2,083 research outputs found
Design and Analysis of a Logless Dynamic Reconfiguration Protocol
Distributed replication systems based on the replicated state machine model
have become ubiquitous as the foundation of modern database systems. To ensure
availability in the presence of faults, these systems must be able to
dynamically replace failed nodes with healthy ones via dynamic reconfiguration.
MongoDB is a document oriented database with a distributed replication
mechanism derived from the Raft protocol. In this paper, we present
MongoRaftReconfig, a novel dynamic reconfiguration protocol for the MongoDB
replication system. MongoRaftReconfig utilizes a logless approach to managing
configuration state and decouples the processing of configuration changes from
the main database operation log. The protocol's design was influenced by
engineering constraints faced when attempting to redesign an unsafe, legacy
reconfiguration mechanism that existed previously in MongoDB. We provide a
safety proof of MongoRaftReconfig, along with a formal specification in TLA+.
To our knowledge, this is the first published safety proof and formal
specification of a reconfiguration protocol for a Raft-based system. We also
present results from model checking its safety properties on finite protocol
instances. Finally, we discuss the conceptual novelties of MongoRaftReconfig,
how it can be understood as an optimized and generalized version of the single
server reconfiguration algorithm of Raft, and present an experimental
evaluation of how its optimizations can provide performance benefits for
reconfigurations.Comment: 35 pages, 2 figure
Programming Language Abstractions for Modularly Verified Distributed Systems
Distributed systems are rarely developed as monolithic programs. Instead, like any software, these systems may consist of multiple program components, which are then compiled separately and linked together. Modern systems also incorporate various services interacting with each other and with client applications. However, state-of-the-art verification tools focus predominantly on verifying standalone, closed-world protocols or systems, thus failing to account for the compositional nature of distributed systems. For example, standalone verification has the drawback that when protocols and their optimized implementations evolve, one must re-verify the entire system from scratch, instead of leveraging compositionality to contain the reverification effort.
In this paper, we focus on the challenge of modular verification of distributed systems with respect to high-level protocol invariants as well as for low-level implementation safety properties. We argue that the missing link between the two is a programming paradigm that would allow one to reason about both high-level distributed protocols and low-level implementation primitives in a single verification-friendly framework. Such a link would make it possible to reap the benefits from both the vast body of research in distributed computing, focused on modular protocol decomposition and consistency properties, as well as from the recent advances in program verification, enabling construction of provably correct systems implementations. To showcase the modular verification challenges, we present some typical scenarios of decomposition between a distributed protocol and its implementations. We then describe our ongoing research agenda, in which we are attempting to address the outlined problems by providing a typing discipline and a set of domain-specific primitives for specifying, implementing and verifying distributed systems. Our approach, mechanized within a proof assistant, provides the means of decomposition necessary for modular proofs about distributed protocols and systems
Formalizing Nakamoto-Style Proof of Stake
Fault-tolerant distributed systems move the trust in a single party to a
majority of parties participating in the protocol. This makes blockchain based
crypto-currencies possible: they allow parties to agree on a total order of
transactions without a trusted third party. To trust a distributed system, the
security of the protocol and the correctness of the implementation must be
indisputable.
We present the first machine checked proof that guarantees both safety and
liveness for a consensus algorithm. We verify a Proof of Stake (PoS)
Nakamoto-style blockchain (NSB) protocol, using the foundational proof
assistant Coq. In particular, we consider a PoS NSB in a synchronous network
with a static set of corrupted parties. We define execution semantics for this
setting and prove chain growth, chain quality, and common prefix which together
implies both safety and liveness
Formal Modeling and Verification of a Blockchain-Based Crowdsourcing Consensus Protocol
Crowdsourcing is an effective technique that allows humans to solve complex problems that are hard to accomplish by automated tools. Some significant challenges in crowdsourcing systems include avoiding security attacks, effective trust management, and ensuring the system’s correctness. Blockchain is a promising technology that can be efficiently exploited to address security and trust issues. The consensus protocol is a core component of a blockchain network through which all the blockchain peers achieve an agreement about the state of the distributed ledger. Therefore, its security, trustworthiness, and correctness have vital importance. This work proposes a Secure and Trustworthy Blockchain-based Crowdsourcing (STBC) consensus protocol to address these challenges. Model checking is an effective and automatic technique based on formal methods that is utilized to ensure the correctness of STBC consensus protocol. The proposed consensus protocol’s formal specification is described using Communicating Sequential Programs (CSP#). Safety, fault tolerance, leader trust, and validators’ trust are important properties for a consensus protocol, which are formally specified through Linear Temporal Logic (LTL) to prevent several security attacks, such as blockchain fork, selfish mining, and invalid block insertion. Process Analysis Toolkit (PAT) is utilized for the formal verification of the proposed consensus protocol
- …