157 research outputs found
The Contest Between Simplicity and Efficiency in Asynchronous Byzantine Agreement
In the wake of the decisive impossibility result of Fischer, Lynch, and
Paterson for deterministic consensus protocols in the aynchronous model with
just one failure, Ben-Or and Bracha demonstrated that the problem could be
solved with randomness, even for Byzantine failures. Both protocols are natural
and intuitive to verify, and Bracha's achieves optimal resilience. However, the
expected running time of these protocols is exponential in general. Recently,
Kapron, Kempe, King, Saia, and Sanwalani presented the first efficient
Byzantine agreement algorithm in the asynchronous, full information model,
running in polylogarithmic time. Their algorithm is Monte Carlo and drastically
departs from the simple structure of Ben-Or and Bracha's Las Vegas algorithms.
In this paper, we begin an investigation of the question: to what extent is
this departure necessary? Might there be a much simpler and intuitive Las Vegas
protocol that runs in expected polynomial time? We will show that the
exponential running time of Ben-Or and Bracha's algorithms is no mere accident
of their specific details, but rather an unavoidable consequence of their
general symmetry and round structure. We define a natural class of "fully
symmetric round protocols" for solving Byzantine agreement in an asynchronous
setting and show that any such protocol can be forced to run in expected
exponential time by an adversary in the full information model. We assume the
adversary controls Byzantine processors for , where is an
arbitrary positive constant . We view our result as a step toward
identifying the level of complexity required for a polynomial-time algorithm in
this setting, and also as a guide in the search for new efficient algorithms.Comment: 21 page
On the Round Complexity of Randomized Byzantine Agreement
We prove lower bounds on the round complexity of randomized Byzantine agreement (BA) protocols, bounding the halting probability of such protocols after one and two rounds. In particular, we prove that:
1) BA protocols resilient against n/3 [resp., n/4] corruptions terminate (under attack) at the end of the first round with probability at most o(1) [resp., 1/2+ o(1)].
2) BA protocols resilient against n/4 corruptions terminate at the end of the second round with probability at most 1-Theta(1).
3) For a large class of protocols (including all BA protocols used in practice) and under a plausible combinatorial conjecture, BA protocols resilient against n/3 [resp., n/4] corruptions terminate at the end of the second round with probability at most o(1) [resp., 1/2 + o(1)].
The above bounds hold even when the parties use a trusted setup phase, e.g., a public-key infrastructure (PKI).
The third bound essentially matches the recent protocol of Micali (ITCS\u2717) that tolerates up to n/3 corruptions and terminates at the end of the third round with constant probability
Buying Time: Latency Racing vs. Bidding in Fair Transaction Ordering
We design a practical algorithm for transaction ordering that takes into
account both transaction timestamps and bids. The algorithm guarantees that
users get their transactions published with bounded delay against a bid, while
it extracts a fair value from sophisticated users that have an edge in latency,
by moving expenditure from investment in latency improvement technology to
bidding. The algorithm creates a score from timestamps and bids, and orders
transactions based on the score. We first show that a scoring rule is the only
type of rule that satisfies the independence of latency races. We provide an
economic analysis of the protocol in an environment of private information,
where investment in latency is made ex-ante or interim stages, while bidding
happens at the interim stage where private signals have been observed. The
algorithm is useful for transaction sequencing in rollups or in other
environments where the sequencer has privileged access to order flows
A Survey on Consensus Mechanisms and Mining Strategy Management in Blockchain Networks
© 2013 IEEE. The past decade has witnessed the rapid evolution in blockchain technologies, which has attracted tremendous interests from both the research communities and industries. The blockchain network was originated from the Internet financial sector as a decentralized, immutable ledger system for transactional data ordering. Nowadays, it is envisioned as a powerful backbone/framework for decentralized data processing and data-driven self-organization in flat, open-access networks. In particular, the plausible characteristics of decentralization, immutability, and self-organization are primarily owing to the unique decentralized consensus mechanisms introduced by blockchain networks. This survey is motivated by the lack of a comprehensive literature review on the development of decentralized consensus mechanisms in blockchain networks. In this paper, we provide a systematic vision of the organization of blockchain networks. By emphasizing the unique characteristics of decentralized consensus in blockchain networks, our in-depth review of the state-of-the-art consensus protocols is focused on both the perspective of distributed consensus system design and the perspective of incentive mechanism design. From a game-theoretic point of view, we also provide a thorough review of the strategy adopted for self-organization by the individual nodes in the blockchain backbone networks. Consequently, we provide a comprehensive survey of the emerging applications of blockchain networks in a broad area of telecommunication. We highlight our special interest in how the consensus mechanisms impact these applications. Finally, we discuss several open issues in the protocol design for blockchain consensus and the related potential research directions
KRNC: New Foundations for Permissionless Byzantine Consensus and Global Monetary Stability
This paper applies biomimetic engineering to the problem of permissionless
Byzantine consensus and achieves results that surpass the prior state of the
art by four orders of magnitude. It introduces a biologically inspired
asymmetric Sybil-resistance mechanism, Proof-of-Balance, which can replace
symmetric Proof-of-Work and Proof-of-Stake weighting schemes.
The biomimetic mechanism is incorporated into a permissionless blockchain
protocol, Key Retroactivity Network Consensus ("KRNC"), which delivers ~40,000
times the security and speed of today's decentralized ledgers. KRNC allows the
fiat money that the public already owns to be upgraded with cryptographic
inflation protection, eliminating the problems inherent in bootstrapping new
currencies like Bitcoin and Ethereum.
The paper includes two independently significant contributions to the
literature. First, it replaces the non-structural axioms invoked in prior work
with a new formal method for reasoning about trust, liveness, and safety from
first principles. Second, it demonstrates how two previously overlooked
exploits, book-prize attacks and pseudo-transfer attacks, collectively
undermine the security guarantees of all prior permissionless ledgers.Comment: 104 page
Cost Reduction With Guarantees: Formal Reasoning Applied To Blockchain Technologies
Blockchain technologies are moving fast and their distributed nature as well as their high-stake (financial) applications make it crucial to “get things right”. Moreover, blockchain technologies often come with a high cost for maintaining blockchain infrastructure and for running applications. In this thesis formal reasoning is used for guaranteeing correctness while reducing the cost of (i) maintaining the infrastructure by optimising blockchain protocols, and (ii) running applications by optimising blockchain programs—so called smart contracts. Both have a clear cost measure: for protocols the amount of exchanged messages, and for smart contracts the monetary cost of execution. In the first result for blockchain protocols starting from a proof of correctness for an abstract blockchain consensus protocol using infinitely many messages and infinite state, a refinement proof transfers correctness to a concrete implementation of the protocol reducing the cost to finite resources. In the second result I move from a blockchain to a block graph. This block graph embeds the run of a deterministic byzantine fault tolerant protocol, thereby getting parallelism “for free” and reducing the exchanged messages to the point of omission. For blockchain programs, I optimise programs executed on the Ethereum blockchain. As a first result, I use superoptimisation and encode the search for cheaper, but observationally equivalent, program as a search problem for an automated theorem prover. Since solving this search problem is in itself expensive, my second result is an efficient encoding of the search problem. Finally for reusing found optimisations, my third results gives a framework to generate peephole optimisation rules for a smart contract compiler
- …