A Secure Sharding Protocol For Open Blockchains
24 Oct 2016-pp 17-30
TL;DR: ELASTICO is the first candidate for a secure sharding protocol with presence of byzantine adversaries, and scalability experiments on Amazon EC2 with up to $1, 600$ nodes confirm ELASTICO's theoretical scaling properties.
Abstract: Cryptocurrencies, such as Bitcoin and 250 similar alt-coins, embody at their core a blockchain protocol --- a mechanism for a distributed network of computational nodes to periodically agree on a set of new transactions. Designing a secure blockchain protocol relies on an open challenge in security, that of designing a highly-scalable agreement protocol open to manipulation by byzantine or arbitrarily malicious nodes. Bitcoin's blockchain agreement protocol exhibits security, but does not scale: it processes 3--7 transactions per second at present, irrespective of the available computation capacity at hand. In this paper, we propose a new distributed agreement protocol for permission-less blockchains called ELASTICO. ELASTICO scales transaction rates almost linearly with available computation for mining: the more the computation power in the network, the higher the number of transaction blocks selected per unit time. ELASTICO is efficient in its network messages and tolerates byzantine adversaries of up to one-fourth of the total computational power. Technically, ELASTICO uniformly partitions or parallelizes the mining network (securely) into smaller committees, each of which processes a disjoint set of transactions (or "shards"). While sharding is common in non-byzantine settings, ELASTICO is the first candidate for a secure sharding protocol with presence of byzantine adversaries. Our scalability experiments on Amazon EC2 with up to $1, 600$ nodes confirm ELASTICO's theoretical scaling properties.
Citations
More filters
TL;DR: Numerical results indicate that the double auction mechanism can achieve social welfare maximization while protecting privacy of the PHEVs and security analysis shows that the proposed PETCON improves transaction security and privacy protection.
Abstract: We propose a localized peer-to-peer (P2P) electricity trading model for locally buying and selling electricity among plug-in hybrid electric vehicles (PHEVs) in smart grids Unlike traditional schemes, which transport electricity over long distances and through complex electricity transportation meshes, our proposed model achieves demand response by providing incentives to discharging PHEVs to balance local electricity demand out of their own self-interests However, since transaction security and privacy protection issues present serious challenges, we explore a promising consortium blockchain technology to improve transaction security without reliance on a trusted third party A localized P 2P E lectricity T rading system with CO nsortium blockchai N (PETCON) method is proposed to illustrate detailed operations of localized P2P electricity trading Moreover, the electricity pricing and the amount of traded electricity among PHEVs are solved by an iterative double auction mechanism to maximize social welfare in this electricity trading Security analysis shows that our proposed PETCON improves transaction security and privacy protection Numerical results based on a real map of Texas indicate that the double auction mechanism can achieve social welfare maximization while protecting privacy of the PHEVs
933 citations
Cites background from "A Secure Sharding Protocol For Open..."
...Once the authorized LAGs formation is complete and remains almost constant, the total time needed for reaching consensus of one new block is about 1 minute regardless of the network size [13]....
[...]
20 May 2018
TL;DR: OmniLedger ensures security and correctness by using a bias-resistant public-randomness protocol for choosing large, statistically representative shards that process transactions, and by introducing an efficient cross-shard commit protocol that atomically handles transactions affecting multiple shards.
Abstract: Designing a secure permissionless distributed ledger (blockchain) that performs on par with centralized payment processors, such as Visa, is a challenging task. Most existing distributed ledgers are unable to scale-out, i.e., to grow their total processing capacity with the number of validators; and those that do, compromise security or decentralization. We present OmniLedger, a novel scale-out distributed ledger that preserves longterm security under permissionless operation. It ensures security and correctness by using a bias-resistant public-randomness protocol for choosing large, statistically representative shards that process transactions, and by introducing an efficient cross-shard commit protocol that atomically handles transactions affecting multiple shards. OmniLedger also optimizes performance via parallel intra-shard transaction processing, ledger pruning via collectively-signed state blocks, and low-latency "trust-but-verify" validation for low-value transactions. An evaluation of our experimental prototype shows that OmniLedger’s throughput scales linearly in the number of active validators, supporting Visa-level workloads and beyond, while confirming typical transactions in under two seconds.
856 citations
TL;DR: This work exploits the consortium blockchain technology to propose a secure energy trading system named energy blockchain, which can be widely used in general scenarios of P2P energy trading getting rid of a trusted intermediary and a credit-based payment scheme to support fast and frequent energy trading.
Abstract: In industrial Internet of things (IIoT), peer-to-peer (P2P) energy trading ubiquitously takes place in various scenarios, e.g., microgrids, energy harvesting networks, and vehicle-to-grid networks. However, there are common security and privacy challenges caused by untrusted and nontransparent energy markets in these scenarios. To address the security challenges, we exploit the consortium blockchain technology to propose a secure energy trading system named energy blockchain. This energy blockchain can be widely used in general scenarios of P2P energy trading getting rid of a trusted intermediary. Besides, to reduce the transaction limitation resulted from transaction confirmation delays on the energy blockchain, we propose a credit-based payment scheme to support fast and frequent energy trading. An optimal pricing strategy using Stackelberg game for credit-based loans is also proposed. Security analysis and numerical results based on a real dataset illustrate that the proposed energy blockchain and credit-based payment scheme are secure and efficient in IIoT.
778 citations
Cites background from "A Secure Sharding Protocol For Open..."
...The total time needed for reaching consensus of a new block is stable regardless of the network size, when the authorized EAGs formation is complete and remains as a constant [18]....
[...]
TL;DR: This paper conducts a comprehensive evaluation of three major blockchain systems based on BLOCKBENCH, namely Ethereum, Parity, and Hyperledger Fabric, and discusses several research directions for bringing blockchain performance closer to the realm of databases.
Abstract: Blockchain technologies are gaining massive momentum in the last few years. Blockchains are distributed ledgers that enable parties who do not fully trust each other to maintain a set of global states. The parties agree on the existence, values, and histories of the states. As the technology landscape is expanding rapidly, it is both important and challenging to have a firm grasp of what the core technologies have to offer, especially with respect to their data processing capabilities. In this paper, we first survey the state of the art, focusing on private blockchains (in which parties are authenticated). We analyze both in-production and research systems in four dimensions: distributed ledger, cryptography, consensus protocol, and smart contract. We then present BLOCKBENCH, a benchmarking framework for understanding performance of private blockchains against data processing workloads. We conduct a comprehensive evaluation of three major blockchain systems based on BLOCKBENCH, namely Ethereum, Parity, and Hyperledger Fabric. The results demonstrate several trade-offs in the design space, as well as big performance gaps between blockchain and database systems. Drawing from design principles of database systems, we discuss several research directions for bringing blockchain performance closer to the realm of databases.
769 citations
Cites background from "A Secure Sharding Protocol For Open..."
...Other examples are Elastico [26] and Algorand [27] which improve PoW by randomly sampling a small set of nodes at each round....
[...]
...Byzcoin [61] and Elastico [26] propose novel, two-phase protocols that combine PoW and PBFT....
[...]
...Recent work [26] has demonstrated the feasibility of sharding the consensus protocol, making important steps towards partitioning the entire blockchain....
[...]
...Similar to Byzcoin and Elastico, Dfinity [43] and Algorand [27] select at each round a random set of nodes that can propose blocks....
[...]
...Threshold Relay Public Dfinity [43] proposes threshold relay in which nodes form random group based on a public verifiable random function (Byzcoin [61] and Elastico [26] adopt similar approaches)....
[...]
TL;DR: Although the feature of blockchain technologies may bring us more reliable and convenient services, the security issues and challenges behind this innovative technique is also an important topic that the authors need to concern.
Abstract: Blockchain technologies is one of the most popular issue in recent years, it has already changed people's lifestyle in some area due to its great influence on many business or industry, and what it can do will still continue cause impact in many places Although the feature of blockchain technologies may bring us more reliable and convenient services, the security issues and challenges behind this innovative technique is also an important topic that we need to concern
756 citations
Cites background from "A Secure Sharding Protocol For Open..."
...There still have many use case of blockchain technologies, like protection of Intellectual property, traceability in supply chain, identity certification, insurance, international payments, IOT, patient’s privacy in medical treatment or prediction market [14, 20]....
[...]
References
More filters
Proceedings Article•
22 Apr 2009TL;DR: Aardvark can achieve peak performance within 40% of that of the best existing protocol in the authors' tests and provide a significant fraction of that performance when up to f servers and any number of clients are faulty.
Abstract: This paper argues for a new approach to building Byzantine fault tolerant replication systems. We observe that although recently developed BFT state machine replication protocols are quite fast, they don't tolerate Byzantine faults very well: a single faulty client or server is capable of rendering PBFT, Q/U, HQ, and Zyzzyva virtually unusable. In this paper, we (1) demonstrate that existing protocols are dangerously fragile, (2) define a set of principles for constructing BFT services that remain useful even when Byzantine faults occur, and (3) apply these principles to construct a new protocol, Aardvark. Aardvark can achieve peak performance within 40% of that of the best existing protocol in our tests and provide a significant fraction of that performance when up to f servers and any number of clients are faulty. We observe useful throughputs between 11706 and 38667 requests per second for a broad range of injected faults.
436 citations
TL;DR: In Zyzzyva, replicas reply to a client's request without first running an expensive three-phase commit protocol to agree on the order to process requests, making BFT replication practical for a broad range of demanding services.
Abstract: A longstanding vision in distributed systems is to build reliable systems from unreliable components An enticing formulation of this vision is Byzantine fault-tolerant (BFT) state machine replication, in which a group of servers collectively act as a correct server even if some of the servers misbehave or malfunction in arbitrary ("Byzantine") ways Despite this promise, practitioners hesitate to deploy BFT systems at least partly because of the perception that BFT must impose high overheads In this article, we present Zyzzyva, a protocol that uses speculation to reduce the cost of BFT replication In Zyzzyva, replicas reply to a client's request without first running an expensive three-phase commit protocol to agree on the order to process requests Instead, they optimistically adopt the order proposed by a primary server, process the request, and reply immediately to the client If the primary is faulty, replicas can become temporarily inconsistent with one another, but clients detect inconsistencies, help correct replicas converge on a single total ordering of requests, and only rely on responses that are consistent with this total order This approach allows Zyzzyva to reduce replication overheads to near their theoretical minima and to achieve throughputs of tens of thousands of requests per second, making BFT replication practical for a broad range of demanding services
390 citations
Journal Article•
[...]
TL;DR: Fast Paxos as discussed by the authors generalizes the classic Paxos consensus algorithm and achieves consensus in two message delays only in the absence of concurrent conflicting proposals, which is the best a general algorithm can do.
Abstract: The Paxos consensus algorithm of [122] requires two message delays between when the leader proposes a value and when other processes learn that the value has been chosen. Since inventing Paxos, I had thought that this was the optimal message delay. However, sometime in late 2001 I realized that in most systems that use consensus, values aren’t picked out of the air by the system itself; instead, they come from clients. When one counts the message from the client, Paxos requires three message delays. This led me to wonder whether consensus in two message delays, including the client’s message, was in fact possible. I proved the lower-bound result announced in [143] that an algorithm that can make progress despite f faults and can achieve consensus in two message delays despite e faults requires more than 2e+f processes. The proof of that result led me pretty quickly to the Fast Paxos algorithm described here. Fast Paxos generalizes the classic Paxos consensus algorithm. It can switch between learning in two or three message delays depending on how many processes are working. More precisely, it can achieve learning in two message delays only in the absence of concurrent conflicting proposals, which [153] shows is the best a general algorithm can do.
375 citations
[...]
TL;DR: Proofs of work (PoW) have been suggested by Dwork and Naor as protection to a shared resource and used to prevent double spending in the Bitcoin digital currency system.
Abstract: Proofs of work (PoW) have been suggested by Dwork and Naor (Crypto’92) as protection to a shared resource. The basic idea is to ask the service requestor to dedicate some non-trivial amount of computational work to every request. The original applications included prevention of spam and protection against denial of service attacks. More recently, PoWs have been used to prevent double spending in the Bitcoin digital currency system.
307 citations
Additional excerpts
...Network implementation....
[...]
TL;DR: ABortable STate mAChine replicaTion is presented, a new abstraction for designing and reconfiguring generalized replicated state machines that are, unlike traditional state machines, allowed to abort executing a client’s request if “something goes wrong".
Abstract: We present Abstract (ABortable STate mAChine replicaTion), a new abstraction for designing and reconfiguring generalized replicated state machines that are, unlike traditional state machines, allowed to abort executing a client’s request if “something goes wrong.” Abstract can be used to considerably simplify the incremental development of efficient Byzantine fault-tolerant state machine replication (BFT) protocols that are notorious for being difficult to develop. In short, we treat a BFT protocol as a composition of Abstract instances. Each instance is developed and analyzed independently and optimized for specific system conditions. We illustrate the power of Abstract through several interesting examples. We first show how Abstract can yield benefits of a state-of-the-art BFT protocol in a less painful and error-prone manner. Namely, we develop AZyzzyva, a new protocol that mimics the celebrated best-case behavior of Zyzzyva using less than 35p of the Zyzzyva code. To cover worst-case situations, our abstraction enables one to use in AZyzzyva any existing BFT protocol. We then present Aliph, a new BFT protocol that outperforms previous BFT protocols in terms of both latency (by up to 360p) and throughput (by up to 30p). Finally, we present R-Aliph, an implementation of Aliph that is robust, that is, whose performance degrades gracefully in the presence of Byzantine replicas and Byzantine clients.
262 citations