108 research outputs found
Deconstructing the Blockchain to Approach Physical Limits
Transaction throughput, confirmation latency and confirmation reliability are
fundamental performance measures of any blockchain system in addition to its
security. In a decentralized setting, these measures are limited by two
underlying physical network attributes: communication capacity and
speed-of-light propagation delay. Existing systems operate far away from these
physical limits. In this work we introduce Prism, a new proof-of-work
blockchain protocol, which can achieve 1) security against up to 50%
adversarial hashing power; 2) optimal throughput up to the capacity C of the
network; 3) confirmation latency for honest transactions proportional to the
propagation delay D, with confirmation error probability exponentially small in
CD ; 4) eventual total ordering of all transactions. Our approach to the design
of this protocol is based on deconstructing the blockchain into its basic
functionalities and systematically scaling up these functionalities to approach
their physical limits.Comment: Computer and Communications Security, 201
TaiJi: Longest Chain Availability with BFT Fast Confirmation
Most state machine replication protocols are either based on the 40-years-old
Byzantine Fault Tolerance (BFT) theory or the more recent Nakamoto's longest
chain design. Longest chain protocols, designed originally in the Proof-of-Work
(PoW) setting, are available under dynamic participation, but has probabilistic
confirmation with long latency dependent on the security parameter. BFT
protocols, designed for the permissioned setting, has fast deterministic
confirmation, but assume a fixed number of nodes always online. We present a
new construction which combines a longest chain protocol and a BFT protocol to
get the best of both worlds. Using this construction, we design TaiJi, the
first dynamically available PoW protocol which has almost deterministic
confirmation with latency independent of the security parameter. In contrast to
previous hybrid approaches which use a single longest chain to sample
participants to run a BFT protocol, our native PoW construction uses many
independent longest chains to sample propose actions and vote actions for the
BFT protocol. This design enables TaiJi to inherit the full dynamic
availability of Bitcoin, as well as its full unpredictability, making it secure
against fully-adaptive adversaries with up to 50% of online hash power
SoK: Diving into DAG-based Blockchain Systems
Blockchain plays an important role in cryptocurrency markets and technology
services. However, limitations on high latency and low scalability retard their
adoptions and applications in classic designs. Reconstructed blockchain systems
have been proposed to avoid the consumption of competitive transactions caused
by linear sequenced blocks. These systems, instead, structure
transactions/blocks in the form of Directed Acyclic Graph (DAG) and
consequently re-build upper layer components including consensus, incentives,
\textit{etc.} The promise of DAG-based blockchain systems is to enable fast
confirmation (complete transactions within million seconds) and high
scalability (attach transactions in parallel) without significantly
compromising security. However, this field still lacks systematic work that
summarises the DAG technique. To bridge the gap, this Systematization of
Knowledge (SoK) provides a comprehensive analysis of DAG-based blockchain
systems. Through deconstructing open-sourced systems and reviewing academic
researches, we conclude the main components and featured properties of systems,
and provide the approach to establish a DAG. With this in hand, we analyze the
security and performance of several leading systems, followed by discussions
and comparisons with concurrent (scaling blockchain) techniques. We further
identify open challenges to highlight the potentiality of DAG-based solutions
and indicate their promising directions for future research.Comment: Full versio
Ledger combiners for fast settlement
Blockchain protocols based on variations of the longest-chain rule—whether following the proof-of-work paradigm or one of its alternatives—suffer from a fundamental latency barrier. This arises from the need to collect a sufficient number of blocks on top of a transaction-bearing block to guarantee the transaction’s stability while limiting the rate at which blocks can be created in order to prevent security-threatening forks. Our main result is a black-box security-amplifying combiner based on parallel composition of m blockchains that achieves Θ(m) -fold security amplification for conflict-free transactions or, equivalently, Θ(m) -fold reduction in latency. Our construction breaks the latency barrier to achieve, for the first time, a ledger based purely on Nakamoto longest-chain consensus guaranteeing worst-case constant-time settlement for conflict-free transactions: settlement can be accelerated to a constant multiple of block propagation time with negligible error. Operationally, our construction shows how to view any family of blockchains as a unified, virtual ledger without requiring any coordination among the chains or any new protocol metadata. Users of the system have the option to inject a transaction into a single constituent blockchain or—if they desire accelerated settlement—all of the constituent blockchains. Our presentation and proofs introduce a new formalism for reasoning about blockchains, the dynamic ledger, and articulate our constructions as transformations of dynamic ledgers that amplify security. We also illustrate the versatility of this formalism by presenting robust-combiner constructions for blockchains that can protect against complete adversarial control of a minority of a family of blockchains
NC-Max: Breaking the Security-Performance Tradeoff in Nakamoto Consensus
First implemented in Bitcoin, Nakamoto Consensus (NC) is the most influential consensus protocol in cryptocurrencies despite all the alternative protocols designed afterward. Nevertheless, NC is trapped by a security-performance tradeoff. While existing efforts mostly attempt to break this tradeoff via abandoning or adjusting NC\u27s backbone protocol, we alternatively forward the relevance of the network layer. We identify and experimentally prove that the crux resides with the prolonged block propagation latency caused by not-yet-propagated transactions. We thus present a two-step mechanism to confirm only fully-propagated transactions, and therefore remove the limits upon NC\u27s performance imposed by its security demands, realizing NC\u27s untapped potential. Implementing this two-step mechanism, we propose NC-Max, whose (1) security is analyzed, proving that it provides stronger resistance than NC against transaction withholding attacks, and (2) performance is evaluated, showing that it exhausts the full throughput supported by the network, and shortens the transaction confirmation latency by 3.0 to 6.6 times compared to NC without compromising security. NC-Max is implemented in Nervos CKB, a public permissionless blockchain
Security-Performance Tradeoff in DAG-based Proof-of-Work Blockchain Protocols
Proof-of-work (PoW) blockchain protocols based on directed acyclic graphs (DAGs) have demonstrated superior transaction confirmation performance compared to their chain-based predecessors. However, it is uncertain whether their security deteriorates in high-throughput settings similar to their predecessors, because their acceptance of simultaneous blocks and complex block dependencies presents challenges for rigorous security analysis.
We address these challenges by analyzing DAG-based protocols via a congestible blockchain model (CBM), a general model that allows case-by-case upper bounds on the block propagation delay, rather than a uniform upper bound as in most previous analyses. CBM allows us to capture two key phenomena of high-throughput settings: (1) simultaneous blocks increase each other\u27s propagation delay, and (2) a block can be processed only after receiving all the blocks it refers to. We further devise a reasonable adversarial block propagation strategy in CBM, called the late-predecessor attack, which exploits block dependencies to delay the processing of honest blocks. We then evaluate the security and performance of Prism and OHIE, two DAG-based protocols that aim to break the security-performance tradeoff, in the presence of an attacker capable of launching the late predecessor attack. Our results show that these protocols suffer from reduced security and extended latency in high-throughput settings similar to their chain-based predecessors
- …