State Machine Replication in the Libra Blockchain

This report describes the Libra Byzantine Fault Tolerance (LibraBFT) algorithmic core and discusses next steps in its production. The consensus protocol is responsible for forming agreement on ordering and finalizing transactions among a configurable set of validators. LibraBFT maintains safety against network asynchrony and even if at any particular configuration epoch, a threshold of the participants are Byzantine. LibraBFT is based on HotStuff, a recent protocol that leverages several decades of scientific advances in Byzantine Fault Tolerance (BFT) and achieves the strong scalability and security properties required by internet settings. Several novel features distinguish LibraBFT from HotStuff. LibraBFT incorporates a novel round synchronization mechanism that provides bounded commit latency under synchrony. It introduces a nil-block vote that allows proposals to commit despite having faulty leaders. It encapsulates the correct behavior by participants in a “tcb”-able module, allowing it to run within a secure hardware enclave that reduces the attack surface on participants. LibraBFT can reconfigure itself, by embedding configuration-change commands in the sequence. A new configuration epoch may change everything from the validator set to the protocol itself.

[1]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[2]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[3]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[4]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[5]  D. Dolev,et al.  Bounds on information exchange for Byzantine agreement , 1985, JACM.

[6]  Nancy A. Lynch,et al.  Easy impossibility proofs for distributed consensus problems , 1985, PODC '85.

[7]  Silvio Micali,et al.  Optimal algorithms for Byzantine agreement , 1988, STOC '88.

[8]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[9]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[10]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[11]  Michael K. Reiter,et al.  The Rampart Toolkit for Building High-Integrity Services , 1994, Dagstuhl Seminar on Distributed Systems.

[12]  Michael K. Reiter,et al.  Byzantine quorum systems , 1997, STOC '97.

[13]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[14]  Silvio Micali,et al.  Verifiable random functions , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[15]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[16]  Nancy A. Lynch,et al.  Easy impossibility proofs for distributed consensus problems , 1985, PODC '85.

[17]  Brett D. Fleisch,et al.  The Chubby lock service for loosely-coupled distributed systems , 2006, OSDI '06.

[18]  Ramakrishna Kotla,et al.  Zyzzyva , 2007, SOSP.

[19]  Sangmin Lee,et al.  Upright cluster services , 2009, SOSP '09.

[20]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[21]  Mahadev Konar,et al.  ZooKeeper: Wait-free Coordination for Internet-scale Systems , 2010, USENIX ATC.

[22]  Rachid Guerraoui,et al.  Introduction to Reliable and Secure Distributed Programming , 2011 .

[23]  Christopher Frost,et al.  Spanner: Google's Globally-Distributed Database , 2012, OSDI.

[24]  Alysson Neves Bessani,et al.  State Machine Replication for the Masses with BFT-SMART , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[25]  Aviv Zohar,et al.  Secure High-Rate Transaction Processing in Bitcoin , 2015, Financial Cryptography.

[26]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[27]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[28]  Marko Vukolic,et al.  Blockchain Consensus Protocols in the Wild , 2017, DISC.

[29]  Ittai Abraham,et al.  The Blockchain Consensus Layer and BFT , 2017, Bull. EATCS.

[30]  George Danezis,et al.  Consensus in the Age of Blockchains , 2017, ArXiv.

[31]  Vitalik Buterin,et al.  Casper the Friendly Finality Gadget , 2017, ArXiv.

[32]  Ethan Buchman,et al.  The latest gossip on BFT consensus , 2018, ArXiv.

[33]  Elaine Shi,et al.  PaLa: A Simple Partially Synchronous Blockchain , 2018, IACR Cryptol. ePrint Arch..

[34]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[35]  Ittai Abraham,et al.  Validated Asynchronous Byzantine Agreement with Optimal Resilience and Asymptotically Optimal Time and Word Communication , 2018, ArXiv.

[36]  George Danezis,et al.  Blockmania: from Block DAGs to Consensus , 2018, ArXiv.

[37]  Ittai Abraham,et al.  HotStuff: BFT Consensus in the Lens of Blockchain , 2018, 1803.05069.

[38]  Benny Pinkas,et al.  SBFT: a Scalable Decentralized Trust Infrastructure for Blockchains , 2018, ArXiv.

[39]  Wei Xu,et al.  Scaling Nakamoto Consensus to Thousands of Transactions per Second , 2018, ArXiv.

[40]  Leora F. Klapper,et al.  The Global Findex Database 2017: Measuring Financial Inclusion and the Fintech Revolution , 2018 .

[41]  Jason Ansel,et al.  BFTree - Scaling HotStuff to Millions of Validators , 2019 .

[42]  Kartik Nayak,et al.  Flexible Byzantine Fault Tolerance , 2019, CCS.

[43]  Ittai Abraham,et al.  HotStuff: BFT Consensus with Linearity and Responsiveness , 2019, PODC.

[44]  Timothy A. K. Zakian,et al.  The Libra Blockchain , 2019 .