Formal Verification of HotStuff

HotStuff is a recent algorithm for repeated distributed consensus used in permissioned blockchains. We present a simplified version of the HotStuff algorithm and verify its safety using both Ivy and the TLA Proof Systems tools. We show that HotStuff deviates from the traditional view-instance model used in other consensus algorithms and instead follows a novel tree model to solve this fundamental problem. We argue that the tree model results in more complex verification tasks than the traditional view-instance model. Our verification efforts provide initial evidence towards this claim.acceptedVersio

Heterogeneous Paxos

In distributed systems, a group of learners achieve consensus when, by observing the output of some acceptors, they all arrive at the same value. Consensus is crucial for ordering transactions in failure-tolerant systems. Traditional consensus algorithms are homogeneous in three ways: - all learners are treated equally, - all acceptors are treated equally, and - all failures are treated equally. These assumptions, however, are unsuitable for cross-domain applications, including blockchains, where not all acceptors are equally trustworthy, and not all learners have the same assumptions and priorities. We present the first consensus algorithm to be heterogeneous in all three respects. Learners set their own mixed failure tolerances over differently trusted sets of acceptors. We express these assumptions in a novel Learner Graph, and demonstrate sufficient conditions for consensus. We present Heterogeneous Paxos, an extension of Byzantine Paxos. Heterogeneous Paxos achieves consensus for any viable Learner Graph in best-case three message sends, which is optimal. We present a proof-of-concept implementation and demonstrate how tailoring for heterogeneous scenarios can save resources and reduce latency

(Sisforma 10-2/2023) Designing a Blockchain-based SME transaction model using the Federated Byzantine Agreement to shorten transaction validation times

Since the world experienced the Covid-19 pandemic, the role of MSMEs in the e-commerce sector has grown rapidly and contributed 50% of Indonesia's GDP. However, investors and some consumers still underestimate MSMEs. They have a low level of trust in MSMEs. This is due to the lack of a transparent system so that cases of fraud against MSME products often occur. This issue of trust and transparency needs to be resolved with technological solutions. One technology that can solve this problem is Blockchain. However, currently there are still validation problems if it is to be implemented in MSMEs. This research aims to resolve validation time constraints in the implementation of MSMEs. This research builds a Blockchain-based MSME transaction model using Federated Byzantine Agreement (FBA) algorithm to solve validation time problems. The result shows that FBA is able to complete transactions with the fastest validation time compared to Proof of Work (POW), Proof of State (POS), and Proof of Authority (POA)

When is Spring coming? A Security Analysis of Avalanche Consensus

Avalanche is a blockchain consensus protocol with exceptionally low latency and high throughput. This has swiftly established the corresponding token as a top-tier cryptocurrency. Avalanche achieves such remarkable metrics by substituting proof of work with a random sampling mechanism. The protocol also differs from Bitcoin, Ethereum, and many others by forming a directed acyclic graph (DAG) instead of a chain. It does not totally order all transactions, establishes a partial order among them, and accepts transactions in the DAG that satisfy specific properties. Such parallelism is widely regarded as a technique that increases the efficiency of consensus. Despite its success, Avalanche consensus lacks a complete abstract specification and a matching formal analysis. To address this drawback, this work provides first a detailed formulation of Avalanche through pseudocode. This includes features that are omitted from the original whitepaper or are only vaguely explained in the documentation. Second, the paper gives an analysis of the formal properties fulfilled by Avalanche in the sense of a generic broadcast protocol that only orders related transactions. Last but not least, the analysis reveals a vulnerability that affects the liveness of the protocol. A possible solution that addresses the problem is also proposed

From Symmetric to Asymmetric Asynchronous Byzantine Consensus

Consensus is arguably one of the most important notions in distributed computing. Among asynchronous, randomized, and signature-free implementations, the protocols of Most\'efaoui et al. (PODC 2014 and JACM 2015) represent a landmark result, which has been extended later and taken up in practical systems. The protocols achieve optimal resilience and takes, in expectation, only a constant expected number of rounds of quadratic message complexity. Randomization is provided through a common-coin primitive. In traditional consensus protocols, all involved processes adhere to a global, symmetric failure model, typically only defined by bounds on the number of faulty processes. Motivated by applications to blockchains, however, more flexible trust assumptions have recently been considered. In particular, with asymmetric trust, a process is free to choose which other processes it trusts and which ones might collude against it. This paper revisits the optimal asynchronous protocol of Most\'efaoui et al. and shows how to realize it with asymmetric trust. The paper starts by pointing out in detail why some versions of this protocol may violate liveness. Then it proposes a fix for the protocol that does not affect its properties, but lets it regain the simplicity of its original version (PODC 2014). At the same time, the paper shows how to realize randomized signature-free asynchronous Byzantine consensus with asymmetric quorums. This results in an optimal consensus protocol with subjective, asymmetric trust and constant expected running time. It is suitable for applications to blockchains, for instance

Fair Ordering via Streaming Social Choice Theory

Prior work studies the question of ``fairly'' ordering transactions in a replicated state machine. Each of $n$ replicas receives transactions in a possibly different order, and the system must aggregate the observed orderings into a single order. We argue that this problem is best viewed through the lens of social choice theory, in which (in the preference aggregation problem) rankings on candidates are aggregated into an election result. Two features make this problem novel. First, the number of transactions is unbounded, and an ordering must be defined over a countably infinite set. And second, decisions must be made quickly, with only partial information. Additionally, some faulty replicas might alter their reported observations; their influence on the output should be bounded and well understood. Prior work studies a ``$\gamma$-batch-order-fairness'' property, which divides an ordering into contiguous batches. If a $\gamma$ fraction of replicas receive $\tau$ before $\tau^\prime$, then $\tau^\prime$ cannot be in an earlier batch than $\tau$. We strengthen this definition to require that batches have minimal size ($\gamma$-batch-order-fairness can be vacuously satisfied by large batches) while accounting for the possibility of faulty replicas. This social choice lens enables an ordering protocol with strictly stronger fairness and liveness properties than prior work. We study the Ranked Pairs method. Analysis of how missing information moves through the algorithm allows our streaming version to know when it can output a transaction. Deliberate construction of a tiebreaking rule ensures our algorithm outputs a transaction after a bounded time (in a synchronous network). Prior work relies on a fixed choice of $\gamma$ and bound on the number of faulty replicas $f$, but our algorithm satisfies our definition for every $\frac{1}{2}<\gamma\leq 1$ simultaneously and for any $f$

Continuous and secure integration framework for smart contracts

En tiempo reciente, el desarrollo de contratos inteligentes ha tenido un auge debido al interés generado por criptomonedas en la tecnología de blockchains. Investigadores han encontrado diferentes usos para los contratos inteligentes gracias a este interés. Debido a esto, se ha logrado evidenciar los problemas de seguridad que se han presentado con múltiples contratos y los problemas que pueden llegar a ocasionarse. Por tanto, decidimos evaluar los esquemas de DevOps actual para buscar adaptarlo a un modelo de trabajo compatible con los contratos inteligentes. Siguiendo múltiples investigaciones realizadas por otros investigadores en fases específicas, logramos identificar las falencias de DevOps en contratos inteligentes. Considerando la información que recolectamos, trabajamos en definir las fases y actividades que deben ir en estas. El resultado es haber logrado proponer un framework adaptable con todos los pasos a considerar durante el desarrollo de contratos inteligentes. Además, dicho framework es probado utilizando tecnologías para demostrar su viabilidad.MaestríaMagister en Ingeniería de Sistemas y Computació

Open Heterogeneous Quorum Systems

In contrast to proof-of-work replication, Byzantine replicated systems maintain consistency with higher throughput, modest energy consumption, and deterministic liveness guarantees. If complemented with open membership and heterogeneous trust, they have the potential to serve as a global financial infrastructure. This paper presents a general model of heterogeneous quorum systems, where each participant can declare its own quorums, and captures the consistency, availability, and inclusion properties of these systems. In order to support open membership, it then presents reconfiguration protocols for heterogeneous quorum systems: joining and leaving of a process, and adding and removing of a quorum. It presents trade-offs for the properties that reconfigurations can preserve, and accordingly, presents reconfiguration protocols and proves their correctness. It further presents a graph characterization of heterogeneous quorum systems, and its application for reconfiguration optimization