search

4.2 Cryptographic Sortition

This section details how the DAN network elects specific arbitrators fairly, randomly, and unpredictably from thousands of nodes. We introduce VRF (Verifiable Random Function) and Weighted Stake Sampling algorithms to ensure that the election process is both attack-resistant and representative.

hashtag
4.2 Cryptographic Sortition

To prevent attackers from predicting the identity of arbitrators and launching bribery or DDoS attacks, the selection of arbitrators must be unpredictable and verifiable. OmniPact employs a cryptographic lottery mechanism, similar to Algorand's random election logic, but with weighted optimizations for the arbitration scenario.

hashtag
4.2.1 Juror Selection using VRF

Traditional on-chain random numbers (such as block.difficultyblock.timestamp)It is highly susceptible to manipulation by miners/validators. OmniPact integrates Chainlink VRF (Verifiable Random Function) as its sole source of entropy.

Randomness Generation Workflow:

1.Seed Generation:

When the dispute state $S_{disp}$ is triggered, the DAN contract sends a request to the VRF oracle, along with the current blockHash and disputeID as seed inputs.

2.Off-Chain Computation:

A VRF node uses its private key to generate a random number $R$ and a proof $\pi$.

R=VRF_Prove(Sk,Seed)R = \text{VRF\_Prove}(Sk, Seed)

3.On-Chain Verification:

The VRF node sends a callback of $(R, \pi)$ to the DAN contract. The contract uses the public key to verify the validity of $\pi$.

Verify(Pk,R,π,Seed)==true\text{Verify}(Pk, R, \pi, Seed) == \text{true}

4.Entropy Application:

The validated random number $R$ is used as input to the lottery algorithm.

hashtag
4.2.2 Weighted Probability Algorithms

Unlike the equal probability selection in lotteries, the election weight of arbitrators Its value is jointly determined by its stake and reputation. We designed a non-linear weighting function to balance "capital discourse power" and "expert discourse power" while resisting Sybil attacks.

1. Weight Function

For any candidate arbitrator ,The weight of its selection Defined as:

Wi=(Si)αStake Component×(1+RiRmax)Reputation MultiplierW_i = \underbrace{(S_i)^{\alpha}}_{\text{Stake Component}} \times \underbrace{(1 + \frac{R_i}{R_{max}})}_{\text{Reputation Multiplier}}

  • : The amount of $PACT tokens currently staked by the node.

  • : The equity smoothing factor is usually taken as

    • Design intent: By employing sub-linear growth (such as square root), whales cannot monopolize arbitration power simply by accumulating funds, thus protecting the network's degree of decentralization.

  • : The node's Omni-Score reputation score.

  • : Credit score cap (e.g., 1000).

    • Design intent: High-reputation nodes have a higher probability of being selected (up to 2 times the weight), which incentivizes nodes to maintain a good judgment record in the long term.

2. Selection Algorithm: Sum Tree Sampling

In order to We perform weighted extraction from a massive number of nodes within a time complexity, and we maintain a Fenwick Tree (or Sum Tree) data structure in the contract.

  • Tree structure: Leaf nodes store the weight of each arbitrator.,The parent node stores the sum of the weights of its child nodes. The root node stores the total weight of the entire network.

  • Selection logic:

    1. Random numbers generated using VRF ,Calculate the target value

    2. Iterate from the root node to find the node that satisfies the condition Index of

    3. node That is, the selected arbitrator.

3. Sybil Resistance Analysis

Attackers might attempt to split large sums of money into multiple smaller accounts (Sybil Nodes) to increase their overall probability of being selected.

However, due to the introduction of a non-linear factor $\alpha$ in our weighting formula (where $(A+B)^\alpha < A^\alpha + B^\alpha$ when $\alpha < 1$), splitting accounts mathematically increases the overall weight.

To curb this splitting, we introduce a Minimum Stake Threshold and a Gas cost barrier. More importantly, the reputation score $R_i$ is difficult to split—a new account's $R_i$ is an initial value, far lower than that of older accounts with a long history. Therefore, splitting funds results in the loss of the "reputation multiplier" advantage, making splitting attacks economically unprofitable.

This section demonstrates, through mathematical formulas and a data structure (Sum Tree), how OmniPact achieves both rational power allocation and system security through algorithmic design while ensuring randomness.

Previous4.1 Game Theoretic ConsensusNext4.3 The Commit-Reveal Scheme

Last updated