Popular Ethereum wallets (like MetaMask) entrust centralized infrastructure providers (e.g., Infura) to run the consensus client logic on their behalf. As a result, these wallets are light-weight and high-performant, but come with security risks. A malicious provider can mislead the wallet by faking payments and balances, or censoring transactions. On the other hand, light clients, which are not in popular use today, allow decentralization, but are concretely inefficient, often with asymptotically linear bootstrapping complexity. This poses a dilemma between decentralization and performance. We design, implement, and evaluate a new proof-of-stake (PoS) superlight client with concretely efficient and asymptotically logarithmic bootstrapping complexity. Our proofs of proof-of-stake (PoPoS) take the form of a Merkle tree of PoS epochs. The verifier enrolls the provers in a bisection game, in which honest provers are destined to win once an adversarial Merkle tree is challenged at sufficient depth. We provide an implementation for mainnet Ethereum: compared to the state-of-the-art light client construction of Ethereum, our client improves time-to-completion by 9x, communication by 180x, and energy usage by 30x (when bootstrapping after 10 years of consensus execution). As an important additional application, our construction can be used to realize trustless cross-chain bridges, in which the superlight client runs within a smart contract and takes the role of an on-chain verifier. We prove our construction is secure and show how to employ it for other PoS systems such as Cardano (with fully adaptive adversary), Algorand, and Snow White.

翻译：流行的以太坊钱包（如MetaMask）通常委托集中式基础设施提供商（例如Infura）代表其运行共识客户端逻辑。虽然这些钱包实现了轻量化和高性能，但也带来了安全风险——恶意提供商可通过伪造交易和余额或审查交易来误导钱包。另一方面，当前未广泛使用的轻客户端虽能实现去中心化，但其具体效率低下，且引导复杂度常呈渐近线性增长。这造成了去中心化与性能之间的两难困境。我们设计、实现并评估了一种新型权益证明（PoS）超轻客户端，其具有具体高效且渐近对数级别的引导复杂度。我们的权益证明验证（PoPoS）方法采用PoS时期梅克尔树的形式。验证者将证明者纳入二分博弈，在此过程中，一旦对抗性梅克尔树在足够深度受到挑战，诚实验证者必将获胜。我们在以太坊主网上进行了实现：相较于当前最先进的以太坊轻客户端构建方案，我们的客户端（在共识执行10年后进行引导时）完成时间提升9倍，通信量降低180倍，能耗减少30倍。作为重要附加应用，我们的构建可用于实现去信任跨链桥，其中超轻客户端在智能合约内运行并担任链上验证者角色。我们证明了该构建的安全性，并展示了如何将其应用于Cardano（具有完全自适应对手）、Algorand和Snow White等其他PoS系统。