Re-use existing protocol-specific messages for decentralized checkpointing

[jsoares]

Longest-chain protocols have probabilistic finality and may suffer from long-range attacks. Participants could run a checkpointing protocol on top of the consensus to thwart long-range attacks and guarantee to make history irreversible.

In addition, there are systems where miners have on-chain submission requirements as part of the protocol. In Filecoin specifically, all miners must submit on-chain daily proofs of storage as part of their maintenance. Can we re-use those on-chain submissions for decentralized checkpointing?

A direction is to have on-chain proof messages to also reference blocks in the past. The block they reference should not be too far in the past, otherwise an adversary could simply reuse these messages in an adversarial chain. The challenge is then that we have to allow honest users to reference different chains (in the case of natural forks) and thus honest users should be allowed to equivocate.

Related reading: Securing Proof-of-Work Ledgers via Checkpointing, Winkle: Foiling Long-Range Attacks in Proof-of-Stake System, The Checkpointed Longest Chain: User-dependent Adaptivity and Finality, Gasper

Why is it important in Filecoin?

It is important since we can re-use an existing protocol message also for checkpointing.