Sealed Sector

A sealed sector's state is defined by two core commitments stored on-chain: the CommD (Data Commitment) and CommR (Replica Commitment).

• CommD (Unsealed CID): A Merkle tree root hash of the original client data.
• CommR (Sealed CID): A Merkle tree root hash of the encrypted, encoded replica data after the sealing process. These commitments allow anyone to cryptographically verify that a storage provider is storing the exact data they committed to, without needing the full dataset.

Sealing is the computationally intensive process that transforms raw client data into a unique, storage-optimized replica within a sector. Key steps include:

• Encoding: Applying Proof-of-Replication (PoRep), which encodes the data into a unique replica bound to the miner's physical storage.
• Encryption: The data is encrypted, ensuring client confidentiality.
• Merkle Tree Generation: Creating the CommR and CommD Merkle tree structures for the final commitments. This process is a one-way function, making it infeasible to generate the replica without storing the original data.

Storage providers must continuously prove they are storing their sealed sectors via Proof-of-Spacetime (PoSt). There are two main types:

• WindowPoSt: Submitted every 24 hours for all active sectors. Failure results in slashing and sector termination.
• WinningPoSt: Submitted when winning a block, proving storage for a randomly selected sector. These proofs cryptographically demonstrate that a unique replica of the sealed data has been maintained continuously over time.

A sealed sector progresses through a defined lifecycle on-chain:

1. Pre-commit: The storage provider pledges disk space and deposits collateral.
2. Prove-commit: The provider completes the sealing process and submits the final proofs (PoRep).
3. Active: The sector stores client data and regularly submits PoSts.
4. Termination: The sector expires or is faulted, its data is deleted, and collateral is released or slashed. This managed lifecycle ensures accountability for the storage resource.

The protocol penalizes storage providers for failing to prove storage, ensuring reliability.

• Fault: Occurs when a WindowPoSt for a sector is missed. The provider pays a daily fault fee.
• Termination Fault: A severe or prolonged fault leads to sector termination. The provider's initial Pledge Collateral and any Deal Collateral are slashed. This economic mechanism aligns provider incentives with network security and data durability.

Sectors can contain different types of storage commitments:

• Deal Sectors: Store client data from Filecoin Plus or regular storage deals. The provider earns storage fees.
• CC Sectors (Committed Capacity): Empty sectors pledged by a provider to demonstrate spare capacity and earn block rewards. They can be upgraded later with client data.
• Updated Sectors: CC Sectors that have been filled with client data via a Sector Upgrade, replacing the zero-data commitment with a real CommD.

A sealed sector progresses through a defined lifecycle managed by the blockchain protocol. Key states include:

• PreCommit: The SP stakes collateral and announces intent to seal.
• Sealing: The data is encoded and the replica is generated off-chain.
• Proving: The sector is active, and the SP submits periodic PoSts.
• Faulty: A proof is missed; the SP is slashed and must provide a Fault Recovery proof.
• Terminated: The sector's commitment ends, either by expiration or penalty, and its space is released.

Sealed sectors enable Proof-of-Spacetime, the consensus mechanism that verifies continuous storage. There are two main proof types:

• WindowPoSt: Submitted regularly (e.g., every 24 hours in Filecoin) for all active sectors. Failure results in slashing.
• WinningPoSt: Submitted when a storage provider is elected to produce a block, proving a random subset of their sectors. These proofs cryptographically link the on-chain commitment (CommR) to the physical storage of the sealed data over time.

Sealed sectors have standardized sizes to optimize network security and storage efficiency. In Filecoin, common sizes are 32 GiB and 64 GiB. The choice involves trade-offs:

• Larger sectors (e.g., 64 GiB) reduce the on-chain footprint per unit of storage.
• Smaller sectors offer more flexibility for storage providers with heterogeneous hardware. The sector size directly impacts the sealing cost (computational overhead) and the gas fees for submitting proofs to the chain.

Not all sealed sectors are equal. Through the Filecoin Plus program, clients can obtain DataCap to create Verified Deals. Sectors storing verified data:

• Receive a 10x multiplier on their storage power contribution, incentivizing valuable data storage.
• Require storage providers to pledge additional collateral, increasing commitment security. This creates a two-tiered market, aligning economic incentives with the network's goal of storing useful data.

Proof-of-Replication (PoRep) is the cryptographic proof generated during sealing that underpins a sector's integrity. It proves two key things:

1. Uniqueness: That the stored data is a unique physical copy, not a pointer to other already-stored data.
2. Retrievability: That the data is encoded and stored in a way that allows for reconstruction. PoRep makes it economically irrational for a provider to claim storage of more data than they physically possess, securing the network's stated capacity.

A Sealed Sector is a fixed-size container of client data (e.g., 32 GiB or 64 GiB) that a storage provider cryptographically commits to the Filecoin blockchain. The sealing process transforms raw data into a unique, unrecoverable replica using a Proof-of-Replication algorithm, creating a Commitment (CommD, CommR) that serves as the on-chain proof of the data's initial storage.

Sealing is a computationally intensive, one-way encoding process that binds data to a specific miner and sector ID. Key stages include:

• Precommit: The provider generates a Sealed Sector CID (CommR) and submits a PreCommitSector message.
• ProveCommit: After a challenge period, the provider submits a ProveCommitSector message with a zk-SNARK proof (WindowPoSt) to finalize the commitment.
• This process ensures the data is uniquely stored and cannot be deduced from the public commitment.

Once sealed, a sector enters an active state where the provider must continuously prove storage via WindowPoSt (Windowed Proof of Spacetime). The lifecycle includes:

• Active: Sector is storing data and submitting periodic proofs.
• Faulty: A proof was missed; the provider is penalized.
• Terminated: Sector is closed, often at the end of its deal term.
• Expired: The commitment period concludes, freeing the sector capacity.

Two primary cryptographic commitments anchor a sector's state:

• CommD (Unsealed CID): The Merkle root hash of the original client data.
• CommR (Sealed CID): The Merkle root hash of the sealed, encoded data. The CommRLast is the final replica commitment submitted in the ProveCommit transaction. These commitments are stored on-chain and are referenced in all subsequent storage proofs.

Sector size is a network parameter that defines storage efficiency and hardware requirements. Key developments:

• Standard Sizes: Originally 32 GiB and 64 GiB.
• CC (Commitment Capacity) Sectors: Empty sectors pledged to prove capacity without client data.
• Sector Upgrades: The FIP-0019 upgrade introduced the ability to 'upgrade' a CC sector to a deal-bearing sector without resealing, significantly improving storage flexibility and utility.

Understanding sealed sectors requires familiarity with adjacent Filecoin mechanisms:

• WindowPoSt / WinningPoSt: The periodic and election-based proofs that verify continued storage of sealed sectors.
• Storage Deal: The commercial agreement that places client data into a sector.
• zk-SNARK: The zero-knowledge proof system that makes sealing and proving computationally feasible.
• Power Table: The on-chain ledger that tracks a miner's proven storage power based on their active, sealed sectors.

A Sealed Sector is a fixed-size container (e.g., 32 GiB or 64 GiB) where a storage provider (SP) encodes client data using a Proof-of-Replication (PoRep) sealing process. This cryptographic transformation binds the data to the SP's unique identity, creating a committed capacity that cannot be altered without detection. The resulting Sealed Sector is the basis for all subsequent storage proofs.

The sealing process is the foundation of Filecoin's security model. It ensures data integrity and uniqueness, preventing SPs from:

• Reusing storage: The same physical disk space cannot be pledged for multiple sectors.
• Spoofing capacity: SPs cannot claim to store data they do not physically possess.
• Data tampering: Any change to the sealed data invalidates the cryptographic proofs, leading to slashing of the provider's collateral.

When a sector is sealed and its commitment is posted on-chain, the SP enters a binding contract. Key economic elements include:

• Sector Initial Pledge: Collateral locked by the SP, proportional to the sector's storage power and network conditions.
• Deal Collateral: Additional stake for sectors storing client data.
• Sector Lifetime: A fixed term (initially up to 5 years) during which the SP must continuously prove storage. Early termination or faulty proofs result in slashing of collateral.

A sealed sector is not a one-time event. SPs must continuously generate Proofs of Spacetime (PoSt) to prove the sector is still being stored. There are two main types:

• WindowPoSt: Submitted every 24 hours for all active sectors. Missing a deadline leads to faults and penalties.
• WinningPoSt: Submitted upon winning a block, proving a specific sector is available. These proofs are computationally intensive, making it economically irrational to cheat.

A sector progresses through a defined lifecycle managed by the chain state:

1. PreCommit: SP stakes initial pledge and announces intent to seal.
2. Proving: Sector is sealed and active, generating regular PoSts.
3. Faulty: Sector fails a proof; SP must pay a fee and recover it.
4. Terminated: Sector ends early (voluntarily or via slashing), releasing unused pledge after a penalty.
5. Expired: Sector reaches its committed lifetime and can be renewed.

Understanding sealed sectors requires knowledge of interconnected mechanisms:

• Proof-of-Replication (PoRep): The sealing algorithm that creates the sector.
• Proof-of-Spacetime (PoSt): The ongoing verification proof.
• Storage Power Consensus: How sealed sectors translate into voting power in the blockchain.
• Sector Deal: A client's storage contract fulfilled within a sealed sector.
• WindowPoSt & WinningPoSt: The two types of ongoing proofs required.

The computationally intensive process of preparing client data for storage in a sector. It transforms raw data into a format that allows for efficient Proof-of-Replication and Proof-of-Spacetime.

• Steps: Includes precommit, encoding (using a slow sequential process), and generating the final replica and commitment (CommR).
• Output: The result is a sealed sector, identified by its unique Sealed CID.

The defined states a sector progresses through from creation to termination on the Filecoin network.

• Key States:
  • PreCommit: Sector and deal metadata is posted on-chain.
  • Proving: Sector is active and must submit WindowPoSts.
  • Faulty: Sector failed a proof; accrues penalties.
  • Terminated: Sector is removed from the chain, ending its commitment.

Cryptographic commitments that uniquely identify a sealed sector and its contents.

• CommD (Unsealed): The Merkle root commitment to the original client data pieces.
• CommR (Sealed): The Merkle root commitment to the final, encoded replica of the data after sealing.
• Function: These commitments are stored on-chain and are used as the basis for all storage proofs (PoRep, PoSt).