This file has been truncated. show original
### SHA-Gate-V2 Specification
SHA-Gate-V2 is new bridge design through which users can transfer their BCH between the Bitcoin Cash main chain and the smartBCH side chain. It also helps synchronizing the "to-be-burnt" BCH held in the side chain's blackhole address to the burning address on the main chain.
#### Some off-chain entities
SHA-Gate needs the interoperation of the BCH main chain, the smartBCH side chain, and some off-line entities: the operators, the monitors and collectors. The off-line entities have different duties:
**The operators**. They can move cc-UTXOs (cross-chain UTXOs) on the main chain, sending them to the users who want to tranfer their BCH from smartBCH, or to the new operator set, or to the burning address. An operator's key is generated inside an enclave, bonded to the binary code of the enclave, and can only be used by this enclave: it can not be used by an enclave with a different binary or on a different CPU. We assume an operator is well-intentioned because it always does exactly what is specified in the source code. The bad things that can happen to an operator are: A) bugs (its own bugs or smartbchd's bugs); B) it is fooled by the smartbchd nodes it's connecting to; C) it is unavailable (power-off or disconnected from the internet). Because of the bad things B and C, we need multiple operators for robustness. To minimize the possibility that operators have bugs, their source code must be very simple: they just get signing tasks from smartbchd nodes and sign them blindly. We hope their source code can keep unchanged for a long time (even forever).
The operators don't need to connect to BCH full nodes. They just connect to the smartbchd nodes which run in enclaves. A smart contract will publish the hashes of trustworthy binaries for enclaves and the IP addresses where trustworthy enclaves run on. Any engineer can independly verify the binaries' hashes and check the enclaves' attestation report, if he/she has the knowledge. This smart contract is maintained by a group of trustworhty engineering experts, who endorse the binaries' hashes and check the enclaves' attestation using their knowledge. The operators will connect to these enclaves, attest to them to ensure correct binay hashes, and check their block hashes to ensure they are on the same chain. When the enclave set that an operator connects is going to change, the operator will publish the new set's attestation and checking result for a publicity period. During the publicity period, a monitor can stop the operators from using the new set.
**The monitors**. They monitor the SHA-gate's operation. A monitor's private key is not generated inside the enclave, nor bonded to its source code. Instead, it is generated from some secret shares which are kept by some trustworthy persons. The monitors' tasks include: 1) When they find possible bugs in smartbchd, they can stop the operators and stop the SHA-Gate logic in smartbchd; and when they find out the operators will connect to an invalid smartbchd enclave, they can stop them. 2) when the majority of the operators are unavailable, monitors can use their private keys to move the cc-UTXOs to a new operator set. 3) Monitors can send transactions to synchronize the smartbchd nodes in processing the new BCH blocks which contain cross-chain tranfer transactions.
**The collectors**. They collect signatures from the operators, assemble them into transactions, and broadcast the transactions on the BCH main chain. Volunteers run the collectors.
Collectors are permissionless and anyone can run. Operators and Monitors must be elected on the smartBCH side chain. Only a part of them are re-elected at a time. It is planned that there are ten operators and three of them are re-elected in each round, while there are three monitors and one of them are re-elected in each round. BCH holders must lock their coins to vote for them. Voting for a monitor needs to lock coins longer than voting for a operator. And each monitor or operator must vote for itself with enough coins, i.e., it must lock their own coins on the side chain, which means if SHA-Gate malfunctions, it will also suffer. The logic of SHA-Gate will be automatically enabled when the monitors and operators are all elected and get ready.