# Eco VDF ## Routines ### `isProbablePrime(n,k)` * $n,k$-- 256-bit unsigned. * if $n\in\{2,3,5\}$ return true; * if $n==1$ or even return false; * compute $s$ such that $n-1=d2^s$ with odd $d$; * for $i<k$: * $h\leftarrow SHA3(previousBlockHash,i)$; * $a \leftarrow h\bmod{(n-4)}+2$ * $x \leftarrow a^d\bmod{n}$ * If $x\notin\{1,-1\}$ * If for $1\leq j < s$ it holds $x^{2^j}\neq -1 \bmod{n}$ * Return FALSE * Return TRUE ### `start(x,t,y)` * $x,t$ are 256-bit and $y$ is a big integer * pad $y$ with leading 0s to the multiple of 256 bits * $N$ is the RSA-2048 bit challenge * compute $x^2$ as big integer * require that $y<N$ and $y$ (padded) is at least 512 bits long * require that $x>1$ * check that `isProbablePrime`$(x,10)$ returns TRUE * Store $x,t,y,z=x^2,w=y$ and `progress==0` for Sender ### `update(d,u)` * $u$ is big integer * Check that $x\neq 0,u^2\bmod{n}>1,u>1$ * Compute $r\leftarrow SHA3(x,y,u,d)$ * Update $z \leftarrow z^ru^2\bmod{n}$ * Update $w\leftarrow (u^2)^rw\bmod{n}$ * If $d== t-1$ * Check if $z^4==w$ * Store $S[SHA3(t,x)]\leftarrow SHA3(\underbrace{y}_{2048-bit})$ and delete the state * Otherwise FAIL ### `isVerified(x,t,y)` * Check if $S[SHA3(t,x)]\leftarrow SHA3(\underbrace{y}_{2048-bit})$ ## Usage ### Inflation usecase 1. Contract is initialized with difficulty $t$. 2. (`commitEntropyVDFSeed`) Alice selects a prime $x$ as the nearest prime to the last blockhash, calling `isProbablePrime` for verification. Contract stores $x$. 3. (`submitEntropyVDF`) Bob supplies $y$ such that `isVerified`$(x,t,y)$ returns true. Contract stores $s=SHA3(y)$. 4. Payout winners are determined based on $s$.