A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform

Hyperledger Fabric (HLF) is a flexible permissioned blockchain platform designed for business applications beyond the basic digital coin addressed by Bitcoin and other existing networks. A key property of HLF is its extensibility, and in particular the support for multiple ordering services for building the blockchain. Nonetheless, the version 1.0 was launched in early 2017 without an implementation of a Byzantine fault-tolerant (BFT) ordering service. To overcome this limitation, we designed, implemented, and evaluated a BFT ordering service for HLF on top of the BFT-SMaRt state machine replication/consensus library, implementing also optimizations for wide-area deployment. Our results show that HLF with our ordering service can achieve up to ten thousand transactions per second and write a transaction irrevocably in the blockchain in half a second, even with peers spread in different continents

Security Analysis of Filecoin's Expected Consensus in the Byzantine vs Honest Model

Filecoin is the largest storage-based open-source blockchain, both by storage capacity (>11EiB) and market capitalization. This paper provides the first formal security analysis of Filecoin's consensus (ordering) protocol, Expected Consensus (EC). Specifically, we show that EC is secure against an arbitrary adversary that controls a fraction $\beta$ of the total storage for $\beta m< 1- e^{-(1-\beta)m}$, where $m$ is a parameter that corresponds to the expected number of blocks per round, currently $m=5$ in Filecoin. We then present an attack, the $n$-split attack, where an adversary splits the honest miners between multiple chains, and show that it is successful for $\beta m \ge 1- e^{-(1-\beta)m}$, thus proving that $\beta m= 1- e^{-(1-\beta)m}$ is the tight security threshold of EC. This corresponds roughly to an adversary with $20\%$ of the total storage pledged to the chain. Finally, we propose two improvements to EC security that would increase this threshold. One of these two fixes is being implemented as a Filecoin Improvement Proposal (FIP).Comment: AFT 202

Hybris: Robust Hybrid Cloud Storage

International audienceBesides well-known benefits, commodity cloud storage also raises concerns that include security, reliability, and consistency. We present Hybris key-value store, the first robust hybrid cloud storage system, aiming at addressing these concerns leveraging both private and public cloud resources. Hybris robustly replicates metadata on trusted private premises (private cloud), separately from data which is dispersed (using replication or erasure coding) across multiple untrusted public clouds. Hybris maintains metadata stored on private premises at the order of few dozens of bytes per key, avoiding the scalability bottleneck at the private cloud. In turn, the hybrid design allows Hybris to efficiently and robustly tolerate cloud outages, but also potential malice in clouds without overhead. Namely, to tolerate up to f malicious clouds, in the common case of the Hybris variant with data replication, writes replicate data across f + 1 clouds, whereas reads involve a single cloud. In the worst case, only up to f additional clouds are used. This is considerably better than earlier multi-cloud storage systems that required costly 3f + 1 clouds to mask f potentially malicious clouds. Finally, Hybris leverages strong metadata consistency to guarantee to Hybris applications strong data consistency without any modifications to the eventually consistent public clouds. We implemented Hybris in Java and evaluated it using a series of micro and macro-benchmarks. Our results show that Hybris significantly outperforms comparable multi-cloud storage systems and approaches the performance of bare-bone commodity public cloud storage

The Transaction Graph for Modeling Blockchain Semantics

The advent of Bitcoin paved the way for a plethora of blockchain systems supporting diverse applications beyond cryptocurrencies. Although in-depth studies of the protocols, security, and privacy of blockchains are available, there is no formal model of the transaction semantics that a blockchain is supposed to guarantee. In this work, we fill this gap, motivated by the observation that the semantics of transactions in blockchain systems can be captured by a directed acyclic graph. Such a transaction graph, or TDAG, generally consists of the states and the transactions as transitions between the states, together with conditions for the consistency and validity of transactions. We instantiate the TDAG model for three prominent blockchain systems: Bitcoin, Ethereum, and Hyperledger Fabric. We specify the states and transactions as well as the validity conditions of the TDAG for each one. This demonstrates the applicability of the model and formalizes the transaction-level semantics that these systems aim for

Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains

Fabric is a modular and extensible open-source system for deploying and operating permissioned blockchains and one of the Hyperledger projects hosted by the Linux Foundation (www.hyperledger.org). Fabric is the first truly extensible blockchain system for running distributed applications. It supports modular consensus protocols, which allows the system to be tailored to particular use cases and trust models. Fabric is also the first blockchain system that runs distributed applications written in standard, general-purpose programming languages, without systemic dependency on a native cryptocurrency. This stands in sharp contrast to existing blockchain platforms that require "smart-contracts" to be written in domain-specific languages or rely on a cryptocurrency. Fabric realizes the permissioned model using a portable notion of membership, which may be integrated with industry-standard identity management. To support such flexibility, Fabric introduces an entirely novel blockchain design and revamps the way blockchains cope with non-determinism, resource exhaustion, and performance attacks. This paper describes Fabric, its architecture, the rationale behind various design decisions, its most prominent implementation aspects, as well as its distributed application programming model. We further evaluate Fabric by implementing and benchmarking a Bitcoin-inspired digital currency. We show that Fabric achieves end-to-end throughput of more than 3500 transactions per second in certain popular deployment configurations, with sub-second latency, scaling well to over 100 peers.Comment: Appears in proceedings of EuroSys 2018 conferenc

Risks in the Role of Co-Creating the Future of Tourism in “Stigmatized” Destinations

The primary goal of this paper was to investigate the strength of the influence of different types of risk on the travelers’ intention to visit destinations in future, that are, prejudiced due to COVID-19, marked as “stigmatized”, “isolated”, or “risky destinations”. Field interview research was conducted at the “Belgrade Nikola Tesla Airport” (Serbia). The results obtained by multiple regression analysis showed that all types of risks influenced the intention of travelers, with financial risk showing a more significant impact. Canonical discriminant analysis indicated that men were most afraid of human induced risk, service quality risk, natural disaster and COVID-19 risk, and they chose safer destinations. Among the women, the biggest fear was financial risk, socio-psychological risk, and food safety risk. Older respondents and those under the influence of external factors decided on safer destinations, while financial status did not play a significant role in predicting the choice of destination. The selection of the destination according to the degree of security was determined by the ordinal regression methodology. The entire research presents a certain novelty, because so far in the numerous studies on the topic of the negative consequences of COVID-19 on tourism, there has been no discussion of stigmatized or risky destinations that received that epithet, and were therefore negatively and unfairly marked in the minds of tourists for future visits

Teechain: a secure payment network with asynchronous blockchain access

Blockchains such as Bitcoin and Ethereum execute payment transactions securely, but their performance is limited by the need for global consensus. Payment networks overcome this limitation through off-chain transactions. Instead of writing to the blockchain for each transaction, they only settle the final payment balances with the underlying blockchain. When executing off-chain transactions in current payment networks, parties must access the blockchain within bounded time to detect misbehaving parties that deviate from the protocol. This opens a window for attacks in which a malicious party can steal funds by deliberately delaying other parties' blockchain access and prevents parties from using payment networks when disconnected from the blockchain. We present Teechain, the first layer-two payment network that executes off-chain transactions asynchronously with respect to the underlying blockchain. To prevent parties from misbehaving, Teechain uses treasuries, protected by hardware trusted execution environments (TEEs), to establish off-chain payment channels between parties. Treasuries maintain collateral funds and can exchange transactions efficiently and securely, without interacting with the underlying blockchain. To mitigate against treasury failures and to avoid having to trust all TEEs, Teechain replicates the state of treasuries using committee chains, a new variant of chain replication with threshold secret sharing. Teechain achieves at least a 33X higher transaction throughput than the state-of-the-art Lightning payment network. A 30-machine Teechain deployment can handle over 1 million Bitcoin transactions per second

Blockchain in supply chain management: Australian manufacturer case study

The recent explosion of interest around Blockchain and capabilities of this technology to track all types of transaction more transparently and securely motivate us to explore the possibilities Blockchain offers across the supply chain. This paper examines whether Blockchain makes a good fit for use in an Australian manufacturer supply chain. To address this, the research uses Technology Acceptance Model (TAM) as a framework from the literature. Blockchain allows us to have permissioned or permission-less distributed ledgers where stakeholders can interact with each other. It details how Blockchain works and the mechanism of hash algorithms which allows for greater security of information. It also focuses on the supply chain management and looks at the intricacies of a manufacturers supply chain. We present a review of the processes in place of an electrical manufacturer and the problems faced in the supply chain. A model is proposed in using public and private Blockchains to overcome these issues. The proposed solution has the potential to bring greater transparency, validity across the supply chain, and improvement of communication between stakeholders involved. We also point out some potential issues that should be considered if adopting Blockchain.N/