Run a Tamperproof Query
The Space and Time network allows users to run tamperproof queries that use ZK cryptography to generate a proof that ensures neither the SQL nor the data have been tampered with. You can have that proof immediately applied within the SxT network, or send it to another third-party verifiers, allowing you to extend the zero-trust model of a blockchain into a big-data system.
Let's Get Started!
To be able to validate your script, we'd ask that you generate a new file called Run_Tamperproof_Query.sh that you can commit to your branch of the SXT-Community/SXTAccreditation repo at the end of the activity.
Automated Verification
Running a tamperproof query is surprisingly simple - you only need a Space and Time account, a tamperproof table, and a verifier.
Native Verification with Space and Time Studio
The easiest way to run a tamperproof query is using Space and Time Studio, as it provides a seamless and unified experience.
First, log into Space and Time Studio
To login to Space and Time Studio dapp:
Navigate to the Space and Time Studio dapp and click on "Sign in" in the upper-right most corner.
Enter your Username and Password, and click "Login"
OR
Click the "Connect a wallet" button at the bottom, and use your wallet to sign into your Space and Time account.
Once authenticated, you should see the "Sign in" button replaced by a "My account" button in the upper right, where you can manage your account and subscription settings.
🔥 New User? Click here to create an account! 🔥
Once logged in to Space and Time Studio, you can run a tamperproof query directly in the query editor:
- Click on the "Queries" menu tab, to pull up the "Query Editor"
- In the main query editor space, click on the Proof of SQL button (looks like a database with a key) to the immediate left of the "Run Query" button - this will open a pop-out box
- At the top of that pop-out next to the "Proof of SQL" title, click the toggle switch so that it reads "ENABLED" (this will also add a small green indicator to the Proof of SQL button)
- Click the "Run Query" button!
If you would like to follow-along with the SQL above:
SELECT Event_Date
, sum(TempC) as SumTemp
, count(*) as CntTemp
FROM SXTDemo_TP.Temperature_v01
GROUP BY Event_Date
A script to create the tamperproof table above can be found in the recipe, "Create a Tamperproof Table.
Contrats, you've run a tamperproof query! All queries submitted through the "Query Editor" will now also generate a ZK proof, and be verified using the SxT verifier network.
Native Verification with Space and Time API
If you interface with the Space and Time Database using APIs and you want to run Native Verification, the change is as easy as using a different, but identical, SQL API endpoint.
Run a Tamperproof Query
Running a natively verified tamperproof query using the API is nearly identical to running a normal SQL query request, except using the tamperproof SQL API endpoint. Using this API will generate the query results, the ZK Proof, and use the SxT verifier network to perform the verification - all automatically in one step!
To run a query using the CLI, open a terminal window, log into the Space and Time network to get an ACCESS_TOKEN, saved to an environment variable ACCESS_TOKEN, and then submit the API call:
SQL="SELECT Event_Date, sum(TempC) as SumTemp, count(*) as CntTemp FROM SXTDemo_TP.Temperature_v01 GROUP BY Event_Date"
curl --request POST \
--url https://api.spaceandtime.app/v2/sql/tamperproof-query \
--header 'content-type: application/json' \
--header "authorization: Bearer $ACCESS_TOKEN" \
--data '{ "sqlText": "'"$SQL"'" }'
Contrats, you've run a tamperproof query!
Optionally, let's run the same query above but using the normal SQL endpoint. The query result is the same, but note that you'll get MORE information back from the tamperproof endpoint than you will from the normal endpoint. This is because the tamperproof endpoint will include, among other metadata information, the verification hash. The endpoint signature between the two is identical, except for the URL:
SQL="SELECT Event_Date, sum(TempC) as SumTemp, count(*) as CntTemp FROM SXTDemo_TP.Temperature_v01 GROUP BY Event_Date"
curl --request POST \
--url https://api.spaceandtime.app/v1/sql \
--header 'content-type: application/json' \
--header "authorization: Bearer $ACCESS_TOKEN" \
--data '{ "sqlText": "'"$SQL"'" }'
Other Ways to Verify
Run Your Own Verifier
Space and Time has open-source the verifier code, meaning for centralized use-cases you can install and perform local verification. This is great for any use-case where you alone need to verify the proof, such as internal analytics, centralized transactions, or fully internal work not shared with 3rd parties (or those parties trust you to perform the work correctly).
To get started with your own verifier, simply clone the Proof of SQL Verifier repo, located here:
https://github.com/spaceandtimelabs/SXT-proof-of-sql
Coming Soon! Verify with Partners (like Chainlink)
Space and Time is partnering with ZK verifier networks to broaden the choice of decentralized, 3rd party verifiers for your proofs. These will be coming online over the course of the next few months, so check back frequently for the growing list!
Coming Soon! Verify On-Chain
Space and Time cryptography teams are working hard to hyper-optimize the verifier to run onchain efficiently enough to be financially practical, even for high-cost / settlement chains. Look for this coming soon!
Get Credit:
You'll get credit for this activity if you:
- Run a natively verified query on the table
SXTDemo_TP.Temperature_v01
- Commit your work file to the SXT-Community/SXTAccreditation repo
How should I commit my branch changes?
When you're complete with the activity, simply commit your changes to your branch of work, then push to the SXT-Community/SXTAccreditation repo. Many IDEs have automated processes to manage this for you, but to do this manually by opening a temrinal / WSL window, and typing:
If you get an error on line 5 saying, The current branch stephens_work has no upstream branch
, this is because Github doesn't know about your branch yet. Simply run the command the git tool recommends - it will look something like:
git push --set-upstream origin <your_branch>
When you're done for the day, head over to SXT-Community/SXTAccreditation/Pulls page on Github, and (if you're logged in) you'll see a message like:
Click on the button above to create a Pull Request, give us some feedback in the description, and click "Create Pull Request". Done!
Updated about 2 months ago