Proof of Living Storage

💜 Support the DIG Network

Help build the future of decentralized storage! The DIG Network is an open-source project that needs community support to continue development.

💜 Support the Project → - Donate crypto, buy NFTs, or sponsor development

Overview

The DIG Network implements a four-proof cryptographic system that verifies genuine data storage without requiring trust. This system combines digital signatures, merkle proofs, proof-of-work, and blockchain anchoring to create unforgeable storage commitments.

Architecture

Four-Proof Verification

┌─────────────────────────────────────────────────┐
│            Proof of Living Storage              │
├─────────────────────────────────────────────────┤
│                                                 │
│  1. Plot Ownership → Digital signature          │
│     "I own plot X with merkle root R"           │
│                                                 │
│  2. Data Inclusion → Merkle proof               │
│     "Capsule C exists in tree with root R"      │
│                                                 │
│  3. Computational Work → Proof-of-work          │
│     "I did work for capsule C in plot X"        │
│                                                 │
│  4. Physical Access → Challenge-response        │
│     "I have current access to capsule C"        │
└─────────────────────────────────────────────────┘

Security Properties

• Soundness: Cannot create valid proofs without genuine storage
• Non-interactive: Zero communication between prover and verifier
• Efficiency: ~58ms total verification time
• Privacy: Reveals minimal information about stored data

Proof Specifications

1. Plot Ownership Proof

Technology: Chia DataLayer signatures
Purpose: Prove plot ownership and validity
Verification: ~0.5ms

interface PlotOwnershipProof {
  publicKey: bytes32;      // Plot owner's key
  merkleRoot: bytes32;     // Plot's merkle root
  difficulty: uint32;      // Claimed difficulty
  blockHeight: uint32;     // Chia anchor block
  blockHash: bytes32;      // Chia anchor hash
  signature: bytes64;      // Digital signature
}

2. Data Inclusion Proof

Technology: Standard merkle proofs
Purpose: Prove capsule exists in plot
Verification: ~0.5ms

interface DataInclusionProof {
  merklePath: bytes32[];   // Sibling hashes
  pathDirections: bits;    // Left/right flags
  leafIndex: uint32;       // Position in tree
}

3. Computational Work Proof

Technology: SHA-256 proof-of-work
Purpose: Prove work done for specific capsule
Verification: ~1ms

interface ComputationalWorkProof {
  nonce: bytes;            // Found nonce
  tableDataHash: bytes32;  // Table data commitment
  difficulty: uint32;      // Achieved difficulty
  // Work bound to: SHA256(tableData || nonce || plotId || capsuleHash)
}

4. Physical Access Proof

Technology: Blockchain-anchored chunk selection
Purpose: Prove current data access
Verification: ~56ms

interface PhysicalAccessProof {
  blockHeight: uint32;     // Current block
  blockHash: bytes32;      // Current hash
  chunkIndices: uint32[3]; // Selected chunks
  chunkData: bytes[3];     // 4KB chunks
  chunkProofs: MerkleProof[3]; // Authenticity
      capsuleRootHash: bytes32; // Capsule merkle root
}

Proof Package Structure

Complete Package

interface ProofPackage {
  // Identifiers
  plotId: bytes32;
      capsuleHash: bytes32;
  
  // Four proofs
  plotOwnership: PlotOwnershipProof;
  dataInclusion: DataInclusionProof;
  computationalWork: ComputationalWorkProof;
  physicalAccess: PhysicalAccessProof;
}

Binary Compression

Proof packages are compressed before on-chain storage:

Original: ~25KB → Compressed: ~280 bytes (98.9% reduction)

Compression Pipeline:
1. Field optimization (plotId → pid)
2. MessagePack serialization
3. Hash deduplication
4. Delta compression for chunks
5. Brotli compression (level 11)

Generation Flow

def generate_proof_package(plot, capsule):
    # 1. Plot ownership (~5ms)
    ownership = sign(plotId + publicKey + merkleRoot + difficulty)
    
    # 2. Data inclusion (~1ms)
    inclusion = extract_merkle_path(capsule, plot.merkle_tree)
    
    # 3. Computational work (~10s average)
    work = find_nonce(tableData, plotId, capsuleHash, difficulty)
    
    # 4. Physical access (~60ms)
    access = generate_chunk_proofs(capsule, current_block_hash)
    
    return ProofPackage(ownership, inclusion, work, access)

Verification Flow

def verify_proof_package(package):
    # 1. Verify ownership (~0.5ms)
    if not verify_signature(package.plotOwnership):
        return INVALID_OWNERSHIP
        
    # 2. Verify inclusion (~0.5ms)
    root = compute_merkle_root(package.dataInclusion)
    if root != package.plotOwnership.merkleRoot:
        return INVALID_INCLUSION
        
    # 3. Verify work (~1ms)
    work_hash = sha256(tableData + nonce + plotId + capsuleHash)
    if count_leading_zeros(work_hash) < difficulty:
        return INVALID_WORK
        
    # 4. Verify access (~56ms)
    expected_chunks = select_chunks(package.blockHash)
    if not verify_chunks(expected_chunks, package.chunkData):
        return INVALID_ACCESS
        
    return VALID

Attack Prevention

Prevented Attacks

Attack Type	Prevention Mechanism
Storage credit theft	Work proof bound to plot+capsule
Precomputation	Blockchain-anchored freshness
Outsourcing	Physical access verification
Sybil attacks	Computational work requirement
Replay attacks	Current block validation
Cherry-picking	Fixed window chunk selection

Cryptographic Binding

Work Hash = SHA256(tableData || nonce || plotId || capsuleHash)
             ↓           ↓         ↓          ↓
         Table-specific  Found  Plot-bound  Capsule-specific

This dual binding ensures work cannot be:

• Reused across different plots
• Stolen for different capsules
• Precomputed before plot creation

Performance Metrics

Generation Times

• Total: ~10 seconds (dominated by PoW)
• Without PoW: ~66ms

Verification Times

• Total: ~58ms per package
• Parallelizable: Yes
• Network calls: None

Package Sizes

• Uncompressed: ~25KB
• Compressed: ~280 bytes
• Compression ratio: 98.9%

Integration

PlotCoin Registry

interface PlotCoin {
  plotCoinId: bytes32;
  capsuleId: bytes32;
  proofPackage: ProofPackage;  // Compressed
  epoch: uint32;
  verified: boolean;
}

Validator Workflow

1. Query PlotCoins by capsuleId
2. Extract and decompress proof packages
3. Verify all four proofs
4. Award rewards to valid provers
5. Flag invalid proofs

Security Analysis

Proof Soundness

Plot Ownership: Signature forgery requires breaking BLS cryptography
Data Inclusion: Merkle proof forgery requires hash collision
Computational Work: Work forgery requires breaking SHA-256
Physical Access: Access forgery requires predicting future blocks

Combined security: ~2^256 operations to forge complete package

Privacy Properties

Preserved:

• Internal plot structure
• Full capsule content (only 3 chunks revealed)
• Work nonce values
• Storage organization

Revealed:

• Plot ownership
• Capsule existence
• Work difficulty met
• Current data access

Future Enhancements

• Batch verification: Verify multiple packages simultaneously
• GPU acceleration: Hardware-accelerated proof generation
• Compression improvements: Further reduce package sizes
• Cross-chain support: Proofs for other blockchains

Summary

The DIG Network's Proof of Living Storage provides cryptographic certainty about data storage through four complementary proofs. With ~58ms verification time and ~280 byte compressed size, the system enables efficient, trustless verification of storage commitments at scale.

Related Documentation

• Plot Ownership - Digital signature details
• Data Inclusion - Merkle proof specification
• Computational Work - Proof-of-work binding
• Physical Access - Challenge-response system