News.EOS.WiKi Bilingual News & Info Of EOS

EOSIO2:性能提高、安全增强、开发者工具增加/Introducing EOSIO 2: Enhancing Performance, Improving Security, and New Developer Tools

E

译文/Translated:

构建EOSIO 2的时候,我们为开发人员考虑很多。我们的目标:在EOSIO上搭建(应用)更快速、更简单、更安全。

我们相信,区块链开发最大的瓶颈在于它们执行智能合约的速度。

EOSIO是第一个利用WebAssembly(WASM)引擎改进性能的区块链软件,但是,随着时间的推移,现有的通用WASM引擎已经不能满足我们的需求,我们能做的其实更多。

我们的解决方法:建立我们自己的引擎——以区块链为核心,从头建立我们自己的引擎。这个专门为区块链构建的WASM引擎就是EOS VM,相比和EOSIO1.0同时发布的Binaryen,EOS VM运行EOS Mechanics WASM CPU最高可快16倍。

接下来,我们打算解决新开发者——打算参加 #EOSIO黑客马拉松 或者第一次在EOSIO上搭建应用的开发人员——进入区块链的屏障。一般来说,建立区块链开发环境是一个多步骤的过程,可能需要几小时,甚至几天,来完成,所以我们才要建立EOSIO 快速入门 Web IDE,这个开发工具能够让新手在几分钟内就从入门到就绪。

最后,对任何开发人员来说,吸引新用户使用区块链应用的一个主要痛点就是如何保护私钥和公钥以及操作不当会产生的安全风险。本版本实现了WebAuthn对EOSIO的支持,这样,开发者可以在自己的EOSIO应用中测试带有WebAuthn签名的交易,这就给私钥带来了新一层的保护,而这是现在任何区块链都没有的。

以下是EOSIO 2.0候补版四大主要部件的详细介绍。

  • EOS VM:高性能、专为区块链应用设计的WebAssembly (WASM)引擎,在处理智能合约和显著提高性能的同时能够带来更加高效的系统资源利用。
  • EOSIO 快速入门 Web IDE:我们最新的、功能强大的、自包含Web集成的开发环境,它可以用来建立EOSIO智能合约和相应的Web应用。设置只需要几分钟、兼容各个浏览器、帮助减少新EOSIO区块链开发者的入门障碍。
  • WebAuthn 支持:这是一个倍广泛接受的安全验证标准,不需要浏览器扩展或者其它软件,它就可以实现交易签名。
  • 加权阈值多签名区块生产支持:超级节点可以利用不同的密钥在主块和备用块生产硬件上签名的安全方法

EOS VM

我们开发了新的专用WebAssembly (WASM)引擎,EOSVM,来满足日益增长的在EOSIO区块链上进行安全的确定性执行的需求。尽管Binaryen和WABT解释器也完全满足其设计目的,但是它们都存在内存分配不受限制、加载时间延长、堆栈溢出的问题,同时,它们也缺少运行时沙箱。这些问题结合在一起就影响了整体性能和可靠性。

Binaryen解释器最早是作为初版WASM解决方案随EOSIO1.0在2018年6月发布的,同年九月,被EOSIO1.3支持的WABT取代,这个变化让EOSIO性能提高了两倍。EOSIO2.0时代,我们发布新的WASM引擎EOS VM,它由三个部分组成,每个部分都有自己的特点,每一个都会带来一些性能增强。

区块链WebAssembly执行的强大组件三重奏

EOS VM解释器是一个WebAssembly解释提,它能带来非常快的解析/加载以及确定性和高效的时限执行。因为我们是从头开始设计解释器,我们就能给未来对智能合约的调试留下了空间。

EOS VM Just In Time (JIT)编译器是WebAssembly编译器,它采用WASM并即时生成本机代码。这个架构实现了WASM智能合约的高速执行,同时给WABT,Binaryen和EOS VM解释器等解释器带来了显著的性能提高。JIT解决方案因为其速度之快,应用于区块链的时候就免去了其它解决方案带来了块编译时间过长的问题。

EOS VM的第三个组件是EOS VM优化编译器,这个编译器使用了利用多遍编译架构的专用编译框架(LLVM)。优化编译器生成的本机代码一般比在WABT,Binaryen,EOS VM解释器和EOS VM JIT中执行的相同代码要快上一个数量级。更重要的是,它甚至比现有的WAVM引擎还快,但和WAVM不同的是,利用我们的分层设计,它可以安全地在区块链上使用。

极快的执行性能

Our benchmarking for the different components produced the following performance enhancements in our test environments: 

在测试环境中,我们针对不同组件的基准测试产生了以下性能增强:

EOS机制基准测试来源是EOSIO社区写的基准测试,它在AWS z1d.metal实例中运行   2回放基准对比了在对应WASM引擎上由EOSIO系统提供的回放能力完成相同回放的时间,并在AWS z1d.metal实例中执行。

上述性能基准体现了各种EOS VM部件的相对优势。EOSIO 2把EOS VM JIT作为大多数智能合约执行的一线编辑器,而EOS VM优化编译器则在后台编译同一智能合约并以极快的速度在链上部署该合约。这样的分层架构让EOSIO 2能实现快速启动和智能合约代码的优化编译。

EOS VM及其组件还可以实现高度自定义,所以开发者可以根据他们的需求用特定的方式利用这些组件的不同层面。了解更多请在GitHub上浏览EOS VM 存储库

网络代码的重大改进

我们向net_plugin添加了多线程支持。几乎所有在net_plugin上的处理,包括块传播、交易处理、块/交易打包/解压等其它处理,现在都由和主应用程序线程不同的单独线程处理。隔离这些处理过程之后,我们在多节点的EOSIO网络上进行交易处理和块处理的性能都有了显著的提高。更多的细节请参考EOSIO 2.0.0-rc1 发布说明

EOSIO 快速入门 Web IDE

EOSIO 2的增强功能心系开发者,这个新的工具能够让他们对EOSIO项目更快上手、更好地分享、更顺利地合作。

启动EOSIO的开发环境目前需要开发人员在本地计算机运行一个多步骤过程,这对于刚入门的开发人员来说可能是非常复杂的。现在我们在alpha支持阶段,EOSIO 快速启动 Web IDE的想法是要移除开发者的入门障碍。它在云上运行,它让新的开发者启动智能合约和web应用开发环境以及完全集成的单节点个人测试网,这样他们在几分钟内就可以实现入门到构建。

EOSIO快速入门Web IDE让新的区块链开发者更好入门、简化了过程、使学习EOSIO开发更快速更简单。开发者可以以演示应用程序开始、无缝地进行修改、实时看到更新、直接从浏览器把代码提交到git存储库。

随着新的开发者开始利用EOSIO 快速入门 Web IDE构建应用,我们也期待着社区的反馈。

WebAuthn对EOSIO的支持

WebAuthn是强大的用户验证器标准,它由万维网联盟(W3C),在线快速身份验证(FIDO)联盟、在谷歌、Mozilla、微软、Yubico和其它公司帮助下进行协作。WebAuthn让用户能利用硬件设备进行验证,在浏览器中签署交易而不用在设备上安装扩展程序或其它软件。

WebAuthn在诸如YubiKey等设备上建立加密密钥对,同时,只在安全且经过验证的渠道和远程服务器共享公钥。WebAuthn验证凭证管理完全在硬件中进行,因此它几乎完全减轻了钓鱼等各种攻击的影响。因为硬件是必须的,密码也没有储存在中央服务器中,采用基于WebAuthn的验证其甚至有助于阻止密码被盗的情况下出现的高规格数据泄露。

随着WebAuthn对EOSIO支持的发布,开发者可以开始在他们的EOSIO应用上测试带有WebAuthn签名的交易。EOSIO支持WebAuthn让我们朝着无需追踪私钥或其它账户信息就能获得安全和无缝的交易签名这个目标更进一步。我们会继续研究各种机制,支持希望其应用和WebAuthn集成的面向社区的和企业级的参与者,我们也鼓励应用开发者能加入第一批使用者的行列,测试该技术在私人应用上使用。

加权阈值多签名区块生产

超级节点必须能够提供绝对足够的运行区块链的核心服务。一般为了达成此目的需要搭设多余的基础架构,保证在出现硬件故障或者网络问题的时候也能够高效地维护块生产。而在大量的功能中,加权阈值多签名区块生产是第一个试图给超级节点提供完整、充足的解决方案。

现在的共识规则要求每个超级节点有且仅有一个加密区块签名密钥。然而这个密钥,不管是存在磁盘上通过软件加载还是受硬件钱包保护,都代表超级节点运行过程中的单点故障。如果密钥丢失,或者储存密钥的硬件模块暂时无法访问,超级节点只能丢弃区块,结果就影响到整个网络的吞吐量。

为了改进区块生产的安全性和规模化,加权阈值多签名区块支持提供了一个允许层,这样多个区块签名密钥就可以灵活运行,多余的区块签名架构就不用分享任何敏感数据而存在。您可以在GitHub的加权阈值多签名区块生产页面获得更多信息。                

保持联系

我们会继续不断对EOSIO软件包添加新功能,让开发者能够获得更高性能的软件强化、安全的交易签署、和稳健的验证协议。我们鼓励社区参与,因为你们的反馈能够让我们知道开发者具体的需求是什么。如果您想为我们发布的EOSIO 2候补版本提供任何反馈,和我们的团队为开发者共同改进EOSIO,您可以和我们的开发者关系小组联系:developers@block.one

想实时跟进我们的通知,您可以在EOSIO 网站订阅我们。我们很高兴能够不断为EOSIO开发者改进软件的适用性,我们也会继续努力为区块链的大规模应用奠定基础。

. . .

重要通知:所有提供的材料都受此重要通知的约束,您必须自行熟悉此间条款。该通知包含与我们软件、出版物、商标、第三方资源以及前瞻性声明相关的信息、限制和约束内容。通过访问我们的材料,您接收并同意此通知的条款。

原文/Original:

EOSIO 2 was built with developers in mind. Our focus: make it faster, simpler, and more secure to build on EOSIO.

We believe the single biggest bottleneck for blockchain development is the speed in which they can execute smart contracts. 

EOSIO was the first blockchain software to use a WebAssembly (WASM) engine to improve performance, but in time, we outgrew existing general purpose WASM engines and knew we could do more.

Our solution: build our own, designed from the ground up with blockchain in mind. EOS VM, our purpose-built blockchain WASM engine, runs the EOS Mechanics WASM CPU benchmarks up to 16x faster than Binaryen, which was released with EOSIO 1.0.

Next, we wanted to solve the barrier to entry for new developers – those heading to an #eosiohackathon or building on EOSIO for the first time. Typically, setting up a blockchain development environment is a multi-step process that can take hours, even days, to complete. That’s why we’re building the EOSIO Quickstart Web IDE, a development tool that allows new developers to go from start to ready-to-build in minutes.

Finally, for any developer, one of the critical pain points to onboarding new users to blockchain applications is safeguarding private and public keys, and the security risks created if done incorrectly. With this release of WebAuthn support for EOSIO, developers can begin testing transaction signing with WebAuthn in their EOSIO applications, providing a level of security for private keys that doesn’t exist in blockchain today. 

Continue reading for further explanation of the four major components included in the EOSIO 2.0 Release Candidate:

  • EOS VM: A high-performance WebAssembly (WASM) engine specialized for blockchain applications that facilitates more efficient use of system resources when processing smart contracts and substantial performance gains.
  • EOSIO Quickstart Web IDE: A powerful, new, self-contained, web-based integrated development environment for building EOSIO smart contracts and associated web applications. It can be set up in minutes, run in any browser, and helps lower the barrier to entry for new EOSIO blockchain developers. 
  • WebAuthn Support: A widely accepted secure authentication standard that enables transaction signing without browser extensions or additional software.
  • Weighted Threshold Multi-Signature Block Production Support: A secure way for block producers to use different keys to sign blocks on primary and backup block production hardware.

EOS VM

We have developed a new purpose-built WebAssembly (WASM) engine, called EOS VM, to meet the growing demands of secure deterministic execution on EOSIO blockchains. Although well-suited to their purposes, Binaryen and WABT interpreters have issues with unbounded memory allocation, protracted loading time, and stack overflows, and they lack a sandbox on runtimes. Combined, these issues curb overall performance and reliability.

As an initial WASM solution, the Binaryen interpreter was released in June 2018 with EOSIO 1.0, and it was replaced in September that year with EOSIO 1.3’s support for WABT, offering a 2x performance gain. With EOSIO 2, we’re releasing a new WASM engine called EOS VM, comprised of three components, each with its own features and offering specific performance enhancements.

A Trio of Powerful Components for Blockchain WebAssembly Execution

The EOS VM Interpreter is a WebAssembly interpreter providing extremely fast parsing/loading, and deterministic and efficient time bound execution. Designing the interpreter from the ground up has enabled us to make room for future debugging support for smart contracts.

The EOS VM Just In Time (JIT) compiler is a WebAssembly compiler that takes WASM and generates native code on the fly. This architecture enables very fast execution of WASM smart contracts and provides significant performance benefits over interpreters like WABT, Binaryen, and the EOS VM Interpreter. The sheer speed of this JIT solution allows us to use it on the blockchain without the long block compiling times of other solutions.

The EOS VM Optimized Compiler is the third component of EOS VM and it uses a specialized compiler framework (LLVM) that leverages a multipass compilation architecture. The resulting native code from the Optimized Compiler is often an order of magnitude faster than the same code executed within WABT, Binaryen, EOS VM Interpreter, and EOS VM JIT. Most importantly, it is even faster than the existing WAVM engine, but unlike WAVM it can be used safely on the blockchain utilizing our tier-up design.

Extremely Fast Execution

Our benchmarking for the different components produced the following performance enhancements in our test environments: 

EOS Mechanics Benchmarks were sourced from the EOSIO community authored benchmarks and were run on AWS z1d.metal instances. Replay benchmarks compared the time it takes for the EOSIO system provided replay capability to complete the same replay on the noted WASM engines and were executed on AWS z1d.metal instances.

The above performance benchmarks show the relative strengths of various EOS VM components. EOSIO 2 features EOS VM JIT as the front line compiler for most smart contract execution, while the EOS VM Optimized Compiler attempts to compile the same smart contract in the background and deploy it for extremely fast subsequent execution on the chain. This tier-up architecture enables EOSIO 2 to leverage both fast startup and optimized compilation of smart contract code.

EOS VM and its components are also highly customizable, so developers can implement its various facets in a specific manner suited to their desired functionality. Learn more by referring to the EOS VM repository on GitHub.

Significant Improvements to Network Code

We have added multi-threading support to net_plugin. Almost all the processing in the net_plugin, including block propagation, transaction processing, block/transaction packing/unpacking, and other processes are now handled by separate threads that are distinct from the main application thread. By isolating these processes we have seen significant improvements in transaction processing and block processing performance on multi-producer EOSIO networks. More details are available in the EOSIO 2.0.0-rc1 release notes

EOSIO Quickstart Web IDE

Enhancements in EOSIO 2 were made with developers in mind, and this new tool will make it much easier to get started, share, and collaborate on EOSIO projects.

Setting up a development environment for EOSIO currently entails a multi-step process, run locally on the developer’s computer, that may be quite complicated for those who are just onboarding. Now in the alpha support stage, the EOSIO Quickstart Web IDE intends to remove barriers to entry for developers. Run in the cloud, it enables new developers to set up a smart contract and web app development environment along with a fully integrated single-node personal testnet, so they can go from getting started to building in minutes.

The EOSIO Quickstart Web IDE makes EOSIO more accessible to new blockchain developers, simplifying the process and making it quick and easy to start learning EOSIO development. Developers can begin with demo applications, seamlessly make changes, and see updates in real-time, as well as commit code to git repositories right from the browser.

We look forward to receiving feedback from the community as new developers start building with the EOSIO Quickstart Web IDE.

WebAuthn Support for EOSIO

WebAuthn is a standard for strong user authentication collaborated on by the World Wide Web Consortium (W3C), the Fast Identity Online (FIDO) Alliance, with help from Google, Mozilla, Microsoft, Yubico, and others. WebAuthn allows you to use a hardware device for authenticating and signing transactions in a browser without extensions or other software installed on your device.

WebAuthn creates cryptographic key pairs on devices like a YubiKey and shares only the public key with a remote server over a secure and authenticated channel. By managing authentication credentials entirely within hardware devices, WebAuthn has been shown to essentially mitigate entire classes of attacks such as phishing. Since the hardware device is essential, and passwords are not stored on a central server, implementing WebAuthn-based authentication can even help prevent high-profile data breaches where passwords are stolen. 

With this release of WebAuthn support for EOSIO, developers can begin testing transaction signing with WebAuthn in their EOSIO applications. EOSIO support for WebAuthn is a step towards secure and seamless transaction signing without needing to keep track of private keys or other account information. We are continuing to investigate mechanisms to support both community-facing and enterprise-level participants who wish to adapt their applications for WebAuthn integration, and we encourage application developers to join the first wave of early adopters testing the private applications of this technology.

Weighted Threshold Multi-Signature Block Production

Block producers must be able to provide high availability for their core service of running the blockchain. A common approach to achieve this is redundant infrastructure that efficiently maintains block production in the event of a hardware malfunction or networking issues. Weighted Threshold Multi-Signature Block Production is the first of many features that seek to provide block producers with a complete, high-availability solution.

Current consensus rules require exactly one cryptographic block signing key per block producer.  This key, whether stored on disk and loaded via software or protected with a hardware wallet, represents a single point of failure for the operations of a block producer. If that key is lost or access to the hardware module that contains it is temporarily unavailable, the block producer has no choice but to drop blocks, impacting the whole network’s throughput.

To improve the security and scalability of block production, weighted threshold multi-signature block support provides a permission layer that allows for multiple block signing keys in a flexible scheme that will enable redundant block signing infrastructure to exist without sharing any sensitive data. Read more about weighted threshold multi-signature block production on GitHub.

Stay Connected

We continue to regularly iterate new features into the EOSIO software suite to provide developers access to higher-performing software enhancements, a secure means of transaction signing, and robust authentication protocols. Community participation is encouraged, as feedback provides insight into the specific needs of developers. If you would like to offer feedback on the release candidate of EOSIO 2 and work more closely with our team to improve EOSIO for developers, you can contact our developer relations team at developers@block.one.

To keep up-to-date with future announcements, you can also subscribe to our mailing list on the EOSIO website. We are excited to be regularly improving the usability of the software for EOSIO developers as we continue to lay a foundation for the mass adoption of blockchain technology.

. . .

Important Note: All material is provided subject to this important notice and you must familiarize yourself with its terms. The notice contains important information, limitations and restrictions relating to our software, publications, trademarks, third-party resources and forward-looking statements. By accessing any of our material, you accept and agree to the terms of the notice.

原文链接/Original URL:

About the author

By user
News.EOS.WiKi Bilingual News & Info Of EOS

Recent Posts