Proof of Burn Protocol: Innovative Applications on Cardano

The Iagon team recently completed a challenge by developing a proof of burn ( PoB ) protocol for the Cardano ecosystem. This is a response to a question posed by a well-known figure in the blockchain field. This article will introduce the Iagon team's solution, primarily covering the following aspects:

1. Overview of Proof of Burn Mechanism and Its Applications
2. The implementation details of Iagon's PoB scheme on the Cardano network.
3. Deploy and test smart contracts on the testnet
4. Execute the PoB protocol by sending tokens to the "black hole" address.

Proof of Burn and Its Applications

Token burning ( destruction ) is a common practice, which essentially involves sending tokens to an inaccessible "black hole" address. This address has no private key, so the burned tokens cannot be retrieved. The public can verify that the destruction has indeed occurred, but only knows a "secret" commitment value. This mechanism can prevent intermediaries from censoring the burned funds.

The burning mechanism has multiple uses, which can increase the value of the remaining tokens and serve as a proof of commitment for the blockchain protocol. Large-scale token burns may create deflationary pressure as they reduce the total supply of tokens in circulation. Although burning is a common blockchain transaction, it still requires miner acceptance. While these mechanisms have certain benefits, there are also opponents to burning tokens. In response to this issue, Iagon is committed to developing an uncensorable token burning protocol. This special uncensorable operation has attracted the attention of industry leaders.

The security of proof of burn is based on the same mechanism as token transfer transactions, namely cryptographic hash functions. These functions are easy to compute but hard to reverse calculate. Essentially, a small change in the input will result in a completely different output. This means that reverse calculating from the output of the hash function will take a considerable amount of time. In short, a black hole address can be created by flipping the least significant bit of the cryptographic hash function. Anything sent to this address will become difficult or impossible to recover.

The security of cryptocurrency transactions is entirely based on public key cryptography and cryptographic hash functions: "Each time funds are sent, a new unspent transaction output (UTxO) is created." This UTxO records the amount of funds and the hash of the recipient's public key. If the recipient wants to use these funds, they must sign a new expenditure transaction with the same public key.

Why flip the lowest bit of the hash function output instead of directly using the hash value of 0x0? The reason is that using a known value would make the burn immediately visible. However, the design of the protocol is to burn the funds first, and then ( in a separate step ) prove that it has been burned. To achieve this, a hash of the commitment value needs to be created first. Subsequently, the commitment value indicates that a black hole address has been created.

Proof of Burn Smart Contract on the Cardano Network

Cardano smart contracts are programs that run on the Cardano network, allowing developers to execute ( financial ) transactions according to predetermined rules. Smart contracts are designed to establish transparent and verifiable transactions between parties. Recently, the rise of decentralized financial services and decentralized organizations has driven the rapid growth of smart contract applications.

Unlike Ethereum's smart contracts, Cardano employs a different structure. It allows users to simulate each transaction in their own wallets to increase the difficulty of network attacks. The changes generated by transactions are recorded after being validated by blockchain nodes. To this end, Cardano's smart contracts consist of three components:

• Redeemer script: allows or prohibits the spending of eUTxOs
• Wallet Script: Represents the user's execution, used to redeem funds and create new eUTxOs
• eUTxOs: Each eUTxO contains funds and a data point (datum), used for the redeemer to determine when these funds can be reused.

This means that Cardano smart contracts do not have a centralized state on the ledger. Each eUTxO has an independent state ( data ), and is indivisible from its funds. This gives rise to the following four possible operations:

• Burn: Send funds to a black hole address with a secret hash commitment value.
• Verify Burn: Verify that the burn of a certain commitment value has indeed occurred.
• Locking: Sending funds to an address with a key
• Redemption: Redeem the locked funds before redemption.

It is important to note that the endpoint runs in the user's wallet. After the endpoint script finishes running in the wallet, the generated transaction will be moved to the blockchain. In this case, this transaction will transfer funds to the redeemer script. The script verifies that the funds can only be accessed by the target address that holds its hash value.

In the locking operation, the hash value may be our own address. In the burning operation, the hash value points to a black hole address. We achieve this by giving the hash a secret commitment value and then flipping it. Since a cryptographic hash function is used, it is almost impossible to find a hash value that matches the result.

The intermediary handling the transaction cannot know whether the transaction is a burn or a lock. With this script, intermediaries cannot selectively review any burn transactions. Both burn and lock use the same redeemer format, and only the transaction initiator knows whether it is a burn or a lock transaction. The burn value can be verified by using the burn endpoint with the given commitment value. Before the commitment value is disclosed, no one knows the amount of funds that have been destroyed.

Testing Network Deployment of Smart Contracts

To deploy a smart contract on the testnet, you need to follow these steps:

1. Install Haskell Toolchain
2. Build Plutus script
3. Start the container to connect to the Cardano node and wallet.
4. Restore wallet and obtain wallet ID
5. Operation of burning tokens
6. Execute the operation of validating the burn

By following the steps above, the outside world cannot know whether the transaction is a burn or a lock. However, after publishing this script, people may attempt to compile a rejection of the redeemer, corresponding to the hash of the proposed redeemer script. This requires a tremendous effort, but it may lead to certain burns being scrutinized. To prevent this from happening and make violations more difficult to implement, Iagon is working to enhance the security of this solution.

From Smart Contracts to Wallet Scripts

Utilizing the fact that most smart contract operations occur within user wallets, execution schemes can be created that only use wallets, making smart contracts unnecessary. The practical significance of this approach is that it is not possible to selectively prevent the corresponding burning smart contract transactions. However, those who want to prevent all burning can achieve this by blocking all scripts. If only wallets are used, the only way to scrutinize burning is to scrutinize all Cardano transactions. This is a form of ultimate resistance to censorship.

To achieve this, it is necessary to replace the hash of the public key with the hash of the commitment value and flip the least significant bit of the commitment value. But that is not enough. Cardano will prevent input errors in the address by checking the structure and CRC code. Therefore, the simplest way to generate an address from a commitment is to use a specific script and the Cardano API library.

You can use the provided code to generate a burn address, and then submit the transaction to the Cardano blockchain. To verify the burn, you need to look at the transactions sent to the burn address.

Conclusion

This article divides the implementation of the proof of burn protocol into two methods: smart contracts and wallet transactions. However, due to the current lack of necessary infrastructure for Alonzo smart contracts, such as the PAB library (, we recommend using wallet scripts. In any case, the PAB library will support Cardano-based application development in the near future, and combined with wallet scripts, it may create a more complex and censorship-resistant smart contract solution. If you want to learn more about this solution, you can check all relevant information on Github.

![])https://img-cdn.gateio.im/webp-social/moments-3d2bf883bd43da42085612065d17c6ef.webp(