilize stateless computation [3] with minimal critical states to generate the correct checkpoint, thus identifying the honest committee indexer.
Benchmark
The current solution requires users to download the entire BRC-20 state to self-verify a checkpoint, whereas our solution necessitates only the download of state changes between two checkpoints. This changed state, in comparison to the entire state, remains nearly constant as the block height increases.
To evaluate the effectiveness of our design, we indexed 50,000 blocks starting from block height 780,000 and documented the cost incurred by users at any point in time wishing to verify the correctness of a checkpoint. For the current solution, the cost is monotonically increasing because users must download the entire state to compute the result, leading to higher expenses over time. On the other hand, our adoption of a stateless computation approach means that the cost remains constant over time. In other words, the communication cost for users to independently verify a checkpoint at any time is consistently low.
References
[1] Ordinal theory handbook. https://docs.ordinals.com/, 2023. Last accessed on March 1, 2024.
[2] BRC-20 documentation. Documentation - Layer1 Foundation, 2023. Last accessed on March 1, 2024.
[3] Verkle trees for statelessness. https://verkle.info, 2023. Last accessed on March 1, 2024.
[4] Nubit: Bitcoin-Native Data Availability Layer with Instant Finality. https://www.nubit.org/Nubit_Orange_Paper.pdf, 2023. Last accessed on March 1, 2024.
Further Details
For more insights and details, refer to our full paper: “Modular Indexer: Fully User-Verified Execution Layer for Meta-Protocols on Bitcoin.”
