6 research outputs found
Ethereum's Proposer-Builder Separation: Promises and Realities
With Ethereum's transition from Proof-of-Work to Proof-of-Stake in September
2022 came another paradigm shift, the Proposer-Builder Separation (PBS) scheme.
PBS was introduced to decouple the roles of selecting and ordering transactions
in a block (i.e., the builder), from those validating its contents and
proposing the block to the network as the new head of the blockchain (i.e., the
proposer). In this landscape, proposers are the validators in the
Proof-of-Stake consensus protocol who validate and secure the network, while
now relying on specialized block builders for creating blocks with the most
value (e.g., transaction fees) for the proposer. Additionally, relays play a
crucial new role in this ecosystem, acting as mediators between builders and
proposers, being entrusted with the responsibility of transmitting the most
lucrative blocks from the builders to the proposers.
PBS is currently an opt-in protocol (i.e., a proposer can still opt-out and
build their own blocks). In this work, we study it's adoption and show that the
current PBS landscape exhibits significant centralization amongst the builders
and relays. We further explore whether PBS effectively achieves its intended
objectives of enabling hobbyist validators to maximize block profitability and
preventing censorship. Our findings reveal that although PBS grants all
validators the same opportunity to access optimized and competitive blocks, it
tends to stimulate censorship rather than reduce it. Additionally, our analysis
demonstrates that relays do not consistently uphold their commitments and may
prove unreliable. Specifically, there are instances where proposers do not
receive the complete value as initially promised, and the censorship or
filtering capabilities pledged by the relay exhibit significant gaps
A Better Method to Analyze Blockchain Consistency
The celebrated Nakamoto consensus protocol ushered in several new consensus applications including cryptocurrencies. A
few recent works have analyzed important properties of blockchains, including most significantly, consistency, which is a
guarantee that all honest parties output the same sequence of blocks throughout the execution of the protocol.
To establish consistency, the prior analysis of Pass, Seeman and shelat required a careful counting of certain combinatorial
events that was difficult to apply to variations of Nakamoto. The work of Garay, Kiayas, and Leonardas provides another method of analyzing the blockchain under both a synchronous and partially synchronous setting.
The contribution of this paper is the development of a simple Markov-chain based method for analyzing consistency properties of blockchain protocols. The method includes a formal way of stating strong concentration bounds as well as easy ways to concretely compute the bounds. We use our new method to answer a number of basic questions about consistency of blockchains:
• Our new analysis provides a tighter guarantee on the consistency property of Nakamoto’s protocol, including for parameter regimes which previous work could not consider;
• We analyze a family of delaying attacks and extend them to other protocols;
• We analyze how long a participant should wait before considering a high-value transaction “confirmed”;
• We analyze the consistency of CliqueChain, a variation of the Chainweb system;
• We provide the first rigorous consistency analysis of GHOST under the partially synchronous setting and also analyze a folklore balancing -attack.
In each case, we use our framework to experimentally analyze the consensus bounds for various network delay parameters and adversarial computing percentages.
We hope our techniques enable authors of future blockchain proposals to provide a more rigorous analysis of their schemes
Flyclient: Super-Light Clients for Cryptocurrencies
To validate transactions, cryptocurrencies such as Bitcoin and Ethereum require nodes to verify that a blockchain is valid. This entails downloading and verifying all blocks, taking hours and requiring gigabytes of bandwidth and storage. Hence, clients with limited resources cannot verify transactions independently without trusting full nodes.
Bitcoin and Ethereum offer light clients known as simplified payment verification (SPV) clients, that can verify the chain by downloading only the block headers. Unfortunately, the storage and bandwidth requirements of SPV clients still increase linearly with the chain length. For example, as of July 2019, an SPV client in Ethereum needs to download and store about 4 GB of data.
Recently, Kiayias et al. proposed a solution known as non-interactive proofs of proof-of-work (NIPoPoW) that allows a light client to download and store only a polylogarithmic number of block headers in expectation. Unfortunately, NIPoPoWs are succinct only as long as no adversary influences the honest chain, and can only be used in chains with fixed block difficulty, contrary to most cryptocurrencies which adjust block difficulty frequently according to the network hashrate.
We introduce Flyclient, a novel transaction verification light client for chains of variable difficulty. Flyclient is efficient both asymptotically and practically and requires downloading only a logarithmic number of block headers while storing only a single block header between executions. Using an optimal probabilistic block sampling protocol and Merkle Mountain Range (MMR) commitments, Flyclient overcomes the limitations of NIPoPoWs and generates shorter proofs over all measured parameters.
In Ethereum, Flyclient achieves a synchronization proof size of less than 500 KB which is roughly 6,600x smaller than SPV proofs.
We finally discuss how Flyclient can be deployed with minimal changes to the existing cryptocurrencies via an uncontentious velvet fork
Security of Nakamoto Consensus under Congestion
Nakamoto consensus (NC) powers major proof-of-work (PoW) and proof-of-stake (PoS) blockchains such as Bitcoin or Cardano. Given a network of nodes with certain communication and computation capacities, against what fraction of adversarial power (the resilience) is Nakamoto consensus secure for a given block production rate? Prior security analyses of NC used a bounded delay model which does not capture network congestion resulting from high block production rates, bursty release of adversarial blocks, and in PoS, spamming due to equivocations. For PoW, we find a new attack, called teasing attack, that exploits congestion to increase the time taken to download and verify blocks, thereby succeeding at lower adversarial power than the private attack which was deemed to be the worst-case attack in prior analysis. By adopting a bounded bandwidth model to capture congestion, and through an improved analysis method, we identify the resilience of PoW NC for a given block production rate. In PoS, we augment our attack with equivocations to further increase congestion, making the vanilla PoS NC protocol insecure against any adversarial power except at very low block production rates. To counter equivocation spamming in PoS, we present a new NC-style protocol Sanitizing PoS (SaPoS) which achieves the same resilience as PoW NC
Strategic Latency Reduction in Blockchain Peer-to-Peer Networks
Most permissionless blockchain networks run on peer-to-peer (P2P) networks,
which offer flexibility and decentralization at the expense of performance
(e.g., network latency). Historically, this tradeoff has not been a bottleneck
for most blockchains. However, an emerging host of blockchain-based
applications (e.g., decentralized finance) are increasingly sensitive to
latency; users who can reduce their network latency relative to other users can
accrue (sometimes significant) financial gains. In this work, we initiate the
study of strategic latency reduction in blockchain P2P networks. We first
define two classes of latency that are of interest in blockchain applications.
We then show empirically that a strategic agent who controls only their local
peering decisions can manipulate both types of latency, achieving 60\% of the
global latency gains provided by the centralized, paid service bloXroute, or,
in targeted scenarios, comparable gains. Finally, we show that our results are
not due to the poor design of existing P2P networks. Under a simple network
model, we theoretically prove that an adversary can always manipulate the P2P
network's latency to their advantage, provided the network experiences
sufficient peer churn and transaction activity