凭证

安全的链下数据获取

背景

FVM运行时并没有提供关于SPs的背景或历史数据。即使它确实提供了，但在L1智能合约环境中进行准确的风险计算也会消耗大量的gas。ADO是一个链下数据聚合器，允许池子以非常低的成本安全地接收关于SPs的任何实时和/或历史数据。每个池可以从ADO接收其自己的独特数据，允许最大的灵活性。

当Agent想要从池中借用资金等采取行动时，它必须首先向ADO请求获取凭证。ADO向Agent颁发包含有关关联Agent及其所有关联矿工的最新数据快照的已签名凭证。然后Agent将此凭证带到它想要借款的池子，池子用该凭证来决定是否批准该操作。

已签名凭证包含以下数据：

struct VerifiableCredential {
  /**
   * The issuer of the credential
   * Must be a valid VC Issuer recognized by the Router
   */
  address issuer;
  /**
   * The id of the agent to which the credential is issued
   */
  uint256 subject;
  /**
   * The epoch in which the credential was signed and issued
   */
  uint256 epochIssued;
  /**
   * The epoch in which the credential expires
   * Approximately a 10 minute period of epochs
   */
  uint256 epochValidUntil;
  /**
   * The value change associated with the action
   * For instance, in a `borrow` action, `value` would be set to the borrow amount
   */
  uint256 value;
  /**
   * The action associated with the credential
   * Actions must correspond to the `msg.sig` of the function where the credential is used
   */
  bytes4 action;
  /**
   * The miner ID that is the target of the action
   * Not all actions require a target - for instance, `borrow` does not require a target, since the borrower is the Agent and not a specific miner
   * An action like `pullFunds` requires a target, since the Agent is not the miner where funds are being pulled
   */
  uint64 target;
  /**
   * The bytes representation of `AgentData` (listed below)
   */
  AgentData claim;
}

struct AgentData {
  /**
   * The total value of the Agent's assets
   * This encompasses:
   * - The liquid funds (WFIL + FIL) in the Agent contract
   * - The vesting + locked + available funds in each of the Agent's miners
   */
  uint256 agentValue;
  /**
   * Also known as “liquidation value” - collateralValue is 50% of the `agentValue` and is a heuristic for managing available funds + vesting funds + pledged funds - hypothetical termination penalties
   */
  uint256 collateralValue;
  /**
   * The daily fee for sector fault penalties for any of the Agent's faulty sectors
   */
  uint256 expectedDailyFaultPenalties;
  /**
   * The aggregated block rewards expected to be earned by this Agent's miners in the next 24h
   */
  uint256 expectedDailyRewards;
  /**
   * A numerical representation of the Agent's financial risk
   * To keep rates fixed, the Infinity Pool hardcodes every SP's 
   */
  uint256 gcred;
  /**
   * The aggregated quality adjusted power of all of the Agent's miners
   */
  uint256 qaPower;
  /**
   * The total amount of FIL borrowed by the Agent
   */
  uint256 principal;
  /**
   * The total amount of faulty sectors summed up across all the Agent's miners
   */
  uint256 faultySectors;
  /**
   * The total amount of live sectors summed up across all the Agent's miners
   */
  uint256 liveSectors;
  /**
   * An energy efficiency score computed by the Filecoin Green API
   */
  uint256 greenScore;
}

请求者密钥

出于安全保护，重要的是一个Agent不能为另一个Agent请求已签名凭证。为了防止这种情况发生，每个agent都存储一个ADORequesterKey地址，该地址在Agent创建时设置。

向ADO提出请求的人必须持有与ADORequesterKey关联的私钥，才能接收已签名凭证。每次向ADO请求凭证时，请求者都会将请求签名为Json Web签名并将其发送给ADO。然后ADO验证请求是由ADORequesterKey的私钥持有者签名的。这确保Agent只能为自己请求已签名凭证。

Previous所有者和地址密钥 Next添加/删除矿工

Last updated 9 months ago