217 lines
9.6 KiB
Plaintext
217 lines
9.6 KiB
Plaintext
// NAC公链宪法增补条款 - 多辖区节点共享规则
|
||
// Issue #70 | 版本: 1.0 | 共 9 条增补条款(A44-A52)
|
||
// 基于《NAC公链多辖区节点共享方案与技术落地白皮书》v1.0
|
||
// 制定方:NAC 核心协议工程组 · 多司法辖区工作组
|
||
// 发布日期:2026-03-07
|
||
// 关联文档:amendments.cnnl(A01-A43)、nac-multi-jurisdiction 模块
|
||
|
||
program NacNodeSharingClauses
|
||
name: "NAC公链多辖区节点共享宪法条款"
|
||
version: "1.0.0"
|
||
description: "9条多辖区节点共享宪法条款(A44-A52),规范物理共享与逻辑隔离"
|
||
|
||
// ============================================================
|
||
// 第七章:多辖区节点共享条款(A44-A52)
|
||
// ============================================================
|
||
|
||
// --- 战略级条款(Strategic Tier)---
|
||
|
||
clause A44_NodeSharing
|
||
name: "多辖区节点物理共享许可"
|
||
tier: Strategic
|
||
clause_index: 101
|
||
description: "允许不同辖区节点共享物理基础设施(数据中心、云平台、硬件集群),
|
||
但必须通过容器化/虚拟化技术保持逻辑强隔离,确保各辖区规则互不干扰"
|
||
predicate: node.physical_shared implies node.logical_isolated == true
|
||
obligation: system.enforce_node_logical_isolation per_block
|
||
violation_action: reject_block
|
||
test: A44_test_node_sharing_isolation
|
||
references: ["多辖区节点共享白皮书 §3.2", "宪法层规范 §NODE_SHARING"]
|
||
|
||
clause A45_CrossJurisdictionConsensus
|
||
name: "跨辖区区块生产双CR强制"
|
||
tier: Strategic
|
||
clause_index: 102
|
||
description: "跨辖区区块生产时,区块头必须包含 jurisdiction_merkle_root 字段,
|
||
该字段为区块内所有跨辖区交易的宪法收据(CR)哈希的默克尔树根;
|
||
每笔跨辖区交易必须附带源辖区和目标辖区的双CR"
|
||
predicate: block.has_cross_jurisdiction_tx implies
|
||
block.header.jurisdiction_merkle_root != null
|
||
obligation: cbpp.include_jurisdiction_merkle_root per_block
|
||
violation_action: reject_block
|
||
test: A45_test_cross_jurisdiction_consensus
|
||
references: ["多辖区节点共享白皮书 §3.4", "CBPP协议扩展规范"]
|
||
|
||
clause A46_ResourceAllocationByCouncil
|
||
name: "共享资源辖区协商分配"
|
||
tier: Strategic
|
||
clause_index: 103
|
||
description: "共享物理资源(CPU、内存、带宽、存储)的分配方案必须由辖区协商委员会
|
||
(JurisdictionCouncil)通过法定人数投票决定(≥67%),
|
||
并将分配结果写入宪法附录,不得由单一辖区单方面决定"
|
||
predicate: resource.allocation_method == "council_vote" and
|
||
resource.council_quorum >= 6700
|
||
obligation: governance.require_council_vote_for_resource_change per_epoch
|
||
violation_action: revert_allocation
|
||
test: A46_test_resource_allocation_council
|
||
references: ["多辖区节点共享白皮书 §5.2", "辖区协商机制规范"]
|
||
|
||
// --- 战术级条款(Tactical Tier)---
|
||
|
||
clause A47_NodeIdentityJurisdictionBinding
|
||
name: "节点身份辖区绑定强制"
|
||
tier: Tactical
|
||
clause_index: 1001
|
||
description: "每个节点在GIDS注册时,其DID必须绑定明确的司法辖区(jurisdiction字段),
|
||
并提供该辖区政府或监管机构的数字签名(jurisdiction_proof)作为证明;
|
||
节点加载的规则插件哈希(plugin_hashes)必须与GIDS记录一致"
|
||
predicate: node.did != "" and
|
||
node.jurisdiction != 0 and
|
||
node.jurisdiction_proof.valid == true and
|
||
node.plugin_hashes == gids.get_plugin_hashes(node.did)
|
||
obligation: gids.verify_node_jurisdiction_binding per_block
|
||
violation_action: reject_node_registration
|
||
test: A47_test_node_identity_binding
|
||
references: ["多辖区节点共享白皮书 §3.1", "GIDS增强规范"]
|
||
|
||
clause A48_WasmPluginSandbox
|
||
name: "WASM规则插件沙箱执行强制"
|
||
tier: Tactical
|
||
clause_index: 1002
|
||
description: "辖区规则插件必须以WASM模块形式在沙箱中执行,
|
||
沙箱必须满足:无主机文件系统/网络访问、
|
||
执行时间上限10ms、内存上限64MB;
|
||
插件哈希必须存储在IPFS并上链验证"
|
||
predicate: plugin.execution_env == "WASM_SANDBOX" and
|
||
plugin.max_execution_ms <= 10 and
|
||
plugin.max_memory_mb <= 64 and
|
||
plugin.hash_on_chain == true
|
||
obligation: system.enforce_wasm_sandbox_limits per_block
|
||
violation_action: terminate_plugin_execution
|
||
test: A48_test_wasm_sandbox
|
||
references: ["多辖区节点共享白皮书 §3.3", "WASM沙箱安全规范"]
|
||
|
||
clause A49_CeeSharedCluster
|
||
name: "CEE节点跨辖区共享验证"
|
||
tier: Tactical
|
||
clause_index: 1003
|
||
description: "宪法执行引擎(CEE)节点可配置为同时支持多个辖区的验证逻辑,
|
||
通过并行调用所有相关辖区插件并汇总结果,签发多签名宪法收据(CR);
|
||
CEE节点必须通过GIDS中的负载均衡列表选择,防止单点故障"
|
||
predicate: cee.supports_multi_jurisdiction == true and
|
||
cee.parallel_plugin_execution == true and
|
||
cee.registered_in_gids == true
|
||
obligation: cee.enable_multi_jurisdiction_verification per_block
|
||
violation_action: fallback_to_single_jurisdiction_cee
|
||
test: A49_test_cee_shared_cluster
|
||
references: ["多辖区节点共享白皮书 §3.6", "CEE集群规范"]
|
||
|
||
clause A50_JurisdictionDisputeResolution
|
||
name: "辖区争议宪法法院裁决"
|
||
tier: Tactical
|
||
clause_index: 1004
|
||
description: "跨辖区节点争议(资源抢占、规则冲突、身份冒充等)必须提交至宪法法院裁决;
|
||
宪法法院根据全球细则和辖区插件条款作出最终判决;
|
||
判决结果通过链上投票确认后方可执行"
|
||
predicate: dispute.resolution_path == "constitutional_court" and
|
||
dispute.judgment_on_chain == true and
|
||
dispute.chain_vote_confirmed == true
|
||
obligation: governance.route_cross_jurisdiction_dispute_to_court per_epoch
|
||
violation_action: freeze_disputed_resources
|
||
test: A50_test_dispute_resolution
|
||
references: ["多辖区节点共享白皮书 §5.3", "宪法法院裁决规范"]
|
||
|
||
clause A51_CsnpJurisdictionAwareRouting
|
||
name: "CSNP辖区感知路由强制"
|
||
tier: Tactical
|
||
clause_index: 1005
|
||
description: "CSNP网络层必须支持辖区感知路由:节点发送交易前查询目标地址辖区信息,
|
||
跨辖区交易选择目标辖区中继节点转发;
|
||
协议转换时必须保留原始CR作为证据"
|
||
predicate: csnp.jurisdiction_aware_routing == true and
|
||
csnp.cross_jurisdiction_relay == true and
|
||
csnp.preserves_original_cr == true
|
||
obligation: csnp.enforce_jurisdiction_aware_routing per_block
|
||
violation_action: reject_non_compliant_routing
|
||
test: A51_test_csnp_routing
|
||
references: ["多辖区节点共享白皮书 §3.5", "CSNP扩展规范"]
|
||
|
||
clause A52_SharedStorageDataPrivacy
|
||
name: "共享存储敏感数据加密"
|
||
tier: Tactical
|
||
clause_index: 1006
|
||
description: "在物理共享存储环境中,敏感数据(法律文件哈希、KYC信息、辖区密钥)
|
||
必须加密存储,仅授权节点可解密;
|
||
区块链数据分片存储时必须通过冗余编码保证可用性(最低3副本)"
|
||
predicate: storage.sensitive_data_encrypted == true and
|
||
storage.authorized_access_only == true and
|
||
storage.redundancy_copies >= 3
|
||
obligation: storage.enforce_encryption_and_redundancy per_epoch
|
||
violation_action: quarantine_unencrypted_data
|
||
test: A52_test_shared_storage_privacy
|
||
references: ["多辖区节点共享白皮书 §3.7", "§4 安全与隐私保护"]
|
||
|
||
// ============================================================
|
||
// 测试块
|
||
// ============================================================
|
||
|
||
test A44_test_node_sharing_isolation {
|
||
// 物理共享节点必须有逻辑隔离标志
|
||
assert node.physical_shared == true implies node.logical_isolated == true
|
||
assert node.container_isolated == true
|
||
assert node.network_namespace_isolated == true
|
||
}
|
||
|
||
test A45_test_cross_jurisdiction_consensus {
|
||
// 跨辖区区块必须包含 jurisdiction_merkle_root
|
||
assert block.has_cross_jurisdiction_tx == true implies
|
||
block.header.jurisdiction_merkle_root != null
|
||
// 跨辖区交易必须有双CR
|
||
assert cross_tx.source_cr.valid == true
|
||
assert cross_tx.target_cr.valid == true
|
||
}
|
||
|
||
test A46_test_resource_allocation_council {
|
||
// 资源分配必须经过委员会投票
|
||
assert resource.allocation_proposal.council_approved == true
|
||
assert resource.allocation_proposal.vote_ratio >= 6700
|
||
}
|
||
|
||
test A47_test_node_identity_binding {
|
||
// 节点DID必须绑定辖区
|
||
assert node.did != ""
|
||
assert node.jurisdiction != 0
|
||
assert node.jurisdiction_proof.signature_valid == true
|
||
assert node.plugin_hashes.len() > 0
|
||
}
|
||
|
||
test A48_test_wasm_sandbox {
|
||
// WASM沙箱限制验证
|
||
assert plugin.execution_env == "WASM_SANDBOX"
|
||
assert plugin.max_execution_ms <= 10
|
||
assert plugin.max_memory_mb <= 64
|
||
}
|
||
|
||
test A49_test_cee_shared_cluster {
|
||
// CEE多辖区支持验证
|
||
assert cee.supports_multi_jurisdiction == true
|
||
assert cee.gids_registered == true
|
||
}
|
||
|
||
test A50_test_dispute_resolution {
|
||
// 争议解决路径验证
|
||
assert dispute.resolution_path == "constitutional_court"
|
||
}
|
||
|
||
test A51_test_csnp_routing {
|
||
// CSNP辖区感知路由验证
|
||
assert csnp.jurisdiction_aware_routing == true
|
||
assert csnp.preserves_original_cr == true
|
||
}
|
||
|
||
test A52_test_shared_storage_privacy {
|
||
// 共享存储加密验证
|
||
assert storage.sensitive_data_encrypted == true
|
||
assert storage.redundancy_copies >= 3
|
||
}
|