POCI (Proof Of Computation Integrity)

Blockchain consensus mechanisms are commonly found in the proof of computing power, where the computational power of the miner will be tied to block-keeping rights and rewards. Traditional proofs of computing power first relied on PoW, which is implemented by calculating an intractable mathematical puzzle to consume computing re- sources, and the solution to the puzzle must satisfy certain conditions, then it is considered to have the computing power resources to satisfy the condi- tions. For example, the puzzle in Bitcoin is to hash a random number to obtain a specific hash value H, which must satisfy the difficulty requirement Diff set by the Bitcoin network (H>Diff) [15, 25]. Therefore, solving this difficulty requires a large amount of computation, which consumes a lot of time and computing resources, which is the core idea of computation proof. However, this idea suf- fers from a serious drawback, both in terms of huge energy and computational resource consumption, and in terms of failure to generate practical social value implications (e.g., the permanent storage fea- ture of the Arweave network), generating negative impacts on the environment and the economy that cannot be ignored. In addition, proof of compu- tation is also prone to computation competitions and centralization, because only large mines and pools have enough resources to participate in the network, and small nodes have difficulty compet- ing, which may lead to the concentration of power in the network in the hands of a few people, which is suspected to be contrary to the original decentral- ized idea.

The proof of computation demonstrated in this subsection will use a new proof mechanism to indi- rectly prove computational power through trusted computation ownership, i.e., Proof Of Computa- tion Integrity (POCI). The proof mechanism com- pletely abandons the high-cost, high-consumption computing model and replaces it with the chip com- putation ownership model. In our Utility network chain, high-performance Sophon TPU computa- tional chips are utilized to form a powerful com- puting network that will be used to provide users with decentralized mining and artificial intelligence training services in the future. These include: high performance up to trillion level floating point opera- tions per second; wonderful up to trillion level float- ing point operations; low power consumption; optimized hardware design and flexibility compatible with a variety of development frameworks such as TensorFlow, PyTorch and other software libraries.

Figure 1 below shows a Sophon TPU with Secu- rity Engine (SE). The serial number is etched on the chip form a unique identification for the chip. What is the most importance is the etching of ”secure key”, which is a 128-bit AES(Advanced Encryp- tion Standard) key, on a small storage area, called efuse. It is usually regarded as the ”secret identity” for each TPU chip. The secure key can only be sent to do cryptological calculation (AES encryption and decryption) inside the SPACC(security proto- col accelerator) model of the chip(shaded area of figure 1) without exposure, hence it proves the con- fidentiality and uniqueness. On the other hand, at the PKA(public key accelerator) model, it allows signature by private key and verification by public key. ECC(Ellipse Curve Cryptography) algorithm is adopted in PKA model. By taking a general base point P and a big random seeds as private key PriK, with the ECC encryption equation, one is able to get the public key PubK [7, 8]:

PubK = P × PriK (3)

With these tools and keys, the following is basically the principle of how every chip owner can prove its ownership of computation with this secure key etched, SPACC model, along with PKA model:

User will first etch the secure key S on the TPU chip one time, and active the SPACC model. Chip provider usually provides the private key PriK and public key PubK to user for every unique chip, with its encryption and decryption algorithm. At SPACC model, user can get the encrypted private key PriKEnc by AES encryption:

PriKEnc = AE(S,PriK) (4)

User then upload the {PriKEnc, PubK} key pairs to the blockchain to claim its ownership of the chip, spreading to all nodes for verification. Noted that the information is cryptographically protected and recorded on the blockchain, ensuring tamper- proof security. Origin PriK can be dropped per- manently for safety or stored by user locally in a secret place. Thanks to the SPACC model in the chip, malicious node is unable to steal PriK from PriKEnc without the correct chip, since:

PriK = AD(S,PriKEnc) (5)

where AD is the AES decryption function, so a wrong or void chip fails to give the correct S, thus wrong PriK, making PriK absolute confiden- tial and signature absolute authorized to the chip. Therefore, the user or node that obtains or pos- sesses the chip can claim ownership of the chip’s computational power by POCI, without having to perform high-powered mathematical calculations to prove the computational power. The next part will show how POCI is performed by a simple al- gorithm.

Figure 1: simple illustration based on TPU Security Engine

Suppose the node θ obtains a TPU with the se- rial number α, then he will obtain an encrypted instruction set σ(decoder and decoding algorithm provided by the chip vendor) from which the signa- ture function Signα(x) can be obtained and user can sign a message m [7, 8]:

Signα = ECCE(AD(S,PriKEnc)) (6)

Eα(m) = Signα(m) (7)

ECCE is the ECC encryption signature based on original PriK recovered by SPACC model and E(m) is the signed encrypted message by Signα . Other verifying nodes verify it by the verification function Dα, obtained from the ECC decryption ECCD based on public key, if it satisfies:

Dα = ECCD(PubK) (8)

m = Dα(Eα(m)) (9)

Then POCI succeeds and proves that θ legitimately owns α, then it acquires the computational power of α, which is marked as ϕ and can claim to possess the computational power of size ϕ .