G

Storage & Compute Spec

Storage & Compute Spec

Storage Node Specification#

What Storage Nodes Store

Category

Description

Consumer

Resolver records

Domain resolver data for .gao domains

Layer 5 (Domain)

Merkle snapshots

Periodic snapshots of domain registry state

Layer 5 anchor system

IPFS content

Pinned IPFS content (domain-linked web content, receipts)

Layer 2 (Browser)

Workspace sync

Encrypted Workspace data chunks (client-side encrypted)

Layer 1 (Workspace)

Storage nodes never have access to unencrypted content. Workspace data arrives pre-encrypted (client-side) and is stored as opaque encrypted chunks. The storage node has no decryption keys. Storage Data Model

{
  "chunk_id":           "sha256:abc123...",
  "size_bytes":         65536,
  "content":            "<encrypted_blob>",
  "owner_hash":         "keccak256(domain_name)",
  "stored_at":          1710001234,
  "expires_at":         1741537234,
  "replication_target": 3
}

Key properties:

  • chunk_id is the SHA-256 hash of the content — content-addressed, immutable

  • owner_hash is a hash of the domain name — the storage node knows who owns a chunk but not what the content is

  • replication_target: 3 is an initial network default (MVP default — subject to governance) Availability Proofs (cadence: every 6 hours — MVP default — subject to governance) Proofs demonstrate the node currently holds and can retrieve the data it claims to store.

1. Validator selects random challenge set:
   { chunk_ids: ["sha256:abc...", "sha256:def...", ...] }  // 10% sample

2. Node constructs Merkle proof for each challenged chunk

3. Node submits: { chunk_proofs, timestamp, node_sig }

4. Validator verifies:
   - Each Merkle proof is valid
   - Timestamp is fresh (within 60 seconds)  ← MVP default — subject to governance
   - Node signature is valid

5. Validator signs verified proof → submitted to settlement layer

Storage Node SLAs (MVP defaults — subject to governance)

Metric

Minimum

Target

Uptime

99.5%

99.9%

Availability proof response

< 10s

< 3s

Data retrieval latency (p95)

< 500ms

< 200ms

Replication acknowledgement

< 60s

< 30s

Storage Compensation

epoch_compensation =
  verified_gb_stored
  × price_per_gb_per_epoch            ← operator-set
  × availability_proof_score
  × replication_factor_bonus          (if serving as replication partner)

Price is set by the operator. Consumers select nodes based on price, reputation, and geographic proximity.

Compute Node Specification#

Execution Model Compute nodes execute workloads submitted by Layer 8 (AI OS) and Layer 3 (SDK). All execution happens inside the GAR v1 sandbox — the same runtime environment used by Gao AI OS agents. The sandbox ensures:

  • No compute node has access to workload private keys

  • No compute node can read across workload boundaries

  • Execution is bounded by time window (no open-ended sessions)

  • Every execution produces a signed receipt The compute node provides hardware. The protocol provides the sandbox and the receipt system. The compute node never sees plaintext user data beyond what the workload explicitly exposes. Workload Types

Type

Description

Typical consumer

Agent execution

GAR v1 agent runtime

Layer 8 (AI OS)

Inference

LLM/model inference calls

Layer 3 (SDK)

Data processing

Batch analytics, transformation

Layer 3 (SDK)

Verification

Cryptographic verification tasks

Layer 5 (Domain)

Execution Receipt

{
  "receipt_id":      "dp_compute_abc123",
  "node_id":         "node.operator.gao",
  "workload_type":   "agent_execution",
  "consumer":        "agent.merchant.gao",
  "execution_start": "<timestamp>",
  "execution_end":   "<timestamp>",
  "cpu_seconds":     42.3,
  "gpu_seconds":     0,
  "output_hash":     "sha256:xyz...",
  "sandbox_version": "GAR/1.0",
  "node_sig":        "0x..."
}

Timestamps are illustrative. Actual values are protocol-generated at execution time. The output_hash is the hash of the execution output. The compute node cannot read the output content — only verify its hash. This preserves workload privacy while providing verifiable proof of execution. Compute Node SLAs (MVP defaults — subject to governance)

Metric

Minimum

Target

Job acceptance latency

< 500ms

< 100ms

Execution timeout handling

Terminate + partial receipt

< 5s timeout detection

Receipt submission

< 30s post-execution

< 10s

Uptime

99.0%

99.9%

Compute Compensation

job_compensation =
  cpu_seconds_verified × price_per_cpu_second    ← operator-set
  + gpu_seconds_verified × price_per_gpu_second  ← operator-set

No compute job is charged if the execution receipt is rejected by validators.

SDK Integration#

All DePIN calls go through @gao/system-sdk → sdk.infrastructure. No direct node access.

import { GaoSDK } from '@gao/system-sdk';

const sdk = new GaoSDK({
  domain: 'yourdomain.gao',
  apiKey: process.env.GAO_API_KEY,
});

// Request capability (required before every cross-layer call)
const storageCap = await sdk.developer.capability.request(
  'infrastructure:storage:write', 'yourdomain.gao', 3600
);
const computeCap = await sdk.developer.capability.request(
  'infrastructure:compute:allocate', 'yourdomain.gao', 3600
);

// Upload encrypted file
const storageReceipt = await sdk.infrastructure.storage.upload(
  new Uint8Array(fileBuffer),
  {
    encrypted: true,      // default: true
    content_type: 'application/pdf',
    redundancy: 3,        // MVP default — subject to governance
    ttl_days: 90,         // null = permanent
  }
);
if (!storageReceipt.cid) throw new Error('Upload failed');

// Download
const data = await sdk.infrastructure.storage.download(storageReceipt.cid);

// Submit compute job
const computeReceipt = await sdk.infrastructure.compute.submit({
  runtime: 'python',
  code: `
import json, sys
data = json.loads(sys.stdin.read())
total = sum(item['amount'] for item in data['transactions'])
print(json.dumps({'total': total}))
  `,
  input: { transactions: txList },
  timeout_seconds: 60,
  capability: computeCap.token,
});

// Always validate before using result
const valid = await sdk.infrastructure.compute.validateReceipt(computeReceipt);
if (!valid) throw new Error('Compute receipt invalid — abort');

Capability Tokens

Capability

Required for

infrastructure:storage:write

Upload files

infrastructure:storage:read

Download private files

infrastructure:compute:allocate

Submit compute jobs

Error Codes

Code

Meaning

Resolution

GAO-4001

Capability expired

Re-request capability

GAO-4005

Receipt invalid

Abort — do not use result

GAO-7001

Node unavailable

Retry with backoff

GAO-7002

CID not found

Verify CID; node may be offline

GAO-7003

Storage quota exceeded

Check billing in Studio

GAO-7004

Compute timeout

Increase timeout_seconds or optimize code

GAO-7005

Encryption key mismatch

Use correct domain key

Privacy Model Summary#

Storage privacy: Storage nodes store pre-encrypted chunks and have no access to decryption keys. Even if a node is compromised, the attacker obtains only encrypted data. Key management is the client's responsibility, enforced by Layer 5 (Domain) and Layer 1 (Workspace) key architecture. Compute privacy: Compute nodes execute workloads inside the GAR v1 sandbox. The node sees input hash and output hash only — not input content or output content. See security-model.md for the full compute workload privacy diagram.

See validator-spec.md for how receipts are verified.See node-operator-guide.md for hardware requirements and registration.See security-model.md for the full invariant list including DEP-INV08 and DEP-INV09.