A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform

Hyperledger Fabric (HLF) is a flexible permissioned blockchain platform designed for business applications beyond the basic digital coin addressed by Bitcoin and other existing networks. A key property of HLF is its extensibility, and in particular the support for multiple ordering services for building the blockchain. Nonetheless, the version 1.0 was launched in early 2017 without an implementation of a Byzantine fault-tolerant (BFT) ordering service. To overcome this limitation, we designed, implemented, and evaluated a BFT ordering service for HLF on top of the BFT-SMaRt state machine replication/consensus library, implementing also optimizations for wide-area deployment. Our results show that HLF with our ordering service can achieve up to ten thousand transactions per second and write a transaction irrevocably in the blockchain in half a second, even with peers spread in different continents

Brief Announcement: Auditable Register Emulations

We initiate the study of auditable storage emulations, which provide the capability for an auditor to report the previously executed reads in a register. We define the notion of auditable register and its properties, and establish tight bounds and impossibility results for auditable storage emulations in the presence of faulty base storage objects. Our formulation considers registers that securely store data using information dispersal (each base object stores only a block of the written value) and supporting fast reads (that complete in one communication round-trip). In such a scenario, given a maximum number f of faulty storage objects and a minimum number ? of data blocks required to recover a stored value, we prove that (R1) auditability is impossible if ? ? 2f; (R2) implementing a weak form of auditability requires ? ? 3f+1; and (R3) a stronger form of auditability is impossible. We also show that (R4) signing read requests generically overcomes the lower bound of weak auditability, while (R5 and R6) totally ordering operations or using non-fast reads enables strong auditability. These results establish that practical storage emulations need f to 2f additional objects compared to their original lower bounds to support auditability

Active Quorum Systems: Specification and Correctness Proof

Reviewed by Miguel CorreiaIn this report we specify the Active Quorum System replication protocol for Byzantine fault tolerance, which uses a set of diverse algorithms for implementing different kinds of operations based on the semantics of the application, thus being efficient independently of the environmental conditions. The algorithms are specified and their correctness (linearizability and wait-freedom) are proved

Resilient Cloud-based Replication with Low Latency

Existing approaches to tolerate Byzantine faults in geo-replicated environments require systems to execute complex agreement protocols over wide-area links and consequently are often associated with high response times. In this paper we address this problem with Spider, a resilient replication architecture for geo-distributed systems that leverages the availability characteristics of today's public-cloud infrastructures to minimize complexity and reduce latency. Spider models a system as a collection of loosely coupled replica groups whose members are hosted in different cloud-provided fault domains (i.e., availability zones) of the same geographic region. This structural organization makes it possible to achieve low response times by placing replica groups in close proximity to clients while still enabling the replicas of a group to interact over short-distance links. To handle the inter-group communication necessary for strong consistency Spider uses a reliable group-to-group message channel with first-in-first-out semantics and built-in flow control that significantly simplifies system design.Comment: 25 pages, extended version of Middleware 2020 pape

Exploring Key-Value Stores in Multi-Writer Byzantine-Resilient Register Emulations

Resilient register emulation is a fundamental technique to implement dependable storage and distributed systems. In data-centric models, where servers are modeled as fail-prone base objects, classical solutions achieve resilience by using fault-tolerant quorums of read-write registers or read-modify-write objects. Recently, this model has attracted renewed interest due to the popularity of cloud storage providers (e.g., Amazon S3), that can be modeled as key-value stores (KVSs) and combined for providing secure and dependable multi-cloud storage services. In this paper we present three novel wait-free multi-writer multi-reader regular register emulations on top of Byzantine-prone KVSs. We implemented and evaluated these constructions using five existing cloud storage services and show that their performance matches or surpasses existing data-centric register emulations

O padrão UMIOP como base para comunicação de grupo confiável em sistemas distribuídos de larga escala

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico. Programa de Pós-Graduação em Engenharia Elétrica.O conceito de grupo de objetos é uma abstração largamente usada no tratamento de replicação em sistemas distribuídos tolerantes a faltas. Os sistemas que se baseiam neste conceito geralmente utilizam algum tipo de suporte de comunicação de grupo (SCG), que oferece comunicação multiponto através de primitivas com níveis diferenciados de confiabilidade de entrega e ordenação de mensagens. Em sistemas de larga escala, como a Internet, o multicast IP é a tecnologia base para a construção de protocolos de difusão seletiva confiável, que se constituem na base dos SCG. A junção dos conceitos de objetos distribuídos e de grupo em suportes de middleware, em especial os que seguem a arquitetura CORBA, tem sido objeto de pesquisas recentes, que motivaram a OMG a lançar duas especificações no sentido de introduzir o conceito de grupo nesta arquitetura: FT-CORBA (Fault-Tolerant CORBA), que introduz alguns serviços para suporte à tolerância a faltas nesta arquitetura, e o UMIOP (Unreliable Multicast Inter-ORB Protocol), que provê um protocolo de difusão não confiável (MIOP) baseado em multicast IP e um modelo de objetos para suportar este protocolo em ORBs CORBA. Com estes dois padrões a OMG separa claramente aspectos de comunicação de grupo (UMIOP) e de membership (FT-CORBA). Este trabalho propõe um modelo de integração entre o FT-CORBA e o UMIOP utilizando o ReMIOP (Reliable MIOP), que corresponde ao protocolo MIOP acrescido de controle de fluxo e retransmissões a fim de dar confiabilidade a este, como base para suporte de comunicação de grupo. A concretização destas experiências com comunicação de grupo no CORBA deram origem ao MJaco, um ORB que implementa o padrão UMIOP e suas extensões para confiabilidade, bem como mantém suas capacidades de comunicação ponto a ponto. A existência do MJaco abre espaço para a implementação do modelo proposto e uma série de pesquisas sobre middleware adaptativo