Ethereum Sharding Research Compendium === This is an ongoing curated list, entries will be added or removed to reflect the articles that have the most relevance to the current state of research. ## Stateless clients and witnesses * **The stateless client concept**: * **Efficient Merkle proofs and generalized SSZ light client proofs**: * **Efficiency gains from batching and multi-state roots**: and * **State-minimized executions**: * **A cryptoeconomic accumulator for state-minimized contracts**: * **Using polynomial commitments to replace state roots**: ## Cross-shard communication * **Merge blocks anc synchronous cross-shard state execution**: * **Cross-shard locking**: and and * **Cross-shard yanking**: * **A simple synchronous cross-shard transaction protocol**: * **Cross-shard receipt and hibernation/waking anti-double-spending**: * **Fast cross shard on top of slow cross shard via optimistic conditional state objects**: and ## Basic information and specs * **Sharding FAQ**: * **Beacon chain Casper FFG mini-spec**: * **Beacon chain full spec**: * **Sharding mindmap**: * **Eth2 roadmap**: * **Design rationale**: ## Proof of stake theory * **Proof of stake FAQ**: * **Casper FFG paper**: * **Attestation committee-based full PoS chains**: ### Casper FFG/GHOST/beacon chain simulations * **Main folder**: * Node: `` * Test script: `` ### Casper CBC * **A CBC Casper tutorial**: * **Casper CBC, Simplified!**: * **Beacon chain-friendly CBC Casper**: * **Bitwise LMD GHOST**: * **LMD GHOST implementations**: ## External links * **Info on general-purpose ZKP schemes**: ## Miscellaneous ### Light clients * **Beacon chain light client syncing**: * **Casper FFG light client syncing**: ### Storage maintenace fees / Rent * **A simple and principled way to compute rent fees**: * **Improving UX via a sleep/wake mechanism**: * **Actor/asset model**: * **Common classes of contracts and how they would handle ongoing storage maintenance fees**: ### Proofs of custody * **Availability traps**: * **Hash-based proofs of custody**: and * **1-bit aggregation-friendly custody bonds**: * **Current scheme**: ### Data availability proofs * **Fraud proofs and data availability proofs via erasure coding**: * The **polynomial commitment** section in (a polynomial commitment can be used to commit to N pieces of data and then opened at 2N or more positions; any N openings can reconstruct the same original data) * **FRI as erasure code fraud proof**: * **Coded Merkle trees**: ### Randomness * **30% sharding attack**: * **An (impractical) idea for unmanipulable entropy**: * **RNG exploitability analysis (RANDAO)**: * **RANDAO exploitability analysis, round 2**: * **Low-influence functions (Iddo Bentov)**: * **Swap-or-not shuffle**: ### Timestamps * **Incentive worries around timestamps**: * **Network-adjusted timestamps**: ### Data structures * **Optimizing sparse Merkle trees**: * **Implementation of sparse Merkle trees**: * **Double-batched Merkle log accumulator**: ### Misc misc * **Cheats, weaknesses and attacks**: * **Data forgetfulness**: * **Security in the bribing model**: * **Better Merkle trees**: * **BLS and STARK aggregate signatures**: * **Rate-limiting entry/exits instead of withdrawals**: