19 research outputs found
Formal Verification of HotStuff
HotStuff is a recent algorithm for repeated distributed consensus used in permissioned blockchains. We present a simplified version of the HotStuff algorithm and verify its safety using both Ivy and the TLA Proof Systems tools.
We show that HotStuff deviates from the traditional view-instance model used in other consensus algorithms and instead follows a novel tree model to solve this fundamental problem. We argue that the tree model results in more complex verification tasks than the traditional view-instance model. Our verification efforts provide initial evidence towards this claim.acceptedVersio
Heterogeneous Paxos
In distributed systems, a group of learners achieve consensus when, by observing the output of some acceptors, they all arrive at the same value. Consensus is crucial for ordering transactions in failure-tolerant systems. Traditional consensus algorithms are homogeneous in three ways:
- all learners are treated equally,
- all acceptors are treated equally, and
- all failures are treated equally. These assumptions, however, are unsuitable for cross-domain applications, including blockchains, where not all acceptors are equally trustworthy, and not all learners have the same assumptions and priorities. We present the first consensus algorithm to be heterogeneous in all three respects. Learners set their own mixed failure tolerances over differently trusted sets of acceptors. We express these assumptions in a novel Learner Graph, and demonstrate sufficient conditions for consensus.
We present Heterogeneous Paxos, an extension of Byzantine Paxos. Heterogeneous Paxos achieves consensus for any viable Learner Graph in best-case three message sends, which is optimal. We present a proof-of-concept implementation and demonstrate how tailoring for heterogeneous scenarios can save resources and reduce latency
(Sisforma 10-2/2023) Designing a Blockchain-based SME transaction model using the Federated Byzantine Agreement to shorten transaction validation times
Since the world experienced the Covid-19 pandemic, the role of MSMEs in the e-commerce sector has grown rapidly and contributed 50% of Indonesia's GDP. However, investors and some consumers still underestimate MSMEs. They have a low level of trust in MSMEs. This is due to the lack of a transparent system so that cases of fraud against MSME products often occur. This issue of trust and transparency needs to be resolved with technological solutions. One technology that can solve this problem is Blockchain. However, currently there are still validation problems if it is to be implemented in MSMEs. This research aims to resolve validation time constraints in the implementation of MSMEs. This research builds a Blockchain-based MSME transaction model using Federated Byzantine Agreement (FBA) algorithm to solve validation time problems. The result shows that FBA is able to complete transactions with the fastest validation time compared to Proof of Work (POW), Proof of State (POS), and Proof of Authority (POA)
When is Spring coming? A Security Analysis of Avalanche Consensus
Avalanche is a blockchain consensus protocol with exceptionally low latency
and high throughput. This has swiftly established the corresponding token as a
top-tier cryptocurrency. Avalanche achieves such remarkable metrics by
substituting proof of work with a random sampling mechanism. The protocol also
differs from Bitcoin, Ethereum, and many others by forming a directed acyclic
graph (DAG) instead of a chain. It does not totally order all transactions,
establishes a partial order among them, and accepts transactions in the DAG
that satisfy specific properties. Such parallelism is widely regarded as a
technique that increases the efficiency of consensus.
Despite its success, Avalanche consensus lacks a complete abstract
specification and a matching formal analysis. To address this drawback, this
work provides first a detailed formulation of Avalanche through pseudocode.
This includes features that are omitted from the original whitepaper or are
only vaguely explained in the documentation. Second, the paper gives an
analysis of the formal properties fulfilled by Avalanche in the sense of a
generic broadcast protocol that only orders related transactions. Last but not
least, the analysis reveals a vulnerability that affects the liveness of the
protocol. A possible solution that addresses the problem is also proposed
From Symmetric to Asymmetric Asynchronous Byzantine Consensus
Consensus is arguably one of the most important notions in distributed
computing. Among asynchronous, randomized, and signature-free implementations,
the protocols of Most\'efaoui et al. (PODC 2014 and JACM 2015) represent a
landmark result, which has been extended later and taken up in practical
systems. The protocols achieve optimal resilience and takes, in expectation,
only a constant expected number of rounds of quadratic message complexity.
Randomization is provided through a common-coin primitive. In traditional
consensus protocols, all involved processes adhere to a global, symmetric
failure model, typically only defined by bounds on the number of faulty
processes. Motivated by applications to blockchains, however, more flexible
trust assumptions have recently been considered. In particular, with asymmetric
trust, a process is free to choose which other processes it trusts and which
ones might collude against it. This paper revisits the optimal asynchronous
protocol of Most\'efaoui et al. and shows how to realize it with asymmetric
trust. The paper starts by pointing out in detail why some versions of this
protocol may violate liveness. Then it proposes a fix for the protocol that
does not affect its properties, but lets it regain the simplicity of its
original version (PODC 2014). At the same time, the paper shows how to realize
randomized signature-free asynchronous Byzantine consensus with asymmetric
quorums. This results in an optimal consensus protocol with subjective,
asymmetric trust and constant expected running time. It is suitable for
applications to blockchains, for instance
Fair Ordering via Streaming Social Choice Theory
Prior work studies the question of ``fairly'' ordering transactions in a
replicated state machine. Each of replicas receives transactions in a
possibly different order, and the system must aggregate the observed orderings
into a single order. We argue that this problem is best viewed through the lens
of social choice theory, in which (in the preference aggregation problem)
rankings on candidates are aggregated into an election result.
Two features make this problem novel. First, the number of transactions is
unbounded, and an ordering must be defined over a countably infinite set. And
second, decisions must be made quickly, with only partial information.
Additionally, some faulty replicas might alter their reported observations;
their influence on the output should be bounded and well understood.
Prior work studies a ``-batch-order-fairness'' property, which
divides an ordering into contiguous batches. If a fraction of replicas
receive before , then cannot be in an earlier
batch than . We strengthen this definition to require that batches have
minimal size (-batch-order-fairness can be vacuously satisfied by large
batches) while accounting for the possibility of faulty replicas.
This social choice lens enables an ordering protocol with strictly stronger
fairness and liveness properties than prior work. We study the Ranked Pairs
method. Analysis of how missing information moves through the algorithm allows
our streaming version to know when it can output a transaction. Deliberate
construction of a tiebreaking rule ensures our algorithm outputs a transaction
after a bounded time (in a synchronous network). Prior work relies on a fixed
choice of and bound on the number of faulty replicas , but our
algorithm satisfies our definition for every
simultaneously and for any
Continuous and secure integration framework for smart contracts
En tiempo reciente, el desarrollo de contratos inteligentes ha tenido un auge debido al interés generado por criptomonedas en la tecnología de blockchains. Investigadores han encontrado diferentes usos para los contratos inteligentes gracias a este interés. Debido a esto, se ha logrado evidenciar los problemas de seguridad que se han presentado con múltiples contratos y los problemas que pueden llegar a ocasionarse. Por tanto, decidimos evaluar los esquemas de DevOps actual para buscar adaptarlo a un modelo de trabajo compatible con los contratos inteligentes. Siguiendo múltiples investigaciones realizadas por otros investigadores en fases específicas, logramos identificar las falencias de DevOps en contratos inteligentes. Considerando la información que recolectamos, trabajamos en definir las fases y actividades que deben ir en estas. El resultado es haber logrado proponer un framework adaptable con todos los pasos a considerar durante el desarrollo de contratos inteligentes. Además, dicho framework es probado utilizando tecnologías para demostrar su viabilidad.MaestríaMagister en Ingeniería de Sistemas y Computació
Open Heterogeneous Quorum Systems
In contrast to proof-of-work replication, Byzantine replicated systems
maintain consistency with higher throughput, modest energy consumption, and
deterministic liveness guarantees. If complemented with open membership and
heterogeneous trust, they have the potential to serve as a global financial
infrastructure. This paper presents a general model of heterogeneous quorum
systems, where each participant can declare its own quorums, and captures the
consistency, availability, and inclusion properties of these systems. In order
to support open membership, it then presents reconfiguration protocols for
heterogeneous quorum systems: joining and leaving of a process, and adding and
removing of a quorum. It presents trade-offs for the properties that
reconfigurations can preserve, and accordingly, presents reconfiguration
protocols and proves their correctness. It further presents a graph
characterization of heterogeneous quorum systems, and its application for
reconfiguration optimization