-
Crystal: Enhancing Blockchain Mining Transparency with Quorum Certificate
Authors:
Jianyu Niu,
Fangyu Gai,
Runchao Han,
Ren Zhang,
Yinqian Zhang,
Chen Feng
Abstract:
Researchers have discovered a series of theoretical attacks against Bitcoin's Nakamoto consensus; the most damaging ones are selfish mining, double-spending, and consistency delay attacks. These attacks have one common cause: block withholding. This paper proposes Crystal, which leverages quorum certificates to resist block withholding misbehavior. Crystal continuously elects committees from miner…
▽ More
Researchers have discovered a series of theoretical attacks against Bitcoin's Nakamoto consensus; the most damaging ones are selfish mining, double-spending, and consistency delay attacks. These attacks have one common cause: block withholding. This paper proposes Crystal, which leverages quorum certificates to resist block withholding misbehavior. Crystal continuously elects committees from miners and requires each block to have a quorum certificate, i.e., a set of signatures issued by members of its committee. Consequently, an attacker has to publish its blocks to obtain quorum certificates, rendering block withholding impossible. To build Crystal, we design a novel two-round committee election in a Sybil-resistant, unpredictable and non-interactive way, and a reward mechanism to incentivize miners to follow the protocol. Our analysis and evaluations show that Crystal can significantly mitigate selfish mining and double-spending attacks. For example, in Bitcoin, an attacker with 30% of the total computation power will succeed in double-spending attacks with a probability of 15.6% to break the 6-confirmation rule; however, in Crystal, the success probability for the same attacker falls to 0.62%. We provide formal end-to-end safety proofs for Crystal, ensuring no unknown attacks will be introduced. To the best of our knowledge, Crystal is the first protocol that prevents selfish mining and double-spending attacks while providing safety proof.
△ Less
Submitted 1 December, 2023;
originally announced December 2023.
-
Phalanx: A Practical Byzantine Ordered Consensus Protocol
Authors:
Guangren Wang,
Liang Cai,
Fangyu Gai,
Jianyu Niu
Abstract:
Byzantine fault tolerance (BFT) consensus is a fundamental primitive for distributed computation. However, BFT protocols suffer from the ordering manipulation, in which an adversary can make front-running. Several protocols are proposed to resolve the manipulation problem, but there are some limitations for them. The batch-based protocols such as Themis has significant performance loss because of…
▽ More
Byzantine fault tolerance (BFT) consensus is a fundamental primitive for distributed computation. However, BFT protocols suffer from the ordering manipulation, in which an adversary can make front-running. Several protocols are proposed to resolve the manipulation problem, but there are some limitations for them. The batch-based protocols such as Themis has significant performance loss because of the use of complex algorithms to find strongly connected components (SCCs). The timestamp-based protocols such as Pompe have simplified the ordering phase, but they are limited on fairness that the adversary can manipulate the ordering via timestamps of transactions. In this paper, we propose a Byzantine ordered consensus protocol called Phalanx, in which transactions are committed by anchor-based ordering strategy. The anchor-based strategy makes aggregation of the Lamport logical clock of transactions on each participant and generates the final ordering without complex detection for SCCs. Therefore, Phalanx has achieved satisfying performance and performs better in resisting ordering manipulation than timestamp-based strategy.
△ Less
Submitted 18 September, 2022;
originally announced September 2022.
-
Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities
Authors:
Ertem Nusret Tas,
David Tse,
Fangyu Gai,
Sreeram Kannan,
Mohammad Ali Maddah-Ali,
Fisher Yu
Abstract:
Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners. Proof-of-Stake chains are energy-efficient, have fast finality but face several security issues: susceptibility to non-slashable long-range safety attacks, low liveness resilience and difficulty to bootstrap from low token valuation. We show that these security issues are inherent i…
▽ More
Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners. Proof-of-Stake chains are energy-efficient, have fast finality but face several security issues: susceptibility to non-slashable long-range safety attacks, low liveness resilience and difficulty to bootstrap from low token valuation. We show that these security issues are inherent in any PoS chain without an external trusted source, and propose a new protocol, Babylon, where an off-the-shelf PoS protocol checkpoints onto Bitcoin to resolve these issues. An impossibility result justifies the optimality of Babylon. A use case of Babylon is to reduce the stake withdrawal delay: our experimental results show that this delay can be reduced from weeks in existing PoS chains to less than 5 hours using Babylon, at a transaction cost of less than 10K USD per annum for posting the checkpoints onto Bitcoin.
△ Less
Submitted 1 February, 2025; v1 submitted 18 July, 2022;
originally announced July 2022.
-
Human Values Violations in Stack Overflow: An Exploratory Study
Authors:
Sara Krishtul,
Mojtaba Shahin,
Humphrey O. Obie,
Hourieh Khalajzadeh,
Fan Gai,
Ali Rezaei Nasab,
John Grundy
Abstract:
A growing number of software-intensive systems are being accused of violating or ignoring human values (e.g., privacy, inclusion, and social responsibility), and this poses great difficulties to individuals and society. Such violations often occur due to the solutions employed and decisions made by developers of such systems that are misaligned with user values. Stack Overflow is the most popular…
▽ More
A growing number of software-intensive systems are being accused of violating or ignoring human values (e.g., privacy, inclusion, and social responsibility), and this poses great difficulties to individuals and society. Such violations often occur due to the solutions employed and decisions made by developers of such systems that are misaligned with user values. Stack Overflow is the most popular QA website among developers to share their issues, solutions (e.g., code snippets), and decisions during software development. We conducted an exploratory study to investigate the occurrence of human values violations in Stack Overflow posts. As comments under posts are often used to point out the possible issues and weaknesses of the posts, we analyzed 2000 Stack Overflow comments and their corresponding posts (1980 unique questions or answers) to identify the types of human values violations and the reactions of Stack Overflow users to such violations. Our study finds that 315 out of 2000 comments contain concerns indicating their associated posts (313 unique posts) violate human values. Leveraging Schwartz's theory of basic human values as the most widely used values model, we show that hedonism and benevolence are the most violated value categories. We also find the reaction of Stack Overflow commenters to perceived human values violations is very quick, yet the majority of posts (76.35%) accused of human values violation do not get downvoted at all. Finally, we find that the original posters rarely react to the concerns of potential human values violations by editing their posts. At the same time, they usually are receptive when responding to these comments in follow-up comments of their own.
△ Less
Submitted 20 March, 2022;
originally announced March 2022.
-
Scaling Blockchain Consensus via a Robust Shared Mempool
Authors:
Fangyu Gai,
Jianyu Niu,
Ivan Beschastnikh,
Chen Feng,
Sheng Wang
Abstract:
There is a resurgence of interest in Byzantine fault-tolerant (BFT) systems due to blockchains. However, leader-based BFT consensus protocols used by permissioned blockchains have limited scalability and robustness. To alleviate the leader bottleneck in BFT consensus, we introduce Stratus, a robust shared mempool protocol that decouples transaction distribution from consensus. Our idea is to have…
▽ More
There is a resurgence of interest in Byzantine fault-tolerant (BFT) systems due to blockchains. However, leader-based BFT consensus protocols used by permissioned blockchains have limited scalability and robustness. To alleviate the leader bottleneck in BFT consensus, we introduce Stratus, a robust shared mempool protocol that decouples transaction distribution from consensus. Our idea is to have replicas disseminate transactions in a distributed manner and have the leader only propose transaction ids. Stratus uses a provably available broadcast (PAB) protocol to ensure the availability of the referenced transactions.
We implemented and evaluated Stratus by integrating it with state-of-the-art BFT-based blockchain protocols and evaluated these protocols in both LAN and WAN settings. Our results show that Stratus-based protocols achieve up to $5\sim20\times$ more throughput than their native counterparts in a network with hundreds of replicas. In addition, the performance of Stratus degrades gracefully in the presence of network asynchrony, Byzantine attackers, and unbalanced workloads. Our design provides easy-to-use APIs so that other BFT systems suffering from leader bottlenecks can use Stratus.
△ Less
Submitted 25 September, 2022; v1 submitted 10 March, 2022;
originally announced March 2022.
-
On the Performance of Pipelined HotStuff
Authors:
Jianyu Niu,
Fangyu Gai,
Mohammad M. Jalalzai,
Chen Feng
Abstract:
HotStuff is a state-of-the-art Byzantine fault-tolerant consensus protocol. It can be pipelined to build large-scale blockchains. One of its variants called LibraBFT is adopted in Facebook's Libra blockchain. Although it is well known that pipelined HotStuff is secure against up to $1/3$ of Byzantine nodes, its performance in terms of throughput and delay is still under-explored. In this paper, we…
▽ More
HotStuff is a state-of-the-art Byzantine fault-tolerant consensus protocol. It can be pipelined to build large-scale blockchains. One of its variants called LibraBFT is adopted in Facebook's Libra blockchain. Although it is well known that pipelined HotStuff is secure against up to $1/3$ of Byzantine nodes, its performance in terms of throughput and delay is still under-explored. In this paper, we develop a multi-metric evaluation framework to quantitatively analyze pipelined \mbox{HotStuff's performance} with respect to its chain growth rate, chain quality, and latency. We then propose two attack strategies and evaluate their effects on the performance of pipelined HotStuff. Our analysis shows that the chain growth rate (resp, chain quality) of pipelined HotStuff under our attacks can drop to as low as 4/9 (resp, 12/17) of that without attacks when $1/3$ nodes are Byzantine. As another application, we use our framework to evaluate certain engineering optimizations adopted by LibraBFT. We find that these optimizations make the system more vulnerable to our attacks than the original pipelined HotStuff. Finally, we provide two countermeasures to thwart these attacks. We hope that our studies can shed light on the rigorous understanding of the state-of-the-art pipelined HotStuff protocol as well as its variants.
△ Less
Submitted 10 July, 2021;
originally announced July 2021.
-
Dissecting the Performance of Chained-BFT
Authors:
Fangyu Gai,
Ali Farahbakhsh,
Jianyu Niu,
Chen Feng,
Ivan Beschastnikh,
Hao Duan
Abstract:
Permissioned blockchains employ Byzantine fault-tolerant (BFT) state machine replication (SMR) to reach agreement on an ever-growing, linearly ordered log of transactions. A new paradigm, combined with decades of research in BFT SMR and blockchain (namely chained-BFT, or cBFT), has emerged for directly constructing blockchain protocols. Chained-BFT protocols have a unifying propose-vote scheme ins…
▽ More
Permissioned blockchains employ Byzantine fault-tolerant (BFT) state machine replication (SMR) to reach agreement on an ever-growing, linearly ordered log of transactions. A new paradigm, combined with decades of research in BFT SMR and blockchain (namely chained-BFT, or cBFT), has emerged for directly constructing blockchain protocols. Chained-BFT protocols have a unifying propose-vote scheme instead of multiple different voting phases with a set of voting and commit rules to guarantee safety and liveness. However, distinct voting and commit rules impose varying impacts on performance under different workloads, network conditions, and Byzantine attacks. Therefore, a fair comparison of the proposed protocols poses a challenge that has not yet been addressed by existing work.
We fill this gap by studying a family of cBFT protocols with a two-pronged systematic approach. First, we present an evaluation framework, Bamboo, for quick prototyping of cBFT protocols and that includes helpful benchmarking facilities. To validate Bamboo, we introduce an analytic model using queuing theory which also offers a back-of-the-envelope guide for dissecting these protocols. We build multiple cBFT protocols using Bamboo and we are the first to fairly compare three representatives (i.e., HotStuff, two-chain HotStuff, and Streamlet). We evaluated these protocols under various parameters and scenarios, including two Byzantine attacks that have not been widely discussed in the literature. Our findings reveal interesting trade-offs (e.g., responsiveness vs. forking-resilience) between different cBFT protocols and their design choices, which provide developers and researchers with insights into the design and implementation of this protocol family.
△ Less
Submitted 1 March, 2021;
originally announced March 2021.
-
EBFT: Simplifying BFT Consensus Through Egalitarianism
Authors:
Jianyu Niu,
Runchao Han,
Shengqi Liu,
Fangyu Gai,
Ivan Beschastnikh,
Yinqian Zhang,
Chen Feng
Abstract:
We present Egalitarian BFT (EBFT), a simple and high-performance framework of BFT consensus protocols for decentralized systems like blockchains. The key innovation in EBFT is egalitarian block generation: nodes randomly and non-interactively propose blocks containing client transactions, rather than relying on a leader to do so. Apart from deterministic safety and liveness guarantees standard in…
▽ More
We present Egalitarian BFT (EBFT), a simple and high-performance framework of BFT consensus protocols for decentralized systems like blockchains. The key innovation in EBFT is egalitarian block generation: nodes randomly and non-interactively propose blocks containing client transactions, rather than relying on a leader to do so. Apart from deterministic safety and liveness guarantees standard in BFT protocols, the egalitarian design provides two novel features: (i) EBFT is resilient to attacks targeting the leader, such as bribery and targeted DoS attacks, and (ii) EBFT does not require any fail-over protocol to detect and replace the faulty leader. EBFT consists of three protocols: EBFT-Syn for synchronous networks, EBFT-PSyn for partially synchronous networks, and EBFT-Turbo that builds on EBFT for high performance.
We implement EBFT and evaluate its performance on AWS. To compare EBFT with state-of-the-art BFT protocols, we build EBFT-PSyn based on Bamboo, an open-source platform for prototyping partially synchronous BFT protocols. We evaluate EBFT-PSyn and HotStuff on EC2 with up to 16 nodes. The evaluation shows that EBFT-PSyn achieves better throughput and latency than HotStuff. To demonstrate its simplicity and practicality, we build EBFT on the Go version of Bitcoin, btcd. We implemented EBFT-Syn, EBFT-PSyn and EBFT-Turbo in about 920 LoCs in total. This indicates that EBFT can be built on top of existing blockchains with relatively little effort. We evaluate these protocols on EC2 instances with up to 256 nodes. Our evaluation shows that EBFT-Syn (resp. EBFT-PSyn) achieves a latency of 6 (resp. 1) seconds, and an optimized version of EBFT-PSyn processes up to 3.6k transactions per second and has a latency of 8 seconds.
△ Less
Submitted 12 March, 2023; v1 submitted 2 December, 2020;
originally announced December 2020.
-
Fast-HotStuff: A Fast and Resilient HotStuff Protocol
Authors:
Mohammad M. Jalalzai,
Jianyu Niu,
Chen Feng,
Fangyu Gai
Abstract:
The HotStuff protocol is a breakthrough in Byzantine Fault Tolerant (BFT) consensus that enjoys both responsiveness and linear view change. It creatively adds an additional round to classic BFT protocols (like PBFT) using two rounds. This brings us to an interesting question: Is this additional round really necessary in practice? In this paper, we answer this question by designing a new two-round…
▽ More
The HotStuff protocol is a breakthrough in Byzantine Fault Tolerant (BFT) consensus that enjoys both responsiveness and linear view change. It creatively adds an additional round to classic BFT protocols (like PBFT) using two rounds. This brings us to an interesting question: Is this additional round really necessary in practice? In this paper, we answer this question by designing a new two-round BFT protocol called Fast-HotStuff, which enjoys responsiveness and efficient view change that is comparable to linear view change in terms of performance. Compared to (three-round) HotStuff, Fast-HotStuff has lower latency and is more robust against performance attacks that HotStuff is susceptible to.
△ Less
Submitted 3 November, 2022; v1 submitted 22 October, 2020;
originally announced October 2020.
-
Incentive Analysis of Bitcoin-NG, Revisited
Authors:
Jianyu Niu,
Ziyu Wang,
Fangyu Gai,
Chen Feng
Abstract:
Bitcoin-NG is among the first blockchain protocols to approach the \emph{near-optimal} throughput by decoupling blockchain operation into two planes: leader election and transaction serialization. Its decoupling idea has inspired a new generation of high-performance blockchain protocols. However, the existing incentive analysis of Bitcoin-NG has several limitations. First, the impact of network ca…
▽ More
Bitcoin-NG is among the first blockchain protocols to approach the \emph{near-optimal} throughput by decoupling blockchain operation into two planes: leader election and transaction serialization. Its decoupling idea has inspired a new generation of high-performance blockchain protocols. However, the existing incentive analysis of Bitcoin-NG has several limitations. First, the impact of network capacity is ignored. Second, an integrated incentive analysis that jointly considers both key blocks and microblocks is still missing.
In this paper, we aim to address these two limitations. First, we propose a new incentive analysis that takes the network capacity into account, showing that Bitcoin-NG can still maintain incentive compatibility against the microblock mining attack even under limited network capacity. Second, we leverage a Markov decision process (MDP) to jointly analyze the incentive of both key blocks and microblocks, showing that the selfish mining revenue of Bitcoin-NG is a little higher than that in Bitcoin only when the selfish miner controls more than 35\% of the mining power. We hope that our in-depth incentive analysis for Bitcoin-NG can shed some light on the mechanism design and incentive analysis of next-generation blockchain protocols.
△ Less
Submitted 2 October, 2020; v1 submitted 14 January, 2020;
originally announced January 2020.
-
A Secure Consensus Protocol for Sidechains
Authors:
Fangyu Gai,
Cesar Grajales,
Jianyu Niu,
Mohammad Mussadiq Jalalzai,
Chen Feng
Abstract:
Sidechain technology has been envisioned as a promising solution to accelerate today's public blockchains in terms of scalability and interoperability. By relying on the mainchain for security, different sidechains can formulate their own rules to reach consensus. Although the literature has considered the possibility of using consensus protocols in the sidechain, so far a tailor-made consensus pr…
▽ More
Sidechain technology has been envisioned as a promising solution to accelerate today's public blockchains in terms of scalability and interoperability. By relying on the mainchain for security, different sidechains can formulate their own rules to reach consensus. Although the literature has considered the possibility of using consensus protocols in the sidechain, so far a tailor-made consensus protocol for sidechains with high performance and formal security proof has not been attempted. To fill this gap, we introduce Cumulus, a low overhead, highly efficient, security provable sidechain protocol. Cumulus makes use of smart contracts to ensure that only one block proposed in the sidechain will be enforced on the mainchain in each round, thereby achieving consensus in an efficient manner. We give a formal specification of Cumulus which ensures safety and liveness without any online requirements of clients. For security analysis, we provide formal security definitions and proofs under Universally Composable Security (UCS) model. As a proof of concept, we implement Cumulus and evaluate it in an Ethereum testnet.
△ Less
Submitted 15 November, 2019; v1 submitted 15 June, 2019;
originally announced June 2019.
