# HTML+ and the Verified Internet Early draft / Tom Walton-Pocock / Ben Levy 2023-09-12 ## Materials - [HTML Standard Reference](https://html.spec.whatwg.org/) ## Goal of this Document We seek to advance a full integration of the verified internet ("Web3") into the standard internet protocols. Over a decade into the story of the 'verified internet', there remains an unnatural division between so-called Web2 and Web3 applications. Most Web3 applications are mostly formed of Web2 software, interfacing with a narrow protocol via messaging. The protocol typically handles the logical transmission of value across the consensus protocol, via small programmes known as smart contracts. What this in fact means is that in-page data which purports to be verified is in fact trustful (there is no mechanism via which the user can validate the correctness of the core data they are seeing). It also means that, without fiddling with SDKs and making a dizzying array of technical decisions that have real financial ramifications for users, there is no way for a Web2 engineer to introduce value-transmission or verified data into their webpages. This brings us to the motivating feature of this document: to effect a **deep integration of Web3 architectures into the fabric of Web2's HTML protocol**, and to enable the browser to take on a bolder role with the user of this new internet: to read, write, and even (in the age of the LLM) interpret and curate what the user sees. Useful, durable protocols should act vaguely imperialistic, gradually subsuming richer functionality into their common interface. This is a living document to commence the layering-in of these thin, verified, stateful protocols into the Web's communications protocols, for the first time layering the ephemeral machine and a common memory of digital record into the core substrate of the web. Concretely, we add to HTML a small cluster of elements which, in the tradition of webpages, should be invisible to classical browsers but visible to "Web3 ready" browsers. **These elements convey abstract directions, or intentions**, that browsers take on the (often fiduciary) responsibility of executing faithfully and competently, freeing developers to focus on the problems that matter to them. We call this protocol HTML+. ## State of HTML HTML will of course need to evolve to realize this vision, much as it has already evolved to support each consecutive evolution in Internet content. HTML4 introduced tables, styles and scripts as the Internet moved to a more aesthetic bent, and HTML5 introduced audio, video, and canvas as richer forms of content gained importance (importantly, enabled by better infrastructure). Payments were originally [intended to be enshrined](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/402) in HTTP itself, but at this point we believe that HTML is a better, more pragmatic option for integrating stateful features into the Internet. ## Extension to Web3 Networks We extend this to web3 functionality. The overriding design goal here is to abstract over all the abstruse web3 infrastructure details: no worrying about which DEX to use, how much gas to pay, etc. The browser enables this by assuming a far more weighty role, a shift we already anticipate as the rise of LLMs herald the personalized Internet (elaborated on at the end of this document). Another design goal is to retain a great degree of minimalism and abstraction within the protocol, allowing new technological developments to be adopted swiftly without protocol changes, thus avoiding the protocol failure mode [identified](https://signal.org/blog/the-ecosystem-is-moving/) by Moxie Marlinspike of Signal. ## Principles Partially inherited from: https://www.w3.org/TR/html-design-principles/ 1. **Compatibility:** the semantics are a strict superset of HTML, and therefore will not interrupt the rendering nor behaviour of any webpage displayed in an incompatible browser 2. **Agnostic:** it should be possible to fully specify any piece of state on any chain: however the base protocol should remain consensus-agnostic, and be network-independent in its specification 3. **Utilitarian:** Make minimal protocol upgrades to strictly advance utility and radically improve ease-of-access for consensus-based internet state 4. **Interpretative:** The veracity of read and write access to consensus-based internet state will be assumed to be the responsibility of the browser. This means the protocol limits application liability by design, and pushes interpretation and intention onto the browser. The application, standing further away from the user, has only the responsibility to describe reads and "intentions", sufficient for the browser to interpret. 5. **Universal Access:** Features should be designed for universal access - to work across as many platforms as possible, support all world languages and scripts, and to be accessible to all users, including those with disabilities ## Syntax ### HTML+ Blocks An HTML+ block may contain transaction and/or state references with the appropriate metadata to allow the browser's embedded light client to verify them, or via storage proofs delegated to a coproccessing service. Since users trust the browser to verify this for them, transport-layer security (TLS) is already sufficient rather than requiring signed HTML+ blocks (which present [additional challenges](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures)). All HTML elements (with the exception of `<w></w>`, introduced below) are [void elements](https://html.spec.whatwg.org/#void-elements) since we take the slightly ugly design decision of storing all content within attributes in order to prevent browsers that don't support HTML+ from rendering the content as plaintext. This way, incompatible browsers simply ignore the HTML+ blocks. Here is a shortlist of initial HTML+ elements (with default attributes populated and required attributes capitalized): ``` <WRITE CALLDATA="" TO="" text=""/> <READ ACCOUNT="" CALLDATA="" block_num="latest"/> <SWAP from="" to=""/> <SEND from="" to="" asset="USDC" amount=""/> <STREAM from="" to="" duration="" asset="USDC" amount=""/> <PRICE ASSET="" quote="USD" venue=""/> ``` Some notes: - SWAP supports both fiat and crypto pairs. - The VENUE attribute of PRICE should normally not be included, allowing browsers to evaluate & incorporate robust price oracles that incorporate both on-chain and off-chain data, but exists if developers want to specify a particular source of truth for pricing - A browser may offer a premium subscription to provide a storage proof with each READ+ One should wrap these elements with `<w></w>` tags (though this is optional), forming a single HTML+ element. ``` <w CHAIN_ID="1" BLOCK="latest"> [body] </w> ``` The `<w>` tag *may* include attributes like network/chain ID; however, we encourage developers to **avoid that, leaving gnarly details like the network unspecified altogether, allowing browsers to abstract over such technical details.** Here is a sample standard HTML body: ``` <HTML> <HEAD> <meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>Lord Byron</TITLE> </HEAD> <BODY> <H1>The Destruction of Sennacherib</H1> The Assyrian came down like the wolf on the fold, <A HREF="https://www.poetryfoundation.org/poems/43827/the-destruction-of-sennacherib"> read more</A>. </BODY> </HTML> ``` We might add an HTML+ element to this: ``` <HTML> <HEAD> <meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>Lord Byron</TITLE> </HEAD> <BODY> <H1>The Destruction of Sennacherib</H1> The Assyrian came down like the wolf on the fold, <A HREF="https://www.poetryfoundation.org/poems/43827/the-destruction-of-sennacherib"> read more</A>. <w> <SEND TO="my_wallet.eth" TEXT="Send tips here!"> </w> </BODY> </HTML> ``` ## Scripting We think that the majority of the value in HTML in the medium-term will stem from very simple elements for actions like sending, swapping, and viewing prices. These are the core web3 primitives that likely solve the most actual real-world problems. An open question that we'd love to see a conversation on is whether, in the longer-term, a client-side verifiable scripting language would add useful functionality. The natural options for this include Solidity and WASM, neither of which we are quite yet able to performantly prove within a browser. ## Product Limitations + Browsers will need to force users to keep their hot wallet balance fairly low + Allowing a plugin ecosystem will present severe security challenges ## Schema The days of internet protocols specifying rendering norms are behind us (the blue and purple links), but there may be value in browsers reserving regions of the palate for plaintext verified data / calls-to-action: + "for swaps, we recommend a green square box with x border radius" Verified browsers, taking on a fiduciary role safeguarding user state and identity, will also have to run smart software to spot spoofing attempts designed to mislead the user and supply malicious transactions. ## Future Advances Global computation is embarking on a gradual transfer from classical to intuitive computation. Whilst the consequences of this will be felt over decades and not months, it is likely that LLMs will widen the interpretable spectrum of potential outputs for HTML pages, and increasingly HTML and other standards in the interface will use the HTML inputs for their data and otherwise for 'guidance only'. Seth Rosenberg [described](https://greylock.com/greymatter/seth-rosenberg-product-led-ai/) the natural progression from the AI-assisted TikTok feed to a feed populated by AI-generated videos as the latest stage in a well-established trend wherein developers can give increasingly abstract directions while intelligent agents handle the implementation details; similarly, developers will likely describe their websites' functions more directly while the browser constructs personalized interfaces for users. This has two ramifications: 1) The browser will take on an increasingly weighty role in making sense of the Internet for the user, and in HTML+ indeed even a fiduciary role. 2) HTML+ should attempt to allow developers to describe abstract functions, or intentions, and let the browsers sort out the details.
Last changed by  
Walpo
Cofounder @ Geometry // Previously CEO and Cofounder @ Aztec Network
465

Read more

Kate Commitments: A Primer

Polynomial commitments underpin a lot of ZK Proof systems these days - but to the newcomer the question arises 'what have polynomials got to do with this?'. Because our mental image of polynomials is long wavy lines that cross the x axis a few times and then trot off to ± infinity Why do we need PCSs? Polynomial Commitment Schemes are a sort of "mathematical scaffolding" that allow cryptographers to load a large amount of information (the 'execution trace of a circuit') into a single elliptic curve point -- a single 'number'. SNARKs (the 'S' standing for 'succinct') need to prove to a verifier that large computations have taken place without the verifier having to re run the whole computation (which would defeat the point). Usually, in the world of Web3, the verifier is a blockchain. The succinctness of these proofs (i.e. keeping the amount of data that needs to be sent to the verifier as small as possible) is very important on blockchains, because typically storing on-chain data is very expensive. Please be concrete -- what's the 'trace of a circuit'?

11/29/2022
Aztec Yellow Paper

Revised 12-03-2021 Ariel Gabizon | Zac Williamson | Tom Walton-Pocock This document provides details on the protocol specification for Aztec 2.0, deployed to Ethereum mainnet, verifier address 0x737901bea3eeb88459df9ef1BE8fF3Ae1B42A2ba, on 15 March 2021. The protocol is principally designed by Zac Williamson, and built on work by Zac and Ariel Gabizon, the creators of Aztec 2.0's cryptosystems PLONK and Plookup. Background Aztec 2.0 is a multi-asset private rollup service on Ethereum.

6/12/2021
SHPLONK

Thanks to Zac Williamson, Ariel Gabizon, Georgios Konstantopoulos, Ben Edgington and Tom Waite for various comments and suggestions. 1. Background Those of you who have read the PLONK paper will be aware that it involves a batched polynomial commitment scheme that extends the "Kate" KZG10 scheme. I'm writing this article for those of you who want to get to grips with SHPLONK without sifting through long research papers. Authors The SHPLONK scheme was created by the following researchers:

11/11/2020
Read more from Walpo
Published on HackMD