基於消逝時間量的共識機制（POET）

來自於Intel project：Hyperledger Sawtooth，目前版本 PoET 1.0 

PoET 實際上是屬於Nakamoto consenus的一種，利用「可信執行環境」來提升當前解決方案（如工做證實）的效率。發佈到Hyperledger的PoET的初始參考實現是爲抽象TEE編寫的，以使其對任何TEE實現都保持靈活性。

PoET stochastically elects individual peers to execute requests at a given target rate. Individual peers sample an exponentially distributed random variable and wait for an amount of time dictated by the sample. The peer with the smallest sample wins the election.

For the purpose of achieving distributed consensus efficiently, a good lottery function has several characteristics:

• Fairness: The function should distribute leader election across the broadest possible population of participants.
• Investment: The cost of controlling the leader election process should be proportional to the value gained from it.
• Verification: It should be relatively simple for all participants to verify that the leader was legitimately selected.

現使用SGX技術構建TEE，using new secure CPU instructions which are becoming widely available in consumer and enterprise processors（如今Intel自家的cpu都支持了SGX）。PoET uses these features to ensure the safety and randomness of the leader election process without requiring the costly investment of power and specialized hardware inherent in most 「proof」 algorithms. （這也是其賣點，具備proof-based算法的高可擴展性，同時也具備低消耗，較高性能）

它基於以下方式運行：

1. Every validator requests a wait time from an enclave (a trusted function).
2. The validator with the shortest wait time for a particular transaction block is elected the leader.
3. One function, such as 「CreateTimer」, creates a timer for a transaction block that is guaranteed to have been created by the enclave.
4. Another function, such as 「CheckTimer」, verifies that the timer was created by the enclave. If the timer has expired, this function creates an attestation that can be used to verify that validator did wait the allotted time before claiming the leadership role.

The PoET leader election algorithm meets the criteria for a good lottery algorithm. 分佈相似於其餘彩票算法提供的分配。選舉的機率與所貢獻的資源成比例（在這種狀況下，資源是具備可信執行環境的通用處理器）。An attestation of execution provides information for verifying that the certificate was created within the enclave (and that the validator waited the allotted time). Further, the low cost of participation increases the likelihood that the population of validators will be large, increasing the robustness of the consensus algorithm.

----------------------------------------------------

enclave：實際上是SGX中的術語，A protected area in an application’s address space which provides confidentiality and integrity even in the presence of privileged malware.

PPK, PSK：PoET ECC public and private key created by the PoET enclave.

關鍵的函數：

 

 

　　這裏有三種狀況：若是當前SGX安全時間比waitTimer中的時間要小，那麼尚未到時間；若是比這個時間加Twt要大，那麼該waiTimer失效了，過時（因此只能在Twt時間內處理）；若是在區間內，則生成認證，而且置全局變量

WaitTimer activeWT 爲NULL，該變量標識是否有可用的waitTimer對象

階段：Sign-up Phase（包括client side 和 server side）：A validator has to wait for  block to be published on the distributed ledger before participating in an election.

階段：Election Phase：

客戶端開啓，從disk中調取密封的數據解密封，而後調用createWaitTimer函數，等待函數產生的duration時間，到了後及時調用creatWaitCertification函數，產生waitCertificate，將(waitCertificate, signature, block, OPK, PPK) 廣播出去。其它的server驗證這些tuples，最後從全部合法的waitcertificate中找最小的duration爲選舉成功者。
（驗證的過程當中，好幾點沒看懂？？還有，驗證enclave產生的證書時，是在驗證者的enclave中驗證，仍是在外部驗證？）
安全考慮：設置Twt的目的是強制執行此約束以免在一段時間內沒有事務構建塊的狀況下，幾個驗證程序在等待WaitTimers的持續時間後可能會保留，而且只有在有足夠的事務可用時才生成WaitCertificate。在這一點上，他們都會發出他們的WaitCertificates，產生大量流量並可能致使分叉。超時緩解了這個問題。

關於 Multi-user or Multi-ledger SGX Enclave Service：經過將用戶名和分類賬輸入參數設置爲generateSignUpData（）和unsealSignUpData（），能夠爲多個用戶或分類賬使用相同的包圍區。 而後將註冊元組（用戶名，分類賬，PPK，PSK，MCID）密封到磁盤，用戶名和分類賬用於生成文件名。 只要用戶對服務進行身份驗證，後者就能夠將安全區解封，並使用與該用戶（和分類賬）對應的文件中的註冊元組。

 參考：https://sawtooth.hyperledger.org/docs/core/releases/latest/architecture/poet.html#introduction