MemoDA:An efficient and simple DA solution

Memo Labs
6 min readApr 8, 2024


Memolabs has introduced an efficient and simple DA solution that provides reliable data availability guarantees for execution layers such as Layer2 Rollup. Different levels of availability are available at different cost options.

1. DA problems

Data availability (DA) is a critical component of blockchain technology. The blockchain relies heavily on agreement, as we all know, and for nodes to attain agreement, they need to guarantee consistent data availability. To stop fraudulent transactions from occurring on the chain, preserve the accurate “accounting” record of the blockchain, and guarantee the security and dependability of the blockchain, nodes can examine the transaction data of the current block and confirm whether the transaction is correct.

However, DA tends to be used as a component of a single system design throughout the entire blockchain, such as Ethereum. The growth of Web3 will be hindered, the user experience will deteriorate, the Gas fee will increase over time, and the single transaction cost will rise when block space is scarce and usage is high. Ethereum has also become aware of the issue of growth in recent years and has started investigating different off-chain extension strategies. Rollups are currently a widely used option, however, even in a thriving Web3 environment with considerable demand for block space, the issue of high gas fees persists.

2. Current DA solution

There are two primary solutions in light of the current circumstances. The first is to maximize Layer 2’s storage overhead. For instance, the Ethereum Danksharding proposal, which uses Ethereum as the data availability layer, currently uses EIP-4844 and implements blob transaction mode, which lowers the storage cost of Layer 2. The second type of blockchain scheme is modular, like the Celestia project, which intends to make blockchain deployment easier by offering pluggable consensus networks. It divides the blockchain into three layers: execution, consensus, and data availability.

3 MemoDA Solution

Memolabs released a DA solution that is both effective and concise, offering a trustworthy guarantee of data availability for execution capacities like Layer 2 Rollup. According to the cost selection, varying availability assurance levels are offered.

3.1 Overview of MemoDA

Off-chain, the node that publishes the transaction uploads the transaction data to MemoDA, which ensures that the transaction file will always be available. This allows the node to rapidly and easily access the transaction data. For the sake of being able to guarantee user data availability if it passes and to initiate data repair if it fails, MemoDA must regularly transmit data availability credentials to the chain.

Among them, the document availability certificate verification procedure uses KZG polynomial commitment technology and the optimistic multi-round interactive verification method, thereby rendering the verification process low-cost and effective. To increase data availability, MemoDA does spot availability checks on transaction data and configures erasure codes and adaptable backup schedules.

3.2 MemoDA Architecture

MemoDA is composed of both on-chain and off-chain components. The off-chain component is in charge of transaction data storage, read functionality, handling issues with data proof of availability, and data repair. Data availability is the responsibility of the on-chain component. Recording the promised value of transaction data and metadata, creating storage challenge data, recording the data availability certificate that is sent along the chain, answering the availability fraud certificate, and promoting data repair are the primary functions.

3.3 MemoDA Detailed description

3.3.1 Uploading Files

The transaction data is uploaded by the execution layer, and MemoDA uses the transaction data to create the KZG polynomial Commitment. This transaction data is utilized to both uniquely identify the block transaction data and subsequently confirm that the data availability proof is accurate. The commitment value is stored in the contract in the bytes32[4] format and occupies 96 bytes.

For permanent storage at the execution layer, the application layer uploads the committed value and metadata of the transaction data to a blockchain, such as Ethereum. To significantly increase the cost of node malpractice, transaction data will be divided into multiple slices using erasure codes or multiple backup technologies for data redundancy. Memolabs’ RAFI technology will be used to realize risk perception fault identification, improving overall data availability faster.

3.3.2 Downloading Files

According to the promised value of the transaction data, any node in the execution layer can simply access it. Additionally, the light node will confirm the data’s availability under MemoDA’s Data Availability Guarantee without needing to download the entire set.

3.3.3 Generate challenge information

To challenge the storage layer, the contract will regularly create a pseudo-random number (rnd) by the kzg polynomial commitment scheme and the decentralization feature. The storage layer uses this random number to decide which files should be sampled and challenged. It then creates data availability evidence for the files that should be contested based on this random number. The data availability layer will make sure that the pseudorandom number is unpredictable and created only for a limited amount of time, preventing the storage layer from making use of a temporal loophole to cheat and escape penalties.

Within a limited time, frame, the storage layer must submit the proof. The challenge will be deemed unsuccessful, the particular storage layer node will be penalized, and the data repair process will be activated if the proof is not turned in by the deadline. To guarantee that the chosen files are random and unpredictable, the sampled files to be challenged are picked based on the pseudorandom number. Based on probability theory, the quantity of samples is determined so that there is a 99.999% chance of identifying defect data in each challenge.

3.3.4 Generate proof and submit it

To be able to submit the aggregate proofs and aggregate commitment values onto the chain, the storage layer first gets evidence of data holding of the files that are to be challenged off the chain. It then aggregates these proofs. Proofs provided by the storage layer are automatically accepted as true, which lowers the overhead associated with validation and data availability.

3.3.5 Multiple rounds of interactive optimistic validation

To lower the cost of challenges, many rounds of interactive optimism verification are employed once the storage layer submits the proof. We make the assumption that everyone can demonstrate fraud against the aggregate commitment value and the aggregate proof value, both of which are assumed to be accurate. Participants can first challenge the aggregate proof and open the fraud-proof within the allotted time. The data repair mechanism is triggered, the storage layer is penalized, and it can be directly viewed as a challenge failure if the storage layer does not reply appropriately.

Participants might then contest whether the overall promise is accurate. Since the aggregate proof has already been shown to be accurate about the aggregate promise, the data availability proof succeeds as long as the aggregate promise value is accurate to the pseudorandom number rnd. We do several interactive verification rounds to confirm the aggregate promise value.

A huge volume of data necessitates a proportionally large amount of sampling to guarantee good data availability. We split the total commitment amount into 10 parts to lower the cost of verification calculation; the doubter will choose one part for each challenge. The aggregate domain computation only needs to be done ten times by the data availability layer. The doubter loses and forfeits the deposit if the part they contested is found to be accurate by the data availability layer contract calculation. If the contract computation reveals that the contested aggregate component contains incorrect information, the doubter will once more select ten identical portions of the contested portion to be questioned, one at a time, until the transaction data for a single block is ascertained. The defective block transaction data will be agreed upon by the doubter and the data availability layer, and the doubter will receive compensation. The data failure-causing storage layer node will face consequences.

4. Summary

MemoDA employs a variety of technologies, such as kzg polynomial commitment technology, elliptic curve calculation, data availability sampling, erase-correcting code multiple backup redundancy mechanism, high efficiency and low-cost availability assurance on the chain, and others, to provide a succinct and effective DA solution for Layer 2, especially Rollups.



Memo Labs

MEMO is a new-gen blockchain decentralized cloud storage protocol. Our mission is to build a reliable storage infrastructure for the Web3 era.