ABSTRACT
An urgent demand of deploying BFT consensus (e.g., atomic broadcast) over the Internet is raised for implementing (permissioned) blockchain services. The deterministic synchronous protocols can be simple and fast in good network conditions, but are subject to denial-of-service (or even safety vulnerability) when synchrony assumption fails. Asynchronous protocols, on the contrary, are robust against the adversarial network, but are substantially more complicated and slower for the inherent use of randomness.
Facing the issues, optimistic asynchronous atomic broadcast (Kursawe-Shoup, 2002; Ramasamy-Cachin, 2005) was proposed to improve the normal-case performance of the slow asynchronous consensus. They run a deterministic fastlane if the network condition remains good, and can fall back to a fully asynchronous protocol via a pace-synchronization mechanism (analog to view-change with asynchronous securities) if the fastlane fails. Unfortunately, existing pace-synchronization directly uses a heavy tool of asynchronous multi-valued validated Byzantine agreement (MVBA). When such fallback frequently occurs in the fluctuating wide-area network setting, the benefits of adding fastlane can be eliminated.
We present Bolt-Dumbo Transformer (BDT), a generic framework for practical optimistic asynchronous atomic broadcast. At the core of BDT, we set forth a new fastlane abstraction that is simple and fast, while preparing honest parties to gracefully face potential fastlane failures caused by malicious leader or bad network. This enables a highly efficient pace-synchronization to handle fallback. The resulting design reduces a cumbersome MVBA to a variant of the conceptually simplest binary agreement only. Besides detailed security analyses, we also give concrete instantiations of our framework and implement them. Extensive experiments demonstrate that BDT can enjoy both the low latency of deterministic protocols (e.g., 2-chain version of HotStuff and the robustness of state-of-the-art asynchronous protocols in practice.
Supplemental Material
- Bug in ABA protocol's use of Common Coin. https://github.com/amiller/ HoneyBadgerBFT/issues/59Google Scholar
- Ittai Abraham, Naama Ben-David, and Sravya Yandamuri. 2022. Efficient and Adaptively Secure Asynchronous Binary Agreement via Binding Crusader Agreement. In Proc. PODC 2022. 381--391.Google ScholarDigital Library
- Ittai Abraham, Danny Dolev, and Joseph Y Halpern. An almost-surely terminating polynomial protocol for asynchronous byzantine agreement with optimal resilience. In Proc. PODC 2008. 405--414.Google ScholarDigital Library
- Ittai Abraham, Philipp Jovanovic, Mary Maller, Sarah Meiklejohn, Gilad Stern, and Alin Tomescu. 2021. Reaching consensus for asynchronous distributed key generation. In Proc. PODC 2021. 363--373.Google ScholarDigital Library
- Ittai Abraham, Dahlia Malkhi, Kartik Nayak, Ling Ren, and Maofan Yin. 2020. Sync hotstuff: Simple and practical synchronous state machine replication. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 106--118.Google ScholarCross Ref
- Ittai Abraham, Dahlia Malkhi, and Alexander Spiegelman. Asymptotically Optimal Validated Asynchronous Byzantine Agreement. In Proc. PODC 2019. 337--346.Google Scholar
- Ittai Abraham, Kartik Nayak, Ling Ren, and Zhuolun Xiang. Good-Case Latency of Byzantine Broadcast: A Complete Categorization. In Proc. PODC 2021.Google Scholar
- Yair Amir, Brian Coan, Jonathan Kirsch, and John Lane. 2010. Prime: Byzantine replication under attack. IEEE transactions on dependable and secure computing, Vol. 8, 4 (2010), 564--577.Google Scholar
- Yackolley Amoussou-Guenou, Antonella Del Pozzo, Maria Potop-Butucaru, and Sara Tucci-Piergiovanni. Correctness of tendermint-core blockchains. In Proc. OPODIS 2019.Google Scholar
- Hagit Attiya and Jennifer Welch. 2004. Distributed computing: fundamentals, simulations, and advanced topics. Vol. 19. John Wiley & Sons.Google Scholar
- Pierre-Louis Aublin, Rachid Guerraoui, Nikola Kneƃević, Vivien Quéma, and Marko Vukolić. 2015. The next 700 BFT protocols. ACM Transactions on Computer Systems (TOCS), Vol. 32, 4 (2015), 1--45.Google ScholarDigital Library
- Pierre-Louis Aublin, Sonia Ben Mokhtar, and Vivien Quéma. 2013. Rbft: Redundant byzantine fault tolerance. In Proc. ICDCS 2013. 297--306.Google ScholarDigital Library
- Michael Ben-Or. Another advantage of free choice (Extended Abstract) Completely asynchronous agreement protocols. In Proc. PODC 1983. 27--30.Google Scholar
- Michael Ben-Or and Ran El-Yaniv. 2003. Resilient-optimal interactive consistency in constant time. Distributed Computing, Vol. 16, 4 (2003), 249--262.Google ScholarDigital Library
- Michael Ben-Or, Boaz Kelmer, and Tal Rabin. Asynchronous secure computations with optimal resilience. In Proc. PODC 1994. 183--192.Google Scholar
- Alysson Bessani, Jo ao Sousa, and Eduardo EP Alchieri. 2014. State machine replication for the masses with BFT-SMaRt. In Proc. DSN 2014. 355--362.Google ScholarDigital Library
- Erica Blum, Jonathan Katz, and Julian Loss. Synchronous consensus with optimal asynchronous fallback guarantees. In Proc. TCC 2019. 131--150.Google ScholarDigital Library
- Erica Blum, Jonathan Katz, and Julian Loss. 2021. Tardigrade: An Atomic Broadcast Protocol for Arbitrary Network Conditions. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 547--572.Google Scholar
- Erica Blum, Chen-Da Liu-Zhang, and Julian Loss. 2020. Always have a backup plan: fully secure synchronous MPC with asynchronous fallback. In Annual International Cryptology Conference. Springer, 707--731.Google ScholarDigital Library
- Alexandra Boldyreva. Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In Proc. PKC 2003. 31--46.Google ScholarCross Ref
- Gabriel Bracha. 1987. Asynchronous Byzantine agreement protocols. Information and Computation, Vol. 75, 2 (1987), 130--143.Google ScholarDigital Library
- Vitalik Buterin et al. 2014. A next-generation smart contract and decentralized application platform. white paper, Vol. 3, 37 (2014).Google Scholar
- Christian Cachin, Klaus Kursawe, Anna Lysyanskaya, and Reto Strobl. Asynchronous verifiable secret sharing and proactive cryptosystems. In Proc. CCS 2002. 88--97.Google ScholarDigital Library
- Christian Cachin, Klaus Kursawe, Frank Petzold, and Victor Shoup. Secure and efficient asynchronous broadcast protocols. In Proc. CRYPTO 2001. 524--541.Google ScholarCross Ref
- Christian Cachin, Klaus Kursawe, and Victor Shoup. Random oracles in constantipole: practical asynchronous Byzantine agreement using cryptography. In Proc. PODC 2020. 123--132.Google Scholar
- Christian Cachin and Stefano Tessaro. Asynchronous verifiable information dispersal. In Proc. SRDS 2005. 191--201.Google ScholarDigital Library
- Christian Cachin and Marko Vukolic. Blockchain Consensus Protocols in the Wild (Keynote Talk). In Proc. DISC 2017.Google Scholar
- Ran Canetti and Tal Rabin. Fast asynchronous Byzantine agreement with optimal resilience. In Proc. STOC 1993. 42--51.Google ScholarDigital Library
- Miguel Castro and Barbara Liskov. 2002. Practical Byzantine fault tolerance and proactive recovery. ACM Transactions on Computer Systems (TOCS), Vol. 20, 4 (2002), 398--461.Google ScholarDigital Library
- Miguel Castro, Barbara Liskov, et al. Practical Byzantine fault tolerance. In Proc. OSDI 1999. 173--186.Google ScholarDigital Library
- Benjamin Y Chan and Elaine Shi. Streamlet: Textbook streamlined blockchains. In Proc. AFT 2020. 1--11.Google ScholarDigital Library
- Allen Clement, Edmund L Wong, Lorenzo Alvisi, Michael Dahlin, and Mirco Marchetti. Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults.. In Proc. NSDI 2009, Vol. 9. 153--168.Google Scholar
- Miguel Correia, Nuno Ferreira Neves, and Paulo Veríssimo. 2006. From consensus to atomic broadcast: Time-free Byzantine-resistant protocols without signatures. Comput. J., Vol. 49, 1 (2006), 82--96.Google ScholarDigital Library
- Tyler Crain. 2020. Two More Algorithms for Randomized Signature-Free Asynchronous Binary Byzantine Consensus with t<n/3 and O(n2) Messages and O(1) Round Expected Termination. arXiv preprint arXiv:2002.08765 (2020).Google Scholar
- George Danezis, Lefteris Kokoris-Kogias, Alberto Sonnino, and Alexander Spiegelman. 2022. Narwhal and Tusk: a DAG-based mempool and efficient BFT consensus. In Proc. EuroSys 2022. 34--50.Google ScholarDigital Library
- Sourav Das, Zhuolun Xiang, and Ling Ren. 2021. Asynchronous data dissemination and its applications. In Proc. CCS 2021. 2705--2721.Google ScholarDigital Library
- Sourav Das, Thomas Yurek, Zhuolun Xiang, Andrew Miller, Lefteris Kokoris-Kogias, and Ling Ren. 2022. Practical Asynchronous Distributed Key Generation. 2022 IEEE Symposium on Security and Privacy (SP). 2518--2534.Google Scholar
- Sisi Duan, Michael K Reiter, and Haibin Zhang. BEAT: Asynchronous BFT made practical. In Proc. CCS 2018. 2028--2041.Google Scholar
- Cynthia Dwork, Nancy Lynch, and Larry Stockmeyer. 1988. Consensus in the presence of partial synchrony. JACM, Vol. 35, 2 (1988), 288--323.Google ScholarDigital Library
- Michael J Fischer, Nancy A Lynch, and Michael S Paterson. 1985. Impossibility of Distributed Consensus with One Faulty Process. Journal of the Assccktion for Computing Machinery, Vol. 32, 2 (1985), 374--382.Google ScholarDigital Library
- Matthias Fitzi and Juan A Garay. 2003. Efficient player-optimal protocols for strong and differential consensus. In Proceedings of the twenty-second annual symposium on Principles of distributed computing. 211--220.Google ScholarDigital Library
- Yingzi Gao, Yuan Lu, Zhenliang Lu, Qiang Tang, Jing Xu, and Zhenfeng Zhang. Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency. In Proc. CCS 2022.Google Scholar
- Yingzi Gao, Yuan Lu, Zhenliang Lu, Qiang Tang, Jing Xu, and Zhenfeng Zhang. 2022. Efficient Asynchronous Byzantine Agreement without Private Setups. In Proc. ICDCS 2022.Google ScholarCross Ref
- Rati Gelashvili, Lefteris Kokoris-Kogias, Alberto Sonnino, Alexander Spiegelman, and Zhuolun Xiang. 2021a. Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback. arXiv preprint arXiv:2106.10362 (2021).Google Scholar
- Rati Gelashvili, Lefteris Kokoris-Kogias, Alexander Spiegelman, and Zhuolun Xiang. 2021b. Be Prepared When Network Goes Bad: An Asynchronous View-Change Protocol. arXiv preprint arXiv:2103.03181 (2021).Google Scholar
- Rosario Gennaro, Stanisław Jarecki, Hugo Krawczyk, and Tal Rabin. Secure distributed key generation for discrete-log based cryptosystems. In Proc. EUROCRYPT 1999. 295--310.Google ScholarCross Ref
- Rachid Guerraoui, Nikola Knevz ević, Vivien Quéma, and Marko Vukolić. 2010. The next 700 BFT protocols. In Proc. EuroSys 2010. 363--376.Google ScholarDigital Library
- Guy Golan Gueta, Ittai Abraham, Shelly Grossman, Dahlia Malkhi, Benny Pinkas, Michael Reiter, Dragos-Adrian Seredinschi, Orr Tamir, and Alin Tomescu. SBFT: a Scalable and Decentralized Trust Infrastructure. In Proc. DSN 2019. 568--580.Google Scholar
- Bingyong Guo, Yuan Lu, Zhenliang Lu, Qiang Tang, Jing Xu, and Zhenfeng Zhang. 2022. Speeding Dumbo: Pushing Asynchronous BFT Closer to Practice. In The 29th Network and Distributed System Security Symposium (NDSS).Google ScholarCross Ref
- Bingyong Guo, Zhenliang Lu, Qiang Tang, Jing Xu, and Zhenfeng Zhang. Dumbo: Faster asynchronous bft protocols. In Proc. CCS 2020. 803--818.Google ScholarDigital Library
- Aniket Kate and Ian Goldberg. Distributed key generation for the internet. In Proc. ICDCS 2009. 119--128.Google ScholarDigital Library
- Idit Keidar, Eleftherios Kokoris-Kogias, Oded Naor, and Alexander Spiegelman. 2021. All you need is dag. In Proc. PODC 2021. 165--175.Google ScholarDigital Library
- Eleftherios Kokoris Kogias, Dahlia Malkhi, and Alexander Spiegelman. Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures.. In Proc. CCS 2020. 1751--1767.Google ScholarDigital Library
- Klaus Kursawe and Victor Shoup. first announced in 2002. Optimistic asynchronous atomic broadcast. In Proc. ICALP 2005. 204--215.Google Scholar
- Julian Loss and Tal Moran. 2018. Combining Asynchronous and Synchronous Byzantine Agreement: The Best of Both Worlds. IACR Cryptol. ePrint Arch., Vol. 2018 (2018), 235.Google Scholar
- Yuan Lu, Zhenliang Lu, and Qiang Tang. 2021. Bolt-dumbo transformer: Asynchronous consensus as fast as the pipelined bft. arXiv preprint arXiv:2103.09425 (2021).Google Scholar
- Yuan Lu, Zhenliang Lu, Qiang Tang, and Guiling Wang. Dumbo-mvba: Optimal multi-valued validated asynchronous byzantine agreement, revisited. In Proc. PODC 2020. 129--138.Google ScholarDigital Library
- Andrew Miller, Yu Xia, Kyle Croman, Elaine Shi, and Dawn Song. The honey badger of BFT protocols. In Proc. CCS 2016. 31--42.Google ScholarDigital Library
- Atsuki Momose, Jason Paul Cruz, and Yuichi Kaji. 2020. Hybrid-BFT: Optimistically Responsive Synchronous Consensus with Optimal Latency or Resilience. IACR Cryptol. ePrint Arch., Vol. 2020 (2020), 406.Google Scholar
- Atsuki Momose and Ling Ren. Multi-Threshold Byzantine Fault Tolerance. In Proc. CCS 2021.Google Scholar
- Achour Mostefaoui, Hamouma Moumen, and Michel Raynal. Signature-free asynchronous byzantine consensus with t<n/3 and O(n2) messages. In Proc. PODC 2014. 2--9.Google ScholarDigital Library
- Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. (2008).Google Scholar
- Rafael Pass and Elaine Shi. 2017. The sleepy model of consensus. In Advances in Cryptology -- ASIACRYPT 2017. 380--409.Google ScholarCross Ref
- Arpita Patra. Error-free multi-valued broadcast and Byzantine agreement with optimal communication complexity. In Proc. OPODIS 2011. 34--49.Google ScholarDigital Library
- Arpita Patra, Ashish Choudhary, and Chandrasekharan Pandu Rangan. Simple and efficient asynchronous byzantine agreement with optimal resilience. In Proc. PODC 2009. 92--101.Google ScholarDigital Library
- Torben Pryds Pedersen. A Threshold Cryptosystem without a Trusted Party. Proc. EUROCRYPT 1991. 522--526.Google ScholarCross Ref
- R. Pass, and E. Shi. 2018. Thunderella: Blockchains with optimistic instant confirmation. In Proc. EUROCRYPT 2019. 3--33.Google Scholar
- Michael O Rabin. 1983. Randomized byzantine generals. In 24th Annual Symposium on Foundations of Computer Science. IEEE, 403--409.Google ScholarDigital Library
- HariGovind V Ramasamy and Christian Cachin. Parsimonious asynchronous byzantine-fault-tolerant atomic broadcast. In Proc. OPODIS 2005. 88--102.Google Scholar
- Muhammad Saad, Afsah Anwar, Srivatsan Ravi, and David Mohaisen. 2021. Revisiting Nakamoto Consensus in Asynchronous Networks: A Comprehensive Analysis of Bitcoin Safety and ChainQuality. In Proc. CCS 2021. 988--1005.Google ScholarDigital Library
- Nibesh Shrestha, Ittai Abraham, Ling Ren, and Kartik Nayak. On the Optimality of Optimistic Responsiveness. In Proc. CCS 2020. 839--857.Google Scholar
- Alexander Spiegelman. 2021. In Search for an Optimal Authenticated Byzantine Agreement. In Proc. DISC 2021.Google Scholar
- Giuliana Santos Veronese, Miguel Correia, Alysson Neves Bessani, and Lau Cheuk Lung. Spin one's wheels? Byzantine fault tolerance with a spinning primary. In Proc. SRDS 2009. 135--144.Google ScholarDigital Library
- Lei Yang, Seo Jin Park, Mohammad Alizadeh, Sreeram Kannan, and David Tse. DispersedLedger: High-Throughput Byzantine Consensus on Variable Bandwidth Networks. In Proc. NSDI 2022.Google Scholar
- Maofan Yin, Dahlia Malkhi, Michael K Reiter, Guy Golan Gueta, and Ittai Abraham. 2019. Hotstuff: Bft consensus with linearity and responsiveness. In Proc. PODC 2019. 347--356.Google ScholarDigital Library
- Haibing Zhang and Sisi Duan. PACE: Fully Parallelizable BFT from Reproposable Byzantine Agreement. In Proc. CCS 2022.Google Scholar
Index Terms
- Bolt-Dumbo Transformer: Asynchronous Consensus As Fast As the Pipelined BFT
Recommendations
Dumbo: Faster Asynchronous BFT Protocols
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications SecurityHoneyBadgerBFT, proposed by Miller et al. [34] as the first practical asynchronous atomic broadcast protocol, demonstrated impressive performance. The core of HoneyBadgerBFT (HB-BFT) is to achieve batching consensus using asynchronous common subset ...
Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications SecurityDespite recent progresses of practical asynchronous Byzantine-fault tolerant (BFT) consensus, the state-of-the-art designs still suffer from suboptimal performance. Particularly, to obtain maximum throughput, most existing protocols \rev with guaranteed ...
Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography
Byzantine agreement requires a set of parties in a distributed system to agree on a value even if some parties are maliciously misbehaving. A new protocol for Byzantine agreement in a completely asynchronous network is presented that makes use of new ...
Comments